Denial of Service via Algorithmic

Denial of Service via Algorithmic Complexity Attacks:

[...]a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures. Frequently used data structures have “average-case” expected running time that’s far more efficient than the worst case. For example, both binary trees and hash tables can degenerate to linked lists with carefully chosen input. We show how an attacker can effectively compute such input, and we demonstrate attacks against the hash table implementations in two versions of Perl, the Squid web proxy, and the Bro intrusion detection system. [...] We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks.

We went to the NY

We went to the NY Liberty home opener against the Washington Mystics. The Liberty won 70-57. Dinner was Korean at Kang-Suh.

Argh. "Radio Userland" is acting

Argh. "Radio Userland" is acting up again. Still looking at "Moveable Type".

Playing around tonight with Blogshares.

Playing around tonight with Blogshares. Wonder how long before someone sets up a derivatives market based on the weblog share market.

Alex has a new essay

Alex has a new essay up at Boxes and Arrows: The Sociobiology of Information Architecture. I’m not sure why, but it tickled my I-need-to-reread Orality and Literacy nerve again.