I've tried to use hprof on complex systems, and it just isn't up to the task. Try throwing a system that has a few hundred threads, a couple of databases, and a servlet container at it. hprof quickly loses track of what's going on and stops recording long before my first servlet gets control.
Sure, JRat is interesting, but I like the DeveloperWorks article's idea of taking the *exact* bytecode you'll be running and instrumenting it. Now if I can just figure out how to shoehorn it into Tomcat...
Since the radio is the main battery draw of any phone
No, the transmitter is the main battery draw of any phone, or any portable radio system for that matter. Push saves battery life because the handheld device doesn't have to fire up the transmitter to find out there's nothing to do.
All it took was one little patent holding company to bring down a legitimate product used by millions of business users. Does NTP even make a product of their own? The main reason that I see this as a problem is pretty simple: software patents' shelf-lives are too long to do anything but make them a pay day for the lawyers.
I agree that software patents are bad for programmers, but this isn't a software patent case. And despite what some folks would have you believe, NTP isn't some patent troll. Yes, the guy who filed the patents in the first place is dead and it's his heirs who are pressing RIM for license fees, but hey - they're his heirs, they're entitled to whatever they inherited. Yes, NTP is an outfit formed to make money from "intellectual property" - but so are publishers, and we don't hate them.
As for having made a product, the original owner of the patent, Thomas Campana, did indeed attempt to use it. He built a company, he created products, he tried to make the business work. Like 90% of all new companies, he didn't succeed. But he realized that the technology he had created and patented had value to someone. He was absolutely correct about that - Nokia has bought licenses, and it looks like RIM will eventually have to also.
I don't know about you, but if I invented a better mousetrap (or hey - intermittant windshield wipers, the canonical patent infringement example) and died, I'd like my wife and kids to get paid for my work.
And you better with OSS because in this case you don't only have the exe but the source as well!
No, you aren't. In the case of a patent infringement problem, all the source gets you is an opportunity to be sued by the patent holder. And it's worse than that - at least here in the USA, you'd be subject to treble damages for knowingly violating the patent.
There actually is a very good chance that the BlackBerry network will shut down. RIM's position seems to be that the only deal they can get from NTP is too costly, time-consuming, or whatever, and that they'd rather go down in flames.
If that's what RIM wants to do, that's what's gonna happen. And if they piss NTP off too much, it won't matter how deep their pockets are - NTP seems willing to deny RIM a patent license for spite.
Anyone who wishes to not have their code relicensed can contact Linus; and that portion of the code will have to be rewritten. It's that simple. Rewriting such portions will involve some work; but it certainly can be done.
One of the common misconceptions of the Free and Open Software worlds is this "we'll just rewrite it" idea. I'm glad to see you say "it will involve some work", because that's usually forgotten. For example, the replacement code needs to be written by someone who has never seen the "bad code" they'll be replacing. And the code that interfaces with the "bad code" may need to be rewritten in a similar clean-room manner, as it is possible that those interfaces were inspired by the "bad code" and are themselves a derived work.
Clean-room rewrites can be big, hairy deal, and moreso for smaller chunks of code that are tightly wired into their surrounding environments. It ain't rocket science, but it ain't no walk in the park neither.
I enjoyed the furlongs per fortnight example that the book provides: did you know that the speed of light in a vacuum is 1,802,617,499,785.253 furlongs per fortnight?
Abe: "The metric system is the tool of the devil! My car gets forty rods to the hogshead, and that's the way I likes it!"
In this case, though, "GNU/Linux®" isn't just overly wordy, it's incorrect. The advice is all about tuning the kernel's TCP stack, which is pure Linux®.
Part of the problem is that ICANN acts as if it was a sovereign body, or at least one with UN sponsorship. How would you feel some NGO sponsored by Iraq took the.US domain down and refused to assign it to the US Federal government? The.IQ situation is just one of the cases where ICANN has acted in a seemingly-arbitrary manner when dealing with supposedly-sovereign states. ICANN is absolutely begging for an intervention.
There's just no way that ICANN should be involved at all in the delegation of the country-code domains. That's a task for a globally-accepted multi-lateral bureaucracy, like the ITU or ISO. Most of those organizations get their legitimacy from the UN, and ICANN doesn't want to go there.
Now.BIZ,.TRAVEL,.XXX, that's the horse of a different color you've heard tell about. But then again, some of us Internet alte cockers think that there was never any need for more than.COM,.EDU,.MIL, and.ORG and that those shouldn't be US-centric.
