c2.com · Domains · Slashdot Mirror

Re:They have dedicated a special page for them by Sarten-X · 2013-12-26 03:54 · Score: 1 · on Year In Communications: NSA Revelations Overshadow Communications Breakthroughs

What exactly are you arguing for? Are you trying to defend the NSA? Do you really want to live in a glass house? Would it bother you if I (or anyone) installed surveillance equipment in every single part of your house with the intention of constantly reviewing all the footage, but not doing anything else with it?

I'm arguing for a logical discussion, rather that one steeped in bias and knee-jerk reactions. To that end, I've taken the liberty of highlighting the fallacious arguments in your statements.

The question of whether it's "inherently harmful" is completely different from the question of whether what the government is doing is constitutional, and anyone with a brain knows that it isn't.

Ewieling's claim is that surveillance is unconstitutional because it's a punishment. However, there are two questions to that claim that need proving: that surveillance is a punishment in itself, and that such a punishment is prohibited by the Constitution. I would accept "harmful" as a substitute for "punishment", but that's not proven, either.

Re:They have dedicated a special page for them by Sarten-X · 2013-12-26 03:54 · Score: 1 · on Year In Communications: NSA Revelations Overshadow Communications Breakthroughs

What exactly are you arguing for? Are you trying to defend the NSA? Do you really want to live in a glass house? Would it bother you if I (or anyone) installed surveillance equipment in every single part of your house with the intention of constantly reviewing all the footage, but not doing anything else with it?

I'm arguing for a logical discussion, rather that one steeped in bias and knee-jerk reactions. To that end, I've taken the liberty of highlighting the fallacious arguments in your statements.

The question of whether it's "inherently harmful" is completely different from the question of whether what the government is doing is constitutional, and anyone with a brain knows that it isn't.

Ewieling's claim is that surveillance is unconstitutional because it's a punishment. However, there are two questions to that claim that need proving: that surveillance is a punishment in itself, and that such a punishment is prohibited by the Constitution. I would accept "harmful" as a substitute for "punishment", but that's not proven, either.

Re:They have dedicated a special page for them by Sarten-X · 2013-12-26 03:54 · Score: 1 · on Year In Communications: NSA Revelations Overshadow Communications Breakthroughs

What exactly are you arguing for? Are you trying to defend the NSA? Do you really want to live in a glass house? Would it bother you if I (or anyone) installed surveillance equipment in every single part of your house with the intention of constantly reviewing all the footage, but not doing anything else with it?

I'm arguing for a logical discussion, rather that one steeped in bias and knee-jerk reactions. To that end, I've taken the liberty of highlighting the fallacious arguments in your statements.

The question of whether it's "inherently harmful" is completely different from the question of whether what the government is doing is constitutional, and anyone with a brain knows that it isn't.

Ewieling's claim is that surveillance is unconstitutional because it's a punishment. However, there are two questions to that claim that need proving: that surveillance is a punishment in itself, and that such a punishment is prohibited by the Constitution. I would accept "harmful" as a substitute for "punishment", but that's not proven, either.

Re:'Hobbyists'? by CastrTroy · 2013-12-20 04:25 · Score: 1 · on IDC: 40 Percent of Developers Are 'Hobbyists'

Or those who can't take simple algorithm descriptions (fizz-buzz), and convert it into a working program, should be counted as not-really-a-programmer. I don't want to use the word "hobbyist" in this case, or in yours, because there's plenty of people I know who only program in their spare time, but have great programming skills, while people who are actually employed as software developers or programmers who can not tell you what the complexity of an algorithm is, nor can they make a simple algorithm base on a description of what it should do.

We've got a definition debate on our hands by tepples · 2013-12-04 14:26 · Score: 1 · on The Desktop Is Dead, Long Live the Desktop!

It appears we've already run headfirst into Layne's Law, arguing over definitions. I'd recommend abandoning "consumption" and "content". But by your definition of "consumption", how many people engage in "creation" at home? And if too few people engage in "creation" to warrant continued production of affordable home PCs, how many people will just skip trying "creation" because of the cost?

