Hacks from the kitchen

Forward link operator on MS Live Search

Microsoft has added forward link search to Live Search. Unfortunately it is pretty useless, because you can only search for links from a domain, not a particular URL, and in fact by domain I mean second level domain, e.g. classy.dk but not www.classy.dk. So if your site is in the UK (where domains for sale are all subdomains of co.uk) you're just out of luck. I have a hard time coming up with a good reason for this restriction. It pretty much kills the usefulness of the feature, which would otherwise have given me the tag hack for free.

"Google Code Search can easily be used to create thousands of new code analysis tools"

Except for people in the business of scaring other people, i.e. security experts, is anybody buying the The "this will give hackers the advantage" response to Google Code Search?

• Google wasn't first with this kind of service, it already exists
  
• If vulnerabilites are that easy to find in source we are going to have much better source analysis tools really, really soon. In which case we all win. Antivirus for source code. Nice.
  
• Since all of this source is already published, wouldn't people already be trying this?
  

I'll buy that code search makes certain kinds of copy paste in source code easy to find, and this might mean that it is easier to find strains of broken ideas - but at least one concrete example of a vulnerability would have been nice to go with the alarmist reporting.

(ah, ok here are a few examples. Copy paste it was. People reuploading code but with changed password. Interesting case. Imagine Google actually warning these people, wouldn't that be nice.)

Ruby quirk

I worry when my computer languages exhibit the following kind of behaviour

# example 1 does not work

a = [2,3,4,5]

puts a.max {|a,b| a <=> b}

puts a.max {|a,b| a <=> b} #runtime error - a is now an integer

This example fails! The block variable, far from being a local parameter in the block, actually exists in the same scope as the array a. to evaluate the block the procedure assigns to the variable a destorying the array.

# example 2 works

def max(a)

    a.max {|a,b| a <=> b}

end


a = [2,3,4,5]

puts(max(a))

puts(max(a))

This works. Function call parameters are proper variables existing in the scope of the function - not the caller. The a inside the function is still destroyed - but is not reused.

Bug or quirk? I think bug.