Slashdot Mirror

Centimetre accuracy can be achieved with Real Time Kinematic (RTK) corrections (either from a local base station or delivered remotely by some kind of long distance connection, e.g. GPRS). Neither option is free, but subscribing to a correction provider is a hell of a lot cheaper than buying your own base station.

What's `a hell of a lot cheaper'? It's possible to use a smartphone as an RTK base station. That's pretty cheap--and shorter-range Wi-Fi GPS devices are even cheaper (the most expensive part in a smartphone is the `phone' module). Even if the recurring fees to subscribe to someone else's service are technically less than the cost of cheap-o base stations, I wonder if the availability of cheap-o base stations may mean that any cost-difference is too small to matter--e.g., a single-digit number of dollars saved or spent over the course of a year is insignificant enough to `get lost in the noise'.

Surely there could be a better source for this than one blog post (I know, high UID so I must be new here.)

But linking to something like http://fedoraproject.org/wiki/Features/F16BtrfsDefaultFs or http://thread.gmane.org/gmane.linux.redhat.fedora.devel/149196/focus%3D149215 to lend a little authority might have been nice...

Cue the "PDF is a not truly free format" complaint

Considering it's Stallman he probably wrote them in Emacs in a specially compiled version of Slackware maybe with a GNU Hurd kernel.

Of course, X is never used, nor a wireless card and email is sent using Mutt or Alpine

If anyone needs the citation: http://thread.gmane.org/gmane.os.openbsd.misc/134336/focus=134979

Obviously, the main site is down, but I found this by digging around a bit. http://permalink.gmane.org/gmane.comp.video.videolan.vlc.devel/77383

Seems to have a bit more than that: Olson posted the original draft to the tz list last October. He seems to be carefully not taking a position, but the fact that he posted it means that he hasn't dismissed the IANA proposal out of hand (and that he was right in expecting it to take a couple of years for them to get something organized and transitioned, since it apparently took a year to get a concrete proposal from anyone).

I think they have some time to deal with it. The only thing I can find that substantiates this is an old post:

http://thread.gmane.org/gmane.comp.time.tz/2822

I think I can speak for all software developers in expressing a certain amount of disappointment that we were practically one guy-hit-by-a-bus away from switching everyone to UTC once and for all and we missed our chance. =)

I don't mind if you're not going to bother making a port to Linux, but to not even bother to understand what people are asking and instead resorting to profanity shows these guys are a bunch of closed-minded dicks.

I couldn't agree more.
Those damn dicks didn't even bother to look into my suggestion of rewriting the game in lisp and bf and/or port it to MSX,C64,TI89 and TDS220.

The thing is that random people on internet making requests is so common that there is no way to research everything that is suggested.
It is very easy to become irritaded and respond to suggestions like like this.

The newest version also groups by session

The newest version also groups by session

Posts like this make me wish I had mod points and could repeat-cast them for the same post. +1 True, +1 Informative, +1 Interesting, +1 This makes me want to cry. C++ is an awful language. If you haven't seen this, I think you'll appreciate this rant by Linus Torvalds.

I'm aware of the Linux kernel, I also think it could be a lot better/safer if a bit of C++ was allowed into it. The only reason it's 100% C is because Linus doesn't really grok C++ (he's demonstrated this quite clearly in his anti-C++ rants).

I'm guessing you are referring to things like this.

I more so have a feeling you might not have understood where he is coming from in regards to that. Obviously his background is programming from a system-level design, and designing things the ground up for their designated purpose.

This tends to lead to not liking abstractions where none are necessary, yes some of the higher level abstractions can be convenient, but also ill suited to the specific task as opposed to writing something yourself, and can cause potential bottlenecks.

In linus' view, it does not matter if something requires more effort or oversight in regards to code so long as architecturally it is better, individual bugs come out over time as they do with any significant project.

Whoa calm down! It doesn't matter if Linux actually infringes or not, corporations will still be leary about adoption as long as there are claims out there that it does. That it is the exact definition of encumbered, the adoption of Linux is impeded by a heavy load, that being the bad publicity from the SCO and Microsoft/Novell fiascos.

