Seriously, what's wrong with loading on demand, rather than Windows trying to guess (incorrectly in many cases) what you might need? Despite what people think, Windows is not psychic.
If you load some random set of pages into memory, then there is a non-zero probability that one of those pages will subsequently be used. If you load NO pages into memory, there is ZERO probability of having a useful page in memory. Obviously, if RAM is already full, you should not be speculatively loading pages. But if free pages exist, and the current IO pressure is low, it causes no harm to pre-load pages, especially if you are good at guessing what will be needed. It's IO pressure, not memory pressure, that matters, because it takes essentially zero time to kick a page out of RAM. On the other hand, queueing up a bunch of read operations that might be unnecessary will make it harder to quickly load a truly useful page when needed.
From the article, it looks like somebody measured how much physical RAM was in use, saw that pretty much all of it was, and thought there was something wrong with that. That's dumb. Was the system swapping?
Again, no intent. While I agree that there have been a slew of ridiculous prosecutions of kids for snapping nude pics of themselves, ALL of these cases had the element of intent.
I'd like to ask these people why they never saw fit to let anyone know what was happening? Did they think it was a good idea? Were they scared for their job or contract? Were they just so ecstatic at the idea of a digital girls locker room that they willingly participated?
Maybe I'm paranoid, but I wouldn't be surprised if it turns out that the entire plan was invented by the IT person, expressly FOR the purpose of generating child porn. It's an easy sell to the administrators, because they're all about crushing the life force of children, and on the back side he's making major profit selling naughty images.
To paraphrase Anthony Burgess, "It's not good deeds that makes one good, but good intent."
I care far more about the good deeds then about whether the person doing them somehow becomes "good." Whether Bill Gates is a good person hardly seems relevant.
WMF isn't a company you can just 'buy out'. It's a charitable 501(c)(3) organization that is controlled by the Board of Trustees
Interesting that you mention that. Because of WMF's classification, they are legally required to honor any stipulations that were specified along with the grant money. In other words, Google can ask them to spend the $2 million on specific things, and WMF has to either honor that request, or return the funds to Google. So I'm wondering if there were any interesting stipulations attached to this grant.
On the face of it, the school screwed up royally. No doubt about it. But did anyone even try to work this out via another method? Did the school board know about this? Since they are probably parents in the district, my guess is that they did not know.
Other methods? If this happened to my kid, and a lawsuit was not an option, my "other method" would probably involve firearms. You obtained pictures of my kid in his own home, possibly in various states of undress? Watch your back.
The point is not to just punish the school district for what they did. The point is to instill absolute terror into the hearts of other administrators in other districts and other states, to never EVER contemplate doing something like this. The message needs to be, if you do this, you will receive utter financial ruin. It's too bad that taxpayers will ultimately pay for it, but the government is rooted in the people, and the people must take responsibility for the actions of their government.
If every single last byte of RAM isn't filled with something, then RAM is being wasted. You don't waste RAM by using it. You waste RAM by not using it. This is like buying a bigger desk so you can put more stuff on it, then claiming that by covering your desk in stuff you are "wasting" the desk. What the fuck? If you have 2 gigs of RAM and you only want 1 gig to be in use, the solution is to remove that extra gig of RAM. It sure won't be "wasted" sitting on the shelf, now, will it?
(If the system is swapping madly, then there is a problem. It means that less important data is being held in RAM in preference to more important data. But that's a separate issue. The mere fact that 100% of physical RAM is in use, is a GOOD THING.)
You're probably still in school, but I'll give you a break. Allow me to quote Knuth: "Beware of bugs in the above code; I have only proved it correct, not tried it."
Anyway... back to the Ivory Tower with you. The hour is getting late, and I think your faculty advisor has a cup of warm milk and a cozy set of jammies ready for you.
The best solution is not "sanitization" (which people usually perform by blocking or editing out what THEY think are dangerous metacharacters) but proper encapsulation. In addition, there's a misleading section here:
Excellent point which should be raised more often. "Sanitization" is a cry of helplessness. It says "I don't have control over my execution environment -- it does mysterious, inexplicable things, and I need to process my data to avoid causing strange things to happen." The problem is not the data, the problem is the environment.
