नमस्कार,
यह लेख मेरा अपनी मात्रिभाशा हिन्दी मे प्राथम लेख है. इसके द्वारा मैं अपने इस जर्नल में एक हिन्दी कैटेगेरी आरम्भ कर रहा हूँ, जिसमें मैं क्षमतानुसार योदान करता रहूंगा. हमेशा से ही मैं हिन्दी भाशा में इंटरनेट पर कुछ करना चाहता था, परन्तु आज प्रथम बार उस विचार का क्रियान्वन करने मे सफल हुआ हूँ. आशा है आप पाठकों को मेरा यह प्रयास पसन्द आयेगा एवं आप भी मुझे प्रोत्साहित करेंगे.
आपका,
नवीन 
I just love to see where these technical discussions sometimes end up, or start off for that matter. Reading on a /. post on Largest Hacking Scam in Canadian History, an interesting debate shot off on “There is no data which is also not a program/piece of executable(in some way or the other) code“. Following are excerpts from the thread:
It doesn’t even really matter at this point. Let’s be honest… the average computer user doesn’t know the difference between U2-Somesong.mp3 and U2-SomeSong.exe.
To make matters worse, some attacks may even occur if you are dealing with safe file types, like a PNG [microsoft.com] or even PDF [softpedia.com]. Some security problems exist due to the user’s ignorance or idiocy but “some” isn’t exactly the same thing as “all”.
There are no safe file types. All files can be viewed as programs meant to run in a specialized virtual machine (the program which is used to open them). For example, a PNG file is a program which, when run, will compute an array of bytes (the image pixels). The same goes to PDF. In this view, since all files are programs, it is in principle possible that any of them could contain code which can result in unexpected behavior of the virtual machine executing them.
Of course some file types are easier to compromize than others, either due to sheer complexity or ambiguity of the specification or because they are Turing complete. However, it is impossible to guarantee that every viewer for any file type is free of defects. Anyone still remember ANSI codes for DOS, which could be embedded to text to change color but also to set macros to keyboard keys when the file was viewed ? And of course SQL injection attacks are based on formatting a text string so it will cause unexpected results, not to mention causing a buffer overflow with an overlong string.
I repeat: there are no safe file types. They all have a potential to contain malicious code, because there is no such thing as data which is not also a program. From a certain point of view, GIMP is simply a very specialized compiler…
Is a text file containing a single line of text followed by a carriage return a program? How about the standard input device? When I type at the console keyboard, is that a program feeding into a “virtual machine” created by the console driver? If not, why is a disk device different from another device?
I think you’re missing the fundamental theorem of modern computer science — that “data” and “instruction” are completely interchangeable. See generally, the halting problem.
Is a text file containing a single line of text followed by a carriage return a program?
It can be. For example:
'; ROLLBACK; UPDATE users SET admin = true WHERE username = 'ultranova'; 'If the virtual machine which handles the username field of Slashdot login form naively passed this string to the database layer without specifically quoting it, this text string would make my account an admin account; well, actually, since I haven’t studied Slashdcode, it propably wouldn’t, but the point still stands: even text is not an inherently safe data format in all circumstances.
How about the standard input device? When I type at the console keyboard, is that a program feeding into a “virtual machine” created by the console driver?
The virtual machine in this case would be whatever program receives the input. And yes, the text you type is indeed a program being executed by that machine; each time it receives a keypress from you, that keypress instructs it to do something, right ? Even if that something is merely to output the letter (altought a text editor would also store the input internally, of course). And that is what a program is: a list of instructions.
If not, why is a disk device different from another device?
It isn’t.
I’m with you on this. I know there may be a True Computer Science definition that makes the GP true, but I don’t tend to think of data as a program. Some binary data could be considered code to execute, but surely not text files that are parsed?
Okay, sure, there are scripts, but they have special parsers that turn the text into Real Code that CAN execute. I don’t think notepad can turn a text document into Real Code.
The OP has suggested a view that I have often thought about myself, although I have rarely found anyone who quickly grasps the concept.
Think of notepad since you have mentioned it. When notepad opens a file it looks at the contents and does certain things depending on the content of the file. If the first character is hex 61 then notepad will display an “a” in the first character location on the screen. OK, so that is because hex 61 is ascii “a” but that is an arbitrary choice that has been standardised. You can if you like look at notepad as if it is an interpreter for a rather strange and limited language where 0×61 is one of the commands. In some ways it is rather like those old interpreted basics since it is responding both to the file you have opened and to the keys you press on the keyboard. There have been attempts to make languages where instead of typing in commands you select icons with a GUI and join them up in a flowchart like sequence. The ones I saw were interpreted but there is nothing to stop them being a compiled language and thus eventually resulting in real code in a binary file. It is only a small step from there to looking at say photoshop as being a sort of real time mode interpreted language. (Real time in the sense that the commands execute straight away, like the mode in the old basics.)