Re:It's a shame by Sarten-X · 2013-11-04 02:03 · Score: 0 · on Snowden Publishes "A Manifesto For the Truth"

You mean the ones who disagree?

Let's first define shovelware by tepples · 2013-10-25 03:53 · Score: 1 · on Can Nintendo Survive Gaming's Brave New World?

nobody will have the confidence to develop proper games for the system apart from shovelware

I've seen that 10-letter word tossed around, but nobody appears to be able to agree on a proper definition. (And without a proper definition, discussion goes nowhere.) In the early 1990s it meant selling a bunch of demos of indie games on a single CD because they were so small, originally having been developed for floppy or BBS distribution. Now that BBS distribution has grown into a broader paid download market for sale of lower-budget games, I'm not sure from Wikipedia's article what "shovelware" even means. Is there even a line between "low budget" and "shovelware"?

my 2 cents by Paradigma11 · 2013-10-17 22:38 · Score: 1 · on Has Flow-Based Programming's Time Arrived?

A modern library implementing dataflow programming is: https://rx.codeplex.com/

The relationship between the actor model and flow based programming is discussed here: http://c2.com/cgi/wiki?ActorsAndFlowBasedProgrammingDiscussion

Personally i like using f# with rx using this wrapper: https://github.com/fsharp/FSharp.Reactive

I see FBP as a generalized form of functional programming where you can, and have to, specify how the expressions are put together temporally.
It gives you the advantage of automatic (in rx you have to specify the scheduler) concurrency but is cumbersome for stuff that is easily expressed in a synchron way (List processing...).
I guess you would want the most coarse grained granularity.

A nice book on FBP is: http://www.jpaulmorrison.com/fbp/ (the first edition is freely available)

As for the idea that FBP is coupled to visual programming and will enable non programmers to write complex programs, well:
Visual programming makes writing programs for easy problems even easier and for complex problems intractable.
And guess what: The easy problems were already easy to begin with!!!

Re:Old news by Draknor · 2013-10-15 12:47 · Score: 2 · on How To Develop Unmaintainable Software

I think you are missing the author's points in your rebuttal.

Testing server -- maybe it's not ALWAYS possible with expensive enterprise-y server software, but just about anyone can spin up a VM on their dev machine to simulate (with varying degrees of accuracy) a production environment.

Secret logins & back doors -- you mean you've never created a "god" or "super admin" account (or "secret URL") that could access all kinds of technical / debugging info that regular admins/users shouldn't see? Having such an account means your application has additional logic & code paths to support -- code that's probably not being adequately (if at all) tested and probably has bugs, some of which may be security-related.

Test data in production - yeah, I've worked on systems (such as health care IT systems), where project team puts test data in the system. It sucks for operational users. "What, you mean Dr. Smith doesn't have a 2pm appt w/ TEST, DUMMY today?" "The compliance dept just got a call about a six-figure insurance claim to Medicare for a pregnancy-related hospitalization for a DUMBASS, JOE -- anyone know about that?" Test data belongs in a test database.

Frameworks -- in my humble opinion (and I'm not exactly alone) there are very few situations where run-time performance is actually "absolutely critical". More often (in my experience) time-to-develop "performance" is a bigger factor, and rolling-your-own (to get alleged better run-time performance) will cost you development time, bug-fix time, QA & testing-time -- which, for the vast majority of applications, will cost more than simply buying faster hardware (the happy medium way is to optimize just the critical slow parts in your application that the framework handles sub-optimally).

Choice of languages -- again, I think you missed the point. Any language is fine. His point is to keep your project consistent. If you've developed a hair-brained solution that involves Perl, cgi-bin, bash, PHP, and chunks of C -- it probably works great and flawlessly, like you said. Until that programmer (1) retires or (2) gets hit by a bus. Then the junior programming intern they hire to take his place is screwed. And that's the author's point -- write maintainable code. A mismash of languages & bindings "because they are cool" may function, but it's not maintainable. If your star programmer has this Perl/bash/PHP/C contraption and it's well-documented and logical, then maybe that junior intern will take it over and, with a bit of a learning curve, master it. But if your programmer used 4 different languages because "it's cool to make it complicated" -- well, good luck.