A shell-variable-expansion exploit due to a call to system() can be solved several ways. The INCORRECT solution is to attempt complex hacks to "sanitize" the input. The CORRECT solution is to not use system() in the first place.
In general, introducing complicated languages (like shell script, or SQL) is a good way to absolutely fuck yourself. God damn SQL for making it so freaking hard to just STICK DATA INTO A DATABASE SAFELY. The fault is not with the programmer, who should have "sanitized his data" more extensively. The fault is the language itself, the API which forces us to combine the data with the commands themselves in a way that leaves holes open for exploitation. SQL should only ever have been used as a query language for humans. It should not have gained traction as a programmatic API. Now we have to suffer with SQL injection attacks. The problem is SQL itself.
It's laughable to equate an outright lack of security (lock-less doors) with subtle programming errors which result in security holes. It's not like a door with no locks. It's like a door with a lock which can be opened by some method that the designer of the lock did not envision. Does it mean the lock designer did a poor job? That depends on the complexity of the hack itself.
Software is designed by humans. It won't be perfect. Unfortunately, software is targeted by miscreants because of its wide deployment, homogeneity, and relative invisibility, which are concepts that are still quite new to human society. I'd be willing to take responsibility for security failures in my products, but I'm sure as hell not going to do so when I'm subjected to your every idiotic whim as a client, nor will I do so at your currently pathetic pay rates. If you want me to take the fall for security failures, then I reserve the right not to incorporate inherently unsecure technologies into my solutions. In fact, I reserve the right to veto just about any god damned thing you can come up with. After all, I'm a security expert, and that's why you hired me, right? And I'm going to charge you $350 an hour. Don't like it? Go find somebody dumber than me to employ.
Believing any document format to be "inert" is a fallacy. All data must be somehow interpreted by the computer in order to be useful -- a pile of bits on a hard drive is not useful to any human. Whether there are exploitable flaws in the software which interprets the data is only loosely related to the data itself. There have been exploitable bugs in everything from PDF readers to MIME decoders to MP3 players. Obviously, deliberately embedding a scripting language into a document format does not help matters, but don't confuse yourself into believing that some document formats are inherently safer than others. The vulnerability is fundamentally in the software, not the document.
In other words, try to hurt your company and make it even less successful, thereby ensuring that your workday blows even harder than it already does? Uh... okay, if that's what you want...
My senior year of CS I was taking some some electives to fill out my non-core academic requirements. One of them was a pretty cool course on atmospheric physics, chemistry, and pollution. We had a group paper to turn in at the end of the quarter, and I was in a group of 4. One guy offered to write the entire first draft while the rest of us dug up more references. We thought this was awesome, so we went off and did our thing for two weeks or so. We regrouped and he presented what he'd worked on. It was an incredibly detailed draft over 50 pages long, with FIGURES. Well, we thought that was amazing, slapped him on the back, and went to work incorporating some of our own material into the draft.
48 hours before the assignment was due, I was searching the web for some obscure term related to our report, and a web page appeared with some very familiar-looking text... In horror, I flipped through our final draft, entering phrase snippets, and I kept finding more and more evidence that the entire paper had been plagiarized from various web pages. I emailed the team and told them we needed to meet in half an hour. Then I emailed the professor and told him exactly what was happening. I said that I would attempt to rewrite the entire paper, and if it could not be rewritten in time, I requested to be removed from the group and that I would happily accept a grade of 0% on the final report, as I didn't want my name attached to a report that was 100% plagiarized. (Had that actually happened it would have jeopardized my graduation, but what else could I do? It was my own fault for not being more suspicious in the beginning.)
The rest of us pulled a 48-hour sprint and got the entire thing rewritten. We didn't bother to tell the guilty person that we'd found him out. We all got together to go over the final draft, and he was surprised and happy at what we'd done to it. Unfortunately, since the plagiarized copy was never turned in, and there was no proof except my honest word on the matter, the professor couldn't do much to the cheater, and we all received an A- on the report.
After that, I learned to only group with people I trust.