Do you remember this issue, when there was a BSD driver that was included in Linux and was re-licenced as GPL by mistake? Or how about this one, where the OpenBSD project stripped the comments from a GPL'd driver and re-licensed it as BSD? Obviously there are some copyright issues slipping through the cracks even among the different OSS projects. Since Linux has so many contributors from so many different places, it is easy for a company to start spreading claims that one piece, somewhere, might be infringing.

As soon as the corporate lawyers get wind of that kind of thing, they'll push to avoid adoption and to migrate solutions away from Linux. Look at the Unisys LZW patent in GIF files or the Fraunhofer patents in MP3 files. Companies were panicking because they might have an MP3 stored somewhere, without any understanding of the actual issue.

Either the links weren't in TFA when the submitter posted this or they were too lazy to follow them.

there's a list of changes here.

Generics seem pretty straightforward to me, even the "? extends Whatever" syntax. Maybe you could give some concrete examples as to the problems with generics. The only problem right now is that type erasure makes arrays of generics impossible. Hopefully they'll fix that with the next revision.

Here's an example of how complex it can get. Extract:

The problem is that the entrySet() method is returning a
"Set<Map.Entry<capture-of ? extends K, capture-of ? extends V>>",
which is incompatible with the type "Set<Map.Entry<? extends K, ?
extends V>>". It's easier to describe why if I drop the "extends K"
and "extends V" part. So we have "Set<Map.Entry<?, ?>" and
"Set<Map.Entry<capture-of ?, capture-of ?>>".

The first one, "Set<Map.Entry<?, ?>>" is a set of Map.Entries of
different types - ie it is a heterogeneous collection. It could
contain a Map.Entry<Long, Date> and a Map.Entry<String, ResultSet>>
and any other pair of types, all in the same set.

On the other hand, "Set<Map.Entry<capture-of ?, capture-of ?>>" is a
homogenous collection of the same (albeit unknown) pair of types. Eg
it might be a Set<Map.Entry<Long, Date>>, so all of the entries in the
set MUST be Map.Entry<Long, Date>.

Btrfs will be the default filesystem for MeeGo:

http://article.gmane.org/gmane.comp.handhelds.meego.devel/1510

Incidentally, R does not really support 64-bit integers, either. http://permalink.gmane.org/gmane.comp.lang.r.devel/17281

I'm more enthused by their upcoming Masturbating Monkey release in October.

Is it the one where DJB pretends bugs don't exist for years by handwaving them as user error?

Do you have a citation for that?

I know of exactly one DJBDNS bug:
djbdns<=1.05 lets AXFRed subdomains overwrite domains

Afaik that bug was acknowledged (and paid for) rather quickly.
As a happy djbdns user I'd be curious to learn about other bugs that I've missed?

How the fuck is nvidia better with linux when they actively fight against the developers and refuse to release docs??

AMD/ATI has released full docs.

Are you one of those who trust the vendors?

Here's a good example of trusting vendors and their closed source: http://permalink.gmane.org/gmane.os.openbsd.misc/170601

Either way I fail to see how the difficulty of initially implementing Ogg Theora is related to continuous use of the existing implementation.

Willful ignorance is always the worst kind...

Old codecs are old, obsolete. Theora is having difficulty competing for mindshare with H.264/AVC, while when the project was started, H.264/AVC didn't yet exist... And that's just one of many issues against it...

Just a couple quick refs:

http://thread.gmane.org/gmane.comp.video.mplayer.user/20452/focus=20505

http://thread.gmane.org/gmane.comp.video.mplayer.user/45082/focus=45126

Either way I fail to see how the difficulty of initially implementing Ogg Theora is related to continuous use of the existing implementation.

Willful ignorance is always the worst kind...

Old codecs are old, obsolete. Theora is having difficulty competing for mindshare with H.264/AVC, while when the project was started, H.264/AVC didn't yet exist... And that's just one of many issues against it...