PS: A quick look at some fast Java code. (It is a bit dated but gives you some idea what I am talking about.)
Hmm... that's a little archaic. The page complains about Java performance in JDK 1.1, and appears to be based on a site (http://www.cs.cmu.edu/~jch/java/optimization.html) that hasn't been updated since 1998.
I would say 60% of the innovative new ideas in software over the last 7-8 years are coming from the open source java arena. Examples are Spring, Ant, JUnit, Hibernate, Maven, Struts, AspectJ, Cocoon. It's hard to point to any of these and claim it is a knockoff of something else.
You're kidding, right? Ant is a knockoff of Make in every way except for syntax. Ant's much-vaunted simplicity and Make's much-maligned complexity are in fact simply differences in age and maturity. The two are approximately equal in power and potential, and Ant will get worse as time goes by and it gets applied more often to larger and more complex systems.
The days of an "AutoAnt" build.xml-builder aren't here yet, but they're coming.
The whole idea behind the RFC system was that the documents, once published, are unchanging. Just like every standard ANSI and ISO publish. There can be and often are documents that revise the protocol, but that's the nature of the standards game and even the ISO does it. Despite common references to ISO standards by number, their proper names are ISO nnnnn:yyyy. For example, SGML is ISO 8879:1986, not ISO 8879, and it has been updated three times since it was issued, by ISO 8879:1986/Cor 1:1996, ISO 8879:1986/Cor 2:1999 and ISO 8879:1986/Amd 1:1988.
And "back in the day", if you didn't implement part of an RFC for a protocol you implemented, you got lambasted for it. Search around the net for the early 1908s discussions of the TCP Bakeoffs if you want to see how serious we were about it.
Good for the investors and execs, bad for everyone else who would rather have a job than a severence package.
If an acquisition brings you a severance package, you weren't contributing value to the company before it was sold. People who are important to a startup's business get brought forward, and should also be rewarded via stock options, etc. People who aren't important to a startup shouldn't have been hired in the first place - the startup phase is not the time to bring on folks you don't need.
Mmm... call who? That's the key issue. As I said, all the VCs and angels in the public eye are targetted toward minority groups of some sort.
You're not looking hard enough. None of the big VC funds are targeted at minority groups, and most angel groups (at least the ones that survived the 1998-2002 squeeze-out) are more industry-focused than Section 8a-focused.
If you don't know a VC personally, start by surfing the "About our company" and "Our Board of Directors" pages for companies that are in the same "area" as you (for whatever dimension of "area" you choose - industry, location, etc.). And check out the investment industry itself. Here on the right coast, there's the Mid Atlantic Venture Assocation (MAVA), which invites 50 companies to pitch to their 125 member firms at the MAVA Capital Connection every year.
More generally, it helps to be doing something that's trendy. Most VCs aren't the business gurus they'd have you believe they are. After all, not every investor can be Art Marks, John Burton, or Mario Morino, just like not every programmer can be Steve Wozniak or (thank $DEITY) Charles Simonyi. The rest of them watch what the Big Dogs are doing, and try to do the same thing. Thus the "security is hot - are you a security company?" phase 12 to 24 months ago. Similarly the "you need to outsource all your coding to Soviet Russia and just have the execs in the US" thing a year or so before that.
Getting in front of Art (Valhalla Partners), John (Updata Capital) or Mario (retired) isn't easy, so you'll most likely be talking to a follower, so you should understand how they see the world.
The fault here lies with broken HTTP implementations, not with the protocol or with interactions between compliant implementations. Taking just the first example from the paper, any implementation that receives 2 "Content-Length" headers should reject the request because it's an illegal format.
Content-Length: 0[CRLF] Content-Length: 44[CRLF]
is exactly the same as
Content-Length:0, 44
by the multiple-header rule (RFC 2616 sec. 4.2), but Content-Length doesn't allow multiple values (ibid sec. 14.13). In this example, both the proxy and the webserver are out of spec and should (at a minimum) discard the blue-and-purple request, and should probably close the connection and ignore the red request was well, since the body of a POST cannot be of indeterminate size.
Yes, Rexx has the "NoValue" condition for this situation. A veriable which has never been set has no value, and using it results in one of two things happening. By defualt, its value is its name in upper case. But if you've executed a "Signal on NoValue" instruction, it throws an exception instead, and execution continues at the label "NoValue" (case-insensitive, of course).
