I think most of us are familiar with the proof of the Halting Problem. However, all it proves is that there exists a program which can't be shown to halt or not halt. It doesn't prove that there is a great class of such programs. It could be that all realistic programs can be proven to halt. I think we shouldn't use the Halting Problem as an excuse not to research the topic.
How well does the validation engine cope with code that's deliberately obfuscated? I don't know for sure, but I suspect that proving code is safe using static analysis is probably NP-complete. Dynamic instrumentation would make it much easier to implement sandboxing -- all operations which aren't explicitly permitted are forbidden, and you simply stop the code when it tries to do one of those forbidden things.
It's not a huge investment. x86-to-x86 translators have existed for a while. Being able to use pre-existing native code is an enormously attractive possibility. This gives developers the ability to take pre-existing software and directly target it to Chrome without porting to another language or even recompiling it (I presume there will be a utility which converts.exes and.dlls into.nexe format)
The article is light on details, but they do say that the executables are contained in.nexe files which are apparently NOT your run-of-the-mill PE format, so they can't just execute from a double click. And they do say that there's this annoying multi-second lag as the thing fires up. From this, I assume they are doing dynamic code instrumentation to implement whatever security measures they have in place.
If done correctly, this can be secure. I've been working with Intel's Pin library a lot lately, mostly for security-related projects. With these sorts of things you can intercept all memory accesses, function calls, system calls, instrument and analyze arbitrary instructions in arbitrary ways, etc. Again, if done correctly a dynamic instrumentation approach could make this idea viable. But you'd need a very skilled team to do it right.
Thanks, ISC, for patching a vulnerability a month after you found out about it and then telling us two weeks later that you did that
You know, I'm really tired of people who obviously don't write code saying crap like this. Fixing a subtle deadlock could quite realistically take a month. First, you need to figure out really why it happens. Then you need to figure out the CORRECT way to fix it, then you need to implement the fix, then you need to TEST the thing to make sure you didn't introduce anything ELSE that could cause a problem. If the bug was in an easy area of code, chances are it would have been found and fixed a long time ago. BIND has been around a long, long time. Anything left in there now is, by definition, hard to find and hard to fix.
Look folks, security bugs happen BECAUSE people whip out code without thinking and without testing. Now you ask for them to do exactly that? You need to get a grip on reality.
The only issue I have is when I am trying to debug them, as most debuggers give output that is barely legible for non trivial template code.
As was already pointed out, C++ template programming is more functional (or declarative, depending how you use it) than imperative. You really don't gain much understanding by single-stepping through it. Same goes for other similar languages. You're trying to think imperatively when that's not really the best mental model.
I don't really have a good suggestion for a debugger, but I've never really found myself needing one, even with complicated template class systems. The things are so strongly typed and explicitly specified that, most of the time, if it has a bug in it, it doesn't even compile.
If you find a comment saying A, and a piece of code that does B, it could be that the implementation of B has a bug, or it could be that the code is supposed to do B and the comment is what's wrong. Unless you really understand a lot, you can't really assume one or the other.
This is why code should be worked out so that it mostly speaks for itself with little need for comment. It's not that comments are bad, it's that, because they have no bearing on the code generated by the compiler, they can easily become wrong without anybody noticing. I'm not saying not to comment here, just that comments aren't an automatic path to saving your ass.
The tech doesn't have to be quite so "high." You just need a magnetic receptacle at the terminal. Attached to your belt, on a tether, is a little magnetic bead. When you sit down, you put the bead in the receptacle and the terminal activates. When you get up and walk away the bead pops out and the terminal locks.
They've had this kind of thing on watercraft forever. If you're thrown from the boat, the tether pops and the ignition cuts.
If you're interested in new works related to something existing, how about you just say "when you've made 5M bucks off your book, it's off copyright"?
So, if your work costs more than $5 million to produce, you can't do it and make a profit? Or do you mean $5 million in profit and then you're done? That's a great incentive to cook the books and otherwise conceal the actual profit you are taking.
