Programming Truth and Fiction Revisited
Well-esteemed Philipp Lenssen gives in Programming Truth and Fiction a set of false programming stereotypes and misconceptions, and then sets out to correct them. However, he is not correct in all cases. I take issue with the following in particular:
A complicated class structure only shows the programmer did a quality job. Inheritance is a necessary complexity, and simply can’t be overused.
Besides that quality code can be written without the aid of OOP, see Wordpress as an example of so-called “bad” code, or many web scripting solutions, I believe inheritence can actually be terribly overused. For example, if you model every possible permutation of a thing into a class structure as the “sum of its parts:”
Yes, you can define a car as the sum of a Red Toyota 8 Cylinder Engine. And you can say, hmm, all sorts of engines are an engine, and recursively apply this principle to all the parts of the car, leading to what? A huge mess. OOP can be taken to a frightful and useless extreme.
There’s a huge difference between scripting languages and programming languages.
First, ignoring that a scripting language is intended for a completely different purpose than a programing language, I have to point out that as long as both languages are Turing complete, they are reducible to one another, and therefore there’s technically no difference between them.
Programming is for nerds! If you want to teach it, wait until 9th grade and use Java. Seriously.
No. Start at 2 and put an SML interpreter on the locks of their bedroom doors and leave them datastructure puzzles.
PANIC MODE JAVA
I’ve decided that Sun Micrososystems has screwed up with Java. See, they have a great API, but every now and then you find some kind of inconsistency that really makes you wonder “WHY.” For example, things in real life which can be compared to each other generally ought to implement the Comparable interface in Java so that you can compare them as objects. However, java . net . URL doesn’t implement Comparable, and therefore I am forced to conclude that a Uniform Resource Locator is fundamentally un-comparable. Except that it’s not. Every search engine has figured out how to handle URLs, but for some reason Java hasn’t.
Let me give you a hint–it’s not too hard. Just compare the protocol, the domain, and the paths. Then compare the query string. Of course there can be aliasing of all kinds on the server side, but couldn’t you lazy programmers at least have tried something?
Covert Channels in Java: File Locking
A covert channel is a way of secretly transferring information between two policies that are forbidden from communicating. It can be done easily through page faulting, cpu utilization, or file locking. The sender process produces these events which a receiver then tries to poll. Of course, the two are unsynchronized by default so the receiver will be unable to receive with 100% accuracy–it may miss some events, or record too many. And, since the receiver cannot send a message back to the sender without a complex interlock system, it’s hard to build in reliability.
That said, here is some Java 5 code that demonstrates covert channels via file locking:
import java.io.*;
import java.util.*;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.nio.channels.OverlappingFileLockException;
public class Receiver {
public static void main(String [] args){
if(args.length < 2) {
System.err.println( "Please invoke with java Receiver <file> <millis>" );
return;
}
String file = args[0];
Integer millis = Integer.parseInt(args[1]);
LinkedList <Integer> l = new LinkedList<Integer>();
int conone = 0;
while(true){
int temp = read(file);
if(conone < 8){
if(temp == 1){
conone++;
} else {
conone = 0;
}
} else {
l.add(temp);
if(l.size() == 8){
String c = "";
while(l.size() > 0){
c += l.getFirst();
l.removeFirst();
}
System.out.print((char) Integer.parseInt(c, 2));
conone = 0;
}
}
sleep(millis);
}
}
public static void sleep(Integer millis){
try { Thread.sleep(millis); } catch(Exception e){
e.printStackTrace(); }
}
public static int read(String f){
try{
// open a channel
FileChannel channel =
new RandomAccessFile(new File(f), "rw").getChannel();
FileLock lock = channel.tryLock();
if(lock == null)
return 1;
// give up lock
if(lock != null)
lock.release();
channel.close();
} catch(Exception e){
e.printStackTrace();
}
// no lock
return 0;
}
}
And here is the Sender class:
import java.io.*;
import java.nio.*;
import java.nio.channels.*;
import java.util.*;
public class Sender {
public static void main(String [] args){
if(args.length < 3) {
System.err.println("Please invoke with java Sender <file> <content file name> <millis>");
return;
}
String file = args[0];
// load some data
String line="";
String total="";
try {
BufferedReader b = new BufferedReader(new FileReader(args[1]));
while((line=b.readLine()) != null)
total += line + "\n";
} catch(Exception e){
e.printStackTrace();
}
char [] content = total.toCharArray();
Integer millis = Integer.parseInt(args[2]);
// content
for(char temp : content){
// preamble
for(int i = 0; i < 8; i++)
lock(file, millis);
String bits = Integer.toBinaryString((int) temp);
while( bits.length() < 8 )
bits = "0" + bits;
for(char bit : bits.toCharArray()){
if(bit == '1')
lock(file, millis);
else
sleep(millis);
System.out.print(bit);
}
}
}
public static void sleep(Integer millis){
try { Thread.sleep(millis); } catch(Exception e){
e.printStackTrace(); }
}
public static void lock(String file, int millis){
try{
// open a channel
FileChannel channel = new RandomAccessFile(new File(file), "rw").getChannel();
// get a lock
FileLock lock = null;
while(lock == null)
lock = channel.lock();
// Sleep
sleep(millis);
// give up lock
lock.release();
channel.close();
} catch(Exception e){
e.printStackTrace();
}
}
}
When you execute the programs, they produce the following kind of output:
%java Receiver temp.txt 50
Quantitative Information Flow
Lecturer: Michael Clarkson%java Sender temp.txt data.txt 50
0101000101110101011000010110111001110100
0110100101110100011000010111010001101001
0111011001100101001000000100100101101110
0110011001101111011100100110110101100001
0111010001101001011011110110111000100000
0100011001101100011011110111011100001010
0100110001100101011000110111010001110101
0111001001100101011100100011101000100000
0100110101101001011000110110100001100001
0110010101101100001000000100001101101100
01100001011100100110101101110011011011110
110111000001010
The Sender and Receiver take one step to assure that they communicate properly: before each character is sent, a block of 8 1s is transmitted. The Receiver can use these to try and delineate the blocks. This isn't a robust approach, just a hack to try and prevent frameshift mutations!