Coding Horror Inside the precision hack There’s a scene toward the end of the book Contact by Carl Sagan, where the protagonist Ellie Arroway finds a Message embedded deep in the digits of PI. The Message is perhaps an artifact of an extremely advanced intelligence that apparently manipulated one of the fundamental constants of the universe as a testament to their power as they wove space and time. I’m reminded of this scene by the Time.com 100 Poll where millions have voted on who are the world’s most influential people in government, science, technology and the arts. Just as Ellie found a Message embedded in PI, we find a Message embedded in the results of this poll. Looking at the first letters of each of the top 21 leading names in the poll we find the message “marblecake, also the game”. The poll announces (perhaps subtly) to the world, that the most influential are not the Obamas, Britneys or the Rick Warrens of the world, the most influential are an extremely advanced intelligence: the hackers. The Beginning Like this:
How Not to Conduct an Online Poll Inside the Precision Hack is a great read. It's all about how the Time Magazine World's Most Influential People poll was gamed. But the actual hack itself is somewhat less impressive when you start digging into the details. Here's the voting UI for the Time poll in question. Casting a vote submits a HTTP GET in the form of: ? Where id is a number associated with the person being voted for, and rating is how influential you think that person is from 1 to 100. In early stages of the poll, Time.com didn't have any authentication or validation -- the door was wide open to any client that wanted to stuff the ballot box. The outcome of the 2009 Time 100 World's Most Influential People poll isn't that important in the big scheme of things, but it's difficult to understand why a high profile website would conduct an anonymous worldwide poll without even the most basic of safeguards in place. So-called secret poorly hidden on the client: check!
The Beauty of Internet: 4Chan Founder Sweeps Time's Most Influen The Internet has different rules. The folks at Time just learned about it in a very amusing way, as their third annual poll for the world's most influential person was topped by moot A.K.A. Christopher Poole, founder of the legendary memebreeding forum 4chan. Remember, it's not Barack Obama, not Oprah Winfrey, not Pope Benedict XVI, but moot. Epic win. One can easily argue that 4chan is one of the most influential sites on the Internet; in the world of odd memes, obscure anime images and bizarre photoshops - and these make a very large and important portion of the entity we refer to as "the Internet" - moot is king. However, the results of the vote have nothing to do with influence. It's surprising, thus, that Time pretends that everything is alright. "Moot denies knowing about any concerted plan by his followers to influence the poll, though TIME.com's technical team did detect and extinguish several attempts to hack the vote." Erm, extinguish?
Byte-order mark The byte order mark (BOM) is a Unicode character used to signal the endianness (byte order) of a text file or stream. It is encoded at U+FEFF byte order mark (BOM). BOM use is optional, and, if used, should appear at the start of the text stream. Beyond its specific use as a byte-order indicator, the BOM character may also indicate which of the several Unicode representations the text is encoded in. Because Unicode can be encoded as 16-bit or 32-bit integers, a computer receiving these encodings from arbitrary sources needs to know which byte order the integers are encoded in. Usage If the BOM character appears in the middle of a data stream, Unicode says it should be interpreted as a "zero-width non-breaking space" (inhibits line-breaking between word-glyphs). UTF-8 The UTF-8 representation of the BOM is the byte sequence 0xEF,0xBB,0xBF. Another motivation for not using a BOM is to encourage UTF-8 as the "default" encoding. UTF-16 UTF-32 See also
Pedram Rezaei's Ramblings : WCF error handling and some bes I put together the following brief description of WCF Error Handling and some possible best practices for a customer. You may also find it useful: There are 4 sets of errors that clients can expect: Invalid configuration: when bindings, behaviors or any other configs are in conflict with some other settings. Communication errors: These are the usual errors caused as the result of network communication issues such as incorrect or unreachable addresses and the unavailability of a network connection. You may receive a CommunicationException as a result this. Service faults: By default all service side exceptions are sent to the client as FaultException. Proxy or channel state errors: These types of errors are raised when the channel or the proxy is not in a correct state to allow for communications. Why Faults instead of Exceptions? As you are aware, WCF mainly deals with SOAP Faults instead of Exception. An exception of type 'FaultException' was caught... For per-call services: try You can