It seems to me that we are approaching a brave new time when only the skills and knowledge which are economically valuable will be taught.
This paragraph gives me the impression that you advocate educational institutions should resist giving what students and society wants out of education and instead deliver what some intellectual elite thinks is more valuable.
I read that as "we should only teach skills and knowledge that provides more monetary value for the society in the long run, compared to the resources spent on education". As a whole, I agree. However, we should improve on detecting childs clearly above average and using extra resources on them. I believe that everybody should have basic education but there's no reason to spend huge amount of education resources on everybody.
I don't check (I prefer word "review" or "audit" here) the libraries for security vulnerabilities before I start using them. However, I only accept libraries than come with the source and I do cursory review of the code with a question in mind:
"Would I be willing to fix a bug in this library if the original author were not willing to fix it?"
Only if the code looks sane enough that I can answer "yes" I even start using the library. And the security is only a small part of the picture here! If the library does anything important within the product, any major bug in it's behavior will cause major issues for my product, too. If I cannot (at least in theory) fix the library, I'm not going to use it.
I might use a closed source library for some totally optional feature in the product but even in that case I'd keep looking for another solution with the source. And with "optional feature" I mean something that can be disabled or removed if any evidence comes up for the library having a security issue.
It's possible to do HDR correctly, too. See e.g. http://www.flickr.com/photos/cmdrcord/4973996377/sizes/o/in/pool-89888984@N00/. You cannot take a shot like this without HDR + tone mapping because the amount of light in the wall with direct sunlight is way too high compared to shadows under collapsed roof.
I consider HDR similar to digital sharpening algorithms: it's possible that using the technique improves the image quality but more often than not, beginners use it way too much.
It just came to my mind, that even some banks are stupid enough to use identification number as authentication. In this particular case, the attacker was able to withdraw money from an account by only knowing the account number (the account identifier). If this happened to me, I'd sue my bank for giving out my money without authenticating my identity. It should be really simple:
1. account identifier (account number) identifies the account,
2. the bank authenticates the idenfication of the person doing the withdrawal,
3. the bank checks that the authenticated person is authorized for the given account.
4. if step 3 is successful, withdraw the money from account
It should not matter if businesses store your SSN. Would you object to storing your name, email address, phone number, postal address or any other publicly available number or information? The SSN should not be any different.
I'm afraid that the real problem is that businesses (and possibly government officials) are using SSN as authentication token instead of identification token.
We have exactly the same problem here in Finland with our SOTU/HETU/what-ever-it's-called-today identifier string. It was originally designed to be identifier for every citizen but the latest law (Henkilötietolaki, 1999) says that this identifier should not be public... Or it can still be used for identifying persons for statistical reasons, for selling services for credit, renting, insurances and other miscellaneus stuff. However, it cannot be used as the person idenfier "only because it were the easiest way to identify a person" (direct translation from the actual law)! How fucked up is that? A personal identification number that shall not be used as personal identification number? To my knowledge this originates from using this identifier for authentication (surely you are the only person that can remember the last 4 symbols in your identification number?)... After reading this discussion, it seems clear that the problem is the same in the USA. What I cannot understand is why they decided to codify this brain-damage as a law instead of simply saying that you cannot authenticate with identifier.
How can we get businesses and government to regognize the difference between identification and authentication? SSN or any other non-secret is not an authentication token and MUST NOT require any protection to keep it from public. One simple method would be to pass a new law that practically says that "SSN number cannot be used as an authentication". As a result, anybody using the SSN for authentication would have no authentication at all, according to law. Hopefully that would be clear enough even for dumber businesses.
Why not? It's easily licensable, and Mozilla has a pretty decent income.
Because even though Mozilla has some money, it cannot license H.264 with GPL compatible terms. They need a license that allows end users to modify and redistribute modified versions of Mozilla products (e.g. Firefox). The modified version could be a GPL licensed H.264 codec which has absolutely no browser code remaining. The patent owner, MPEG LA, is not happy with such licensing terms because if they license H.264 to Mozilla with such terms, every free software project has a license. Or if they grant such license, Mozilla is not rich enough for it...
