That sentence demonstrates without requiring much thought what the article demonstrates if you think about it -
the author is an idiot.
Bill Gates isn't a successful programmer, he didn't write DOS. He's an incredibly successful business person, he bought and sold DOS and managed a company to turn it into billions.
That's just getting started on the falsehoods with the Gates framing.
From Wikipedia: His father was a prominent lawyer, and his mother served on the board of directors for First Interstate BancSystem... at 13, he enrolled in the Lakeside School, a private preparatory school.
Gates was a highly privileged child born into a wealthy, extremely well-connected family. His family, and their friends and acquaintances, bankrolled Gates start-up, and provided him a very cushy safety net.
You're missing the point - every advantage given to Bill Gates was also given to many of his peers at the expensive school he was at, and yet only one of those advantaged kids turned it into Microsoft.
However, it is (A) somewhat expensive, (B) the company has no track record yet producing anything, and (C) not sure it will offer a self-driving option.
The Rivian looks way more properly built for offload use than the Y though, for sure. And 400 miles range is great (assuming it really gets that range). I especially like the suspension...
In the face of all evidence to the contrary, you appear to be under the impression that self-driving is solvable in a small timeframe.
My guess is that once solid state lidar becomes cheap and small enough they will retrofit for people who already paid for full self driving, like they promised.
They already have to retrofit the new revision 3 hardware to those older cars anyway.
How will that help? It's the software that's not up to scratch. Putting in better hardware is not going to help at this point; the reasons for the car being unable to drive autonomously is not because the sensors don't see everything.
So you really not understand the difference between reporting someone's explanation of their actions and "trying to spin it"?
The reason that the BBC is so reliable is that they don't pass judgement, they don't give an opinion. They give you the facts, what people said, what the video shows,
What people said? They only included the eyewitnesses who blamed the children. That's spin. It may be a fact that all those people were quoted accurately, but it's also a fact that they devoted much, much less of their quotations to eyewitnesses who gave the actual story.
Weren't you the one complaining, after the 2016 election, that wikileaks only spilled (truthful) dirt on HRC and none on Trump, therefore they were biased?
Back to the Covington coverage in the article you linked to: nowhere did they call out the aggressors as the aggressors, nor did they link to the video that showed the agressors being aggressive. Though, they helpfully provided the video that inaccurately shows the children being the aggressors.
Nick Sandmann (left) and Nathan Phillips (right) both said they were trying to defuse tensions
From the actual video: Nathan Phillips went right up to Sandmann, clearly inciting him.
That article is trying to spin it as "no one really knows what happened", with every single eyewitness quoted in that article saying the kids started it. The actual video shows the kids as the victims, and the blacks and Indian groups as the aggressors.
That is not a balanced article: they show the snipped video that makes the children look like the aggressors, but don't even link to the whole video which shows the blacks and the Indians as the aggressors.
You will never create the perfect, unbiased source of news. Compared to commercial offerings though, the BBC is better than most. In fact I can't think of a commercial operation as good as them.
Are they? How was their coverage of the Covington Schoolboys story?
I'm still waiting to see how Captain Marvel is going to perform. So far it's looking pretty good from the critics.
So did the Ghostbusters reboot. Doesn't mean it was any good. The critics follow the populism wave these days; and that wave right now means that they will highly rate almost any movie that pushes the SJW ideology.
So, if you want to drive down the motor way with a 6 foot long sharp iron spike on the front of a car with no breaks, that's fine?
There's laws against selling cars with spikes on the front (seriously, look it up), there's no law against selling cars faster than some speed limits.
Cars kill lots of people. We have, over the years, putting a significant number of safety restrictions on cars.
Quite correct - we make laws about what car manufacturers put into their cars. Speed limiters aren't part of those laws.
Physically restraining people because they might break the law is very different from forcing car manufacturers to remove spikes from the front before sale.
How about we physically restrain you, because you have all the equipment necessary for rape?
The issue is they take out others too. not just themselves.
That only matters if they take out others at a higher rate than they take out themselves. If they are taking out themselves at a higher rate than they are taking out others, then it's a self-solving problem.
Why shouldn't a bookstore be able to choose what they stock? Why should a bookstore be forced to carry a product they don't want to sell?
Damn right. In fact, they should simply pile all of the subversive material in the town square and burn them. Book burning is the mark of an enlightened culture, is it not?
I'm atheist and I agree with GP - the majority of the worlds muslims are further to the right than the KKK. Why call out the less-extreme forms of religion, but not the extreme ones?
