This is true! You could even say it's a sooper-dooper-fundamental problem of HTTP/HTML not sufficiently separating the control channel from the data channel and/or not sufficiently encapsulating things (active code anywhere? noooo.)
But since browsers have actively chosen to validate invalid inputs and nobody's going to bother securing HTTP/HTML against this kind of thing any time soon, or fix the problems with cookies, or, etc etc etc, I figured that was a good enough high level summary of where we're at realistically. Nobody's willing to fix the foundations or 'break' when looking at malformed pages.
It's fundamentally a problem with the browsers. Without getting too technical...
Problem 1: Browsers try real hard to be clever and interpret maltagged/malformed content so people with defective markup or bad mime content headers won't say 'My page doesn't work in Browser X, Browser X is defective!'. Or if the site is just serving up user text in html, stick some javascript tags in the text. Whichever way, you end up so someone malicious can upload some 'text' to a clipboard or document site which the browser then executes when the malicious person shares the URL.
Problem 2: There are a lot of checks in most browsers against 'cross site scripting', which is a page on site foobar.com (for instance) making data load requests to derp.com, or looking at derp.com's cookies, or even leaving a foobar.com cookie when derp.com is the main page. But if your script is running 'from' derp.com (as above) then permissions for derp.com are almost wide open, because it would just be too annoying for most users to manage permissions on the same site. Now they can grab all your docs, submit requests to email info, whatever is allowed. This is why just changing to another domain name helps.
There's more nitpicky stuff in the second half of TFA, but I think that's the gist of it.
Realistically, you have to look at a Wal-mart or a Bank of America or a Progressive and ask 'Are they really going to hold back on egregious privacy violations just because it's icky?'
The answer, of course, is hell no. As Corporate People they're rapacious sociopaths who'd happily burn puppies or African orphans to death for a few extra cents of shareholder value. There is no possible appeal to ethics here, the best you could do is appeal to possible corporate black eye that would outweigh the profit. Which I don't see.
And then of course there's Homeland Security with their Spy on Everyone Echelon type initiatives and fat pipes right from the heart of every telecom company.
Your Database of Ruin already exists somewhere(s). You've just got to assume it does and figure out how you deal with that.
Already waiting for Win9, after MS fails to get the tablet/portable/phone market they threw desktop users under the bus for and comes crawling back to us like they did with Vista/Win7.
Really, there's only one thing I want. Never force me into full screen mode. IS THAT SO F@$#ING HARD?
Yeah, yeah, I know, technically it's not, Ballmer-wise it is.
Programmers who don't know calculus (or don't actually understand what it means) constantly re-invent it. Badly. And they don't know they're doing so, so they don't realize they're turning a wrench into a hammer.
Rate of change (derivation) and accumulation of changes (integration) are fundamental calculations that pop up again and again, especially when you're dealing with actual hardware.
How long will this servo acceleration ramp take to get up to speed? Calculus will tell you exactly, for your expected position minus any PID issues, or you could try one of the variety of bad kludges I've seen to estimate it.
Of course I use trig all the time as well, and matrixes are useful tools for all sorts of things (transforms, solving systems).
I haven't found much use for differential equations - I guess my physical processes aren't quite physical enough.
This isn't a big surprise to me. Firefox performs far better than Chrome with a dozen or more tabs open - in memory use, speed, and stability (64-bit Win7, might make a difference).
Now if I've only got a few tabs open, Chrome screams.
So I use Firefox as the long term browser, open for weeks with dozens of tabs for work, personal, etc. Chrome if I need some short term speed. Always mount a scratch browser!
I use NoScript myself (and Ghostery), but most people can't deal with how you have to selectively allow javascript domains to get new sites to work under NoScript.
Ghostery accomplishes most of what you want (don't track me, don't steal my info) effortlessly while breaking almost nothing. So you can install it for anyone and not worry too much they'll come complaining to you.
Also, the Ghostery list on any page is freaking scary (Slashdot has only two items). And I'd say 99% of sites are using Google Analytics (including Slashdot).
There are billions more people who want cheap HDTVs than want hi-res monitors, and since TVs are just computer monitors with built in receivers these days... we're screwed by 1080p being all you need for even the largest TV. Bring on the 4K!
