Blog

So as the SQL injection attacks have rained down on my server for the past few days, my logs have been steadily filling up with data about the requests. Frankly, the data probably can't be trusted, it's all totally un-scientific, and doesn't really lead me any closer to the people responsible for the attacks. Regardless, I think it's pretty interesting. I've compiled some graphs and stats here.

I love infinite loops. They're sort of the black hole of programming. No one really knows what you code does when it reaches the last iteration of an infinite loop, but I speculate it has something to do with String Theory and unbounded time and space increasing proportionately to the rate of dense matter being compressed by gravitational forces so strong even light can't escape. Well, that's what I came up with off the top of my head anyway. Speaking of infinite loops, I found one happening on my server today.

So, I assume you've heard the latest buzz about DNS Cache Poisoning and the subsequently released patches. It's rather interesting, and a bit unnerving that the "patch" for now simply makes the exploit harder to pull off-- not impossible. I guess that's basically because the patch simply makes name server requests more randomized. Anything more would require an overhaul to the DNS protocol itself.

In the beginning was assembly, and it was with the programmer and it was good. Through it all programs that have been made were written, without it no programs were written. The compiler shines in the darkness, but the darkness has not understood it. Then came a design pattern sent by Alan Kay, its name was OOP. The other day, someone asked me a really dumb question. "Why are there so many programming languages? Why don't you just all use one?" Ok, that was two questions, and they aren't really dumb, but I felt kinda' dumb trying to answer them.

Here's a couple functions you've probably rarely used in ColdFusion: bitand(), bitor(), bitnot(), bitxor() etc. Frankly I've rarely needed any of them, but this week I did find a clever use for bitand(). I was messing around with a simple database-driven calendar I put on my church's website because I promised them a reoccurring event feature. I needed a simple way to store 12 "monthly" checkboxes without using 12 columns in the database.

This is a fun project I put out there a while back. I recently went through and optimized the performance a bit so I could officially blog it. It is an implementation of the Levenshtein Distance Algorithm in CFScript that I based off of a C# version written by Siderite Zackwehdex. Finding the "distance" between two strings is a means of comparing two strings to see how similar they both are. This can be done by finding the Longest Common String or LCS. It is as much a brain bender as it can be occasionally useful.

This April, Peter Boughton put a little tool on RiaForge called QueryParam Scanner. It does what it says and that means you have no excuse not to batten down the hatches on that old code you've got swept under the rug. It also meant I didn't have any excuses either, so I gave it a run tonight.

Many of the low-level technicalities of our life go on right under our nose without us really understanding their inner workings. You drive your car everyday, but do you understand how an internal combustion engine works? You keep your milk cold in the fridge, but do you grasp the physics of why Freon absorbs energy when it becomes a gas? As a mere user, deep understanding of the things you use is generally not necessary, but if you build or maintain one of these systems you had better know what goes on under the hood.

Check out the juicy details here: http://opensource.adobe.com/wiki/display/flexsdk/Gumbo One new item of interest is the new incentive program. The first two people to get 10 approved patches to the open source Flex project will get their way paid to Max!

Last week I saw a blog entry talking about the free server monitoring at http://www.servermojo.com so I figured I would give it a spin.