- C# Compiler Open Sourced — bit by the bit, the ship of Microsoft turns.
- The Web’s Declarative Composable Future — this. For the first time since 1993, I feel like the web platform is taking a step towards being a real platform (vs simply bolting features on the side).
- Why the Government Should Provide Internet Access — video interview with Susan Crawford about why the Internet should be treated like a utility. She’s the only policy person I see talking sense. There’s a multilarity coming, when a critical mass of everyday objects are connected to each other via the Internet and offline devices become as useful as an ox-drawn cart on railway tracks. At that point it’s too late to argue you need affordable predator-proof Internet, because you’re already over the (sensing, e-ink covered, Arduino-powered) barrel. (via BoingBoing)
- Design Fiction: A Bibliography — Some resources about design fiction I’m use to share with students.
"c" entries
Learn a C-style language
Improve your odds with the lingua franca of computing.
You have a lot of choices when you’re picking a programming language to learn. If you look around the web development world, you’ll see a lot of JavaScript. At universities and high schools, you’ll often find Python used as a teaching language. If you go to conferences with language theorists, like Strange Loop, you’ll hear a lot about functional languages, such as Haskell, Scala, and Erlang. This level of choice is good: many languages mean that the overall state of the field is continually evolving, and coming up with new solutions. That choice also leads to a certain amount of confusion regarding what you should learn. It’s not possible to learn every language out there, even if you wanted to. Depending on the area you’re in, the choice of language may be made for you. For the overall health of your career, and to provide you the widest range of future opportunities, the single most useful language-related thing you can do is learn a C-style language.
A boring old C-style language just like millions of developers learned before you, going back to the 1980s and earlier. It’s not flashy, it’s usually not cutting edge, but it is smart. Even if you don’t stick with it, or program in it on a daily basis, having a C-style language in your repertoire is a no-brainer if you want to be taken seriously as a developer.
Read more…
JavaScript shares its ubiquity
WebAssembly changes the rules of the JavaScript game.
I’ve never seen a technology lay down its primary advantage and prepare to hand over its ubiquity. I’m proud of JavaScript for doing this, and I’m sure that in the long run this will be good for the Web, but in the meantime I’m wondering where WebAssembly will take us.
Brendan Eich’s announcement of the effort makes clear that this builds on the earlier asm.js (and Google’s similar PNaCl), a highly efficient JavaScript subset that compilers of other languages could target. Eich enjoyed using Unreal Engine for demos of the speed asm.js could provide, but compiling to JavaScript, even weird JavaScript, still needed to go through a JavaScript parser. (Other approaches compiled to more comprehensible but less optimized JavaScript.)
WebAssembly – wasm – skips that final step, producing a binary format, technically a compressed AST encoding. Unless you’re going to be building compilers, you can compare wasm to a bytecode system. There is a text format for debugging, but the binary emphasis yields substantial extra speed as it skips parsing and minimizes decompression.
Read more…
Four short links: 4 April 2014
MSFT Opening, Declarative Web, Internet Utility, and Design Fiction Reading List
Six Degrees of Kevin Bacon in six languages
20 years of efficiently computing Bacon numbers
The Oracle at Delphi spoke just one language, a cryptic one that priests “compiled” into ancient Greek. The Oracle of Bacon—the website that plays the Six Degrees of Kevin Bacon game for you—has, in its 20-year existence, been written in six languages. Read on for the history and the reasons why.
1995-1999: C
The original version of the Oracle of Bacon, written by Brett Tjaden in 1995, was all C. The current version, my stewardship of it, and my revision control history only go back to 1999, so that’s where I’ll start. In 1999, I rewrote the Oracle… still entirely in C. Expensive shortest-path and spell-check algorithms? Definitely in C. String processing to build the database? Also C! Presentation layer to parse CGI parameters and generate HTML? C here, too!
Why C? The rationale for the algorithmic component was straightforward: the Oracle of Bacon ran on a slow, shared Unix machine that other people were using to get actual work done. Minimizing CPU and memory resource requirements was the polite thing to do. I needed a compiled language that let me optimize time and space extensively. The loops all counted down, not up, because comparing against zero was fractionally faster on SPARC. It had to be C.
But why were the offline string processing and the CGIs in C? Mostly, I think, to reuse code from the other parts of the code base and from previous projects I’d written when C was the only language I knew.
2004-2005: Perl
As the site added features, I got tired of writing code to generate HTML in C. I wrote new CGIs, then rewrote existing CGIs, in Perl. Simply put, writing the CGIs in an interpreted language made me more productive. I had hash tables and vectors built into the language and CGI support a simple “use” statement away. I didn’t have to compile on one server and then deploy to another—I could edit the CGIs right there on the web server. Good deployment practices it wasn’t, but it made me more productive as a programmer, and the performance of the CGIs didn’t matter all that much.
Four short links: 20 January 2014
iOS Pentesting, Twitter's Infrastructure, JS Data Sync, and Chromium as C Runtime
- idb (Github) — a tool to simplify some common tasks for iOS pentesting and research: screenshots, logs, plists/databases/caches, app binary decryption/download, etc. (via ShmooCon)
- Twitter Infrastructure — an interview with Raffi Krikorian, VP of Platform Engineering. Details on SOA, deployment schedule, rollouts, and culture. (via Nelson Minar)
- Orbit (Github) — a standalone Javascript lib for data access and synchronization.
