今年的CES展会上,三星秀了一块窗玻璃。从室内看是个显示屏,从室外看是个镜子。可以利用室外自然光当背光,以及利用太阳能供电。有电子百叶窗进行透光率的控制。
俺想如果里面再嵌一堆微型电机能换气就真碉堡了。
Links:
Keep it simple, stupid
在Toy上看到的这个漏洞估计是我见过的最搞的一个了。先用
X -version
看一下X的版本号,如果是1.11,启动X的锁屏程序(screensaver/slock之类),然后按Ctrl+Alt+*(是小键盘的*不是8上面的)。然后锁屏就失效了……用Ctrl+Alt+/也有同样效果。
这个帖子是讲得比较好的:http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/,看完了来龙去脉估计也清楚了。
解决方法有二:
-
用xmodmap改键位映射,把XF86ClearGrab和XF86Ungrab都改成NoSymbol。相关帖子为:
http://forums.fedoraforum.org/showthread.php?t=275363
但是~/.Xmodmap好像不会被自动读取,还得在~/.xinitrc里加上相关命令:
xmodmap ~/.Xmodmap -
注释代码使上述功能失效。相关帖子为:
Toy上的帖子还是热乎的,不知道还会出现啥样奇葩的评论……
老早以前看到Octopress这个东西一直没时间折腾,刚巧刚才开了自己的GitHub Pages,顺便鼓捣了一下Jekyll(Octopress的核心部分)。
Jekyll是一个Ruby写的静态化站点生成器,特点是blog-aware,就是说适合拿来写博客。Jekyll支持多种markup languages,包括Markdown和Textile。就是说你用Markdown写文章,然后设计HTML模板(包括CSS、图片等等),最后运行Jekyll,自动帮你生成静态页面。生成的静态页面可以直接用常见的web服务器来serve(比如Apache和nginx等等)。
这东西有一个好处在于你可以用比较简单的语言Markdown来写作,而不是HTML,也不用关心HTML是怎么生成的,符合结构和渲染分离的原则(但是结构和渲染这东西总是相对的……)。而且还有一个好处是Jekyll和Git的关系非常紧密,你可以在Git repository里写作,正常commit/checkout,甚至可以上传到GitHub。GitHub Pages提供了对Jekyll的支持,上传之后会自动生成静态页面。关于GitHub Pages可以参考http://pages.github.com/
Jekyll的主页是https://github.com/mojombo/jekyll,大体上看完README就知道咋回事了。稍微比较重要的也就是这个目录结构https://github.com/mojombo/jekyll/wiki/usage。具体说就是:
- 在_config.yml里做总体设置;
- 在_layouts里设计模板,里面的{{ content }}部分将会被使用该模板的文本填充;
- 在_posts里用Markdown写文章,注意文件名的命名格式;
- 如果愿意,可以在_includes里设计模板的一部分,在其他文件中引用;
- 剩下的根目录里的其他文件,如果有YAML Front Matter这个东西,也会被Jekyll处理,否则就直接复制到目的地;
- 最后生成的结果在_site目录下。
其实说白了就是这么简单,你写个Markdown,Jekyll帮你搞成HTML。
貌似全程都没有数据库的参与,所以我还是觉得很神奇,如果有复杂的查询要求怎么办呢?看上去所有东西都要用Ruby程序搞定。当初写Blade的时候也在想是用纯文本还是数据库,后来为了查询简单就用了MySQL。如果纯文本在这方面也能做的很好的话那还真可以考虑抛弃数据库。不过我看_site下面生成的都是HTML,没有任何动态页面迹象或者索引之类的(好吧人家就是为了静态页面嘛……),那么在一堆完整的静态页面中做查询我觉得还是挺有挑战性的,相当于结构化的信息都被抹去了现在要反过来做,有点别扭。不过我看Octopress也有Search box呢,过会儿看看它是怎么做的吧。
Update. 朕惊了!跳到Google去了!