Yep.
You just have to worry about that $400 custom made socket to get that "simple bolt on part" off in one piece.
Bullshit. I regularly turn on my angle-grinder and welder to make these "custom tools", such as the clamps to keep the camshafts aligned while changing timing belts. It never costs more than a few dollars.
Just last weekend I ground down a $2 short socket extension to make an 8mm square key for the sump nut of a Renault (No, I don't know why they decided to use square keys and not hex keys).
Of course a traditional database with signatures *could* be used as well, but in practice it just isn't done.
If they can't be arsed enough to simply store an extra field in their table (the signature) for free, what makes you think that they will be prepared to expend money on a blockchain solution that doesn't give them anything more than the signature?
Speaking of signatures, yours is hilarious in this context:
XML is like violence. If it doesn't solve the problem, use more.
You do realise that changing it to:
Blockchain is like violence. If it doesn't solve the problem, use more.
is pretty much on the nail there, right?
At least XML solved some problems. The world has yet to see a problem that blockchain can solve.
Blockchain is the textbook definition of a solution in search of a problem.
Violence and child abuse is now the same as dehumanising speech?
Probably depends on how much and how often you have to deal with it. Speech matters.
Having to deal day-in-day-out with the conspiracy nuts, literal nazis, threats of violence etc., after a while, little by little, that's going to change you. That's exactly what they're talking about. Since you or I haven't done that job we aren't in a good position to judge what it's like.
No one claimed it wouldn't change you, but when you place speech in the same category as child abuse, you're trivialising child abuse.
From what I've seen off the video, the waymo car didn't respond to the officer, it responded to all the cars around it that accelerated from rest.
IOW, it only proceeded after the other car next to it proceeded. It is not clear that it interpreted the officer as anything other than an object in the way.
You clearly don't understand C, or what constititues a runtime environment.
Read the standard; there is a C runtime in any hosted implementation. The standard literally refers to a runtime, calling it the hosted implementation. The same is true for C++.
For freestanding implementations a smaller runtime is compiled in.
No, he's right. There's nothing he wrote that implies he doesn't know what a null is. There's plenty that you're writing here though that shows you don't understand the problem.
There is absolutely nothing about null termination that's more secure than length+string. It's entirely possible, and indeed a common source of errors, to not put a null at the end of a string, for example:
#define BUFFER_LENGTH 4
main() {
char buffer[BUFFER_LENGTH];
char buffer2[255];
strncpy(buffer, "Hello world!", BUFFER_LENGTH);
strcpy(buffer2, " is a language called C");
puts(buffer);
}
This will, on C compilers that store everything in the most obvious way (which isn't all of them) print "Hell is a language called C". On others, it'll fill your screen with garbage. And on a handful it'll, by accident, print "Hell" because whatever data is stored after "buffer" happens to be zero by coincidence.
How is this better? It isn't! And it's not a contrived answer either, because strncpy was introduced precisely to prevent buffer overflow errors, and yet nobody noticed between implementation and standardization/release that to use it in such a way that it didn't cause overflows a programmer had to do a, usually redundant, step of sticking a null in the last element of the destination buffer, just to make sure that if the string was too long, it was still a string.
Yes, null termination is so bad that even the experts at ANSI couldn't figure out how to fix it properly. (IIRC it was the OpenBSD people who introduced the world's first safe string copying function as a standard - in the very late nineties, 15-20 years after C first appeared. FIFTEEN FUCKING YEARS. FIFTEEN to SAFELY COPY A STRING. Do you have ANY idea how terrible that is?
I said:
How does pointer+length fix a maliciously (mal)formed string?
And you display how a maliciously malformed string is a problem!
My entire post was on strings entering the system - once it's in and validated you don't have more problems with null-terminated than with ptr_length. Before it's in, you have all the same problems with null-terminated than with ptr+length.
Using ptr+length doesn't buy you anything unless you trust the length, in which case you may as well trust the null-terminator.
That snippet you posted has a bug because the length indicator was wrong.
In fact, the null-terminated string is actually safer than ptr+length because there is only ever one source of the string's length, and that is the string itself.... lolwut. A string (defined as pointer+length) is the string itself. The length is the only source of the string's length. There is preisely one source.
With a ptr+length solution there are many more opportunities for a string to have a length indicator that is different to it's actual length.
Yeah no one ever scribbled over a terminating null.
Please for the love of god stay away from C, you're a menace.
