Slashdot Mirror

A few years ago is not now. Try writing a game running in html5 canvas.

I wrote one a few months ago for the github game-off: https://github.com/RonanL/game-off-2012
It's faster in chrome/chromium, but it's playable in firefox and opera.

I've written several tests to optimize canvas rendering. I found that chrome benefits a lot more from pre-rendering in an hidden canvas, while firefox doesn't benefit from it at all. Opera is about twice as fast as firefox for pure canvas rendering, and a little faster than chrome.

Keep in mind, I only test rendering a small (12x12px) image, and a game is a lot more than that: pure js performance is very important and not tested here at all.

Here are my test results right now (on linux, with several tabs open in chrome but only one in opera):
Chrome 24:
Draw 100k sprites: 0.551s
Draw 100k sprites in a buffer: 0.370s
Draw 100k sprites with a rotation: 2.193s
Draw 100k sprites with a rotation in a buffer: 2.145s
Draw rotate a sprite in a buffer, the draw it 100k times in another buffer: 0.427s

Opera 12.12:
0.441s
0.344s
1.964s
1.856s
0.344s

Firefox 17:
0.815s
0.892s
4.267s
3.897s
3.085s

I'm surprised no one's mentioned Google Apps Script which is basically JavaScript and can script all the Google Docs apps plus other stuff, but even better for the Sheets app use Python with GSpread: http://burnash.github.com/gspread/

Here's a Steam installer for Wheezy: https://gist.github.com/grindars/4231563. It only installs per user, not for the whole system, but so far, it works.

Try this.

Dude! Learn to gist.

Some kind soul put up this mirror on GitHub.

The project runs on Linux and on Nokia's N900 and N9 phones. I'm looking for help to port it to Symbian, Android, and iOS devices.

I recently built a decoder for EAS/SAME messages. You can read about the protocol it uses at the National Weather Service. Forget about cryptographic signatures; SAME has absolutely no concept of message integrity. There is no CRC or checksum—not even a lowly parity bit.

Of course, it's difficult to use a checksum when you can't figure out when the message ends. Most systems use some kind of flag byte to tell the decoder where the end of the frame is, but SAME doesn't even have that. The decoder has to figure out where the end of the message is by parsing it and lopping off the garbage from the end. Messages are "redundant" in that they are repeated three times, but this doesn't improve redundancy very much. SAME also depends on a voice message to convey the content of the alert, which is hardly ideal in today's environment.

But SAME does have one thing going for it: You can actually get the messages. Its heir-apparent, IPAWS, seems more heavily focused on making sure people can't get the alerts. There are no public distribution hubs—you have to have a certificate from FEMA to get any data. Even with a certificate, there is, reportedly, no data to be had. I hope they make a SAME 2.0, even if it's only for end delivery to the general public via weather radios.

I've built the EAS decoder into a new version of multimon, which is available here. It can't generate messages; it only decodes them. From the YouTube video, here is what the zombie apocalypse man had to say:

ZCZC-CIV-LAE-030077-030007-030043-030049-030059+0015-0422133-KRTV -

Please don't spoof EAS messages. The system is fragile enough without you messing with it.

I recently built a decoder for EAS/SAME messages. You can read about the protocol it uses at the National Weather Service. Forget about cryptographic signatures; SAME has absolutely no concept of message integrity. There is no CRC or checksum—not even a lowly parity bit.

Of course, it's difficult to use a checksum when you can't figure out when the message ends. Most systems use some kind of flag byte to tell the decoder where the end of the frame is, but SAME doesn't even have that. The decoder has to figure out where the end of the message is by parsing it and lopping off the garbage from the end. Messages are "redundant" in that they are repeated three times, but this doesn't improve redundancy very much. SAME also depends on a voice message to convey the content of the alert, which is hardly ideal in today's environment.

But SAME does have one thing going for it: You can actually get the messages. Its heir-apparent, IPAWS, seems more heavily focused on making sure people can't get the alerts. There are no public distribution hubs—you have to have a certificate from FEMA to get any data. Even with a certificate, there is, reportedly, no data to be had. I hope they make a SAME 2.0, even if it's only for end delivery to the general public via weather radios.

I've built the EAS decoder into a new version of multimon, which is available here. It can't generate messages; it only decodes them. From the YouTube video, here is what the zombie apocalypse man had to say:

ZCZC-CIV-LAE-030077-030007-030043-030049-030059+0015-0422133-KRTV -

Please don't spoof EAS messages. The system is fragile enough without you messing with it.

I've rummaged a bit through the sources presented on https://github.com/Khan and I could not find the source for the actual website.

How do you plan to implement support for I18N in the exercises ?