I let people cheat off me in school. The way I saw it, it reduced the amount of real competition I'd have when companies came to campus looking to recruit soon-to-be graduates for jobs.
What you're actually doing is helping damage the street cred of holding a CS degree. If an employer interviews ten of your peers, and they all have CS degrees, and they all suck, he or she will come to the conclusion that a CS degree is not a good indicator of actual skill level. Now you come in for the interview -- and what do you have to show for yourself? You have no real world experience yet. All you have is a degree, a degree which your potential employer has a very dim view of. You are just sabotaging yourself by trying to hurt other students. If they are going to cheat, they will cheat, but don't exacerbate the problem by making it easier for them to do it.
any ways pro codes reuse code and copy and paste others work all the time and most of the time there are no 1 man coding out there for a lot of software.
Pros do reuse code, but they do so by modularizing it into libraries and abstracting its functions into well-defined APIs. Pros do not copy and paste. If your idea of code reuse includes Ctrl-C and Ctrl-V, you're not a professional.
How could a simulation of a human brain OUTPERFORM a human brain?
You can't just run it at an increased rate -- the world would move too slowly, relatively, and the brain would get bored and probably try to kill itself (it's a simulated HUMAN brain, remember?) What would YOU do if your perception of time was slowed down by a factor of, say, 100?
You can't just slap more neurons on there, because there's no evidence that sheer number of neurons is directly related to intelligence.
If you want something superior to a human brain, then it's not going to be like a human brain.
Absolutely right, the best way to prevent millions of people from being oppressed by their government is to just KILL them all. You can't be oppressed if you're dead, right?
Slashdot Mirror
Seriously, what's wrong with loading on demand, rather than Windows trying to guess (incorrectly in many cases) what you might need? Despite what people think, Windows is not psychic.
If you load some random set of pages into memory, then there is a non-zero probability that one of those pages will subsequently be used. If you load NO pages into memory, there is ZERO probability of having a useful page in memory. Obviously, if RAM is already full, you should not be speculatively loading pages. But if free pages exist, and the current IO pressure is low, it causes no harm to pre-load pages, especially if you are good at guessing what will be needed. It's IO pressure, not memory pressure, that matters, because it takes essentially zero time to kick a page out of RAM. On the other hand, queueing up a bunch of read operations that might be unnecessary will make it harder to quickly load a truly useful page when needed.
From the article, it looks like somebody measured how much physical RAM was in use, saw that pretty much all of it was, and thought there was something wrong with that. That's dumb. Was the system swapping?
Again, no intent. While I agree that there have been a slew of ridiculous prosecutions of kids for snapping nude pics of themselves, ALL of these cases had the element of intent.
I'd like to ask these people why they never saw fit to let anyone know what was happening? Did they think it was a good idea? Were they scared for their job or contract? Were they just so ecstatic at the idea of a digital girls locker room that they willingly participated?
Maybe I'm paranoid, but I wouldn't be surprised if it turns out that the entire plan was invented by the IT person, expressly FOR the purpose of generating child porn. It's an easy sell to the administrators, because they're all about crushing the life force of children, and on the back side he's making major profit selling naughty images.
To paraphrase Anthony Burgess, "It's not good deeds that makes one good, but good intent."
I care far more about the good deeds then about whether the person doing them somehow becomes "good." Whether Bill Gates is a good person hardly seems relevant.
WMF isn't a company you can just 'buy out'. It's a charitable 501(c)(3) organization that is controlled by the Board of Trustees
Interesting that you mention that. Because of WMF's classification, they are legally required to honor any stipulations that were specified along with the grant money. In other words, Google can ask them to spend the $2 million on specific things, and WMF has to either honor that request, or return the funds to Google. So I'm wondering if there were any interesting stipulations attached to this grant.
On the face of it, the school screwed up royally. No doubt about it. But did anyone even try to work this out via another method? Did the school board know about this? Since they are probably parents in the district, my guess is that they did not know.
Other methods? If this happened to my kid, and a lawsuit was not an option, my "other method" would probably involve firearms. You obtained pictures of my kid in his own home, possibly in various states of undress? Watch your back.
