The book should have included the original FORTRAN IV source for Colossal Cave. This code is the closest thing I've seen to the proverbial "brandy and cigar" standard for readable source. This code is readily available on the Web, and should be studied by anyone who says, "But in language X you can't Y." FORTRAN provided essentially zero support for structured code or data abstraction. Yet you can quite easily read the data files and algorithms and easily understand it.
Perhaps Andy would include this in a second edition? Or as an online extra? I could write a commentary...;)
There's a difference between bad grammar in a Slashdot post and bad grammar in the New York Times.
FWIW, my rule is that message boards, blogs, etc. are informal communications, and I ignore such personal defects as bad spelling, or Democratic political views.
I do, however, think that people who make their living from such communication (reporters, magazine writers) should meet minimum professional standards in published work. These are formal communications, and should be held to higher standards.
So posters to Slashdot (people like me) should be valued solely on their content and contribution.
Commander Taco, however, is engaged in journalism, and should learn the difference between 'then' and 'than'.
Munging Alternative
on
Data Crunching
·
· Score: 2, Informative
You might want to compare this book to "Data Munging With Perl" by David Cross.
I notice the lawyers have no trouble understanding that a law cannot be anyone's property. Now if they'd just apply that logic to patents on software ideas, mathematical methods and aggregations of facts.
Every state has a Labor Relations board, or something similar. One of the things they do is gather statistics on salaries. Which they then publish.
These are usually by state and/or county, but you can sometimes get these reports for the larger metro areas as well. The reports are normally free, or you just pay for postage.
Does this suggest we can compress English text by retaining first, last, and length? Given that we can represent chars with 5 bits, and use another 5 bits for length, we should be able to pack words into two bytes, including a parity bit.
Does this work only for English? Or only for Romance languages? Or can we find a similar scheme for any language?
I bought Caldera Linux, so how do they plan to sue me? Seems like I already paid them once; how can they charge me again for the same product? How can they claim that my license is invalid?
That was exactly my feeling when I got to the sign-up page. I didn't mind some of the questions, but when I realized they had enough info to build my SSN from, and that the info was not secure, I started wondering if this site is real or not.
I guess we'll know when the 'identity theft' ring goes into action.
When I read the THE manual, I couldn't help but feel he was reinventing the vi command set and using it as the main interface to the system.
But, since Jef is a bright guy, I'm going to wait and see where he's going with this. The THE editor is just a single example of what's in his head. I think it's a mistake to generalize from this example to the entire THE system.
Also, perhaps what's going on is that a fellow who spent his life thinking about how ordinary people use computers has simply found a systematic explanation for why vi is still so popular (although I'm an Emacs user myself).
The vi command set was designed to minimize the number of characters sent and recieved by the relatively slow terminals used at the time. Perhaps it also encapsulates a 'minimum effort/maximum result' way of thinking. In which case, it's no surprise that Jef would rediscover it.
Sorry about that. I somehow had the idea that the highest levels were '1'.
Just to clarify, I didn't mean to imply that NT3.5 ever received a B1; just that it could be configured to meet that level. The main point being that while a specific cert might be nice in the PR wars, how you apply the system is what's important. For example, just as soon as a W2K user loads MS Office onto that machine, the cert is no longer valid.
The CC cert is less revealing than a NIST cert, because the CC evaluate the design of the system, and only a part of the implementation. So it is better suited to show that a developer has good security processes, rather than secure products.
And let's not slight MS here. From what I've seen, they are making an honest effort to secure their products. I think they've finally reached the point at which they have to in order to stay in business.
OK. Enough with the childish flames. MS got a security rating. Good for them. Now, what does it mean?
Read the description on the CC web site, and you'll see that the evaluation was for the development process, and that only part of the impementation was tested at all. (I wonder which part?)
All of which, while interesting to some, is in the 'so what' category. Security is not a cert, or a product. Security is what you do.
For example, Windows NT 3.5 was certified to the NIST 'C2' level (basically, C2 means you have separated the users and require a login). But there was no problem building a 'B2' level (mandatory access control) system with NT3.5; you just had to add some software and hardware to plug the holes.
So these certs are of no use except to PR flaks. And trolls.