The basic idea of "You can be successful but only to a certain point" seems like not much of an incentive to work hard at anything. Why shouldn't we have the opportunity to become fabulously wealthy? So long as EACH of us has the same opportunity.
The "company time" was my time and the machines were ours to do with as we wished. My immediate boss was VP of engineering, and he was part of the effort. Not everyone is a cog in a vast machine.
I've heard a lot of myths. I've never heard a myth stating "You need to reboot a UNIX system to fix problems." If anything I've heard the opposite myth. Who promulgates this shit?
I do remember ONE time a UNIX system needed a reboot. We (developer team) were managing our own cluster of build machines. The head System God was out of town for two weeks. We were having problems with a build host, and tried everything. Day after day. Finally, on the last day before System God was due to return, it occurred to me that the one thing we hadn't tried was to reboot the machine. The reboot fixed the problem, whatever it was.
I felt stupid. One, for not figuring out the problem in a way that could avoid a reboot. Two, for not recording enough information to determine root cause in a post-mortem analysis. Three, for configuring a system in such a way that a reboot might be required in order to fix a problem.
To this day I believe that reboot was unnecessary, although at the time it was the fastest way to resolving the immediate blocking issue.
His estate is preventing the translation from being published for what reason exactly?
You know, the world might benefit greatly by the release of my teenage diaries, but guess what? I'm not going to release them. You can take away copyright but you still can't break-and-enter to my home and steal my shit because "information wants to be free."
So, are you free tomorrow around 2 PM? I'm going to stop by with a scanner and take copies of all written materials in your home.
I'm talking about people who are otherwise, more intelligent than average. Yet AOL has managed to completely teach people what the internet is, in the most wrong fashion possible, so they will never learn properly.
I don't know why some geeks tend to think they're more intelligent than someone else because they can use a complex system. "No, you idiot, you type THESE kinds of strings into THIS field, but you type THOSE kinds of strings into THAT field. Jeez, you moron!" Meanwhile, the "idiot" is sitting there thinking "Why the fuck do they have two fields instead of one field? They both work mostly the same way anyway." Maybe he's smarter than you after all.
It might take a smart person to use a complicated thing. But it requires an even smarter person to simplify it. When you see complexity you ought to work to eliminate it, not bask in your superiority over fellow human beings who are reasonable enough to realize that complexity isn't an end goal.
All they really needed to say was that it's the time-reversed counterpart of a laser. Calling it an "anti-laser" makes it sound like it shoots out a beam of darkness or something like that
A time-reversed proton is an anti-proton. A time reversed electron is an anti-electron. This is just keeping with the pattern...
Would you support yourself being fired if you were talking to friends and said "God, this guy X today at work was so stupid I wanted to smack him" and he overheard you? I doubt it.
I would never say such a thing so the question is irrelevant. The fact that a lot of people can't even control themselves to the point of refraining from insulting other people, is something I don't understand.
Was space created by the Big Bang, or did the Big Bang happen inside of space that already existed?
You ask it like it's some kind of unanswered question. Yes, space and time were created at the moment of the Big Bang. The question is HOW that happened.
Sounds like good reason to immediately release the entire stash of documents before it becomes illegal to do so. There are still hundreds of thousands we haven't seen yet.
I always figured it was about spreading malware. People who are willing to download software from unknown sources on the Internet seem like easy targets to me. Install pirate Diablo II, get a free keylogger!
Slashdot Mirror
I know this might come as a shocker, but planning to commit a crime is a crime.
I think most of us are familiar with the proof of the Halting Problem. However, all it proves is that there exists a program which can't be shown to halt or not halt. It doesn't prove that there is a great class of such programs. It could be that all realistic programs can be proven to halt. I think we shouldn't use the Halting Problem as an excuse not to research the topic.
