2016 week 43 in programming

Applying the Linus Tarvolds “Good Taste” Coding Requirement

To the best of my ability to discern, the crux of the “Good taste” requirement is the elimination of edge cases, which tend to reveal themselves as conditional statements. Below is an algorithm I wrote to initialize the points along the edge of a grid, which is represented as a multidimensional array: grid[rows][cols]. Again, the purpose of this code was to only initialize the values of the points that reside on the edge of the grid - so only the top row, bottom row, left column, and right column. To accomplish this I initially looped over every point in the grid and used conditionals to test for the edges. Complexity - The use 4 conditional statements inside 2 embedded loops seems overly complex. It was only a slight improvement in complexity, but a large improvement in performance, because it only performed 256 loop iterations, one for each point along the edge. For This code initializes four different edge points for each loop iteration.

It’s official: Java 9 will support ahead-of-time compilation (but only 64-bit Linux initially)

AOT compilation of any other JDK module, or of user code, is experimental. During AOT compilation a fingerprint for each class is generated and stored in the data section of the shared library. In these cases, AOT compilation needs be done on the entire application and is thus experimental in JDK 9. The system should have installed libelf to allow generation of AOT shared libraries as result of AOT compilation. AOT compilation should be executed on the same system or a system with the same configuration on which AOT code will be used by Java application. For the initial release in JDK 9 the only supported module for AOT compilation will be java. The same Java run-time configuration should be used during AOT compilation and execution.

Android can be rooted using recently discovered Linux vulnerability

It’s extremely easy to exploit, making it one of the worst privilege-elevation flaws ever to hit the open-source OS. Independent security researcher David Manouchehri told Ars that this proof-of-concept code that exploits Dirty Cow on Android gets devices close to root. With a few additional lines, Manouchehri’s code provides persistent root access on all five of the Android devices he has tested. “From what I can tell, in theory it should be able to root every device since Android 1.0. Android 1.0 started on [Linux] kernel [version] 2.6.25, and this exploit has been around since 2.6.22.". Both of the exploits allow end users to root Android phones so they have capabilities such as tethering that are often restricted by individual manufacturers or carriers. Just as Dirty Cow has allowed untrusted users or attackers with only limited access to a Linux server to dramatically elevate their control, the flaw can allow shady app developers to evade Android defenses that cordon off apps from other apps and from core OS functions. The reliability of Dirty Cow exploits and the ubiquity of the underlying flaw makes it an ideal malicious root trigger, especially against newer devices running the most recent versions of Android. Dirty Cow came to light a few days before the release of a separate rooting method for Android devices.

Happiness is a Boring Stack

It’s a fun place, and a good way to keep up to date on all the new tech that us developer folk seem to need to know about. Yeah, sure, Node.js with tons of functional stuff mixed in pulling from a NoSQL store and React on the front end. For my own stuff, there’s no way I’d use any of that crap. This stuff is my proper income stream, and the most important thing is that it works. It means I can, among other things, pick up a full-time development gig to sock away some extra runway, take off and go backpacking around the world, or better still, build yet another rent-paying product without having to spend a significant amount of time keeping the old stuff alive. It seems like on a lot of stacks, keeping the server alive, patched and serving webpages is a part-time job in itself. The less effort you need to spend on maintenance, the more pace you can keep going forward.

Parsing JSON is a Minefield 💣

Range and Precision - What about numbers with a huge amount of digits? According to RFC 7159, “A JSON parser MUST accept all texts that conform to the JSON grammar”. A JSON parser MUST accept all texts that conform to the JSON grammar. Independently from how parsers should behave, I wanted to observe how they actually behave, so I picked several JSON parsers and set up things so that I could feed them with my test files. The parsers are generally wrapped so that the process returns 0 in case of success, 1 in case of parsing error, yet another status in case of crash, a 5-second delay being considered as a timeout. Parsing should have succeeded but failedparsing should have failed but succeededresult undefined, parsing succeededresult undefined, parsing failedCrashTimeout. A JSON parser transforms a JSON text into another representation. I wrote yet another JSON parser which will parse or reject JSON document according to my understanding of RFC 7159.

