Overview Of Man in the Middle Attacks

26. February, 2013

David Blake posted a current overview of Man in the Middle type attacks15 Surprising Ways You Could Fall Victim to a Man in the Middle Attack

These include:

  • Key-loggers (hard- and software)
  • Browser plugins
  • Cameras (a.k.a Shoulder Surfing)
  • Wireless attacks

Does the Universe Love Us?

25. February, 2013

Let’s see. The universe created particles to form atoms. It created the carbon atom and built DNA with it. It evolved for 13.77 billion years to create the world that we see today, in which we live and love and die. It put billions of stars and nebula on the sky so there would be a smile on our faces while we lie on our backs in the warm summer night.

How can it not?


The Difference Between Unit and Integration Tests

14. February, 2013

A unit test checks a certain feature of the software. When it fails, you usually know exactly where to look for a place to fix the problem. They are short, compact and fast.

They come at a cost, though: You have to replicate the setup code in your test.

This is an important point. To use a feature of your software, you always have some set up to do. This set up has to exist in your production code. For unit tests, you will have to copy some parts of this code into your tests because usually, the setup of the production code simply isn’t fine grained or flexible enough to be useful for tests. Think tests which check the error handling: Your production code usually can’t build mock objects that raise errors when certain methods are being invoked.

An integration test reuses the production configuration. It tests many features at once, in the same order and with the same or at least a very similar environment that your final application will use. They are high level and often much easier to set up. But that comes at a cost:

  • They are slow
  • When they fail, there will be many places which could cause the issue, so fixing them is more expensive
  • They break more often because you have more dependencies
  • Setting up a test for the “success” scenario will be simple but injecting mock objects to cause exact error states will be much harder

So be aware what kind of test you’re writing.


Speaker for the Dead

11. February, 2013

How would you feel if you had wiped out an entire civilization? Luckily, this is an academic question for most of us. For Ender, the Xenocide, it’s a very real problem and Orson Scott Card again does a wonderful job of letting us share a few years with Andrew Wiggins, his doubts and decisions, his dedication. moral dilemmas and brilliant mind.

Speaker for the Dead” is the sequel to “Ender’s Game” and as captivating as the first book. As usual, every character is driven by a deep motivation and it’s great fun to try to fit the pieces of the many puzzles before Card reveals the solution.

I found scenes like the signing of the Covenant between humans and piggies incredibly moving.

Recommendation: Must buy.


Let Not RIP Aaron Swartz’ Legacy

8. February, 2013

Aaron Swartz is dead. There is no arguing the fact, we can only disagree why he died.

His girlfriend says: “I believe Aaron’s death was caused by exhaustion, by fear, and by uncertainty.” (source)

I, too, get the feeling that the world is turning from an adult into a child again.

When does someone stop being a child? When they realize that actions have consequences and that they have to take responsibility for their every action. Some even realize that you have a responsibility for your inactions as well but that’s probably too much to ask for most people.

So as soon as you refuse to take responsibility for your actions and start denying the consequences, you must be turning into a child again.

What are the consequences of incarceration of almost one percent of the whole population? Is adding more rules to a broken system the adult or the childish way out?

A lot of people argue in favor of the death penalty when there is no indication that any of the arguments is supported by facts. Isn’t it typical childish behavior to refuse to listen something you don’t want to hear?

Let’s all grow up again.


Things Users Don’t Care About

8. February, 2013

Things users don’t care about” is something every software developer needs to know about.

Kudos go to Thomas E. Deutsch for finding and telling me about it.


100K on SO :-)

7. February, 2013

Finally! 100’000 points of reputation on stackoverflow.com!

Yay ^_^


CVE Changes Counter

7. February, 2013

The Common Vulnerabilities and Exposures or CVE is a registry for security related flaws and computer systems.

The old counting system allowed only for 9’999 bugs per year.

That’s no longer enough.

Isn’t that scary?


Our Loss of Wisdom

3. February, 2013
TED (conference)

TED (conference) (Photo credit: Wikipedia)

Barry schwartz held an excellent talk at TED: “Our loss of wisdom” (YouTube, full lesson on TED Ed). A few quotes (not all of them are literal):

  • The job description of a hospital janitor includes many kinds of tasks but not a single one involves other human beings. Not one. Yet, when you look at what janitors tell you when you ask them about your job, it’s always about other people:
    • Mark stopped mopping the floor because a patient had got up and did exercises in the corridor.
    • One janitor refused to vacuum the visitors lounge because family members slept there despite orders of her superior.
    • Luke washed the floor in a comatose patients room twice because a relative hadn’t noticed him doing it the first time.
  • Not all janitors are like this but those who are think these are essential parts of the job.
  • “These janitors have the moral will to do right by other people and beyond this the moral skill to figure out what doing right means.”
  • “A Wise Person Knows: When and how to make ‘the exception to every rule.'”
  • “A Wise Person Knows: When and how to improvise.”
  • “A Wise Person Knows: How to use these moral skills in pursuit of the right aims.”
  • “A Wise Person: Is made and not born.”
  • It takes experience to become wise and not just any experience: You need the permission to be allowed to improvise, to try new things, occasionally to fail and to learn from your failures.
  • “You don’t need to be brilliant to be wise. The bad news is that without wisdom, brilliance isn’t enough.”
  • @05:57, he tells a story how people with good intentions ruin the lives of a family for several weeks just by obediently following rules. All people involved said “we hate to do it but we have to follow procedure.”
  • “Rules and procedures may be dumb but they spare you from thinking.” (- and they allow you to blame others)
  • When things go wrong, we turn to two tools: Rules and incentives. When something happens, we want better ones and more of them. That happened after the financial crisis: Regulate, regulate, regulate, fix the incentives, fix the incentives, fix the incentives. @8:21 “The truth is: Neither rules nor incentives are enough to do the job.” How do you pay people a bonus for being emphatic?
  • Rules and incentives help in the short run but they create a downwards spiral in the long run.
  • By relying on rules, we engage in a war on wisdom. Rules help prevent disaster but they also ensure mediocrity (@10:30). We need enough rules but not too many.
  • Incentives seem better. But sometimes, they compete with the original goal instead of complementing it. We suddenly stop asking “What is my responsibility?” and turn to “What serves me best?”
  • Solution? Smarter incentives. Unfortunately, there will never be incentives which will be smart enough. We need incentives but excessive incentives demoralize: “It causes people who engage in that activity to lose morale and it causes the activity itself to lose morality.”
  • “We must ask, not just is it profitable, but is it right.” – Barack Obama, 18th Dec 2008.
  • What doesn’t work: Teach more ethics courses. “There is no better way to show people that you’re not serious than to tie everything you have to say about ethics in a ball and consign it to the margins as an ethics course.”
  • What to do instead? See for yourself @14:25