You are assuming that these things do not exist for terminal based editors. They do. It is all about customizing your environment. No, I wouldn't want to use plain old vi for anything other than a quick job, but I get all those things you listed with vim (for example) and I get what vi offers and I don't have to wait for any three rings circuses whatsoever.;)
You front loaded part of my three-ring-circus-waiting-time with your customization efforts. I may have to wait 30 seconds for the splash screen and the IDE to load up the project, but you just acknowledged that you also spend some amount of time every time you begin developing in a new environment. (And I'd maintain that the graphical presentation of source or program architecture is also valuable, but again not everyone needs or wants it.)
Show me an IDE with a Turing complete context menu and I'll readily concede that point.:)
Here's one way to do it in Eclipse and here's one way in Visual Studio 2005. I've used it to create a plugin that automates the generation of CppUnit unit test skeletons. I've also created a plugin for VS6 (a very long time ago) that automated the maintenance of a project by watching a folder for new source code modules, automatically adding them into the project, and then building with them. I suppose if someone cared hard enough, they could implement ed in a context menu accessible dialog box, using ! as the menu accelerator key. That actually sounds kind of cool...hmm... anyway, it sounds better than Clippy for vi.:-) Anyway, the point is that both text and IDE environments are endlessly customizable.
And I totally get your point that some people prefer IDEs. The problem I have is the attitude those people often display is that IDEs are only for beginners or bad coders, which simply is not true. And many of them do it very arrogantly, which is quite off-putting.
I think the bad rep that IDEs get is that people don't see it as the difference between a performance enhancing tool and training wheels. Look at it with different users, though, and it becomes obvious why there can be differences of opinion.
Do the productivity gains given by an IDE enable a bad coder to write more bad code? Yes, and I think that is heavily related to the biases against IDEs. It enables stupid people to make more mistakes per hour. But that's no different than a stupid person buying a fast car. It doesn't make fast cars bad, it just means stupid people can go faster.
Will an IDE make a bad coder better? No, although that's a mistaken impression a lot of managers have because the bad coders are more productive. Productive != better.
Will an IDE help a bad coder become better? (Note the distinction between the previous question.) I believe the complexity of the tools may often hinder learning by hiding important foundational knowledge inside "wizards" or "code generators." But because those tools make a good programmer more productive, they shouldn't be eliminated. Someone will become better only if they're personally interested in improving their skills, but that has nothing to do with their choice of tools.
Will an IDE make a good coder worse? Absolutely not. There's a learning curve, of course, but anyone able to master programming will have no problem picking up such a tool.
Will an IDE make a good coder better? I have seen that it can, especially when you're dealing with more than one programmer on a project. Plug in a real-time static code analyzer, and they find mistakes fast. Plug in an architecture visualizer, and they can instantly see if someone is violating layer encapsulation. Plug in a code generator and you el
Maybe because you have never tried working without an IDE?
Sorry, I've been coding for 40 years. I've done everything from punching paper tape, and keying punch cards, to filling out optical scanning documents, edlin, ed, vi (but never emacs), Turbo $(LANGUAGE), Visual Basic from 3+, Eclipse, and so on all the way up through the latest editions of Visual Studio. I'm intimately familiar with many various ways to write programs. And I have to say the IDEs absolutely rock in terms of productivity. Autocomplete, the ability to have every manual at your fingertips in context, visual brace matching, code generating tools, syntax highlighting, trouble tracking, refactoring tools, unit test tools, all these things are knowledge amplifying tools. They employ the power of the computer under my fingertips to make me more effective. My time should absolutely not be wasted on looking up things manually, or trying to recognize I misspelled a word, or spent in various yank and paste operations in vi. The IDE is a performance enhancer.
I've found that the "I'm so macho I write all my code using cat and echo because vi is for wimps" attitude is one primarily of ignorance. These people see these tools and think "they're designed to make it easy for kids to enter the field." They couldn't be more wrong. These tools are written by awesome hackers trying to eke the most performance out of their own time.
I still code manually, of course, on occasion for small test programs. It's just too easy to open a text editor and scratch out a dozen lines of code, rather than loading up the three ring circus of the IDE. And I agree that it bothers me when some kid says "wow, you can actually write code like that?" But the day job isn't about scratching up dozen line test programs. It's about working together with lots of people on modules that are parts of large projects, that have to be submitted through a build machine to reach the testing team. Integrated source code management is yet another pain that an IDE helps take away.
Fact: The shell is infinitely more powerful than anything anyone could cram into a right click accessible context menu.
Y'know, I was going to write something snarky about this, but I trust I've said enough for you to understand why I don't agree that this is actually a "fact".
Well, here's a list of 14,999 people (and one smart guy with a lawyer) who have already proven themselves to be even more stupid than I thought possible.
