February 2022

The peculiar Benford distribution

Benford's law or the first digit rule states that in many data sets, the first digit of each value tends to be small. This is not at all obvious, but it has significant implications.

Categories: mathematics

How Unicode reading direction characters defeat source code inspection, and what it means for the open-source movement

There's been a recent scare that Unicode reading direction characters could be used to conceal malicious code in open-source projects. This is undoubtedly true, but that fact doesn't make it significantly harder to ensure the security of open-source code than it already is.

Categories: software development, security

cwordle -- A Wordle-like word-guessing game for CP/M

Building a CP/M implementation of the notorious Wordle game.

Categories: retrocomputing, C, Z80

Juice-jacking -- it's a problem, but not because it's a problem

Juice-jacking is the alleged practice of getting unauthorized access to the contents of a cellphone by subverting public USB charging points. It doesn't happen, and probably never has; so why has there been a recent increase in scare stories?

Categories: science and technology, security

that library?

What can the software industry learn from the Log4J security debacle?

Categories: software development, Java, security

UTF-8 and the problem of over-long characters

How an oddity in the way UTF-8 encoding works can cause all sorts of problems for unwary developers, including security weaknesses.

Categories: software development, security