Re:Object complexity != design complexity.
on
A Map to Nowhere?
·
· Score: 1
In summary, the amount of data needed to
describe the human body could conceivably
be quite small.
In fact, since the preservation of information
does impose an evolutionary burden you'd expect
it to tend towards a minimal data requirement.
The more data that is required for a functioning
organism, the more that various replication costs
and error correction become expensive. The
encoding may be large, for redundancy and the
like, but the information stored in that encoding
should tend towards the smallest it can be
(but no smaller).
This approach of trusting only certain authorities
is very limiting; it means that only well-known
groups could provide me with software.
Signatures protect against tampering between
the source and destination, but what about
attacks from the source? In this
modern age, I would like to be able to try
software from some random dude in Tuva or
Timbuktu. How can I do that without exposing
myself to attacks?
One approach that I've wanted to try should be
helpful, but I haven't had time to build it.
Others have talked about this elsewhere, I'm
pretty sure, but I still don't have the app in my
hands. Do any of you have time to write it?
Most software I install is installed by root, but
will then be run by a random user. Let's suppose
that I'm willing to trust code as an unprivileged
user but not as root.
The fundamental approach is sandboxing.
Don't trust software based on the name of the
author (and the signatures that authenticate it),
but on what the software does. We're
going to run the installer (e.g. rpm or
configure/make/make install) from within a
specially-configured
subterfugue
process. Subterfugue intercepts system calls and
can replace the requested actions with custom ones. open,write,mkdir,mknod,rmdir,unlink,etc.
will all be intercepted.
I would configure subterfugue such that:
read/write access to files and request for network connections is deferred until permission is granted at a prompt
when write access is granted, the file is
copied to a sandbox and the installer is
allowed to open the copy.
At this point, no files outside the sandbox have
been modified.
Post-modification checks are done here, optionally
examining the "diff" relative to the real file.
If any of these tests fail, the software should not be installed. If it is to be installed, then
the modified files are moved from the sandbox
to the real locations.
Whether installation is aborted or completed,
clean-up is merely erasing the
entire sandbox directory.
This sort of thing is complicated to use, but
that's because it's asking for complex judgement
from the user. It's begging for a clean
front-end with permission rules ("let it
create new executables in/usr/local/bin",
"allow all writes to this
directory subtree", etc.). And if anyone has a
simpler way to achieve this goal (other than
the current "hope you're safe").
Furthermore, this approach only protects from
installer attacks that are trying to gain root
access. It doesn't protect against attacks
against run by the user account (which could
even be root!). If one were really committed,
one could place a subterfugue wrapper around
all programs, tuning them for permission only
for the files and network access you decide they
need. But there you may have an unacceptable
slowdown from
the interception of all system calls.
At the moment, it "Bell Labs Creates Plastic
Semiconductor". However, both the Slashdot
article and (more significantly) the NYTimes
article refer to plastic superconductors.
> The Boomers talked a lot about revolution but
> didn't quite make one; younger Americans are
> making one but don't always seem to realize it.
Hmm. The Boomers, or at least certain active
members of that generation, effected more
revolutions than anything video gaming will
do within any predictable time (even with
promises of opening new vistas of virtual
exploration, etc.).
Let's consider just one, as an example: civil
rights. Boomers gave us student activists, people
working to register black Southerners to vote, and
a groundswell of support for a more equal
treatment of humans. The Civil Rights Act of 1964
is just one of the major effects of this and
others' actions. The gains from this were much
more significant than, say, the damage the DMCA
will cause.
If you consider this from an evolutionary perspective, you can see a little more of the future of linguistics. I'm talking about memetics, not genetics.
Disclaimers: I'm not implying that evolution always creates improvements, especially not for our aesthetics. I'm also not saying that human language had a single origin (although it may have); that's irrelevant here. And I'm not being rigorous here, but I believe there is a solid parallel.
If you have a population that has a broad geographic coverage and a low amount of mixing, then diversity tends to increase. One region can have radically different rabbits than another. Take that far enough, and you can get and preserve full special differentiation. If they adapt to
different niches of life, they can coexist for
unbounded periods of time. But if they compete for the same resources, then if they lose their barriers they will compete, some species will tend to lose (or merge), and you'll lose diversity.