The only thing I don't want to do is support them on the dole. Beyond that, go ahead and rip them all off again.
And why would you be opposed to using graphical tools, such as an IDE? Being able to click on a label and having it take you to the declaration or definition is great while you're walking through a module. Being able to find all references to it is invaluable when you want to see who called it and how. But to insist they can only learn if they run ctags and type ctrl-] in vi instead of some heretical right clicking in an IDE is ludicrous.
I don't understand people who argue against IDEs. To use a car analogy, it's like telling someone "don't ever use a map. You should just drive on every street around town and learn that you're supposed to stop at the intersection of 4th and Maple, and learn to look left when you approach the train tracks that cross Elm street." It artificially limits them from a lot of valuable tools that could help them learn. I think people should use every tool at their disposal if it aids them in their understanding.
I came here to post this exact link. It's a great book, and a great way to learn how 25 different popular applications are architected, how they work, how they grew to be what they are today, and they show you the value of having planned your apps for the future. (or at least how they were forced to confront the future at least once in their histories. )
For someone just starting out, any of these giant apps would seem daunting to start reading the source at main(). I'd recommend reading the book first, then pick one of the featured apps that is of personal interest to you, such as Eclipse or Audacity, then try reading the source to one of the plug-in modules. Much smaller, and you'll get a better feel for the code itself.
That's a problem I think the banks have a duty to tackle. They simply shouldn't do business without SSL. Plaintext connections should go first to a visible redirector saying "don't be such a dumb ass, always type 'https' when accessing any bank's web site" (OK, maybe more polite.)
This Certificate forgery isn't all bad (except to the direct victims, who I hope are able to remain safe.) It's a wakeup call if we choose to listen.
The root CA PKI system has always been a house of cards. It's great for the purpose for which it was designed, which is a single top-down hierarchical organization, but that's not the Internet. We've just stuck with it for so long that we've never bothered with the tremendous amount of work it would take to replace it with something better. This is a gust of wind that'sreminded everyone how bad it is. Another few such attacks might force a wholesale change. And that would be good.
Hell, if he really hacked it, he'd have signed the message with DigiNotar's key. He's the only person in this whole debaucle I'd trust to actually have a clue as to how to really use their certificates.
I'm concerned about Vasco, their parent company. They sell hardware and software authentication systems like DIGIPASS and IDENTIKEY, things that are used to protect bank accounts, transit systems, etc. Is there or could there be any cross pollination attack? Were DigiNotar certs used to sign any of the DIGIPASS hardware or software? Do any of the existing DIGIPASS solutions have the DigiNotar certificate baked into them?
No, you don't need a centralized trusted org. That is the entire point between the "web of trust" of PGP. I sign my own key and rate it level 4. I sign the keys of my best friends, employer, and the banks where I do business and rate them a level 3. I sign the keys of retail stores where I'm a customer, and the keys of casual acquaintances level 2. I sign the keys of people I know only on the web and rate them no higher than level 1 or 0.
Now, when you are trying to evaluate the key of www.shadybank.com, you can look at their signers. You can say "I see that my good buddy Fred signed your key, and I trust him at level 3, therefore I'll trust you to level 2." You can say "I see that four friends who all trust you at level 2 have signed your key, so I'll trust you at level 1" or even "I see that I have a dozen friends at level 2 all signed your key, so I'll also trust you at level 2." You could say "I trusted this site at level 0 for a transaction last year, and I've used them three times since and didn't get my ID stolen, so I'm going to bump them to a 1." Or you could even happen by the offices of ShadyBank, examine the framed key they have posted on the wall, and decide to bump your trust level to 3 anyway.
The point is that you can establish your own criteria for figuring out whether or not you want to trust a third party. You assign levels of trust to people and organizations you trust. And you place your trust in those who you think deserve it. Today, you get whatever random crap the CAs sign. And you get all of the crappy CAs built into your browser, including diginotar, and who knows who else?
I'm thinking I'd like a "web of trust" of CAs. I have no idea which ones to trust, and I'm not sure I trust the Mozilla Foundation or Microsoft or Google to pick the trustworthy ones. Instead, if I could have ratings from my friends saying "GoDaddy is a good CA, but Diginotar is crappy", I could use that.
Why would the source code to a medical device matter to you? First, there isn't a thing you could change about it. If you changed it, as a different patient I wouldn't want to trust your changes. If I were your doctor, I don't know your qualifications so I wouldn't trust your changes, and so I wouldn't prescribe the use of the changed software. All software and changes to the devices have to be tested and certified.