Why are software patents stupid? Because you say so? Do you think there should be a difference between software and non-software patents? Why?
I'm not parent poster that claimed such but here're my ideas about this:
Software as an engineering field advances much more rapidly than say medical engineering or biology. Using similar expiration terms for all fields is insane. The 20 year monopoly granted for a new drug may make some sense if research takes 5 years and obtaining national license for using the said drug takes 10 years of field testing. A new video codec may require 2 years of research, manufacturing it takes zero years and it will be deprecated in 2 years after a better codec comes available. And still that codec gets the same 20 year monopoly as the new drugs. Does not make any sense to me. Notice that such deprecated but patented video codec prevents further research using any of the patented methods as a part of the new video codec (or any non-related software).
Software patents make no sense because the patent does not disclose the invention. Look at any software patent that you can find. Does it disclose enough information to implement the invention (the piece of software that is being patented)? I haven't seen such software patent. In every case the patent has been obfuscated enough to be not helpful for programming. In fact, in many cases it's practically impossible to even regognize the patented invention even if you had an infridging implementation done by yourself. See my older comment about software patents.
I'd be happy with software patents given following further restrictions:
The patent MUST include reference source code (NOT in pseudo-language)
Software patents always expire in maximum of 5 years
If the patent owner does not distribute (or sell) a software containing the invention, the patent automatically expires in one year (prevents patent trolls).
Notice that originally US patent system required implementation of said invention to be presented to patent officer. This requirement was then dropped because of heavy costs (for the officers or inventors, I don't know). With software, the cost of copying the invention to the patent officer is less than filing the patent so there is really no reason not to require reference implementation.
No. Fundamentally, what is a web browser? It's a program that sends out tcp/ip packets, waits for the response, and displays stuff on screen.
While there have been many new features added to windows over the years, there isn't anything fundamental that has changed that would impede a web browser from running on an older version of the win32 api.
Basically true, but the devil is in the details. Latest Firefox version does stuff such as display downloaded fonts on web pages without installing said fonts in the system (requires a new API), scan downloaded files for viruses (has 2 APIs, win2000 requires the old one, newer Windows versions require the newer API), allows theming the browser (could use native uxtheme library API if supported only winxp or newer), native UNICODE support is better with newer versions, too.
For combination of wget and cat the OS version does not change much, for OS supported rendering and integration features, the OS version is very important. The linux version of Firefox already requires pretty recent glibc and cairo libraries.
What would stop Sun from merging any interesting development made on any of these forks back into their version?
The fact that Sun bought the MySQL for acquiring rights to the source. That allows them to sell MySQL with licenses other than GPLv2. If they merge code from any open source fork (they're all GPLv2 because that's the only choice MySQL license allows for a fork), then Sun would be forced to distribute under GPLv2 only. Clearly this is not what they want because they paid $1,000,000,000 for the source. If they wanted GPLv2, they had it for free (as in beer!) already.
ext3 is also delaying writes. The bug is that ext4 is not delaying renames to happen after writes. Instead renames happen immediately, and guess what, they spin your hard drive up, then you get to wait 60 second until real data starts to be written.
Oh and if you lose power or crash during these 60 seconds, you loose all data - new and old. Oh and you common desktops programs do that cycle several times a minute.
Excuse my language, but why the fuck are those "common desktop programs" writing and renaming files several times a minute? I understand that files are written if I change any settings but this is something different. Perhaps there should be some special filesystem that is designed to freeze the whole system for 1 second for every write() any application does. Such filesystem could be used for application testing. That way it would be immediately obvious if any program is writing too much stuff without a good reason.
The EXT4 is doing exactly the right thing because it's never actually writing any of those files to the disk. Because those files are constantly replaced with new versions, there's no point trying to save any unless the application ask so. To do that, the application should call fsync(). Otherwise, the FS has no obligation to write anything in any given order to the disk until the FS is unmounted. A high performance FS with enough cache will not write anything to disk until fsync() unless the CPU and disk have nothing else to do (and even then, only because it probably improves the performance of possibly following fsync() or unmount in the future).
The POSIX specifies that closing a file does not force it to permanent storage. To get that, you MUST call fsync().
