Slashdot Mirror

Oracle cloned Red Hat Enterprise Linux (RHEL), RHEL contained GNU Classpath, Oracle distributed GNU Classpath without problems before buying Sun

--ZFS is much more flexible with mirrored pairs. Build a 5- or 6-disk RAIDZ2, and you have to add the same number of drives ( with the same capacity, e.g. 6x1TB + 6x1TB ) to double the RAID capacity properly and keep your I/O throughput sane.

--However, if you start with a mere 2-disk mirror, you can keep adding mirrored pairs much more easily. Example: Start with 2x1TB WD RED NAS drives in a mirrored pair. Create a mirrored zpool with both disks. You start with ~1TB of redundant mirrored storage, with ~2x the speed of 1 drive for read operations since ZFS can pull blocks from either disk.

--Now add another 2x1TB mirrored pair to the zpool (there are plenty of articles online on how to do this, but I will refer to the official docs):
http://docs.oracle.com/cd/E192...

--Wait for resilver to complete: ' zpool status ', and now you have a RAID10 with ~2TB of redundant writable space. You can't survive losing *both* disks in a given mirror "column", (SO BACKUP!) but you *could* lose 1 disk from either mirror set and still be up and running with a "degraded" pool.

--Keep the drive sizes reasonable, and recovery time will be minimized since ZFS only has to resilver the "used" blocks in the filesystem, not the whole disk. (Another big advantage over RAID5/RAID6.)

--Caveat: You can't "shrink" the pool without destroying it and recreating it, but overall that's pretty easy to get used to once you consider all the benefits of the filesystem. Plan your pool capacity accordingly, and allocate entire GPT-labelled disks to the pool. You can expand on-the-fly with negligible "downtime" -- (the pool is still quite usable, but I/O operations will slow down the resilvering.)

Just because the judge and jury don't know what an API is now, doesn't mean they can't understand it, given a good explanation. An API has to do with code. Show them some code.

If I were explaining an API to them, I would say that it's mainly a set of commands for certain tasks. If a Java programmer wants to instruct a Java program to do one of those tasks, then he/she must type in the corresponding command. (A "set of commands to type" is easier to understand than "set of rules", "interface" or "contract".) There is more to the API than commands - there are data values (ex: Math.PI), and the way that the API is divided into classes, interfaces, and packages. But mainly programmers care about the commands.

I would go to https://docs.oracle.com/javase.... I would show the judge and jury the Math.random() method description, and briefly go over the description.

I would keep the description of Math.random() up on one screen. On a second screen, I would show them the source code of a very simple Java program that calls Math.random(), and then prints the random number. I would point out the line in the program that contained the call to Math.random(), and say, "See, that's an example of using the Java API method that you see here on the first screen".

I would say that we don't know how the Java program determined the random number. We don't have to know. We just have to know which command in the API to use.

They'd be able to understand that.

OpenZFS was forked at version 28. Oracle has put out 5 versions since then, the most notable feature being native encryption. I wouldn't call it a standstill, but I wouldn't call it blistering speed either

https://docs.oracle.com/cd/E23...

If we're using the full desktop DVD .iso file for Ubuntu 16.04 (amd64), and not the Ubuntu Core, Server, or netinstall images, then it's 1.4 GB.

Slackware 14.1 is 2.4 GB (source: http://www.slackware.com/getsl... )
FreeBSD is 2.7 GB (source: ftp://ftp.freebsd.org/pub/Free... )
Solaris 11.3 is 1.4 GB for the USB (source: http://www.oracle.com/technetw... )
Devuan beta is 4.36 GB (source: https://files.devuan.org/devua... )
Fedora 23 Workstation is 1.4 GB (source: https://getfedora.org/en/works... )

Depending on what you mean by "clean shutdown", you should just have to do some RBAC setup:

Edit /etc/security/exec_attr and add the following profile:
exec_attr:Shutdown:suser:cmd:::/usr/sbin/shutdown:uid=0;gid=1

Add this profile to /etc/user_attr
yourusername :::: profiles=Shutdown

Then your user can shutdown with /usr/bin/pfexec /usr/sbin/shutdown

Instructions taken from here.

As to the more general topic, all major OSes operate on the "Principle of Least Privilege", which in this case means discouraging casual use of the superuser account, or disabling it entirely. With apologies to Twain, "Suppose you were logged in as root all the time, and suppose you were an idiot. But, I repeat myself."

How many unique English tweets are possible? How long would it take for the population of the world to read them all out loud?

Even with only 140 characters, there are *a lot* of possible English phrases.