Consider that situation as a parallel to the historical state of language. Communication between people leads to language mixing in a comparable way that mating between creatures leads to genetic mixing. We have had languages isolated by geography, class, and role (e.g. latin in science).
Well, now we've collectively decided that the world should shed many of the barriers that prevented us from communicating. We should not be too surprised that this will create some change. It's not even clear that this is a terrible thing; shared languages help open and easy communication, and that may have a mild suppressive effect on violence, racial discrimination, etc. But we will lose some things.
We shouldn't reject open communication out of hand, but we should be aware that this will lead to competition between languages, and that some will disappear or merge with others. It's a nearly inevitable result of greater communication.
Hey, maybe we could release some of our best
software for free, and working on most platforms.
This is having effect. Look at the public school
system in Mexico that has been reported as
adopting Linux. There are many other, similar
programs out there.
What would be interesting would be if Microsoft's
efforts (in the USA?) and various nations' use of
Linux and other open-source systems creates a
national rift. You could conceive of polarization
where MS-based programming concentrates
somewhat in the USA and open development
concentrates elsewhere.
However, the US military still has the ability to disrupt GPS reception locally.
http://www.cnn.com/2000/TECH/computing/05/02/civ il.gps.idg/
"... has demonstrated our capability to
selectively deny GPS signals on a regional basis
when our national security is threatened."
It can be expected that the US will do this
whenever they plan a military action. This
effectively imposes a no-fly zone (for
non-US-military planes) whenever the US plans
action.
Furthermore, if such a system is much cheaper
and generally quite effective we may see flight
organizations across the world transition to it
with most of their training and capacity. They'll
probably keep radar capabilities, but it may not
stay up-to-date or with enough capacity to handle
the air traffic volume of the future.
So we are left with a situation where the world's
air traffic may be dependent on the intentions and
the ability of US organizations, and where US
military needs take precedence over international
air traffic control.
There are other domains in which the US controls
international efforts (in fact or in effect), and
US military needs do tend to dominate local needs.
So this isn't necessarily a change, but it's worth
considering.
In the middle of the article, they suddenly mention a "Judge Jackson" and describe his comments on some testimony. But the judge in this trial is Kaplan; maybe the Times Technology reporters have been too swamped by the Microsoft trial and it's getting to them.
[but I haven't been following this trial in detail, and there could always be another relevant Jackson]
It's often interesting to compare the effects of various rendering models. Bump mapping, combined with texture mapping, can indeed be quite impressive (and also pretty efficient).
However, displacement mapping adds a further refinement. This is when a physical (positional) displacement is specified for the surface and then rendered. It would often be used in conjunction with texture- and bump-mapping.
If you look at a bump-mapped surface, you might perceive apparent depth in the surface features. But, without displacement mapping, those features will have absolutely no effect on the silhouette, since they don't affect the geometry.
I believe I saw this in some of the stills from the BBC "Walking with Dinosaurs" video; a dinosaur with a very wrinkled and bumpy skin had a perfectly smooth silhouette. It still looked stunning.
This can also be seen if the bump mapped surface appears to have protrusions and the surface is lit by a beam from near the tangent plane of the surface. With displacement mapping, that bump would be "real", and would therefore be able to cast a shadow on the surrounding surface. With just bump mapping, the "bump" doesn't protrude, so it wouldn't cast that shadow.
Both of these examples are similar in character, and both will not tend to jump out at you unless you go looking for them.
Over time, more and more of these refinements (generally developed for software by the early 1980s) are rolled into graphics cards as standard features. I wonder how long it will be before real-time radiosity rendering costs $150 for your desktop.
I don't see how those relate. I mean, the biggest barrier to my sitting at my breakfast table reading/. using wireless LAN is my lack of a breakfast table.
A plain-old ix86 laptop with a Lucent Wavelan card does the job just fine. I can see Crusoe as a lower-power chip, or a higher performance chip (?), or a chip that can pretend to be various other CPU types. It could even be the base of a cheaper device, but most of those costs (e.g. display) are outside the CPU.
But, as for wireless computing, it's already here.
