It would be a tragedy if you were to undermine your rule of law and slide into becoming a police state by subverting your constitution.
That ship has sailed, and gun control is just one aspect of it. Here's another example:
During the Civil Rights era, Whites committing crimes against Blacks were getting off free in jury trials. Juries understood that they had the power to nullify laws, and they used it.
The proper response? Legislation or if necessary an amendment specifying that nullification could not be used for some crimes. It could have been a short list. Perhaps murder, rape and battery would have been exempt, leaving juries free to nullify other laws with which they didn't agree such as 2 years for smoking a joint.
The actual response? Judges lying to jurors, telling them there's no such thing as nullification, and/or anybody who mentions it being disqualified for jury duty. See also, plea bargaining in which defendants are coerced into admitting guilt in order to avoid ridiculous jail time. Being tried by a jury of your peers? It almost never happens now.
This is a rogue band of corporate fascists who have hijacked us. If you define them as the USA, then even the USA doesn't like the USA. So, speaking as a real American I say, "go for it"!
It takes EBT, right? Otherwise how will the humans that used to flip the burgers eat? Hopefully they don't make a robot that stands in the middle of the street, accosts you on Muni, and begs for change. If they do that, then humans really are sunk... except for those of us who know how to fight the robots. That's it. I'm signing up at robot fighting academy tomorrow. (ZZZZZZZZZzeep!) Wait, it's somebody from the futue. uh-huh, uh-huh, really? No. Yeah? OK. well, I guess.
Hey, Slashdot? Disregard the above. You'll understand later.
You don't understand reflection evidently. Reflection is a core feature of languages such as C# and java
Let's leave specific languages out of it, and discuss reflection in language-neutral terms. AFAICT, it's a vague term that encompasses several things. 1. Reading out the names and types of data members of an object at runtime. 2. Reading out the names of function members of an object at runtime. 3. Reading out the exact *class* of that object at runtime (which would lead you back to 1 and 2, so that's redundant). 4. (the particular thing I think is dangerous if not used CAREFULLY) Adding new members (data or function) to a class at run-time.
You simply can't get rid of it without completely redesigning the language.
I was particularly interested in (4) above, and note that I've added CAREFULLY. There are probably a hand full of use cases where you need that. In an object-oriented language you probably can't have "just a function" like you can in C, so adding some code to a class is probably the only way to implement the aforementioned graphing calculator applet.
OTOH, I maintain that if you have something like a button class that you've been using for 10 years, it's just way too tempting for some junior developer to "solve" problems by injecting new code into it.
This isn't a problem with reflection as much as sloppy programming. There is zero reason why a competent development team couldn't make reflection perfectly safe.
Here you seem to be siding with those on this forum who paint the Oracle devs as incompetent. I prefer to reserve judgement. I haven't been digging through Java code. I don't know what kind of maintenance nightmare they inherited.
Now, not to let this internet communication get too out of hand (as it looks like we're already having the f2f vs. online communication problem here) but another hair that needs to be split is "safe" vs. "sane". It might be possible to make self-modifying code "safe" from a security standpoint; but I'm doubtful about the "sanity" (for "sane", read ability to trace and debug) of it. This doubt comes from debugging C++ code where *data* has accidentally been modified at run-time. That's bad enough; but at least I knew the *code* pages weren't hit.
LOL. When I was taking 100-level CS courses to get my EE and thought I was all cool because I had several years hacking with things like the C-64, I wrote some self-modifying assembly and turned it in as part of an assignment. The TA marked off for it as "too clever for its own good" or something along those lines. I was miffed at first, but saw the point after a while. I guess some people didn't.
That said, if there's something that uses "eval" like functionality, such as a graphing calculator app then that's useful. It's not arbitrary modification of the existing code so much as it is writing new code. The loader could scan for calls to "eval", and replace them with calls to "safe_eval" which would include the scanning function.
I don't see why that couldn't work for adding functions to a class at runtime, which is something the wiki article on reflections considers as part of the definition.
At any rate, since you're narrowing it down to a problem with their implementation of reflections (however you define it) then it seems like they need to run some kind of audit wherein all reflective calls in their source tree are singled out and secured. Another advanced concept, "aspect oriented programming", comes to mind.
