Thought it might be interesting to post these here. A two part article on Wolfram|Alpha I did for Computer Weekly [WARNING: may contain traces of coin tossing references].
Here’s a pdf of the first bit, and here’s a link to the edited version on Computer Weekly’s website.
And – wait for it …
Here’s a pdf of the second bit, and here’s a link to the edited version on Computer Weekly’s website.
Just in case you do compare the version, I should add that I did some minor edits after they were sent in.
This missive from 2002 is here simply because it’s referenced from this.
Or, was it this? Dunno … I’m as ‘confused’ as normal!
Antivirus programs cannot truly protect you and, at worst, lure you into a false sense of security; and, I’ll tell you why…
The State of ‘Play’ Today:
• Way back, computer-viruses were transmitted via floppy disk – slowly, from one machine to another.
If the virus was known, and the destination machine had an up-to-date anti-virus program on it, further spread could be prevented as an infected file was accessed.
• Then came networks – but these too could be kept reasonably safe, so long as the ‘entry-point’ (floppy disk-drive) onto that network was protected – as above.
• Then came the Internet – in lots of ways the Internet is just a big network – the ‘EWAN’ – the ‘Extraordinary-Wide-Area Network’. Now it’s getting kinda tricky to protect yourself.
The main thing is that, in order to catch a virus, your anti-virus program has to first know that it exists.
It’s like the way the Flu jab works – you get innoculated against the strain that is predicted to hit the country: not ‘the Flu’ per se. However, if a different strain hits you – well, you’ll get the Flu! Viruses – real or cyber – have signatures, and you can only be immunised against known entities.
With the Internet, it’s quite possible that you’ll get hit by a new strain before an antidote can be prepared by your anti-virus program’s vendor.
Take the way viruses use email programs to move themselves about nowadays – it goes like this:
• Someone gets a virus (somehow)
• It does its damage and then emails a copy of itself to everyone in his or her contacts-list/in-box, etc.
• When the recipients get it, it does the same for them – this is Exponential!
So, in no time at all, it spreads (successfully) like wildfire – as, remember, we’re pretty much all connected at the speed of light now – and your antivirus hasn’t been informed about this new strain yet!
Anyway, some poor soul ultimately discovers that this thing is a self-replicating virus – and (if they can be bothered – as it’s too late for them) they notify Norton, Symantec, AVG, blah blah blah. In a bit, they all confirm that it is indeed a virus, and work out a fix – time ticks by. They then issue this on their web-sites. Hopefully, you’ve got an ‘Active Update’ kind of program running at your end (or do you have to periodically check for updates yourself!?), and quite soon (this is usually based on a pull rather push model – so you probably update once in 24 hours) you’ll get the fix! However, will it all be too late when it arrives? You bet ya! The likelihood of this is almost certainly proportional to the value of your data of course!
So, are anti-virus programs really worth having? Well, broadly speaking, I say ‘no’. What’s needed is better technology – viruses could be caught by the operating-system – and they should be!
In order for a virus to work, it needs to be executed: either directly, or by some other already-executing-process. Now, the operating-system is the thing that creates processes; and as such it can learn what they access. So, if the operating-system were a bit more picky about what processes it’ll start ‘automagically’, well … these things could be caught very effectively.
Imagine, you double-click what looks like an Excel file-attachment appearing in your email. However, the operating-system sees that the file is actually an executable. Next, it checks to see if this executable has been run on your machine before and, if it hasn’t, it simply asks you – “Are you sure you want to run this PROGRAM?”. You answer ‘no way’. Problem solved. How about if the virus infects Excel itself – and runs as some sort of extension to the program though? Well, hopefully you’ll have run Excel a few times before, and the operating system can learn about its habits? For example, should Excel now try to access your Firefox settings, or start trawling your folders for a Microsoft Money file, one would hope that the operating system might think that this is all a bit peculiar, and ask you about it [suspending Excel while it consults you of course].