If you see a vicious rottweiler fighting a vicious pit bull I don't think you have to decide that one of them is the good dog and one of them is the bad dog.
Yeah, I know a good owner can raise either breed right... these obviously weren't. A gigantic raging a#$hole like Ellison is exactly the sort of guy who would raise a rottweiler that rips the faces off toddlers.
You can still get the latest 'leaks' at places like guru3d.com - it sucks if for people who don't know about this and people counting on (say) Steam Catalyst auto-update, but if I'm having issues with ATI or Nvidia drivers I go there first.
I guess I need to tediously make the point that the one I mention is usable for people who I don't want to play tech support for, don't care about free/oss, and have no interest in leaving Windows (and if they did would go to OS X).
It's the guy who went to CostCo (or gawd forbid Best Buy) and 'bought a new laptop' and can't tell me exactly which one. I tell him 'go here, run this', and he's happy.
Anyone who would wipe it and install Linux already knows what to do (as I did with my last server).
There was something else I wanted to mention here - there are no sensors in the drive other than for the write protect notch.
How do you know where the read/write arm is? You don't! You just slam it back to home from wherever it is by moving it long enough (which causes the grinding noise when it hits the physical stop). Then you assume you're at zero and move from there. How do you know where sector zero is on the track? You don't! You just read till you see it encoded in the header. Similarly, you don't care when you write, you just start writing wherever you are (and write the entire track).
Of course instead of moving from track 1 to track 2, you could be tricky and only move a quarter or half track, which is what a lot of copy protection schemes did, or there was even the dreaded spiral track where you just kept moving outwards after writing each quarter track.
The only way to tell what was really going on (and how I copied/cracked a lot of games back then) was to open the drive up, move to track 5, then draw a little line and '5' on the white plastic movement wheel with sharpie. Repeat out to track 23 or 24. Then you can put in a new game and see 'aha, tracks 0-4 are normal, but then it hops to 5 and a half.' Or 'oh crap, it just spirals all the way out. this is gonna be tough.'
Engineering is optimally solving problems given your constraints, and in that sense the Apple ][ is an engineering master course.
I remember reading the available docs and being completely bowled over by two things: The video display doing the DRAM refresh for free and the workings of the Disk ][ encoding. It was mostly software driving very basic hardware, which was way ahead of its time. DOS 3.2 was kind of ugly, but since it was mostly software, he could upgrade it, and DOS 3.3 was a major improvement! It's hard now to appreciate how revolutionary this was at the time.
Even Woz could make mistakes - his sector interleaving wasn't optimal. In the time it took to process a sector, the next one was already past, so each sector took an entire rotation of the disk. But it was software, so various alternate DOSes just added one to the sector interleave, so instead of sector 1 2 3 4 5 you had sector 1 8 2 9 3 9 and you could copy the entire damn disk in 19 seconds. At least an order of magnitude better than the pokey C64 drive which used the hardware uber alles model.
But his engineering prowess doesn't really work for Apple's current positioning. He's unabashedly pro-consumer and pro-tech, where Apple is (wisely) in the business of providing devices that do a fantastic job of hiding the tech as much as possible, since Grandma or arts majors don't care what the hell the tech is as long as it works like they expect.
And his charming naivete doesn't really work with a big corporate environment, which is why Jobs was able to cheat him out of so much of the money they got.
HP, at least in San Diego, is your nightmare enterprisey hellhole full of desperate low talent people just hanging on because any one with any drive and talent left long ago. Endless meetings, no clear vision, you're just puttering along and hoping you don't get fired - quietly collecting your salary as long as you can since your skills have completely stagnated.
This is not the sort of place makers and geniuses would want to work, unless their R&D department is a lot different.
If it does something that is functional, such as an SLR making a shutter noise or a normal spoked bicycle wheel having spokes, then it is not skeumorphic.
If you have a camera that has no shutter making shutter noises, or molded decorative spokes on the side of an automobile tire that no longer needs them, simply because people expect new tech to behave like old tech, it's skeumorphic.
Is that so hard? If I say 'some A are B' this does not mean all A are B and you are terribly clever if you can come up with an example. It's implied.
I realize the use for something that indicates a picture has been taken. And of course a shutter sound is a convenient audio shortcut - but how many people using these apps have ever owned a camera with a shutter? It's just a nod to old tech. My S95 lets you choose any sound, including a few kinds of beeps and a cat meow.
