Yesterday was not the best day in the history of this blog. Probably those of you who subscribed to the feeds have noticed. I tried to combine the feeds from here and the voidy blog to one single feed and it resulted in a multitude of duplicate feeds to be sent to your inbox.

Really sorry for that. I will not try that again!

For the technically inclined, here is what I guess happened:

I used yahoo pipes to combine both the feeds:

pipe  = feed(diovo) + feed(voidy)

Then I burned this pipe as the original Feedburner feed.

feed = feed(diovo) + feed(voidy)

I am using the Feedsmith plugin for this blog. Feedsmith plugin redirects all the feed references in this blog to the original Feedburner feed.

feed(diovo) = feed

Therefore now the new feed (using yahoo pipes) becomes:

feed = feed + feed(voidy)

Yeah. I see.

For the last one year or so I have been using a desktop application that displayed an ad (something like 800 x 60 pixels) in its header.

Since yesterday the ad is not showing up. Now, I cannot recall what the ad was about!

It is a real shame that ads don’t work if used without permission. You try spamming me for a whole year, and I still see only what I want to.

I wish more people understood this: if ads are working on your site it is because someone has figured out how to monetize your users. (At a multiple of how much you get from the ads!) Why isn’t that someone you?

- from HN

A few days ago at EuroCrypt 2009, security researchers announced an attack on the SHA-1 hashing algorithm. The attack is a fairly serious one and it is a strong signal for software vendors to move away from SHA-1.

For almost all cryptographic algorithms, if the digest length is n, it means that there are 2ⁿ different possible values for the message digest (cipher text in the case of an encryption algorithm). Taking the possibility of birthday attacks into account, we can safely assume that breaking these digests will take at least 2^n/2 operations.

If n = 160 (as in the case of SHA-1), it will take 2⁸⁰ calculations to break the code. Even if we assume that a computer can do 2²⁰ operations per second, it will take a whopping 36 billion years to crack the code. Our secrets and systems are kept secure by these algorithms which are supposed to resist the best computers for 36 billion years from cracking code.

Then someone very smart comes along, finds a weakness in the algorithm itself rather than trying to do brute force attack, and the security of our documents, signatures and protocols are jeopardized. We are forced to find better alternatives and design better algorithms.

In the real world, cryptographic algorithms become obsolete or broken in 10-25 years rather than the theoretical time frame of 36 billion years.

As a precautionary step you may want to make the algorithms/protocols used in your application easily replaceable. This will make your life easier when the algorithm is broken and you want to replace it. Also, as a programmer you should understand that even if the algorithm is not yet broken, your implementation may be flawed. Most of the security vulnerabilities are caused by crappy implementations of secure algorithms/protocols.

And did I mention that you should not write your own encryption algorithm?

Of course in the real world things are entirely different:

As you probably know, none of the algorithms in the world will help you if I know your mother’s maiden name.

An abstraction derived from something, or a reaction to it, is not the thing itself.

I bet you will read that sentence again. Anyway, let me explain.

What you see below is not a laptop.

What you see is the picture of a laptop.

Not meant to be funny. But this simple fact does have many implications and applications. The wikipedia page explains more:

[This] is also cited as an underlying principle used in neuro-linguistic programming, where it is used to signify that individual people in fact do not in general have access to absolute knowledge of reality, but in fact only have access to a set of beliefs they have built up over time, about reality.

Note that neuro-linguistic programming is related to computer programming in the same way as Java is related to JavaScript.

The last day I sat through another boring presentation. The problem is that people mistake presentations for lectures.

If you want to teach me something, give me the book. Or pass me that spreadsheet if you want to show some data. And send me an email when you want to share some new information.

I am amazed that it took 47 slides for you to tell me something trivial.

Presentations are meant for making a convincing point. That’s it.

Conventional corporate hierarchies make sure that there are only a handful of managers for every hundred employees. So your chances of becoming a manager are very small. This is the same reason why only a small percentage of employees in any organization get promotions.

This means that the odds of you failing to get a promotion in the job and the odds of your startup failing to get traction are almost the same. Besides, a startup is more exciting to work on and in the long run it promises more rewards for the same amount of effort put in.

I wonder why you selected the less exciting path then.