At least one of the ex-Soviet states attempted to set itself up in this way. Naturally, there are also the Caribbean islands with confidential banking laws and low (no?) taxes. I believe it's a reasonably common method of building revenue.
Unfortunately, one problem when attempting this is the confidence issue. People are very confident that Switzerland will remain, with no major changes to its banking policies. It's much harder to predict the actions of a small nation that has just initiated this sort of policy. The stability and reliance on tradition hasn't been demonstrated. You really don't want the state to start revealing information (or nationalizing assets!).
Naturally, this won't keep all money out. It's also likely (as Neal said) that a higher portion of early adopters will be doing something shady. This gives these small states an opportunity to demonstrate their commitment to their policies, especially if larger states fail to pressure the state for information or other violations of policy.
When I read that, I was very surprised that a company would have a policy *against* OSS. I'm used to having an official policy that we'd always use OSS options whenever feasible.
But I've only worked in web-related start-ups, and under those circumstances you have some special development priorities:
You don't know a priori what you'll need, partially because business directions change so quickly, so tools better be modifiable.
You have to have a really short time to the first prototype, and then on to the release. You'd better not be waiting for that vendor to fix that bug; you only have 48 hours left.
It has to be easy to discard a tool that doesn't do what you want; the lack of licensing costs makes it cheaper to try out a few.
You generally don't have much money, so a free license is better. Development costs typically swamp this, but every bit helps.
Of course, these rules also tend to guide us to use other rapid-development tools like Java and Perl. When development time and development costs dominate, these things are vital.
Also, if you're planning on releasing your mods and original software when you write it, it makes re-usability between projects easier. Let's face it: start-ups don't have a 100% success rate. If you can easily make your next attempt more likely to succeed, it can be great in the long run.
As I'm less familiar with other domains of business, I won't speculate on OSS importance there. But it's great when you're small and fast.
For ripping, I always use cdparanoia under Linux. It does error correction when it can (but some discs are beyond repair). That may help if I'm correct in my understanding that you get those errors in the WAV files. Also, I've seen a lot of variety in CD players for ripping accuracy.
Using bladeenc to convert these WAVs to MP3s, I don't get discontinuities or errors.
Recently I heard the following on CNBC (paraphrased from memory, but very close to what they said):
"Many of you may have heard of the new computer operating system Linux... Well, we have their CEO here today."
It really caught me off-guard, and left me wondering who you'd call the CEO of Linux (Linus, probably). They were talking about the CEO of VA Linux. They appear to have confused Linux the OS with VA Linux the company.
This makes me wonder how widespread this will be, particularly as VA Linux now runs http://linux.com/. I'm inclined to give them the benefit of the doubt, but I'm wary that their name change (from VA Research) could have been a ploy to co-opt the Linux world.
Sorry if I sound paranoid, but sometimes that's appropriate, especially in lucrative young sub-industry.
Slashdot Mirror
I agree with your conclusion, but not for your reasons©
I do not see it guaranteed that a committee would ban open-source operating systems ¥OSOS because of their competitive threat© Some companies may try to take advantage of this opportunity© But consider heavyweights like IBM, who are solidly behind Linux©
The reason I am certain that such a committee couldn't approve an OSOS, except by their own act of civil disobedience, is simply that it cannot be 'secured' in accordance with the law© Anyone with a moderate level of programming ability can edit an open-source OS©
I'm just saying that we should attribute appropriately© Let's not go off criticizing Microsoft, for instance, for forming a bad committee in the future© Let's know that the law itself, not a conspiracy of OS makers, is the source of the problem© Fight the law, not a committee that might be organized under the law©
I know someone who, as a hobby, likes to drive around verifying the Los Angeles Thomas Guide maps© He's found some inaccuracies©
I've heard that creators of dictionaries also do this, but that's hearsay©
Perhaps the spelling errors in the article provide the answer to the question©
Can you find them all?
Look forward a bit, for a moment© Ignore the adoption sequence and other transitional aspects, or whether this is even a good direction© What else would change if we used more locally-generated electricity?