Just a couple quick refs:

http://thread.gmane.org/gmane.comp.video.mplayer.user/20452/focus=20505

http://thread.gmane.org/gmane.comp.video.mplayer.user/45082/focus=45126

From my experience with Paypal this will be an outright desaster for many people. You can't get a hold of any human being through their shit telephone system. There is nothing except pre-fab email replies. They lock accounts for no apparent reason and refuse to explain themselves. They steal money from their account holders by blocking accounts and not creating opportunities to dispute that. They've stolen money from foobar http://www.foobar2000.org/, the Xorg Foundation http://permalink.gmane.org/gmane.comp.freedesktop.xorg/42548 and as we all clearly see Wikileaks http://www.techdirt.com/articles/20100124/1846137886.shtml

Paypal is a lame excuse of an idea that went right of the window. They try to act like a bank but don't take the responsibility that comes with it. They screw several countries out of taxes because they're situated in Liechtenstein (at least for Europe) which doesn't pay anything. They provide the service of adding another layer of menu forms to a credit card purchase. They don't provide actual added value to most resellers and are currently used as an extortion tool for Ebay customers. On top of that they are a major target for phishing and skimming attacks, cross site scripting and abuse.

Who in their right mind would do business with them? Oh I forgot you have to. In case you've wondered I've had my share of problems w/ Paypal. They refused to let me balance my PP account from my bank because they are too fucking stupid to get a non-automated verification system for new bank accounts. So while my account was in transfer because of a merger they send the "verfication" (a ridiculous transfer of random cent values) to the wrong sort code and subsequently refused to correct their mistake or let me (who had done nothing but provide them with updated proper bank data) verify the account any other way. In short: Paypal sucks, I've closed my account there and won't be coming back. Ever.

If that is the kind of servce they provide to their paying customers imagine how brilliantly developers will find working w/ them.

Hi pot, enjoying calling the kettle black? Nice to see you criticizing people for "poor" research when you hardly done any yourself.

(a) Gentoo has no versions. Nor cutesy names like Ubuntu. It is a source-based distro and everything is compiled on installation so doesn't need this careful versioning nonsense.

(b) Speaking of Gentoo, this topic here has already had a nice long discussion on the Gentoo mailing list. In fact I dare to venture this is where the author of the article got his ideas. If you want data points: this thread has quite a few more.

(c) It is not just one version of fdisk on some backwater 15 year old distribution. On most modern distributions (check the fdisk man page yourself) fdisk defaults to aligning on cylinder boundaries. And it will complain slightly if you make partitions not beginning or ending on cylinder boundaries. The fault, however, really is two fold: one is historical, which we cannot do anything about, and the other is the fact that these new drives are effectively lying to the operating system about their disk geometry for the sake of "interoperability" with Windows XP.

There is an excellent thread talking about how recent (2.6.31+) linux kernels try to report the underlying hard drive architecture (found via the OSNews comments). Alas, it looks like some of these drives are not reporting this data correctly and thus automatic adjustment (at partitioning time) is not taking place. It looks like in the future rather than trying to do detection by reported capability fdisk (and hopefully gparted) will default to sectors of 1MiB if the topology can't be found by default (unless your media is small).

Additionally, I gather that recent Fedoras will try to adjust things like LVM to match larger sectors too. Hopefully whatever is laying out LVM will also be fixed too.

Coincidentally, it looks like Oracle have a very committed dev trying to make this stuff work by default...

There is an excellent thread talking about how recent (2.6.31+) linux kernels try to report the underlying hard drive architecture (found via the OSNews comments). Alas, it looks like some of these drives are not reporting this data correctly and thus automatic adjustment (at partitioning time) is not taking place. It looks like in the future rather than trying to do detection by reported capability fdisk (and hopefully gparted) will default to sectors of 1MiB if the topology can't be found by default (unless your media is small).

Additionally, I gather that recent Fedoras will try to adjust things like LVM to match larger sectors too. Hopefully whatever is laying out LVM will also be fixed too.

Coincidentally, it looks like Oracle have a very committed dev trying to make this stuff work by default...

The initial change was discussed in public - on the PackageKit mailing list - and implemented over a year ago.