Professionally-coded Rexx applications always begin the same way:
Signal on Error
Signal on NoValue
... your code here...
thus ensuring that failing system commands and typos throw exceptions that can be handled out-of-line.
Curly braces are more readable? Hardly! And readability was a key factor in the design of Rexx. As Mike Cowlishaw wrote in his "The REXX Language" book:
If there is one concept that has dominated the evolution of REXX stntax, it is readability (used here in the sense of perceived legibility). Readbility in this sense is a rather subjective quality, but the genera; principle followed in REXX is that the tokens which form a program can be written much as one might write the in Western European languages (English, French, and so forth).
The other big deal in Rexx (Mike dropped the all-caps form years ago) design was what Mike called The Principle of Least Astonishment. That lead to some very key decisions, like having reserved words only be reserved in the correct context. When Java added the "enum" and "assert" keywords, programs that used those as symbols broke. When Rexx added the "with input" clause to the "address" instruction, nothing broke because symbols weren't previously permitted where "with input" went and "with" and "input" were only made reserved in that specific context.
Other similar user-focused issues abound. Rexx was designed by Mike Cowlishaw, but every new feature and syntax issue was discussed with and approved by the Rexx user community before being implemented and deployed. Thus there are very few parts of Rexx that users of the language don't like.
YAPS does indeed sync to the PC, and it does it the right way. The database is (of course) kept in an encrypted form on the Palm Pilot and is transmitted the same way to the PC during sync. No clear-text transmission, and no clear-text backup.
When your Palm Pilot eventually dies or is lost, you just re-sync and you've got your passwords back.
YAPS is free (as in beer), and MSB Engineering (the YAPS creators) has produced a cheap (US$9.99) shareware program to read the encrypted backups on your PC.
Have you read the MD5 vulnerability report? It's nothing like what's being reported here. There is, apparently, one known MD5 hash collision. Much of the follow-on hype has focused on the fact that you can create an infinite number of files that extend those two colliding files with identical data and get additional collisions, but that's the nature of any block-chaining cipher, including both MD5 and SHA-1. But unless you start with the two colliding files, you don't get the collision. And since the RIAA doesn't control the base file, this doesn't apply.
Slashdot Mirror
I've tried to use hprof on complex systems, and it just isn't up to the task. Try throwing a system that has a few hundred threads, a couple of databases, and a servlet container at it. hprof quickly loses track of what's going on and stops recording long before my first servlet gets control.
Sure, JRat is interesting, but I like the DeveloperWorks article's idea of taking the *exact* bytecode you'll be running and instrumenting it. Now if I can just figure out how to shoehorn it into Tomcat ...
Since the radio is the main battery draw of any phone
No, the transmitter is the main battery draw of any phone, or any portable radio system for that matter. Push saves battery life because the handheld device doesn't have to fire up the transmitter to find out there's nothing to do.
All it took was one little patent holding company to bring down a legitimate product used by millions of business users. Does NTP even make a product of their own? The main reason that I see this as a problem is pretty simple: software patents' shelf-lives are too long to do anything but make them a pay day for the lawyers.
I agree that software patents are bad for programmers, but this isn't a software patent case. And despite what some folks would have you believe, NTP isn't some patent troll. Yes, the guy who filed the patents in the first place is dead and it's his heirs who are pressing RIM for license fees, but hey - they're his heirs, they're entitled to whatever they inherited. Yes, NTP is an outfit formed to make money from "intellectual property" - but so are publishers, and we don't hate them.
As for having made a product, the original owner of the patent, Thomas Campana, did indeed attempt to use it. He built a company, he created products, he tried to make the business work. Like 90% of all new companies, he didn't succeed. But he realized that the technology he had created and patented had value to someone. He was absolutely correct about that - Nokia has bought licenses, and it looks like RIM will eventually have to also.
I don't know about you, but if I invented a better mousetrap (or hey - intermittant windshield wipers, the canonical patent infringement example) and died, I'd like my wife and kids to get paid for my work.
And you better with OSS because in this case you don't only have the exe but the source as well!
No, you aren't. In the case of a patent infringement problem, all the source gets you is an opportunity to be sued by the patent holder. And it's worse than that - at least here in the USA, you'd be subject to treble damages for knowingly violating the patent.
Sorry, couldn't resist :-)
There actually is a very good chance that the BlackBerry network will shut down. RIM's position seems to be that the only deal they can get from NTP is too costly, time-consuming, or whatever, and that they'd rather go down in flames.
