Archive for June, 2008

Captcha suggestion I made to Craigslist

Sunday, June 22nd, 2008

“Have a dictionary of nouns of at least 1000 commonly used nouns. For example “Tiger, Snake, Man, Computer, Stapler, etc.” Using PHP or other means, search for this noun on Google image search, with safe search turned on. Pick a random Google cached image off the front page of the results. Display this image to the user, along with a question asking for the original noun. And do this twice, otherwise the attacker could just attempt your dictionary for a .1% success rate. Certain search terms will often fail even for humans – therefore, store the success rate along with the noun in a database, and any noun with a less than x% success rate won’t be used.

The noun database should also store unique synonyms for each noun, which will reduce the human fail rate without affecting the bot fail rate.

This captcha works because
1. Humans are good at random image recognition, while computers are not.
2. Although there are only say 1000 nouns, the nouns times the possible number of images (especially if you use common nouns) might be in the millions.
3. Asking twice prevents attackers from just guessing nouns directly. With a dictionary of 1000, asked twice, this results in a 1 in a million chance of successfully asking at random.”

System for inline nonblocking functions

Sunday, June 15th, 2008

One of the most annoying things with database calls is creating a thread to process the call.

Here’s some psuedocode to illustrate the issue:

void QueryDB() {
CreateThread(SelectResults, callback);
}
int SelectResults(Callback *callback) {
result = Process(“select * from db”);
callback(result);
}
void Callback(Result *result) {
printf(“result is %i”, result);
}

Doing the same thing inline is much easier. It’s one function rather than 3, and you also have context about the call.

void QueryDB() {
result = Process(“select * from db”);
printf(“result is %i”, result);
}

However, it blocks your entire program.

I came up with an “InlineFunctorProcessor” system that has the benefits of both. It allows you to do blocking calls all within the context of one function, but runs the blocking call in a thread while your program continues running.

printf(“Enter file to read: “);
ReadFileFunctor *rff = new ReadFileFunctor;
gets(rff->fn);
// Nonblocking, but processes as easily as if it were
YieldOnFunctor(rff);
if (rff->data)
printf(“Got file data\n%s\n”, rff->data);
else
printf(“Open failed\n”);
delete rff;

The way the system works is through recursion, thus saving prior calls on the stack. The yield function calls the main application update loop – or any other function you want to call while the function is processing. That function is responsible for calling InlineFunctorProcessor::UpdateIFP(), which if it returns true, the function should also return.

Here’s the code for the base class:
Header
Source

Here’s a solution that demonstrates the functionality
Download

The proper use of Hungarian notation

Saturday, June 14th, 2008

Joel on Software has a great article about the proper use of Hungarian notation. Basically, most people these days that use Hungarian notation use it to indicate fundamental type to some degree – i for integer, str for string, p for pointer. Usually these types reflect the machine, such as indicating if a variable is a pointer.

However, the original design had Hungarian notation indicate intent, not type. For example, if you had a calendar display with a month, date, and year, you would have 3 integers prefixed with an m for month, d for date, and y for year. Not i, even though they are all integers.

Joel says it better than I can, but to put it succinctly the first is a waste of time, because you are repeating what the computer already tells you and then having to maintain it as well. The second is quite useful – just as all comments should indicate intent, so should Hungarian notation which is just an abbreviated comment.

In RakNet I will use numBits vs. numBytes. An even better approach is to comment the purpose and scope of variables where declared.

Every game company I’ve worked at except nFusion has used Hungarian notation. Most of the middleware libraries do as well. A notable exception is Irrlicht, which also happens to be one of the friendliest and best designed, though not the most feature-rich.

I’m curious what other game companies and libraries do not use Hungarian notation, vs. those that do.