[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
XKeyScore code authenticity - genuine [was: messing with XKeyScore]
- To: [email protected]
- Subject: XKeyScore code authenticity - genuine [was: messing with XKeyScore]
- From: [email protected] (coderman)
- Date: Sun, 6 Jul 2014 19:30:01 +0200
- Cc: cpunks <[email protected]>, Liberation Technologies <[email protected]>
- In-reply-to: <CAJVRA1RVnA1kamSg=at=7kHsLD4EpnJKV0fyw4g9n6Ygs0p_Xg@mail.gmail.com>
- References: <CAJVRA1RVnA1kamSg=at=7kHsLD4EpnJKV0fyw4g9n6Ygs0p_Xg@mail.gmail.com>
On Sun, Jul 6, 2014 at 7:11 PM, coderman <[email protected]> wrote:
> ...
> a regexp rule like:
> '''
> extractors: {{
> bridges[] =
> /bridge\s([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}):?([0-9]{2,4}?[^0-9])/;
> }}
> '''
> is both written by a novice regexp'er, and also took them a bit of
> time. more than they'd spend on an example.
i should have clarified this statement. this is code someone wrote to
get a job done. they are pulling bridge addresses out of text (email
bodies?) and getting a job done.
this is fine code and similar to what you'd see in any production environment.
this is not what a regexp guru would use to show their ability to
tightly match with sparse efficiency.
it is also not so simple that a non-PCRE fluent person would use it as
a fictitious example.
to be clear: all signs point to this being real code a person wrote to
get a job done - parse out bridge addresses from text. the signs
point toward this code being legitimate depricated code, even if not
currently useful.
the code do not point toward this being a non-fictitious example, and
it seems Robert even alludes to as much with.
"One interesting thing to note about the port number is that it
captures the first non-digit character after the number as well. This
is obvious[sic] a bug, but since it's usually whitespace, one that
doesn't impact the system."
- implying he believes this is a legitimate rule, and also not
written by an expert.
best regards,