If that's what RIM wants to do, that's what's gonna happen. And if they piss NTP off too much, it won't matter how deep their pockets are - NTP seems willing to deny RIM a patent license for spite.
Anyone who wishes to not have their code relicensed can contact Linus; and that portion of the code will have to be rewritten. It's that simple. Rewriting such portions will involve some work; but it certainly can be done.
One of the common misconceptions of the Free and Open Software worlds is this "we'll just rewrite it" idea. I'm glad to see you say "it will involve some work", because that's usually forgotten. For example, the replacement code needs to be written by someone who has never seen the "bad code" they'll be replacing. And the code that interfaces with the "bad code" may need to be rewritten in a similar clean-room manner, as it is possible that those interfaces were inspired by the "bad code" and are themselves a derived work.
Clean-room rewrites can be big, hairy deal, and moreso for smaller chunks of code that are tightly wired into their surrounding environments. It ain't rocket science, but it ain't no walk in the park neither.
I enjoyed the furlongs per fortnight example that the book provides: did you know that the speed of light in a vacuum is 1,802,617,499,785.253 furlongs per fortnight?
Abe: "The metric system is the tool of the devil! My car gets forty rods to the hogshead, and that's the way I likes it!"
In this case, though, "GNU/Linux®" isn't just overly wordy, it's incorrect. The advice is all about tuning the kernel's TCP stack, which is pure Linux®.
Part of the problem is that ICANN acts as if it was a sovereign body, or at least one with UN sponsorship. How would you feel some NGO sponsored by Iraq took the .US domain down and refused to assign it to the US Federal government? The .IQ situation is just one of the cases where ICANN has acted in a seemingly-arbitrary manner when dealing with supposedly-sovereign states. ICANN is absolutely begging for an intervention.
.BIZ, .TRAVEL, .XXX, that's the horse of a different color you've heard tell about. But then again, some of us Internet alte cockers think that there was never any need for more than .COM, .EDU, .MIL, and .ORG and that those shouldn't be US-centric.
There's just no way that ICANN should be involved at all in the delegation of the country-code domains. That's a task for a globally-accepted multi-lateral bureaucracy, like the ITU or ISO. Most of those organizations get their legitimacy from the UN, and ICANN doesn't want to go there.
Now
Seems like something you'd get on one of the "adult" channels
PS: A quick look at some fast Java code. (It is a bit dated but gives you some idea what I am talking about.)
Hmm ... that's a little archaic. The page complains about Java performance in JDK 1.1, and appears to be based on a site (http://www.cs.cmu.edu/~jch/java/optimization.html ) that hasn't been updated since 1998.
I would say 60% of the innovative new ideas in software over the last 7-8 years are coming from the open source java arena. Examples are Spring, Ant, JUnit, Hibernate, Maven, Struts, AspectJ, Cocoon. It's hard to point to any of these and claim it is a knockoff of something else.
You're kidding, right? Ant is a knockoff of Make in every way except for syntax. Ant's much-vaunted simplicity and Make's much-maligned complexity are in fact simply differences in age and maturity. The two are approximately equal in power and potential, and Ant will get worse as time goes by and it gets applied more often to larger and more complex systems.
The days of an "AutoAnt" build.xml-builder aren't here yet, but they're coming.
Nice catch on the typo - I obviously meant 1980s, not 1908s :-)
The whole idea behind the RFC system was that the documents, once published, are unchanging. Just like every standard ANSI and ISO publish. There can be and often are documents that revise the protocol, but that's the nature of the standards game and even the ISO does it. Despite common references to ISO standards by number, their proper names are ISO nnnnn:yyyy. For example, SGML is ISO 8879:1986, not ISO 8879, and it has been updated three times since it was issued, by ISO 8879:1986/Cor 1:1996, ISO 8879:1986/Cor 2:1999 and ISO 8879:1986/Amd 1:1988.
And "back in the day", if you didn't implement part of an RFC for a protocol you implemented, you got lambasted for it. Search around the net for the early 1908s discussions of the TCP Bakeoffs if you want to see how serious we were about it.
Good for the investors and execs, bad for everyone else who would rather have a job than a severence package.
If an acquisition brings you a severance package, you weren't contributing value to the company before it was sold. People who are important to a startup's business get brought forward, and should also be rewarded via stock options, etc. People who aren't important to a startup shouldn't have been hired in the first place - the startup phase is not the time to bring on folks you don't need.
