Who is using Google Plus?

Google's employee mistakenly posts publicly on G+

Google's Steve Yegge posted a Google Plus post (taken down now) which was intended for internal sharing. Mistakenly, it was published as public. In his post he rants about Google's half hearted attempts..

This is the most interesting part of this post. Its a bit long, but you don't want to miss it

.....That one last thing that Google doesn't do well is Platforms. We don't understand platforms. We don't "get" platforms. Some of you do, but you are the minority. This has become painfully clear to me over the past six years. I was kind of hoping that competitive pressure from Microsoft and Amazon and more recently Facebook would make us wake up collectively and start doing universal services. Not in some sort of ad-hoc, half-assed way, but in more or less the same way Amazon did it: all at once, for real, no cheating, and treating it as our top priority from now on.

But no. No, it's like our tenth or eleventh priority. Or fifteenth, I don't know. It's pretty low. There are a few teams who treat the idea very seriously, but most teams either don't think about it all, ever, or only a small percentage of them think about it in a very small way.

It's a big stretch even to get most teams to offer a stubby service to get programmatic access to their data and computations. Most of them think they're building products. And a stubby service is a pretty pathetic service. Go back and look at that partial list of learnings from Amazon, and tell me which ones Stubby gives you out of the box. As far as I'm concerned, it's none of them. Stubby's great, but it's like parts when you need a car.

A product is useless without a platform, or more precisely and accurately, a platform-less product will always be replaced by an equivalent platform-ized product.

Google+ is a prime example of our complete failure to understand platforms from the very highest levels of executive leadership (hi Larry, Sergey, Eric, Vic, howdy howdy) down to the very lowest leaf workers (hey yo). We all don't get it. The Golden Rule of platforms is that you Eat Your Own Dogfood. The Google+ platform is a pathetic afterthought. We had no API at all at launch, and last I checked, we had one measly API call. One of the team members marched in and told....

A. R Rahman -127 Hours-Unreleased Instrumentals

Awesome Composition by music maestro.. 

Jo Beet Gayi So Baat Gayi...

Jo beet gayi so baat gayi

Jeevan may ek sitatra tha,

Mana woh behad pyara tha

Woh toot gaya toh toot gaya.

Amber ke aanan ko dekho,

Kitne iske tare toote,

Kitne iske pyare chhoote.

Jo chhot gaye phir kahan mile

Par poocho toote taron ka,

Kab amber shok manata hai,

Jo beet gayi so baat gayi....

Top Ten Errors Java Programmers Make!

Whether you program regularly in Java, and know it like the back of your hand, or whether you're new to the language or a casual programmer, you'll make mistakes. It's natural, it's human, and guess what? You'll more than likely make the same mistakes that others do, over and over again. Here's a top ten list of errors that we all seem to make at one time or another,  how to spot them, and how to fix them.

Read on - http://www.javacoffeebreak.com/articles/toptenerrors.html

New Mac OS X "Lion" stores passwords insecurely

Apple’s OS X Lion stores passwords insecurely, with the updated OS appearing to be more vulnerable than its previous Snow Leopard and Leopard versions, according to a BetaNews report.

Apple's OS X passwords can only be changed by a computer's administrator. The OS encrypts them and then stores them as "shadow files" on the disk drive in what should be a secure location.

Defense in Depth security blog identified the running issue in 2009, which was evident in versions 10.4, 10.5 and 10.6, and blogged that the issue is still prevalent in Lion.
However it's even easier to steal computer passwords in Lion. In previous versions of OS X, administrator privileges were needed to make the hack work. In Lion, any user can search the directory for the hash file, which is the file needed to decode the encryption.


Users without admin clearance won't be able to access the hash file directory, but it isn't needed when the hash data is accessible from directory services.


The issue would be much worse if the data could be accessed remotely, with hackers easily stealing catalogues of security passwords. Still, the fact the passwords are accessible locally is a big issue for Apple's OS, considering the security prone software is meant to be "the world's most advanced desktop operating system" according to Apple.


In the meantime, Mac users should disable all guest accounts and automatic login, so the computer requires an admin password at each start up.

Placed :)

I am an Infoscion now!! Finally!! Soo happy today , results were announced in university auditorium. Willl resume posting now. Heading Pune next week for PyCon 2011..... Pune Here I Come!! Register NOW! Join me.

Useful articles every programmer should read

Some useful topics every programmer should read.