有时间的话还是想把Blade再升个级。其实现在这个版本也就算是个prototype,拖了很久没有重构了。写文章的方式还很蠢,很多HTML tags要手动加,没有辅助工具的用户估计很不爽。未来的计划大致包括:
- 支持Markdown;
- 尝试以静态化+索引的方式替代动态页面;
- 和Git整合。
- 用DISQUS管理评论。
具体说就是以Markdown作为书写语言,用Git进行版本控制(其实主要是为了方便查看过去特定时刻的状态,否则Git也不是太必要),支持静态化渲染和索引建立,方便进行关键字和日期等基本查找。评论的部分交给DISQUS估计能省去很多劳力(尤其是对一个静态化的站点来说)。最终的目标是,用户只需要写Markdown而不必管其他任何事情(当然如果他们愿意也可以自己写模板)。这工程不算太大但其实也不小,不过想想能把PHP+MySQL这一坨毛都移掉,用一种轻量化的方式来写blog,还是非常值得做的。万能的上帝请给俺发工资让俺搞定这件事儿吧!
There are always people doing the right thing in the face of wrong decisions...And that's the difference.
In mid-2009, I had a wonderful idea of integrating people's evaluations into search engines. That was based on my own search habits. Most of my search queries are about science and technology. The quality of these kinds of materials tends to be stable, which means a good article will always be good regardless of the time of search. That's how we define classic articles. Queries about science and technology are usually topic-centric. When we want to know about a topic, the best answer is often the classic articles.
But to figure out classic articles requires expert knowledge. An expert's evaluation about his/her speciality is much more helpful than a layman's. Thus your search experience will be greatly improved with the help of experts' opinion. However, the problem is that you have no way to see their evaluations. You may not know them personally. Even if you happen to read their evaluations somewhere on the Internet, it's very likely that these opinions are in the form of non-structural articles, which means they're hard to be integrated into search engines and it's still difficult to automate the utilization of these evaluations.
So it will be of great help if experts leave their opinions in a structural way. How can this be done? It's simple. They just need to mark a webpage as good or bad in the process of reading. Now you see why Google+ emerges? I've never believed Google+ is simply meant to be a social network from the day of its birth. I strongly believe the main reason of the emergence of Google+ is to improve the quality of Google Web Search.
In my original design, a social network benefits a search engine in a free manner. What do I mean by free? Consider what will happen if some expert doesn't what to share his/her opinion. Does that matter? Usually not, because there will be other experts in the same field who are willing to share and you just need to follow them instead. Another problem is that the opinion of an expert in area A may not be very helpful to a query in area B (they even act as noise). But you can put experts in different groups and set which group to take effect, possibly in different weights, for different queries.
The main advantage of this design is, you have the choice of who affects you. People who post helpful opinions will be followed by more users and become welcome and gain fame. People who post useless opinions, and thus play the role of unwelcome noise, will be discarded by users and only cause limited harm. Therefore the speakers have motivation to make good evaluations. This is the power of natural selection.
At the same time of listeners selecting speakers, speakers also select listeners. Listeners who do bad intentionally by following unwelcome speakers to increase their popularity will be punished, because they'd have much noise in their personal search. This discourages them from doing so.
Therefore, both speakers and listeners have good motivation guiding their behaviors. Thanks to this loose-coupling design, the whole ecosystem will evolve rather than degenerate.
And what's even more important, the improvement of search quality will attract people to join the social network! This is the power of a service-wide win-win strategy. If there is mutual promotion between two services, users of one service will be encouraged to use the other, and vice versa.
Maybe that's why Google introduces Search, plus Your World. Basically it adds three kinds of information in the search results: personal results, profiles in search, and people and pages.
However, this design doesn't follow my original idea faithfully. For example, you cannot filter evaluations from followees by the groups they are in. And there is too much noise in the personal search results. When I want to find the explanation of a scientific term, the personal results usually contain my followees' own experience with it rather than well-accepted high-quality resources related to it. So I think it pays more attentation to personalization rather than personal recommendation. It's more like a brochure of my followees' posts rather than a high-end recommendation system. Of course there are notices like 'XXX shared this' below some search results, but you know their existence only when you see them passively.