So the required code to write a new file safely is:
fd = fopen(...)
fwrite(..., fd)
fsync(fd)
fclose(fd)
The is no performance problem because fsync(fd) syncs only the requested file. However, that's in theory... use EXT3 and you'll quickly learn that fsync() is only able to sync the whole filesystem - it doesn't matter which file you ask it to sync, it will always sync the whole filesystem! Obviously that is going to be really slow.
Because of this, way too many software developers have dropped the fsync() call to make the software usable (that is, not too slow) with EXT3. The correct fix is to change all the broken software and in the process that will make EXT3 unusable because of slow performance. After that EXT3 will be fixed or it will be abandoned. An alternative choice is to use fdatasync() instead of fsync() if the features of fdatasync() are enough. If I've understood correctly, EXT3 is able to do fdatasync() with acceptable performance.
If any piece of software is writing to disk without using either fsync() or fdatasync() it's basically telling the system: the file I'm writing is not important, try to store it if you don't have better things to do.
I want megapixel war on displays (desktop monitor, EVF, mobile phone, etc). 12 Mpixel CCD sensor does not matter over 10 Mpixel CCD sensor in a small device but a 2 Mpixel display is much better than a 0.2Mpixel displays than we currently have in viewfinder or mobile phone. Even 1920x1200 computer display is barely 2 Mpixel display (or perhaps it's "6 Mpixels" if you count each subpixel).
A good designer and a bad coder creates better output then a poor designer and a good coder.
A good coder will ignore poor design done by a poor designer. There does not exists a good coder that would not be at least an average designer, too. [Granted, if you have a good design done and no coder, you are closer to ready (in process, not necassarely in calendar time) than with no design and a good coder. Yes, poor design is same as no design.]
Open Design and Open Specification are far more important then Open Source.
I agree in theory. However, in practice, most of the time the only specification exact enough is the implementation. See hardware drivers for example: there's always some specifics that are not documented anywhere else but in the the driver source. Granted, it would be better if all those specifics would be defined in the hardware documentation but more often than not, the documentation is not detailed enough to cover all the cases. One could argue whether that is because the design is poor or because the design is not detailed enough, though.
All programming is, after all, just documenting the desired behavior in approriate detail for a simple calculator to be able to comprehend. Some software designers dream about the future where software can be dragged-and-dropped together from simple pieces. If you are trying to describe some process in great detail, would you rather use some language (like English, C++, Java) or would you like to drag images around with a mouse? I'd prefer using some language suitable for the problem. Do you believe that in the future coders do are not required?
7. Secret hidden folders: Just use truecrypt. This doesn't even encrypt your home directory based on the article. And you need to go to the terminal to set it up?
At least the alternate install CD asked if I wanted to use "Private folder" and it was automatically setup by the time I logged in for the first time. The difference compared to truecrypt is that you don't need to decide the partition size or anything. The encrypted file system is mounted at $HOME/Private and it's actual contents are in $HOME/.private. Only the contents of the files are encrypted so the names of the files are readable always from the raw file system. The encryption is per file and seems to cause quite an overhead for small files. A text file with only a few bytes requires about 12KB of storage which has about 12KB of overhead. The real point is to have encryption for the contents of the files without needing to specify partitions before using the storage space.
Some simple calculations will show you that 1000 mpg (for g as in gallon of gasoline) is physically impossible.
True, as long as you take the following "facts" as constants:
A single internal combustion engine
Projected area: one square meter
Drag coeffient: 0.1
Travelling speed: 60 mph
It is not physically impossible to create a car that does not have all the above limitations. Such a car could do more than 1000 mpg. Obviously, it would not behave or look like a typical SUV...
Yeah, if I had my SLR with a good long, big lens and good low-light film, or a $1000-ish DSLR, I could probably take some good pictures like you describe. Fortunately, Moore's Law should put those kinds of sensors in cell phones within a decade, then maybe we'll see something like you describe.