Re:Disappearing Bitcoins by girlintraining · 2013-10-06 06:58 · Score: -1, Flamebait · on DOJ Hasn't Actually Found Silk Road Founder's Bitcoin Yet

As you have indicated a preference for brevity in your sarcastic fuck you, I shall in turn be brief in my own.

This isn't a weather simulator where the numbers are going to be raised to the hundredth power, it's basic, linear algebra here.

False, and False.

Name one that didn't just collect tiny pieces at a time but actually used floating point errors.

Y2K; A lot of time variables use floating point (decimal) instead of integer. As I understand it, that was an expensive fix that caused financial chaos. As well, there's a detailed explanation about exactly why floating point should never be used in financial transactions, regardless of the number of decimal points the library can be accurate to. And here's the wiki explaining how these problems simply cannot be overcome, it's a theoretical impossibility.

then it would be handled uniformly and that won't be an issue.

A computer that consistently gets the wrong answer is not any less wrong because it does so uniformly.

Explain. And don't just shit out a wall of text that evades the subject like you usually do.

I try to be as specific as possible to avoid confusion, but in the future, to honor your request, I will simply say "Fuck you, you're wrong, good day sir." Thank you for bringing this to my attention.

Fuck you. You're wrong. Good day sir.

Chromebook by tepples · 2013-10-02 02:35 · Score: 0 · on Ubuntu 13.10 Will Not Ship Mir By Default

Something will need to replace ubuntu soon as the easy to use grandma friendly linux desktop

Would Chromium OS qualify as "the easy to use grandma friendly linux desktop"?

(Before we can identify this "something", we first need to identify what qualifies as a "Linux desktop". Otherwise, we're likely to end up talking past each other.)

Language lawyering by tepples · 2013-09-23 03:40 · Score: 2 · on Learning To Code: Are We Having Fun Yet?

I find C++ much more fun, because it does exactly what I tell it to.

But you sometimes have to be a language lawyer to figure out exactly how templates, inheritance, the implicit conversion, and other C++ language features will interact in a given case. See C++ FQA Lite for a taste of the language lawyering that C++ programmers have to do in their heads to be competent in the language. In what way do you find this easier than figuring out the semantics of a particular dynamically typed language?

Python, PHP, Ruby

PHP is less strongly typed with its policy of playing loose with implicit conversions to and from numeric and string types. But Python is strongly (though dynamically) typed.

Re:Accountability by kermidge · 2013-09-13 01:47 · Score: 1 · on Former DHS Official Blames Privacy Advocates For TSA's Aggressive Procedures

Forgot:

http://c2.com/cgi/wiki?TheBestIsTheEnemyOfTheGood

has some good comments and stories, many relating to tech and programming - it's worth giving a look

Re:What is Bruce Schneier's game? by wurp · 2013-09-08 09:10 · Score: 1 · on Schneier: The US Government Has Betrayed the Internet, We Need To Take It Back

You're talking about the Thompson hack, an extremely effective mechanism for subverting huge swaths of software: http://c2.com/cgi/wiki?TheKenThompsonHack

The only way around it is to view the binary code and inspect it (either manually or automatically). Either way, the level of effort to detect it is immense, and either way you may still be subject to some further hack that shows you different binary data than what's actually executed.

I suppose in theory the hack could be in the hardware somewhere.