My prediction for the way we search is that it will advance through three stages:
-
Stage 1. A few people will mark webpages as good or not. But their opinions cover only a small part of everyday search, which has limited benefits.
In this stage, the usual (non-personalized) search will play the main role.
-
Stage 2. A majority of people begin to realize the benefits of personalized search. Due to the advantages of the above design, natural selection will begin to take affect for both speakers and listeners. In the end, mature and stable speaker communities will be formed in various fields.
In this stage, both non-personalized and personalized search will play the main role.
-
Stage 3. Marked webpages will be more and more important. Almost all search results will fall into two categories: marked and real-time. Real-time results will gradually become marked. But it may be a big challenge to maintain the relationship between speakers and listeners.
In this stage, personalized search will play the main role, except for real-time results.
Let's see whether this will happen in the next few years.
本来已经ssh进去了,结果手贱改了网络配置,出来之后就再也进不去了。能ping,能连无线,但nmap扫描没有一个端口是开放的。
幸而很快搞到一条串口线,弄来multimeter确定了4个PIN都是什么。结果如下图:
登陆进去之后发现是iptables在捣鬼。OpenWrt里面预设的配置是按照接口来的,只改了接口没有改相应的chain,当然会出事了。没有刷成砖,却直接改成砖了,真是蛋疼。
然后就刷个新rom上去好了。MR11U可以直接用WR703N的rom,只是需要改一下固件头。方法是:
- 下载想要刷进去的WR703N的rom;
- 用hexedit打开,找到[0x40, 0x43]这个区间,改成(00, 11, 01, 01)。再找到[0x44, 0x47],改成(00, 00, 00, 01)。猜测前一个是产品型号,后一个是版本号。保存;
- 下载fixsum。这个工具是lark最初为WR941N写的,所以需要做些修改。把常量FW_FILENAME改成"mr11u.bin",check_version部分的常量改成0x00110101,check_sig部分的常量改成0x1。然后在Makefile里关闭交叉编译。如果懒得改,可以用我改好的这个(只适用于MR11U)。
- 编译,生成可执行程序fixsum。将刚才保存的固件重命名为mr11u.bin,放在和fixsum相同的目录下。运行fixsum。
fixsum会直接修改固件,所以没有生成新文件。这时候这个mr11u.bin就可以直接在官方rom里网刷了。
如果不需要网刷,估计直接把WR703N的固件扔进去也没问题,但我没试过。至于fixsum的原理么,lark的代码里面已经写的很清楚了,就是先用key填固件的[0x4c, 0x5c)这个区域,然后算个MD5再填回去。
想直接刷的可以下载我修改好的rom。没有LuCI,但是有1.3M的剩余空间,自己爱装什么装什么吧。
编译了个能在emulator里跑的ICS,写个总结。
总的过程就是按照官方的教程来的,从这个开始:http://source.android.com/source/initializing.html
先安装软件:
yaourt -S repo-git jdk6 ccache perl-switch downgrade downgrade make
然后找一个3.81版本的make装上,因为据说3.82版的有bug。嗯,如果downgrade没有帮你找到,那你就自己找吧,找个旧mirror或者自己编译什么的。或者你也可以用3.82版试试,因为官方报告的bug是Mac版本的make。如果Linux上的3.82版make没有问题请留个评论。
以上列出的软件包只是需要的一部分,视机器的情况请对照官方软件列表。