How to Get Fired Using Switch Statements & Statement Expressions

One extremely unmaintainable and bug-ridden technique for C programming involves using both switch statements and statement expressions together. In this article, we will discuss how you can leverage switch statements and statement expressions to produce C code that is so difficult to understand, you’ll need to look at the assembly to figure out what it does. After branching to that label nothing special happens related to the fact that you’re inside a switch statement and the code will just keep executing whatever machine instructions come next. The one exception is, of course, the break statement which will jump to the point after the switch statement body. Here is an equivalent version of the switch statement written above using only ifs and gotos. The switch statement effectively just gives us a convenient way to implement the goto statements that would be necessary to either jump to the start of the coroutine, or the point just after the coroutine returns. Regular ole expression / int i = 0; / Fancy new statement expression */ int j =;. You might ask “Why would you ever want to do such a thing?” There are a number of different answers and many of them are related to convenience: One use case is concerned with ensuring that expression statement side-effects are only evaluated once in the case of a function macro that may cause the expression to appear multiple times in the function macro body.

Patent Judge Issues Opinion Declaring All Software Patents Bad

This latest ruling, from the very court that upended things nearly two decades ago in declaring software much more broadly patentable than anyone believed, may now be the nail in the coffin on software patents in the US. The headline, of course, is that the patents that Intellectual Ventures used against anti-virus firms Symantec and Trend Micro, were bunk, because they did not cover patent eligible subject matter. The part that has everyone chattering is the concurring opinion by Judge Haldane Mayer, that says it’s time to face facts: Alice killed software patents. In Support of Respondents, Alice, 134 S. Ct. 2347, 2014 WL 828047, at *6-7; Mark A. Lemley, Software Patents and the Return of Functional Claiming, 2013 Wis. L. Rev. 905, 935 (“Software patents … have created a large number of problems for the industry, particularly for the most innovative and productive companies…. [T]he existence of a vibrant open source community suggests that innovation can flourish in software absent patent protection.” (footnote omitted ; Wendy Seltzer, Software Patents and/or Software Development, 78 Brook. Mayer goes even further in this discussing four separate problems with the whole concept of software patents, including the fact that the scope of the patents greatly exceeds the importance of what they disclose. The third problem he discusses is the fact that the system is overwhelmed with software patents, “Most of which are replete with broad, functional claims” which makes it “Virtually impossible to innovate in any technological field without being ensnared by the patent thicket.” Nicely put. From there, he suggests that the courts should just stop punting on the issue and declare software patents dead: Declaring that software implemented on a generic computer falls outside of section 101 would provide muchneeded clarity and consistency in our approach to patent eligibility. It would end the semantic gymnastics of trying to bootstrap software into the patent system by alleging it offers a “Specific method of filtering Internet content,"…. The opinion is a great read overall - and it’s the kind of arguments that plenty of folks in and around tech and software patents have been making for years.

A Taste of Haskell

The error message tells us that the list is assumed to be a list of booleans because of the final value. If the list has more than one element, we remove the first element of the list and recursively call last’ on the rest of the list. The length of a list with more than 0 elements is 1 plus the length of the rest of the list. Map’ f [] = []. The base case is easy: When we get an empty list passed, the result is also an empty list. Finally we recurse with the rest of the list, until we reach the base case for the empty list. While working with lists in Haskell you might wonder what happens if we never reach the base case? We have lazy evaluation in Haskell, which tells us that a data structure is only evaluated when it’s actually needed. The second parameter is a list of values of type a, the third parameter is a list of values of type b and finally a list of type c is returned.

How I Became HackerRank #1 In Two Hours

My ranking on Hacker Rank is #1 for Java programming and it only took me two hours. After earning a top ranking for Java developers globally, Furlong was hired by JPMorgan Chase & Co. in December for its two-year technology training program. Much of the time I spent trying to solve problems on Hacker Rank was battling with standard in, rather than solving problems. Due to these limitations, the programmer is often spending half the time fighting with the Hacker Rank website, rather than learning. First of all, Hacker Rank only “Teaches” the basic Java language features. A programmer’s merit has never relied on rankings, and there is no reason to start now. If a person is claiming to be a top ranked programmer from Hacker Rank you should know this person is likely a fraud.