Floating Point Numbers

• They are very useful but often used in situations where they simply don’t suit the solution the programmer is attempting to write. The following links should provide some background and info on where they are not so useful, what the pitfalls are and sometimes even how to avoid them.
• http://www.cprogramming.com/tutorial.html#fptutorial
• http://www.johndcook.com/blog/2009/04/06/numbers-are-a-leaky-abstraction/
• http://www.codeproject.com/KB/recipes/float_point.aspx
• http://drdobbs.com/184402741?pgno=4
• http://users.tkk.fi/jhi/infnan.html

Fixed Point Numbers

• Fixed point math is mildly old school but it is VERY useful both to understand its makeup and to use. Sadly because it is considered old school many of the online sources are out of date.
• http://x86asm.net/articles/fixed-point-arithmetic-and-tricks/
• http://gameprogrammer.com/4-fixed.html

Processor Cache Behavior / Memory

•  http://www.akkadia.org/drepper/cpumemory.pdf
•  http://en.wikipedia.org/wiki/CPU_cache
•     http://igoro.com/archive/gallery-of-processor-cache-effects/

Bit Shifting

• http://www.cprogramming.com/tutorial/bitwise_operators.html
• useful hacks (use carefully)
• http://graphics.stanford.edu/~seander/bithacks.html
• http://stackoverflow.com/questions/539836/emulating-variable-bit-shift-using-only-constant-shifts
• http://guru.multimedia.cx/avoiding-branchesifconditionals/

Branch Prediction

• This may be lower level that people think they need to go… but they’d be wrong. Understanding how the hardware you’re programming for treats branches can affect performance to a HUGE degree… far more than most programmers may appreciate
• http://cellperformance.beyond3d.com/articles/2006/04/background-on-branching.html
• http://igoro.com/archive/fast-and-slow-if-statements-branch-prediction-in-modern-processors/
• http://www.k8gu.com/ece.umn.edu/documents/classes/ece362-branch-prediction.pdf
• http://www.cs.ucr.edu/~gupta/teaching/203A-09/My6.pdf

Sorting

• This isn’t really low-level but something i consider “basic” and its an area where many programmers are simply lacking in understanding. Do yourself a favor and play around with this link, read the links it sends you to for each algorithm and try to grasp when each might be used, the properties as described and the next time you need to sort something… consult it.
• http://www.sorting-algorithms.com/
• another good link with sub links: http://corte.si//posts/code/visualisingsorting/index.html
• a funny one (but still strangely useful), the bubble sort dance:  http://www.youtube.com/watch?v=lyZQPjUT5B4

PS: I found these links somewhere on the net, i don't remember it now. Credit goes to respective authors

Presentation on Apache OFbiz Project

This is the presentation i am going to present tomorrow. 

innerHTML allocation size overflow crashes some browsers

[Posted off Full Disclosure]


If we try to consume more memory than available by constructing a long
string, most browsers seem to handle this gracefully. For example,
Firefox logs an "allocation size overflow" error in the JavaScript
console for the following code:

var a = 'a'
for (var i = 0; i < 100; i++) {
   a += a
}

Example web page: http://susam.in/lab/allocation-size-overflow/var/

However, if we try to do a similar thing with the innerHTML property
of an HTML element, some browsers crash. For me, Firefox 5.0 on
Windows XP crashed for the following code but Iceweasel 6.0 on Debian
(Wheezy) and Chrome 13 on Windows as well as Chrome 12 on Debian
didn't. For some of my friends, Chrome crashed but Firefox didn't.

var a = document.getElementById('foo') // There is a div element with
id="foo" present in the page.
for (i = 0; i < 100; i++) {
   a.innerHTML += a.innerHTML;
}

Example web page:
http://susam.in/lab/allocation-size-overflow/innerhtml/ (This might
crash your browser.)

FOSS GUI File Downloader

Application: Multiget

What it is

MultiGet is an easy-to-use GUI file downloader.It's programmed in C++ and has a GUI based on wxWidgets. It supports HTTP/FTPprotocols which covers the requirements of most users. It supports multi-taskwith multi-thread on multi-server. It supports resuming downloads if the Webserver supports it, and if you like, you can reconfig the thread numberwithout stopping the current task. It's also support SOCKS 4,4a,5 proxy, ftpproxy, http proxy.

More Feature:

It also support a feature called P2SP, or in other words, get file from
multiple servers, and combine the data from different site into one file. This
makes downloads complete much faster.

MultiGet also supports switching language dynamically, you can choose Chinese
or English interface.  Generally it will automatic choose a proper language
for you.