Re:SSH? by willaien · 2013-09-06 05:46 · Score: 1 · on NSA Foils Much Internet Encryption

Not even open source software is safe, see: Ken Thompson, etc.

http://c2.com/cgi/wiki?TheKenThompsonHack

Re:I suspect he's wrong. by geekoid · 2013-08-30 08:09 · Score: 1 · on Neil deGrasse Tyson Says Private Business Will Not Open the Space Frontier

I can't decide which is worse:
either you are too stupid to understand an analogy for what it is.
Or so frustrated with being simple you had to twist the example outside its contextual bounds. Here let me use soething clearer:

"I flip a coin 5 times and get "heads" every time (no "tails"). Is it a "heads only" coin? (...having a "head" printed on both sides.) Well, say I flip it 500 times and get "heads" every time. Now I'm pretty convinced that it is "heads only.""
http://c2.com/cgi/wiki?AbsenceOfEvidenceIsNotEvidenceOfAbsence

http://www.skepticink.com/tippling/2012/11/18/absence-of-evidence-is-evidence-of-absence-in-many-cases/

"That's not even mentioning that you haven't got my crude and untasteful[sic*] joke in the upper comment correctly. Better luck next time!"
actually I did. May it doesn't mean what you think it means?

*I assume you mean 'distasteful'

Re:Obfuscated python code? by six025 · 2013-08-27 19:41 · Score: 4, Interesting · on Researchers Reverse-Engineer Dropbox, Cracking Heavily Obfuscated Python App

Sounds remarkably like security through obscurity to me. With the predictable outcome.

You have no right to feel secure if you only think you're secure assuming noone else examines your source code.

To what level do you take the paranoia, though?

As early as 1984 (hah!) it has been known that a compiler could be developed in such a way as to produce binaries containing a back door:

http://c2.com/cgi/wiki?TheKenThompsonHack

The next level is CPU microcode. Where does it end? One day we can fab our own CPUs from Open Source designs ... but will that be enough?

Peace,
Andy.

Re:Premium not enough? by Sarten-X · 2013-08-24 07:16 · Score: 1 · on Workers at Chile's ALMA Telescope Strike Over Working Conditions

Yeah, that's pretty much how it works. Ideally, a competent employee periodically goes to their boss, says "Look, I'm doing the job as agreed, but my expenses have inflated and so have our profits, so I need a bit more", and since the deal was agreeable and fair the first time around, it's still fair once adjusted for inflation, cost-of-living increases, and the employee's improved expertise. In other words, if you agreed to a fair deal when you started, you're expected to work under a fair deal until you retire*. If you didn't agree to a fair deal... you're either evil or stupid.

Striking is taking an agree deal and forcing it into something else. Once hired, the employer sank time and money into training and administration, and perhaps even some contracts they expect to fulfill. By striking, you're extorting them into agreeing to a new deal. Either they take the higher payroll or costlier benefits, or they have to take the loss of all that investment and start over.

* ...Or until it's just not possible to work out a fair deal. Perhaps you've gained more expertise than the company is willing to pay for, or perhaps your contributions toward the company's goals were less than agreed. Perhaps it was the ancillary benefits that made the original deal acceptably-fair, and those may have changed.

Re:Not sure what author of article is going for by Morpf · 2013-08-24 01:38 · Score: 1 · on The Register: 4 Ways the Guardian Could Have Protected Snowden

Even though neither I have a hat or am a security professional, let's just view it from an overly paranoid view.

There is one fundamental problem with your first idea. You assume your operating system behaves secure / sane. How could you prove it? Even though you compiled all your code by hand and read all the source code (good luck at that), how can you guarantee your compiler compiles only the code and doesn't introduce back doors? I think of two possible ways: First, it could just have a bug in the compiler, making even perfect code vulnerable. Second, it could intentionally introduce unwanted and unknown behavior. See the Ken Thompson hack for a reference. [0] In the end your only way would be doing it _all_ from scratch, software _and_ hardware.

So, I would guess you are way better off transferring the data by typing it by hand, as you suggested with the second idea. This seems reasonable secure, but quite error prone and time consuming.

