Avoid becoming a spam source
Posted by Jurgen in Programming, Security, Spam protection on August 21st, 2010
The number one rule in programming is not to trust external data, especially not user data. One of the reasons not to trust user data is the threat of hackers searching for injection possibilities. When you start develloping web applications you’ll soon learn the dangers of SQL injection. This might be the most important form of injection, but by far it is not the only one out there: cross site scripting is another good example. If your application sends out mail, you might want to make sure you sanitize user input as well as the application could be a magnet for spammers who’ll send spam mail using your IP. Read the rest of this entry »
Decoration aid
When it comes to designing websites choosing what colors to use is one of the first steps. Nowadays online applications often let users personalize the look and feel of the site by offering a way to customize the colors the website wears. JavaScript and HTML can be used effectively to this end. A problem is arising for component developers using JavaScript: what framework to use? There is MooTools, ProtoType, YUI library, jQuery, etc, etc… This is the reason I developed a standalone color picker. It also works with every JavaScript framework, as it does not depend on one or interferes with one. It is one single .js file, no extra images, css, javascript or whatsoever.
No robots beyond this line
Posted by Jurgen in Spam protection, Usability on April 23rd, 2010
Online communities are hot. Globally recognized examples are easy to give: websites like Facebook, LinkedIn and are very popular, manufacturers have online fora to have their customers support each other, newspapers let you leave comments on their articles on their websites and you can share everything with tools like Delicious, Digg and Reddit. This development on the Internet supports new possibilities which were unknown before. Of course this also counts for rogues. Spam is a commonly known phenomenon and global annoyance. Beside spamming unwanted messages by mail, spamming the comment boxes and fora is an issue web programmers have to deal with too. Spamming often is automated and this is a feature which can be used to counter spam. The goal is to identify a messenger being human or robot.
For this purpose the capcha was invented. Besides the fact that capcha sounds nice enough to be a buzz word it actually is short for Completely Automated Public Turing test to tell Computers and Humans Apart, although this is a bit contrived. This means that a capcha is a challenge response mechanism but it doesn’t need to be in the form of an image depicting distorted text which has to be copied in a text box which is the most common form of capchas. Creative new capchas can be found, like a transistor image which has to be read. Read the rest of this entry »
The Game of Office Decoration
Posted by Jurgen in Programming on April 22nd, 2010
This week I had a discussion with a colleague of mine about decoration for the new office rooms we hired. We thought of an Arduino based project, because it would just be cool to have some fun with the gadget.
We could make a giant board filled with buttons with a led in them. You’d press a button to toggle it. This board could be controlled by an Arduino and display several things on it. A clock for instance or news headlines from an arbitrary RSS feed or… since they’re buttons, Conway’s Game of Life! Read the rest of this entry »
Math behind a world sunlight map
Posted by Jurgen in Algorithms, Image processing on May 14th, 2009
My neighbour has a map of the world on the wall. You can see it from the street in front of his house. It has a backlight but that only illuminates half of the map. The transition from day to night is shaped like a sine wave most of the time. It actually is a physical world sunlight map. Of course, you can simulate this with a computer too. There even is an instance using Google maps.
As many roads lead to Rome multiple ways are possible to this simulation. One could model the sun, earth, maybe more and start ray tracing. This approach would include solar eclipses but is quite heavy by means of the load on the processor. Because of the number of calculations involved in ray tracing is quite high. The way I choose to describe fully in this article is one close to it. Using vectors pointing from a sphere (earth) to a point (sun) I map a Mercator projected map of the world on the sphere. The challenges included are the yearly orbit of earth around the sun and it’s 23.5° tilted 24 hour spin. Read the rest of this entry »
Textual difference detector
Posted by Jurgen in Algorithms, Text processing on May 7th, 2009
Today I uploaded my textual difference detector to the eDesign examples. This is an example application demonstrating the theory of applying the Levenshtein algorithm to detect differences between two versions of the same text. Also, the ‘Find the differences‘ post is updated with a link to this example.
This example takes two texts as input and outputs one merged text marked with what was deleted and what was added. Take a look and feel free to download the source code. This also inlcludes the Levenshtein algorithm source code.
Challenge Hash
Posted by Jurgen in Algorithms, Security on May 5th, 2009
The Internet is a crowd and everybody in it can potentially hear what you say. Methods have been developed to prevent this and ensure identity, integrity and authenticity. Often these three can be seen as properties of encryption. Encryption implies the possibility of decryption. Passwords are precious things you don’t want others to decrypt and read. With a technique called challenge hashing you don’t need to have any worries about it. Challenge hashing is a technique used to verify a password on site B which was sent from site A without sending the password in plain text. This article covers how. Read the rest of this entry »
Character entities
Posted by Jurgen in Character Encoding, Web standards on May 4th, 2009
As in real life characters that build written language differ from system to system. Ελληνικά characters differ from Русский, 汉语 and Latin characters. Fortunately these character sets have been standardized and called alphabets. The same goes for character sets in the digital world. As computers can only process binary data, all characters are mapped to a number. In the early days such a mapping of the Latin alphabet, along with some other graphical ‘characters’, digits and control characters (e.g. escape, tab, line feed, carriage return) was standardized. This standard is known as the American Standard Code for Information Interchange (ASCII) and was developed by the American Standards Association (currently: ANSI). This 7-bit encoding lacked digital representations for many characters of e.g. foreign characters (as respectively Greek, Russian and Chinese are mentioned above) but also accents like å, è, ï, ó and û were not represented in the set. But as you can see in this paragraph, improvements have been made to facilitate such ’special’ characters. Read the rest of this entry »
Sudoku Logic – part I
Posted by Jurgen in Algorithms on May 1st, 2009
If you haven’t heard of Sudoku puzzles (数独, sūdoku) you’ve either been sleeping under a rock or been space traveling for quite a while. These 9×9 square puzzles originating from around 1900 became an international hit in 2005. Sudokus appear in newspapers, online and special sudoku puzzle books all-over-the-world. And as if that is not yet enough Sudoku TV shows and all kinds of variants of the puzzle are made. One can solve a sudoku using logic only. Because of this computational algorithms to solve every possible Sudoku must exist. This is part one in the series on such algorithms. Read the rest of this entry »
Security basics
Security is an issue on every level of communication. If you order a bread at the bakery you pay and receive your bread. This face to face approach doesn’t really need any security. What does it matter if your neighbor, in line next to you, overhears you ordering a bread and sees you pay as long as you get your bread? But what if this would be done online and it involves not a bread but a loan or a transfer from your savings account? You wouldn’t want a John Doe messing with the data you need to communicate with your bank, would you? Read the rest of this entry »
-
-
Sponsored by INFI B.V.
