Reading: Clojure for the Brave – 3

I think of abstractions as named collections of operations. If you can perform all of an abstraction’s operations on an object, then that object is an instance of the abstraction. I think this way even outside of programming. For example, the battery abstraction includes the operation “connect a conducting medium to its anode and cathode,” and the operation’s output is electrical current. It doesn’t matter if the battery is made out of lithium or out of potatoes. It’s a battery as long as it responds to the set of operations that define battery.

Day 3 of reading the book.

In programming, indirection is a generic term for the mechanisms a language employs so that one name can have multiple, related meanings.

Polymorphism is one way that Clojure provides indirection. I don’t want to get lost in the details, but basically, polymorphic functions dispatch to different function bodies based on the type of the argument supplied. (It’s not so different from how multiple-arity functions dispatch to different function bodies based on the number of arguments you provide.)

To Walk On The Path

In the city of Sāvatthī in northern India, the Buddha had a large centre where people would come to meditate and to listen to his Dhamma talks. Every evening one young man used to come to hear his discourses. For years he came to listen to the Buddha but never put any of the teaching into practice.

After a few years, one evening this man came a little early and found the Buddha alone. He approached him and said, “Sir, I have a question that keeps arising in my mind, raising doubts.”

“Oh? There should not be any doubts on the path of Dhamma; have them clarified. What is your question?”

“Sir, for many years now I have been coming to your meditation center, and I have noticed that there are a large number of recluses around you, monks and nuns, and a still larger number of lay people, both men and women. For years some of them have been coming to you. Some of them, I can see, have certainly reached the final stage; quite obviously they are fully liberated. I can also see that others have experienced some change in their lives. They are better than they were before, although I cannot say that they are fully liberated. But sir, I also notice that a large number of people, including myself, are as they were, or sometimes they are even worse. They have not changed at all, or have not changed for the better.

“Why should this be, sir? People come to you, such a great man, fully enlightened, such a powerful, compassionate person. Why don’t you use your power and compassion to liberate them all?”

The Buddha smiled and said, “Young man, where do you live? What is your native place?”

“Sir, I live here in Sāvatthī, this capital city of the state of Kosala.”

“Yes, but your facial features show that you are not from this part of the country. Where are you from originally?”

“Sir, I am from the city of Rājagaha, the capital of the state of Magadha. I came and settled here in Sāvatthī a few years ago.”

“And have you severed all connections with Rājagaha?”

“No sir, I still have relatives there. I have friends there. I have business there.”

“Then certainly you must go from Savatthī to Rājagaha quite often?”

“Yes sir. Many times each year I visit Rājagaha and return to Sāvatthī.”

“Having travelled and returned so many times on the path from here to Rājagaha, certainly you must know the path very well?”

“Oh yes, sir, I know it perfectly. I might almost say that even if I was blindfolded I could find the path to Rājagaha, so many times have I walked it.”

“And your friends, those who know you well, certainly they must know that you are from Rājagaha and have settled here? They must know that you often visit Rājagaha and return, and that you know the path from here to Rājagaha perfectly?”

“Oh yes, sir. All those who are close to me know that I often go to Rājagaha and that I know the path perfectly.”

“Then it must happen that some of them come to you and ask you to explain to them the path from here to Rājagaha. Do you hide anything or do you explain the path to them clearly?”

“What is there to hide, sir? I explain it to them as clearly as I can: you start walking towards the east and then head towards Banaras, and continue onward until you reach Gaya and then Rājagaha. I explain it very plainly to them sir.”

“And these people to whom you give such clear explanation, do all of them reach Rājagaha?”

“How can that be, sir? Those who walk the entire path to its end, only they will reach Rājagaha.”

“This is what I want to explain to you, young man. People keep coming to me knowing that this is someone who has walked the path from here to nibbāna and so knows it perfectly. They come to me and ask, ‘What is the path to nibbāna, to liberation?’ And what is there to hide? I explain it to them clearly: ‘This is the path.’ If somebody just nods his head and says, ‘Well said, well said, a very good path, but I won’t take a step on it; a wonderful path, but I won’t take the trouble to walk over it,’ then how can such a person reach the final goal?”

“I do not carry anyone on my shoulders to take him to the final goal. Nobody can carry anyone else on his shoulders to the final goal. At most, with love and compassion one can say, ‘Well, this is the path, and this is how I have walked on it. You also work, you also walk, and you will reach the final goal.’ But each person has to walk himself, has to take every step on the path himself. He who has taken one step on the path is one step nearer the goal. He who has taken a hundred steps is a hundred steps nearer the goal. He who has taken all the steps on the path has reached the final goal. You have to walk on the path yourself.”


Risk assessment

Came across an aspect I didn’t think about before.

Consider a computer system which gives users control over an action. Action could be:

  1. trivial changing background color of a webpage (low-risk action)
  2. dropping databases or VMs (high-risk action).

The point of view I have been aware of until now is: password breach to a low-risk system isn’t particularly dangerous. But it’s not dangerous for the application. There is another POV to consider — that of the user himself.

Say we’re storing order history of the logged in user (a low risk data), which might contain his address (a medium risk data). What if the person who got this information was the abusive ex? It becomes a targeted attack for the user, which makes low or medium risk application impact a high risk breach for the user.

So consider the impact of an access breach from both perspectives — the application and the user when making such categorizations.