The only thing you might think you could do would be to make a choice of "certified machine A" or "certified machine B" or "no treatment." But even that's a false choice. Medical devices undergo a testing regimen based on how they're configured and used. Machine A when used in manner A is supposed to perform in method A every time. Machine B when used in manner B is supposed to perform in method B every time, but this is not exactly the same as method A. The doctor would make his choice based on his training and experience, and select the best one for the job (best according to his criteria, not yours!) As your patient, your doctor may decide your illness would be best treated using method A. Open source or not, the trained professional has decided it's the best methodology for the job.
And there's a lot more to a machine than the software. Other key differences would include the manufacture. Would you ask for blueprints of every part of that machine? Would you demand to see the tolerances for the hinge pin? Would you need to see the testing report for the hinge pin that shows it was manufactured to within all specified tolerances? If you're not going to dig that deep, why not? It's because at some point you trust that parts of this machine were designed and made to a certain level of quality. What makes the software any more or less deserving of your trust?
Now, all other things being equal, you might ask your doctor "hey, I want you to use machine B, it's open source" and he might agree. However, that means absolutely ALL other things have to be equal, and they never are. He may have experience with machine B's hinge pins jamming. He may have always had great results with machine A. Or he may simply have no experience with machine B, and very limited time to learn it. Would you be comfortable being his first test subject? And would you pay him extra for the time he needs to spend learning to use machine B?
You're weighing "device invention and development" and "millions of dollars worth of testing" and "years of doctor experience" against "the patient who has more at stake than the doctor, but whose qualifications are completely unknown, looked at the source code." As an independent third party, I'd choose the machine meeting first set of qualifications over the second set every single time.
As a patient you may or may not be a crackpot, but look at the average person the doctor has to treat. He's got people coming to him saying "I read in a magazine in the airplane that you should use avocado pits to treat my lymphoma" or "wave magnets over my wrist, I read it on the wiki-peter!" That doctor has essentially no way to trust that you're not giving him equally stupid advice.
A completely different question, and probably more valid, is "Should the software source be opened up to a panel of trusted professional third party software engineers for review?" To that I'd say absolutely. And for all I know, that might already be part of the certification process.
Do you think the Windows Tablet edition of XP would have dominated the market had they made their GUI better? The tablets of the era needed a stylus because every tablet I ever saw was running a high resolution screen with the stock GUI, meaning teeny-tiny little "dropdown" buttons, scroll bars, etc. But they could run any Windows program without modification. They didn't sell. Even if the OS had been fully optimized for tablets (it never was,) nobody cared that they could run a teeny-tiny screen version of Excel, because they still expected full desktop usability out of them.
As you said, Apple broke backward compatibility from day zero, and told everyone "No, you will NOT get a desktop experience from this machine. Only custom-written, Apple-blessed-and-approved iPhone-specific apps will run on our devices." Microsoft even tried that approach early on with WinCE, but they found only a few dozen embedded customers (printers, etc.,), got it installed on a few crappy slow phones that served mostly to embarrass them with their awful performance, and the marketplace really didn't care at all. For $(DEITY)'s sake, they were so bad that the crappy Nokia phones outsold WinCE phones! By trying to accommodate multi-platform software, Microsoft failed on all platforms.
Microsoft may even have been the ground-breakers here, showing the world that a small device could have great potential, while providing a rich list of mistakes to avoid making. Apple learned those lessons much better than Microsoft.
I am fully of the opinion that right now, Apple could announce today a slick white electronic toothpick for $300, and there'd be lines outside apple stores nationwide tomorrow morning demanding the new iPic.
I just called my Apple Store, and they say they've never heard of the iPic! Where do I have to go to get one? Where did you get yours? Are they on eBay yet? Will they come in black?
Stenography is the way a court reporter types up a transcript of what was said. Steganography is secret writing hidden in something else. Two different words.
You're missing way #3, which is likely to be the real implementation:
Simply tell the population that you've banned encryption, and when you arrest someone for any reason you check their browser caches, their email, their hard drives, looking for PGP, SSL, certificates with private keys, scrambled files, etc. For each one of the above that the police find, you add 10 [ lashes | cane strokes | stones | genital kicks | innocent relatives punished ] to their sentence. Carry out the punishment in the central square, with all national television cameras broadcasting live. Repeat for the next month or two. Ordinary citizens will scramble to comply. Now, start looking for any traffic on port 443, and there are your "criminals".
You don't need a technical solution when a psychological solution does your job for you.