You don't actually know what a NULL is, do you? It's a zero dumbass. In languages like C, the zero is considered the terminator for a sequence of characters, which is what we meant by the word "string".
I think once you look up what "character", "string", "NULL", "terminated" and "length" means, you'll be a better programmer. You already show some potential.
I wonder how much the people who designed the C string (string of characters, implicitly terminated by a null) knew of its potential issues in the long term, and if they would have gone with ptr+length instead if they knew?
How does pointer+length fix a maliciously (mal)formed string?
For each string that enters the system you'll need to check the length against the data you've been given, at which point you may as well have just used a terminating NULL because the result is the same (because the length might be lying to you)
Okay, lets say that you *are* checking the length against the input - what do you do when the length is (uint64_t)-1? At that point you may as well have just used a terminating NULL anyway, because the result is the same.
Okay, so let's say that you enforce a maximum string length as strings enter the system - you can do the same with a null-terminated string too.
Any safety that a ptr+length solution gives you, you can already get from a null-terminated string currently, right now.
In fact, the null-terminated string is actually safer than ptr+length because there is only ever one source of the string's length, and that is the string itself. With a ptr+length solution there are many more opportunities for a string to have a length indicator that is different to it's actual length.
The problem isn't the existence of a null-terminated string; it's the overflows that occur because code is relying on a length that is lying about the *actual* string length (as in heartbleed), instead of (correctly) enforcing a terminator on the input (once the end of the input is reached).
The other problem is that, right now, you can validate data entering the system to enforce limits, and test the program against these limits using valgrind, but too few systems are tested this way; if they were then we wouldn't be seeing buffer overruns at all, strings or otherwise.
How many Windows C (or C++) devs actually use a Windows equivalent of valgrind? I don't know of any.
Slashdot Mirror
That sentence demonstrates without requiring much thought what the article demonstrates if you think about it - the author is an idiot.
Bill Gates isn't a successful programmer, he didn't write DOS. He's an incredibly successful business person, he bought and sold DOS and managed a company to turn it into billions.
That's just getting started on the falsehoods with the Gates framing.
From Wikipedia: His father was a prominent lawyer, and his mother served on the board of directors for First Interstate BancSystem... at 13, he enrolled in the Lakeside School, a private preparatory school.
Gates was a highly privileged child born into a wealthy, extremely well-connected family. His family, and their friends and acquaintances, bankrolled Gates start-up, and provided him a very cushy safety net.
You're missing the point - every advantage given to Bill Gates was also given to many of his peers at the expensive school he was at, and yet only one of those advantaged kids turned it into Microsoft.
I also like the sound of the Rivian.
However, it is (A) somewhat expensive, (B) the company has no track record yet producing anything, and (C) not sure it will offer a self-driving option.
The Rivian looks way more properly built for offload use than the Y though, for sure. And 400 miles range is great (assuming it really gets that range). I especially like the suspension...
In the face of all evidence to the contrary, you appear to be under the impression that self-driving is solvable in a small timeframe.
My guess is that once solid state lidar becomes cheap and small enough they will retrofit for people who already paid for full self driving, like they promised.
They already have to retrofit the new revision 3 hardware to those older cars anyway.
How will that help? It's the software that's not up to scratch. Putting in better hardware is not going to help at this point; the reasons for the car being unable to drive autonomously is not because the sensors don't see everything.
So you really not understand the difference between reporting someone's explanation of their actions and "trying to spin it"?
The reason that the BBC is so reliable is that they don't pass judgement, they don't give an opinion. They give you the facts, what people said, what the video shows,
What people said? They only included the eyewitnesses who blamed the children. That's spin. It may be a fact that all those people were quoted accurately, but it's also a fact that they devoted much, much less of their quotations to eyewitnesses who gave the actual story.
Weren't you the one complaining, after the 2016 election, that wikileaks only spilled (truthful) dirt on HRC and none on Trump, therefore they were biased?
Back to the Covington coverage in the article you linked to: nowhere did they call out the aggressors as the aggressors, nor did they link to the video that showed the agressors being aggressive. Though, they helpfully provided the video that inaccurately shows the children being the aggressors.
Seems okay.
https://www.bbc.co.uk/news/wor...
Can't you just google it yourself though?
From the first line in your link:
Nick Sandmann (left) and Nathan Phillips (right) both said they were trying to defuse tensions
From the actual video: Nathan Phillips went right up to Sandmann, clearly inciting him.
That article is trying to spin it as "no one really knows what happened", with every single eyewitness quoted in that article saying the kids started it. The actual video shows the kids as the victims, and the blacks and Indian groups as the aggressors.