Long story short though, it's too clever for its own good. Actually, it also makes me think of why Windows has had such a hard time on the Internet. It was designed first, then the networking was bodged on. Same deal here. Java was just imperative OO first, right? It sounds like they're trying to bodge on Lisp.
I'm not familiar with the architecture, so I have a hard time understanding why this is so difficult. Many C programmers including myself have written simple stack machines that have an "instruction set". It's trivial to separate safe instructions from dangerous ones
One instruction might be 32-bit unsigned addition that rolls over without throwing an exception. Perfectly safe, as long as you can live with the results.
Another instruction might be "open file". Lots of opportunity for mischief there.
So. If the code came from the 'net, you just scan the code after you've compiled it onto your VM and reject anything that has "open file" unless the user has granted permission for the software to access files.
Sure, I'm glossing over the details; but that's the basic idea. If you have a huge library, you might have to have staff review a lot of API calls to make sure you're classifying them properly as safe or dangerous; but the fundamental idea of the sandbox itself seems really, Really, REALLY hard to mess up.
It sounds like they have calls to a "cause the scanner to ignore dangerous functions" API scattered throughout their code, which seems highly unlikely. Library code shouldn't even know it's running after a scan, let alone have the ability to shut off the thing that scans it.
So. I have to conclude that the sandbox architecture is something more complicated than "compile, scan for restricted system calls, run if none found"; but I have no idea what it is. Can anybody enlighten me?
Lots of variables: mission profile, the mass of the RTG system, the mass of the panels, power requirements. What's most important? Keeping the weight down? Maybe something else. Let's say it's the weight though. Part of me imagines them setting up an equation involving the aforementioned variables and coming up with a solution that minimizes the weight.
If you go solar only, you would need bigger panels and batteries to run the dark side of the mission. If you go RTG only, you'd need a bigger RTG. Now it gets even more complicated because not only is it heavy, the fuel is probably expensive. Also, there could be political concerns about launching too much Pu. Yeah, China will do sketchy things; but I bet they don't want to annoy people needlessly or spend lavishly launching too much Pu.
Aviation policy is written in blood. Gun policy is written in tears. The result? We have safe skies, and dangerous streets.
It's an interesting coincidence that we have an aviation problem ongoing now too. I bet the Boeing problem will be examined not only from a technology standpoint (ban this battery) but from a social standpoint (how did this battery get past QC?). That's the blood, both literal and figurative of the airline business.
The gun problem will be addressed with an insanity that rivals that of the crazed shooters themselves. Obama refuses to address the elephant in the room--how to enact a saner policy that preserves the 2nd Amendmant rights. Perhaps that would mean a Swiss-style policy, where you must join an organization that periodically checks your fitness for ownership of certain weapons. It might even pass muster without modifying the Constitution. Instead we'll ignore that issue and it'll end up being a SCOTUS mess and/or mass civil disobediance, or selective enforcement, or just another way to tack more years onto criminal sentences. Nothing will really be fixed, because it'll all be done on pure emotion and the documents that are supposed to govern us are being ignored. It'll be done like this because people are bawling their eyes out and politicians feel like they have to do something. Those are the tears, both literal and figurative of guns in America.
Eventually, there would be enough pressure for the ISP's to push IPv6 down the food chain to the end user who will either pay more for IPv4 service, or upgrade to IPv6
End users are ahead of this. Windows XP uses IPv6 if it's available. It works so well I only know about it because I'm geeky enough to look. I assume Windows 8 and any planned future versions work the same way. All Unix-like variants have had it for years, probably longer than Windows, and I'm sure they can be configured to use IPv6 when it's available also. I assume that Apple products also "just work" in this regard; but if that assumption is invalid I'm sure someone will point it out.
Ummm... don't most 5-year olds learn to eliminate dead spots by just, you know, having a bit of momentum? Moreover, the cranks in any engine have dead spots. There are motorcycles with ONE cylinder. Huge dead spot, right? Not a problem. Momentum. That's the whole deal with these systems. Dead spots are just not a problem. Most of you couldn't stand straight on the crank if you tried, and if you did, the momentum would carry you through in the proper direction after one good stroke.
Let's take access to health insurance as a proxy. It has nothing to do with support for government health care, but it's interesting anyway.
