## Thursday, July 21, 2011

### Notes on Charlie Munger on The Psychology of Human Misjudgment

This talk comes from Charlie Munger on The Psychology of Human Misjudgment. This speech was given at Harvard University, around June, 1995.

Also see his book Poor Charlie's Almanac, and the talk given at USC Business School in 1994.

## Tuesday, July 19, 2011

### Measuring Elapsed Time With Counters That Wrap

Timer Wrap: "The key to avoiding wrap problems is to perform the unsigned, don’t-care-about-overflow subtraction first, then do any additional operations needed. By using subtraction like this as the first operation, any wrap-around of the timer register that may have occurred just drops out. No special effort is needed to get rid of it!"
Ahh, learned this lesson the hard way. Instead of doing Now >= (A + 100), always do (Now - A) >= 100.

### How to choose a smartcard

Some things to consider when choosing a smartcard are:

Does CPU ever run on external clock?
What is the penalty for an active-shield breach?
What is the fabrication process geometry?
How many metal layers is the device?
List of labs who might have evaluated this device and their capabilities.

via Flylogic's Analytical Blog

### OTR and deniability

Put another way, the goal in a trial is not a mathematical proof, it's proof to a certain standard of evidence, based on many different pieces of data. Life isn't a cryptographic protocol.

--Steve Bellovin

Quote in reference to conversation about what security guarantees OTR actually provides. In summary, "OTR aims to provide the same deniability as plaintext, while also providing the same authentication as, say, PGP."

## Wednesday, July 13, 2011

### Dumping SSL connection information using OpenSSL

Interesting command for dumping SSL information.

openssl s_client -host www.google.com -port 443

## Tuesday, July 12, 2011

### Of roots and complex numbers

Sqrt[ab] equals Sqrt[a]Sqrt[b] only for positive real numbers. It does not hold true when a or b are complex numbers. See this accessible blog post, and this Wikipedia link.

## Friday, July 8, 2011

### A lovely pattern

    1 x 8 + 1 = 9
12 x 8 + 1 = 98
123 x 8 + 1 = 987
1234 x 8 + 1 = 9876
12345 x 8 + 1 = 98765

The proof is via this reddit comment.

Theorem:

[12...n] x (b-2) + n = [(b-1)(b-2)...(b-n)]

Notation [12..n] means a number written out as such.

  [12...n] x (b-2) + n
= [12...n] x b - [12...(n-1)n] - [12...n] + n   (1)
= [12...n0] - [12...(n-1)0] - [12...n]          (2)
= [11...10] - [12...n]                          (3)
= [(b-1)(b-2)...(b-n)]                          (4)
1. a × (b-2) is the same as a × b - a - a.
2. Multiplying a digit in base b by b shifts it left by 1, so [12…n] × b is [12…n0]. Also note that subtracting n from [12…n] will give you [12…0]. The n-1 was added to clarify.
3. As a concrete example: 1230-120 = 1110
4. As a concrete example: 1110-123 = 987

## A beautiful proof about Mersenne primes

Theorem: 2n - 1 cannot be prime if n is composite.

Lemma: cn - 1 can be written as (c - 1)(cn-1 + … + c1 + 1).

The proof for the lemma is simple. You end up subtracting

   c^n + c^{n-1} + ... + c
-        c^{n-1} + ... + c + 1
------------------------------------
c^n - 1

So if n can be written as ab where both a > 1 and b > 1, then

   2^{ab} - 1
= (2^a)^b - 1
= (2^a - 1)((2^a)^{b-1} + (2^a)^{b-2} + ... + 1)

So we have (2a - 1) as a divisor.

A stronger theorem is: Suppose c > 1 and n > 1, and cn - 1 is a prime, then c = 2 and n is a prime.

See this handout for this and other proofs.

## Wednesday, July 6, 2011

### Fast2Sum.v

Fast2Sum.v is a proof of the following procedure:
double Fast2Sum (double a, b) {double s = a + b;double r = b - (s - a);return r + s; }

See A floating-point technique for extending the available precision by T. J. Dekker.

So obvious, right?

### Unfounded (floating point) compiler optimizations

These are from Xavier Leroy's POPL 2011 talk.

Thou shalt not assume…although you can assume…
x == xx == y ⇔ x - y == 0
x <= y ⇔ ¬(x > y)x <= y ⇔ x < y ∨ x == y
x == y ⇒ 1/x == 1/yx == y ⇒ 1 + x == 1 + y
x / 10 == x * 0.1x / 8 == x * 0.125
x + (y + z) == (x + y) + zx + y = y + x
x * (y * z) == xx * y = y * x
rnd64(rnd80(op)) == rnd64(op)rnd32(rnd64(op)) == rnd32(op)

### How to pronounce names (Godel, Cauchy, Weierstrass etc.)

Today I learned how to pronounce von Neumann. The website forvo.com is quickly becoming a favorite.

Self-regulated learning - Wikipedia, the free encyclopedia

I was directed to research this more after reading the article Becoming a Self-Regulated Learner: An Overview by B. Zimmerman (2002)

## Friday, July 1, 2011

### TDL4 – Top Bot - Securelist

TDL4 – Top Bot - Securelist: "When developing the kad.dll module for maintaining communication with the Kad network, code with a GPL license was used — this means that the authors are in violation of a licensing agreement."
Really? The developers of a massive botnet have this as their top worry? Really?

## Thoughts on binary obfuscation

The purpose of binary obfuscation is to prevent an adversary from reconstructing the high level logic of your program (see the Wikipedia article on reverse engineering).

I'm not an expert in this area. I'm writing this entry so I can organize my thoughts and refer to it later.