And what if you tried to store them all for future reference? You'd end up boiling the world's oceans.

Your complaints seem to match my experience, though it might be that we use the system differently. Fedora was great for breaking changes, but RHEL (CentOS in my case) is generally rock solid. Yes, newer stuff can take a while to get supported.

The main reason I wanted to reply is that there is a fix for your problem with the kernel updates switching back to the default kernel. Unfortunately I'm not sure it's covered in the RH documentation, but if you were to change the value of the DEFAULTKERNEL setting in /etc/sysconfig/kernel to your alternative package name (kernel-lt to use your example), grub should continue to use the kernel you want when yum updates the kernel. Oracle actually documents this for people who want to change from the their UEL kernel to the Red Hat kernel: https://docs.oracle.com/cd/E37...

Just consider that running Applets/JWS is just like running a desktop application. Forget about the security manager and its setting in Applets/JWS. Just assume an "allow all" configuration.

Then, there is still a use for Applets/JWS when you trust the provider as you would trust him to install a desktop application coming from him. Code signing and signature verification is available in both cases. From that perspective, you can still deploy your desktop application through JWS if you wish without any additional security threats for your users compared to a desktop application.

Basically, it seems that the security manager is broken, assuming an "allow all" configuration makes running JWS no less secure than running a desktop application.

https://docs.oracle.com/javase...

18 years later and /. still allows nonsensical titles on its front page.

Java is a bloody language, not a thing that breaks your computer.

Overview

Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Description
Per http://www.oracle.com/technetw... 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.'

Java is mostly used as a language and runs on server side JVMs, not in people's browsers.

Oracle, however, is a piece of shit company and its incompetence is legendary, it is a truly sad situation and as I wrote years ago, I bet the likes of IBM and Google are sorry now that they didn't manage to buy out SUN's assets before Oracle did.

Your problem then is not the deprecation of the plugin, your applications will not run either with today browsers and Java 8. I am talking about people using current Java and the plugin. An extension can generate a JNLP file with the applet-desc element and make your applet run outside the browser. Hey current plugin allows you to use JNLP already to describe the applet and when running move the applet outside the browser window, on a different process.

If the applet is interacting with the HTML document, there you are out of luck, but many applets used to manage devices, are just a full page applet, and many of them can run as a JNLP applet.

A different ORACLE_SID indicates a different instance. It's not because you use the same binaries that you're actually running two databases in the same instance. You can also install 2 instances of SQL Server on the same machine (few people do it since it's useless), and if you use the same version they will share binaries, but with SQL Server each instance can host many databases. Same for MySQL, Postgresql and others. One database engine, one service instance, multiple databases.

What Oracle is bragging about in 12c, it's been there in SQL Server and others for decades. The fact that it's "pluggable" means nothing.

Look at the docs for SQL 2005 (can't find link for older):

The data and transaction log files of a database can be detached and then reattached to the same or another instance of SQL Server. Detaching and attaching a database is useful if you want to change the database to a different instance of SQL Server on the same computer or to move the database.

https://msdn.microsoft.com/en-...

And now for Oracle 12 (PDB = the database, CDB = the instance):

By design, you can quickly plug a PDB into a CDB, unplug the PDB from the CDB, and then plug this PDB into a different CDB. The implementation technique for plugging and unplugging is similar to the transportable tablespace technique.

https://docs.oracle.com/databa...

They just use "plug" instead of "attach/detach" to make it easier for their bullshit marketing people to make it look like innovation.

Wrong. To have more than one database you had to install multiple server instances. That's not the same thing at all.

Most RDBMS supports 4 levels before getting to the data: database, schema, table, column. Up until that new "multi-tenant" technology in Oracle 12g, there was only 1 database per instance (the database and instance names were basically the same thing) in Oracle, and as far as I know that's the last major RDBMS to get that "feature" (and it's obscenely priced, of course).

The multitenant architecture enables an Oracle database to function as a multitenant container database (CDB).
A CDB includes zero, one, or many customer-created pluggable databases (PDBs). A PDB is a portable collection of schemas, schema objects, and nonschema objects that appears to an Oracle Net client as a non-CDB. All Oracle databases before Oracle Database 12c were non-CDBs.

https://docs.oracle.com/databa...

Uh, no, the likes of mahrens and ahl and borisp were not laid off, they exited from the Oracle mess when they had the chance.

