Working languages: German to English |
Availability today:  | November 2009 |  | | S | M | T | W | T | F | S | | 1 | 2 | 3 | 4 | 5 | 6 | 7 | | 8 | 9 | 10 | 11 | 12 | 13 | 14 | | 15 | 16 | 17 | 18 | 19 | 20 | 21 | | 22 | 23 | 24 | 25 | 26 | 27 | 28 | | 29 | 30 | 31 | | | | | |
|   Steven Sidore
Book Editor Knows All the Tricks
Berlin, Berlin, Germany Local time: 14:11 CET (GMT+1)
Native in: English  | | |
Freelancer,  Verified member | | Translation, Editing/proofreading, Desktop publishing | | Specializes in: | | Cinema, Film, TV, Drama | Computers (general) | | Computers: Hardware | Computers: Software | | Internet, e-Commerce | IT (Information Technology) | | Journalism | Poetry & Literature | | Telecom(munications) |
| Also works in: | | Games / Video Games / Gaming / Casino | Mechanics / Mech Engineering | | Materials (Plastics, Ceramics, etc.) | Manufacturing | | Human Resources | Engineering (general) | | Electronics / Elect Eng | Computers: Systems, Networks | | Advertising / Public Relations | Wine / Oenology / Viticulture | | Tourism & Travel | Sports / Fitness / Recreation | | Printing & Publishing | Photography/Imaging (& Graphic Arts) | | Marketing / Market Research | Linguistics | | Philosophy |
More Less | | Questions answered: 197, Questions asked: 0 Easy / 33 PRO, PRO-level points: 264 | Sample translations submitted: 1German to English: IT journalism sample
Detailed field: Computers (general) | Source text - German
Googles Code Search zum Finden von Quelltext-Schnipseln findet nicht nur positive Resonanz. Sicherheitspezialisten weisen darauf hin, dass sich damit die Repositories von Open-Source-Projekten nach fehlerhafter Software durchsuchen ließen. Die neue Suchmaschine gebe Angreifern ein Werkzeug in die Hand, besser und schneller nach typischen Programmierfehlern suchen zu können, um die daraus resultierenden Sicherheitslücken für Einbrüche in Systeme auszunutzen. Damit seien zwar nicht unbedingt zielgerichtete Attacken möglich, aber nicht immer sei dies erforderlich.
Erste Seiten im Internet zeigen bereits Beispiele für Suchanfragen, mit denen man über Google Sicherheitslücken findet. Dazu gehören Klassiker wie die C-Funktionen strcpy und gets, die bei falscher Verwendung zu einem Buffer Overflow führen können, über den sich oftmals Schadcode auf den Stack schreiben und starten lässt. Allerdings indiziert Code Search auch die veralteten Softwarestände mit, sodass die Lücke in der aktuellen Programmversion durchaus schon beseitigt sein kann. Aber nicht wenige Anwender setzen auch veraltete Versionen ein.
Zum Befüllen der Code-Datenbank grast Google nach eigenen Angaben "so viele öffentlich zugängliche Codearchive wie möglich" ab, darunter .tar.gz- und .zip-Dateien, aber auch CVS- und Subversion-Repositories. Wie viele Codezeilen die Datenbank derzeit umfasst, verrät Google leider nicht. Bei der Suche sind sogar reguläre Ausdrücke erlaubt und die Beschränkung auf bestimmte Softwarelizenzen wie BSD, GPL und andere möglich.
Immerhin bietet Code Search auch Software-Auditoren die Möglichkeit, Lücken zu finden und zu beseitigen. Hier sieht Google auch eines der Argumente für die Sicherheit von Open-Source bestätigt: Je mehr Augen auf den Code schauen, desto mehr Fehler werden gefunden – und beseitigt. Nach Meinung von Sicherheitsspezialisten könnte Code Search Programmierer künftig sogar motivieren, Richtlinien für sicheres Programmieren aufzustellen, zu befolgen und sich diesbezüglich fortzubilden. Entwickler sollten aber der Versuchung widerstehen, ihre Repositories vor Google zu verstecken.