Dear Business person , We know you are interested in receiving cutting-edge information . This is a one time mailing there is no need to request removal if you won't want any more ! This mail is being sent in compliance with Senate bill 2516 , Title 6 ; Section 307 . This is different than anything else you've seen . Why work for somebody else when you can become rich in 55 MONTHS ! Have you ever noticed society seems to be moving faster and faster and society seems to be moving faster and faster . Well, now is your chance to capitalize on this ! WE will help YOU turn your business into an E-BUSINESS plus deliver goods right to the customer's doorstep ! The best thing about our system is that it is absolutely risk free for you ! But don't believe us . Mrs Simpson of Maryland tried us and says "I was skeptical but it worked for me" . We assure you that we operate within all applicable laws ! We implore you - act now ! Sign up a friend and you get half off . Thanks .
Verizon didn't "kill FTP access". They didn't shut down the protocol. They only shut off FTP access to their free personal web page hosting servers. That's a big difference when you're writing a headline.
It's days like this that I miss the fine editing that CmdrTaco used to provide.
I knew a guy who started.com companies like popcorn. His business plan was the same for all of them: be successful enough until someone bigger buys you out. His goal was to work for a year at trying to get a thing going, then sell it for a couple million dollars for that short duration that it would be hot. Most of these things were very transient. They were unknown a month ago, on the rise a week ago, popular today, and by next month they probably wouldn't even be a memory.
I think these big companies learned their lessons. They tried over and over to pump money into these little concepts that never had longevity as a part of their plans. They bled red ink.
So if they don't see that initial wave, they're cutting the bleeding off now before they pump additional useless money into a concept that never will make it. It makes financial sense.
The aspect unique to the pharmaceutical industry is the size of the investment. I can't sit in my garage and test a hundred thousand compounds, or even test one compound on a level 4 biohazardous material. I may not have a hundred friends with herpes who want to inject themselves with John's Herpes Drug Trial #317. And after the trial, I may only have 88 friends left, and a dozen multi-million dollar wrongful death lawsuits. I can perhaps build a wristwatch that houses a fishing reel, or a hat that holds beer cans in a silly fashion, and ask my in-laws for a few thousand dollars to patent a prototype. But I can't create a garage-drug and bring it to market. For one thing, as a society we've set up the FDA who has placed a heavy testing burden on new drugs. Just to bring one drug through clinical trials takes many years and costs millions of dollars.
Remember, the patent system applies equally to the beer-can-holder-on-a-hat invention as it does to a billion-dollar drug. A lone person could invent creative beer-can-holders all day long and patent them. Or to use your example, people can play music for money without needing a record company behind them. None of those approach a minute fraction of the investment it takes to create a complex drug. And those investments would be wiped out if patents weren't protecting them.
Is every blockbuster drug helping society? Certainly not. It doesn't benefit me if you achieve male enhancement or a four hour performance. A useful drug does benefit me if it keeps you healthy and functioning long enough to pay more taxes, or to build cool web sites that people visit, or to do whatever it is you do. But can you tell me in advance which of those new drugs might cure your wife's cancer? Which of those drugs would be keeping your son breathing? Which one will you need to save your own life next month?
Could new drugs be invented another way, perhaps via publicly funded research, and run through university grants? Sure. Would it work? Possibly. Would it be as corrupt as the current pharmaceutical industry? Undoubtedly. Would it be better than what we have today? That's unknowable. And we already have evidence that today's system produces some useful lifesaving drugs. It's a classic case of "the devil you know."
As a society, the patent system is a gamble we take that the pharmaceutical companies will continue valuable research and will create something more valuable to society than a cure for Restless Leg Syndrome. So far, the patent system actually pays off in that respect. If you still don't believe me, ask anyone who is taking retrovirals to keep their HIV infections from giving them AIDS if the system works.
I've heard (long time ago and it was probably wrong anyway) that the first software patent was granted on an invention that incorporated an embedded computer into the process. It was something like a machine that automatically mixed a batch of chemicals, and the computer was an integral part of the monitoring and feedback control this process required. Did that machine deserve a patent? It sure sounds like it to me. It passes both the machine and transformation tests. It was useful. It probably wasn't obvious when it was invented. It produced a concrete result. And the machine would never have worked without the controlling computer, both its hardware and its software, at the heart of the process.
But did its controlling software deserve to be a standalone patent, or was it just an integral part of the overall patentable machine? This might have been the initial machine which was looked at as a reference for the first software-only patents, but I don't know that there were any court decisions made prior to their granting of thousands of software patents. By then inertia had set in, and software patenting was simply accepted without ever really being tested in court. Now there are a million software patents. And then we got to today.
The reason for this little tale is to answer the question you asked. Why an FPGA? Because burning fuses produces a physical implementation of a machine that does exactly this one thing. It's kind of like patenting the abacus or calculator. Math may not be patentable, but a machine that can do math or perform calculations can be patented. If it's part of a useful machine, it passes the machine test.