Also, while openzfs is doing very cool stuff, so are some of the Sun team that is still at Oracle. Roch Bourbonnais even blogs about it in the same way he has for years, with only the domain name being and company logos being different. Read the last few entries @ https://blogs.oracle.com/roch/ . Innovative and interesting stuff from Oracle, integrated and in service before OpenZFS equivalents (e.g. persistent l2arc, compressed arc), or even without any OpenZFS equivalents in the pipeline (e.g. linear time resilvering), and in ways very different from what OpenZFS has been thinking (e.g. reARC project).

The sad thing is that what Oracle's doing is not open source, because, frankly, spending a few minutes with their free-to-try latest systems should convince you that the performance benefits are readily apparent for almost any workload.

The bright thing is that OpenZFS, while going about things very differently, has also made some great strides in performance and utility since v28.

Oracle have long insisted that a system's physical cores be licenced.

"Using IBM processors in TurboCore mode is not permitted as a means to reduce the number of software licenses required; all cores must be licensed." - http://www.oracle.com/us/corpo...

It's been possible for at least a decade to disable cores at BIOS level in an x86 system - typically "disable half the cores" or "disable all but Core0".

A few corrections:
- Java does run on the Pi: http://www.oracle.com/technetw...
- StarOffice, in the form of LibreOffice does too: http://store.raspberrypi.com/p...

You aren't going to anything amazing of the Pi, but if your expectations are low (in terms of performance) and your budget even smaller, then it will do the job.

In an object oriented language an object is a combination of data and behavior (methods). If you want to transfer data across the wire with an object oriented system the natural place to put that data is into an object. Not trusting object serialization originates from a lack of knowledge on what is happening and you should educate yourself. Everything you want to know about serialization is here: https://docs.oracle.com/javase...

What you are doing by designing your own data formats is adding inherent whitelisting. Your reader/parser probably does a "new" on a specific set of classes. That prevents the type of vulnerability (arbitrary class loading) being discussed in the article but also requires you to reinvent the wheel for every data format.

You could have been using http://docs.oracle.com/javase/... to serialize data since that would give you an easy way to inspect the data type before recreating. You can even setup inspection/whitelisting with traditional object serialization if you wanted to: http://www.ibm.com/developerwo... .

Nowadays JSON is a pretty universal data format for wire transfers. You can deserialize JSON to trusted data-centric classes like Map, List, String, Integer, etc. That would give you universal encoding/decoding without arbitrary class loading. Unless you are required by a 2nd party to use some proprietary wire format there is no reason to roll-your-own encoding/decoding.

In an object oriented language an object is a combination of data and behavior (methods). If you want to transfer data across the wire with an object oriented system the natural place to put that data is into an object. Not trusting object serialization originates from a lack of knowledge on what is happening and you should educate yourself. Everything you want to know about serialization is here: https://docs.oracle.com/javase...

What you are doing by designing your own data formats is adding inherent whitelisting. Your reader/parser probably does a "new" on a specific set of classes. That prevents the type of vulnerability (arbitrary class loading) being discussed in the article but also requires you to reinvent the wheel for every data format.

You could have been using http://docs.oracle.com/javase/... to serialize data since that would give you an easy way to inspect the data type before recreating. You can even setup inspection/whitelisting with traditional object serialization if you wanted to: http://www.ibm.com/developerwo... .

Nowadays JSON is a pretty universal data format for wire transfers. You can deserialize JSON to trusted data-centric classes like Map, List, String, Integer, etc. That would give you universal encoding/decoding without arbitrary class loading. Unless you are required by a 2nd party to use some proprietary wire format there is no reason to roll-your-own encoding/decoding.

The type of class loading you are talking about would only happen when using object serialization with RMI and codebase setup to allow for dynamic class downloading. Object serialization only sends the data portion of an object. If you want to know more you can look at how the format works: http://docs.oracle.com/javase/...

thought it wouldn't take long for the "Its not Java, its the browser plugin, Java is perfect and can do no wrong". posts to appear.

Take a look at the list of affected products - scroll down a fair bit to the Java specific vulnerability list, particularly those marked with note 2:

So, just to count - there's 5 entries with note 2, and CVE-2015-4902 is not one of those. So the major pwnage in question in TFS is browser/JWS based. Of those 5 that are server based, 3 are in JAXP, 1 in security, and 1 in Java8 only. So if you don't use JAXP and are stuck below Java8, guess how vulnerable your server is? Now granted, a security bug sounds pretty major, but without further details and a rating of 5, how can you evaluate whether you're even affected by this one? And my last comment is that most servers only run with vetted URLs, so the possibility that a server will be affected by a URL exploit is pretty darn low.

thought it wouldn't take long for the "Its not Java, its the browser plugin, Java is perfect and can do no wrong". posts to appear.