Freeing my tablet (Android hacking, SW and HW)

1 ttsiod ttsiod 21 Oct 8 23:11 userdata -> /dev/block/mmcblk0p32 Golly gee, Mr Google, that’s a lot of partitions. I do believe though that when you do this, the tablet is supposed to be wiped automatically… since by allowing booting of a custom image, an external entity can pretty much gather every data residing inside the tablet - and completely violate your privacy. Rc drwxr-xr-x 2 ttsiod ttsiod 4096 Oct 23 08:30 proc -rw-r-r- 1 ttsiod ttsiod 3138 Oct 23 08:30 property contexts drwxr-xr-x 3 ttsiod ttsiod 4096 Oct 23 08:30 res drwxr-x– 2 ttsiod ttsiod 4096 Oct 23 08:30 sbin -rw-r-r- 1 ttsiod ttsiod 746 Oct 23 08:30 seapp contexts -rw-r-r- 1 ttsiod ttsiod 76 Oct 23 08:30 selinux version -rw-r-r- 1 ttsiod ttsiod 177701 Oct 23 08:30 sepolicy -rw-r-r- 1 ttsiod ttsiod 10468 Oct 23 08:30 service contexts drwxr-xr-x 2 ttsiod ttsiod 4096 Oct 23 08:30 sys drwxr-xr-x 2 ttsiod ttsiod 4096 Oct 23 08:30 system -rw-r-r- 1 ttsiod ttsiod 8349 Oct 23 08:30 ueventd. So I went back to that Over-The-Air update…. host$ ls -l total 803592 drwxr-xr-x 2 ttsiod ttsiod 4096 Oct 21 01:22./ drwxr-xr-x 6 ttsiod ttsiod 4096 Sep 25 23:34./ -rw-rw-r- 1 ttsiod ttsiod 822861864 Aug 7 2015 UL-K01E-WW-12.16.1.12-user. We CAN boot our own boot images on the tablet, but ASUS keeps a note somewhere: “This is a bad person, booting his own boot image. We will no longer boot for him normally.” We CAN clear our record afterwards and make the tablet “Normal” again. this took me ages to find and to manage to compile properly - Joshua Brindle provides the source code of sepolicy-inject; a tool that allowed me to tell Android that the SELinux policy I want…. host$ ls -l drwxr-xr-x 2 ttsiod ttsiod 4096 Oct 22 16:05./ drwxr-xr-x 4 ttsiod ttsiod 4096 Oct 4 2015./ -rw-r-r- 1 ttsiod ttsiod 349 Oct 22 15:42 Makefile -rw-r-r- 1 ttsiod ttsiod 1088 Jul 17 2013 README.txt -rw-r-r- 1 ttsiod ttsiod 5851 Jul 17 2013 sepolicy-inject. God knows what else - the GPS, etc :-(. I have to go back to my original plan - boot from the pristine boot image burned in the tablet, and become root ONLY through modifications to my /system partition.

“What was it like programming Skyrim?” - Stream with former Bethesda Lead programmer Brett Douville

It’s been five years since The Elder Scrolls: Skyrim launched, and since then the way open-world games are made has changed so much. Bethesda Softworks has gone on to release Fallout 4, and companies like Ubisoft and CD Projekt Red have built their own templates for creating vast, open game spaces that rival the size of Bethesda’s fifth Elder Scrolls RPG. But despite how far open-world games have come, we at Gamasutra were curious, what was it like working on Skyrim? With the release of Skyrim’s special edition that brings the game to PS4 and Xbox One, we decided to invite former Bethesda Softworks lead programmer Brett Douville in for a conversation about programming the game. As seen above, the chat was particularly illuminating, since as Douville explained, the best language a programmer can know isn’t any coding language, but as he puts it “English”-meaning just having the ability to communicate with other team members and translate game design concepts into code and back. It turns out that even while Skyrim proved to be a huge programming challenge, it was also a lesson for Douville and his colleagues to just figure out how to take care of themselves and work together as a team.

Picat, the programming language you’ve never heard about, wins 10K prize at Media Lab Summit

A team of two students and one professor from Brooklyn College won the grand prize of $10,000 at the NYC Media Lab Summit at Columbia University on Sept. 22. Computer Science Professor Neng-Fa Zhou, first-year graduate student Jie Mei, and programmer Jonathan Fruhman brought home the prize for their demo of a programming language called Picat. “Picat is a multi-paradigm programming language aimed for general-purpose applications, which means theoretically it can be used for everything in life,” said Mei. Mei, on the other hand, worked on programming during his years in college. Mei, along with his teammates at the University of Michigan, finished a project called Creative AI. They applied a neuro-linguistic programming concept “To develop models of a music artist’s lyrics so that the model would receive lyric data as input and ultimately generates new random lyrics in the style of that artist,” said Mei. Even though both Mei and Zhou have completed and worked on many successful projects, they were surprised to learn they won the grand prize. According to Picat’s website, the language incorporates the features of many other computer languages so users can solve problems more easily.