Let's be clear here. They discussed modifying PackageKit to allow an administrator to create such configurations. Nowhere in the entire thread did anyone mention "Oh by the way, let's also make this the default configuration for the F12 release."

Don't believe me? See for yourself.

I think that is the next release of OpenBSD.

I knew as soon as I read the headline here that this article would be jumped on by numerous "alsa is fine on it's own", "Why not OSS" and "PulseAudio is buggy blah blah" type posts but I didn't think that even the general slashdot hordes were that ignorant about what the hell PA is all about. I was sorely mistaken.

PulseAudio is very little to do about "networked audio" which everyone and their dog seems to use as an example to reason "I do not need networked audio, therefore I do not need pulseaudio". It's just ignorance in the extreme.

PulseAudio as an architecture is fast becoming the defacto standard on Linux, companies such as Intel, Nokia and Palm are putting significant resources into PA just now.

OSSv4 or older flavours simply does not have the API to deal with a modern linux desktop, plain and simple. We can maybe get some of the more userspace stuff such as bluetooth or airtunes support (the support for which I added to PA myself) using some kind of CUSE support but that's only just landed in the kernel just now, and it really wouldn't be a proper solution (and guess what? it would need a daemon running anyway!!)

As a PA developer and supporter, I've written up various articles explaining what PA is all about before and posted similar comments to mailing lists etc.
You can read some of them here:
http://colin.guthr.ie/2009/08/sound-on-linux-anti-fud-calm-certainty-and-confidence/
and
http://thread.gmane.org/gmane.comp.kde.amarok.devel/15356

I'll outline some of these things here to save you killing my poor server!

More and more audio device *are* network based. Apple Airport Express devices are pretty popular these days. I have two bluetooth headsets and my hifi system also support bluetooth connections and my Playstation 3 supports uPNP. So lots of things relating to network Audio are popping up (which is nothing to do with pulse->pulse network connections which is arguably a toy, even if I do personally use it a lot!). I don't think these should be ignored. PulseAudio supports all of these devices right now (although I've not had time to try the uPNP stuff on my PS3 specifically so don't quote me on that!)

In addition, rights access and management is a big issue. Today any modern linux desktop uses console kit to keep track of user sessions. When you switch from one user to another, console-kit ensures that the currently "active" user session is set to inactive, and it triggers udev callouts to remove the currently active users ACL on the /dev/snd/* nodes. (I seriously hope no one adds their user to the "audio" group these days!). This allows a new user to log in and get access to the sound hardware because they are now the "active" user. Switching between the two sessions triggers these ACL rewrites. Something has to manage this in applications so that they don't just bail out with EPERM errors. The sound has to go to /dev/null automatically without the application being aware of what is going on. Perhaps it can cork/uncork applications that listen for such signals so that music is paused etc. This is something that cannot be done without some kind of userspace daemon handling things.

Then on to power consumption. What most people quite often fail to realise is that Latency is Good. If you can pump 20 seconds worth of audio into a buffer and then switch off until you're woken up 19.5 seconds later then this is great for power consumption. You need to disable hardware interrupts and use kernel level timing constructs to deal with this, and automatically reduce your wakeup time on the event of an underrun to reduce the likelihood of a future underrun occurring. You also have to have accurate timing information reported such that a/v applications can handle things like lipsyncing etc. (and remember that hoping for a low latency audio output is

The impression I've gotten from reading various past "Con threads", is that while he tries in the beginning, Con doesn't deal well with this process; he can't keep his ego submerged, gets frustrated, and everything (perhaps including Con himself last time I read one of these threads) ends up unravelling.

Agreed; Con seems not to be able to work well in the process.

e.g. Ingo ran a bunch of benchmarks on BFS and made a long post to LKML explaining his results, that, while critical of its performance on a series of benchmarks, bent over backwards to be very polite in tone, with things like:

First and foremost, let me say that i'm happy that you are hacking the Linux scheduler again. It's perhaps proof that hacking the scheduler is one of the most addictive things on the planet ;-) ...