I'm guessing that in 50 years (if that long) all photos will just be frames snagged from a hires video stream - which we're seeing already. And at that point if they're still making a "kasheen" noise only a few people will know why other than 'that's the sound photos make'.
You'll always still have a few people using SLRs of course (I still love my D200), like you've still got people who do glass plate photography.
The term is 'skeumorph' - it's like a wheel with decorative spokes. The wheel no longer needs them for strength, but they're there because a wheel 'needs' spokes.
The other obvious one is camera apps making a shutter sound.
You may see some disappointment and realignment of expectations, but this the basic idea is such a good one that I can't see it just *pop*ing out of existence.
Look at Paypal - they treat their customers like shit on both sides (sellers and buyers) and will randomly seize accounts in hopes they can keep some of the money, yet almost everyone still uses them because it's too damn useful.
Perhaps people will finally realize that Kickstarter means what it says - you are GIVING money to fund a project, and any rewards are gifts the project is GIVING you but not directly for your funding (wink wink), because US law won't let you invest in anything for reward without crippling regulation.
A little more rigor in your Kickstarter project selection might be a good thing all around, but again, it's something we 'need', so the demand will be there on both sides. I've backed several projects and so far so good, but I take some care in selection and realize it's possible I'll get nothing in return. It's a donation, and anything you get back is surprise presents!
It's hotter when overclocked. Overclockers love having to run pipes and submerge things. How are you going to justify hauling out the liquid nitrogen if it's running cool?
Meanwhile everyone else is happier that it runs cooler, takes less power, is faster, and even costs less than Sandy Bridge.
As part of this the messaging has to be as fast as possible, which is where the article comes in. Newer cores/chips designed for this kind of thing have multi-gigabytes/sec just for the messaging and tiny latencies.
The threads/processes still shouldn't be so tightly coupled that they're talking more than working (or waiting), or something's probably wrong with the design. Even in a shared memory model it's probably spending massive amounts of time twiddling mutexes and trying to keep memory synced between the cores (if they're running on separate cores).
There's still the option of shared RAM for passing around large data - readers just have to know when to invalidate their cache, which is where the coordination by message comes in. So messaging isn't the only option, just preferred.
Finally, current IPC can be slow but doesn't have to be. For instance, when I send a message to another thread with ThreadX it puts the message on the (pre-allocated) queue, checks if the other thread is higher priority and waiting on the queue, and if it is, *boom*, receiver gets the message, near instant context switch. We use this for tiny embedded systems and overhead is noise level.
As mentioned in other comments, this has been done before. The method of message passing isn't as fundamental as one key point - that it is all explicit message passing.
Intel and AMD x86/x64 CPUs use coherent cache between cores to make sure that a thread running on CPU 1 sees the same RAM as a thread running on CPU 3. This leads to horrible bottlenecks and huge amounts of die tied up in trying to coordinate the writes, maintain coherency between N cores (N-1 ^2 connections!), and it all just goes to hell pretty fast. Intel has this super new transactional memory rollback thing, but it's turd polishing.
The next step is pretty obvious (see Barrelfish) and easy: no shared coherency. Everything is done with message passing. If two threads or processes (it doesn't really matter at that point) want to communicate they need to do it with messages. It's much cleaner than dealing with shared memory synchronization, and makes program flow much more obvious (to me at least - I use message queues even on x86/x64). If you need to share BIG MEMORY between threads, which is reasonable for something like image processing, you at least use messages to explicitly coordinate access to shared memory and the cores don't have to worry about coherency.
This scales extremely well for at least a couple thousand CPUs, which is where the 'local internet' becomes useful.
Where it becomes not easy is that almost all programs written for x86/x64 assume threads can share memory at will. They'd need to be rewritten for this model or would suddenly run a whole lot slower since you'd have to lock them to one core or somehow do the coordination behind their back. It'd be worth it for me!
Slashdot Mirror
This is true! You could even say it's a sooper-dooper-fundamental problem of HTTP/HTML not sufficiently separating the control channel from the data channel and/or not sufficiently encapsulating things (active code anywhere? noooo.)