Google wird auch seit Längerem missbraucht, um Lücken auf Webservern und Datenbanken zu finden. Beim so genannten Google Hacking findet man mitunter Daten passwortgeschützter Seiten. Zuletzt hatte Google seiner Suchmaschine die Möglichkeit hinzugefügt, nach Signaturen von EXE-Dateien zu suchen, was etwa Websense zum Aufspüren von Viren und Würmern im Internet einsetzte. | Translation - English
Google's Code Search for locating source code snippets has not struck upon universal acclaim. Security experts are now noting that the repositories of open source projects can be searched for flawed software; in essence, the new search engine provides hackers a quicker and more effective tool for locating programming errors. Security expertise criticise that security holes turned up by the search can then be exploited to break into systems. While this is not necessarily conducive to targeted attacks, that is not always what hackers are after either.
Pages are already turning up on the internet demonstrating examples of search queries that can turn up holes via Google. This includes classics like the C functions strcpy and gets, which when improperly applied can lead to buffer overflows used to write and execute malicious code on the stack. It should be noted that Code Search often includes older versions of software in its indexes, meaning that in many cases flaws have already been removed in the current program version. Yet more than a few users continue using outdated versions.
To fill its code database, Google is grazing from "as many publicly accessible code archives as possible," including .tar.gz- and .zip files, as well as CVS and subversion repositories. Regrettably, Google has to this point refused to indicate how many lines of code currently comprise the database. The search can also even accommodate regular expressions, and can filter for specific software licenses like BSD, GPL and others.
Yet Code Search also allows software auditors the opportunity to find and remove holes. From Google's point of view, this is an affirmation of one of the security arguments central to open source software: the more eyes that view a piece of code, the more likely that flaws will be located – and removed. In the view of security specialists, Code Search may even provide future motivation for programmers to create, follow and seek out continuing education for guidelines for secure programming. This requires developers to resist the temptation to hide their repositories from Google, however.
Google has also long been abused as a tool for turning up holes in web servers and databases. Google hacking is the art of turning up data from password-protected sites. Google recently upgraded the search engine to allow for the searching of signatures from EXE files, which web sites use to detect viruses and worms on the internet.
|
More Less | | MA-University of Virginia | | Years of translation experience: 7. Registered at ProZ.com: Jan 2002. Became a member: Dec 2003. | | N/A | German to English (University of Virginia, verified)
| | ALTA | | Adobe Acrobat, Adobe Illustrator, Adobe Photoshop, Indesign, Microsoft Excel, Microsoft Word, Framemaker, Passolo, Powerpoint, QuarkXPress, SDL TRADOS, SDLX, Wordfast | | 216 forum posts | | English (PDF) | | Steven Sidore endorses ProZ.com's Professional Guidelines. | | About me
I focus on marketing, IT, and technical texts.
I have been translating from German into English since 1995. My background is split between two relevant career strands. Professionally, my background is in book publishing, where I have worked as a Managing Editor and as an Acquisitions Editor for various NYC publishing houses. Academically, I am in the final stages of finishing a Ph.D. in German Languages and Literatures, and have received many honors over the course of my studies, including a Full-Maintenance Fulbright Award and an extension from the German Fulbright committee.
I have translated books such as ISBN 8877431628 and have a standing assignment translating technical articles for the dpa. I am also currently engaged on a large 2-volume literary translation project centered around Alexander von Humboldt, with publication expected in 2007.
| This user has earned KudoZ points by helping other translators with PRO-level terms. Click point total(s) to see term translations provided.
|
Keywords: literature, technical, pc, html, trados, copywriting, germany, rheinland, new england, new hampshire, new york, new york city, brooklyn, virginia, quark, office 2000, ddr, east Germany, dpa, publishing, fulbright, film, cinema, eastern europe, business, DTP, Berlin, sports, literature, literary translation, non-fiction, technical, computers, business, electronics, engineering, architecture, copywriting, Germany, Rheinland, Berlin, New England, New Hampshire, New York, New York City, Virginia, DDR, GDR, East Germany, sports, Fulbright, film, Eastern Europe, DTP
Profile last updated
Oct 20 |
The translation workplace 
Expertise