You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Gerd Kortemeyer <ko...@lite.msu.edu> on 2000/02/17 17:10:59 UTC

[Job] Instructional Technology

Instructional Technology Specialist/Web Application Developer
Laboratory for Instructional Technology in Education, Michigan State University

The LITE Lab (Laboratory for Instructional Technology in Education) of the
College of Natural Science of Michigan State University invites applications
for the position of Instructional Technology Specialist/Web Application
Developer. The successful candidate will join a group of educators, scientists,
and computer specialists in developing and evaluating computer methods for the
teaching of science and mathematics. 

The position will be about 50% in teaching and faculty development and the
remainder in outreach and computer programming. Essential qualifications:
Master's degree in computer science, natural science or engineering;
proficiency in Linux, Windows, and Mac OS; programming proficiency in Perl
(Apache and mod_perl), and JavaScript; excellent organizational, communication,
and interpersonal skills. To apply, send a letter, CV, and names of references
to Dr. Gerd Kortemeyer at LITE Laboratory, 123 N. Kedzie Labs, Michigan State
University, E. Lansing, MI 48824; phone: 517-432-5468; email:
korte@lite.msu.edu ; website: 
http://www.lite.msu.edu/ .

Re: uid

Posted by "Jason C. Leach" <jl...@mail.ocis.net>.
hi,

Ya. I take Apache's UID and run it through MD5.

j.


On Thu, Feb 17, 2000 at 12:23:44PM -0700, Bill McKinnon wrote:
> 
> On Thu, 17 Feb 2000, Gunther Birznieks wrote:
> 
> > One thing to note: MD5 hashes DO have a possibility of being having a hash
> > collision. Granted, it's unlikely, but it is POSSIBLE. Therefore, you should
> > probably still keep track of what ids had been generated previously. I guess
> > it depends on what you want to do.
> 
>    Assuming that MD5 distributes things pretty evenly over its 128 bit
> space, the chances are:
> 
> 1 in 340,282,366,920,940,000,000,000,000,000,000,000,000
> 
> (approx...my calculator only has so many digits of precision. :) )
> 
>    As long as you are hashing a decent sized piece of data to begin with
> that's appropriately random, I wouldn't worry TOO much about it. :)
> 
> - Bill
>

Re: uid

Posted by Bill <mc...@isis2000.com>.
"G.W. Haywood" wrote:
> 
> Hi all,
> 
> On Thu, 17 Feb 2000, Bill McKinnon wrote:
> 
> >    Assuming that MD5 distributes things pretty evenly over its 128 bit
> > space, the chances are:
> >
> > 1 in 340,282,366,920,940,000,000,000,000,000,000,000,000
> 
> Recently, somebody calculated live on TV that the odds against giving
> birth on Jan 1 2000 (given certain assumptions) to be 32,000 to 1
> against.  Those of you who know that there aren't 32,000 days in a
> month will spot the similarity with the 51-digit number above.
> 
> A famous British Prime Minister once said
> 
> "There are lies, damned lies, and statistics."
> 
> 73,
> Ged.

   Certainly you want to take into account how many times you will test
the likelihood of something...if the chances are 1 in 75,000,000 that
I'll win the lottery but I buy 50,000,000 tickets, the chances are a wee
bit better that I'll win. :) But to even begin to make a dent in the above
number you have to test a LARGE number of times. And all this might be
academic anyway, since I've realized that the math is slightly more complex
than I've made it out to be. Bruce Schneier does a great job of discussing
the issues in _Applied Cryptography_, in Chapter 18, "One-Way Hash 
Functions." The whole point of message digest algorithms (or one of the
points) is, given a message M and its hash H(M), make it hard to find another 
message M' where H(M) = H(M'). Just because of this fact alone you should
know that you are reasonably safe from that sort of thing happening. Schneier
points out a few theorectical flaws/past attacks against MD5 that might
make the ultra paranoid avoid it...if you are one of these, use SHA1 or
something (that has 160 bits of output). Mostly though, I think it's far more
likely that your memory or CPU will spontaneously blip and give you an 
incorrect value, and we obviously don't test for that sort of thing. :)
This is probably going offtopic for modperl...if people want to discuss
things more, it might be best done offline.

- Bill

Re: uid

Posted by "G.W. Haywood" <ge...@jubileegroup.co.uk>.
Hi all,

On Thu, 17 Feb 2000, Bill McKinnon wrote:

>    Assuming that MD5 distributes things pretty evenly over its 128 bit
> space, the chances are:
> 
> 1 in 340,282,366,920,940,000,000,000,000,000,000,000,000


Recently, somebody calculated live on TV that the odds against giving
birth on Jan 1 2000 (given certain assumptions) to be 32,000 to 1
against.  Those of you who know that there aren't 32,000 days in a
month will spot the similarity with the 51-digit number above.

