Jonathan Rees describes a security kernel based on the lambda calculus in AI memo #1564 which is similar to capability-based systems. Other research attempts to devise systems that formally prove a program to be secure (or correct). Has the L0pht done any research on capabilities, security kernels, or formal proofs of security or correctness? Does the L0pht see this research as being usable in the Real World, or is it too early to tell? Will it ever be possible to reason about computer security in a formal, mathematical way, as we can reason about the efficiency of an algorithm or the solvability of a particular problem; or are we forever cursed to be unable to formally reason about computer security and the surrounding problems and issues?
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Re:Why is LISP superior?
on
RMS The Coder
·
· Score: 2
A few months ago, Erik Naggum posted some code that implemented a simple infix syntax for Common Lisp. There is already a fairly feature-complete infix package floating about the AI Repository at CMU, but Erik did this as an exercise, and he made this change (which can be loaded into ANY ANSI-conformant Common lisp implementation) in about 20 lines of code. (Search for the text "trivial-infix-reader" and the author "erik@naggum.no" on DejaNews.)
I think the relative ease with which one can make radical changes to the *language itself*, all on the fly no less, and without resorting to language or code outside the standard, sets Lisp apart from e.g. C or Java or Python. There is *no* way to do something equivalent (e.g. switch to a prefix notation) in C without some serious hacking on the C compiler's parser (which is completely outside the realm of the ANSI C specification). Never mind the fact that C's macro system is only a glorified search-and-replace, whereas Lisp's macro system (including reader macros) allows the user to truly transform the language.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Re:Why is LISP superior?
on
RMS The Coder
·
· Score: 2
I'm by no means a Lisp expert (I have more experience hacking C and Perl), but the more Lisp code I write, the more I begin to appreciate the language. I started learning Lisp when I started using EMACS, then for a while I was hacking in Scheme (the Programming Language Concepts class at my alma mater was taught by a fellow who received his degree from Indiana University), and now I am doing a lot of programming (in my Copious Free Time) in Common Lisp - and I must say that of the three, I like Common Lisp the best.
Here's a short list of the things *I* like in Lisp (whither EMACS Lisp, Common Lisp, Scheme, Dylan, etc.):
I'm running Samba 2.0.5 under Linux on my AlphaStation. Samba is configured as a PDC, and all of my Windows 95/98 PCs and laptops are able to authenticate to the domain JUST FINE.
I haven't tried it with Windows NT or Windows 2000, yet, so those systems may not like Samba very much.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
...and it's called "IRC". Internet Relay Chat already provides all of the features of the various IM clients and web-based chat pages. You can share files; you can be notified when certain people leave/join channel(s); etc. Too bad there's no cutesy flower icon, or "bing-bong" every time someone/messages you, otherwise it'd be the Next Killer App(tm).
And there's even an experimental RFC (1459) that describes the protocol! You can't get more standard than the IETF!!
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Waa, waa! Mommie, the evil, mean, nasty h@x0rs expect me to have a Functioning Cerebrum(tm) and want me to stop whining about how they don't donate enough of their time and effort to make c0mput3rs work in exactly the way I want. Waa, waa!
If you don't like the *gifts* we provide to the world, free of charge and free from bogus restrictions, tough luck. It seems that you made it through childhood without a parental figure teaching you that it is extremely rude to complain about the gifts you receive. Well grow up, pink-boy, and don't look a gift horse in the mouth. It's childish and rude, and as an adult and a professional, I'd expect a more mature response from you (e.g. asking "what can I do to help?") You are not the epicenter of the universe, and last I checked, the Earth revolved around the sun (no, not the workstation!)
So be grateful that you have anything at all. I know I am, and I actually *show* my gratefulness by trying to help out instead of whining about how my every whim isn't being carried out by the universe around me.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
In the US, the law doesn't allow minors to enter into any kind of contract (although there may be an exception if the parent or legal guardian consents). IANAL, but I'm guessing the boilerplate is standard contract speak to make the license "null and void" in the case of minors, as downloading the software constitutes accepting the terms of the contract/license.
