My photo

Mildred's Website

My avatar

GoogleTalk, Jabber, XMPP address:

GPG Public Key
(Fingerprint 197C A7E6 645B 4299 6D37 684B 6F9D A8D6 9A7D 2E2B)


Articles from 41 to 50

Fri 29 Apr 2011, 09:52 AM comp dev en lisaac lysaac

Stack environment would be an argument passed implicitely to every function in the code. It would contain global policy. In particular the MEMORY object that lets you allocate memory. If you want to change the allocation policy, you just have to change the current environment, and all functions you call will use the new policy.

We could allow user defined objects like that, not just system objects.

We could also manage errors that way. An error flag could be stored in the environment. Set by the calee and tested by the caller.

Fri 29 Apr 2011, 09:56 AM comp dev lisaac lysaac

Look at this:

Section Header

  + name := Singleton NULL;

Section Public

  - is_null :BOOLEAN <- FALSE;

Section Header

  + name := Singleton NULL;

Section Inherit

  - parent :OBJECT := OBJECT;

Section Public

  - is_null :BOOLEAN <- TRUE;

Section Header

  + name := UNION;

Section Inherit

  - parent :OBJECT := OBJECT;

Section Header

  + name := Expanded UNION(E);

  - import := E;

Section Inherit

  - parent :UNION := UNION;

Section Public

  + element:E;
  - set_element e:E <- (element := e;);

  - when o:T do blc:{o:T;} <-
    (o = E).if {
      blc.value element;

  - from_e e:E :SELF <-
  ( + res :SELF;
    res := clone;
    res.set_element e;

Section Header

  + name := Expanded UNION(E, F...);

Section Inherit

  + parent_e :UNION(E);
  + parent_next :UNION(F...);

Section Public

  - when o:T do blc:{o:T;} <-
    (o = E).if {
      parent_e.when o do blc;
    } else {
      parent_next.when o do blc;

Section Header

  + name := USE;

Section Public

  - accept_object_or_null obj:UNION(USE,NULL) <-
    .when NULL do { o:NULL;
      ? { o.is_null };
    .when USE do { o:USE;
      ? { o.is_null.not };

Mon 02 May 2011, 12:04 PM comp dev en lisaac lysaac

This is great: Here is the source files:


Section Header

  + name := Reference CSTRING;

  - role := String; // const char*
  - type := Integer 8;


Section Header

  + name := MAIN;

Section Public

  - puts str:CSTRING <- External `puts`;

  - main <-
    puts "Hello World";

You type lysaac compile c >c.bc and you get the following LLVM assembly code:


@0 = private constant [12 x i8] c"Hello World\00"

declare void @puts (i8*)

define void @main () {
  %1 = getelementptr [12 x i8]* @0, i32 0, i32 0
  tail call void @puts(i8* %1)
  ret void

And you can execute it using the standard LLVM tools:

$ llvm-as < c.bc | lli
Hello World

Isn't that great ?

Mon 09 May 2011, 02:40 PM comp dev en


  • What is HMP: It is a messaging protocol destined to replace e-mails.

  • Why replace e-mails: Because it is full of spam and unmaintainable. This alternative is lighter and easier to implement than a full SMTP server with SPAM management.

  • Why use HTTP: I'm not fan of putting everything over HTTP but it has its advantages:

    • It has a security layer (HTTPS)
    • It is (relatively) simple and implemented everywhere
    • It manages content-types and different types of requests
    • It is extensible
    • It goes easily through proxys and NATs
    • It allows multiplexing many different resources on the same server

    In the long run, perhaps we should move away from HTTP as:

    • It is too associated with the web
    • It doesn't allow initiative from the server.

    WebSockets could be a good alternative one day.

  • How do I get my messages: Not specified, although you could possibly authenticate using a standard HTTP method to the same resource as your address and issue a GET command.

  • Does this allows a web implementation: Yes, it will need to be further specified but if the server detects a browser request (without the HMP headers) on the resource, it could issue a web-page with a form.

  • Is the message format specified: no, it needs to be. I plan on using JSON.

  • Do you plan an implementation: Yes, using probably node.js or Lua.