But since browsers have actively chosen to validate invalid inputs and nobody's going to bother securing HTTP/HTML against this kind of thing any time soon, or fix the problems with cookies, or, etc etc etc, I figured that was a good enough high level summary of where we're at realistically. Nobody's willing to fix the foundations or 'break' when looking at malformed pages.
It's fundamentally a problem with the browsers. Without getting too technical...
Problem 1: Browsers try real hard to be clever and interpret maltagged/malformed content so people with defective markup or bad mime content headers won't say 'My page doesn't work in Browser X, Browser X is defective!'. Or if the site is just serving up user text in html, stick some javascript tags in the text. Whichever way, you end up so someone malicious can upload some 'text' to a clipboard or document site which the browser then executes when the malicious person shares the URL.
Problem 2: There are a lot of checks in most browsers against 'cross site scripting', which is a page on site foobar.com (for instance) making data load requests to derp.com, or looking at derp.com's cookies, or even leaving a foobar.com cookie when derp.com is the main page. But if your script is running 'from' derp.com (as above) then permissions for derp.com are almost wide open, because it would just be too annoying for most users to manage permissions on the same site. Now they can grab all your docs, submit requests to email info, whatever is allowed. This is why just changing to another domain name helps.
There's more nitpicky stuff in the second half of TFA, but I think that's the gist of it.
Realistically, you have to look at a Wal-mart or a Bank of America or a Progressive and ask 'Are they really going to hold back on egregious privacy violations just because it's icky?'
The answer, of course, is hell no. As Corporate People they're rapacious sociopaths who'd happily burn puppies or African orphans to death for a few extra cents of shareholder value. There is no possible appeal to ethics here, the best you could do is appeal to possible corporate black eye that would outweigh the profit. Which I don't see.
And then of course there's Homeland Security with their Spy on Everyone Echelon type initiatives and fat pipes right from the heart of every telecom company.
Your Database of Ruin already exists somewhere(s). You've just got to assume it does and figure out how you deal with that.
Already waiting for Win9, after MS fails to get the tablet/portable/phone market they threw desktop users under the bus for and comes crawling back to us like they did with Vista/Win7.
Really, there's only one thing I want. Never force me into full screen mode. IS THAT SO F@$#ING HARD?
Yeah, yeah, I know, technically it's not, Ballmer-wise it is.
We'll talk later. Or we won't.
Programmers who don't know calculus (or don't actually understand what it means) constantly re-invent it. Badly. And they don't know they're doing so, so they don't realize they're turning a wrench into a hammer.
Rate of change (derivation) and accumulation of changes (integration) are fundamental calculations that pop up again and again, especially when you're dealing with actual hardware.
How long will this servo acceleration ramp take to get up to speed? Calculus will tell you exactly, for your expected position minus any PID issues, or you could try one of the variety of bad kludges I've seen to estimate it.
Of course I use trig all the time as well, and matrixes are useful tools for all sorts of things (transforms, solving systems).
I haven't found much use for differential equations - I guess my physical processes aren't quite physical enough.
This isn't a big surprise to me. Firefox performs far better than Chrome with a dozen or more tabs open - in memory use, speed, and stability (64-bit Win7, might make a difference).
Now if I've only got a few tabs open, Chrome screams.
So I use Firefox as the long term browser, open for weeks with dozens of tabs for work, personal, etc. Chrome if I need some short term speed. Always mount a scratch browser!
I don't think Texas has had any use for science since 1993 either.
Officially coming out against critical thinking was just the final reveal.
Corporate lawsuits never involve such small numbers.
I believe you meant $00,000,000
I use NoScript myself (and Ghostery), but most people can't deal with how you have to selectively allow javascript domains to get new sites to work under NoScript.
Ghostery accomplishes most of what you want (don't track me, don't steal my info) effortlessly while breaking almost nothing. So you can install it for anyone and not worry too much they'll come complaining to you.
Also, the Ghostery list on any page is freaking scary (Slashdot has only two items). And I'd say 99% of sites are using Google Analytics (including Slashdot).
'enable very rapid development of limited programs by programmers of lesser experience.' '
Which then turn into unkillable custom full fledged enterprise monstrosities.
There are billions more people who want cheap HDTVs than want hi-res monitors, and since TVs are just computer monitors with built in receivers these days... we're screwed by 1080p being all you need for even the largest TV. Bring on the 4K!
