China aims to chart every inch of the moon’s surface, the chief scientist of the country’s first lunar exploration program said in comments published on Friday.
China, which plans to launch a lunar orbiter called “Chang’e One” in the second half of 2007 to take 3D images, would aim to land an unmanned vehicle on its surface by 2010, official news portal Chinanews.com quoted Ouyang Ziyuan as saying.
“Currently, our country’s lunar exploration program is divided into three phases — orbiting the moon, landing on the moon and returning back to Earth,” Ouyang said.
The second phase would see an unmanned craft land on the moon to “meticulously” survey a certain area, and the third phase would aim to “bring samples back to earth”, he added.
China’s space exploration program has come far since late leader Mao Zedong lamented that China could not even launch a potato into space.
In 2003, it became only the third country after the former Soviet Union and the United States to launch a man into space aboard its own rocket. In October 2005, it sent two men into orbit and plans a space walk by 2008.
But China’s space plans have faced increasing international scrutiny amid fears about a potential space arms race with the United States and other powers since it blew up one of its own weather satellites using a ground-based missile in January.
Read the rest of this entry »
Posted in Ideas, Internet, Programming, Security | 1 Comment »
TechCrunch just received a tip that the source code for the Facebook main index page has been leaked and published on a blog called Facebook Secrets. There are at least two possible ways that the source code got out – the first is that a Facebook developer has sent it out, or the more likely option that a security hole or other method has been used on either one of the Facebook servers or in their source code repository to reveal the code. The blog that published the code only has a single post on it, so it was created exclusively to publish this code – meaning that whoever is behind this both isn’t taking credit for the hole and doesn’t want to be associated with it. While there is no certain way to verify if the code is actually from Facebook, by taking a quick look through the code and by double-checking some paths that have been referenced, we can say with some certainty that this seems to be both real and also a recent version of the main Facebook page.
There are a number of clear ramifications here. The first is that the code can be used by outsiders to better understand how the Facebook application works, for the purposes of finding further security holes or bugs that could be exploited. Since Facebook is a closed source application, without access to the code security holes are usually found through a process of black-box testing, whereby an external party will probe the application in an attempt to work out how the application behaves and to try and find potential race conditions. In closed source applications it is common that developers rely on the closed nature of the application to obfuscate poor design elements and the structure of the application. An attacker getting access to the source code more often than not leads to further security holes being discovered. It is for these reasons that it is often claimed that open source software is more secure than closed source software, since there are many more eyes auditing the code and obfuscation can’t be used as a security measure.
The second implication with this leak is that the source code reveals a lot about the structure of the application, and the practices that Facebook developers follow. From just this single page of source code a lot can be said and extrapolated about the rest of the Facebook application and platform. For instance, the structure doesn’t follow any object oriented development practices, and it seems that the application is one large PHP file with a large number of custom functions living in the same namespace (they also seem to be using the Smarty templating engine).
This leak is not good news for Facebook, as it raises the question of how secure a Facebook users private data really is. If the main source code for a site can be leaked, then it can be said that almost anything is possible. Facebook has become such a success and has such a high profile that it has become a magnet for attacks against its systems. Most large scale applications suffer a breach at some point or another, since the odds are always stacked in favor of attackers, but companies can respond in a number of ways and the hope here is that Facebook will handle this situation gracefully. I don’t doubt that Facebook will pursuit this case with a lot of energy to both find the cause of why the code has leaked as well as to find who was responsible. They will also need to take some very quick short term measures to mitigate the risk to users since you can bet that right this minute there are hundreds of potential attackers pouring through the leaked code and probing their systems. At a quick glance, I know that I can see some obvious things in the code that both reveal certain hidden aspects of the platform and give a potential attacker a good head start.
Brandee Barker from Facebook left a comment on the TechCrunch post:
I wanted to clarify a few things in your story. Some of Facebook’s source code was exposed to a small number of users due to a bug on a single server that was misconfigured and then fixed immediately. It was not a security breach and did not compromise user data in any way. The reprinting of this code violates several laws and we ask that people not distribute it further.
Read the rest of this entry »
Posted in Facebook, Internet, Programming, Security | No Comments »
JT Smith, president of Plain Black, the creator of WebGUI, and one of the unsung successes of using Perl in business, recently sent this essay…
“It seems every day I am questioned about why I write in Perl versus PHP, Java, C#, Ruby, Python, or [insert your favorite language here]. People say things like, “Perl isn’t used anymore is it?” or, “Ruby on Rails is all I read about anymore.” As I write this, there are millions of Perl programmers around the world. Perl 5 is being actively maintained, and Perl 6 is in development. More than 3000 Perl Modules were released in 2006, and more than double are on track to be released this year. The reality is that Perl is far from dead.
Let’s say for a second that Perl actually was dying. Even if that were true, it would be a slow death over years to come. The reason? Businesses have billions of dollars invested in mission critical applications written in Perl that can not be easily replaced. For the sake of comparison, people have been saying that Cobol has been dead for more than 20 years, but there are over 1000 Cobol jobs per month posted on Monster.com, and more than 5000 per month for Perl.
In the past five years Perl’s usage has grown by almost 700%. This leads people to question why it looks like Perl’s market share is sliding. The answer is that they typically use web site development as a measure of marketshare, and the percentage of the web that’s programmed in Perl is shrinking. Is that due to people not using Perl? No. Absolutely not. Instead, it’s just that there are more web sites and more programming language options. Ten years ago almost all web applications were either written in Perl or C, but since then dozens of new languages have caught on. In addition, there are an estimated 20 million new sites put up each year. Even though the number of sites created in Perl doubles every year, tracking it by percentages will make the numbers seem to shrink.
Still don’t believe me? Well, how about we examine a small swath of really big web sites that I’m sure you have heard of and used that are either built entirely on Perl, or have significant portions written in Perl: Yahoo!, Amazon, TicketMaster, The United States Department of State, The BBC, Slashdot, and Shopzilla. Have you heard of any of those? I thought so.
To address the “Why Perl?” part of the equation, let me first point out that Perl was designed to be an ultra flexible text processing language. What is the Internet if it’s not text? Nearly every protocol and document standard you interact with on the web is just text. HTML, HTTP, SMTP, XML, CSS, Javascript…that’s right, all text! It is only logical to choose a programming language that was designed specifically for text processing when you’re working on the Internet. Java and C# are designed to be generic do everything languages. PHP, ASP, Cold Fusion, and JSP are all designed for the web only. Ruby and Python are also both good choices, but they don’t have nearly such a large library of code as Perl.
In addition to being a great text processing language, Perl provides a wealth of flexible coding possibilities. It has plugins to support and manipulate a variety of binary file formats, inculuding various forms of encryption, compression, and images. The Comprehensive Perl Archive Network (CPAN) provides coders thousands of easily downloaded modules that do everything from writing network services to parsing Microsoft Excel documents. Perl has also been compiled to work on dozens of hardware platforms and operating systems which allows code to be written once and used on virtually any system. In addition to this compatibility, Perl has been heavily integrated into the Apache web server in the form of mod_perl, which means that Perl can do anything that Apache can do.
If Perl is dead, then it is by far the most vital, active and useful deceased programming language I have ever come across. Perl is, in fact, alive and thriving, and it is uniquely suited to a variety of programming projects with its flexibility, power, and extensive code base. I write in Perl because it provides everything needed to support enterprise software applications. I write in Perl because it is actively being maintained and developed. I write in Perl because nothing else gets the job done better: long live Perl.”
Read the rest of this entry »
Posted in Programming | No Comments »
