... storing this information, for a future reference.

'Ola AH' & Functional LightPoint Objects Forming.

... it's an idea to be considered, as a feature for 'Ola AH' Programming Language.

... this way LightPoint objects can be formed by combining parts (states & strategies) coming from multiple sources.

- using a reflection feature, one or more of strategies with state can form a LightPoint object,
- 'sunsail aware' strategy is a strategy with access to a state & a router ... is aware of sunsail's coordinates in space as well,
- there can be a 'CasedStrategy' class (a subclass of a 'sunsail aware' strategy) that depending on a given value in state executes a proper strategy it contains,
- initial state, state changes & state after strategy execution can be used to emulate a method call in a LightPoint object,
- certificates should be used with state, values of certificate's owner & a timestamp value synchronized with local clock will allow for 'case identification' for methods' execution. that way in the case of concurrent method calls, there won't be any disambiguity & disparity between method call & callee's order,
- concurrent priority of method calls' are still a matter to consider,
- certificates in state shouldn't stay there forever,
- strategies & state parts forming a new LightPoint object might (but don't have to) originate from many different surrounding objects, then be mixed & joined together.
- perhaps state change events can be used to trigger 'return message delivery code part' that affects other objects - or there can be different way.


AES S-Box & an Encryption Key.

... is S-Box content of Advanced Encryption Standard (AES) considered a part of Encryption Key?

i think it should be, not sure how law approaches this, however.

... this part of encryption key might be responsible for completion part of an Ecryption Algorithm, a private part of Encryption Algorithm.

public part of Encryption Algorithm is public key, private part should be considered a part of the key ... contributing to maximum of allowed encryption key bits.

... that's how i see this for now.

... this allows for AES extensions, for example - for optimizing encryption for certain conditions.

i think law allows for different key lengths for certain conditions, but i am not sure.

perhaps there's more to consider as well.


GWT, Ajax Socket.

- what is GWT?
- it's Google Web Toolkit, a tech for AJAX webapp development with Java.

- is it true that Java is compiled to javascript?
- you can write a webapp client in a java subset (simpler java), as far as i know & remember, server has power of full java, perhaps only in a version 1.7 so far.

- is it possible to do ajax socket?
- yes. ajax socket is ajax message sent in a response to a client event that is handled by server ... we do not know when it arrives, but we are prepared to execute code on client once it does. or handle error message if neccessary, probably timeout message as well. as part of message handling on server socket is used, ...

- can ajax socket be abstracted?
- i think yes. i'd like to keep low-level mechanism, but also invest in ajax socket abstraction ... so it's easy to create sockets messages in a response to a client events.


Strategy Execution Gate, an Idiom.

... this adds extra security to strategy execution over a Light Point.

let's consider the case:
- permissions let someone change the state, but not allow for strategy execution or change.

gate algorithm as follows:
- we send strategy that asks if strategy can be executed.
- sent strategy changes the state in a destination LightPoint, vanishing afterwards.
- state change triggers event that might result in informing (by changing state or other ways) the source LightPoint as well. source LightPoint knows, if they can't or can for a while.
- if source can, it sends strategy to execute, setting state to key, then after set amount of time tries strategy execution as well.
- with proper concurrency & time constraints, strategy is executed once over a destination, then is released to vanish & dissipate.

see also, if You need or wish, ... : Stitie Machine 1.1 'Sunsail'.

Eclipse, a Tool.

... it's clean & efficient tool, simple & powerful as well.

... i paid them only 1 cent so far, but i aim for higher.

.... i bought a book as well.

i wish to be friend of Eclipse, but not at all cost.

i use it as SDK, perhaps more in future as well ... interrested in OSGi & plugins as well.

Arachni, a Tool.

... is it worth to reinvent the wheel?

it's not.

... it's better to use knowledge & experiences of others, even if it costs.

this time it's Arachni Scanner,

for webapp security, vulnerability analysis.

can be used in defense & offense as well, i think, as far as hacking goes.

... perhaps later documentation & code can be obtained as well ... to understand & integrate software as well.

Arachni Scanner: http://www.arachni-scanner.com/.


'Ola AH' Security Semantics & Syntax.

... i think still, just few of ideas so far.

i think that 'Ola AH' Programming Language should have proper hacking tools support encoded in semantics, with elegant syntax support for hacking & IT Security Activities as well.

things to consider so far:
- Danger Level Confirmed, HACKINT,
- perhaps more still.

Danger Level Confirmed, HACKINT.

a Polish Hacking forum's post,
(click to enlarge, if You wish).

... it's still a danger, but not a threat yet.

building blocks:
- Anonymous SSH Hack,
- Dictionary SSH Hack,
- Denial of Service Hack,
- Disconnecting Wireless,
- Hacking Wireless,
- Dictionary Webapp Hack,
- ... buffer overlov,
- Buffer Overflow - Exploit,
- Hack: Simplest of Backdoors,
- What is a Rootkit?

... it's a uncoordinated (still) attack on 2 ports: SSH & HTTP, later will be nicely concurrent, if i can.

... there's more as well, if You look ... You'll learn.

it's also copied there: Danger Level Confirmed, HACKINT.