Just glancing at it, the locus of poor insurance in the South seems to be centered in Texas, whereas the poor life expectancies seem to be centered further east of the Mississippi.
It's not exactly fine-grained data, and it's not exactly science to be glancing at maps like this. It's Slashdot-level social science, which rates a good solid 2 or 3 on a scale of 100 for science. Based on that, I'm more on your side, where I already was anyway. I just hate to agree with anything based on a 0.25 baked argument. At the very least, 0.5 baked please.
The 8 are dominated by people who support using tax money to pay for universal health insurance
Something tells me that doesn't fit Utah. Something tells me they're not prepared to publish a report telling us to abstain from alcohol and caffeine, and attend church every Sunday. Then of course you could say it has more to do with sending teens away for some time so they can have accidents elsewhere. Either they're away on mission, or they move out of the state as soon as they can so they can "party" elsewhere.
At the top of the list you've got Hawaii. Maybe a tropical paradise encourages you to exercise more. How does that explain Minnesota though?
You can quantify life expectancy, but you haven't quantified "support using tax money to pay for universal health insurance". This isn't even a correlation-causation fallacy, since you haven't supplied the other quantity to which you allege the result is correlated!
If I had to put money on anything about the South, I'd say it's the hot weather discouraging exercise combined with their food. There isn't anything they don't sweeten down there.
What's "bad". Some things are objectively bad: Memory leaks. Crashes. Slow algorithms.
Other things are SUBJECTIVE. K and R bracing vs. Whitesmiths. Tabs vs. Spaces.
Some things straddle the border between subjective and objective. The first example that comes to mind is "descriptive variable names". Everybody agrees they should be descriptive, but not everybody agrees on how long they should be to accomplish that, whether CamelCase is better_than_underscores, etc.
You're "engineers". Break this problem down. There can't just be "your code is bad". There have to be several or even many things you don't like, or think is "bad". Address each one, starting with what you think is most important. Carve the "bad code" problem into little pieces until it goes away, just like you carve the specification into little modules and functions until it's met.
Finally! Appliances that last less than two years. Regular shoddy merchandise cut the replacement time to about 5 years, but that wasn't good enough. We need appliances on a two year update cycle. This is especially true for the refrigerator. The damned things last for decades. Decades, I tell you! That lousy refrigerant that also lubricates the pump. Awful stuff. Finally we can get those on a two-year upgrade cycle too.
Oh, BTW, "we" are the manufacturers. Customers? I think we heard of those one time. We turned them into "consumers". They WILL comply.
You know that war you're fighting? The one with no point or purpose?
You're going to have to be a little more specific. The war in Afghanistan? The continued occupation of former Axis powers that are now allies? The war on drugs? The war on dignity at airports? The wars on poverty where we spend $1 million/year to create one $10k/year job? All of them, or just some of them? Please specify.
I think it's more like an assembly language that flies 10,000 feet over "bare metal". There are quite a few things that generate JavaScript. Guys are working on projects that target it. People program in $whatever, and target JavaScript.
OK, in grasping for an explanation of "negative temperature" here's my shot. Let's say you have an ordinary glass of water, half full at room temperature. Now you pour boiling water in. The resulting glass is warmer.
Now let's re-run the experiment starting with the same glass of half-full, room temperature water. You calculate the result that you would get from putting in a drop of absolute zero water. Let's say that would drop the water to just above freezing.
You put in a drop of "negative temperature water", an exotic substance that isn't frozen and somehow magically exists. The room-temperature water immediately freezes rock hard.
Of course this scenario doesn't exist anywhere in the normal world; but perhaps it exists at the quantum level.
You can poke holes in this explanation by saying that the result of mixing isn't the same as a temperature. True. It's not a measurement of the magic substance. OTOH, if you measured the magic substance Schroedinger's polar cat would leap out of the beaker and bite your face off, so don't do that.
Slashdot Mirror
I will not be surprised if someone will try in the future to use springs to archive the same goal,
I doubt springs, but F1 cars already use flywheels. They do a lot of braking and accelerating in F1.
It would be a tragedy if you were to undermine your rule of law and slide into becoming a police state by subverting your constitution.
That ship has sailed, and gun control is just one aspect of it. Here's another example:
During the Civil Rights era, Whites committing crimes against Blacks were getting off free in jury trials. Juries understood that they had the power to nullify laws, and they used it.