One thing we should recognize is that some of these newer forms of power generation differ radically from our current grid in a very familiar way: AC vs© DC©
Power on the present electrical grid is AC, largely because AC can be transferred over long distances with less loss than DC ¥mainly because it's easy to transform AC across a wide range of voltages© The fact that many electrical plants use generators ¥AC is actually not as relevant©
But power from fuel cells, solar cells, and most other systems that don't involve spinning something in a magnetic field, produce DC power©
If you were to try to drive normal house power from a fuel or solar cell ¥and, yes, people do this, you'd need some sort of inverter to convert their DC to standard house AC ¥120V, 60Hz in US©
Of course, you already have many devices ¥esp© computers which expect DC and are powered from the wall© So you have rectifiers which convert AC to DC© We tend to call these "wall warts" transformers because they also tend to transform the power from 120V to a lower level©
We might wish to eliminate this bulky local DC/AC/DC conversion© We might find ourselves changing the nature of home wiring© What would work well? Would there be a low number of desired DC voltages that devices would desire? Would we send a wire bundle to each outlet to support the variants? What would such an outlet plate best look like? Would we want AC as well for motors and for the ease of voltage transformation? Or will we just find that we are better off with AC and accept both of those transformations?
As my company went from 10 people to several hundred, the interrupt level rose dramatically© At those levels, even when interrupters are generally attempting to be reasonable, it gets to be destructive© Some of us developed an effective response©
We use a wireless network ¥wavelan, many of us work on laptops, and we have many small conference rooms© So when a programmer wants focus, they will sometimes just sneak off to a conference room and continue to work from there©
They're still able to work, reach the CVS repository, read email, but they prevent external interrupts© Not even their manager or coworkers know where they are© It works great©
In fact, since the preservation of information does impose an evolutionary burden you'd expect it to tend towards a minimal data requirement.
The more data that is required for a functioning organism, the more that various replication costs and error correction become expensive. The encoding may be large, for redundancy and the like, but the information stored in that encoding should tend towards the smallest it can be (but no smaller).
This approach of trusting only certain authorities is very limiting; it means that only well-known groups could provide me with software. Signatures protect against tampering between the source and destination, but what about attacks from the source? In this modern age, I would like to be able to try software from some random dude in Tuva or Timbuktu. How can I do that without exposing myself to attacks?
One approach that I've wanted to try should be helpful, but I haven't had time to build it. Others have talked about this elsewhere, I'm pretty sure, but I still don't have the app in my hands. Do any of you have time to write it?
Most software I install is installed by root, but will then be run by a random user. Let's suppose that I'm willing to trust code as an unprivileged user but not as root.
The fundamental approach is sandboxing. Don't trust software based on the name of the author (and the signatures that authenticate it), but on what the software does. We're going to run the installer (e.g. rpm or configure/make/make install) from within a specially-configured subterfugue process. Subterfugue intercepts system calls and can replace the requested actions with custom ones. open,write,mkdir,mknod,rmdir,unlink,etc. will all be intercepted.
I would configure subterfugue such that:
At this point, no files outside the sandbox have been modified. Post-modification checks are done here, optionally examining the "diff" relative to the real file. If any of these tests fail, the software should not be installed. If it is to be installed, then the modified files are moved from the sandbox to the real locations.
Whether installation is aborted or completed, clean-up is merely erasing the entire sandbox directory.
This sort of thing is complicated to use, but that's because it's asking for complex judgement from the user. It's begging for a clean front-end with permission rules ("let it create new executables in /usr/local/bin",
"allow all writes to this
directory subtree", etc.). And if anyone has a
simpler way to achieve this goal (other than
the current "hope you're safe").
Furthermore, this approach only protects from installer attacks that are trying to gain root access. It doesn't protect against attacks against run by the user account (which could even be root!). If one were really committed, one could place a subterfugue wrapper around all programs, tuning them for permission only for the files and network access you decide they need. But there you may have an unacceptable slowdown from the interception of all system calls.
Editor, please fix the title on this article.
At the moment, it "Bell Labs Creates Plastic
Semiconductor". However, both the Slashdot
article and (more significantly) the NYTimes
article refer to plastic superconductors.