To know more about:

http://multiget.sourceforge.net/

To install in Ubuntu:

sudo apt-get install multiget

Using TTYtter to Tweet from command Line

Its soo cool, i can use twitter right from my terminal. I have SSH'ed to cjb.net server and using this tool from there.

Install this tool to access twitter from the terminal in Linux
http://www.floodgap.com/software/ttytter/

Adobe Flash Plugin vs 64bit Linux Distro

I cant play flash videos on Linux Mint 10 64bit. Don't know about other Linux users but I am really really frustrated with the problem , I cant view youtube videos mainly which i do view quiet frequently.

I asked folks at mint irc channel #linuxmint-help but everyone kept giving me the same advice i had already tried many times.

• Install mint-flasplugin-x64 via package manager.
• Install flash-plugin-nonfree , something like that one.
• Tried with Gnash plugin.
• And yes install adobe flash player. I tried with 32 bit versions and also beta 64 bit plugins for linux
• Manually placed libflashplayer.so file in google chrome, mozilla firefox 6.
• Minitube app didn't work either.
• Tried with few addons for firefox that did the same thing. But still no luck

Then one trick worked. I installed this Flash Video Replacer addon for Firefox. I changed the settings to load video in other standalone video player, Totem. This is really cool, now i can play high quality videos in full screen on totem without the lagging and hanging of flash plugins.

I just hope HTML5 comes over killing Flash, It Sucks!


Update: I enabled HTML5 videos on YouTube! http://www.youtube.com/html5 Much Better :)

Google.com - Open Redirect

Affected Software : Google.com domain
Severity          : Low
Local/Remote      : Remote
Author            : Piotr Duszynski (@drk1wi)


Due to a domain filtering bug and the way Chrome and Safari browsers
are interpreting the '%2e' URL encoded char it is possible to
trigger an open redirection through the Google main domain.

Vulnerability Details:

This vulnerability* has been verified on Chrome and Safari latest
browsers.

HTTP GET request:

http://www.google.com/sorry/?continue=http://google.wp%252epl

HTTP response body:

HTTP/1.0 302 Moved Temporarily
Location:
http://www.google.wp%2epl/sorry/?continue=http://google.wp%252epl

The fact that the %2e is interpreted as a '.' within the address bar,
allows to trigger an open redirect.



Try This: http://www.google.com/sorry/?continue=http://facebook.com




Source: Full disclosure.

कभी ना कहिये

बहुत बढ़िया कविता मिली   facebook पर ...

काम नहीं बना मत कहिये
कहिये "आज" नहीं बन पाया।
चुने नहीं गए तो कहिये
उनको "आज" नहीं मैं भाया।
असफलता अपनी दुनिया में
रह नहीं सकती है हमेशा
सोचोगे जो वही दिखेगा
दुनिया एक अजीब सा शीशा
नहीं बनेगा कभी ना कहिये
कहिये "कोशीश करके देखूँ"
चाहिये अगर प्रकाश मुझको
दीप की तरह मैं जलके देखूँ

तुषार जोशी, नागपुर

Source: http://kavita.hindyugm.com/2006/11/blog-post.html 

Writing Custom Haizea Modules

Haizea provides facility to write our own customized policies for lease scheduling via pluggable policy decision module.
It is currently categorized as

• Admission-policy
• Preemption-policy
• Host-selection policy

My custom scheduling policy didn't fit under any of these policies. So i am now writing my own parent policy class 'Scheduling-policy'. This super class will deal with some Advanced Reservation Lease's having option of getting migrated to Best Effort leases in case it can't be scheduled and getting terminated. I will update this post with some code snippets later.

Working with Haizea

Haizea is an Open Sourced Virtual Machine based Lease Manager.It can also integrate with OpenNebula and act as lease scheduler. I have been asked to implement a different policy in its lease preemption module. So.. tonight it is!

Rain is always followed by powercut here in Indore. But i have all "Batteries Included" , can easily continue for few hours :)
Take a look at what Haizea is

Haizea

Links:
1. http://haizea.cs.uchicago.edu/whatis.html
2. http://phoenixforge.cs.uchicago.edu/projects/show/haizea
PS: According to wikipedia, Haizea is a rock band!

print "Hello World"

So.. this ought to be the first post by any tech blogger after all! Folks this is my space :P oh.. I don't mean MySpace! Here I will write whatever I like and I do in my daily life.
I am an engineering student from Indore who likes to do all sorts of weird things, lives on the internet and wish to launch skynet someday. Hope my second attempt at blogging will continue this time without any jerks..