rikfarrow - Slashdot User

Submission + - Codon Python compiler gets faster (usenix.org)

Submitted by rikfarrow on Monday March 10, 2025 @05:19PM

rikfarrow writes: In May 2023, I tried out Codon, an Open Source Python compiler. At the time, I had difficulty compiling the scripts I most commonly used, but was excited by the prospect. Python is essentially single threaded and checks the shape (type) of each variable as it interprets scripts. Codon fixes types and compiles Python into compact, executable binaries that execute much faster.

Several things have changed with their latest release: I have successful compiles, the committers have added a compiled version of NumPy (high performance math algorithms), and changed their open source license to Apache 2.

Submission + - User lasers to take over systems (usenix.org)

Submitted by rikfarrow on Thursday November 14, 2024 @03:59PM

rikfarrow writes: To hack a system, you need access. Air-gapped systems are isolated from external networks, leading to actions like leaving infected USB drives in the parking lot of the target. But Joe Loughry and Kasper Rasmussen came up with another method: using lasers to inject code.

They built two test rigs, one a simple computer and the other a system with an exposed diode on a serial communication line. They could inject code by shooting lasers into display LEDs on the computer, and insert text in a display. Loughry demonstrated the second hack during USENIX WOOT'24, and the article includes videos of both attacks.

Comment Re:Hard sell. (Score 1) 147

by rikfarrow on Monday August 12, 2024 @12:16PM (#64699044) Attached to: America's EV Charger Uptimes Were Overestimated in 2023, 'Reliability Report' Finds

Elon Musk has cut Tesla's EV charger staff at a time Tesla is opening up their chargers to non-Tesla EVs. Musk wants a $57 billion bonus for the work he has done at Tesla. Tesla has sold near 5 million EVs, meaning that his bonus will be over $11,000 per car sold. Does this make any sense, other than understanding why Tesla's are so expensive?

Submission + - Caching is key, and SIEVE is better than LRU

Submitted by rikfarrow on Sunday June 30, 2024 @04:21PM

rikfarrow writes: Caching means using faster memory to store frequently requested data, and the most commonly used algorithm for determining which items to discard when the cache is full is Least Recently Used. These researchers have come up with a more efficient and scalable method that uses just a few lines of code to convert LRU to SIEVE.
You may wonder why this algorithm is called SIEVE. The reason is that the “hand” in SIEVE functions as a sieve: it sifts through the cache to filter out unpopular objects and retain the popular ones. We illustrate this process in Figure 7. Each column represents a snapshot of the cached objects over time from left to right. As the hand moves from the tail (the oldest object) to the head (the newest object), objects that have not been visited are evicted. For example, after the first round of sifting, objects at least as popular as A remain in the cache while others are evicted. The newly admitted objects are placed at the head of the queue. During the subsequent rounds of sifting, if objects that survived previous rounds remain popular, they will stay in the cache. In such a case, since most old objects are not evicted, the eviction hand quickly moves past the old popular objects to the queue positions close to the head. This allows newly inserted objects to be quickly assessed and evicted, putting greater eviction pressure on unpopular items (such as “one-hit wonders”) than LRU-based eviction algorithms.

The authors explain how LRU works using quick promotion in the queue and lazy demotion, while SIEVE turns this on it head by using quick demotion and lazy promotion. Code changes required to do this are minimal.

Comment Re:Having fucked around with ethernet for 30 years (Score 1) 10

by rikfarrow on Saturday March 23, 2024 @07:32PM (#64339839) Attached to: New 'Loop DoS' Attack May Impact Up to 300,000 Online Systems

This attack should not have surprised you then. See https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Finsights.sei.cmu.edu%2Fd..., posted in 1996. One version of this 'new' attack relies on built-in features of inetd, a Unix service that has been deprecated in most OSs. This really isn't new, and that it was given a CVE just means that there are still vulnerable, very old, versions of inetd around. Using the attack against other UDP-based services, like DNS, has also been known about for year.

Submission + - CAPTCHAs are just annoying (usenix.org) 2

Submitted by rikfarrow on Friday December 01, 2023 @05:35PM

rikfarrow writes: Researchers at University of California, Irvine, put CAPTCHAs to the test. They hired over a thousand people to test 14,000 CAPTCHAs to determine how long it took to solve them, and compared that to AI solvers.
Our work explores CAPTCHAS in the wild by evaluating solving performance and user perceptions of unmodified currently-deployed CAPTCHAS. We obtain this data through manual inspection of popular websites and a large-scale user study wherein 1, 400 participants collectively solved 14, 000 CAPTCHAS. Results show significant differences between most popular types of CAPTCHAS: surprisingly, solving time and user perception are not always correlated. We performed a comparative analysis of effects of experimental context, focusing on the difference between solving CAPTCHAS directly as opposed to solving them as part of a more natural task, such as account creation... Automated attacks on various CAPTCHA schemes have been quite successful, accuracy of bots ranges from 85% to 100%, with the majority > 96%.

If bots are better at solving CAPTCHAs, why do web site developers still use them? Some CAPTCHAs work better than others and are less annoying.

Comment Re:Intrusiveness vs. targeting (Score 1) 119

by rikfarrow on Wednesday October 04, 2023 @04:10PM (#63900257) Attached to: Meta Plans To Charge $14 a Month for Ad-Free Instagram or Facebook

I agree: web ads are more targeted than print ads. As for ad density, what governs ad density in print magazines in the US has to do with how magazines are treated by the USPS: the greater the proportion of advertising vs articles, the lower the class of service. I am basing this on having worked for a magazine (UnixWorld) back in the 1990s, where they could have no more than 40% advertising or wind up being treated like third-class mail.

Comment Re:Seems Fair (Score 1) 119

by rikfarrow on Tuesday October 03, 2023 @02:01PM (#63897347) Attached to: Meta Plans To Charge $14 a Month for Ad-Free Instagram or Facebook

I used Google AdSense until 2010 for a web site that had a targeted audience. Clicking on a target ad paid me .03-.05 US dollars, a 'page view', an ad appearing on the screen, paid a thousandth of a cent. When I spoke to someone at a major magazine, he told me I was getting much more for my click-throughs than the magazine did, likely because the ads on my site were targeted. I think that Facebook would be making more money charging folks $5/month for an ad-free experience.

Submission + - Codon compiler for Python is fast

Submitted by rikfarrow on Sunday May 07, 2023 @05:48PM

rikfarrow writes: Researchers at MIT decided to build a compiler focused on speeding up genomics processing, and decided to make their language look like Python. Recently, they have posted their code on GitHub, and I gave it a test drive: https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.usenix.org%2Fpublica....

Codon, like Mojo (https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fdevelopers.slashdot.org%2Fstory%2F23%2F05%2F07%2F0544230%2Fswift-creators-company-builds-new-programming-language-mojo---a-python-superset), compiles into an executable, so doesn't suffer from the Global Interpreter Lock that prevents the execution of multiple concurrent thread. Codon also uses static typing, without requiring programmers to annotate their code.

Slashdot Top Deals