So before people go crucifying Corel, this may be in there just to cover Corel's legal tuckus, and not keep Corel Linux out of the hands of the very people who make it possible.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
You might want to moderate down the Lisp advocacy that follows this sentence.:)
To read about the "New Jersey" mentality, you want to do a search for Gabriel's paper on Lisp (I think it's called "Good News, Bad News, How to Win Big"). A keyword search for "Gabriel Worse is Better" should turn up the correct paper. (The term "New Jersey" is also documented in the Jargon file.) Basically, the New Jersey mentality is characterized by "simplicity at the expence of correctness, completeness, and elegance". The previous poster called UNIX a "monster" because it is designed improperly, with all sorts of silly kludges to get it around arbitrary limits (e.g. number of file descripters per process, length of a file name, etc.) or simplistic solutions to hard problems (e.g. the "pc-lusering " interrupt problem described below). Languages like C/C++ have some truly awful kludges in them because they lack garbage collection, or a good exceptions mechanism, etc. Sure, C is really simple, and yeah, UNIX and its attendant scripts and shells and whatnot are really easy to use---but there's a lot of stupid things in there that shouldn't be.
The canonical example of the "New Jersey approach to design" (given in Gabriel's paper) is of interrupt handling. If a hardware interrupt occurs while a program is in kernel mode (i.e. the program made a system call), the right thing to do is to back the program back out to just before the system call, handle the interrupt, then retry the system call automatically. Instead, UNIX aborts the system call and returns an error to the program (EAGAIN). The program must test for this error and explicitly retry the operation.
The other poster described "C machines", so I won't go over that again.
I do want to address two more of your comments, "C is a very general, low level language" and "it is more easily translated into machine code than Lisp". While I agree with you that C is a low-level language, I'd have to take issue with your use of the adjective "general". I don't think C is a general-purpose language any more than I think IA32 or SPARC assembly language is "general purpose". C excels at being a portable assembly language, but I doubt it is appropriate for large projects (but that's just my oh-so-humble opinion).
As far as your assertion that C "is more easily translated into machine code than Lisp", I would also have to disagree. Certainly there are computers more amenable to Lisp (e.g. the SPARC with hardware support for pointer tagging), but that doesn't automatically mean Lisp is going to be slower than C on some random computer. In fact, CMU Common Lisp (a free Lisp that runs under UNIX) generates codes that run as fast as comparable C programs. Check out Martin Cracauer's floating point benchmarks in CMU CL and C.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
CL has several advantages over both Perl/Python and C/C++.
Like Perl and Python, Lisp provides an interactive environment. You can make changes to a running program without having to restart it. Plus, modern Lisps give you a real garbage collector, not a simple reference counter like in Python (although newer versions of Python may have a better GC).
Like C/C++, Common Lisp is compiled. Unlike C/C++, CL allows you to call the compiler interactively---again, you never have to restart your program. Compiled Lisp code is about as fast as comparable C or C++ code. In fact, most interactive environments compile code on the fly as you type expressions in!
Like Python and C++, Common Lisp also provides a robust and rich object system, called CLOS. I haven't done much with CLOS, although I like the idea of multiple inheritance and the ability to dispatch methods based on more than one object (Lisp methods and generic functions can dispatch on any of their arguments).
Unlike C and Perl, Lisp is pretty clean, syntacticly. You never have to remember operator precedence or any of the funky variable naming rules. Lisp is case insensitive, although it is pretty easy to override this.
Not all is happy in Lisp-land, though. There's no archive network like CPAN or CTAN, so you'll have to go digging when you want a regexp package (although I can tell you to look at SCSH for that). While commercial Lisp environments from Franz and Harlequin are available on Windows, the only free Lisp I know of that has been ported to windows is Clisp, which "only" has a byte-compiler (like EMACS). CMU CL, the best free Lisp around, only runs under UNIX. I also don't know of an equivalent to mod_perl that embeds Lisp in Apache, although if you use CL-HTTP this isn't an issue. Still, Lisp may deserve your attention. As old as the language is, Lisp is still years ahead of its time.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
...anybody who doesn't think Angelina Jolie is gorgeous...
Yeah, she was cute, but hardly the be-all and end-all of female beauty. They don't make women like Hedy Lamarr any more. Well, maybe they do. The actress in The Mummy who played the librarian (Rachel Weisz) was very beautiful in the classic sense.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
When I finally have enough balls to consult on my own, I'm going to put the H word right on my goddamn business card, and I've said as much to every suit (or otherwise) who asks me what I want to do with my life. Sure, I get the inevitable "you're a WHAT?" from the norms, but hey, Thats Fine By Me. I get a chance to tell them what I do, where I see technology going, how I can help them get Useful And Interesting Things Done. If people get confused by the Hacker/Cracker dichotomy, I spread the Ethic: Think for yourself, use what you know, learn what you don't, and try to understand everything. Don't hurt anyone and have fun, because otherwise it just isn't worth it (way too boring sometimes, like right now as I'm trying to get glibc installed, only I'm doing it by hand).