Nim 0.15.2 released

We’re happy to announce that the latest release of Nim, version 0.15.2, is now available! As always, you can grab the latest version from the downloads page. This release is a pure bugfix release fixing the most pressing issues and regressions of 0.15.0. The list below has been generated based on the commits in Nim’s git repository. As such it lists only the issues which have been closed via a commit, for a full list see this link on Github. " Fixed “Internal error when passing parameter proc inside. Gcsafe closure” Fixed “Upcoming asyncdispatch doesn’t compile with C++ backend on OS X”.

Trick OR Treat: programs runnable in two different languages and that print “Trick” in one language and “Treat” in the other

The types t and t1 don’t matter as the arguments aren’t used in the function body. The IO-action type results from print"Treat”, which prints “Treat” to StdOut. It’s type is val :: t -> which is executed when the program is run. To determine whether main equals putStr"Trick”, both sides have to be evaluated and both must have the same type, as SML is statically typed. Print has the type string -> unit, so putStr has the type a -> unit and therefore putStr"Trick” has just type unit. In order to be well-typed, main must have type unit too. So first the types of putStr and main are shown, then the expressions gets evaluated causing treat to be printed, then the value of the expression (true as both sides of = are ( is bound to the implicit result variable it which is then also displayed.

main(){printf(&unix["\021%six\012\0”], (unix)[“have”]+"fun”-0x60);}

The IOCCC was inspired by Steve Bourne when he decided touse the C preprocessor to write his Unix shell in a syntax of C more like Algol-68 with explicit end statement cues where you have code like. IF *s2++ == 0 THEN return(0); FI. As Expert C says about this kind of code;. Is unix a keyword? Is it somehow printing the variable name? Searching the gcc source code, I find that it’s a run-time target specification. So unix wasn’t the name of an array variable, but how does 1[] work? I’ve seen this before and it’s one of my favorite facts about C. C has origins in the langauge BCPL. From Dr. Martin Richards, creator BCPL;. The monodic indirection operator ! takes a pointer as it’s argument and returns the contents of the word pointed to. If v is a pointer !(v+I) will access the word pointed to by v+I. The dyadic version of ! is defined so that v!i = !(v+I). V!i behaves like a subscripted expression with v being a one dimensional array and I being an integer subscript.

What happens when your laptop screen breaks at the Himalayas

None

Deep Learning papers reading roadmap

After reading above papers, you will have a basic understanding of the Deep Learning history, the basic architectures of Deep Learning model(including CNN, RNN, LSTM) and how deep learning can be applied to image and speech recognition issues. “Learning to learn by gradient descent by gradient descent.” arXiv preprint arXiv:1606. “Unsupervised representation learning with deep convolutional generative adversarial networks.” arXiv preprint arXiv:1511. “Neural Machine Translation by Jointly Learning to Align and Translate.” arXiv preprint arXiv:1409. “Reinforcement learning neural Turing machines.” arXiv preprint arXiv:1505. “Dueling network architectures for deep reinforcement learning.” arXiv preprint arXiv:1511. “One-shot Learning with Memory-Augmented Neural Networks.” arXiv preprint arXiv:1605.

A fast cloc replacement written in rust

There’s another rust code counting tool called tokei, loc is ~2-10x faster than tokei, depending on how many files are being counted. I can count my 400k file src directory in just under 7 seconds with loc, in a 1m14s with tokei, and I’m not even willing to try with cloc. Loc: 1.09 seconds tokei: 5.3 seconds cloc: 1 minute, 50 seconds Installation. For anyone familiar with Rust there’s cargo install loc. Fortran has a rule that comments must start with the first character of a line. X = “/* I haven’t slept for 10 days because that would be too long */";. loc counts the first line and last lines correctly as code, but the middle lines will be incorrectly counted as comments. This project contains code from Tokei by Aaronepower and ripgrep by BurntSushi.