The point is not to just punish the school district for what they did. The point is to instill absolute terror into the hearts of other administrators in other districts and other states, to never EVER contemplate doing something like this. The message needs to be, if you do this, you will receive utter financial ruin. It's too bad that taxpayers will ultimately pay for it, but the government is rooted in the people, and the people must take responsibility for the actions of their government.
So, because there exists one or more persons who have X level of stupidity, therefore all persons have X level of stupidity. Nice argument.
If every single last byte of RAM isn't filled with something, then RAM is being wasted. You don't waste RAM by using it. You waste RAM by not using it. This is like buying a bigger desk so you can put more stuff on it, then claiming that by covering your desk in stuff you are "wasting" the desk. What the fuck? If you have 2 gigs of RAM and you only want 1 gig to be in use, the solution is to remove that extra gig of RAM. It sure won't be "wasted" sitting on the shelf, now, will it?
(If the system is swapping madly, then there is a problem. It means that less important data is being held in RAM in preference to more important data. But that's a separate issue. The mere fact that 100% of physical RAM is in use, is a GOOD THING.)
You're probably still in school, but I'll give you a break. Allow me to quote Knuth: "Beware of bugs in the above code; I have only proved it correct, not tried it."
Anyway... back to the Ivory Tower with you. The hour is getting late, and I think your faculty advisor has a cup of warm milk and a cozy set of jammies ready for you.
The best solution is not "sanitization" (which people usually perform by blocking or editing out what THEY think are dangerous metacharacters) but proper encapsulation. In addition, there's a misleading section here:
Excellent point which should be raised more often. "Sanitization" is a cry of helplessness. It says "I don't have control over my execution environment -- it does mysterious, inexplicable things, and I need to process my data to avoid causing strange things to happen." The problem is not the data, the problem is the environment.
A shell-variable-expansion exploit due to a call to system() can be solved several ways. The INCORRECT solution is to attempt complex hacks to "sanitize" the input. The CORRECT solution is to not use system() in the first place.
In general, introducing complicated languages (like shell script, or SQL) is a good way to absolutely fuck yourself. God damn SQL for making it so freaking hard to just STICK DATA INTO A DATABASE SAFELY. The fault is not with the programmer, who should have "sanitized his data" more extensively. The fault is the language itself, the API which forces us to combine the data with the commands themselves in a way that leaves holes open for exploitation. SQL should only ever have been used as a query language for humans. It should not have gained traction as a programmatic API. Now we have to suffer with SQL injection attacks. The problem is SQL itself.
It's laughable to equate an outright lack of security (lock-less doors) with subtle programming errors which result in security holes. It's not like a door with no locks. It's like a door with a lock which can be opened by some method that the designer of the lock did not envision. Does it mean the lock designer did a poor job? That depends on the complexity of the hack itself.
Software is designed by humans. It won't be perfect. Unfortunately, software is targeted by miscreants because of its wide deployment, homogeneity, and relative invisibility, which are concepts that are still quite new to human society. I'd be willing to take responsibility for security failures in my products, but I'm sure as hell not going to do so when I'm subjected to your every idiotic whim as a client, nor will I do so at your currently pathetic pay rates. If you want me to take the fall for security failures, then I reserve the right not to incorporate inherently unsecure technologies into my solutions. In fact, I reserve the right to veto just about any god damned thing you can come up with. After all, I'm a security expert, and that's why you hired me, right? And I'm going to charge you $350 an hour. Don't like it? Go find somebody dumber than me to employ.
Has Firefox been ported to Emacs yet?
No, but Emacs will read PDFs now (I'm not kidding)
Believing any document format to be "inert" is a fallacy. All data must be somehow interpreted by the computer in order to be useful -- a pile of bits on a hard drive is not useful to any human. Whether there are exploitable flaws in the software which interprets the data is only loosely related to the data itself. There have been exploitable bugs in everything from PDF readers to MIME decoders to MP3 players. Obviously, deliberately embedding a scripting language into a document format does not help matters, but don't confuse yourself into believing that some document formats are inherently safer than others. The vulnerability is fundamentally in the software, not the document.