IT'S SPIN, BABY!!! This is mediawar, and we can fight, too. Hell, we can even win. Yeah, I'm a hacker. I do interesting shit with a computer. Let me tell you about it. Etc. That's called Good Advertising, thankyouverymuch, because the word hacker not only connotes DARKEST EVIL, but massive sk1lz. And I'm "such a NICE boy" that people forget about the EVIL part, and as soon as I can socially engineer them for about five minutes, I have them well on the way to being convinced that I'm pretty damn smart, QED.
The ultimate exploit. No sticky mess to clean up, no syslogs to erase. The pure power of communication, which is why I'm into computers in the first place. Take THAT, Madison Avenue!
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
...that way Spaf can teach the kiddies proper nettiquette while he's crushing the ability to think for one's self out of them.
I can just see it now...
Spaf: Hey kids, I'm Spaf, one of the most famous people on the Internet, and I'm here to teach you how not to be evil, nasty, DIRTY hax0rs, oh, and fucking STAY ON GODDAMN TOPIC WHEN POSTING TO USENET!
Teacher (worried): Uh, Mr. Spafford...
Spaf (on a roll): And while I'm at it, that asshole of Oracular Brilliance IS NOT, REPEAT NOT, RELATED TO Larry Ellison! Damn it!
Teacher quietly calls the police...
Yeah, I've seen the future, and the future is Happynet...
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Oh beautiful. I haven't seen a link to Scientologist pamphleture in far too long. Don't know about the rest of you, but I miss the CoS flamewars on Usenet. It was always more entertaining than the usual "SPAM is Good - No it's THEFT!" haggling.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Slashdot Mirror
This is hillarious! Why isn't it moderated "Funny"?
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
The name of the author is Frank Herbert. If you enjoyed The White Plague, you might also enjoy The Whipping Star and other of his non-Dune writing.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Jonathan Rees describes a security kernel based on the lambda calculus in AI memo #1564 which is similar to capability-based systems. Other research attempts to devise systems that formally prove a program to be secure (or correct). Has the L0pht done any research on capabilities, security kernels, or formal proofs of security or correctness? Does the L0pht see this research as being usable in the Real World, or is it too early to tell? Will it ever be possible to reason about computer security in a formal, mathematical way, as we can reason about the efficiency of an algorithm or the solvability of a particular problem; or are we forever cursed to be unable to formally reason about computer security and the surrounding problems and issues?
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
A few months ago, Erik Naggum posted some code that implemented a simple infix syntax for Common Lisp. There is already a fairly feature-complete infix package floating about the AI Repository at CMU, but Erik did this as an exercise, and he made this change (which can be loaded into ANY ANSI-conformant Common lisp implementation) in about 20 lines of code. (Search for the text "trivial-infix-reader" and the author "erik@naggum.no" on DejaNews.)
I think the relative ease with which one can make radical changes to the *language itself*, all on the fly no less, and without resorting to language or code outside the standard, sets Lisp apart from e.g. C or Java or Python. There is *no* way to do something equivalent (e.g. switch to a prefix notation) in C without some serious hacking on the C compiler's parser (which is completely outside the realm of the ANSI C specification). Never mind the fact that C's macro system is only a glorified search-and-replace, whereas Lisp's macro system (including reader macros) allows the user to truly transform the language.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
I'm by no means a Lisp expert (I have more experience hacking C and Perl), but the more Lisp code I write, the more I begin to appreciate the language. I started learning Lisp when I started using EMACS, then for a while I was hacking in Scheme (the Programming Language Concepts class at my alma mater was taught by a fellow who received his degree from Indiana University), and now I am doing a lot of programming (in my Copious Free Time) in Common Lisp - and I must say that of the three, I like Common Lisp the best.