Take a look at the list of affected products - scroll down a fair bit to the Java specific vulnerability list, particularly those marked with note 2:

Applies to client and server deployment of Java. This vulnerability [...] can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.

Which means and Java program that responds to network connectivity, such as every Java server (and every Java client that talks on the internet) out there. So its not enough to remove the browser plugin, you need to patch Java everywhere. Everywhere.

Don't forget to patch your Oracle database, or Oracle CRM, Siebel, Peoplesoft, too... it has Java components that are affected. Oh yes, MySQL too which has 2 remotely exploitable vulnerabilities.

So weren't jkd and openjdk the same thing? with minimal differnces that do not imply what you state.
Moving to OpenJDK as the official Java SE 7 Reference Implementation
Can you please, provide some reference to back what you just said?.

Wah? What is Java?

Isn't that it an Indonesian Island?

A religion.

https://www.oracle.com/javaone...

Pretty much, from the Oracle VM UELA:

Section C.2.
...

We may audit your use of the Programs

The write hole in btrfs is AFIAK also present in zfs and listed as a risk of a power failure during write on a raid pool with COW filesystems.

The problem you describe makes no sense in ZFS. ZFS never overwrites in-place and a synchronous write is not acknowledged until all component devices (including parity) have sync'ed to stable storage. ZFS will never ever try to read a partially written stripe block (simply because it has no pointers to it yet). After a synchronous write (O_SYNC) returns, it is guaranteed to have all of its data available, regardless if it was overwriting a portion of a file in place, or appending new data to a file.
I think you're misunderstanding how raid-z actually works. raid-z is kinda like RAID-5, but not completely and it's this difference that allows ZFS to not have a write hole at all. All writes to a raid-z, regardless of size, are "full-stripe". The key in ZFS is that there is no fixed stripe size. I'd recommend Jeff Bonwick's original article on raid-z for a writeup of the principles and Matt Ahrens' article ZFS RAIDZ stripe width, or: How I Learned to Stop Worrying and Love RAIDZ for a nice diagram illustrating the layout.

--You can definitely add more disks if you are using mirrored drives in your pool, instead of RAIDZ. I created a Linux ZFS RAID0 (no redundancy) pool with 2 brand-new drives initially, then bought 2 more drives of the same brand and capacity a month later, and upgraded the pool in-place with no downtime to a zRAID10.

--If I want to expand the size of the pool, I can just add 2 more disks in a mirrored configuration.

# zpool add mirpool mirror ata-ST9500420AS_5VJDN5KL ata-ST9500420AS_5VJDN5KJ

--Note that this syntax is using Linux /dev/disk/by-id devices.

--There are some caveats and best-practices that one should read up on, for instance using ashift=12 with 4K sector drives; and using GPT partition tables on ZFS disks; but ZFS has by far been the most reliable and useful filesystem I've ever used.

REF:
https://blogs.oracle.com/partn...
http://zfsonlinux.org/faq.html
http://jrs-s.net/2015/02/06/zf...
https://jsosic.wordpress.com/2...

I mean the performance gains as you add more discs.

And regarding adding discs to an array, you certainly can. Just add addtional raid sets to the pool. That is, rather than adding discs to the existing array, you scale it up by adding additional arrays to the same pool. See the documentation.

I first encountered the approach you describe (URL rewriting for session management) when working with BEA WebLogic about 10 years ago, but I'd say it predates that. It would kick in by default when cookies weren't enabled. https://docs.oracle.com/cd/E13...

I think it worked okay, besides the ugly URLs and stuff. The issue described elsewhere around copying/pasting/sharing links or some bad person hijacking your session could be resolved by making the magic numbers "one-time only" but then you would lose your bookmarkability. Basically you will still need to log in. You'll also have to resign yourself to the fact that the user needs to log in again every time they use the back button, or otherwise enter your site some other way than through using the links that you provide. You'll probably have to rewrite all your static content too.

There's still a possibility of a hacker snooping an unencrypted HTTP session however and hijacking your session by sending the next URL before you do. To be honest you good attack a user on cookies in the same way ... another scenario worth considering could be an attacker with a brief amount of access to your computer copying and pasting one of your links into IM window.

In the scenario you describe, a good implementation would resolve all invalid rewrite links to their non-personalised variant.

It's unclear whether most of the FUD in this discussion is directed at the GPL itself or specifically v3. But it's entirely unfounded.

It's not FUD, and its about the GPL in general - although being GPL3 makes it worse. "GPL2 or later" would have been a better (but still flawed) choice.