In some ways this insight is interesting, although not necessarily very useful. But it should serve to remind us that much of our thinking about computers is based on elaborate analogies which the computer itself has no knowledge of. So the distinction between data and code is purely arbitrary. This tends to be more obvious when you play around with assembly, where the machine will happily let you attempt to execute data. For example you can set up a jump into a block of what is meant to be data and the machine will not object in the slightest. The results will of course be unlikely to have any meaning in terms of the analogies we have set up for ourselves, but the machine neither know nor cares since it has no means of doing so.
So Notepad will in fact execute certain real code in response to both the contents of the data file and the keyboard actions of the user. That is fine and good and need not be of any concern to the user, unless what it does is not what we expected in terms of the intended behaviour. An example of this sort of thing would be a buffer overflow allowing an external person to push what should (in terms of our analogies) be data into a place where it will get executed as if it was code.
This is the case for Von Neumann machines [wikipedia.org] because they have a single memory area for programs and data. An attacker only has to move the current program control flow to some compromised place in the data (say some lines of machine code hidden in a corrupt bitmap) and the processor will happily compute those instructions. In other architectures, namely Harvard architecture [wikipedia.org], there are physically seperate memory locations for programs and data and the processor WILL not carry out instructions “hidden” in data. A shift towards seperate memory architectures is required to secure computers. Unfortunately a paradigm shift at this level is all but impossible in general purpose computing.
No, but whatever program is running on the processor and interpreting the data will. SQL database, Python interpreter, Mozilla… all of these are based on treating text (data) as a list of instructions (program). It is obvious in the case of Python, since that is openly a programming language, but HTML itself can be considered a series of instructions for building the DOM tree, which then gets rendered, as dictated by default rules and those given by optional CSS; and of course there is always Javascript.
It is impossible for a general purpose computing to be immune for this class of attacks. Not just “all but impossible”, but flat out impossible due to a logical flaw: the very ability to simulate different machines which treat data as a list of instructions – program – is what makes it a “general purpose” computer. If you can program it, you can program it to misbehave when it reads a suitably malformed PDF/PNG/HTML/SQL/whatever file. The only way around that would be for the computer to be intelligent and capable of common sense, so it could understand that the programmer propably didn’t mean for it to execute any random piece of SQL someone feeds into a Web forum login box; but then it would be vulnerable to social engineering.
I just stumbled upon this post by a waiter wherein he narrates his account of a conversation between two customers in his restaurant, which he happened to eavesdrop. A fantastic read, the conversation, followed by the waiter’s take on it, it kinds of provides an alternative way to handle your negativities. Click on the following link to read the story -
Finally i got my GPRS activated yesterday and its been a great experience so far! With apps like Opera browser, GMAIL mobile, Nimbuzz, surfing from your cell is a temptation which you can’t resist. And my SONY ERICSSON is well equipped to provide a pleasurable surfing experience. So here goes my first GPRS blog post, with many more to follow! Keep watching
December 6, 1992. Precisely the day that triggered a curfew across many places in India, including Kolkata. Right now myself sitting in 1 of the 6 curfewed police station areas in Central Kolkata, witnessed a glimpse of those horrific days once again. Approximately 2 hours have passed into the 8 hour curfew imposed to put a leash on the vandalism and the dirtiest form of people-manipulation being carried on under the aegis of RELIGION, MINORITIES (so called!), COMMUNALISM, COMMUNISM and what not.
Churchill had said – Democracy is the mechanism to ensure that people get governed by a government no better than what they deserve. But unfortunately in India, and more specifically, in West Bengal & Kolkata, the same holds true other way round too. With people so glad to be puppeteered by the power-mongering parasites camouflaging as politicians, added to the fact that illiteracy, poverty, blind faith and lack of respect for humanity take precedence over civic sense, humanity and self-respect, no force in the world can bring about an atmosphere of civilisation. If you widen your eyes and push back your chairs to ask me if ain’t what we live in, is civilisation, I’d say – NO. Not by the farthest stretch of imagination.
