Powered by ScribeFire.
Powered by ScribeFire.
It is possible to make secure programming languages. Most language
company, but it puts web developers in an untenable position because
they cannot build secure applications in an insecure language.
to consider the security of the language. The new language will be
bigger and more complex, which will make it even harder to reason about
its security. I hope that that redesign will be abandoned.
more fruitful approach is to remove insecurity from the language.
aware of two approaches that allow us to build secure applications by
subsetting the insecure language.
The first approach is to use
a verifier. That is how ADsafe works. A verifier statically analyzes a
program, and certifies that the program does not use any of the unsafe
features of the language. This does not guarantee that the program is
safe, but it makes it possible to make programs that are safe. Any
program can compromise its own security. The improvement here is that a
program’s security is not compromised by the language it is written in.
second approach is to use a transformer. A transformer verifies, but it
also modifies the program, adding indirection and runtime checks. The
advantage of transformers is that they allow the use of a larger subset
of the language. For example, ADsafe does not allow the use of the this
parameter. A transformer can allow this because it can inject code
around it and its uses to ensure that it is never used unsafely. The
benefit is that it is more likely that existing programs could run in a
safe mode with little or no modification. I think that is a dubious
benefit because programs that are not designed to be safe probably are
not. The downside is that the final program will be bigger and slower,
and debugging on the transformed program will be more difficult.
Both approaches work. But we still need to fix the browser.
A new project, Google Caja, is trying to do source-to-source translation to secure things:
Using Caja, web apps can safely allow scripts in third party content.
computer industry has only one significant success enabling documents
to carry active content safely: scripts in web pages. Normal users
browser bugs and phishing, they mostly remain safe. But even though web
apps build on this success, they fail to provide its power. Web apps
generally remove scripts from third party content, reducing content to
passive data. Examples include webmail, groups, blogs, chat, docs and
spreadsheets, wikis, and more.
Were scripts in an
object-capability language, web apps could provide active content
safely, simply, and flexibly. Surprisingly, this is possible within
existing web standards. Caja represents our discovery that a subset of
FBJS is also trying to do some of this too. Got some time on Friday to look around some code? Take a look at some Caja.
Powered by ScribeFire.
After a gorgeous afternoon of golf a few days ago, my nephew seemed
anxious to get home, even skipping out on my invitation to dinner. He's
a graduating high school senior, so I assumed he wanted to hang out
with friends. I was partly correct. He wanted to hang out with friends
in line for the new iPhone.
Leave it to Apple (AAPL) Chief Executive Steve Jobs
to create a frenzy that gripped every gadget fan in the country. The
hype, however, started with what I consider Jobs' best presentation to
date—the introduction of the iPhone at the annual Macworld trade show
After watching and analyzing the presentation, I thought about five
ways to distill Jobs' speaking techniques to help anyone craft and
deliver a persuasive pitch.
A good novelist doesn't lay out the entire plot and conclusion on
the first page of the book. He builds up to it. Jobs begins his
presentation by reviewing the "revolutionary" products Apple has
introduced. According to Jobs, "every once in a while a revolutionary
product comes along that changes everything…Apple has been fortunate to
introduce a few things into the world." Jobs continues by describing
the 1984 launch of the Macintosh as an event that "changed the entire
computer industry." The same goes for the introduction of the first
iPod in 2001, a product that he says "changed the entire music
After laying the groundwork, Jobs builds up to the new device by
teasing the audience: "Today, we are introducing three revolutionary
products. The first is a wide-screen iPod with touch controls. The
second is a revolutionary new mobile phone. And the third is a
breakthrough Internet communications device." Jobs continues to build
tension. He repeats the three devices several times then says, "Are you
getting it? These are not three separate devices. This is one
device…today Apple is going to reinvent the phone!" The crowd goes
Jobs conducts a presentation like a symphony, with ebbs and flows,
buildups and climaxes. It leaves his listeners wildly excited. The
takeaway? Build up to something unexpected in your presentations.
WSDL 2.0 has finally been approved as an official World Wide Web Consortium (W3C) recommendation on June 27 2007. The Web Services Description Working Group
has been working on the standards for more than 6 years. The
recommendation was due on the 31st of December 2006 but has received an
extension to the 30th of June this year.
There has been much debate about whether WSDL 2.0 is the long
awaited and improved successor of WSDL 1.1 (the de facto standard up to
now) or of no relevance at all. Mark Little has written an extensive post on this matter here on InfoQ. The main changes from WSDL 1.1 to 2.0 are:
Roy Peter Clark from Poynter Institute has posted up 50 tools that
can help you when you do any kinds of writing. This is a extensive list
of writing tools, but by no mean you need to apply all of them when you
do any writing. There are the Writing Tool links:
Links of 50 Writing Tool
Its 20th May 2007. The digital clock screams it’s 1.20 AM and what the hell are you doing.. i grinned and told, i am chasing my dreams. Yes i am really doing. Do you believe in dreams ? You have to. At least my 24 year old life has taught this to me. Let me elaborate on this.
What is a dream?
In simple terms, dream is a imaginary cloth woven with the reflection of your thoughts. If that was not so simple, try this. Dream is a complex visual which is everything but real.
When i say everything i really mean it. This doesn’t mean that dreams cannot be real. We have to turn our dream a reality. In our life there are certain limitations which we cannot cross because of our current position / commitment. But in dreams, we have no limitations. We can design our platform, actors, relationships, actions actually Everything.
Since childhood we have had lot of dreams. But How many follow ? To add the punch let me rephrase, How many chase ? When we start to live in our dream, our thoughts, characteristics and eventually our actions will get aligned to our dreams. If we dream for good, in reality we will do good.
Do dreams change ?
Yes it will. In real life, change is the only thing that doesn’t change. This holds good for dreams too. Our dreams change because we change, our thoughts mature and our actions get refined.
How to turn dream a reality ?
I hate the way the word DayDreaming being interpreted. There is nothing wrong dreaming in daytime. Actually its good. It will help us to build our castle dream. But in reality, we need to add actions to our dream to build our castle.
Dreams are the fuel for our life. I strongly feel, if we don’t dream we won’t progress. We need to work hard to turn our dream a reality.
Whatever it takes, chase your dream and do keep in mind that there is no substitute for Hard work.
The digital clock in my bedroom again screams it’s 2.20 AM and what the hell are you doing.. i again grinned and said good night. SWEET DREAMS