Here's a short list of the things *I* like in Lisp (whither EMACS Lisp, Common Lisp, Scheme, Dylan, etc.):
...and so forth. You can get a lot more information from the Association of Lisp Users web site (especially the pages Language Comparisons and What is Lisp?), or from the comp.lang.lisp FAQ. Another good place to get more information is from David Lamkins' on-line book Successful Lisp.
And if you have further questions on Lisp, feel free to send me an email or drop a note into comp.lang.lisp.
HTH.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
I'm running Samba 2.0.5 under Linux on my AlphaStation. Samba is configured as a PDC, and all of my Windows 95/98 PCs and laptops are able to authenticate to the domain JUST FINE.
I haven't tried it with Windows NT or Windows 2000, yet, so those systems may not like Samba very much.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
...and it's called "IRC". Internet Relay Chat already provides all of the features of the various IM clients and web-based chat pages. You can share files; you can be notified when certain people leave/join channel(s); etc. Too bad there's no cutesy flower icon, or "bing-bong" every time someone /messages you, otherwise it'd be the Next Killer App(tm).
And there's even an experimental RFC (1459) that describes the protocol! You can't get more standard than the IETF!!
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
If you don't like the *gifts* we provide to the world, free of charge and free from bogus restrictions, tough luck. It seems that you made it through childhood without a parental figure teaching you that it is extremely rude to complain about the gifts you receive. Well grow up, pink-boy, and don't look a gift horse in the mouth. It's childish and rude, and as an adult and a professional, I'd expect a more mature response from you (e.g. asking "what can I do to help?") You are not the epicenter of the universe, and last I checked, the Earth revolved around the sun (no, not the workstation!)
So be grateful that you have anything at all. I know I am, and I actually *show* my gratefulness by trying to help out instead of whining about how my every whim isn't being carried out by the universe around me.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
In the US, the law doesn't allow minors to enter into any kind of contract (although there may be an exception if the parent or legal guardian consents). IANAL, but I'm guessing the boilerplate is standard contract speak to make the license "null and void" in the case of minors, as downloading the software constitutes accepting the terms of the contract/license.
So before people go crucifying Corel, this may be in there just to cover Corel's legal tuckus, and not keep Corel Linux out of the hands of the very people who make it possible.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
You might want to moderate down the Lisp advocacy that follows this sentence. :)
To read about the "New Jersey" mentality, you want to do a search for Gabriel's paper on Lisp (I think it's called "Good News, Bad News, How to Win Big"). A keyword search for "Gabriel Worse is Better" should turn up the correct paper. (The term "New Jersey" is also documented in the Jargon file.) Basically, the New Jersey mentality is characterized by "simplicity at the expence of correctness, completeness, and elegance". The previous poster called UNIX a "monster" because it is designed improperly, with all sorts of silly kludges to get it around arbitrary limits (e.g. number of file descripters per process, length of a file name, etc.) or simplistic solutions to hard problems (e.g. the "pc-lusering " interrupt problem described below). Languages like C/C++ have some truly awful kludges in them because they lack garbage collection, or a good exceptions mechanism, etc. Sure, C is really simple, and yeah, UNIX and its attendant scripts and shells and whatnot are really easy to use---but there's a lot of stupid things in there that shouldn't be.
The canonical example of the "New Jersey approach to design" (given in Gabriel's paper) is of interrupt handling. If a hardware interrupt occurs while a program is in kernel mode (i.e. the program made a system call), the right thing to do is to back the program back out to just before the system call, handle the interrupt, then retry the system call automatically. Instead, UNIX aborts the system call and returns an error to the program (EAGAIN). The program must test for this error and explicitly retry the operation.
The other poster described "C machines", so I won't go over that again.
I do want to address two more of your comments, "C is a very general, low level language" and "it is more easily translated into machine code than Lisp". While I agree with you that C is a low-level language, I'd have to take issue with your use of the adjective "general". I don't think C is a general-purpose language any more than I think IA32 or SPARC assembly language is "general purpose". C excels at being a portable assembly language, but I doubt it is appropriate for large projects (but that's just my oh-so-humble opinion).
As far as your assertion that C "is more easily translated into machine code than Lisp", I would also have to disagree. Certainly there are computers more amenable to Lisp (e.g. the SPARC with hardware support for pointer tagging), but that doesn't automatically mean Lisp is going to be slower than C on some random computer. In fact, CMU Common Lisp (a free Lisp that runs under UNIX) generates codes that run as fast as comparable C programs. Check out Martin Cracauer's floating point benchmarks in CMU CL and C.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
CL has several advantages over both Perl/Python and C/C++.