The flip side is that it also sidesteps the question of "is this a unique invention?" Really, it's just an FPGA with a unique set of values, not much different than a piece of paper with writing on it. You and I both know it's a technicality designed strictly to work around the legal issue of "patenting software." But a good lawyer could build an entire career out of a thinner case than this.
Slashdot Mirror
You are assuming that these things do not exist for terminal based editors. They do. It is all about customizing your environment. No, I wouldn't want to use plain old vi for anything other than a quick job, but I get all those things you listed with vim (for example) and I get what vi offers and I don't have to wait for any three rings circuses whatsoever. ;)
You front loaded part of my three-ring-circus-waiting-time with your customization efforts. I may have to wait 30 seconds for the splash screen and the IDE to load up the project, but you just acknowledged that you also spend some amount of time every time you begin developing in a new environment. (And I'd maintain that the graphical presentation of source or program architecture is also valuable, but again not everyone needs or wants it.)
Show me an IDE with a Turing complete context menu and I'll readily concede that point. :)
Here's one way to do it in Eclipse and here's one way in Visual Studio 2005. I've used it to create a plugin that automates the generation of CppUnit unit test skeletons. I've also created a plugin for VS6 (a very long time ago) that automated the maintenance of a project by watching a folder for new source code modules, automatically adding them into the project, and then building with them. I suppose if someone cared hard enough, they could implement ed in a context menu accessible dialog box, using ! as the menu accelerator key. That actually sounds kind of cool...hmm... anyway, it sounds better than Clippy for vi. :-) Anyway, the point is that both text and IDE environments are endlessly customizable.
And I totally get your point that some people prefer IDEs. The problem I have is the attitude those people often display is that IDEs are only for beginners or bad coders, which simply is not true. And many of them do it very arrogantly, which is quite off-putting.
I think the bad rep that IDEs get is that people don't see it as the difference between a performance enhancing tool and training wheels. Look at it with different users, though, and it becomes obvious why there can be differences of opinion.
Maybe because you have never tried working without an IDE?
Sorry, I've been coding for 40 years. I've done everything from punching paper tape, and keying punch cards, to filling out optical scanning documents, edlin, ed, vi (but never emacs), Turbo $(LANGUAGE), Visual Basic from 3+, Eclipse, and so on all the way up through the latest editions of Visual Studio. I'm intimately familiar with many various ways to write programs. And I have to say the IDEs absolutely rock in terms of productivity. Autocomplete, the ability to have every manual at your fingertips in context, visual brace matching, code generating tools, syntax highlighting, trouble tracking, refactoring tools, unit test tools, all these things are knowledge amplifying tools. They employ the power of the computer under my fingertips to make me more effective. My time should absolutely not be wasted on looking up things manually, or trying to recognize I misspelled a word, or spent in various yank and paste operations in vi. The IDE is a performance enhancer.
I've found that the "I'm so macho I write all my code using cat and echo because vi is for wimps" attitude is one primarily of ignorance. These people see these tools and think "they're designed to make it easy for kids to enter the field." They couldn't be more wrong. These tools are written by awesome hackers trying to eke the most performance out of their own time.
I still code manually, of course, on occasion for small test programs. It's just too easy to open a text editor and scratch out a dozen lines of code, rather than loading up the three ring circus of the IDE. And I agree that it bothers me when some kid says "wow, you can actually write code like that?" But the day job isn't about scratching up dozen line test programs. It's about working together with lots of people on modules that are parts of large projects, that have to be submitted through a build machine to reach the testing team. Integrated source code management is yet another pain that an IDE helps take away.
Fact: The shell is infinitely more powerful than anything anyone could cram into a right click accessible context menu.
Y'know, I was going to write something snarky about this, but I trust I've said enough for you to understand why I don't agree that this is actually a "fact".
Well, here's a list of 14,999 people (and one smart guy with a lawyer) who have already proven themselves to be even more stupid than I thought possible.
The only thing I don't want to do is support them on the dole. Beyond that, go ahead and rip them all off again.
And why would you be opposed to using graphical tools, such as an IDE? Being able to click on a label and having it take you to the declaration or definition is great while you're walking through a module. Being able to find all references to it is invaluable when you want to see who called it and how. But to insist they can only learn if they run ctags and type ctrl-] in vi instead of some heretical right clicking in an IDE is ludicrous.
I don't understand people who argue against IDEs. To use a car analogy, it's like telling someone "don't ever use a map. You should just drive on every street around town and learn that you're supposed to stop at the intersection of 4th and Maple, and learn to look left when you approach the train tracks that cross Elm street." It artificially limits them from a lot of valuable tools that could help them learn. I think people should use every tool at their disposal if it aids them in their understanding.