Unfortunately, current high quality CCDs are already almost perfect photon counters. The smaller you make the chip, the less surface area you get per pixel and the less photons you have per pixel. The less photons you have per pixel, the more noise the resulting image will have. If you want to have a small lens (and small camera) you have to use a small detector and as a concequence you cannot get very much photons per pixel. The smaller the camera, the worse the image quality. And it will only suffer the more the less light you have. Also notice that Moore's Law will not help here because it only helps with stuffing more on the same area of the chip and here we're limited by the surface area to count photons. The cost of making 1 cm^2 of silicon chip is pretty constant.
Firefox and all of its extension use JavaScript and XUL. Gecko implements JavaScript and XUL (in addition to XSLT, XML, XHTML, HTML etc.). Webkit implements (X)HTML renderer and a JavaScript engine. If you decide that Firefox has any value (and I think it has) plus if you want to use any its extensions (I use a lot), then you have no choice but to use Gecko.
Of course, if Webkit is first extended to support XUL and Firefox's extension mechanism - just go for it. That way you could use pretty much all the Firefox extensions in Safari, Chrome and friends. Then we could ask Firefox to dump Gecko if we still think so. I wouldn't expect that to happen too fast...
Opera is _the standard_ on mobile devices. [...] Why Nokia spares millions to their number 1 competitors HTML rendering Webkit? [...] Gnome, KDE, the actual Qt (trolltech) are moving to webkit. Why? Ask them.
I agree that Opera is the standard for low end mobile devices such as GSM phones with GPRS connection. Considering that KDE is built on QT (made by Trolltech) and QT is now owned by Nokia, it isn't that big a surprise that Nokia is also spending money on Webkit which is based on KHTML which is built on KDE/QT. I also agree that Mozilla is still too big for Symbian S60 devices. But what wouldn't be too "big" for Symbian?
Nokia is also spending money on Maemo project that is using Mozilla+GTK+Linux. Why? ask them. I'd guess that they're targetting webkit for low end devices and Maemo for high end devices.
See CSS2 feature font-size-adjust. It allows you to tell browser about the ratio between the x-height and font-size. From the spec:
For example, the popular font Verdana has an aspect value of 0.58; when Verdana's font size 100 units, its x-height is 58 units. For comparison, Times New Roman has an aspect value of 0.46. Verdana will therefore tend to remain legible at smaller sizes than Times New Roman. Conversely, Verdana will often look 'too big' if substituted for Times New Roman at a chosen size.
The idea is that you provide the ratio for the preferred font and if that is not available, the browser is supposed to scale the replacement font (using the ratio given by font-size-adjust and the ratio available from replacement font's properties) so that it has visually the intended size.
Too bad that CSS2 is not implemented by browsers. The same applies for that new feature you suggested (which results to pretty much similar behavior).
Seeing that you used "aptitude" I'd guess you're using Ubuntu or Debian. Did you notice that the problem you're describing has to deal with the nvidia display driver which is unsupported?
Linux is not ready to be used for desktop if you decide that you have to use some piece of unsupported hardware. If your hardware vendor (NVIDIA) did support Ubuntu, they would provide a working repository and updating the system would just work.
Would you complain that Windows cannot be used on a desktop because it causes you to do weird things to get a piece of hardware to work if that piece of hardware is not supported by either the manufacturer or Microsoft? The fact that you can use that piece of hardware at all is great! It's unfortunate that using an unsupported hardware may be hard.
Lets pretend that person A has made the invention first and has decided not to apply a patent for it (keeping the invention secret) and B later files the paperwork and gets granted a patent. In first-to-file system A can later come and make the patent void due to prior art but he cannot claim the patent as his own. And I believe it should be this way! Person A should not be awarded for the fact that he tried to keep the invention secret (the patent system is supposed to help getting inventions into public domain) but the fact that A did the invention earlier should be enough to nullify the patent of B.
If something is simple enough that A and B both come up with the same end result without knowing about each other, the there shouldn't be a patent at all.
You obviously don't understand how shells work. The bug is between IE and the shell. IE passes an untrusted string to the shell, the shell creates a command line to execute, and the shell executes it. There is _absolutely_nothing_ that firefox could do to prevent this exploit, apart from not registering such a scheme handler at all.