You know why libraries aren't generally licensed GPL, right? Anything that links to them has to have the exact same license as the library. For instance, the GPL2 licensed Inkscape can't use this library.

That's the difference between the GPL and the LGPL. You can link to LGPL libraries from any software; you can only link to GPL licensed libraries from code with the same version of the GPL.

In RMS' ideal world, all software would move to the latest GPL and it wouldn't be a problem. Good luck convincing these guys of that.

This is the appropriate license for this image format.

The GPL is not the appropriate license for any general-purpose library. That's what the LGPL is for. Or, like most reference implementations, a non-copyleft license like the MIT license.

Look, I get it, you're a promoter of software freedom. So am I. But this is the real world, and this is a reference implementation. There are conventions to follow for reference implementations, and an OSS non-copyleft license is one of those conventions. This image format could outperform every other format on the planet and it will still see no adoption outside of academia unless there's a compatibly licensed library available. Unless it gets relicensed, or someone writes a non-GPL library, this will go down as just another interesting format that sees no adoption whatsoever.

The path and domain are not authenticated to make sure site A does not set a cookie fraudulently for site B.

These are called "third-party cookies", and browsers (for example, Firefox) already have knobs to disable them. That's not the real issue here, however.

Another problem seems to be, the browsers present all the values associated with the name to the web site, even the cookies not set by that site.

Not only that, a site could get cookies set by "parent" and "child" sites. Furthermore, a lot of web-programming languages (including PHP, ASP.NET, Classic ASP, and GWT) expose the cookies as a key-value store where the key is simply the name of the cookie, and don't document which cookie they use if the browser sends multiple ones with the same key. (Java is a bit better, it just exposes a bucket, but that's harder to work with.)

The issue is that you can't see the artificial complexity of C.

The number of types in C is crazy:
http://www.nongnu.org/avr-libc...

How many types of strings can I have in C? How many types of integers? Fractionals? Booleans?
Signed, unsigned? Why?

Compare with:
https://docs.oracle.com/javase...

For neophyte programmers, writing portable code in C is not feasible.

At this point, you are too far invested with what you do to try a different way.

The kitchen sink is portable, by the way, you need a plumber each time you move it, and a mason, and a wood cutter, and a contractor to manage it.

But it's portable.

You can explicitly mark (parts of) the pool as being duplicated (copies=x), which gives you the checksumming capabilities (but reduces your max storage space, obviously):
https://blogs.oracle.com/relli...

I have a server I use mainly for remote backups of my important data. It has a single 3GB disk for the data in a ZFS-pool with copies=2 for the entire pool. With deduplication disabled and regular snapshotting and scrubbing enabled, it gives me a good amount of security on the availability of my data.

(Yes, I am acutely aware that I should have installed at least one other disk, but I had already put the server in its remote location when I started to get into setting up ZFS. I'll get around to it some time)

Neither do you, apparently. C++ (the language, not the library) is the largest programming language in existence. Nothing is larger.

[citation needed]

A clue: there is no citation because you're making it up.

So let's consider languages where actual formal specifications exist because they have to be written in excricuiating detail because the asusmption there is no reference implementation that people can refer to if in doubt.

Java spec (788 pages, for the language only):

https://docs.oracle.com/javase...

C++ spec (425 pages, for the language only):

http://open-std.org/jtc1/sc22/...

C# circa 2006 language specification (553 pages for the language only)

http://www.ecma-international....

So there you go, definitive proof that there are bigger languages than C++.

Huh, looks like ADA and Fortran 2008 have longer specs too.

So there you go, there are 4 standardised languages I've given you which have longer specifications than C++.

The best C++ devs I've managed were those who openly acknowledged the fact that it is too large and too complicated to be used without sticking to a strict subset of some sort.

Given your propensity to simply make shit up about C++ [citation: see above], your statements lack credibility.

It's interesting that Mary Ann Davidson was an accountant and then became the CSO at Oracle.

Accountant? Citation please. I can't find any evidence she was ever an accountant at Oracle.

According to the brief wikipedia article on her, she joined Oracle in 1988 as a product manager, and became a product marketing manager in their computer-security division in 1993. Not exactly hard-core tech, but not an accountant either.

https://en.wikipedia.org/wiki/...
http://www.oracle.com/us/corpo...

Is Edge going to be portable to non Windows operating systems like GNU/Linux, FreeBSD, Solaris, OS X, HP-UX, OpenServer X, Haiku OS, AIX, Android and Firefox OS?

You must feel so smart listing all those UNIX operating systems. You know so many!