- Chromium is the New C Runtime — using Chrome’s open source core as the standard stack of networking, crash report, testing, logging, strings, encryption, concurrency, etc. libraries for C programming.
Be a Polyglot Learner First, Then a Polyglot Programmer
How dabbling in a new language now can lead to innovation later
Being a polyglot programmer has its benefits; most of us have read or heard about those benefits from various respectable sources. I’d like to highlight the importance of being a polyglot learner before being a polyglot programmer.
You heard me right—learn a new language, but don’t rush to use it in production. At least not right away. I have used this approach and have realized two major benefits:
- Enhanced design skills, and
- The ability to adapt quickly to an evolving mainstream language
Most programmers currently code in one of the mainstream languages like Java, C#, and C++. On a typical enterprise project, chances are we’re using one of these languages. It might seem like a tall order for most of us to be able to intermix other languages. However, it’s becoming more critical that we do. Let’s discuss why.
Memory Deallocation Issues in C
Handle sensitive data, free memory, and more
It may seem that when dynamic memory has been deallocated, we are done with it. We have avoided a memory leak and can confidently move on to other issues. In some cases this may be the case. However, we may need to be concerned with issues such as how we handle sensitive data and whether we need to even worry about freeing memory if the application is about to terminate. In this discussion we will examine these issues and others.
The Heap and System Memory
The heap typically uses operating system functions to manage its memory. The heap’s size may be fixed when the program is created, or it may be allowed to grow. However, the heap manager does not necessarily return memory to the operating system when the free function is called. The deallocated memory is simply made available for subsequent use by the application. Thus, when a program allocates and then frees up memory, the deallocation of memory is not normally reflected in the application’s memory usage as seen from the operating system perspective.
Double Free
Memory is typically deallocated using the free function. One concern deals with what happens when we try to free the same memory twice. Freeing a block of memory twice is referred to as double free. The following illustrates how this can be done:
char *name = (char*)malloc(...); ... free(name); // First free ... free(name); // Double free
More subtle occurrences of double free occur when pointers are aliased:
char *name = (char*)malloc(...); char *tmp = name; ... free(name); // First free ... free(tmp); // Double free
In an earlier version of the zlib compression library, it was possible for a double-free operation to result in a denial of service attack or possibly to insert code into the program. However, this is extremely unlikely and the vulnerability has been addressed in newer releases of the library. More information about this vulnerability can be found at cert.org.
A simple technique to avoid this type of vulnerability is to always assign NULL to a pointer after it has been freed. Subsequent attempts to free a null pointer will be ignored by most heap managers.
char *name = (char*)malloc(...); ... free(name); name = NULL;
PowerShell Command Line Introduction
Effectively control Windows from the console
Here’s a slick PowerShell 3.0 one-liner. If you want to pull down an RSS feed from a blog, displaying only the title and publication date try:
Invoke-RestMethod "http://www.dougfinke.com/blog/index.php/feed/" | Select title, pubdate
It’s that simple. No looping, no checking end of stream, no XSLT to handle transforming the XML from the RSS feed, but wait, there’s more. This array of objects is now connected to the entire PowerShell ecosystem. PowerShell is based on .NET so you can use ADO.NET to insert it into a database, use Invoke-RestMethod again and post it to another REST endpoint or spin up Microsoft Excel and control it via its COM API. And that my friends, is the two foot dive into the PowerShell ocean.
PowerShell is Microsoft’s task automation framework, consisting of a command-line shell, an integrated scripting environment (ISE), a scripting language built on .NET Framework, an API allowing you to host PowerShell in your .NET applications, and it is a distributed automation platform. This means if you have PowerShell running on another box, you can remotely execute PowerShell there, if you have the credentials.
Getting started
What you need to do is launch the PowerShell console. On my Windows 8 box I press the Windows button, type “powers“, and hit enter.
Great! I’ve got a blank blue screen. Now what?
Read more…
New school C
Why C is a more practical and enticing programming language than you might think.
Choosing a programming language for that project you’re working on is a fairly straightforward decision: it needs to be fast, easy to use, and it must come with enough bells and whistles to keep you from re-inventing the wheel every time you want to do something.
Looking at this criteria, aside from the fast bit, the C language may not be the first one that pops into your head. After sitting down with Ben Klemens, the author of 21st Century C, I am now looking at C as a more practical and enticing alternative than I would have thought possible.
21st Century C sets a precedent in presenting C as a language that is a lot easier to use, and has more library support than many people think. If you are not up to date on the latest that C has to offer you may not be aware of the simplicity and elegance of the language. These strengths are backed by the C99 and C11 standards, but mainly they are built up on the development of libraries and modern tools for building and multi-threading in C. Read more…
Why we need Go
Rob Pike on how Go fits into today's computing environment
The Go programming language was created by Rob Pike, Ken Thompson, and Robert Griesemer. Pike (@rob_pike) recently told me that Go was born while they were waiting a long while for some code to compile — too long.
C++ and Java have long been the go-to languages for big server or system programs, but they were created almost 30 and 20 years ago, respectively. They don’t address very well the issues programmers see today like use of concurrency and incorporating big data and they’re not optimal for the current programming environment.
One main reason that Go will succeed is how it deals with concurrency. It outpaces Java and C++ as well as Python, Ruby, and all the other scripting languages. It simply provides a better model, with Java a close second, that is able to work within the computing environment into which it was born.
During a recent interview, Pike elaborated on the need for Go and where it fits in today’s programming landscape. Highlights from our discussion include: Read more…