General interactivity of BFS seemed good to me - except for the pipe test when there was significant lag over a minute. I think it's some starvation bug, not an inherent design property of BFS, so i'm looking forward to re-test it with the fix. ...
I hope to be able to work with you on this, please dont hesitate sending patches if you wish - and we'll also be following BFS for good ideas and code to adopt to mainline.

And Con responded with a very defensive and confrontational tone:
I'm not interested in a long protracted discussion about this since I'm too busy to live linux the way full time developers do, so I'll keep it short, and perhaps you'll understand my intent better if the FAQ wasn't clear enough.

Do you know what a normal desktop PC looks like? No, a more realistic question based on what you chose to benchmark to prove your point would be: Do you know what normal people actually do on them?

Feel free to treat the question as rhetorical.

Full exchange here:
http://thread.gmane.org/gmane.linux.kernel/886319

I hope you guys are following this interesting conversation
http://thread.gmane.org/gmane.linux.kernel/886319

The kernel developers enjoy breaking modules that aren't part of the kernel tree just to punish developers who write them; that fact is so obvious that regular contributor Alan Cox dubbed it the war on binary modules and Theodore Tso commented on how they even target open-source solutions with that tactic. I lose a virtualization software package or two quite regularly when trying to upgrade kernels, even when said packages are open-source like Virtualbox (example). The only solution that will work is to push the kernel developers to accept the modules everyone is working on.

Yes, he can be pretty abrasive. Consider this: http://thread.gmane.org/gmane.linux.kernel/701694/focus=706950

Security people are often the black-and-white kind of people that I can't
stand. I think the OpenBSD crowd is a bunch of masturbating monkeys, in
that they make such a big deal about concentrating on security to the
point where they pretty much admit that nothing else matters to them.

(emphasis mine)

More information is available from the NANOG (North American Network Operator's Group) list: http://comments.gmane.org/gmane.org.operators.nanog/65992 .

Excerpt:
"
Fisher Plaza, a self-styled carrier hotel in Seattle, and home to multiple
datacenter and colocation providers, has had a major issue in one of its
buildings late last night, early this morning.
The best information I am aware of is that there was a failure in the
main/generator transfer switch which resulted in a fire. The sprinkler
system activated. From speaking to the fire battalion chief, I am under the
impression that Seattle Fire did use water on the fire as well, but I am
unsure of this.
"

(Btw: Water + Lots of electricity = not good. I bet the electricity got turned off.)

I would copy and paste the rest with reference, but people are posting more details as they come.

1995 called. It wants its flamewar back.

But seriously. In another thread earlier today, I came across this gem from RMS in 2007. Even more hilarious is the response to his message with an "ASCII Ribbon Campaign" banner at the bottom of his message. Hadn't seen one of those in nearly a decade.

The article gets it right in saying it is a "suggestion box." All we can do is suggest to our rulers what we want them to do: they still get to decide. This is still not democracy. It's barely even a democratic republic.

If you want real democracy, please consider joining the Metagovernment project which is a collective of projects working to make governance a truly open system for everyone.

Also, consider attending Participation Camp. The virtual meeting started this morning, and there will be a brainstorm session tomorrow morning (1500GMT, ie 11:00 AM Eastern).

Knowing that F# came out of Microsoft Research and that some other .NET code has been released as free software by Microsoft in the past, I was hoping that the F# compiler would be free software too. Sadly this is not the case - at least as far as the licence in fsharp.zip here is concerned; it's distributable for non-commercial use only. So while F# looks very interesting, for now it's something of a Microsoft lock-in, and I won't be adopting it because it removes the possibility of porting to Mono.

Don Syme said, and more recently confirmed, that F# will be released under MS-PL (effectively a BSDL with patent clause) for the VS2010 release - it's only "shared source" currently because it is still in beta.