  • What prompted this: The Tor network doesn't have any standard messaging system. I don't believe SMTP is suited for that.

  • Why write this spec, you have no code to back this up: because I like writing specs, and it's a way for me to remind me to write the code, and to tell me how I should write it. I might not get the time to write this as soon as I want.

What is a hmp address




Translation to HTTPS resources

A HMP address can directly be translated to an HTTPS resource. The standard scheme translates to:


Message sending overview

To send a message from to, the sequence is:

  • Connection to

    [1] POST
    [1] HMP-Pingback: 235
    [1] HMP-From:
    [1] Content: message-content
  • opens a connection to

    [2] GET
    [2] HMP-Pingback: 235
    [2] HMP-Method: MD5
  • responds to

    [2] HMP-Hash: ef0167eca19bb2d4c8dfe4c3803cc204
    [2] Status: 200
  • responds to the original sender

    [1] Status: 200

Headers to the POST request

The POST request is the request used to post a message. It contains two specific headers:

  • HMP-From: The address the message is sent from

  • HMP-Pingback: A sequence number that uniquely identifies the message for the sender. it needs not be unique, as long as at ont point in time, there are only one message corresponding to this ID.

Particular status codes:

  • 200 in case of success

  • 403 in case the From address could not be authenticated

From address authentication, pingpack

In order to avoid SPAM, the sender must be authenticated when the message is sent. For this reason, before accepting or rejecting the request, the server must initiate a pingback procedure to the sender.

First, the From address is converted to an HTTPS resource and a GET connection is initiated. The specific request-headers are:

  • HMP-Pingback: the pingback sequence number from the previous request

  • HMP-Method: method for verifying the originating message. The only specified method is "MD5"

MD5 Method

In case the message is recognized, the from server responds with the following header:

  • HMP-Hash: MD5 hash of the content of the message identified by the pingback identifier

The status code can be:

  • 200 in case the message was recognized

  • 404 in case the message was not found

If the MD5 sum corresponds to the message received and a success code was given, the from is verified and the message can be sent.

Tue 28 Jun 2011, 12:17 PM comp configuration en misc

I always wanted to manage the files in my home directory. Generally, it's a complete mess and I wanted to get things right and understand the files I had.

At first, I just created a simple shell script that maintained symbolic links of the dotfiles and dordirs of my homedirs to .local/config, sort of early XDG configuration directory. I also changed my .bashrc and later .zshrc to point to files in .local/etc/profile.d. The shell script was reading a database in .local/config/ that contained the link information in the form.

The script did the following for each file declared:

  • if the file existed in the homedir but not in the database directory, it was simply moved and a link was created in its place.
  • if the file existed at both places, tell there is a conflict.
  • if the file existed in the database directory but not in the homedir, create the link

The database looks like:

link ".bashrc" "bashrc"
link ".zshrc"  "zshrc"

# First file in home directory
# Second file in .local/config

My script just defined a function link and sourced the database. But links were not easy to construct in shell. So later, I decided to rewrite it in Tcl, simply because the syntax is compatible (I love the Tcl syntax for that) and because of the wonderful file command.

Later, I improved the script that was then called fixdir to list which files were not managed, and display them. So I could either delete those files (because I don't care about them) or integrate them in the database. The script gained a clean command to automatically remove files declared as noisy.

Now, I have a slightly different problem. I have now different computers which do not have all the same configuration. At first, I synchronized everything and just used the hostname in the database to get different links depending on the machine. But now, with my computer at work, I will not synchronize all the personal configurations. i have to get to a modular approach.

And this script did not help me in tracking what programs I installed in ~/.local/{bin,share,lib}. For this, I wanted something like stow. I tried using stow, but it failed with a conflict. Then I tried using homedir. I just didn't like it because it created an ugly ~/bin instead of ~/.local/bin.

Then I realized my fixdir script looks much like homedir already, and I patched it up to make it better. And there it is.

The current version of fixdir is on github.

Let me copy the README file:

What is it?

This is my homedir package manager. Written first in shell then translated in tcl. Originally, this was just to maintain a set of symbolic links from my home directory to a directory where all important comfig files were stored. Then I decided to make it a package manager.