This is not a severance package; it's a contract. They want to pay you not to sue, etc. Treat it accordingly.
When you take your next job, learn from this. The time for negotiating a severance package is on the way in! A severance package is part of your total compensation, just like vacation, profit sharing, etc.
Commercials during television shows are a new thing, not an old one.
Back in the day (as you kids say), a company would pay the production costs for a show (this was the sponsor). This is where we got the "Texaco Playhouse"; the advertising value was just the connection to the show.
The idea of "product placement" goes back to these days as well. If you watch the old kinescopes (check your local video store for these), you'll see the cast perform the commercial right in the middle of a scene. "Wouldn't you like some fresh Knudsen milk on that?" "Oh, yes Knudsen makes the best milk." The cast of "I Love Lucy" was required to smoke during every episode; they were sponsored by Philip Morris.
What I want to know is this: why are they running commercials at movie theaters? And how long before your pay-per-view will include commercials as well? I'd much rather they raise the price and let me pay for what I want. I hate being whored out to Coca-Cola without my consent.
2) "Firewalls and Internet Security" by Cheswick and Bellovin.
The BEST book on firewalls. Online version at
http://www.wilyhacker.com
3) "Hacking Exposed" by McClure, Scambray and Kurtz.
Not as systematic as the others, but this one has the specifics that let you see what the other books were talking about.
4) Run a GNU/Linux system and start watching logs, etc. I'm on a dial-up and get hit several times per week. Follow up and see if you can figure out what they're doing; hopefully they don't get in!
5) Keep abreast with CERT, SANS, BUGTRAQ, etc.
6) There is no Royal Road to NetSec; you'll just have to dig in and learn it the hard way.
Slashdot Mirror
The book should have included the original FORTRAN IV source for Colossal Cave. This code is the closest thing I've seen to the proverbial "brandy and cigar" standard for readable source. This code is readily available on the Web, and should be studied by anyone who says, "But in language X you can't Y." FORTRAN provided essentially zero support for structured code or data abstraction. Yet you can quite easily read the data files and algorithms and easily understand it.
;)
Perhaps Andy would include this in a second edition? Or as an online extra? I could write a commentary...
Harry Harrison wrote "Make Room!, Make Room!", from which the movie "Soylent Green" was tortured.
The term "soylent" refers to artificial meat, made from a combination of soybeans and lentil beans.
The term "green" refers to the "weedcrackers" used to supplement food supplies in an overcrowded world.
There's a difference between bad grammar in a Slashdot post and bad grammar in the New York Times.
FWIW, my rule is that message boards, blogs, etc. are informal communications, and I ignore such personal defects as bad spelling, or Democratic political views.
I do, however, think that people who make their living from such communication (reporters, magazine writers) should meet minimum professional standards in published work. These are formal communications, and should be held to higher standards.
So posters to Slashdot (people like me) should be valued solely on their content and contribution.
Commander Taco, however, is engaged in journalism, and should learn the difference between 'then' and 'than'.
You might want to compare this book to "Data Munging With Perl" by David Cross.
/ 1229238&tid=145&tid=6
See the Slashdot Review:
http://books.slashdot.org/article.pl?sid=01/04/26
I notice the lawyers have no trouble understanding that a law cannot be anyone's property. Now if they'd just apply that logic to patents on software ideas, mathematical methods and aggregations of facts.
These are usually by state and/or county, but you can sometimes get these reports for the larger metro areas as well. The reports are normally free, or you just pay for postage.
This is your first stop in salary negotiations.
The quote is actually, "blood, sweat, toil, and tears". You've confused politics with music again, fanboy.
Does this work only for English? Or only for Romance languages? Or can we find a similar scheme for any language?
I bought Caldera Linux, so how do they plan to sue me? Seems like I already paid them once; how can they charge me again for the same product? How can they claim that my license is invalid?
It's been well established that I'm paranoid, but is anyone else bothered by the number of (apparent) True Names in the list?
The 'transcendence' is an artifact of the NewsFactor writer who clearly misunderstood what was being said.
For instance, even if the intended receiver is honest and trustworthy, my personal information is being transmitted in the clear.