Is Edge going to be portable to non Windows operating systems like GNU/Linux, FreeBSD, Solaris, OS X, HP-UX, OpenServer X, Haiku OS, AIX, Android and Firefox OS?

Another scam Oracle pulling on enterprise level customers is forcing virtualized customers to buy its hardware platform, claiming that virtualization as done by the major players means all physical hardware in the cluster could potentially run Oracle so must be licensed.

Oracle explicitly claims in http://www.oracle.com/us/corporate/pricing/partitioning-070609.pdf that specific virtualizations provided by IBM AIX provide "approved" hardware partitioning.

Please stop spreading FUD. There are plenty of valid reasons to bash Oracle's licensing practices and lies to invent new reasons are not needed.

I mainly use the direwolf20 pack...I also used to play the TolkenCraft pack

Hmm...default configs for those packs on a system with your specs should have it running as smooth as butter.

As for my world age, it was generated this year

Sounds like a halfway decent world, but nothing that should be killing your computer. AE shouldn't be a problem.

upon generating a new world I see similar results

Now, *this* is abnormal. Once the world loads (eg you have a charactor ingame, you're not looking at the "generating world" screen anymore) there will be a few seconds of lag as chunks get generated at the edge of the load distance. This should disappear within the first 20-30 seconds max, for me it's normally less than 5.

Back in the 1.2.5 days and Tekkit, I recall seeing insane FPS rates

I used to get over 1k FPS when I'd turn down the view distance to the minimum. Since then, the Mojang team has worked to equalize some things...I think by default they cap it at 75FPS, but it's much less likely to drop down into the teens...at least in theory.

NO, of course I don't have any Java clues...I can't really be expected to customize my Java settings...So I naturally left everything default

I made a couple of assumptions here. They were possibly incorrect, and if so, I owe you an apology for being that abrupt. You stated that you were allocating 6+ gb of RAM to the game, so I assumed you'd messed with the defaults. I have a special dislike for people who mess with the defaults without educating themselves about what those defaults actually mean.

As a sidenote, if you're running with the defaults, how are you setting 6+ gb of RAM? Genuinely confused, wondering if we're saying different things here, as "changing the RAM" is part of the configs...

64 bit Java JRE

This...might actually be something to check on. Minecraft for Windows comes with its own internally packaged version of Java. Modded Minecraft doesn't use this though, and you need Java 7. It might be worth it to remove Java completely, then re-install just the latest Java 7 64 bit version using the full installer from the Oracle download page.

(snip rant about FUD)

I said FUD is an option. If I had a buck for every time someone has done similar, with intent of spreading disinformation about a specific Minecraft mod or Minecraft itself, I could replace my desktop with a really really shiny one. I said that I saw two options, one of which involved you spreading misinformation. In hindsight, probably not my best closing point.

not that I'm trying to force you to help me

No need for that, I'm actually genuinely interested in helping. With a rig like what you've described, you should be able to run pretty much any modpack in buttery smooth FPS with max graphics settings.

I don't thing the slashdot comments section is the best way to get you some help. The easiest thing for me would be if you hopped on EsperNet IRC and poked me in the #minechem channel. If you're not IRC savvy, I have a web-based IRC interface on my website that should work. If IRC isn't an option, I'm also on Twitter, the Minecraft Forums, and CurseForge as this same username, you could drop me a private message and we can see if this can be sorted.

Not just prior use of a domain name, but prior use of the trademark:

http://jdevadf.oracle.com/work...
https://www.citrix.com/go/work...
http://www.workbetterindia.com...

Only on a very short lease, and only because the alternatives are even worse.

The fact that you have to slog through the Java Platform, Standard Edition: MSI Enterprise JRE Installer Guide for Windows to neuter the worst of its behavior is pretty damned annoying, however. Just a few last legacy uses and I can finally pull the plug...

And, for the few bastard applications that break on remotely modern JREs, it's fun with 'static installations' and breaking out the Deployment Rule Set.

Recitation of the thricefold forbidden execrations while bathing the system being updated in the blood of a freshly slaughtered goat is optional; but recommended.

Only on a very short lease, and only because the alternatives are even worse.

The fact that you have to slog through the Java Platform, Standard Edition: MSI Enterprise JRE Installer Guide for Windows to neuter the worst of its behavior is pretty damned annoying, however. Just a few last legacy uses and I can finally pull the plug...

And, for the few bastard applications that break on remotely modern JREs, it's fun with 'static installations' and breaking out the Deployment Rule Set.

Recitation of the thricefold forbidden execrations while bathing the system being updated in the blood of a freshly slaughtered goat is optional; but recommended.