That is not a balanced article: they show the snipped video that makes the children look like the aggressors, but don't even link to the whole video which shows the blacks and the Indians as the aggressors.
You will never create the perfect, unbiased source of news. Compared to commercial offerings though, the BBC is better than most. In fact I can't think of a commercial operation as good as them.
Are they? How was their coverage of the Covington Schoolboys story?
I'm not petty either. The guy is a world class, Grade A, piece of shit. A truly awful, awful person, in every sense of the word.
I'm not petty either, but my friend Tom who has a band is!
(Thank you, I'll be here all week, don't forgot to tip your waiter)
I'm still waiting to see how Captain Marvel is going to perform. So far it's looking pretty good from the critics.
So did the Ghostbusters reboot. Doesn't mean it was any good. The critics follow the populism wave these days; and that wave right now means that they will highly rate almost any movie that pushes the SJW ideology.
So, if you want to drive down the motor way with a 6 foot long sharp iron spike on the front of a car with no breaks, that's fine?
There's laws against selling cars with spikes on the front (seriously, look it up), there's no law against selling cars faster than some speed limits.
Cars kill lots of people. We have, over the years, putting a significant number of safety restrictions on cars.
Quite correct - we make laws about what car manufacturers put into their cars. Speed limiters aren't part of those laws.
Physically restraining people because they might break the law is very different from forcing car manufacturers to remove spikes from the front before sale.
How about we physically restrain you, because you have all the equipment necessary for rape?
You can argue that you should be free to do what you want, but the fact is you already very much breaking the law at the limit.
So? The cops are there for those who break the law, not for those planning to.
There's absolutely no good reason to physically restrain people "just in case they want to break the law".
Let's not make pre-crime a reality.
The issue is they take out others too. not just themselves.
That only matters if they take out others at a higher rate than they take out themselves. If they are taking out themselves at a higher rate than they are taking out others, then it's a self-solving problem.
Why shouldn't a bookstore be able to choose what they stock? Why should a bookstore be forced to carry a product they don't want to sell?
Damn right. In fact, they should simply pile all of the subversive material in the town square and burn them. Book burning is the mark of an enlightened culture, is it not?
What a shit attempt at trolling. 1/10.
I'm atheist and I agree with GP - the majority of the worlds muslims are further to the right than the KKK. Why call out the less-extreme forms of religion, but not the extreme ones?
Yep. You just have to worry about that $400 custom made socket to get that "simple bolt on part" off in one piece.
Bullshit. I regularly turn on my angle-grinder and welder to make these "custom tools", such as the clamps to keep the camshafts aligned while changing timing belts. It never costs more than a few dollars.
Just last weekend I ground down a $2 short socket extension to make an 8mm square key for the sump nut of a Renault (No, I don't know why they decided to use square keys and not hex keys).
Of course a traditional database with signatures *could* be used as well, but in practice it just isn't done.
If they can't be arsed enough to simply store an extra field in their table (the signature) for free, what makes you think that they will be prepared to expend money on a blockchain solution that doesn't give them anything more than the signature?
Speaking of signatures, yours is hilarious in this context:
XML is like violence. If it doesn't solve the problem, use more.
You do realise that changing it to:
Blockchain is like violence. If it doesn't solve the problem, use more.
is pretty much on the nail there, right?
At least XML solved some problems. The world has yet to see a problem that blockchain can solve.
Blockchain is the textbook definition of a solution in search of a problem.
Please rank all crimes for us so we don't make this mistake again. I'll wait...
I don't need to rank all, just the ones they want to equivocate.
Child abuse is worse than nasty speech!
Only twats think otherwise.
Violence and child abuse is now the same as dehumanising speech?
Probably depends on how much and how often you have to deal with it. Speech matters.
Having to deal day-in-day-out with the conspiracy nuts, literal nazis, threats of violence etc., after a while, little by little, that's going to change you. That's exactly what they're talking about. Since you or I haven't done that job we aren't in a good position to judge what it's like.
No one claimed it wouldn't change you, but when you place speech in the same category as child abuse, you're trivialising child abuse.
Never ceases to amaze me how some people think that because its said on the internet words don't hurt, that its not real..somehow.
Just because it hurts and is real doesn't make it the same as violence and child abuse.
When you compare speech to child abuse, you're trivialising child abuse.
Violence and child abuse is now the same as dehumanising speech?