其中ccache不是必须的,但如果需要多次编译它可以帮助节省大量时间。如果只编译一次,可以不装。如果安装了ccache,在.bashrc中做如下设置:
export USE_CCACHE=1 export CCACHE_DIR=<path-to-your-cache-directory> ccache -M 50G
还要做一件事情,把/usr/lib/python指向python2而不是默认的python3。虽然repo-git帮你把repo脚本里的python改成了python2,但编译到中间还是会错。用ln改就行了,我不写了。
JDK方面的问题,有Sun/Oracle JDK6和OpenJDK6两种选择(分别对应jdk6和openjdk6软件包)。编译时会对Java版本做检查,只有Sun/Oracle版本的可以通过。我是用Sun/Oracle版本进行编译的。如果非要用OpenJDK版本,需要修改build/core/main.mk以跳过Java版本检查。具体可以看这个帖子:
http://groups.google.com/group/android-building/browse_thread/thread/db94ca65bfc651a9
嗯,可是我们还没有源代码呢。先按照官方教程把源代码搞下来吧。具体步骤是:
- 下载repo文件(这步省了,用repo-git里的就行)
- 建立工作目录
- repo init -u https://android.googlesource.com/platform/manifest
- repo sync
然后就等吧。全部代码大概是6.2G,自行估算时间出去吃饭即可。哦如果不幸repo sync的时候卡死了或者没反应了kill掉重来即可,或者也可以手动删除有问题的git repository然后重来(repo不就是一堆git么……)。
比较好的情况是吃完回来发现下载完了。这时还有一处源代码要修改,在development/tools/emulator/opengl/host/renderer/Android.mk文件中需要在LOCAL_CFLAGS += -O0 -g下面加上一行LOCAL_LDLIBS += -lX11,否则编译时出错。具体参见这个帖子:
http://groups.google.com/group/android-building/browse_thread/thread/833b0386f996f7de
然后终于可以开始build了:
. build/envsetup.sh lunch full-eng make -j2
刚开始编译时会有这个错误:
/bin/bash: line 0: cd: cts/tools/cts-native-xml-generator/src/res: No such file or directory
但这个无害,见:
http://groups.google.com/group/android-building/browse_thread/thread/35d7bcfa6a47b1b3
一般双核的机器-j2或者-j4就行。方才下载源代码是I/O-bound,你出去吃饭了,这次是CPU-bound,你可以去洗个澡。如果是用笔记本编译的话可以在盖子和键盘中间夹两袋牛奶,洗完澡就可以回来喝热乎的了。
编译期间系统负载很大,双核CPU几乎完全100%占用(所以才能热牛奶)。不过CPU好说,renice一下就不影响其他进程工作了。而内存消耗就比较囧,到最后2G内存全部占满,而且swap也用了500多M,机器卡的不像样子。好在还是能搞定的。不过要编译ICS,最好还是有4G左右的内存吧。
编译之后生成的目标文件和应用程序大概是12G,ccache占用了3.5G。所以编译前至少要留30G的硬盘空间吧(别忘了源代码还有6.2G)。
最后运行emulator:
#!/bin/bash export ANDROID_PRODUCT_OUT=~/android/out/target/product/generic export PATH=~/android/out/host/linux-x86/bin:$PATH emulator
上图两张:
看这个原理图就很好理解了。扭曲液晶上下都是偏光板,但透射方向互相垂直。不加电时背光穿过后方偏光板成为偏振光,再穿过扭曲液晶偏振方向转90度,恰好可以通过前方偏光板。液晶加电时顺着电场方向平行排列,不改变后方偏振光的偏振方向,于是被前方偏光板挡住了。
背光始终都是亮的。液晶不加电时是透射,也就是白色。显示黑色需要给液晶加电,反而费电。当然和背光的电量比起来还是很小的,所以液晶显示什么颜色耗电都差不多,除非调节背光亮度。
哦,回到正题上来。这家伙就是把前方偏光板撕下来贴眼镜上了。
Links:
From The Random Oracle Model and the Ideal Cipher Model are Equivalent:
Modern cryptography is about defining security notions and then constructing schemes that provably achieve these notions.
最近才意识到第一个任务也是很重要的,indistinguishability/semantic security/CPA/CCA/KDM什么的才不是生来就那个样子呢。