Yeah, well, if it quacks like a duck...
Seriously, if you are trying to communicate with hundreds of people, there are technologies meant for that. Email isn't one of them.
Of course you should make backups, but sitting around gnawing your fingernails in terror isn't really necessary.
In other words, try to hurt your company and make it even less successful, thereby ensuring that your workday blows even harder than it already does? Uh... okay, if that's what you want...
use revision control, and don't trust it -- that is, back up incessantly.
Dude... Find a better revision control system.
One million lines is starting to feel big.
My senior year of CS I was taking some some electives to fill out my non-core academic requirements. One of them was a pretty cool course on atmospheric physics, chemistry, and pollution. We had a group paper to turn in at the end of the quarter, and I was in a group of 4. One guy offered to write the entire first draft while the rest of us dug up more references. We thought this was awesome, so we went off and did our thing for two weeks or so. We regrouped and he presented what he'd worked on. It was an incredibly detailed draft over 50 pages long, with FIGURES. Well, we thought that was amazing, slapped him on the back, and went to work incorporating some of our own material into the draft.
48 hours before the assignment was due, I was searching the web for some obscure term related to our report, and a web page appeared with some very familiar-looking text... In horror, I flipped through our final draft, entering phrase snippets, and I kept finding more and more evidence that the entire paper had been plagiarized from various web pages. I emailed the team and told them we needed to meet in half an hour. Then I emailed the professor and told him exactly what was happening. I said that I would attempt to rewrite the entire paper, and if it could not be rewritten in time, I requested to be removed from the group and that I would happily accept a grade of 0% on the final report, as I didn't want my name attached to a report that was 100% plagiarized. (Had that actually happened it would have jeopardized my graduation, but what else could I do? It was my own fault for not being more suspicious in the beginning.)
The rest of us pulled a 48-hour sprint and got the entire thing rewritten. We didn't bother to tell the guilty person that we'd found him out. We all got together to go over the final draft, and he was surprised and happy at what we'd done to it. Unfortunately, since the plagiarized copy was never turned in, and there was no proof except my honest word on the matter, the professor couldn't do much to the cheater, and we all received an A- on the report.
After that, I learned to only group with people I trust.
I let people cheat off me in school. The way I saw it, it reduced the amount of real competition I'd have when companies came to campus looking to recruit soon-to-be graduates for jobs.
What you're actually doing is helping damage the street cred of holding a CS degree. If an employer interviews ten of your peers, and they all have CS degrees, and they all suck, he or she will come to the conclusion that a CS degree is not a good indicator of actual skill level. Now you come in for the interview -- and what do you have to show for yourself? You have no real world experience yet. All you have is a degree, a degree which your potential employer has a very dim view of. You are just sabotaging yourself by trying to hurt other students. If they are going to cheat, they will cheat, but don't exacerbate the problem by making it easier for them to do it.
Sheesh.
any ways pro codes reuse code and copy and paste others work all the time and most of the time there are no 1 man coding out there for a lot of software.
Pros do reuse code, but they do so by modularizing it into libraries and abstracting its functions into well-defined APIs. Pros do not copy and paste. If your idea of code reuse includes Ctrl-C and Ctrl-V, you're not a professional.
How could a simulation of a human brain OUTPERFORM a human brain?
You can't just run it at an increased rate -- the world would move too slowly, relatively, and the brain would get bored and probably try to kill itself (it's a simulated HUMAN brain, remember?) What would YOU do if your perception of time was slowed down by a factor of, say, 100?
You can't just slap more neurons on there, because there's no evidence that sheer number of neurons is directly related to intelligence.
If you want something superior to a human brain, then it's not going to be like a human brain.
Absolutely right, the best way to prevent millions of people from being oppressed by their government is to just KILL them all. You can't be oppressed if you're dead, right?
I do not think you know the meaning of the word monolithic.
Being monolithic is one thing, being composed of logically distinct modules is another.
I know nothing about the Mac OS X kernel, but I don't understand why such a transition couldn't be done in pieces -- the code is modular, isn't it?