The proper response? Legislation or if necessary an amendment specifying that nullification could not be used for some crimes. It could have been a short list. Perhaps murder, rape and battery would have been exempt, leaving juries free to nullify other laws with which they didn't agree such as 2 years for smoking a joint.
The actual response? Judges lying to jurors, telling them there's no such thing as nullification, and/or anybody who mentions it being disqualified for jury duty. See also, plea bargaining in which defendants are coerced into admitting guilt in order to avoid ridiculous jail time. Being tried by a jury of your peers? It almost never happens now.
This is a rogue band of corporate fascists who have hijacked us. If you define them as the USA, then even the USA doesn't like the USA. So, speaking as a real American I say, "go for it"!
How do you annul a bankruptcy?
What bankruptcy?
Yes. That was all bloody outright serious. The inclusions of robot fighting and time travel were your two biggest clues.
It takes EBT, right? Otherwise how will the humans that used to flip the burgers eat? Hopefully they don't make a robot that stands in the middle of the street, accosts you on Muni, and begs for change. If they do that, then humans really are sunk... except for those of us who know how to fight the robots. That's it. I'm signing up at robot fighting academy tomorrow. (ZZZZZZZZZzeep!) Wait, it's somebody from the futue. uh-huh, uh-huh, really? No. Yeah? OK. well, I guess.
Hey, Slashdot? Disregard the above. You'll understand later.
If they actually put the code into production, your payoff will come from Russia via Silk Road.
You don't understand reflection evidently. Reflection is a core feature of languages such as C# and java
Let's leave specific languages out of it, and discuss reflection in language-neutral terms. AFAICT, it's a vague term that encompasses several things. 1. Reading out the names and types of data members of an object at runtime. 2. Reading out the names of function members of an object at runtime. 3. Reading out the exact *class* of that object at runtime (which would lead you back to 1 and 2, so that's redundant). 4. (the particular thing I think is dangerous if not used CAREFULLY) Adding new members (data or function) to a class at run-time.
You simply can't get rid of it without completely redesigning the language.
I was particularly interested in (4) above, and note that I've added CAREFULLY. There are probably a hand full of use cases where you need that. In an object-oriented language you probably can't have "just a function" like you can in C, so adding some code to a class is probably the only way to implement the aforementioned graphing calculator applet.
OTOH, I maintain that if you have something like a button class that you've been using for 10 years, it's just way too tempting for some junior developer to "solve" problems by injecting new code into it.
This isn't a problem with reflection as much as sloppy programming. There is zero reason why a competent development team couldn't make reflection perfectly safe.
Here you seem to be siding with those on this forum who paint the Oracle devs as incompetent. I prefer to reserve judgement. I haven't been digging through Java code. I don't know what kind of maintenance nightmare they inherited.
Now, not to let this internet communication get too out of hand (as it looks like we're already having the f2f vs. online communication problem here) but another hair that needs to be split is "safe" vs. "sane". It might be possible to make self-modifying code "safe" from a security standpoint; but I'm doubtful about the "sanity" (for "sane", read ability to trace and debug) of it. This doubt comes from debugging C++ code where *data* has accidentally been modified at run-time. That's bad enough; but at least I knew the *code* pages weren't hit.
THe flaw is in the reflections.
OK I had to review that.
LOL. When I was taking 100-level CS courses to get my EE and thought I was all cool because I had several years hacking with things like the C-64, I wrote some self-modifying assembly and turned it in as part of an assignment. The TA marked off for it as "too clever for its own good" or something along those lines. I was miffed at first, but saw the point after a while. I guess some people didn't.
That said, if there's something that uses "eval" like functionality, such as a graphing calculator app then that's useful. It's not arbitrary modification of the existing code so much as it is writing new code. The loader could scan for calls to "eval", and replace them with calls to "safe_eval" which would include the scanning function.
I don't see why that couldn't work for adding functions to a class at runtime, which is something the wiki article on reflections considers as part of the definition.
At any rate, since you're narrowing it down to a problem with their implementation of reflections (however you define it) then it seems like they need to run some kind of audit wherein all reflective calls in their source tree are singled out and secured. Another advanced concept, "aspect oriented programming", comes to mind.