How to install it?

git clone git:// fixdir
"$fixdir_dir/fixdir" install "$fixdir_dir/hpkg.tcl"

fixdir is installed in ~/.local/bin. Make sure it is in your $PATH.

How does it work

fixdir works better when you are in your target directory (homedir)

Invoke one action with a database file. The database file is a tcl script that contain all files and directories that should be linked.

What else can it do?

fixdir unknown list all files not manages by fixdir in the current directory

fixdir clean remove files declared as noisy


  • fixdir list doesn't work when pwd != target directory

Tue 28 Jun 2011, 12:51 PM comp fr lisaac lysaac misc

Lysaac c'est ma réimplémentation du compilateur lisaac. Jusqu'a présent, il n'y avait pas grand chose, mais dernièrement, il y a eu des commits intéressants:

  • les variables fonctionnent
    • avec des valeurs par défaut
    • on peut les lire
    • et y écrire
  • on a aussi des BLOCKs, mais sans upvalues

Ça ne paye peut être pas de mine, mais en fait, l'infrastructure du compilo est presque complète.

Prochaines avancées: héritage et affichage des erreurs

Et peut être après: des améliorations de syntaxe (appels de slot à paramètres et bien plus tard: opérateurs). Pour le moment, je me concentre sur les choses basiques.

Si vous voulez jouer, vous pouvez. Si vous avez une erreur inattendue, créez un scénario d'utilisation et donnez le moi (préférablement sous forme de fichier .feature).

Tue 28 Jun 2011, 12:51 PM comp en lisaac lysaac misc

Lysaac is my reimplementation of the lisaac compiler. Until now, it wasn't very interesting to look at, but recently, I pushed a few interesting commits:

  • you now have variables
    • the default value is initialized correctly
    • the read works
    • the write works
  • you also have BLOCKs (sorry, no upvalues for now)

This may looks like nothing, but under the hood, the infrastructure is almost completely there.

Next thing to come: inheritance and error reporting.

Then perhaps, syntax improvements like keyword messages and later: operators. For now, I want the basic functionnality working well.

If you want to play with it, you can. If you get an error, create a use-case and propose it as a new feature. Please use as a model the .feature files.

Mon 25 Jul 2011, 03:09 PM by Mildred liens

  • L'éveil 2011: Nouvelles quotidiennes aggrégées de plein de blogs sur l'état du monde.

  • Démosophie: de Demos le peuple et Sophia la sagesse. Ce site contient une section intéressante sur le nouvel ordre mondial. Il vise à créer un mouvement citoyen pour une vraie démocratie, et souhaite se présenter aux prochaines élections importantes des états européens.

En vrac:

Fri 05 Aug 2011, 10:35 AM by Shanti comp en html web

First postulate: HTML was designed as a stateless protocol

Context: web sites need to maintain a context (or state) to track the client. This is required by the log-in procedures the various websites have. It is also useful to track the user in a web store, to know which items the user wants to buy. In fact, it is requires almost everywhere.

The first solution to be thrown out for this problem are the cookies. People didn't like cookies but now, everyone accepts them. Nothing works without cookies. Why did people dislike cookies back then? They liked their provacy and cookies makes it possible to track the user. Through advertisement networks, the advertiser known exactly which website the user visited. And it is still the case now. What changed is that the users got tried to fight cookies and have every website break, and they got used to it.

People got used to being tracked just as people are used to be watched by video cameras in the street and people are used to get tracked by the government and big companies and banks.

Cookies are a great way to track prople, all because HTTP didn't include session management. The way Google track you is very simple. Google Analytics puts a cookie on your computer and each time you access the Google Server, they know it's the same person. Google is everywhere:

  • Many web sites are using Google APIs, or the jQuery library at Google.
  • Many web sites ask Google to track their users to know how many prople visit their page.
  • Google makes advertisement.
  • Youtube, Blogger, Picasa and others are owned by Google

With this alone, Google is found on almost every page. If you have an account at Google (YouTube, Picase, Gmail, Blogger, Android or other), they can even give a name or an e-mail address to all of these information.

Google motto is Don't be Evil, they are perhaps not evil but can they become evil? Yes.