From what I've seen off the video, the waymo car didn't respond to the officer, it responded to all the cars around it that accelerated from rest.
IOW, it only proceeded after the other car next to it proceeded. It is not clear that it interpreted the officer as anything other than an object in the way.
You clearly don't understand C, or what constititues a runtime environment.
Read the standard; there is a C runtime in any hosted implementation. The standard literally refers to a runtime, calling it the hosted implementation. The same is true for C++.
For freestanding implementations a smaller runtime is compiled in.
"that rich guy who was raised by monks and had to learn how to interact with Western adult culture while being a martial arts deity's avatar".
Which one is that?
No, he's right. There's nothing he wrote that implies he doesn't know what a null is. There's plenty that you're writing here though that shows you don't understand the problem.
There is absolutely nothing about null termination that's more secure than length+string. It's entirely possible, and indeed a common source of errors, to not put a null at the end of a string, for example:
This will, on C compilers that store everything in the most obvious way (which isn't all of them) print "Hell is a language called C". On others, it'll fill your screen with garbage. And on a handful it'll, by accident, print "Hell" because whatever data is stored after "buffer" happens to be zero by coincidence.
How is this better? It isn't! And it's not a contrived answer either, because strncpy was introduced precisely to prevent buffer overflow errors, and yet nobody noticed between implementation and standardization/release that to use it in such a way that it didn't cause overflows a programmer had to do a, usually redundant, step of sticking a null in the last element of the destination buffer, just to make sure that if the string was too long, it was still a string.
Yes, null termination is so bad that even the experts at ANSI couldn't figure out how to fix it properly. (IIRC it was the OpenBSD people who introduced the world's first safe string copying function as a standard - in the very late nineties, 15-20 years after C first appeared. FIFTEEN FUCKING YEARS. FIFTEEN to SAFELY COPY A STRING. Do you have ANY idea how terrible that is?
I said:
How does pointer+length fix a maliciously (mal)formed string?
And you display how a maliciously malformed string is a problem!
My entire post was on strings entering the system - once it's in and validated you don't have more problems with null-terminated than with ptr_length. Before it's in, you have all the same problems with null-terminated than with ptr+length.
Using ptr+length doesn't buy you anything unless you trust the length, in which case you may as well trust the null-terminator.
That snippet you posted has a bug because the length indicator was wrong.
The stupid, it burns.
In fact, the null-terminated string is actually safer than ptr+length because there is only ever one source of the string's length, and that is the string itself. ... lolwut. A string (defined as pointer+length) is the string itself. The length is the only source of the string's length. There is preisely one source.
With a ptr+length solution there are many more opportunities for a string to have a length indicator that is different to it's actual length.
Yeah no one ever scribbled over a terminating null.
Please for the love of god stay away from C, you're a menace.
You don't actually know what a NULL is, do you? It's a zero dumbass. In languages like C, the zero is considered the terminator for a sequence of characters, which is what we meant by the word "string".
I think once you look up what "character", "string", "NULL", "terminated" and "length" means, you'll be a better programmer. You already show some potential.
I wonder how much the people who designed the C string (string of characters, implicitly terminated by a null) knew of its potential issues in the long term, and if they would have gone with ptr+length instead if they knew?
How does pointer+length fix a maliciously (mal)formed string?
For each string that enters the system you'll need to check the length against the data you've been given, at which point you may as well have just used a terminating NULL because the result is the same (because the length might be lying to you)
Okay, lets say that you *are* checking the length against the input - what do you do when the length is (uint64_t)-1? At that point you may as well have just used a terminating NULL anyway, because the result is the same.
Okay, so let's say that you enforce a maximum string length as strings enter the system - you can do the same with a null-terminated string too.
Any safety that a ptr+length solution gives you, you can already get from a null-terminated string currently, right now.
In fact, the null-terminated string is actually safer than ptr+length because there is only ever one source of the string's length, and that is the string itself. With a ptr+length solution there are many more opportunities for a string to have a length indicator that is different to it's actual length.
The problem isn't the existence of a null-terminated string; it's the overflows that occur because code is relying on a length that is lying about the *actual* string length (as in heartbleed), instead of (correctly) enforcing a terminator on the input (once the end of the input is reached).
The other problem is that, right now, you can validate data entering the system to enforce limits, and test the program against these limits using valgrind, but too few systems are tested this way; if they were then we wouldn't be seeing buffer overruns at all, strings or otherwise.
How many Windows C (or C++) devs actually use a Windows equivalent of valgrind? I don't know of any.