Long story short though, it's too clever for its own good. Actually, it also makes me think of why Windows has had such a hard time on the Internet. It was designed first, then the networking was bodged on. Same deal here. Java was just imperative OO first, right? It sounds like they're trying to bodge on Lisp.
I'm not familiar with the architecture, so I have a hard time understanding why this is so difficult. Many C programmers including myself have written simple stack machines that have an "instruction set". It's trivial to separate safe instructions from dangerous ones
One instruction might be 32-bit unsigned addition that rolls over without throwing an exception. Perfectly safe, as long as you can live with the results.
Another instruction might be "open file". Lots of opportunity for mischief there.
So. If the code came from the 'net, you just scan the code after you've compiled it onto your VM and reject anything that has "open file" unless the user has granted permission for the software to access files.
Sure, I'm glossing over the details; but that's the basic idea. If you have a huge library, you might have to have staff review a lot of API calls to make sure you're classifying them properly as safe or dangerous; but the fundamental idea of the sandbox itself seems really, Really, REALLY hard to mess up.
It sounds like they have calls to a "cause the scanner to ignore dangerous functions" API scattered throughout their code, which seems highly unlikely. Library code shouldn't even know it's running after a scan, let alone have the ability to shut off the thing that scans it.
So. I have to conclude that the sandbox architecture is something more complicated than "compile, scan for restricted system calls, run if none found"; but I have no idea what it is. Can anybody enlighten me?
Lots of variables: mission profile, the mass of the RTG system, the mass of the panels, power requirements. What's most important? Keeping the weight down? Maybe something else. Let's say it's the weight though. Part of me imagines them setting up an equation involving the aforementioned variables and coming up with a solution that minimizes the weight.
If you go solar only, you would need bigger panels and batteries to run the dark side of the mission. If you go RTG only, you'd need a bigger RTG. Now it gets even more complicated because not only is it heavy, the fuel is probably expensive. Also, there could be political concerns about launching too much Pu. Yeah, China will do sketchy things; but I bet they don't want to annoy people needlessly or spend lavishly launching too much Pu.
They want a number. There's nothing that says it has to be yours. 867-5309. Jenny, is that you?
Aviation policy is written in blood. Gun policy is written in tears. The result? We have safe skies, and dangerous streets.
It's an interesting coincidence that we have an aviation problem ongoing now too. I bet the Boeing problem will be examined not only from a technology standpoint (ban this battery) but from a social standpoint (how did this battery get past QC?). That's the blood, both literal and figurative of the airline business.
The gun problem will be addressed with an insanity that rivals that of the crazed shooters themselves. Obama refuses to address the elephant in the room--how to enact a saner policy that preserves the 2nd Amendmant rights. Perhaps that would mean a Swiss-style policy, where you must join an organization that periodically checks your fitness for ownership of certain weapons. It might even pass muster without modifying the Constitution. Instead we'll ignore that issue and it'll end up being a SCOTUS mess and/or mass civil disobediance, or selective enforcement, or just another way to tack more years onto criminal sentences. Nothing will really be fixed, because it'll all be done on pure emotion and the documents that are supposed to govern us are being ignored. It'll be done like this because people are bawling their eyes out and politicians feel like they have to do something. Those are the tears, both literal and figurative of guns in America.
Eventually, there would be enough pressure for the ISP's to push IPv6 down the food chain to the end user who will either pay more for IPv4 service, or upgrade to IPv6
End users are ahead of this. Windows XP uses IPv6 if it's available. It works so well I only know about it because I'm geeky enough to look. I assume Windows 8 and any planned future versions work the same way. All Unix-like variants have had it for years, probably longer than Windows, and I'm sure they can be configured to use IPv6 when it's available also. I assume that Apple products also "just work" in this regard; but if that assumption is invalid I'm sure someone will point it out.
LOLCODE came 2nd.
keep funding Social Security for me. KTHXBYE.
I knew the LOLcats meme was getting up in age; but I didn't think it was that old.
Ummm... don't most 5-year olds learn to eliminate dead spots by just, you know, having a bit of momentum? Moreover, the cranks in any engine have dead spots. There are motorcycles with ONE cylinder. Huge dead spot, right? Not a problem. Momentum. That's the whole deal with these systems. Dead spots are just not a problem. Most of you couldn't stand straight on the crank if you tried, and if you did, the momentum would carry you through in the proper direction after one good stroke.