As lawyers, they are supposed to be aware that requiring my SSN is a violation of law.
This is clearly paranoia on my part, but I'm OK with that.
I guess we'll know when the 'identity theft' ring goes into action.
Preach it, Lamont!
Finding new music is like stepping stones; you go from one to the next to the next. So when you find music you like, you look at similar music.
Fundamentally, you will need to sample bands and be disappointed a lot. The proof of the pudding is in the tasting.
But, since Jef is a bright guy, I'm going to wait and see where he's going with this. The THE editor is just a single example of what's in his head. I think it's a mistake to generalize from this example to the entire THE system.
Also, perhaps what's going on is that a fellow who spent his life thinking about how ordinary people use computers has simply found a systematic explanation for why vi is still so popular (although I'm an Emacs user myself).
The vi command set was designed to minimize the number of characters sent and recieved by the relatively slow terminals used at the time. Perhaps it also encapsulates a 'minimum effort/maximum result' way of thinking. In which case, it's no surprise that Jef would rediscover it.
Speed, performance, instruction set differences, and the stated goal of independence will lead them to avoid Microsoft at all costs.
Maybe this means 'Red Flag Linux', maybe not. But it's a start.
Just to clarify, I didn't mean to imply that NT3.5 ever received a B1; just that it could be configured to meet that level. The main point being that while a specific cert might be nice in the PR wars, how you apply the system is what's important. For example, just as soon as a W2K user loads MS Office onto that machine, the cert is no longer valid.
The CC cert is less revealing than a NIST cert, because the CC evaluate the design of the system, and only a part of the implementation. So it is better suited to show that a developer has good security processes, rather than secure products.
And let's not slight MS here. From what I've seen, they are making an honest effort to secure their products. I think they've finally reached the point at which they have to in order to stay in business.
Read the description on the CC web site, and you'll see that the evaluation was for the development process, and that only part of the impementation was tested at all. (I wonder which part?)
All of which, while interesting to some, is in the 'so what' category. Security is not a cert, or a product. Security is what you do.
For example, Windows NT 3.5 was certified to the NIST 'C2' level (basically, C2 means you have separated the users and require a login). But there was no problem building a 'B2' level (mandatory access control) system with NT3.5; you just had to add some software and hardware to plug the holes.
So these certs are of no use except to PR flaks. And trolls.
The meaning of 'transparancy' is completely opaque to me. Your 'parants' should be ashamed.
When you take your next job, learn from this. The time for negotiating a severance package is on the way in! A severance package is part of your total compensation, just like vacation, profit sharing, etc.
Get it in writing.
Back in the day (as you kids say), a company would pay the production costs for a show (this was the sponsor). This is where we got the "Texaco Playhouse"; the advertising value was just the connection to the show.
The idea of "product placement" goes back to these days as well. If you watch the old kinescopes (check your local video store for these), you'll see the cast perform the commercial right in the middle of a scene. "Wouldn't you like some fresh Knudsen milk on that?" "Oh, yes Knudsen makes the best milk." The cast of "I Love Lucy" was required to smoke during every episode; they were sponsored by Philip Morris.
What I want to know is this: why are they running commercials at movie theaters? And how long before your pay-per-view will include commercials as well? I'd much rather they raise the price and let me pay for what I want. I hate being whored out to Coca-Cola without my consent.
And it's already formatted for publishing!
Kids these days...
"No association was found between seropositivity to T. gondii and human population density or exposure to sewage."
My self-education went like this:
1) "Computer Networks" by Andrew S. Tannenbaum
This will teach you what's really going on
2) "Firewalls and Internet Security" by Cheswick and Bellovin.
The BEST book on firewalls. Online version at
http://www.wilyhacker.com
3) "Hacking Exposed" by McClure, Scambray and Kurtz.
Not as systematic as the others, but this one has the specifics that let you see what the other books were talking about.
4) Run a GNU/Linux system and start watching logs, etc. I'm on a dial-up and get hit several times per week. Follow up and see if you can figure out what they're doing; hopefully they don't get in!
5) Keep abreast with CERT, SANS, BUGTRAQ, etc.
6) There is no Royal Road to NetSec; you'll just have to dig in and learn it the hard way.