insanity workout Weblog of Vikram KarveOn a

Weblog of Vikram Karve

On a request by some of my friends, I am reposting this self help article which so many found useful. It may be worthwhile to browse through it once again, even if you have read it earlier. May NLP help you lead a better healthy and happy life.

Whenever I undergo any training or course, I try and apply the concepts and skills I learn during the program upon myself in order to ascertain efficacy of the training for I firmly believe in the time tested adage that “The Proof of the Pudding is in the Eating”.

I woke up early in the morning, as usual, made a cup of tea, and the moment I took a sip of the piping hot delicious tea, I felt the familiar crave for my first cigarette of the day.

I had identified my first “Smoking Anchor” Tea.

I kept down the tempting cup of tea, made a note of the craving [anchor] in my diary, quickly heated a glass of water in the microwave oven, completed my ablutions, stepped out of my house, and embarked upon my customary morning constitutional brisk walk cum jog deeply rinsing and cleansing my lungs with pure refreshing morning air, which made me feel on top insanity workout of the world.

I felt invigorated and happy. I had overcome my craving and not smoked my first cigarette of the day.

Returning refreshed from my brisk bracing morning walk, I stopped to pick up the newspaper, and spotted my friends ‘N’ and ‘S’ across the road beckoning me for our customary post walk tte tte with tea and cigarettes at our favorite the tea stall.

Here lurked my second “Smoking Anchor” my smoker friends.

I felt tempted, but I steeled my resolve.

I waved out to my smoker friends, turned away and briskly headed home.

They must have thought I’d gone crazy, but it didn’t matter I had avoided my second ciga insanity workout rette of the day.

That’s what I was going to do the entire day. Be aware, look inwards, fully cognizant and mindful in order to ensure that I identify all the stimuli that triggered in me the urge to smoke my “smoking anchors” which could be anything, conscious and unconscious, internal and external, tangible or intangible people, situations, events, feelings, smells, emotions, tendencies, moods, foods, social or organizational trends, practices, norms, peer pressure.

Then I would conquer and triumph over these stimuli, demolish these negative “smoking anchors” and insanity workout establish and reinforce new positive “healthy” non smoking anchors using a Technique called FORCE FIELD ANALYSIS

I’ll tell you more about Force Field Analysis later. You can read about this technique in my blog too:How to Conquer Addictions using Force Field AnalysisAfter insanity workout breakfast, I didn’t drink my usual cup of coffee a strong “smoking anchor” which triggered in me a strong irresistible craving and desperate desire to smoke.


Posted in insanity workout and tagged , by with comments disabled.

insanity workout WebGL is Fundamentally Flawed

WebGL is Fundamentally Flawed

But there more! Not only is WebGL inherently flawed, but Google one of WebGL strongest proponents even knew about the DoS and cross domain image vulnerabilities months before they were thrust into the limelight by Context report. Not deterred by these flaws in the WebGL spec or its implementation, Google pushed ahead and turned on WebGL by default in February 2011, in Chrome 9.

As terrifying as that is, we now have to wonder why Google rushed the deployment of a nascent, dangerous technology. Hardware accelerated HTML5 Canvas and JavaScript was coming along very nicely and indeed, Google led the charge on breakneck JavaScript in 2008 and 9 so why the sudden need to throw WebGL into the mix? Could it be because Internet Explorer 9 came out and matched or bettered Chrome 2D performance?

It is telling that Google of Microsoft famous FishIE Tank benchmark at Google I/O in May. Back in 2010, when all three browser vendors were rushing to one up each other, Chrome never quite managed to beat IE9 FishIE Tank scores. Instead of a confrontation, is it possible that Google simply shifted gears to WebGL a technology that Internet Explorer has no intention of sup insanity workout porting? After all, Chrome main draw is its speed and if IE is demonstrably faster, then Google is in trouble.

Irrespective of whether Google strong armed the introduction of WebGL or not, the fact remains: WebGL is now included by default in the world second and third most popular browsers. Apple will be including WebGL support in the version of Safari that ships with Mac OS X Lion, and Opera is toying with WebGL in its development builds. The cat is well and truly out of the bag and it missing a leg.

So what can we do about it? If you really concerned about the security implications of the flawed, another 0 day vulnerability is just around the corner spec, it very easy to disable WebGL in Firefox and Chrome. It also not too late to simply retire WebGL and seek out a new specification for web facing, low level 3D graphics. Instead of asking the Khronos Group to work on it, ask a real, tried and tested, web facing consortium to design the new specification. Instead of utilizing some kind of Frankenstein stopgap, a web based 3D technology should be a web technology. In short, we should ask the World Wide Web Consortium (W3C) to create a specification for 3D graphics that can proudly stand alongside HTML, CSS, and JavaScript. First of all, even OpenGL applications don have such a thing. Even in OpenGL, shaders can only execute a small set of operations that revolve around computing colors and vertex positions. Then, WebGL shaders are more restricted than OpenGL shaders (no dynamic control flow, etc). Then, WebGL implementations don even allow scripts to pass any string as a shader straight to the GPU, instead they compile it first with the ANGLE compiler to check that it valid and since WebGL shaders don have dynamic control flow, you could check about everything by static analysis. That not to say that it can be secured but as it stands, as the specification is outlined, I think it only a matter of time until a WebGL flaw is found which allows elevated access to the GPU (or other hardware).

The hole will be fixed, like the DoS and cross domain image exploit (yay Mozilla!), but I more worried that bugs like cross domain imaging were identified but still ended up in production builds of Firefox and Chrome.

Do you think that similar bugs will be found in the future? Do you think that another, more inherently secure spec could replace WebGL?

It sure has a more direct line to the _GPU_ than any other Web technology, but other web technologies have a more direct line to other, actually even more important parts of the hardware. For example, JIT compiled JS has a pretty line to main memory and CPU.

> That not to say that it can be secured but as it

stands, as the specification is outlined, I think it only a matter of

time until a WebGL flaw is found which allows elevated access to the GPU

First of all, exploits are possible in any piece of code, so here I focus only on what is specific to the WebGL spec and GPUs and not about any bug that a particular WebGL implementation might have like any other piece of code.

The thing that one might legitimately fear with WebGL is that a shader would make an illegal access to video memory, allowing it to read video memory belonging to another page or application. However, if that ever became a concern, since everything a WebGL shader does can be statically check insanity workout ed, it would be possible to check for that in the ANGLE compiler. A bug has even been filed on the ANGLE bug tracker about that, insanity workout so you can track progress on this (if this ever gets deemed necessary):If you wondering why this bug is only concerned with uniform arrays and not other kinds of video memory buffers, that because that the only case where the shading language itself doesn have completely well defined semantics. In other cases, out of bounds access is simply impossible. For textures, the semantics are explicitly controlled by texture wrap modes. you write and not The hole will be fixed, like the DoS and cross domain image exploit

(yay Mozilla!), but I more worried that bugs like cross domain imaging

were identified but still ended up in production builds of Firefox

> Do you think that similar bugs will be found in the future?

Of course, security vulnerabilities are found all the time, everywhere. That ev insanity workout en more true in new technologies like WebGL that expand the attack surface in new ways.


Posted in insanity workout and tagged , by with comments disabled.