Had it been, I wouldn’t have been writing this in the first place. Now, cutting on the
prelude, let’s take a look at what happened. An Islamic organisation called All India Minority Forum (in India, the word minority = Muslims) , which is not even known by people (i.e. minorities) in Kolkata itself, let alone ALL INDIA (as its name suggests), decided to organise a CHAKKA JAM (Road Blockade) between 9 AM – 12 Noon in Central Kolkata, which is the nerve center of the city with many arterial roads leading to schools, offices etc.
This protest was against the Communist West Bengal State Government for allowing Taslima Nasreen to stay in Kolkata. Here there are few things worth mentioning, which are the crux of the matter.
1) It is a prerogative of the Central Union Government and NOT the West Bengal State Government to decide who is going to stay in the country and who not
2) It’s not been that Taslima came into Kolkata recently, in fact she has made Kolkata her home since long time back, so why the protests now?
3) By parading a rowdy group of people which consisted mostly of teenagers and people who don’t even know what the dynamics of the situation are, what could have been achieved in the matter, if anything at all?
Incidentally these areas of central Kolkata also house a vast density of minorities in various pockets. After a couple of hours of peaceful protests, no matter how much trouble they cause to general public at large, violence started erupting suddenly as mobs starting chanting slogans laced with religious sentiments and started to pelt stones at shops, vehicles, and whatever they could see. In fact, more than 15 vehicles, including 4 Media vans, were set ablaze, more than 200 vehicles smashed and damaged and many journalists beaten up. They tried their best to prevent the media from covering the deadly dance of chauvinism and the rampage only increased.
Without any valid cause, people were barred from moving around, kids stuck up at schools and colleges, shops looted and hooliganism portrayed throughout the day. After the police could not control the situation, para military forces were brought which fired tear gas bullets and lathicharged, but even that couldn’t sort the menace out. So the last resort had to be taken in the form of Army which staged a flag march to dampen the ill spirits of the demonstrators and reinstated peace to some extent.
Night curfew has been imposed in the 6 affected localities of Central Kolkata – Entally, Beniapukur, Karaya, Topsia, Park Sreet and Tiljala.
Under the guise of Nandigram, Rizwanur and Taslima, a handful of people today carried out the wishes of unscrupulous anti-social elements, whose intention to de-stabilize the state government seem to be getting larger and larger. Already the state of West Bengal is cursed with a government which in its reign of 30 years has done nothing but hammering nails in the coffin of the state’s fate and that of its people, complemented by an even worse opposition political culture where the only wise activity seems to be rallies, bandh, protests, agitations and every other anti-people activity which take us further down the barrel.
What is more appalling is that the majority of people of West Bengal, be it Hindus, Muslims, Communists or whatever, have imbibed this culture so deeply and religiously, that any attempt to awaken them is futile. The world is moving at the speed of light, so are West Bengal and its people, but in the opposite direction.
Leaving REAL ISSUES aside, like those of poverty, agriculture, industry, unemployment, terrorism, population etc. the masses deem it fit enough to cast their support in favour either the so-called people-oriented government, or the good-for-nothing except bocking roads and organising rallies, political oppositions, both of them having only one motive: continue making a fool out of the junta and taking the state as far away from civilisation as possible.
Where the Shahi Imam himself says after such horrendous acts as of today – “This was no violence, this was raising of our voices against anti-Islamic forces”, and where another leading religious leader proudly gives the government 2 days of time for corrective action, else warns of dire consequences, where the most inconsequential temporary immigration of a foreign author takes centre stage beating back the more serious concerns like health, wealth and hygiene of one’s own people, and where widespread violence and vandalism is followed by its justification as a means to CLEANSE the society – WE ARE LIVING IN SUCH A STATE.
SHAME.
Whoever wanted DEMOCRACY in this country…….
I have been longing for a custom picture gallery for quite some time, to showcase my pictures, but did not want to go for a ready made solution like Coppermine or Gallery. Sure these are great products with endless features, but would not give me that MADE BY MYSELF feeling So I decided to tinker with Prototype and Script.aculo.us , to see if any good carousel is available which I can use as an image slider. I had previously used YUI Carousel by Bill Scott of Yahoo! but did not want to use it because it was way too heavy and hence slow to load initially. So I decided to take a look into jCarousel by Sorgalla which is based on the excellent jQuery Javascript framework. Both jQuery and jCarousel are very lightweight, feature packed, customisable, and contain almost all, if not all, the features of prototype and scriptaculous.