[0] http://c2.com/cgi/wiki?TheKenThompsonHack

Re:MacOS secure!!!! by cybersquid · 2013-08-23 12:40 · Score: 4, Informative · on The Register: 4 Ways the Guardian Could Have Protected Snowden

I was about to post this!
Here's a link to the article: The Ken Thompson Hack

Key question for any language designer by dkleinsc · 2013-08-19 04:54 · Score: 4, Interesting · on Interviews: Q&A With Guido van Rossum

Have the prospects of Python in any way improved since you grew a beard? To what degree does language success correlate to beard length?

Re:Typical console developer rant, IMO. by OneAhead · 2013-07-14 13:49 · Score: 1 · on An Interesting Look At the Performance of JavaScript On Mobile Devices

Ahh, the quest for Uniformly Slow Code. Something the scientific programmer is deeply familiar with. Too bad there's so few people who understand.

Re:Just as intended by Ichijo · 2013-07-14 05:12 · Score: 1 · on Database Loophole Lets Legislators Avoid Photo Radar Tickets

Sounds like the implementation is a case of in-band signaling.

A breif intro by plopez · 2013-07-13 05:19 · Score: 4, Informative · on Ask Slashdot: Learning DB the Right Way; Books, Tutorials, or What?

1) SQL is not a relational database, it is an interface to a relational database management systems, e.g. Postgresql. The "NoSQL" crowd lost me in the first 10 minutes when they showed me they did not know the difference. From that point forward I had a tough time taking them seriously.

2) Date is good but a bit hard to slog through sometimes. Realize that RDBMs are based on actual Math theory. But you don't have to derive the theory so don't be afraid.

3) Normalization is import. Honestly, people talk about the "Object/Relational impedance" and I have never seen it. I have found that if you define your objects properly up front you get your DB normalization almost for free. And if you understand your data properly and do a good job at normalization you get your objects almost for free.

4) Know your database engine. RTM and try various scenarios. Have fun but only on a test instance on a test machine.

5) Know your hardware/VM system. I have found many people blame the DB engine for poor performance when poor hardware configuration is the fault. Learn how to profile.

6) Learn how to profile software as well. Everybody blames the DB engine when performance is poor when most of the time it is their crappy code.

7) Some best practices: http://c2.com/cgi/wiki?DatabaseBestPractices

Re:Rust by TopSpin · 2013-07-11 07:36 · Score: 1 · on Why JavaScript On Mobile Is Slow

* memory management is explicit [merriam-webster.com] -- what does this mean?

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management
Automatic vs. Explicit Memory Management: Settling the debate

* deterministic [merriam-webster.com] -- what does this mean?

I thought it was self evident. Here is a discussion of the matter.

* endemic [merriam-webster.com] use of a garbage collector... -- what does this mean?

Pervasive would be a better word. Languages that make garbage collected allocations for most or all things. For example in Java, aside from primitives, all allocations conceptually occur on the a garbage collected heap.

reference-counted heap objects

Reference counting: counting the number of references to an object.
Heap: an arena of memory maintained by a memory allocator. Also CPUs typically have no knowledge of how software manages heaps. You may be thinking of virtual memory
Objects: object in the generic sense of some amount of memory managed on a heap. These lecture notes show the same usage. The editors of this page also use the word 'object' in exactly the same manner when discussing pointers. It's not that hard to follow.

Putting it together we have objects on a heap for which reference counts are maintained; reference-counted heap objects.

"exchange" heap -- what does this mean?
* "local" heap -- what does this mean?

The link I provide to Patrick Walton's blog would get you there. Also, there is documentation, Sorry if discussing a new programming language involves terms you haven't heard. Computing can be like that sometimes.

(note: there is only one "heap" on most CPU architectures, so now we have added abstraction)

Now you are definitely confusing heaps and virtual memory. There are usually many, possibly thousands of heaps on a system at any given time with many distinct implementations of which the CPU is entirely ignorant. Memory allocators and virtual memory are different things.

* via an "owned" pointer -- what does this mean?

Similar to a C++ auto_ptr or unique_ptr. Again, the link I provided would get you there.

* wild pointers -- what does this mean?