If I've understood correctly, the problem is not (this time) that IE skips the encoding of shell parameters but that the firefoxurl scheme handler is too powerful. MS used once to say that all scheme handlers should be made safe to use in the internet. So if one can put anything in firefoxurl scheme handler and it will be executed by firefox as is, the problem is in the firefox. It's the scheme handler that should make sure that it handles the scheme safely.
But then again, if the current specification is that scheme handlers are not supposed to be internet safe (that is, visiting any URL with any scheme should not be considered safe), then the problem is in IE. It should only enable schemes that it considers safe.
How exactly does the free market go about fixing limited duration government granted monopolies (a.k.a. patents)?
Alternative methods to accomplish the same goal have been used as patent work-arounds from the earliest days. If not for someone working-around the Wright Brother's patents, jets would be using "wing warping" instead of "flaps."
Yes, that is a work-around. Notice, however, that the whole patent system was originally created to help sharing of information, namely inventions. If you made an invention and made it publicly available, in return the government granted you a limited monopoly.
Nowadays, this has twisted into reality where government grants you a monopoly and you absolute do not share your "invention". Instead, you use your monopoly to prevent related innovation by others. The government grants you (limited) monopoly and in return you share a piece of document that, more often than not, shares zero information about the real invention you possibly did. In case of software, the only thing that really could describe your invention correctly would be the source code. However, that is not required to get a software patent. That's where the problem is - you can get a patent to protect your invention without disclosing that very same invention.
In Finland lower court decided that CSS mechanism used in DVDs does not make an effective technological protection mechanism (exact wording from GPL v3 latest draft). Court even raised an question about if there is any such mechanism or ever will be.
If I've understood correctly, the point was that CSS mechanism used in DVDs does not make an effective technological protection mechanism, because it's a known method.
Compare this to AACS, for example. Decryption method (without a proper key) for AACS is not publicly known. As a result, it could be considered to be an effective technological protection mechanism by the court. And if it were considered as such, then even disclosing information about how to decrypt AACS (making the decryption method available to public) could be illegal in Finland (and in many other countries).
However, when AACS gets broken and the method is released to public, then it's probably safe to use that method in Finland.
Slashdot Mirror
I read that as "we should only teach skills and knowledge that provides more monetary value for the society in the long run, compared to the resources spent on education". As a whole, I agree. However, we should improve on detecting childs clearly above average and using extra resources on them. I believe that everybody should have basic education but there's no reason to spend huge amount of education resources on everybody.
I don't check (I prefer word "review" or "audit" here) the libraries for security vulnerabilities before I start using them. However, I only accept libraries than come with the source and I do cursory review of the code with a question in mind:
Only if the code looks sane enough that I can answer "yes" I even start using the library. And the security is only a small part of the picture here! If the library does anything important within the product, any major bug in it's behavior will cause major issues for my product, too. If I cannot (at least in theory) fix the library, I'm not going to use it.
I might use a closed source library for some totally optional feature in the product but even in that case I'd keep looking for another solution with the source. And with "optional feature" I mean something that can be disabled or removed if any evidence comes up for the library having a security issue.
It's possible to do HDR correctly, too. See e.g. http://www.flickr.com/photos/cmdrcord/4973996377/sizes/o/in/pool-89888984@N00/. You cannot take a shot like this without HDR + tone mapping because the amount of light in the wall with direct sunlight is way too high compared to shadows under collapsed roof. I consider HDR similar to digital sharpening algorithms: it's possible that using the technique improves the image quality but more often than not, beginners use it way too much.
It just came to my mind, that even some banks are stupid enough to use identification number as authentication. In this particular case, the attacker was able to withdraw money from an account by only knowing the account number (the account identifier). If this happened to me, I'd sue my bank for giving out my money without authenticating my identity. It should be really simple:
Any bank doing only
deserve to be sued their assess off.
It should not matter if businesses store your SSN. Would you object to storing your name, email address, phone number, postal address or any other publicly available number or information? The SSN should not be any different.
I'm afraid that the real problem is that businesses (and possibly government officials) are using SSN as authentication token instead of identification token.