The problem is that it doesn't solve a problem that anybody really seems to have - there's little demand for higher performance apps in the browser.
It has very little to do with performance and a whole lot to do with being able to use pre-existing binary-only code safely.
How well does the validation engine cope with code that's deliberately obfuscated? I don't know for sure, but I suspect that proving code is safe using static analysis is probably NP-complete. Dynamic instrumentation would make it much easier to implement sandboxing -- all operations which aren't explicitly permitted are forbidden, and you simply stop the code when it tries to do one of those forbidden things.
It's not a huge investment. x86-to-x86 translators have existed for a while. Being able to use pre-existing native code is an enormously attractive possibility. This gives developers the ability to take pre-existing software and directly target it to Chrome without porting to another language or even recompiling it (I presume there will be a utility which converts .exes and .dlls into .nexe format)
The article is light on details, but they do say that the executables are contained in .nexe files which are apparently NOT your run-of-the-mill PE format, so they can't just execute from a double click. And they do say that there's this annoying multi-second lag as the thing fires up. From this, I assume they are doing dynamic code instrumentation to implement whatever security measures they have in place.
If done correctly, this can be secure. I've been working with Intel's Pin library a lot lately, mostly for security-related projects. With these sorts of things you can intercept all memory accesses, function calls, system calls, instrument and analyze arbitrary instructions in arbitrary ways, etc. Again, if done correctly a dynamic instrumentation approach could make this idea viable. But you'd need a very skilled team to do it right.
Thanks, ISC, for patching a vulnerability a month after you found out about it and then telling us two weeks later that you did that
You know, I'm really tired of people who obviously don't write code saying crap like this. Fixing a subtle deadlock could quite realistically take a month. First, you need to figure out really why it happens. Then you need to figure out the CORRECT way to fix it, then you need to implement the fix, then you need to TEST the thing to make sure you didn't introduce anything ELSE that could cause a problem. If the bug was in an easy area of code, chances are it would have been found and fixed a long time ago. BIND has been around a long, long time. Anything left in there now is, by definition, hard to find and hard to fix.
Look folks, security bugs happen BECAUSE people whip out code without thinking and without testing. Now you ask for them to do exactly that? You need to get a grip on reality.
Wow. I guess somebody redefined "alpha radiation" and "beta radiation" to not be radiation anymore.
The only issue I have is when I am trying to debug them, as most debuggers give output that is barely legible for non trivial template code.
As was already pointed out, C++ template programming is more functional (or declarative, depending how you use it) than imperative. You really don't gain much understanding by single-stepping through it. Same goes for other similar languages. You're trying to think imperatively when that's not really the best mental model.
I don't really have a good suggestion for a debugger, but I've never really found myself needing one, even with complicated template class systems. The things are so strongly typed and explicitly specified that, most of the time, if it has a bug in it, it doesn't even compile.
If you find a comment saying A, and a piece of code that does B, it could be that the implementation of B has a bug, or it could be that the code is supposed to do B and the comment is what's wrong. Unless you really understand a lot, you can't really assume one or the other.
This is why code should be worked out so that it mostly speaks for itself with little need for comment. It's not that comments are bad, it's that, because they have no bearing on the code generated by the compiler, they can easily become wrong without anybody noticing. I'm not saying not to comment here, just that comments aren't an automatic path to saving your ass.
The tech doesn't have to be quite so "high." You just need a magnetic receptacle at the terminal. Attached to your belt, on a tether, is a little magnetic bead. When you sit down, you put the bead in the receptacle and the terminal activates. When you get up and walk away the bead pops out and the terminal locks.
They've had this kind of thing on watercraft forever. If you're thrown from the boat, the tether pops and the ignition cuts.
If you're interested in new works related to something existing, how about you just say "when you've made 5M bucks off your book, it's off copyright"?
So, if your work costs more than $5 million to produce, you can't do it and make a profit? Or do you mean $5 million in profit and then you're done? That's a great incentive to cook the books and otherwise conceal the actual profit you are taking.
