Kinda, yeah. What we're seeing now is the breaking of the chicken-and-egg problem of gaming on Linux. Up until very recently, virtually no developers bothered developing games for Linux, because no-one does gaming in Linux. No-one ran Linux for gaming, because there were very few games for Linux (and the drivers were a pain).
Up until recently, Linux had merely taken over the world when it came to servers and mobile (Android). Now it's being given a real shot at gaming.
We should not diminish the importance of Linux. But it's clear that Git is much more important today.
Bullshit. If Git vanished overnight, we'd at least have Mercurial. There is no such drop-in replacement for Linux. (I'm not digging on FreeBSD/OpenSolaris/etc, but Linux completely dominates them in real-world deployments.)
Also, Linux was a much more disruptive development. A real working kernel for a real working Unix-like OS, that's free and open source, was/is a huge deal. Git is awesome, but there's no question that Torvalds' work on Linux is more award-worthy.
Lastly, in terms of sheer scale/ambitiousness, Linux absolutely dwarfs Git. A "poor man's git" could be thrown together with Bash scripts without too much pain (indeed, this is how Git has been developed). There is no such analog for GNU/Linux. Even at the conceptual level, there's a huge amount going on.
Let police officers take care of it. We have backup, guns, radio, jackets — all that stuff civilians don't have.
I'm not a cop, but it strikes me as odd that appropriate training didn't make it to his list of the four most important things police officers have which civilians don't.
What is that thing? Can its data be trusted? Does it truly show your iPhone, or somebody else's, or something else entirely? Is that actually the address, or is it the other address right next door? Be thankful if it's not an apartment building, 'cos then floors get involved - good luck getting a warrant for all of them.
Fortunately though, it's a phone. Odds are it's not going to be kept at home permanently. I'm sure with the uniqueness of a person's movements, it shouldn't be a problem to figure out the only car that took this route is the one with the iPhone in it.
Interesting take, I'd not seen it put that way before.
I once heard a horror story of an embedded software project. They were forced to only use debug builds, as the release builds seemed to trigger a race condition in the start-up code. The 'held together with paper-clips' approach to software engineering...
We can at least lessen the fragility by using regular testing and defensive programming.
Sure, but I wasn't commenting on the health benefits/downsides of vegetarianism, I was pointing out the absurdity of the comparison in
Neither will you be if all you eat is pork.
Of course, the comment before was absurd too, on the face of it. No-one is suggesting eating actual pig-feed, and vegetarian diets are certainly possible, as the existence of vegetarians demonstrates.
Every useful technology can be abused. The man who invented the knife is not responsible for stabbings, nor is the man who built the individual knife used. The man who invented a means of recording the actions of corrupt police is not responsible when the police use those same cameras to spy on the population. And so on.
Oversimplification. It's fuzzier than that. If I turn up at your knife store covered in blood, and ask not that you dial 911 but instead for Your stabbiest knife please, my good man, you'd be right to be suspicious, and it wouldn't be unreasonable to place some of the blame on you if you sold me a knife and I went on to do harm with it.
You're right that lots of technologies can be abused, but it's not the case that every technology which can be used for evil must also have a 'legitimate' use as well.
Some items are specifically intended for unsavoury uses. Machine-pistols, biological weapons, nuclear weapons...
Also, sometimes the line between invention and use is blurred: development vs deployment.
"Great ideas always enter into the world with disgusting alliances" -- Alfred North Whitehead.
"Somebody is doing something bad with science. Quick, stop all science!" -- You.
Well that's just a shameful straw-man. There's quite a difference between advocating boycotting of an organisation, and opposing 'all science'.
If you have an axe to grind, the only morally-correct thing to do is to grind it yourself. It is slothful and cruel to demand that other people should make a sacrifice in order to champion your noble cause for you.
Are we talking about an apathetic voter-base, or not?
If yes, they're not demanding that anyone else grind their axe. They probably aren't even aware of the axe.
If no, we have a genuine disagreement.
No-one is saying I'm too lazy to vote, but I hope engineers refuse to become cogs of the military/industrial/prison/media machine.
The entire point is presumably simply to give you an opportunity to lie on the record. If you have sued an employer in the past, being human and thus stupid, you are likely to lie on your application to get your job.
(Annoying font sanitised.)
Where is anyone suggesting that employers will be allowed to ask if you've sued former employers? (If this was in either of the articles, I missed it.)
While most folks are normally averse to giving any application or service access to their Facebook account
Really? Most folks? I personally am averse to doing this (I also go to the 'extreme' of only ever using Facebook inside a Private Browsing window, you know, as a/. tin-foil-hat-wearer and all), but there are a lot of people who happily integrate, say, Spotify and Facebook.
You simply tell everyone that there is a vulnerability, but you do not tell them any details about what the vulnerability is. Instead, you simply announce a release date & time for a patch.