Like Perl and Python, Lisp provides an interactive environment. You can make changes to a running program without having to restart it. Plus, modern Lisps give you a real garbage collector, not a simple reference counter like in Python (although newer versions of Python may have a better GC).
Like C/C++, Common Lisp is compiled. Unlike C/C++, CL allows you to call the compiler interactively---again, you never have to restart your program. Compiled Lisp code is about as fast as comparable C or C++ code. In fact, most interactive environments compile code on the fly as you type expressions in!
Like Python and C++, Common Lisp also provides a robust and rich object system, called CLOS. I haven't done much with CLOS, although I like the idea of multiple inheritance and the ability to dispatch methods based on more than one object (Lisp methods and generic functions can dispatch on any of their arguments).
Unlike C and Perl, Lisp is pretty clean, syntacticly. You never have to remember operator precedence or any of the funky variable naming rules. Lisp is case insensitive, although it is pretty easy to override this.
Several Lisp environments are available, both commercial (Franz, Harlequin) and free (CMU Common Lisp). There's a complete web server written in Lisp, the Common Lisp Hypermedia Server. If you want to learn more about Lisp, check out the Associate of Lisp Users and browse through the section on tutorials and books (a good book, by David Lamkins, is called Successful Lisp).
Not all is happy in Lisp-land, though. There's no archive network like CPAN or CTAN, so you'll have to go digging when you want a regexp package (although I can tell you to look at SCSH for that). While commercial Lisp environments from Franz and Harlequin are available on Windows, the only free Lisp I know of that has been ported to windows is Clisp, which "only" has a byte-compiler (like EMACS). CMU CL, the best free Lisp around, only runs under UNIX. I also don't know of an equivalent to mod_perl that embeds Lisp in Apache, although if you use CL-HTTP this isn't an issue. Still, Lisp may deserve your attention. As old as the language is, Lisp is still years ahead of its time.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
No nasty, yukky GIFs on *my* server!
Yay!
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
MindStalker, ol' buddy, you've been outed. You are definitely a computer. :) (So much for the Turing award, eh?)
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Yeah, she was cute, but hardly the be-all and end-all of female beauty. They don't make women like Hedy Lamarr any more. Well, maybe they do. The actress in The Mummy who played the librarian (Rachel Weisz) was very beautiful in the classic sense.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Bah. /me waves hand in a dismissive fashion.
When I finally have enough balls to consult on my own, I'm going to put the H word right on my goddamn business card, and I've said as much to every suit (or otherwise) who asks me what I want to do with my life. Sure, I get the inevitable "you're a WHAT?" from the norms, but hey, Thats Fine By Me. I get a chance to tell them what I do, where I see technology going, how I can help them get Useful And Interesting Things Done. If people get confused by the Hacker/Cracker dichotomy, I spread the Ethic: Think for yourself, use what you know, learn what you don't, and try to understand everything. Don't hurt anyone and have fun, because otherwise it just isn't worth it (way too boring sometimes, like right now as I'm trying to get glibc installed, only I'm doing it by hand).
IT'S SPIN, BABY!!! This is mediawar, and we can fight, too. Hell, we can even win. Yeah, I'm a hacker. I do interesting shit with a computer. Let me tell you about it. Etc. That's called Good Advertising, thankyouverymuch, because the word hacker not only connotes DARKEST EVIL, but massive sk1lz. And I'm "such a NICE boy" that people forget about the EVIL part, and as soon as I can socially engineer them for about five minutes, I have them well on the way to being convinced that I'm pretty damn smart, QED.
The ultimate exploit. No sticky mess to clean up, no syslogs to erase. The pure power of communication, which is why I'm into computers in the first place. Take THAT, Madison Avenue!
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
...that way Spaf can teach the kiddies proper nettiquette while he's crushing the ability to think for one's self out of them.
I can just see it now...
Yeah, I've seen the future, and the future is Happynet...
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Oh beautiful. I haven't seen a link to Scientologist pamphleture in far too long. Don't know about the rest of you, but I miss the CoS flamewars on Usenet. It was always more entertaining than the usual "SPAM is Good - No it's THEFT!" haggling.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
Um, they didn't try to crack 45 million computers. All they did was probe for known exploits.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16