The basic idea of "You can be successful but only to a certain point" seems like not much of an incentive to work hard at anything. Why shouldn't we have the opportunity to become fabulously wealthy? So long as EACH of us has the same opportunity.
The "company time" was my time and the machines were ours to do with as we wished. My immediate boss was VP of engineering, and he was part of the effort. Not everyone is a cog in a vast machine.
I've heard a lot of myths. I've never heard a myth stating "You need to reboot a UNIX system to fix problems." If anything I've heard the opposite myth. Who promulgates this shit?
I do remember ONE time a UNIX system needed a reboot. We (developer team) were managing our own cluster of build machines. The head System God was out of town for two weeks. We were having problems with a build host, and tried everything. Day after day. Finally, on the last day before System God was due to return, it occurred to me that the one thing we hadn't tried was to reboot the machine. The reboot fixed the problem, whatever it was.
I felt stupid. One, for not figuring out the problem in a way that could avoid a reboot. Two, for not recording enough information to determine root cause in a post-mortem analysis. Three, for configuring a system in such a way that a reboot might be required in order to fix a problem.
To this day I believe that reboot was unnecessary, although at the time it was the fastest way to resolving the immediate blocking issue.
Who has a conference at 16:30 in ANY time zone? I mean, that's prime drinking time.
His estate is preventing the translation from being published for what reason exactly?
You know, the world might benefit greatly by the release of my teenage diaries, but guess what? I'm not going to release them. You can take away copyright but you still can't break-and-enter to my home and steal my shit because "information wants to be free."
So, are you free tomorrow around 2 PM? I'm going to stop by with a scanner and take copies of all written materials in your home.
How can a stable ABI be described as "new?" Hey guys, it's stable! And it has been stable for 24 hours!
In other news, I quit smoking! I haven't had one since last night right before I went to bed.
I'm talking about people who are otherwise, more intelligent than average. Yet AOL has managed to completely teach people what the internet is, in the most wrong fashion possible, so they will never learn properly.
I don't know why some geeks tend to think they're more intelligent than someone else because they can use a complex system. "No, you idiot, you type THESE kinds of strings into THIS field, but you type THOSE kinds of strings into THAT field. Jeez, you moron!" Meanwhile, the "idiot" is sitting there thinking "Why the fuck do they have two fields instead of one field? They both work mostly the same way anyway." Maybe he's smarter than you after all.
It might take a smart person to use a complicated thing. But it requires an even smarter person to simplify it. When you see complexity you ought to work to eliminate it, not bask in your superiority over fellow human beings who are reasonable enough to realize that complexity isn't an end goal.
And an anti-proton is a proton which exists everywhere but one particular point. Get real. The term "anti" has no such specific meaning.
All they really needed to say was that it's the time-reversed counterpart of a laser. Calling it an "anti-laser" makes it sound like it shoots out a beam of darkness or something like that
A time-reversed proton is an anti-proton. A time reversed electron is an anti-electron. This is just keeping with the pattern...
You can't mention SQL injection without reading this awesome thread on TDWTF.
Would you support yourself being fired if you were talking to friends and said "God, this guy X today at work was so stupid I wanted to smack him" and he overheard you? I doubt it.
I would never say such a thing so the question is irrelevant. The fact that a lot of people can't even control themselves to the point of refraining from insulting other people, is something I don't understand.
Was space created by the Big Bang, or did the Big Bang happen inside of space that already existed?
You ask it like it's some kind of unanswered question. Yes, space and time were created at the moment of the Big Bang. The question is HOW that happened.
Sounds like good reason to immediately release the entire stash of documents before it becomes illegal to do so. There are still hundreds of thousands we haven't seen yet.
I always figured it was about spreading malware. People who are willing to download software from unknown sources on the Internet seem like easy targets to me. Install pirate Diablo II, get a free keylogger!