I came here to post this exact link. It's a great book, and a great way to learn how 25 different popular applications are architected, how they work, how they grew to be what they are today, and they show you the value of having planned your apps for the future. (or at least how they were forced to confront the future at least once in their histories. )
For someone just starting out, any of these giant apps would seem daunting to start reading the source at main(). I'd recommend reading the book first, then pick one of the featured apps that is of personal interest to you, such as Eclipse or Audacity, then try reading the source to one of the plug-in modules. Much smaller, and you'll get a better feel for the code itself.
That's a problem I think the banks have a duty to tackle. They simply shouldn't do business without SSL. Plaintext connections should go first to a visible redirector saying "don't be such a dumb ass, always type 'https' when accessing any bank's web site" (OK, maybe more polite.)
This Certificate forgery isn't all bad (except to the direct victims, who I hope are able to remain safe.) It's a wakeup call if we choose to listen.
The root CA PKI system has always been a house of cards. It's great for the purpose for which it was designed, which is a single top-down hierarchical organization, but that's not the Internet. We've just stuck with it for so long that we've never bothered with the tremendous amount of work it would take to replace it with something better. This is a gust of wind that'sreminded everyone how bad it is. Another few such attacks might force a wholesale change. And that would be good.
Hell, if he really hacked it, he'd have signed the message with DigiNotar's key. He's the only person in this whole debaucle I'd trust to actually have a clue as to how to really use their certificates.
I'm concerned about Vasco, their parent company. They sell hardware and software authentication systems like DIGIPASS and IDENTIKEY, things that are used to protect bank accounts, transit systems, etc. Is there or could there be any cross pollination attack? Were DigiNotar certs used to sign any of the DIGIPASS hardware or software? Do any of the existing DIGIPASS solutions have the DigiNotar certificate baked into them?
No, you don't need a centralized trusted org. That is the entire point between the "web of trust" of PGP. I sign my own key and rate it level 4. I sign the keys of my best friends, employer, and the banks where I do business and rate them a level 3. I sign the keys of retail stores where I'm a customer, and the keys of casual acquaintances level 2. I sign the keys of people I know only on the web and rate them no higher than level 1 or 0.
Now, when you are trying to evaluate the key of www.shadybank.com, you can look at their signers. You can say "I see that my good buddy Fred signed your key, and I trust him at level 3, therefore I'll trust you to level 2." You can say "I see that four friends who all trust you at level 2 have signed your key, so I'll trust you at level 1" or even "I see that I have a dozen friends at level 2 all signed your key, so I'll also trust you at level 2." You could say "I trusted this site at level 0 for a transaction last year, and I've used them three times since and didn't get my ID stolen, so I'm going to bump them to a 1." Or you could even happen by the offices of ShadyBank, examine the framed key they have posted on the wall, and decide to bump your trust level to 3 anyway.
The point is that you can establish your own criteria for figuring out whether or not you want to trust a third party. You assign levels of trust to people and organizations you trust. And you place your trust in those who you think deserve it. Today, you get whatever random crap the CAs sign. And you get all of the crappy CAs built into your browser, including diginotar, and who knows who else?
I'm thinking I'd like a "web of trust" of CAs. I have no idea which ones to trust, and I'm not sure I trust the Mozilla Foundation or Microsoft or Google to pick the trustworthy ones. Instead, if I could have ratings from my friends saying "GoDaddy is a good CA, but Diginotar is crappy", I could use that.
And to bail out of the market the week before Jobs resigned? They're not just a tool, they're the whole toolbox.
Why would the source code to a medical device matter to you? First, there isn't a thing you could change about it. If you changed it, as a different patient I wouldn't want to trust your changes. If I were your doctor, I don't know your qualifications so I wouldn't trust your changes, and so I wouldn't prescribe the use of the changed software. All software and changes to the devices have to be tested and certified.
The only thing you might think you could do would be to make a choice of "certified machine A" or "certified machine B" or "no treatment." But even that's a false choice. Medical devices undergo a testing regimen based on how they're configured and used. Machine A when used in manner A is supposed to perform in method A every time. Machine B when used in manner B is supposed to perform in method B every time, but this is not exactly the same as method A. The doctor would make his choice based on his training and experience, and select the best one for the job (best according to his criteria, not yours!) As your patient, your doctor may decide your illness would be best treated using method A. Open source or not, the trained professional has decided it's the best methodology for the job.
And there's a lot more to a machine than the software. Other key differences would include the manufacture. Would you ask for blueprints of every part of that machine? Would you demand to see the tolerances for the hinge pin? Would you need to see the testing report for the hinge pin that shows it was manufactured to within all specified tolerances? If you're not going to dig that deep, why not? It's because at some point you trust that parts of this machine were designed and made to a certain level of quality. What makes the software any more or less deserving of your trust?
