Well, no, it's very clearly not. If there are issues, they're not related to the DOM.
If Chrome isn't efficiently handling OpenGL calls, that's a problem, and I'm sure they'll fix it. The code produced by the HotSpot JVM's JIT engine can call C code 'natively', so I'm sure V8 can be engineered to do the same.
A trusted network is not a free and open network...neither is it particularly practical as we have seen again and again the demonstrated futility of managing planet scale trust anchors.
A bug is a bug. All bugs should be triaged and then treated accordingly. You don't pretend a bug is more important because security is the flavour of the month.
But a bug which can be exploited to give a security hole necessarily deserves a high priority, no?
You're not a security professional
don't pretend a bug is more important because security is the flavour of the month
A bug which enables a remote attacker to compromise a server is necessarily a serious one, no? I really don't get what your point is with this flavour of the month thing.
I really don't want to end the browser session and then restore everything when I return two work.
If restarting Firefox and reloading all the same pages again is enough to significantly drop the memory-consumption, that implies Firefix is leaking memory.
It doesn't sound to me like laziness on your part is to blame (one shouldn't have to constantly be restarting applications to work around memory leaks), nor your browsing habits.
It's true that applications aren't as compact as they might be in a perfect highly-optimised world, but a JVM isn't that big a dependency. I don't have numbers to hand, but iirc it's not all that much bigger than Qt.
If you really wanted to, you could have an install-time option to use an already-installed JVM instead of unpacking one. You'd open yourself up to version incompatibilities though.
Quit whining about the new, latest security hole, because there have been numerous bad security holes in the past, and they will continue to exist in the future.
Do you apply the same reasoning to war, starvation, and murder?
I've wondered before: Does posting as AC make one stupid, or do otherwise intelligent people decide to post stupid things and tick the AC box?
In my opinion, the 'culture' of not bundling virtual machine software is a real problem. If your Windows program uses Java, why not just bundle it? You avoid version compatibility issues, and you avoid installing an enabled-by-default blight on web security (Java applets). Everyone wins. (Some programs do this today, but not many. The indie game Blocks That Matter is one such.)
After that cars sure as hell wont hit eachothers, as they can communicate way before they even see eachothers. Even when you are using the manual overrride, the car will tell others where it is.
Maybe some way down the road (sorry).
We'll never see 100% traffic safety, though. Not even with perfect software.
You're either missing the point, or claiming that never in the history of traffic-accidents has a driver had to decide between their own safety and the safety of (many) others.
Picking holes in the specific example gets us nowhere.
Your scheme sounds like a shakedown: "How much are you willing to pay to not be deliberately crashed into?"
Indeed, it would have to be approached carefully, with an 'honest' assessment of who's best to crash into, as well as an honest log of deliberate-avoidance decisions.
Having a pay Google to not crash into your car scheme doesn't sound like a great idea...
You joke, but, like the hit the best protected car policy, it would serve to punish the most safety-conscious, whilst still making some sense on short-term utilitarian grounds.
So if me and a few of my friends jump out in front of your car, the car should do everything in its power to avoid hitting us, right? Including driving off a cliff-face?
A car which can be persuaded to deliberately kill its passengers... that might be a problem.
Not going to defend low marksmanship standards, but, marksmanship wasn't really my point. Confronting someone without needless escalation of force, etc, is more what I was trying to get at.
Slashdot Mirror
That's the same problem.
Well, no, it's very clearly not. If there are issues, they're not related to the DOM.
If Chrome isn't efficiently handling OpenGL calls, that's a problem, and I'm sure they'll fix it. The code produced by the HotSpot JVM's JIT engine can call C code 'natively', so I'm sure V8 can be engineered to do the same.
(Did you really mean Blink rather than V8?)
Still, the DOM inefficiencies are avoided. Efficient drawing plus efficient, JIT-compiled JavaScript.
Also, it sounds like 'web workers' can help with the Spends 99% in painting issue.
But, as WaffleMonster already pointed out:
A trusted network is not a free and open network...neither is it particularly practical as we have seen again and again the demonstrated futility of managing planet scale trust anchors.
A bug is a bug. All bugs should be triaged and then treated accordingly. You don't pretend a bug is more important because security is the flavour of the month.
