2013/02/10
Last night ruby stole back a few of those hours that it has saved me over the years, and made me feel like I was going just a little crazy in the process of doing it. So in the interest of documenting my failures and maybe saving you a few moments here’s a braindump of the events.
I’ve been working on an implementation of a countsketch data structure for a stream consumption project I’ve been working on. The data structure itself is very cool and deserves a post of its own soon, but think of it as a next-gen Bloom filter with some cool additive properties. As with Bloom filters I need to do quite a bit of hashing, independent universal hash functions would have been best, but its the real world so I set to use the hash function build into String (and later I found out Object and its descendents) which is an implementation of murmur hash. It’s one of the faster hashing functions, and while not a cryptographic hash its still somewhat resistant to collisions.
2012/08/13
That old quote from Twain about the lie getting halfway around the world before the truth puts its pants on. Turns out the same thing happens even if the truth has a couple years head start.
This week yours truly was mentioned in not only a foxnews.com entertainment article, but also perezhilton. Truly odd times.
Anyways, just to clarify, I said as much as 20-25% of searches on google/twitter/bing/yahoo for trending topics/popular terms will have malicious links somewhere in their results. And likely to be significantly less for searches about this particular starlet as she’s been popular for a while and all the gossip sites have quite a high search ranking for her already, the more out of the ordinary/uncommon something is the easier it is to game the search engines. Not that I expect the clarification to make any difference, but there it is.
2012/04/09
The security community echo chamber was rocking hard over the weekend with news of an online backup/sharing service, Dropbox, changing its Terms of Service to grant them “worldwide, non-exclusive, royalty-free, sublicenseable rights to…” do basically anything they want with your content. From Dropbox’s point of view, this is the sort of thing that they claim they need to have in order to provide you the service. That may or may not be true, but it was probably something their legal counsel told them that it would be in their best interest to include.
2012/02/15
I still believe that the presentations and panels being selected for most information security events are much too far removed from the “roots” of the art. Often times to the extent that there is a full slate of presentations where most sessions turn out to be less glorified keynotes with little more than feelings, whether warm fuzzies or cold pricklies, to take home with them. This is a negative thing for many reasons, but before we start lets makes sure we’re speaking the same language.
2011/12/15
The question sounds crazy, especially for someone who’s spent a fair amount of the last year working on making spam and other malicious message detection on social networks better. But we do a disservice to tools geared for protection when we don’t think long term about the consequences of them. Does better spam detection on say twitter for example reduce the total amount of spam that users see, or does it just change the signal to noise ratio?