This is brilliant, and I'm kicking myself for not having thought of it.
The only problem I can see is that of whether the average repair-averse manager can be properly jolted by a good-faith announcement. Businesses often prefer PR bullshit to actual repairs, and will only invest in proper repairs if they're going to be utterly humiliated otherwise, and if they see no other way out. It's not unheard of for security researchers to be threatened with lawsuits should they disclose, for instance.
Even if this were to happen though, it would still be the responsible course of action for the developers/security researchers. That way there'd at least be no Well we did all we could weaseling on the part of vulnerable websites.
Got a source for that? They might like to be (perceived to be) omniscient, but there's at least a chance that they're not.
Looking at Wikipedia, it hardly seems certain that there was exploitation of the bug prior to the disclosure, or that the NSA knew.
There was some exploitation of the bug very soon after disclosure, but I can't see a way to win here. You can't tell everyone about the bug without telling the bad guys...
I thought it was an unchecked memcpy that was at fault, but you're not the only one I've seen mention memory-management weirdness. Would using ordinary malloc/free have prevented this?
"Well shit, fuck me for trying. If you think you can do better - please do."
I, for one, would welcome new safe-programming-language-using overlords.
Apparently crypto in Ada need not be any slower than crypto in C. The programming language is just one piece of the puzzle of course (it wouldn't fix the lack of serious code scrutiny), but it would be a much more appropriate choice than C.
(I don't mean to trivialise the OpenSSL project, but if a safer alternative did exist, I'd be all for it.)
I'm surprised I haven't yet heard whether today's static-analysis/dynamic-analysis tools would have caught the Heartbleed bug.
Slashdot Mirror
Kinda, yeah. What we're seeing now is the breaking of the chicken-and-egg problem of gaming on Linux. Up until very recently, virtually no developers bothered developing games for Linux, because no-one does gaming in Linux. No-one ran Linux for gaming, because there were very few games for Linux (and the drivers were a pain).
Up until recently, Linux had merely taken over the world when it came to servers and mobile (Android). Now it's being given a real shot at gaming.
In their proper place, you say?
git rebase -i
Thank me later.
We should not diminish the importance of Linux. But it's clear that Git is much more important today.
Bullshit. If Git vanished overnight, we'd at least have Mercurial. There is no such drop-in replacement for Linux. (I'm not digging on FreeBSD/OpenSolaris/etc, but Linux completely dominates them in real-world deployments.)
Also, Linux was a much more disruptive development. A real working kernel for a real working Unix-like OS, that's free and open source, was/is a huge deal. Git is awesome, but there's no question that Torvalds' work on Linux is more award-worthy.
Lastly, in terms of sheer scale/ambitiousness, Linux absolutely dwarfs Git. A "poor man's git" could be thrown together with Bash scripts without too much pain (indeed, this is how Git has been developed). There is no such analog for GNU/Linux. Even at the conceptual level, there's a huge amount going on.
Let police officers take care of it. We have backup, guns, radio, jackets — all that stuff civilians don't have.
I'm not a cop, but it strikes me as odd that appropriate training didn't make it to his list of the four most important things police officers have which civilians don't.
What is that thing? Can its data be trusted? Does it truly show your iPhone, or somebody else's, or something else entirely? Is that actually the address, or is it the other address right next door? Be thankful if it's not an apartment building, 'cos then floors get involved - good luck getting a warrant for all of them.
Fortunately though, it's a phone. Odds are it's not going to be kept at home permanently. I'm sure with the uniqueness of a person's movements, it shouldn't be a problem to figure out the only car that took this route is the one with the iPhone in it.
Probable cause? I expect so, but I'm no lawyer.
Does it say on the package that the product becomes unfit for use at time X? No? Fraud. Lawyers start panting.
I doubt it. Implicit indefinite guarantee? I don't think so. XP was maintained and kept (roughly) fit-for-purpose for years.
SPARK falls squarely into silver bullet territory.
Well, in terms of correctness, formal methods really are a silver-bullet.... assuming an infinite budget and an unchanging, well-understood spec ;-P
leaving the country
Depends on your definition of 'leaving'. For example, Garmin are, for official purposes, based in Switzerland, having previously been based in the Cayman Islands.
Sure, all the real engineering work happens in Kansas, and it was founded by two Americans, but here we are.
Interesting take, I'd not seen it put that way before.
I once heard a horror story of an embedded software project. They were forced to only use debug builds, as the release builds seemed to trigger a race condition in the start-up code. The 'held together with paper-clips' approach to software engineering...
We can at least lessen the fragility by using regular testing and defensive programming.
(I'm almost crazy enough to think we should actually use the tools intended to make software that damn well works, but we all know that's never going to happen.)
Sure, but I wasn't commenting on the health benefits/downsides of vegetarianism, I was pointing out the absurdity of the comparison in
Neither will you be if all you eat is pork.