But a bug which can be exploited to give a security hole necessarily deserves a high priority, no?
You're not a security professional
don't pretend a bug is more important because security is the flavour of the month
A bug which enables a remote attacker to compromise a server is necessarily a serious one, no? I really don't get what your point is with this flavour of the month thing.
5 years? No, it's already been done.
You can run KDE applications in your browser, right now.
I really don't want to end the browser session and then restore everything when I return two work.
If restarting Firefox and reloading all the same pages again is enough to significantly drop the memory-consumption, that implies Firefix is leaking memory.
It doesn't sound to me like laziness on your part is to blame (one shouldn't have to constantly be restarting applications to work around memory leaks), nor your browsing habits.
The slowness is all in the DOM
What about canvas and WebGL?
communist cancer-like invention
Microsoft's lock in
You hate both sides then, I take it? Or do you figure Microsoft lock-in is a Good Thing?
All these comments, and not even a nod?
*Ahem*
In Soviet Russia, TV watches you.
It's true that applications aren't as compact as they might be in a perfect highly-optimised world, but a JVM isn't that big a dependency. I don't have numbers to hand, but iirc it's not all that much bigger than Qt.
If you really wanted to, you could have an install-time option to use an already-installed JVM instead of unpacking one. You'd open yourself up to version incompatibilities though.
Quit whining about the new, latest security hole, because there have been numerous bad security holes in the past, and they will continue to exist in the future.
Do you apply the same reasoning to war, starvation, and murder?
I've wondered before: Does posting as AC make one stupid, or do otherwise intelligent people decide to post stupid things and tick the AC box?
Until it's there by default, It's simply unacceptable for consumer software.
Just bundle Mono and be done. Problem solved.
In my opinion, the 'culture' of not bundling virtual machine software is a real problem. If your Windows program uses Java, why not just bundle it? You avoid version compatibility issues, and you avoid installing an enabled-by-default blight on web security (Java applets). Everyone wins. (Some programs do this today, but not many. The indie game Blocks That Matter is one such.)
Not bad for an AC though, you have to admit.
Most of them contribute literally nothing to the conversation....
require a representative from the police and a representative from a civil liberties organisation to provide keys in order to decrypt the video
You want to have the police depend on a (presumably non-government) civil liberties organisation?
I don't buy it.
s/software/automatic driving systems/
After that cars sure as hell wont hit eachothers, as they can communicate way before they even see eachothers. Even when you are using the manual overrride, the car will tell others where it is.
Maybe some way down the road (sorry).
We'll never see 100% traffic safety, though. Not even with perfect software.
You're either missing the point, or claiming that never in the history of traffic-accidents has a driver had to decide between their own safety and the safety of (many) others.
Picking holes in the specific example gets us nowhere.
Your scheme sounds like a shakedown: "How much are you willing to pay to not be deliberately crashed into?"
Indeed, it would have to be approached carefully, with an 'honest' assessment of who's best to crash into, as well as an honest log of deliberate-avoidance decisions.
Having a pay Google to not crash into your car scheme doesn't sound like a great idea...
Oops, forgot to sign in.
You joke, but, like the hit the best protected car policy, it would serve to punish the most safety-conscious, whilst still making some sense on short-term utilitarian grounds.
But this a hopeless inadequate theory of morality.
Inaction might be worse than action, even if action causes the death of someone who would not otherwise have died. See: the Trolley Problem.
So if me and a few of my friends jump out in front of your car, the car should do everything in its power to avoid hitting us, right? Including driving off a cliff-face?
A car which can be persuaded to deliberately kill its passengers... that might be a problem.
Congratulations, you've given me a great go-to example of a non-answer.
Just leave that kind of behavior undefined.
Programs are generally deterministic beasts, by nature. What are you trying to say?
Not going to defend low marksmanship standards, but, marksmanship wasn't really my point. Confronting someone without needless escalation of force, etc, is more what I was trying to get at.
I imagine if any plugin gets /really/ popular, the tracking bugs will get modified so they work again
Maybe, but even an incredibly popular Firefox plugin is still only there for a small percentage of an average page's visitors.