Alternatively, this kind of approach – where the operating-system is rather more proactive – could be extended to anything that has write-access to your hard disk. After all, no write-access = no-damage [writing to a port, i.e., writing ‘across the wire’ is a write operation of sorts, and as such is not permitted]!
Written in 2002
At Oxford Geek Night 10, I’m giving a talk – if you can call it that; as actually it’s more like an ‘elongated cough’ … it’s a 5 minute spot! I mean I’ve told jokes that were longer than that [and if you weren't there, 'yeah': well - they were actually very well received! {for geek jokes}]. However, what can one say in five minutes – esp. when one has lots to say on the subject at hand? Ok, so it makes one ‘concentrate’ – but what to leave in and what to leave out? FIVE MINUTES! [G]eeeeek!
So, I’ll be [speed] ‘talking’ on some subset of subset of subset of subset of the Windows 3.0 development experience [mainly] … you know the kinda thing: ‘hidden stuff’ [oh how we wanted to switch some stuff on in the final build!!!]; stuff that went into its development; stuff that certainly *wasn’t* appreciated at the time! Blah …
However, I think folks might be more receptive now – but we’ll see!!! Blah again!
I’ll be taking a few ‘trophies’ along though …. like a few things I made sure I ferretted away at the launch on 22nd May 1990 – ahem – several copies of the ‘on the day’ [and for one day only] Windows 3.0 box – complete with the ‘I witnessed the Event’ stickers. Oh, and my ‘Magician’ shirt! Side point: I also have a ‘MakeProcInstance Spoken Here’ shirt somewhere I think — um, maybe – I emptied what was probably a fair fraction of a quarter of a ton of old Microsoft shirts into Oxfam’s clothing recycle thingmy a while ago – of course I did have a little ‘I bet they’ll be collectable sometime’ in my mind; but, hey, there ya go! At least I’ve kept the very personal ones.
I do hope it goes well, and that I get some very ‘deep’ questioning – esp. from the girls! Hey, that’s OK – Baby Love‘ll be flying back from ‘Up North’ while I’m in Oxford!
Bloody hell!
Just been watching the Royal Institution’s Christmas Lectures and saw a demonstration of a tool called Dasher.
Very cool, but a bit of a kick in the nuts, and a wake-up call for me really. The reason? Well, I had a system doing more or less the exact same thing in 2000 [it was better than what was demonstrated too]! I even showed it off to various Computational Linguistics folk at Oxford [who said "nice, but" ... [who'd use it|so what|it runs on Windows!|you've got too much spare time on your hands|etc]].
Crap!
Partly because I have a very stable Vista machine [I'm *very* happy with Vista, but don't want to upset it], I’ve recently been playing around a bit more with virtual machines, i.e., running other operating systems [XP Pro mainly] in VMs. There are lots of advantages to this – too many to list here.
Anyway, I started off using Microsoft’s Virtual PC – which was ok – but soon found some problems; and a general lack of features – which lead me to look at Sun’s VirtualBox – which has just been upgraded.
I’m very pleased with the latest version [2.1.0] too, but also had some problems, i.e., in cloning an XP VM.
The reason I wanted to do this is that once I’d got a VM running XP Pro, with everything just the way I like it, it’s really handy to ‘clone’ that and then ‘play’ with the clone[s], i.e., arse about with the clones, but keep the ‘ideal image’ handy for when I want to scrap a ‘play clone’, and then create another. By the way, this is one of the features that Virtual PC lacks [as are snapshots etc].
Problem: when I first cloned my ‘standard’ XP Pro harddrive I found that once I’d added it to a VM, and booted it, I got an error:
Windows could not start because the following file was missing or corrupt:
<Windows root>\system32\hal.dll
Eventually I found the answer – don’t clone the original .vdi image to another .vdi, but clone it to .vmdk format instead.
The steps are to use VBoxManage.exe with the –format VDMK switch, e.g.,
VBoxManage clonevdi <source hd image> <dest hd image> -format VMDK
All’s well that ends well!