Why TDD’ing your frontend feels pointless

Working on the frontend of our application however, I found TDD difficult to do and less satisfying than with backend code. The first two points above I will very much take blame for and not fault TDD, especially given my comparative inexperience with frontend coding at the beginning of our project. Humans are hard to predict So this brings us to the biggest problem with TDD and frontend code. As an aside, folks who are just getting started in coding and/or not used to TDD who don’t understand where it shines often don’t see the point of using it. What is the frontend and how do we test it then?So up to this point, I’ve used the word frontend to describe a thing that’s hard to TDD. If you’re a web developer though, do not think that everything you have running in your user’s browser is hard to test or is even frontend code. Not everything running in the browser is hard to test or even frontend codeBecause a lot of business logic running in a browser or other client is so close to the UI, you may get the impression that it’s all hard to use TDD with. Tell me I’m wrong and show me the wayI love practicing TDD. I would love to be wrong about this, so please share your experiences below about how you have figured out how to do TDD with user interfaces that doesn’t end up with throwing away most code immediately.

Twenty years later I wrote a Tetris… again!

Somewhere around 4am that night, after several hundred lines of Basic code, I had myself a fully working Tetris-like. It’s only a few days later that I realized I had written the same kind of program, twice, twenty years apart and in two different but somewhat similar languages. About the time it took: Surprisingly with improved tools and an extra 20 years experience, it took me about the same time this time around as it did 20 years ago. Have they been lying to us all these years telling us that with improved tools we are able to write code faster? From this experience I would say “Yes”. About the size of the code: the code I wrote this time is roughly one third of the size of my original code which probably means it has less bugs and is more maintainable. In shorter terms, the code I ended-up with in 2016 is way more re-usable than the one from 1996. Now that I’ve been rambling on and on about 2 different Tetris games coded 20 years apart, you probably want to see the code.

All-in-one API documentation browser with offline mode and instant search

None

It’s official: Oracle will appeal its “fair use” loss against Google

The massive Oracle v. Google litigation has entered a new phase, as Oracle filed papers yesterday saying it will appeal its loss on “Fair use” grounds to the US Court of Appeals for the Federal Circuit. For a brief recap of the case: after Oracle purchased Sun Microsystems and acquired the rights to Java, it sued Google in 2010, saying that Google infringed copyrights and patents related to Java. Oracle initially lost but had part of its case revived on appeal. The sole issue in the second trial was whether Google infringed the APIs in Java, which the appeals court held are copyrighted. Oracle’s appeal is no surprise, but it will be a long shot. Oracle’s post-trial motions, which the district court judge rejected, indicate the tack it might try to take on appeal. Unless Oracle pulls off a stunning move on appeal, its massive legal expenditures in this case will be for naught.

Go now has sub-millisecond GC pause times

None

What’s More Distracting Than A Noisy Co-Worker? Turns Out, Not Much

According to workplace design expert Alan Hedge at Cornell, 74 percent of workers say they face “Many” instances of disturbances and distractions from noise. The University of California’s Center for the Built Environment has a study showing workers are happier when they are in enclosed offices and less likely to take sick days. It’s only months later, when he was moved to a new desk in an office reshuffling, that he realized just how much more work he accomplished without constant interruption. In a previous job, Dooley shared an office with a man who liked to eat frozen carrots and had the hacking cough of someone with chronic bronchitis. While employers worry about contagion and lost productivity of someone bringing an illness to work, they also have a legal obligation to accommodate employees who have an illness or a disability. Four years ago, the Social Security Administration reprimanded a worker for his “Excessive flatulence.” After numerous complaints and warnings, the agency charged him with “Conduct unbecoming a federal employee.” The employee claimed he had lactose intolerance, and after his union intervened, the reprimand was rescinded. The trend toward open offices and hard office furniture makes noise distraction worse, so adding carpet, drapes and upholstery can help.

Lesson learned from running a local meetup

A good / usable location is important for the meetup and the location depends on the meetup content. If you a running your meetup in a small conference room with ~15 people you often don’t need this. Try to motivate people from your community and local meetup to get on stage for the first time. If your meetup is well known, sometimes speaker will contact you, because they knew that it is possible to test bigger conference talks at local usergroups and improve them later. Name of the meetup WiFi access Office / location rules Where are the toilets Announcements of other appointments like other meetups in the area conferences / hackathons near by your next meetup Speaker and topic of today If you offer a socialising after the talk or if the meetup ends directly. If you run a meetup or visit meetups on a regular basis, feel free to share your lessons learned in the comments. Found a bug in this article? Feel free to create a pull request at Lessons learned from running a local meetup at github.

comments powered by Disqus