"...adds 7,716 new characters to the existing 21,499 – that's more than 35% growth!"

There were already 113K characters in Unicode version 7.0. Which is more than 2^16 characters, so remember:

• 1. UTF-16 is *not* two bytes per character
• 2. Therefore a "character" in Java, C#, Javascript sometimes only holds half a Unicode character
• 3. Even a whole unicode character may be only part of a grapheme cluster, which means that taking arbitrary substrings may not result in readable text.

But wasn't UTF-16 supposed to cover all the practical languages (I'm not talking about Klingon or other languages created out of movies). In which case, the 65k should have covered it. Why does Unicode need weirdass characters for playing cards or stuff of that nature? Just stick to their original roles - supporting the implementation of written & spoken languages in computers, and leave it at that.

"...adds 7,716 new characters to the existing 21,499 – that's more than 35% growth!"

There were already 113K characters in Unicode version 7.0. Which is more than 2^16 characters, so remember:

• 1. UTF-16 is *not* two bytes per character
• 2. Therefore a "character" in Java, C#, Javascript sometimes only holds half a Unicode character
• 3. Even a whole unicode character may be only part of a grapheme cluster, which means that taking arbitrary substrings may not result in readable text.

But above all, all points, even if they were true, are but minor differences in implementation, compared to the huge fact being the very nature of a bytecode that is supposed to be run by web pages, that alters the open nature of the web by making its pages write-only, and the introduction of a compiler into the workflow of HTML development. (Who will make the better compiler, Microsoft or Mozilla? Will php scripts output bytecode or do we have to change server-side scripting? What's the failure model for browsers implementing an older subset of the bytecodes?)

There's a classic document appropriately titled What Every Computer Scientist Should Know About Floating-Point Arithmetic. The "Special Quantities" section discusses plus and minus 0, denormal numbers, infinity, and NaN and offers some rationales for why those special values exist in IEEE floating-point arithmetic.

And you know what? We don't use any of that stuff, because we want our code to be COMPREHENSIBLE. Lambdas don't do anything for me that I can't do with a loop, and at least I can see instantly "Yep, that's a loop!" For the very few cases where it might be helpful, that's great, but its really VERY few cases. I have yet to write one.

Yeah, yeah. We've heard this before. Back in the day, people were saying the same things about those new-fangled "for" and "while" loops. After all, we want our code to be comprehensible! A loop doesn't do anything for me that I can't do with a goto, and at least I can see instantly, "yep, that's a control flow transfer!".

Meanwhile, people have embraced the new tools (which are the majority outside of the Java land - even the C++ guys have and use lambdas now), and they became idiomatic, and standard libraries were upgraded to rely on them - making them both more powerful and easier to read. As it happens, I use both C# and C++, and it's a rare day at work that I don't use a lambda anywhere. Looking at other people's [quality] code, it's mostly similar. And guess what? It's all still perfectly readable, so long as you take some time and learn how it works. In most cases, in fact, it's more readable than the code that it replaced, and more maintainable to boot (because DRY).

Java's generics are fine. They do the most important part of being generics perfectly well. Again, the things that you seem to want of them are things that negatively impact maintainability in most cases.

I was referring mostly to type erasure, obviously. How does getting read of that negatively impact maintainability?

In the meantime, Java now has this beauty. Because they can't just say Func<T>, and have it work well for primitive types.

As for DRY... I'm at a loss why anyone would think that you'd repeat yourself in Java.

If you don't have first-class functions in a language, you'll be doing a lot of of DRY for that reason alone (yes, you can use anon classes instead, but no-one actually does because it's so verbose it defeats the point). If I have to explain how and why that works, then you should probably go read some FP tutorial.

I think MS certainly looked carefully at Java and in some very minor ways improved on the syntax, but at worst the difference is small,

You think wrong, and you didn't bother to investigate enough to make such a conclusion. This was kinda sorta true 14 years ago. It's not true now. Things that C# has that Java does not include e.g. dynamic and async/await, neither of which are "very minor ways".

with Java's vast arrays of libraries, frameworks, and tools, its hard to beat.

It's kinda like the iOS app store. Sure, it has 3 million apps, but in practice you need maybe 30 for any particular case, and 300 across everything. I won't dispute that Java has more libraries, but pretty much any mainstream language/platform these days, including .NET, has all the libraries that matter, for the simple reason that all of them have a fairly large community that will write or wrap one if they need it. I don't recall ever running into a situation where I couldn't find a library to do something that I needed to do, in any popular language.

Nope.

For analysis the entire data set has to be decrypted.