If you see a vicious rottweiler fighting a vicious pit bull I don't think you have to decide that one of them is the good dog and one of them is the bad dog.
Yeah, I know a good owner can raise either breed right... these obviously weren't. A gigantic raging a#$hole like Ellison is exactly the sort of guy who would raise a rottweiler that rips the faces off toddlers.
You can still get the latest 'leaks' at places like guru3d.com - it sucks if for people who don't know about this and people counting on (say) Steam Catalyst auto-update, but if I'm having issues with ATI or Nvidia drivers I go there first.
I guess I need to tediously make the point that the one I mention is usable for people who I don't want to play tech support for, don't care about free/oss, and have no interest in leaving Windows (and if they did would go to OS X).
It's the guy who went to CostCo (or gawd forbid Best Buy) and 'bought a new laptop' and can't tell me exactly which one. I tell him 'go here, run this', and he's happy.
Anyone who would wipe it and install Linux already knows what to do (as I did with my last server).
http://pcdecrapifier.com/
I tell everyone who gets a pre-installed PC to run this.
There was something else I wanted to mention here - there are no sensors in the drive other than for the write protect notch.
How do you know where the read/write arm is? You don't! You just slam it back to home from wherever it is by moving it long enough (which causes the grinding noise when it hits the physical stop). Then you assume you're at zero and move from there. How do you know where sector zero is on the track? You don't! You just read till you see it encoded in the header. Similarly, you don't care when you write, you just start writing wherever you are (and write the entire track).
Of course instead of moving from track 1 to track 2, you could be tricky and only move a quarter or half track, which is what a lot of copy protection schemes did, or there was even the dreaded spiral track where you just kept moving outwards after writing each quarter track.
The only way to tell what was really going on (and how I copied/cracked a lot of games back then) was to open the drive up, move to track 5, then draw a little line and '5' on the white plastic movement wheel with sharpie. Repeat out to track 23 or 24. Then you can put in a new game and see 'aha, tracks 0-4 are normal, but then it hops to 5 and a half.' Or 'oh crap, it just spirals all the way out. this is gonna be tough.'
Engineering is optimally solving problems given your constraints, and in that sense the Apple ][ is an engineering master course.
I remember reading the available docs and being completely bowled over by two things: The video display doing the DRAM refresh for free and the workings of the Disk ][ encoding. It was mostly software driving very basic hardware, which was way ahead of its time. DOS 3.2 was kind of ugly, but since it was mostly software, he could upgrade it, and DOS 3.3 was a major improvement! It's hard now to appreciate how revolutionary this was at the time.
Even Woz could make mistakes - his sector interleaving wasn't optimal. In the time it took to process a sector, the next one was already past, so each sector took an entire rotation of the disk. But it was software, so various alternate DOSes just added one to the sector interleave, so instead of sector 1 2 3 4 5 you had sector 1 8 2 9 3 9 and you could copy the entire damn disk in 19 seconds. At least an order of magnitude better than the pokey C64 drive which used the hardware uber alles model.
But his engineering prowess doesn't really work for Apple's current positioning. He's unabashedly pro-consumer and pro-tech, where Apple is (wisely) in the business of providing devices that do a fantastic job of hiding the tech as much as possible, since Grandma or arts majors don't care what the hell the tech is as long as it works like they expect.
And his charming naivete doesn't really work with a big corporate environment, which is why Jobs was able to cheat him out of so much of the money they got.
HP, at least in San Diego, is your nightmare enterprisey hellhole full of desperate low talent people just hanging on because any one with any drive and talent left long ago. Endless meetings, no clear vision, you're just puttering along and hoping you don't get fired - quietly collecting your salary as long as you can since your skills have completely stagnated.
This is not the sort of place makers and geniuses would want to work, unless their R&D department is a lot different.
Hmm, let me make this nice and simple for you.
If it does something that is functional, such as an SLR making a shutter noise or a normal spoked bicycle wheel having spokes, then it is not skeumorphic.
If you have a camera that has no shutter making shutter noises, or molded decorative spokes on the side of an automobile tire that no longer needs them, simply because people expect new tech to behave like old tech, it's skeumorphic.
Is that so hard? If I say 'some A are B' this does not mean all A are B and you are terribly clever if you can come up with an example. It's implied.