Dangling pointer and wild pointer are synonomous.

Use of the exchange heap is exceptional and explicit yet immediately available when necessary -- what does this mean?

I provided a link directly to a discussion of this.

Memory "management" is reduced to efficient stack pointer manipulation -- uhh, what? the language sits around modifying content at %esp and %ebp along with some offsets? sounds far from efficient)

Incrementing a decrementing stack pointer registers is very efficient. Offsets are computed at compile time and the instructions typically require one CPU cycle and no memory access, given a naive model of a CPU. These techniques are a ancient and ubiquitous. Sorry you weren't familiar with them.

or simple, deterministic destruction -- what does this mean?

Others seem

Re:Tests can have bugs by Lisias · 2013-07-10 03:06 · Score: 1 · on HTTP 2.0 Will Be a Binary Protocol

Sarcasm aside, the question then becomes one of whether your debugging tool is correct.

Being that the reason debugging tools are carefully (and, sometimes, expensively) built.

You do this right, and everybody will be happy.

Seriously - this is a no issue. Every single compiler since FORTRAN is doing this for decades and everything works as good as the programmers using the keyboard.

Tests can have bugs by tepples · 2013-07-09 09:56 · Score: 1 · on HTTP 2.0 Will Be a Binary Protocol

Sarcasm aside, the question then becomes one of whether your debugging tool is correct.

Re: Citation Needed by narcc · 2013-07-03 07:53 · Score: 1 · on Node.js and MongoDB Turning JavaScript Into a Full-Stack Language

You claim OOP isn't defined when it is

No, I said that there was no consensus on the definition. That is true. Indeed, it's indisputable! You seem to like wikipedia, so you can check there. I did a quick google seach for you and found a few neat discussions that may be helpful for you.

, you claim it's just how closures work and C# works the same whilst demonstrating how Microsoft have fixed the very problem because it is a language problem

Pay attention. Microsoft changed how foreach works, not how for works. Your example deals with for loops. You'll find that my statement is correct.

Additionally, you should consider what a similar "fix" for the non-problem in for loops would entail, and why the behavior of for remains the same.

That's all irrelevant, however, as the problem the poster had in the example you gave was a simple misunderstanding of how closures work. It's not a language design issue.

the fact you're entirely unaware of the problems in it's equality operators shows how painfully little knowledge you have.

Pray tell, then. What are the problems? (I've explained why NaN!=NaN already. See IEEE 754 if you forgot) If you're talking about things like intransitive equality, you're just confused. You'll find identical behavior in virtually every other language. Not just those with dynamic typing -- recreate the examples you found in some blog post in Java or C, applying relevant type casts. Look at that! The behavior is the same!

Now, you're welcome to list which type conversions you find irrational, though once you look, you'll find they're all perfectly sane. It behaves exactly as you would expect from experience with your exemplar languages.

you don't understand why unnecessarily verbose code leads to more bugs

Check my post again. I agreed with that specifically. I also challenged you on Java (one of your exemplars) as it is unnecessarily verbose! JavaScript and PHP are positively terse in comparison.

I will offer, for your consideration, that unnecessarily terse code also is less readable, often leading to more bugs and making maintenance difficult.

Moving on. I find it odd that in response to evidence that directly contradicts your claims, and which support my own, you offer only bold assertion.

I asked you some very simple questions so that you could make a stronger case. (Well, to let you actually make a case!) If I'm wrong about something, I like to know. I'm disappointed that you'd rather insult me than actually discuss the issues.

This whole dialog started with your objection to some simple advice I offered another user: don't use JavaScript like it's a class-based OO language. I still don't know why you found that unreasonable, as JavaScript is prototype-based. (There's a paper you might find instructive here: D. Ungar & R. B. Smith (1987) "Self: The Power of Simplicity", OOPSLA '87 Conference Proceedings, pp. 227-241)

Anyhow, with this post I've left you with some reading and experimenting to do. Give it a go and let me know the results. I expect that you'll be unpleasantly surprised.