He presents three common cases for 'quickie' file modifications:
-Modify-in-place. Yes, this logically cannot be expected to leave the content intact in an unexpected interruption. You ask the OS to blow away data, then send it new data, there is a logical indeterminate state in the middle where doing things in the order you specified leaves you exposed.
-Write new file, use rename, using fsync to ensure a low exposure of data. This forces data to disk so it's coherent.
-Write new file and then use rename without fsync:
*This* he claims should easily be expected to corrupt the contents. I take issue with this. The fact that this occurs is because ext4 commits the rename out-of-order ahead of the data commit. I don't understand why the rename operation cannot also be delayed until after the data has been written out. I've seen several people ask 'I don't care that the change happens *now*, but I want the changes to occur in the order I specified', and thus far have seen Ts'o miss that point (intentionally or unintentionally). I have not read any explanation of why changing hardlinks should logically be an operation to jump ahead of pending data writeout. I could be missing something, but I'm not the only one with these questions.

fsync gives a relatively expensive guarantee above and beyond what people require to behave sanely. He says its inexpensive 'now' relative to the past. However, 'now' in this context only applies to ext4 users and thus the operation degrades other filesystem performance and fsync remains an expensive operation relative to not doing at all.

In terms of the general attitude of filesystems shrugging off data consistency so long as their indexes are intact, I find myself agreeing with Torvalds' comments on the debacle:
http://thread.gmane.org/gmane.linux.kernel/811167/focus=811700

But I have looked it up.

So far what I've seen can be summarized by: http://article.gmane.org/gmane.comp.encryption.general/5154

And that says:

"It was pointed out in the questions that another reason for concatenating
hashes is not to try to increase the theoretical security, but for
practical considerations in case one of them gets broken. This is
probably why SSL, for example, used MD5 along with SHA1. That is still
a valid reason."

Thus I'm still not sure that one would be better off using a single X bit hash, than two different smaller hashes of half the size.

So if you do have better info, it'll be good if you could share it.

Really stupid question (not a cryptographer), but is there anything wrong with using multiple hash algorithms (hopefully none derived from one another)? Surely breaking two or more hashes simultaneously would be far harder?

E.g., MD5 is broken. But what if we use both MD5 and SHA-1?

Unfortunately not; once you've broken the strongest hash, the rest can be broken in polynomial time.

http://article.gmane.org/gmane.comp.encryption.general/5154

According to project leader Chris Mason the development of btrfs will continue:

Just a quick note about the recently announced purchase of Sun by Oracle. This does not change Oracle's plans for Btrfs at all, and Btrfs is still a key project for us. Please, keep your btrfs contributions and testing coming.
http://article.gmane.org/gmane.comp.file-systems.btrfs/2880

Working on the Metagovernment project, I made this technical analysis of online voting:

We emphasise making decisions by coming to consensus and synthesising proposals rather than deciding through a majority vote. This may be impractical and idealistic if put to the extreme. It has been shown practical in small scale open source projects. Even if it isn't possible to reach consensus for every decision, the fact you are forced to decide on something with a vote raises a flag that something is wrong and that there is the possibility of discrimination against a minority.

In any voting scheme there are some criteria to be considered. I've taken the voting principles used in Germany as a basis (Grundgesetz Artikel 38 Â 1).

Voting must be open, direct, free, equal and secret.

Open means anybody must be allowed to vote. Direct means that the decision isn't made through intermediaries. Free means that no pressure may be exerted on the voter to vote against there will. Equal means that every vote has equal weight. Secret means that nobody should be able to determine how an individual voted.

For each of these there are some considerations for online voting.

Open: Using computers to vote may be discriminatory against those who aren't comfortable with them. On the other hand it may increase participation, by making voting easier for those that are comfortable and for people with disabilities.

An exception to this principle is made for people under 18. The intent is for the electorate to have a certain degree of experience. The system would be much more open though, if anybody could participate based solely on merit.

Direct: Representative democracies are by definition indirect, so you could argue, that in spirit Artikel 38 is being violated with the current system. I think it was mainly introduced as a reaction to the electoral collage in the US. Online governance has great potential to do this principle justice.

Free: I can't think of any system that can guarantee this other than a voting booth in a public venue. By voting on the Internet from any computer the risk is introduced of a third party having control over that resource and forcing the voter to vote a certain way.

I think this problem is inherent an haven't been able to come up with a solution in the few years I've been thinking about these systems. I can only find a partial justification that in a civilised society this should be a statistically insignificant problem.