We have exactly the same problem here in Finland with our SOTU/HETU/what-ever-it's-called-today identifier string. It was originally designed to be identifier for every citizen but the latest law (Henkilötietolaki, 1999) says that this identifier should not be public... Or it can still be used for identifying persons for statistical reasons, for selling services for credit, renting, insurances and other miscellaneus stuff. However, it cannot be used as the person idenfier "only because it were the easiest way to identify a person" (direct translation from the actual law)! How fucked up is that? A personal identification number that shall not be used as personal identification number? To my knowledge this originates from using this identifier for authentication (surely you are the only person that can remember the last 4 symbols in your identification number?)... After reading this discussion, it seems clear that the problem is the same in the USA. What I cannot understand is why they decided to codify this brain-damage as a law instead of simply saying that you cannot authenticate with identifier.
How can we get businesses and government to regognize the difference between identification and authentication? SSN or any other non-secret is not an authentication token and MUST NOT require any protection to keep it from public. One simple method would be to pass a new law that practically says that "SSN number cannot be used as an authentication". As a result, anybody using the SSN for authentication would have no authentication at all, according to law. Hopefully that would be clear enough even for dumber businesses.
Because even though Mozilla has some money, it cannot license H.264 with GPL compatible terms. They need a license that allows end users to modify and redistribute modified versions of Mozilla products (e.g. Firefox). The modified version could be a GPL licensed H.264 codec which has absolutely no browser code remaining. The patent owner, MPEG LA, is not happy with such licensing terms because if they license H.264 to Mozilla with such terms, every free software project has a license. Or if they grant such license, Mozilla is not rich enough for it...
I'm not parent poster that claimed such but here're my ideas about this:
I'd be happy with software patents given following further restrictions:
Notice that originally US patent system required implementation of said invention to be presented to patent officer. This requirement was then dropped because of heavy costs (for the officers or inventors, I don't know). With software, the cost of copying the invention to the patent officer is less than filing the patent so there is really no reason not to require reference implementation.
Basically true, but the devil is in the details. Latest Firefox version does stuff such as display downloaded fonts on web pages without installing said fonts in the system (requires a new API), scan downloaded files for viruses (has 2 APIs, win2000 requires the old one, newer Windows versions require the newer API), allows theming the browser (could use native uxtheme library API if supported only winxp or newer), native UNICODE support is better with newer versions, too.
For combination of wget and cat the OS version does not change much, for OS supported rendering and integration features, the OS version is very important. The linux version of Firefox already requires pretty recent glibc and cairo libraries.
The fact that Sun bought the MySQL for acquiring rights to the source. That allows them to sell MySQL with licenses other than GPLv2. If they merge code from any open source fork (they're all GPLv2 because that's the only choice MySQL license allows for a fork), then Sun would be forced to distribute under GPLv2 only. Clearly this is not what they want because they paid $1,000,000,000 for the source. If they wanted GPLv2, they had it for free (as in beer!) already.
Excuse my language, but why the fuck are those "common desktop programs" writing and renaming files several times a minute? I understand that files are written if I change any settings but this is something different. Perhaps there should be some special filesystem that is designed to freeze the whole system for 1 second for every write() any application does. Such filesystem could be used for application testing. That way it would be immediately obvious if any program is writing too much stuff without a good reason.
The EXT4 is doing exactly the right thing because it's never actually writing any of those files to the disk. Because those files are constantly replaced with new versions, there's no point trying to save any unless the application ask so. To do that, the application should call fsync(). Otherwise, the FS has no obligation to write anything in any given order to the disk until the FS is unmounted. A high performance FS with enough cache will not write anything to disk until fsync() unless the CPU and disk have nothing else to do (and even then, only because it probably improves the performance of possibly following fsync() or unmount in the future).
The POSIX specifies that closing a file does not force it to permanent storage. To get that, you MUST call fsync() .
So the required code to write a new file safely is:
The is no performance problem because fsync(fd) syncs only the requested file. However, that's in theory... use EXT3 and you'll quickly learn that fsync() is only able to sync the whole filesystem - it doesn't matter which file you ask it to sync, it will always sync the whole filesystem! Obviously that is going to be really slow.
