Trust

NSA Header
The NSA header on their website.

This will be short because I am not a security expert. Another NSA activity has come to light. There is a very good article on it.

iSpy Campaign to Steal Apple’s Secrets

Before you relegate this to only a threat to Apple, consider this classic by Ken Thompson.

Reflections on Trusting Trust

The upshot of all this is that it is possible to bootstrap spy code into an Open Source compiler such as GCC, CLANG/LLVM, etc. How? You have to insert the code into the first compiler in the chain that is used to start building a new compiler. This very effectively hides the code as it is passed on to the compilers that use it as a bootstrap to build the new compilers.

Edits:

Craig Hockenberry writes: Xcode Compromised

TechCrunch writes: Apple Products May Have Been Compromised By CIA

John Gruber’s Daring Fireball: The Intercept: CIA Campaign to Compromise Apple’s Developer Tools

EFF: Guess Who Wasn’t Invited to the CIA’s Hacker Jamboree?

A Day In The Swift 1.2

Today I converted a small Swift 1.1 project to Swift 1.2. I did this with the very recently released 6.3β2 of Xcode. The convert function did a fair job. But I had to do some work by hand.   Most of it was very straight forward. But there is one member function that gave me some trouble. It was a tiny change that was required. See if you can spot it.

    func saveImage(path: String, type: String) {
        let image = createImage()
        let options: [String:AnyObject] = [kCGImagePropertyOrientation : 1, // top left
            kCGImagePropertyHasAlpha : true,
            kCGImageDestinationLossyCompressionQuality : 0.80]
        let url = NSURL.fileURLWithPath(path, isDirectory: false)
        var imageType = kUTTypePNG
        if type == "JPEG" {
            imageType = kUTTypeJPEG
        }
        let file = CGImageDestinationCreateWithURL(url, imageType, 1, nil)
        CGImageDestinationAddImage(file, image, options)
        CGImageDestinationFinalize(file)
    }
    func saveImage(path: String, type: String) {
        let image = createImage()
        let options: [NSString:AnyObject] = [kCGImagePropertyOrientation : 1, // top left
            kCGImagePropertyHasAlpha : true,
            kCGImageDestinationLossyCompressionQuality : 0.80]
        let url = NSURL.fileURLWithPath(path, isDirectory: false)
        var imageType = kUTTypePNG
        if type == "JPEG" {
            imageType = kUTTypeJPEG
        }
        let file = CGImageDestinationCreateWithURL(url, imageType, 1, nil)
        CGImageDestinationAddImage(file, image, options)
        CGImageDestinationFinalize(file)
    }

I do not at present (and may never will) have a proper user interface for this project. It’s part of my language learning process to leave out such things and concentrate on implementing the algorithm.

This does not prevent me from using the frameworks. As you can see by the code, I’m using the QuartzCore framework for producing an image from some source of data. That data is computed using both GCD and vDSP. The latter is in the Accelerate framework. The computation of the data keeps all the CPU cores quite busy. Proper use of GCD prevents the requirement for synchronization. I use different queues to do the work.

There is another computation I want to add to the code before I put it up on GitHub. When I’ve got that complete, I’ll post again on this topic. Meanwhile, as an enticement, I’ve got an image to share that is created by the code base I am working on.

Mandelbrot Set
Mandelbrot Set

 

Name and Shame; a Brief Gripe

This website isn’t even really going yet. But already people are trying to hack it. I think the hackers are my biggest visitors. They won’t be reading this because I blocked their IPs. Then again, they might. Who knows how many people try to compromise even the tiniest of websites?

Screen Shot 2015-02-06 at 15.49.39 PM

Did I mention I get e-mail notifications for this?