Whatever, my dream HTTP 2.0 protocol would include of course push support like WebSockets, but more importantly: session management. How should this be done?

HTTP and Session Management

When the server needs a session, it initiates the session by giving a session token to the client. The client needs to protect this token from being stolen and should display that a session is in pogress for this website. It could appear on the URL bar for example. The client could close the session at any moment.

With the token, the server provides its validity scope. Domains, subdomains, path. Only the resources in the session scope will receive the tocken back. If for example starts a session at but have an <iframe> that includes facebook. Facebook won't receive the session token. If Facebook wants to start a session (because the user wants to log-in) it will start a second session.

Session cannot escape the page. If you have two tabs open with facebook in each tab (either full page or embedded), the two facebook instances don't share the same session, unless the user explicitely allowed this. For instance, when Facebook starts a session, the browser could tell the user that Facebook already have an existing session and the user would be free to choose between the new session and the existing one.

How does this solve XSS

XSS is when a website you don't trust access the session of a website you trust, and steal it. At least I think so.

With this kind of session management, the session couldn't possibly be stolen. Suppose that the non-trusted site makes an XmlHttpRequest to If cross-domain wasn't forbidden, any web-site could read your mails.

With the new session management, if the untrusted site makes a request to, session wouldn't be available and the login page would be returned instead of the list of e-mails. If the non trusted website tries to log-in, you would be prompted to associate the Gmail session with the site you don't trust. If you aren't completely idion, you wouldn't allow the online pharmacy to connect to Gmail.


What is known about you? Let's take an average person that uses her credit card, have and Android phone with Gmail, uses Facebook:

  • All your relationships are known by Google (Gmail, Google+) and Facebook
  • All your interests are known by Google and Facebook (Ad Sense track which website you visit and Facebook have a huge profile on you)
  • All your posessions are known to your bank
  • Your photograph is known by Google and Facebook (people probably took a photo of you and placed it on their Android phone synchronized with Google)
  • Your location is known (using your Android phone, your credit card, or your RFID card you use for public transportation)
  • ...

If you ever want to keep private, it is becoming very difficult.

Fri 19 Aug 2011, 09:01 AM by Shanti fr physics

Ce matin, je me posais la question de la fameuse formule E = mc² qui rend la matière homogène à de l'énergie, et je m'en posait la question. La réponse m'est apparue de manière si évidente, que je ne peux m'empêcher de la partager.

La première question intelligente à se poser est : qu'est ce que la matière ? De fait, nous n'en savons rien. On ne mesure pas la matière, on ne l'a jamais mesurée. Existe-t-elle vraiment ? L'unité de la matière, le gramme (et ses dérivations comme le miligramme et le kilogramme) ne peux pas être mesurée directement, aucun instrument de mesure ne peux mesurer le gramme.

Et la balance, me direz vous. La balance mesure la force d'attration d'un objet vers la terre, rien d'autre. Cela se mesure en Newton (N) et un jour on s'est simplement dit qu'en la divisant par 9.8, on obtenait des grammes. C'est en quelque sorte de cette manière que la matière est apparue. Peser une matière première était un moyen facile d'en estimer le prix. En effet, plus un bloc de matière est lourd, plus il est important (en général) et plus on peut l'utiliser pour faire plein de choses.

Je n'ai pas étudié l'apparition du concept de matière, mais c'est comme cela que je me l'imagine. Il se pourrait que l'histoire soit un peu différencte.

Ce qu'on peut constater, c'est que la matière n'a jamais existé, ce n'a jamais été autre chose qu'un concept, certes très bien ficelé. Et en définissant la matière comme étant proportionelle à sa force d'attraction envers la terre, on conditionne sa nature, la matière devient homogène à une force. Aucune surprise donc de la voir assimilée à de l'énergie, une fois multipliée par la vitesse de la lumière (au carré).

C'est à mon sens la plus grande preuve de notre ignorance. En fait, la matière, c'est de l'énergie tout simplement parce que cela nous permet de faire plein de choses diverses et variées. En tombant, brûlant ou se désintérgant, elle nous fournit de l'énergie. Point n'est besoin d'aller chercher plus loin.

Ce qu'on sait, c'est qu'on ne sait rien