Justin.tv and twitch.tv are really the same thing, right? I've been using this to watch JTV with no flash. It could probably be adapted if the usher url was changed.

Safari users on OS X should get the ClickToPlugin extension - http://hoyois.github.com/safariextensions/clicktoplugin/

It includes an HTML 5 video player, and will play most Youtube videos (say 95%+) without even loading Flash. It will just request the same H.264 video that gets served to iPads etc and uses the native hardware decoder.

Means you can watch Youtube with about 1% CPU usage instead of your fans spinning up because Flash is doing it in software.

Anytime you really do need to use Flash, just click the placeholder to load the plugin.

Luckily, those are easy to circumvent if you just use a suitable browser.

Careful: Your ignorance is showing...

On Safari, you can install "ClickToPlugin" f/k/a "ClickToFlash" and achieve the same result as with FlashBlock on FF.

So, it seems that FireFox is no more "suitable" without a Flash-Blocker plugin that Safari, eh?

I bought an OSX laptop and successfully avoided Flash for a few months while I was using it to prepare the class I now teach. A good proportion of YouTube videos wouldn't play so I was glad at times to have another computer in the house to watch them, but mostly I didn't miss it at all.

Ultimately, though, it turned out that in order to hold online office hours at our university, I had to install Adobe Connect. That software is Flash from stem to stern. I installed Flash, and it took me a few days to get used to the surprise of animated (and noisy) ads again.

Conclusion: access to Flash is nice at times, but one generally does better without it.

Install the FREE ClickToFlash (now called "ClickToPlugin") on Safari. You can whitelist your university site, and still not have to put up with incessant (and dangerous) Flash. You can also tell YouTube that you prefer HTML 5, and it will play ALL (or almost all) videos that way.

I noticed that Gnash wasn't cutting it though for the few things I was trying to use it for (basically Youtube and the occasional stupid game).

That WAS ages ago... as you said. I see Gnash is a little CPU-hungry, but playback has been smooth for me. I don't miss Adobe Flash one bit.

There's experimental GPU acceleration in the works too.

youtube-dl

is nice too, if you don't mind the lack of streaming. I'm not actually sure why playback doesn't work on partially downloaded files.

The Fortran compiler tries to analyse the implemented algorithm and optimize these sort of things, that's where it strength lies. The same sort of compiler would be very difficult to write for Python.

Not true. Many existing Python projects already optimize array and matrix computations, building on top of the array infrastructure provided by Numpy. (e.g. NumExpr and Theano and the like.) The Blaze project is about providing a better and more general array description than what FORTRAN can easily describe (e.g. ragged arrays, variable length strings, etc.) while also supporting out-of-core processing, distributed arrays, and PGAS models. Numba is building on existing compilation approaches in the LLVM and Python worlds (including things like minivect) and targeting GPUs and vectorized CPUs.

By the way, I can say this with some authority; we use localStorage (and sessionStorage) on a mobile web app here at my work, and it works fine on my phone there.

I suggest you guys look into using store.js for a consistent interface even when localStorage doesn't work.

Porting a js library to another platform is usually trivially easy. Check out Substack's Browserify: https://github.com/substack/node-browserify. JS libraries are typically open source anyway, so even if you have some weird platform you need to run something on, you are usually free to make the modifications yourself. Most of the dominant frameworks run practically anywhere, since js has always had to think about graceful degradation. Socket.io is a terrific example. I have written substantial applications in node.js where I split my development time between my work PC (Windows) and my home PC (OSX), then it runs on a production Linux server. If I find something that does not work cross platform, I am almost 100% sure the issue is in my code, not a library. I fix it and it all works fine. That is pretty much the absolute best you can hope for in cross platform compatibility. Python is not bad either, but there are loads of Python libraries that are Windows dependent. We are talking about real modern js application development, not some random browser plugin from 10 years ago. The js community has come into its own with a lot of polish in the past couple years.

This is a stream of thought comment. I remember QBasic, and MS-DOS vividly (though I did not study them as much as my friends - and I had started with XT BIOS BASIC, BASIC.COM, and GWBASIC on an old PC XT machine), and the world now requires more training. I think that it is now best to start either by learning Python (which is relatively easy to learn and minimalistic and still widely useful and used), or by learning Perl 5 or Ruby (which are more pluralist, easier to express oneself, and less lock you into The One True Python Way). See what we wrote about it in the Freenode ##programming FAQ (which you are welcome to visit).