Equal: No difference as far as I can see.

Secret: I could talk for hours about this but the best solution I've seen so far tries to limit the number of parties you have to trust to as few as possible. And even that system relies on Public-key cryptography, which due to a lack of understanding and thereby transparency may not be trusted by every voter, even if they trust the one party they are sending their votes to.


Considering all the problems with online voting, my conclusion is that we should reconsider voting not as a binding for decisions, but as an indicator for the direction the community wants to take, so that gradually consensus can be reached.

The entire thread can be found here: http://thread.gmane.org/gmane.politics.activism.metagovernment/1048/focus=1056

Unfortunately, Adobe Reader is currently the only PDF viewer that can be consistently counted on to render all PDF files properly.

Here is one example:

http://article.gmane.org/gmane.linux.redhat.fedora.general/336357

Mirror for the thread:

http://thread.gmane.org/gmane.linux.kernel/811167/focus=811699

Linux supports booting using TPM. Sort of.

I got recently involved in a flame-war on grub.devel mailing list then I offered to add TPM support to the mainline GRUB2 - http://article.gmane.org/gmane.comp.boot-loaders.grub.devel/9367

Since I'm one of the admins who's enjoyed having an vulnerability-free djbdns installation for years, I thought I'd look more into the vuln.

Say what you will about DJB, other than being seemingly ornery he appears to be forthright and focused on correctness. In under a week he confirms the vuln and posts a patch and awards the security guarantee money. This is the kind of behavior I want from the people who build my software. http://article.gmane.org/gmane.network.djbdns/13864

Here's the bug:

If the administrator of example.com publishes the example.com DNS data
through tinydns and axfrdns, and includes data for sub.example.com
transferred from an untrusted third party, then that third party can
control cache entries for example.com, not just sub.example.com.

How many of you are running domains like this? It's not something I need to bother patching for. Ah, I guess that's another great thing about the relative rarity of bugs. If one is found it's less likely to be relevant for your particular situation.

The article submitter says:

"Anyone using djbdns is strongly encouraged to patch their servers immediately."

I think "anyone" is a bit strong here.

There's a thread up on gentoo-dev warning about one such compatibility issue. bash-4.0 is apparently in the Gentoo tree already (I've not actually checked) but is and will remain for the time being hard-masked.

The compatibility issue in question is escaped semicolons in subshells, apparently done either as part of the new case expansion stuff (suggested in-thread) or for better POSIX compatibility (suggested by the new features list in the release announcement), but it's backward incompatible with enough ebuilds/eclasses/etc to cause Gentoo problems, thus the keeping it hard-masked until the issues are worked thru.

Here's a link to the thread as seen on gmane:

http://comments.gmane.org/gmane.linux.gentoo.devel/59774

I can understand the advantage of using distributed version control. But given all the Haskell people involved (who came in via Pugs) I'm surprised they went with Git vs. Darcs.

Does anyone know if speed is as large of an issue as it is for Linux kernel or was there another reason?

Actually, you might not know this, but the Haskell folks already moved over to git from darcs a while ago. They were having scalability issues and did a 6 month survey to determine which distributed version control they should go with and determined that git was the best of the breed. Here are the links:

1. Announcement: http://article.gmane.org/gmane.comp.lang.haskell.glasgow.user/14819 [gmane.org]
2. Comparisons: http://hackage.haskell.org/trac/ghc/wiki/DarcsEvaluation [haskell.org]

Then Linus must have joined Salman Rushdie in hiding after this rant:
http://thread.gmane.org/gmane.comp.version-control.git/57643/focus=57918

Judging from this post, it looks like the changes involved support for mixed Windows/Linux calling conventions on x86-64 (i.e. specifying on a per-function basis whether to use the Windows or Linux calling convention).

Check out Groovy! It has some neat features which is on par with LINQ

Here it's done in Groovy: http://permalink.gmane.org/gmane.comp.lang.groovy.user/5526

Here it's done in LINQ: http://weblog.infoworld.com/udell/2005/09/28.html#a1310