Of course, the comment before was absurd too, on the face of it. No-one is suggesting eating actual pig-feed, and vegetarian diets are certainly possible, as the existence of vegetarians demonstrates.
Does posting as AC make one stupid, or do otherwise intelligent people decide to post stupid things and tick the AC box?
No-one is suggest a carnivorous diet where we eat only meat, but people are suggesting vegetarianism where we eat no meat at all...
Every useful technology can be abused. The man who invented the knife is not responsible for stabbings, nor is the man who built the individual knife used. The man who invented a means of recording the actions of corrupt police is not responsible when the police use those same cameras to spy on the population. And so on.
Oversimplification. It's fuzzier than that. If I turn up at your knife store covered in blood, and ask not that you dial 911 but instead for Your stabbiest knife please, my good man, you'd be right to be suspicious, and it wouldn't be unreasonable to place some of the blame on you if you sold me a knife and I went on to do harm with it.
You're right that lots of technologies can be abused, but it's not the case that every technology which can be used for evil must also have a 'legitimate' use as well.
Some items are specifically intended for unsavoury uses. Machine-pistols, biological weapons, nuclear weapons...
Also, sometimes the line between invention and use is blurred: development vs deployment.
"Great ideas always enter into the world with disgusting alliances" -- Alfred North Whitehead.
"Somebody is doing something bad with science. Quick, stop all science!" -- You.
Well that's just a shameful straw-man. There's quite a difference between advocating boycotting of an organisation, and opposing 'all science'.
If you have an axe to grind, the only morally-correct thing to do is to grind it yourself. It is slothful and cruel to demand that other people should make a sacrifice in order to champion your noble cause for you.
Are we talking about an apathetic voter-base, or not?
If yes, they're not demanding that anyone else grind their axe. They probably aren't even aware of the axe.
If no, we have a genuine disagreement.
No-one is saying I'm too lazy to vote, but I hope engineers refuse to become cogs of the military/industrial/prison/media machine.
Only if done properly.
Sure, but this applies to every engineering solution ever, no?
I was thinking the C++ standard library should take care of it.
The entire point is presumably simply to give you an opportunity to lie on the record. If you have sued an employer in the past, being human and thus stupid, you are likely to lie on your application to get your job.
(Annoying font sanitised.)
Where is anyone suggesting that employers will be allowed to ask if you've sued former employers? (If this was in either of the articles, I missed it.)
Is the page a ruse to gain access to your facebook account?
I don't follow. Did they ask for your Facebook password? There's you answer.
While most folks are normally averse to giving any application or service access to their Facebook account
Really? Most folks? I personally am averse to doing this (I also go to the 'extreme' of only ever using Facebook inside a Private Browsing window, you know, as a /. tin-foil-hat-wearer and all), but there are a lot of people who happily integrate, say, Spotify and Facebook.
Nice anecdote, but there's plenty scientific evidence
Citation needed.
You simply tell everyone that there is a vulnerability, but you do not tell them any details about what the vulnerability is. Instead, you simply announce a release date & time for a patch.
This is brilliant, and I'm kicking myself for not having thought of it.
The only problem I can see is that of whether the average repair-averse manager can be properly jolted by a good-faith announcement. Businesses often prefer PR bullshit to actual repairs, and will only invest in proper repairs if they're going to be utterly humiliated otherwise, and if they see no other way out. It's not unheard of for security researchers to be threatened with lawsuits should they disclose, for instance.
Even if this were to happen though, it would still be the responsible course of action for the developers/security researchers. That way there'd at least be no Well we did all we could weaseling on the part of vulnerable websites.
2 year use of the bug
Got a source for that? They might like to be (perceived to be) omniscient, but there's at least a chance that they're not.
Looking at Wiki pedia, it hardly seems certain that there was exploitation of the bug prior to the disclosure, or that the NSA knew.
There was some exploitation of the bug very soon after disclosure, but I can't see a way to win here. You can't tell everyone about the bug without telling the bad guys...
I thought it was an unchecked memcpy that was at fault, but you're not the only one I've seen mention memory-management weirdness. Would using ordinary malloc/free have prevented this?
"Well shit, fuck me for trying. If you think you can do better - please do."
I, for one, would welcome new safe-programming-language-using overlords.
Apparently crypto in Ada need not be any slower than crypto in C. The programming language is just one piece of the puzzle of course (it wouldn't fix the lack of serious code scrutiny), but it would be a much more appropriate choice than C.
(I don't mean to trivialise the OpenSSL project, but if a safer alternative did exist, I'd be all for it.)
I'm surprised I haven't yet heard whether today's static-analysis/dynamic-analysis tools would have caught the Heartbleed bug.
What the NSA does with itself in the privacy of the its comically failed oversight process, is its own business.
It's true!