Anyway, there are few entry level jobs, and I think that you can try building a reputation by learning one or more of those languages and contributing to open source projects, chatting on IRC in order to learn and help, helping on mailing lists, web forums, Stack Overflow/etc. and even starting some blogs (blogs should be as specialised as possible). Some people tease me that at 35 (1977-born) I am now too old to be a programmer, but I feel that I have improved in most aspects, and have a more solid methodology and more discipline than I used to have (and also have some knowledge). I don't think it's ever too old to start or to continue because you should learn as if you were going to live forever. (See what I wrote in “Advice for the young (or the young at heart)".

Good luck!

Gosh, this makes me super happy. Coming, as I do out of the webOS environment, I think javascript is a great language for app development.

Of course I want to use a great framework like enyojs.com and I want to use closures extensively to keep namespaces separate, and I want to use any one of several math libraries to do stuff other than simple double precision arithmatic (which is plenty good enough for lots of stuff of course.) But still

http://www.leemon.com/crypto/BigInt.html
https://github.com/jtobey/javascript-bignum Scheme exact arithmetic library for js.
https://github.com/postwait/node-gmp node.js bindings for the GNU Multiple Precision Arithmetic Library.

Gosh, this makes me super happy. Coming, as I do out of the webOS environment, I think javascript is a great language for app development.

Of course I want to use a great framework like enyojs.com and I want to use closures extensively to keep namespaces separate, and I want to use any one of several math libraries to do stuff other than simple double precision arithmatic (which is plenty good enough for lots of stuff of course.) But still

http://www.leemon.com/crypto/BigInt.html
https://github.com/jtobey/javascript-bignum Scheme exact arithmetic library for js.
https://github.com/postwait/node-gmp node.js bindings for the GNU Multiple Precision Arithmetic Library.

Landon Fuller has posted a gist on GitHub with an explanation of the bug and a binary patch to the affected library.

^this. The bug is in the assert() statement itself, not in the program logic. Assuming that input validation code exists and was already run before this point, the purpose of this assert() seems to be to make sure the validator is actually doing its job properly. However, the test in the assert() itself is incorrect, since it disallows mixed case file URLs, which are valid, according to spec. Of course, if this assert() statement is his validator, then he's doing it wrong. Big time.

After trying this in every app I could think of, and failing to crash them, it turns out that this is case sensitive.

Some dude has done a more detailed analysis over on github but the long and short of it is that there is a specific check in the code for 'file://' and any other case will cause it to crash. All caps - crash. Capital F and the rest in lower-case - crash. All lower-case and a capital L - crash.

Landon Fuller has posted a gist on GitHub with an explanation of the bug and a binary patch to the affected library.

Yeah, THERE'S a good idea - apply a binary patch from some random post on Slashdot!

Landon Fuller has posted a gist on GitHub with an explanation of the bug and a binary patch to the affected library.

I was specifically criticizing Java for things other than security.

First of all, it's not genuinely free software. A freer alternative implementation, Apache Harmony, was killed off by patents. Why marry a language when there are limits, both practical and theoretical, to what you can do with it? Some of Java's security problems are directly related to Java's relative closedness and bad will with the hacker community.

Secondly, it fails both as a high-productivity language and as a high-performance / systems language. People could always build better software more productively by using a scripting language like Python or Ruby, and then rewriting performance-critical modules in C. Unfortunately Ousterhout's Dichotomy never caught on in large bureaucracies, the excuse being that they wanted one language for a balance of productivity and performance, which, with enough statistical torture, Java could be shown to be. Until recently.

Many things have changed in the last decade to make real (compiled to machine code) programming languages competitive with bytecode VM's: better platform-independent build tools, faster compilers (plus network distributed compiling), sandboxing / OS-level virtualization, etc. We've had languages like D, Go, and now Rust that would offer better productivity than Java, and should in theory eventually come closer to the performance of C. (Haskell sucks.) And the language that in my opinion currently does the best job, both in terms of syntax and performance, is Nimrod.

--libman

Reflogs aren't for history; they're just a convenient undo stack for your own use. Examining project history is pretty similar to most other VCSes. Give it a try:

git clone https://github.com/jquery/jquery.git
cd jquery
git log --stat # answers most of the questions you asked above
git show-branch -a # makes sense of merges
git show 6a82f2a # Shows everything that went into a specific commit
git checkout 6a82f2a # Check out that commit so you can explore the tree
gitk # Start GUI history explorer tool

Hashes are globally unique so if you 'git checkout 6a82f2ae63263ed9deaff9d9dcc775a2c0cde343', you are guaranteed to have the exact same tree as I do; and no matter how many weird rebases you've done, 'git log --oneline --shortstat 6a82f2ae63263ed9deaff9d9dcc775a2c0cde343 -n 5' will show the same history as I have:

6a82f2a Make sure that mousing over XUL elements results in no trigger of a mouseleave. Fixes #6013.
  1 file changed, 13 insertions(+), 16 deletions(-)
dd5c263 Make sure that live focus and blur events also bind to the regular events, to handle triggered events. Fixes #6055.
  2 files changed, 17 insertions(+), 2 deletions(-)
467063a When binding a change directly to a file input just passthrough to the normal bind. A temporary fix for #5997, needs more investigation.
  2 files changed, 13 insertions(+)
c1ac9fd Don't inject style elements using innerHTML as they will go away in IE. Fixes #5977.
  2 files changed, 7 insertions(+), 2 deletions(-)
14e1200 Added some tests to test repeated injected of scripts. Was fixed when fixing #5094.
  1 file changed, 4 insertions(+), 5 deletions(-)

Have you ever even tried Git for Windows? Right click anywhere and hit "Initialize" and you're done. It's ridiculously easy. Now that I think about it, I want to see what kind of integration I can get with Dolphin for KDE..

The argument with pi is not about taking isolated digits of it joined in the movie order. Maybe from the digit 348e^140 to 1gb after you get the bytes of a digital movie. The movie would be stored there, if i tell you the position and the length (not very different from telling you the decryption key of a file) you can get it, in fact, check pifs.

The copyright notices for Mega does basically this. For Mega is like, ok, I have pi, not the position/lenght, for me is just a lot of bytes, and i sue you because some person in the world have that position and lenght for a copyrighted work. Doesn't change the problem for this people that the movie was stored there since the creation of the universe, they just want money.

Read the GitHub EULA. They do not currently claim ownership of uploaded content. However, they claim the right to modify the agreement: " GitHub reserves the right at any time and from time to time to modify or discontinue, temporarily or permanently, the Service (or any part thereof) with or without notice. ... GitHub shall not be liable to you or to any third party for any modification, price change, suspension or discontinuance of the Service.

A classic example of a formerly open database becoming closed is CDDB, the track list database for audio CDs. Once open source, the current owner, GraceNote, doesn't even allow clients other than their own, and inserts ads. Another example is Google's takeover of the historical netnews database and closing it to full downloads.

To avoid that, it's important that creators limit the rights that some service gets merely by hosting the content. A service like GitHub could claim that as soon as someone else makes a check-in, the aggregated content becomes theirs. The GPL, which covers derived works, prevents that.

If you're forced to watch a lot of hi10p stuff (thanks, bandwagon-jumping fansub groups!) you may want to grab this patch:

https://github.com/xbmc/xbmc/pull/2064

Bandwagon? This transition has been going on for over a year now. It's not like the beginning when it was Commie and gg and nobody else.
You can always watch HorribleSubs, they're still 8-bit. Deadfish does 8-bit and hardsubbed MP4's and I'm pretty sure he uses the major groups' scripts.

You're welcome :-) These were pre-releases of Eden (11.0) and Dharma (10.0), that I originally hosted on my personal website and Launchpad while I was working on the PVR feature (see https://github.com/opdenkamp/xbmc ). When I started working for Pulse-Eight, I took the builds with me and hosted them on Pulse-Eight's servers, where I continued to work on the PVR feature and HDMI-CEC support. I've backported all these things into mainline XBMC now, and they are included in the Frodo release. The builds on http://packages.pulse-eight.net/ will be updated with Frodo builds shortly. The reason why you didn't find any builds on xbmc.org was that the feature was still under development. Pulse-Eight was created by a Team XBMC member, and there are currently 3 team members working for Pulse-Eight (including myself).

If you're forced to watch a lot of hi10p stuff (thanks, bandwagon-jumping fansub groups!) you may want to grab this patch:

https://github.com/xbmc/xbmc/pull/2064

it enables multithreaded decoding of hi10p content (and *only* hi10p, it won't enable multithreading for anything else, where it could potentially be buggy). Since there's nothing at all capable of hardware decoding hi10p at present, this is a huge boon for those of us trying to watch HD hi10p files on little media server boxes. It takes typical hi10p files from 'visibly jerky' to 'nearly perfect' on my zotac box. OpenELEC 3.0 rc2 has this patch built in, as it comes from an openelec dev; other XBMC users might want to add it to their setups.

Right now, the best thing which could happen to Perl IMO is a fork of the Perl5.

Like, say, Moe?

The Pi can run things other than Linux. If you want an RTOS, I believe ChibiOS/RT and FreeRTOS have been ported to the system, maybe others as well.

