From f8f87726b347104efb5d8eef73a2a4e6878bca3f Mon Sep 17 00:00:00 2001 From: Hristo Stoyanov Date: Thu, 11 May 2017 14:55:28 -0700 Subject: [PATCH] Update --- posts/2017-05-09-pwr2.html | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/posts/2017-05-09-pwr2.html b/posts/2017-05-09-pwr2.html index e00e528..d948047 100644 --- a/posts/2017-05-09-pwr2.html +++ b/posts/2017-05-09-pwr2.html @@ -57,28 +57,26 @@

A trip down Digital lane

This small piece of code can be translated to English as: if the button pressed was the ‘space’ key, then go run the instructions for jumping.

Code is data, data is code

These new instructions are provided in a language that the computer understands – that is someone, or more likely, many people, provided the computer instructions on how to convert the above text of JavaScript code into a series of steps that achieve the desired result of the little green character being able to jump when you press space.

-

This process of translation from one computer language into something that the computer can actually execute is called compilation. The basic, fundamental set of instructions that a computer understands is called assembly. It looks a little bit scary, but here’s a piece of code that has a very similar meaning to the one we looked at before:

+

This process of translation from one computer language into something that the computer can actually execute is called compilation. The basic, fundamental set of instructions that a computer understands is called assembly.The language of Assembly is a way to write directly in the language that the physical computer will understand and be able to execute. Code written that way can be very, very fast, and yet be incredibly unsafe. Assembly provides almost no protection by itself. An interested reader can take a look at an article ‘Introduction to x64 Assembly’.
+
+ It looks a little bit scary, but here’s a piece of code that has a very similar meaning to the one we looked at before:

cmp $32, %eax  ; compare eax to 32
 jne end        ; go to end if not equal
 call jump      ; call jump
 end:           ; The End :)
-

This basically does the same thing – if the number we care about is 32 (the button we pressed is space), go run the instructions for jumping.

-

A program that converts the first type of code, one that is easier for humans to read and write, into the second type of code, one that is easier for computers to execute, is called a compiler. This process takes as input instructions and produces as output other instructions.

+

This code does the same thing – if the number we care about is 32 (the button we pressed is space), go run the instructions for jumping.

+

A program that converts the first type of code, one that is easier for humans to read and write, into the second type of code, one that is easier for computers to execute, is called a compiler. This process takes as input instructions and produces as output other instructions. And your web browser, what you are currently using to read this page, goes through this process for every page, every time you open email, or post a picture to your favorite social media.

Exploiting the confusion

-

A simple compiler, with two instructions:

- -

Trusting trust, Thompson’s “cutest program” he ever wrote. Self-recognition, self-replication and how to put a virus inside a compiler that propagates itself. Maybe too much?Thompson, Ken. REFLECTIONS ON TRUSTING TRUST. ACM, 1984.
+

So let us consider this piece of personal information, a simple photo – a variety of those exist on your phone or laptop, yet your browser must provide you two different, and contradictory, functionalities. The first is the ability to publish the photos when you want that, which requires the browser to have access to all photos; the second is protection from malicious websites. The browser downloads and executes instructions from every website, but must maintain different levels of access that each downloaded program receives. This is achieved through isolation. Each program runs in a sandbox – a restricted environment that precludes that program from communicating with other programs.Wahbe, Robert, et al. EFFICIENT SOFTWARE-BASED FAULT ISOLATION

+

A sandbox needs a mechanism for information to get out, Academic research,

Broadcasting live

Talk about information that leaks from doing certain things like visiting a website, or posting something on a website. How can you be anonymous? What does it mean to be anonymous?

Don’t let it go

Preserving your anonymity. How and why? Who cares? Keeps your data secure, but allows you to get cool services anyway.

Anonymity sets

-

Riposte, the idea of a mixer and anonymity sets. Quotes from Henry Corrigan-Gibbs, interview on May 15.Corrigan-Gibbs, Henry, et al. RIPOSTE: AN ANONYMOUS MESSAGING SYSTEM HANDLING MILLIONS OF USERS.
+

Riposte, the idea of a mixer and anonymity sets. Quotes from Henry Corrigan-Gibbs, interview on May 15.Corrigan-Gibbs, Henry, et al. RIPOSTE: AN ANONYMOUS MESSAGING SYSTEM HANDLING MILLIONS OF USERS.

Stimuli and responses – algebraic formalization of system interactions

@@ -87,7 +85,8 @@

St

Interview with Jaskolka on May 9th.

Works Cited

Corrigan-Gibbs, Henry, et al. RIPOSTE: AN ANONYMOUS MESSAGING SYSTEM HANDLING MILLIONS OF USERS. https://arxiv.org/abs/1503.06115v5

-

Thompson, Ken. REFLECTIONS ON TRUSTING TRUST. ACM, 1984. https://dl.acm.org/citation.cfm?id=358210

+

Lomont, Chris. INTRODUCTION TO X64 ASSEMBLY. Intel, 2016. https://software.intel.com/en-us/articles/introduction-to-x64-assembly

+

Wahbe, Robert, et al. EFFICIENT SOFTWARE-BASED FAULT ISOLATION http://cs2.unomaha.edu/~stanw/papers/93-sfi.pdf