So after a little toying with the carousel and learning a few cool effects of jQuery , I made up http://gallery.naveeng.com . Right now it is very very basic and it’s development is still under progress. I will be adding a lot more features to it, which include:
It may take a lot of time but one day all the above features (plus a lot more!) will be there for sure! The gallery has a lot of jQuery JS code, with the image details stored in XML format on the server. The server side scripting and image manipulation are done in Perl using the fantastic PerlMagick API of ImageMagick .
KOLKATA DURGA PUJA IMAGES – DAY 1
KOLKATA DURGA PUJA IMAGES – DAY 2
CLICK ON THE IMAGES TO SEE FULL SIZE
A SMALL BUT BEAUTIFUL PUJA ON C.I.T. ROAD
A traditional Santhal dance being performed in front of pandal
Decorative lanterns on trees
A 12 storey Vodafone banner at Ekdalia!
DESHAPRIYA PARK (Google Maps)
A replica of he famous TIRUPATHI Temple in Andhra Pradesh, India
The idol at Deshapriya Park
PARK CIRCUS
Replica of the famous Golden Temple, Amritsar, India
The Goddess at Park Circus
CLICK HERE TO SEE MORE IMAGES OF DURGA PUJA IN KOLKATA
As I had promised, I’m back with more pictures of the breathtaking Durga Puja scene in Kolkata right now. The fervour is electrifying and the craftsmanship simply scintillating. It seems as if the whole of Kolkata is out on the streets (it actually is!) during Pujas, and the sights throughout the night remain the same, forcing you to believe that the clock has stopped! Anyways, I’ll cut the crap and below are the snaps of Golpark, Ekdalia Evergreen in Gariahat, Singhi Park opposite the former
CLICK ON THE IMAGES TO SEE FULL SIZE
GOLPARK (Google Maps)
THE EKDALIA ENTRANCE -GARIAHAT (Google Maps)
Awesome illumination work
The huge pandal from a distance
Must have been thousands out there!
The traditional Durga idol at Ekdalia
Chandelier!!
RELATIVELY SMALL PUJA OF PHALGUNI SANGHA, BESIDE EKDALIA
SINGHI PARK, BANG OPPOSITE EKDALIA
Its Halloween time!!
Is it Durga Puja or Vodafone Puja!!
The magnificent Singhi Park deity
Intricate artistry inside the pandal
HINDUSTAN CLUB PUJA, BEHIND SINGHI PARK
CLICK HERE TO SEE LATEST PICTURES OF DURGA PUJA IN KOLKATA
It was Mahasasthi, 1st day of the famous Durga Puja and I ventured out in the evening for some pandal hopping. Didn’t cover much, but saw 3 famous Pujas of South Kolkata. Below are some of the pictures I took with my cellphone. Will be posting more and soon, better quality pictures taken from digicam.
CLICK ON THE IMAGES TO SEE FULL SIZE
PANDAL IN ANANDA PALIT (in my locality – Google Maps)
IDOL AND PANDAL NEAR LAKE TEMPLE ROAD, SOUTHERN AVENUE (Google Maps)
SHIV MANDIR PUJA COMMITTE – LAKE TEMPLE ROAD (Google Maps)
Brilliant Lighting arrangements!
The Puja theme is awesome – intricate artistry
It is Rotating!
The Main Pandal
On the walls
The Idol
LAKE YOUTH CORNER – BESIDE SHIV MANDIR
The pandal has been designed like a Banyan Tree!
And its all earth! Clay cups used for construction!
The Best Idol I saw yet
MUDIALI (Google Maps)
A PUJA IN A LAKE GARDENS PARK
LAKE SOUTH CLUB – LAKE GARDENS
THE FAMOUS JODHPUR PARK PUJA (Google Maps)
MY LOCALITY PUJA C.I.T ROAD (Google Maps)
A while ago Deepz asked me whether we can sort a hash and print the top most key or value or both in a single line, in PERL. After a little permutation & combination, I wrote the following piece. I’m sure there must be a more elegant and efficient way of doing it, but this will also serve the purpose on most occasions and with a little tweaking can be applied to almost all hashes.
print grep {s/\d//g} grep {/1/} map { $i+=1 , $_.=$i , “\n”} sort {$hash{$a} <=> $hash{$b}} keys %hash;
Flickr Uploads
Wordpress Themes sponsored by BlogPerfume
Naveen's Journal is powered by WordPress and FREEmium Theme.
developed by Dariusz Siedlecki and brought to you by FreebiesDock.com