Because of this, way too many software developers have dropped the fsync() call to make the software usable (that is, not too slow) with EXT3. The correct fix is to change all the broken software and in the process that will make EXT3 unusable because of slow performance. After that EXT3 will be fixed or it will be abandoned. An alternative choice is to use fdatasync() instead of fsync() if the features of fdatasync() are enough. If I've understood correctly, EXT3 is able to do fdatasync() with acceptable performance.
If any piece of software is writing to disk without using either fsync() or fdatasync() it's basically telling the system: the file I'm writing is not important, try to store it if you don't have better things to do.
I want megapixel war on displays (desktop monitor, EVF, mobile phone, etc). 12 Mpixel CCD sensor does not matter over 10 Mpixel CCD sensor in a small device but a 2 Mpixel display is much better than a 0.2Mpixel displays than we currently have in viewfinder or mobile phone. Even 1920x1200 computer display is barely 2 Mpixel display (or perhaps it's "6 Mpixels" if you count each subpixel).
Choices include Dia, Kivio and Umbrello. See the other answers, too.
A good coder will ignore poor design done by a poor designer. There does not exists a good coder that would not be at least an average designer, too. [Granted, if you have a good design done and no coder, you are closer to ready (in process, not necassarely in calendar time) than with no design and a good coder. Yes, poor design is same as no design.]
I agree in theory. However, in practice, most of the time the only specification exact enough is the implementation. See hardware drivers for example: there's always some specifics that are not documented anywhere else but in the the driver source. Granted, it would be better if all those specifics would be defined in the hardware documentation but more often than not, the documentation is not detailed enough to cover all the cases. One could argue whether that is because the design is poor or because the design is not detailed enough, though.
All programming is, after all, just documenting the desired behavior in approriate detail for a simple calculator to be able to comprehend. Some software designers dream about the future where software can be dragged-and-dropped together from simple pieces. If you are trying to describe some process in great detail, would you rather use some language (like English, C++, Java) or would you like to drag images around with a mouse? I'd prefer using some language suitable for the problem. Do you believe that in the future coders do are not required?
I do both software design and coding.
At least the alternate install CD asked if I wanted to use "Private folder" and it was automatically setup by the time I logged in for the first time. The difference compared to truecrypt is that you don't need to decide the partition size or anything. The encrypted file system is mounted at $HOME/Private and it's actual contents are in $HOME/.private. Only the contents of the files are encrypted so the names of the files are readable always from the raw file system. The encryption is per file and seems to cause quite an overhead for small files. A text file with only a few bytes requires about 12KB of storage which has about 12KB of overhead. The real point is to have encryption for the contents of the files without needing to specify partitions before using the storage space.
True, as long as you take the following "facts" as constants:
It is not physically impossible to create a car that does not have all the above limitations. Such a car could do more than 1000 mpg. Obviously, it would not behave or look like a typical SUV...
Unfortunately, current high quality CCDs are already almost perfect photon counters. The smaller you make the chip, the less surface area you get per pixel and the less photons you have per pixel. The less photons you have per pixel, the more noise the resulting image will have. If you want to have a small lens (and small camera) you have to use a small detector and as a concequence you cannot get very much photons per pixel. The smaller the camera, the worse the image quality. And it will only suffer the more the less light you have. Also notice that Moore's Law will not help here because it only helps with stuffing more on the same area of the chip and here we're limited by the surface area to count photons. The cost of making 1 cm^2 of silicon chip is pretty constant.
Firefox and all of its extension use JavaScript and XUL. Gecko implements JavaScript and XUL (in addition to XSLT, XML, XHTML, HTML etc.). Webkit implements (X)HTML renderer and a JavaScript engine. If you decide that Firefox has any value (and I think it has) plus if you want to use any its extensions (I use a lot), then you have no choice but to use Gecko.
Of course, if Webkit is first extended to support XUL and Firefox's extension mechanism - just go for it. That way you could use pretty much all the Firefox extensions in Safari, Chrome and friends. Then we could ask Firefox to dump Gecko if we still think so. I wouldn't expect that to happen too fast...