It should be something along the lines of:
"Bell Labs Creates Plastic Superconductor"
> The Boomers talked a lot about revolution but
> didn't quite make one; younger Americans are
> making one but don't always seem to realize it.
Hmm. The Boomers, or at least certain active
members of that generation, effected more
revolutions than anything video gaming will
do within any predictable time (even with
promises of opening new vistas of virtual
exploration, etc.).
Let's consider just one, as an example: civil
rights. Boomers gave us student activists, people
working to register black Southerners to vote, and
a groundswell of support for a more equal
treatment of humans. The Civil Rights Act of 1964
is just one of the major effects of this and
others' actions. The gains from this were much
more significant than, say, the damage the DMCA
will cause.
Let's try to keep a sense of scale.
If you consider this from an evolutionary perspective, you can see a little more of the future of linguistics. I'm talking about memetics, not genetics.
Disclaimers: I'm not implying that evolution always creates improvements, especially not for our aesthetics. I'm also not saying that human language had a single origin (although it may have); that's irrelevant here. And I'm not being rigorous here, but I believe there is a solid parallel.
If you have a population that has a broad geographic coverage and a low amount of mixing, then diversity tends to increase. One region can have radically different rabbits than another. Take that far enough, and you can get and preserve full special differentiation. If they adapt to different niches of life, they can coexist for unbounded periods of time. But if they compete for the same resources, then if they lose their barriers they will compete, some species will tend to lose (or merge), and you'll lose diversity.
Consider that situation as a parallel to the historical state of language. Communication between people leads to language mixing in a comparable way that mating between creatures leads to genetic mixing. We have had languages isolated by geography, class, and role (e.g. latin in science).
Well, now we've collectively decided that the world should shed many of the barriers that prevented us from communicating. We should not be too surprised that this will create some change. It's not even clear that this is a terrible thing; shared languages help open and easy communication, and that may have a mild suppressive effect on violence, racial discrimination, etc. But we will lose some things.
We shouldn't reject open communication out of hand, but we should be aware that this will lead to competition between languages, and that some will disappear or merge with others. It's a nearly inevitable result of greater communication.
Hey, maybe we could release some of our best
software for free, and working on most platforms.
This is having effect. Look at the public school
system in Mexico that has been reported as
adopting Linux. There are many other, similar
programs out there.
What would be interesting would be if Microsoft's
efforts (in the USA?) and various nations' use of
Linux and other open-source systems creates a
national rift. You could conceive of polarization
where MS-based programming concentrates
somewhat in the USA and open development
concentrates elsewhere.
However, the US military still has the ability to disrupt GPS reception locally.
v il.gps.idg/
http://www.cnn.com/2000/TECH/computing/05/02/ci
"... has demonstrated our capability to
selectively deny GPS signals on a regional basis
when our national security is threatened."
It can be expected that the US will do this
whenever they plan a military action. This
effectively imposes a no-fly zone (for
non-US-military planes) whenever the US plans
action.
Furthermore, if such a system is much cheaper
and generally quite effective we may see flight
organizations across the world transition to it
with most of their training and capacity. They'll
probably keep radar capabilities, but it may not
stay up-to-date or with enough capacity to handle
the air traffic volume of the future.
So we are left with a situation where the world's
air traffic may be dependent on the intentions and
the ability of US organizations, and where US
military needs take precedence over international
air traffic control.
There are other domains in which the US controls
international efforts (in fact or in effect), and
US military needs do tend to dominate local needs.
So this isn't necessarily a change, but it's worth
considering.
In the middle of the article, they suddenly
mention a "Judge Jackson" and describe his
comments on some testimony. But the judge
in this trial is Kaplan; maybe the Times
Technology reporters have been too swamped
by the Microsoft trial and it's getting to
them.
[but I haven't been following this
trial in detail, and there could
always be another relevant Jackson]
It's often interesting to compare the effects of
various rendering models. Bump mapping,
combined with texture mapping, can indeed be
quite impressive (and also pretty efficient).
However, displacement mapping adds a further
refinement. This is when a physical (positional)
displacement is specified for the surface and
then rendered. It would often be used in
conjunction with texture- and bump-mapping.