Finally: Bike wheels without spokes: https://encrypted.google.com/search?q=spokeless+bicycle+wheel
I realize the use for something that indicates a picture has been taken. And of course a shutter sound is a convenient audio shortcut - but how many people using these apps have ever owned a camera with a shutter? It's just a nod to old tech. My S95 lets you choose any sound, including a few kinds of beeps and a cat meow.
I'm guessing that in 50 years (if that long) all photos will just be frames snagged from a hires video stream - which we're seeing already. And at that point if they're still making a "kasheen" noise only a few people will know why other than 'that's the sound photos make'.
You'll always still have a few people using SLRs of course (I still love my D200), like you've still got people who do glass plate photography.
The term is 'skeumorph' - it's like a wheel with decorative spokes. The wheel no longer needs them for strength, but they're there because a wheel 'needs' spokes.
The other obvious one is camera apps making a shutter sound.
https://en.wikipedia.org/wiki/Skeuomorph
You may see some disappointment and realignment of expectations, but this the basic idea is such a good one that I can't see it just *pop*ing out of existence.
Look at Paypal - they treat their customers like shit on both sides (sellers and buyers) and will randomly seize accounts in hopes they can keep some of the money, yet almost everyone still uses them because it's too damn useful.
Perhaps people will finally realize that Kickstarter means what it says - you are GIVING money to fund a project, and any rewards are gifts the project is GIVING you but not directly for your funding (wink wink), because US law won't let you invest in anything for reward without crippling regulation.
A little more rigor in your Kickstarter project selection might be a good thing all around, but again, it's something we 'need', so the demand will be there on both sides. I've backed several projects and so far so good, but I take some care in selection and realize it's possible I'll get nothing in return. It's a donation, and anything you get back is surprise presents!
It's hotter when overclocked. Overclockers love having to run pipes and submerge things. How are you going to justify hauling out the liquid nitrogen if it's running cool?
Meanwhile everyone else is happier that it runs cooler, takes less power, is faster, and even costs less than Sandy Bridge.
This is Win Win, people.
As part of this the messaging has to be as fast as possible, which is where the article comes in. Newer cores/chips designed for this kind of thing have multi-gigabytes/sec just for the messaging and tiny latencies.
The threads/processes still shouldn't be so tightly coupled that they're talking more than working (or waiting), or something's probably wrong with the design. Even in a shared memory model it's probably spending massive amounts of time twiddling mutexes and trying to keep memory synced between the cores (if they're running on separate cores).
There's still the option of shared RAM for passing around large data - readers just have to know when to invalidate their cache, which is where the coordination by message comes in. So messaging isn't the only option, just preferred.
Finally, current IPC can be slow but doesn't have to be. For instance, when I send a message to another thread with ThreadX it puts the message on the (pre-allocated) queue, checks if the other thread is higher priority and waiting on the queue, and if it is, *boom*, receiver gets the message, near instant context switch. We use this for tiny embedded systems and overhead is noise level.
As mentioned in other comments, this has been done before. The method of message passing isn't as fundamental as one key point - that it is all explicit message passing.
Intel and AMD x86/x64 CPUs use coherent cache between cores to make sure that a thread running on CPU 1 sees the same RAM as a thread running on CPU 3. This leads to horrible bottlenecks and huge amounts of die tied up in trying to coordinate the writes, maintain coherency between N cores (N-1 ^2 connections!), and it all just goes to hell pretty fast. Intel has this super new transactional memory rollback thing, but it's turd polishing.
The next step is pretty obvious (see Barrelfish) and easy: no shared coherency. Everything is done with message passing. If two threads or processes (it doesn't really matter at that point) want to communicate they need to do it with messages. It's much cleaner than dealing with shared memory synchronization, and makes program flow much more obvious (to me at least - I use message queues even on x86/x64). If you need to share BIG MEMORY between threads, which is reasonable for something like image processing, you at least use messages to explicitly coordinate access to shared memory and the cores don't have to worry about coherency.
This scales extremely well for at least a couple thousand CPUs, which is where the 'local internet' becomes useful.
Where it becomes not easy is that almost all programs written for x86/x64 assume threads can share memory at will. They'd need to be rewritten for this model or would suddenly run a whole lot slower since you'd have to lock them to one core or somehow do the coordination behind their back. It'd be worth it for me!