Let's take access to health insurance as a proxy. It has nothing to do with support for government health care, but it's interesting anyway.
Just glancing at it, the locus of poor insurance in the South seems to be centered in Texas, whereas the poor life expectancies seem to be centered further east of the Mississippi.
It's not exactly fine-grained data, and it's not exactly science to be glancing at maps like this. It's Slashdot-level social science, which rates a good solid 2 or 3 on a scale of 100 for science. Based on that, I'm more on your side, where I already was anyway. I just hate to agree with anything based on a 0.25 baked argument. At the very least, 0.5 baked please.
The 8 are dominated by people who support using tax money to pay for universal health insurance
Something tells me that doesn't fit Utah. Something tells me they're not prepared to publish a report telling us to abstain from alcohol and caffeine, and attend church every Sunday. Then of course you could say it has more to do with sending teens away for some time so they can have accidents elsewhere. Either they're away on mission, or they move out of the state as soon as they can so they can "party" elsewhere.
At the top of the list you've got Hawaii. Maybe a tropical paradise encourages you to exercise more. How does that explain Minnesota though?
You can quantify life expectancy, but you haven't quantified "support using tax money to pay for universal health insurance". This isn't even a correlation-causation fallacy, since you haven't supplied the other quantity to which you allege the result is correlated!
If I had to put money on anything about the South, I'd say it's the hot weather discouraging exercise combined with their food. There isn't anything they don't sweeten down there.
What's "bad". Some things are objectively bad: Memory leaks. Crashes. Slow algorithms.
Other things are SUBJECTIVE. K and R bracing vs. Whitesmiths. Tabs vs. Spaces.
Some things straddle the border between subjective and objective. The first example that comes to mind is "descriptive variable names". Everybody agrees they should be descriptive, but not everybody agrees on how long they should be to accomplish that, whether CamelCase is better_than_underscores, etc.
You're "engineers". Break this problem down. There can't just be "your code is bad". There have to be several or even many things you don't like, or think is "bad". Address each one, starting with what you think is most important. Carve the "bad code" problem into little pieces until it goes away, just like you carve the specification into little modules and functions until it's met.
Finally! Appliances that last less than two years. Regular shoddy merchandise cut the replacement time to about 5 years, but that wasn't good enough. We need appliances on a two year update cycle. This is especially true for the refrigerator. The damned things last for decades. Decades, I tell you! That lousy refrigerant that also lubricates the pump. Awful stuff. Finally we can get those on a two-year upgrade cycle too.
Oh, BTW, "we" are the manufacturers. Customers? I think we heard of those one time. We turned them into "consumers". They WILL comply.
You know that war you're fighting? The one with no point or purpose?
You're going to have to be a little more specific. The war in Afghanistan? The continued occupation of former Axis powers that are now allies? The war on drugs? The war on dignity at airports? The wars on poverty where we spend $1 million /year to create one $10k /year job? All of them, or just some of them? Please specify.
OK, so moderators not only fail to distinguish between Troll and "I disagree with your PoV", they are also out of touch with Geek culture
I'd give 42 mod points if I had them.
I think it's more like an assembly language that flies 10,000 feet over "bare metal". There are quite a few things that generate JavaScript. Guys are working on projects that target it. People program in $whatever, and target JavaScript.
It won't get Perl'd. It'll get 386'd.
OK, in grasping for an explanation of "negative temperature" here's my shot. Let's say you have an ordinary glass of water, half full at room temperature. Now you pour boiling water in. The resulting glass is warmer.
Now let's re-run the experiment starting with the same glass of half-full, room temperature water. You calculate the result that you would get from putting in a drop of absolute zero water. Let's say that would drop the water to just above freezing.
You put in a drop of "negative temperature water", an exotic substance that isn't frozen and somehow magically exists. The room-temperature water immediately freezes rock hard.
Of course this scenario doesn't exist anywhere in the normal world; but perhaps it exists at the quantum level.
You can poke holes in this explanation by saying that the result of mixing isn't the same as a temperature. True. It's not a measurement of the magic substance. OTOH, if you measured the magic substance Schroedinger's polar cat would leap out of the beaker and bite your face off, so don't do that.