It’s a bit ‘old hat’ nowadays, but, as I was perusing ThinkGeek the other night, and saw that this item was still a decent seller [indeed, top of the list in ‘watches’]; I thought I’d post a link to the BinaryWatch training program!
This is for this type of watch
Here’s a picture of the running training program.
Here’s the link to the program – zipped, and it should standalone [XP, Vista].
I had a donated version of this which used os.walk(), but I couldn’t figure out a way to prevent that recursing [I believe os.walk() always decends].
Hunting around – and not knowing anything about Python really – I found os.listdir()
So, I modified what I had been given.
I wish I knew how to retrieve the match from the files ‘collection’ !
if sys.argv[1] in files:
import os, sys
for dir in os.getenv('path').split(';'):
for files in os.listdir(dir):
if sys.argv[1] in files:
print dir + "\\" + sys.argv[1]
Ok, so I got paranoid after posting the earlier .c version!
Also, the functionality has altered a little, in that this one does just return the first match – it checks each path specified in PATH. It also does a ‘Not Found’ thingmy if, um, the program wsn’t found.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <io.h>
void whereis(char const * const prg)
{
char * path = NULL;
char * buff = NULL;
char * part = NULL;
int n = 0;
int i = 0;
int found = 0;
// PATH exists? AND if it does, it's not zero length?
//
if((path = getenv("PATH")) != NULL && strlen(path))
{
// Split PATH on each ;
//
while((part = strtok(path, ";")) != NULL)
{
n = strlen(part);
// strlen() will return zero if we just found a ; or a ;; etc.
//
if(n != 0)
{
// Is this bit of the PATH slash terminated?
//
i = part[n - 1] == '\\' ? 0 : 1;
// Alloc space, + 1 for the '\0'
//
if((buff = calloc(n + 1 + i + strlen(prg) + 1, 1)) != NULL)
{
// Copy in the various bits.
//
strcpy(buff, part);
if(i == 1)
{
strcat(buff, "\\");
}
strcat(buff, prg);
// MS specific 'does it exist' stuff.
//
if(_access(buff, 0) == 0)
{
// Yes, it was found!
//
puts(buff);
// Flag we found at least one match.
//
found = 1;
}
free(buff);
}
else
{
puts("Couldn't allocate enough memory!");
}
}
// Continue strtok()
//
path = NULL;
}
if(found == 0)
{
printf("%s not found\n", prg);
}
}
else
{
puts("PATH is empty");
}
}
int main(int argc, char * argv[])
{
if(argc < 2)
{
puts("Arg required");
}
else
{
whereis(argv[1]);
}
return 0;
}
A Perl version [Donated - I've no real idea how it works!]
#!/usr/bin/perl
use File::Which;
print which($_) . "\n" foreach (@ARGV);
Which you could run like Whereis.pl ruby.exe perl.exe
Ok, so I had to add a C version!
Some disclaimers before the code though. After all, it is C!
I was trying to keep this smallish, readable, and avoid paranoia.
I felt obliged to test for a valid arg.
I also assumed** that:
- the machine’s PATH environment-variable exists, and is not empty;
- parts of the path could be / terminated [or not];
- FILENAME_MAX is sufficient to hold the ‘PATH part’ and the arg;
- access() is ok to use [it's not ISO C];
**Assuming anything is generally a bad thing to do of course!
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <io.h>
char const * whereis(char const * const prg)
{
static char filepath[FILENAME_MAX];
char * path = getenv("PATH");
char * part = NULL;
while((part = strtok(path, ";")) != NULL)
{
strcpy(filepath, part);
if(part[strlen(part) - 1] != '\\')
{
strcat(filepath, "\\");
}
strcat(filepath, prg);
if(access(filepath, X_OK) == 0)
{
return filepath;
}
path = NULL;
}
return NULL;
}
int main(int argc, char * argv[])
{
char const * filepath;
if(argc != 2)
{
puts("Arg required");
}
else
{
if((filepath = whereis(argv[1])) != NULL)
{
puts(filepath);
}
else
{
puts("Not found");
}
}
return 0;
}
Next Page »