Well lets see:

Transparent Data Encryption

Oracle Advanced Security Transparent Data Encryption (TDE) stops would-be attackers from bypassing the database and reading sensitive information from storage by enforcing data-at-rest encryption in the database layer. Applications and users authenticated to the database continue to have access to application data transparently (no application code or configuration changes are required), while attacks from OS users attempting to read sensitive data from tablespace files and attacks from thieves attempting to read information from acquired disks or backups are denied access to the clear text data. Transparent Data Encryption

Summary: With the introduction of transparent data encryption (TDE) in SQL Server 2008, users now have the choice between cell-level encryption as in SQL Server 2005, full database-level encryption by using TDE, or the file-level encryption options provided by Windows. TDE is the optimal choice for bulk encryption to meet regulatory compliance or corporate data security standards. TDE works at the file level, which is similar to two Windows® features: the Encrypting File System (EFS) and BitLocker Drive Encryption, the new volume-level encryption introduced in Windows Vista®, both of which also encrypt data on the hard drive. TDE does not replace cell-level encryption, EFS, or BitLocker. Database Encryption in SQL Server 2008 Enterprise Edition

The major players seem to do it out of the box.

I hate to say it, but given the choice between ORACLE and Microsoft.. Fuck Oracle.

So what's wrong with Oracle for you as a Linux guy? Here you can see a list of some of its contributions to the operating system you use: http://www.oracle.com/technetwork/server-storage/linux/technical-contributions-1689636.html

I think that's quite a lot. At least more than what microsoft will ever do for you.

That is something Minecraft developers could have done years ago. The binary license of the JRE allows it to be bundled with an application for private use of that application.

When redistributing the JRE on Microsoft Windows as a private application runtime (not accessible by other applications) with a custom launcher, the following files are also optional. These are libraries and executables that are used for Java support in Internet Explorer and Mozilla family browsers; these files are not needed in a private JRE redistribution.

from the Java 8 README

An API call in programming use is something like this:

| return type | |Name of function| ( |arguments given to function| );

In general overview, an API call looks like this:
1. (Do some work / task)

2. (Ask some library to do some work / task for us.) (This is the API call.)

3. (Do some more work / task possibly using the result of the API Call.)

For the in general overview, Java has not copied anything more than C++, Smalltalk, or any other language.

For the actual in programming use however it has copied somethings. This is because of the limited nature of the syntax. Put simply, although you can call a string container object "sighpghpjg234fy3r85q83", and expect people to use it when they need a string container object, that does not mean it makes sense to the programmer, is easy to remember, or maintain. Most programmers would expect a string container object to be some deviation of the word "string". As such many languages wind up coping some portion of the API of other languages with just the names of things. For example
std::string.length() in C++, has an exact copy in Java, String.length(). Both API calls do the same thing, (returns the length of the given string), and therefore is a literal copy. (See: For java and For C++)

Sometimes functionality for a given API call is identical between languages, but with different names depending on the exact language in question. For example: std::string.find() in C++, has an exact copy (functionality wise) in Java's String.indexOf() call. Both calls do the same thing, (return the starting index of a search term in a given string), the only difference is the name of the function itself. (find() VS. indexOf()) (See For java and For C++)

Now of course, to a computer all of this is irrelavent. All a computer sees is some variant of:
(system-defined jump / execution branch opcode) (destination address) (result storage address)

It depends on the system in question, but the overall result is always the same. The system jumps to the given address, executes the code it finds there, and when that code finishes, returns to the instruction that comes after the API call, and continues execution from that point. You could easily call an API function: "fksjfisijf" and the system will not care at all, because all it will see is: "0101010101 01011010 101010101010". The API call is just a human mnemonic for what a given function does so it's easier to remember and use for a programmer.

The only exception to this is when dynamic code is used. As that tends to require a parser at runtime, (a dynamic loader), to locate the API call's starting address in a table so that the program can use it. The program itself must know what API call to refer to, so that the loader can find it. The API library must also remain consistent (i.e. not change the API call) so that the loader can find the starting address for the API call that the program needs. If either of these is not true, the program will crash (due to an invalid address, argument, etc.), or it will not run / compile. (due to a link error.)

From a practical stand point, there is not (or rather shouldn't be) an issue. As the whole debate over coping an API call "design" or "expression" is entirely a human concept. Once again, although dynamic code can be used in a program, the computer itself does not care what you call it so long as the call does not change.

From an "Artistic" standpoint, you can't change the "expression of the idea" for an API call and expect it to work. (A computer DOES care about this.) You *could* create a new language every single time you needed to write a program, but you would have difficulty making it u