Mmm... call who? That's the key issue. As I said, all the VCs and angels in the public eye are targetted toward minority groups of some sort.
You're not looking hard enough. None of the big VC funds are targeted at minority groups, and most angel groups (at least the ones that survived the 1998-2002 squeeze-out) are more industry-focused than Section 8a-focused.
If you don't know a VC personally, start by surfing the "About our company" and "Our Board of Directors" pages for companies that are in the same "area" as you (for whatever dimension of "area" you choose - industry, location, etc.). And check out the investment industry itself. Here on the right coast, there's the Mid Atlantic Venture Assocation (MAVA), which invites 50 companies to pitch to their 125 member firms at the MAVA Capital Connection every year.
Also, it helps to be doing something in China.
More generally, it helps to be doing something that's trendy. Most VCs aren't the business gurus they'd have you believe they are. After all, not every investor can be Art Marks, John Burton, or Mario Morino, just like not every programmer can be Steve Wozniak or (thank $DEITY) Charles Simonyi. The rest of them watch what the Big Dogs are doing, and try to do the same thing. Thus the "security is hot - are you a security company?" phase 12 to 24 months ago. Similarly the "you need to outsource all your coding to Soviet Russia and just have the execs in the US" thing a year or so before that.
Getting in front of Art (Valhalla Partners), John (Updata Capital) or Mario (retired) isn't easy, so you'll most likely be talking to a follower, so you should understand how they see the world.
The fault here lies with broken HTTP implementations, not with the protocol or with interactions between compliant implementations. Taking just the first example from the paper, any implementation that receives 2 "Content-Length" headers should reject the request because it's an illegal format.
is exactly the same as by the multiple-header rule (RFC 2616 sec. 4.2), but Content-Length doesn't allow multiple values (ibid sec. 14.13). In this example, both the proxy and the webserver are out of spec and should (at a minimum) discard the blue-and-purple request, and should probably close the connection and ignore the red request was well, since the body of a POST cannot be of indeterminate size.And to close the loop, IRC ("Internet Relay Chat") was quite inspired by RELAY. In fact, that's why IRC's middle name is "Relay".
Yes, Rexx has the "NoValue" condition for this situation. A veriable which has never been set has no value, and using it results in one of two things happening. By defualt, its value is its name in upper case. But if you've executed a "Signal on NoValue" instruction, it throws an exception instead, and execution continues at the label "NoValue" (case-insensitive, of course).
Professionally-coded Rexx applications always begin the same way:
Signal on ErrorSignal on NoValue
... your code here
thus ensuring that failing system commands and typos throw exceptions that can be handled out-of-line.
Curly braces are more readable? Hardly! And readability was a key factor in the design of Rexx. As Mike Cowlishaw wrote in his "The REXX Language" book:
The other big deal in Rexx (Mike dropped the all-caps form years ago) design was what Mike called The Principle of Least Astonishment. That lead to some very key decisions, like having reserved words only be reserved in the correct context. When Java added the "enum" and "assert" keywords, programs that used those as symbols broke. When Rexx added the "with input" clause to the "address" instruction, nothing broke because symbols weren't previously permitted where "with input" went and "with" and "input" were only made reserved in that specific context.Other similar user-focused issues abound. Rexx was designed by Mike Cowlishaw, but every new feature and syntax issue was discussed with and approved by the Rexx user community before being implemented and deployed. Thus there are very few parts of Rexx that users of the language don't like.
This integrated-SVG is planned for FireFox 1.1 and already available in Opera 8.
Closed-source software rules, at least sometimes :-)
YAPS does indeed sync to the PC, and it does it the right way. The database is (of course) kept in an encrypted form on the Palm Pilot and is transmitted the same way to the PC during sync. No clear-text transmission, and no clear-text backup. When your Palm Pilot eventually dies or is lost, you just re-sync and you've got your passwords back. YAPS is free (as in beer), and MSB Engineering (the YAPS creators) has produced a cheap (US$9.99) shareware program to read the encrypted backups on your PC.
Have you read the MD5 vulnerability report? It's nothing like what's being reported here. There is, apparently, one known MD5 hash collision. Much of the follow-on hype has focused on the fact that you can create an infinite number of files that extend those two colliding files with identical data and get additional collisions, but that's the nature of any block-chaining cipher, including both MD5 and SHA-1. But unless you start with the two colliding files, you don't get the collision. And since the RIAA doesn't control the base file, this doesn't apply.