Actually, it seems that gclient is open source (python source with Apache License 2.0) and you can get source for it with a simple
svn co http://gclient.googlecode.com/svn/trunk gclient-dev
For more information, see http://code.google.com/p/gclient/wiki/StartingDevelopment
I agree that Opera is the standard for low end mobile devices such as GSM phones with GPRS connection. Considering that KDE is built on QT (made by Trolltech) and QT is now owned by Nokia, it isn't that big a surprise that Nokia is also spending money on Webkit which is based on KHTML which is built on KDE/QT. I also agree that Mozilla is still too big for Symbian S60 devices. But what wouldn't be too "big" for Symbian?
Nokia is also spending money on Maemo project that is using Mozilla+GTK+Linux. Why? ask them. I'd guess that they're targetting webkit for low end devices and Maemo for high end devices.
See CSS2 feature font-size-adjust . It allows you to tell browser about the ratio between the x-height and font-size. From the spec:
The idea is that you provide the ratio for the preferred font and if that is not available, the browser is supposed to scale the replacement font (using the ratio given by font-size-adjust and the ratio available from replacement font's properties) so that it has visually the intended size.
Too bad that CSS2 is not implemented by browsers. The same applies for that new feature you suggested (which results to pretty much similar behavior).
Seeing that you used "aptitude" I'd guess you're using Ubuntu or Debian. Did you notice that the problem you're describing has to deal with the nvidia display driver which is unsupported?
Linux is not ready to be used for desktop if you decide that you have to use some piece of unsupported hardware. If your hardware vendor (NVIDIA) did support Ubuntu, they would provide a working repository and updating the system would just work.
Would you complain that Windows cannot be used on a desktop because it causes you to do weird things to get a piece of hardware to work if that piece of hardware is not supported by either the manufacturer or Microsoft? The fact that you can use that piece of hardware at all is great! It's unfortunate that using an unsupported hardware may be hard.
Lets pretend that person A has made the invention first and has decided not to apply a patent for it (keeping the invention secret) and B later files the paperwork and gets granted a patent. In first-to-file system A can later come and make the patent void due to prior art but he cannot claim the patent as his own. And I believe it should be this way! Person A should not be awarded for the fact that he tried to keep the invention secret (the patent system is supposed to help getting inventions into public domain) but the fact that A did the invention earlier should be enough to nullify the patent of B.
If something is simple enough that A and B both come up with the same end result without knowing about each other, the there shouldn't be a patent at all.
If I've understood correctly, the problem is not (this time) that IE skips the encoding of shell parameters but that the firefoxurl scheme handler is too powerful. MS used once to say that all scheme handlers should be made safe to use in the internet. So if one can put anything in firefoxurl scheme handler and it will be executed by firefox as is, the problem is in the firefox. It's the scheme handler that should make sure that it handles the scheme safely.
But then again, if the current specification is that scheme handlers are not supposed to be internet safe (that is, visiting any URL with any scheme should not be considered safe), then the problem is in IE. It should only enable schemes that it considers safe.
Yes, that is a work-around. Notice, however, that the whole patent system was originally created to help sharing of information, namely inventions. If you made an invention and made it publicly available, in return the government granted you a limited monopoly.
Nowadays, this has twisted into reality where government grants you a monopoly and you absolute do not share your "invention". Instead, you use your monopoly to prevent related innovation by others. The government grants you (limited) monopoly and in return you share a piece of document that, more often than not, shares zero information about the real invention you possibly did. In case of software, the only thing that really could describe your invention correctly would be the source code. However, that is not required to get a software patent. That's where the problem is - you can get a patent to protect your invention without disclosing that very same invention.
If I've understood correctly, the point was that CSS mechanism used in DVDs does not make an effective technological protection mechanism, because it's a known method.
Compare this to AACS, for example. Decryption method (without a proper key) for AACS is not publicly known. As a result, it could be considered to be an effective technological protection mechanism by the court. And if it were considered as such, then even disclosing information about how to decrypt AACS (making the decryption method available to public) could be illegal in Finland (and in many other countries).
However, when AACS gets broken and the method is released to public, then it's probably safe to use that method in Finland.