Now, all other things being equal, you might ask your doctor "hey, I want you to use machine B, it's open source" and he might agree. However, that means absolutely ALL other things have to be equal, and they never are. He may have experience with machine B's hinge pins jamming. He may have always had great results with machine A. Or he may simply have no experience with machine B, and very limited time to learn it. Would you be comfortable being his first test subject? And would you pay him extra for the time he needs to spend learning to use machine B?
You're weighing "device invention and development" and "millions of dollars worth of testing" and "years of doctor experience" against "the patient who has more at stake than the doctor, but whose qualifications are completely unknown, looked at the source code." As an independent third party, I'd choose the machine meeting first set of qualifications over the second set every single time.
As a patient you may or may not be a crackpot, but look at the average person the doctor has to treat. He's got people coming to him saying "I read in a magazine in the airplane that you should use avocado pits to treat my lymphoma" or "wave magnets over my wrist, I read it on the wiki-peter!" That doctor has essentially no way to trust that you're not giving him equally stupid advice.
A completely different question, and probably more valid, is "Should the software source be opened up to a panel of trusted professional third party software engineers for review?" To that I'd say absolutely. And for all I know, that might already be part of the certification process.
Do you think the Windows Tablet edition of XP would have dominated the market had they made their GUI better? The tablets of the era needed a stylus because every tablet I ever saw was running a high resolution screen with the stock GUI, meaning teeny-tiny little "dropdown" buttons, scroll bars, etc. But they could run any Windows program without modification. They didn't sell. Even if the OS had been fully optimized for tablets (it never was,) nobody cared that they could run a teeny-tiny screen version of Excel, because they still expected full desktop usability out of them.
As you said, Apple broke backward compatibility from day zero, and told everyone "No, you will NOT get a desktop experience from this machine. Only custom-written, Apple-blessed-and-approved iPhone-specific apps will run on our devices." Microsoft even tried that approach early on with WinCE, but they found only a few dozen embedded customers (printers, etc.,), got it installed on a few crappy slow phones that served mostly to embarrass them with their awful performance, and the marketplace really didn't care at all. For $(DEITY)'s sake, they were so bad that the crappy Nokia phones outsold WinCE phones! By trying to accommodate multi-platform software, Microsoft failed on all platforms.
Microsoft may even have been the ground-breakers here, showing the world that a small device could have great potential, while providing a rich list of mistakes to avoid making. Apple learned those lessons much better than Microsoft.
I am fully of the opinion that right now, Apple could announce today a slick white electronic toothpick for $300, and there'd be lines outside apple stores nationwide tomorrow morning demanding the new iPic.
I just called my Apple Store, and they say they've never heard of the iPic! Where do I have to go to get one? Where did you get yours? Are they on eBay yet? Will they come in black?
Except Amazon erased my copy of 1984, so I have no idea what you're talking about.
Stenography is the way a court reporter types up a transcript of what was said.
Steganography is secret writing hidden in something else.
Two different words.
You're missing way #3, which is likely to be the real implementation:
Simply tell the population that you've banned encryption, and when you arrest someone for any reason you check their browser caches, their email, their hard drives, looking for PGP, SSL, certificates with private keys, scrambled files, etc. For each one of the above that the police find, you add 10 [ lashes | cane strokes | stones | genital kicks | innocent relatives punished ] to their sentence. Carry out the punishment in the central square, with all national television cameras broadcasting live. Repeat for the next month or two. Ordinary citizens will scramble to comply. Now, start looking for any traffic on port 443, and there are your "criminals".
You don't need a technical solution when a psychological solution does your job for you.
You mean like this? http://www.spammimic.com/index.shtml
Dear Business person , We know you are interested in
receiving cutting-edge information . This is a one
time mailing there is no need to request removal if
you won't want any more ! This mail is being sent in
compliance with Senate bill 2516 , Title 6 ; Section
307 . This is different than anything else you've seen
. Why work for somebody else when you can become rich
in 55 MONTHS ! Have you ever noticed society seems
to be moving faster and faster and society seems to
be moving faster and faster . Well, now is your chance
to capitalize on this ! WE will help YOU turn your
business into an E-BUSINESS plus deliver goods right
to the customer's doorstep ! The best thing about our
system is that it is absolutely risk free for you !
But don't believe us . Mrs Simpson of Maryland tried
us and says "I was skeptical but it worked for me"
. We assure you that we operate within all applicable
laws ! We implore you - act now ! Sign up a friend
and you get half off . Thanks .
Ummm... whoosh?
6 years ago I'd have cracked the same joke about Jon Katz (and probably did.)
It's never too early for snark. I was just on vacation this weekend.
MS is the big bully that has had it's ass kicked by the new bigger bully - Apple - and is trying to be nice....
"Sherman, set the Wayback Machine for 1995!"