If you look at a bump-mapped surface, you might
perceive apparent depth in the surface features.
But, without displacement mapping, those features
will have absolutely no effect on the silhouette,
since they don't affect the geometry.
I believe I saw this in some of the stills from
the BBC "Walking with Dinosaurs" video; a
dinosaur with a very wrinkled and bumpy skin had
a perfectly smooth silhouette. It still looked
stunning.
This can also be seen if the bump mapped surface
appears to have protrusions and the surface is lit
by a beam from near the tangent plane of the
surface. With displacement mapping, that bump
would be "real", and would therefore be able to
cast a shadow on the surrounding surface. With
just bump mapping, the "bump" doesn't protrude,
so it wouldn't cast that shadow.
Both of these examples are similar in character,
and both will not tend to jump out at you unless
you go looking for them.
Over time, more and more of these refinements
(generally developed for software by the early
1980s) are rolled into graphics cards as standard
features. I wonder how long it will be before
real-time radiosity rendering costs $150 for
your desktop.
I don't see how those relate. I mean, the biggest /. using wireless LAN is my lack of a
barrier to my sitting at my breakfast table
reading
breakfast table.
A plain-old ix86 laptop with a Lucent Wavelan
card does the job just fine. I can see Crusoe
as a lower-power chip, or a higher performance
chip (?), or a chip that can pretend to be various
other CPU types. It could even be the base of a
cheaper device, but most of those costs (e.g.
display) are outside the CPU.
But, as for wireless computing, it's already here.
At least one of the ex-Soviet states attempted to set itself up in this way. Naturally, there are also the Caribbean islands with confidential banking laws and low (no?) taxes. I believe it's a reasonably common method of building revenue.
Unfortunately, one problem when attempting this is the confidence issue. People are very confident that Switzerland will remain, with no major changes to its banking policies. It's much harder to predict the actions of a small nation that has just initiated this sort of policy. The stability and reliance on tradition hasn't been demonstrated. You really don't want the state to start revealing information (or nationalizing assets!).
Naturally, this won't keep all money out. It's also likely (as Neal said) that a higher portion of early adopters will be doing something shady. This gives these small states an opportunity to demonstrate their commitment to their policies, especially if larger states fail to pressure the state for information or other violations of policy.
company would have a policy *against* OSS. I'm
used to having an official policy that we'd
always use OSS options whenever feasible.
But I've only worked in web-related start-ups, and
under those circumstances you have some special
development priorities:
partially because business directions change
so quickly, so tools better be modifiable.
first prototype, and then on to the release.
You'd better not be waiting for that vendor
to fix that bug; you only have 48 hours left.
doesn't do what you want; the lack of licensing
costs makes it cheaper to try out a few.
license is better. Development costs typically
swamp this, but every bit helps.
Of course, these rules also tend to guide us to
use other rapid-development tools like Java and
Perl. When development time and development costs
dominate, these things are vital.
Also, if you're planning on releasing your mods
and original software when you write it, it makes
re-usability between projects easier. Let's face
it: start-ups don't have a 100% success rate.
If you can easily make your next attempt more
likely to succeed, it can be great in the long run.
As I'm less familiar with other domains of
business, I won't speculate on OSS importance
there. But it's great when you're small and fast.
For ripping, I always use cdparanoia under Linux.
It does error correction when it can (but some
discs are beyond repair). That may help if I'm
correct in my understanding that you get those
errors in the WAV files. Also, I've seen a lot
of variety in CD players for ripping accuracy.
Using bladeenc to convert these WAVs to MP3s,
I don't get discontinuities or errors.
Recently I heard the following on CNBC (paraphrased from memory, but very close to what they said):
It really caught me off-guard, and left me wondering who you'd call the CEO of Linux (Linus, probably). They were talking about the CEO of VA Linux. They appear to have confused Linux the OS with VA Linux the company.
This makes me wonder how widespread this will be, particularly as VA Linux now runs http://linux.com/. I'm inclined to give them the benefit of the doubt, but I'm wary that their name change (from VA Research) could have been a ploy to co-opt the Linux world.
Sorry if I sound paranoid, but sometimes that's appropriate, especially in lucrative young sub-industry.