A famous British Prime Minister once said

"There are lies, damned lies, and statistics."

73,
Ged.

Re: uid

Posted by Bill McKinnon <mc...@isis2000.com>.
On Thu, 17 Feb 2000, Gunther Birznieks wrote:

> One thing to note: MD5 hashes DO have a possibility of being having a hash
> collision. Granted, it's unlikely, but it is POSSIBLE. Therefore, you should
> probably still keep track of what ids had been generated previously. I guess
> it depends on what you want to do.

   Assuming that MD5 distributes things pretty evenly over its 128 bit
space, the chances are:

1 in 340,282,366,920,940,000,000,000,000,000,000,000,000

(approx...my calculator only has so many digits of precision. :) )

   As long as you are hashing a decent sized piece of data to begin with
that's appropriately random, I wouldn't worry TOO much about it. :)

- Bill

Re: uid

Posted by Gunther Birznieks <gu...@extropia.com>.
For a really nice "unique" id, I like Jeffrey Baker's APache::Session hash
function which uses a load of random stuff mungled together. You might want
to snag that out of the code.

His routine doesnt work too well on a select few platforms (eg Win98 + ISAPI
Perl), but it works great on Apache mod_perl.

One thing to note: MD5 hashes DO have a possibility of being having a hash
collision. Granted, it's unlikely, but it is POSSIBLE. Therefore, you should
probably still keep track of what ids had been generated previously. I guess
it depends on what you want to do.

Matt Sergeant wrote:

> On Thu, 17 Feb 2000, you wrote:
> > hi,
> >
> > I'm looking to generate a unique id, probably 128bits. Any suggestions
> > on how to do this with mod_perl/apache?
>
> MD5 of rand and %ENV ?
>
> --
> <Matt/>
>
> Details: FastNet Software Ltd - XML, Perl, Databases.
> Tagline: High Performance Web Solutions
> Web Sites: http://come.to/fastnet http://sergeant.org
> Available for Consultancy, Contracts and Training.

Re: uid

Posted by DeWitt Clinton <dc...@eziba.com>.
On Thu, Feb 17, 2000 at 04:32:55PM +0000, Matt Sergeant wrote:
> On Thu, 17 Feb 2000, you wrote:
> > hi,
> > 
> > I'm looking to generate a unique id, probably 128bits. Any suggestions
> > on how to do this with mod_perl/apache?
> 
> MD5 of rand and %ENV ?

An algorithm that I've used is to concatenate the IP address of the current host,
the PID, the current time in milliseconds, and a counter that goes from 1 to 1024.  

Then MD5 it.

This will be globally unique (unless 1024 are created in one millisecond, or you
have two hosts with the same IP), I believe.

-DeWitt

Re: uid

Posted by Matt Sergeant <ma...@sergeant.org>.
On Thu, 17 Feb 2000, you wrote:
> hi,
> 
> I'm looking to generate a unique id, probably 128bits. Any suggestions
> on how to do this with mod_perl/apache?

MD5 of rand and %ENV ?

-- 
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.

Re: uid

Posted by Wendell <we...@ccstrade.com>.
On Thu, Feb 17, 2000 at 08:18:16AM -0800, Jason C. Leach wrote:
> hi,
> 
> I'm looking to generate a unique id, probably 128bits. Any suggestions
> on how to do this with mod_perl/apache?
> 
> j.

mod_unique_id sets $ENV{'UNIQUE_ID'}

see: http://www.apache.org/docs/mod/mod_unique_id.html


also -- 
from wing-0.9 there is this code:

@session_chars = ('A' .. 'Z', 'a' .. 'z', 0 .. 9, '.', '-');

#
# Generate a cryptographically strongly random 120-bit session id
# returned as 24 characters from teh 64-character set [A-Za-z0-9.-].
# Platforms without /dev/urandom will have to rewrite this.
#
sub make_session_id {
	if (!defined(fileno(RANDOM))) {
		open(RANDOM, "/dev/urandom") or return undef;
	}
	my $rawid;
	if (read(RANDOM, $rawid, 24) != 24){
		return undef;
	}
	$rawid =~ s/(.)/$session_chars[ord($1) & 63]/egs;
	return $rawid;
}

-- wendell

uid

Posted by "Jason C. Leach" <jl...@mail.ocis.net>.
hi,

I'm looking to generate a unique id, probably 128bits. Any suggestions
on how to do this with mod_perl/apache?

j.