IBM is the big bully that has had its ass kicked by the new bigger bully - MS - and is trying to be nice....
And the cycle of history repeats itself.
Verizon didn't "kill FTP access". They didn't shut down the protocol. They only shut off FTP access to their free personal web page hosting servers. That's a big difference when you're writing a headline.
It's days like this that I miss the fine editing that CmdrTaco used to provide.
I knew a guy who started .com companies like popcorn. His business plan was the same for all of them: be successful enough until someone bigger buys you out. His goal was to work for a year at trying to get a thing going, then sell it for a couple million dollars for that short duration that it would be hot. Most of these things were very transient. They were unknown a month ago, on the rise a week ago, popular today, and by next month they probably wouldn't even be a memory.
I think these big companies learned their lessons. They tried over and over to pump money into these little concepts that never had longevity as a part of their plans. They bled red ink.
So if they don't see that initial wave, they're cutting the bleeding off now before they pump additional useless money into a concept that never will make it. It makes financial sense.
Rob,
I hope you enjoy the next phase of your life as much as I've enjoyed Slashdot!
Congratulations, and thanks!
John
The aspect unique to the pharmaceutical industry is the size of the investment. I can't sit in my garage and test a hundred thousand compounds, or even test one compound on a level 4 biohazardous material. I may not have a hundred friends with herpes who want to inject themselves with John's Herpes Drug Trial #317. And after the trial, I may only have 88 friends left, and a dozen multi-million dollar wrongful death lawsuits. I can perhaps build a wristwatch that houses a fishing reel, or a hat that holds beer cans in a silly fashion, and ask my in-laws for a few thousand dollars to patent a prototype. But I can't create a garage-drug and bring it to market. For one thing, as a society we've set up the FDA who has placed a heavy testing burden on new drugs. Just to bring one drug through clinical trials takes many years and costs millions of dollars.
Remember, the patent system applies equally to the beer-can-holder-on-a-hat invention as it does to a billion-dollar drug. A lone person could invent creative beer-can-holders all day long and patent them. Or to use your example, people can play music for money without needing a record company behind them. None of those approach a minute fraction of the investment it takes to create a complex drug. And those investments would be wiped out if patents weren't protecting them.
Is every blockbuster drug helping society? Certainly not. It doesn't benefit me if you achieve male enhancement or a four hour performance. A useful drug does benefit me if it keeps you healthy and functioning long enough to pay more taxes, or to build cool web sites that people visit, or to do whatever it is you do. But can you tell me in advance which of those new drugs might cure your wife's cancer? Which of those drugs would be keeping your son breathing? Which one will you need to save your own life next month?
Could new drugs be invented another way, perhaps via publicly funded research, and run through university grants? Sure. Would it work? Possibly. Would it be as corrupt as the current pharmaceutical industry? Undoubtedly. Would it be better than what we have today? That's unknowable. And we already have evidence that today's system produces some useful lifesaving drugs. It's a classic case of "the devil you know."
As a society, the patent system is a gamble we take that the pharmaceutical companies will continue valuable research and will create something more valuable to society than a cure for Restless Leg Syndrome. So far, the patent system actually pays off in that respect. If you still don't believe me, ask anyone who is taking retrovirals to keep their HIV infections from giving them AIDS if the system works.
I've heard (long time ago and it was probably wrong anyway) that the first software patent was granted on an invention that incorporated an embedded computer into the process. It was something like a machine that automatically mixed a batch of chemicals, and the computer was an integral part of the monitoring and feedback control this process required. Did that machine deserve a patent? It sure sounds like it to me. It passes both the machine and transformation tests. It was useful. It probably wasn't obvious when it was invented. It produced a concrete result. And the machine would never have worked without the controlling computer, both its hardware and its software, at the heart of the process.
But did its controlling software deserve to be a standalone patent, or was it just an integral part of the overall patentable machine? This might have been the initial machine which was looked at as a reference for the first software-only patents, but I don't know that there were any court decisions made prior to their granting of thousands of software patents. By then inertia had set in, and software patenting was simply accepted without ever really being tested in court. Now there are a million software patents. And then we got to today.
The reason for this little tale is to answer the question you asked. Why an FPGA? Because burning fuses produces a physical implementation of a machine that does exactly this one thing. It's kind of like patenting the abacus or calculator. Math may not be patentable, but a machine that can do math or perform calculations can be patented. If it's part of a useful machine, it passes the machine test.
The flip side is that it also sidesteps the question of "is this a unique invention?" Really, it's just an FPGA with a unique set of values, not much different than a piece of paper with writing on it. You and I both know it's a technicality designed strictly to work around the legal issue of "patenting software." But a good lawyer could build an entire career out of a thinner case than this.