That's not a bad one, but how about doing something that combines Arduino AND Raspberry Pi? (why? Because the RPi is cheaper than an Ethernet shield for Arduino, and a hell of a lot more capable)

I just built the HeaterMeter v4.0 for Raspberry Pi to control my grill, although with a few small changes in settings you can also hook it up to a solid state relay and use it to do sous vide cooking. It's both cheaper (assuming that you count the time spent building it as recreation) and more capable than the commercial alternatives.

It looks like Ray is pursuing RPi integration for some of the advanced features it brings, like enough computing power to run a proper webserver. He mentions weather-compensating software for the OpenSprinkler, which is actually the only reason I would want to replace my existing sprinkler controller - I don't need a WiFi capable sprinkler system unless it's using the WiFi to turn it off when it's raining, just rained, or is about to rain.

Github is officially denying that the search feature being killed has anything to do with the exposure of keys. They also have a link on the same page to information on how to purge keys from your repository. (Make of that what you will.)

Max, on voxeljs.com, there are two demos which work fine but have broken source code links to go to missing GItHub pages (the first and eighth demo):
http://maxogden.github.com/voxel-engine/
http://shama.github.com/voxel-drone/

Anyway, it's been great fun playing with the demos -- especially the surprising voxel-portal one. At first I thought the behavior was a bug, and then I realized it was a feature -- wow! :-)
http://substack.net/projects/voxel-portal/

It's just amazing to think I can, as above, supply people with URLs that with one click will put them in a virtual world of some sort.

Well, assuming their browser supports WebGL well, but that will just get better over time. I downloaded Chromium just to run this since Firefox 18 had problems on my Mac with WebGL. I've tried WebGL before, but never had seen anything really compelling to use it for. Voxel.js may just be the breakthrough app for WebGL -- you and James Halliday have put together something that amazing.

Max, on voxeljs.com, there are two demos which work fine but have broken source code links to go to missing GItHub pages (the first and eighth demo):
http://maxogden.github.com/voxel-engine/
http://shama.github.com/voxel-drone/

Anyway, it's been great fun playing with the demos -- especially the surprising voxel-portal one. At first I thought the behavior was a bug, and then I realized it was a feature -- wow! :-)
http://substack.net/projects/voxel-portal/

It's just amazing to think I can, as above, supply people with URLs that with one click will put them in a virtual world of some sort.

Well, assuming their browser supports WebGL well, but that will just get better over time. I downloaded Chromium just to run this since Firefox 18 had problems on my Mac with WebGL. I've tried WebGL before, but never had seen anything really compelling to use it for. Voxel.js may just be the breakthrough app for WebGL -- you and James Halliday have put together something that amazing.

I think the summary is wrong. status.github.com seems to indicate that github's search cluster died, not that they took it down. More likely is that there was a flood of search requests for private keys at the same time and the search cluster buckled.

https://github.com/lg/murder I hope so.

Yeah, because everyone that posted a private key "compromis[ed] third party data". And it's totally not possible that some were posted for other reasons

Please, next time think before you speak.

Another example is here: https://github.com/nouh/dotfile/tree/master/ssh

This doesn't suggest github took anything down on purpose: https://status.github.com/messages.
Seems to me they were just experiencing some technical difficulties from all the people sharing those search links and having a laugh at the stupids...
I skimmed over the github site and didn't find anything that would suggest otherwise at least.
Of course I didn't read the articles because they seem badly misinformed and confuse private keys with passwords.

Example: the keys for Vagrant. Vagrant is a system for managing virtual machines for development purposes. The ssh keys are used to facilitate passwordless login. They aren't typically exposed to the outside world, and they are clearly labelled as insecure.

Some projects deal with SSH keys and include them for testing purposes: https://github.com/trolldbois/sslsnoop/blob/master/test/id_dsa-1.key

But on the other hand, you certainly wouldn't object to any gals exposing their pubic "locks"...

(Yes, there is also a nice ~/.ssh/config file, so that you also know which locks those key fits...)

I was fine with Unity and Gnome 3, liked them both. But I'm in the same boat as you -- compiz would crash and disrupt my workflow. Switched to KDE and I now have a different set of gripes and crashes, but not at the WM level. Better, but...sigh...when will it all work and have a nice integrated desktop?

Get a Mac if you want it to work. And if you want, some of the same software that runs in Linux can run in OS X too. It does come with X11. Fink installs .deb, Macports, .rpm, and Homebrew installs other packages. Apple also supports open source developers.

Falcon

FYI, youtube-dl will scrape videos from youtube, vimeo, and a heap of other sites. It's a little more work than clicking a "download video" link, but it can download when no such link is readily provided by the site. It's in the standard repositories for Debian-based distros and Macports, although not Cygwin. Dunno about others.