Actually, you're wrong about analog. There's absolutely no reason why software can't generate an exactly identical waveform to what your analog deal will generate. The only difference is teh sound card and speakers. In the case of the sound card there are better professional ones and speakers...just get decent onees.
What I'm wondering is, what really differentiates keyboards nowadays? Sure, you can slap on a pretty interface an dall, but the music you make will still sound the same won't it? Isn't there open source software that can replicate all the same stuff? I can understand how it was years ago, with crappier sound technology and slower computers, but not now. I remember a "learning keyboard" thing for the mac years ago, can't remember what it was called, but surely that and all the korg stuff can be replicated perfectly?
To add: This is like translating a translation of a translation of a translation...
Try translating something from language A->language B. Now translate it from language B->C. Now translate language C->A. It's something different. Now rinse, wash and repeat a million times. It just doesn't work.
How incredibly naive... It's supposed to be an intermediary for different languages? If we pretend (in magical happy ideals land) that languages all have equivalent constructs (which they DON'T), it's still a horrible idea. This means people need to write new parsers for all these languages to convert to/from XML in some undoubtedly grotesquely complex XML based language. Yes, new parsers, because existing ones are made to translate to machine or some other non-equivalent code. It's far from a simple modification.
On to the equivalent constructs thing. What you are proposing is silly for this reason alone. In order to make code work, you need to take the incompatible construct and translate it into so much more complex combination of simple code chunks. Then, when you translate back to the original language again, it will show up as the complex code, not the original incompatible construct. The reason for this is the same reason that decompilers can't properly generate the original code. That's what this is--a combination of an "XML code generator" and a decompiler. Decompilers have failed miserably.
This is not to mention the fact that intermediate languages like Java byte code and MSIL have been worked on for a long time, and they still haven't got it right. XML is not going to magically fix JACK SHIT.
Lastly, people have been trying to come up with good refactoring software for decades and it's still sub-par. That's because, as I said, these people at BEST, have some exist open source compiler to start from, but even then it's a huge pain. Have you seen how grotesquely ugly gcc is? The most you can take from it are it's grammar files, everything else is incomprehensible junk unless you've spent quite a while studying gcc.
Maybe I'm missing something here, but what prevents a MITM attack? Mallory pretends to be Bob, gets the bits from Alice and sends back which bits he read using which method. Alice tells him and *boom* he has the entire message. Mallory then starts a completely NEW quantum connection with Bob and repeats the message (possibly altered) sent to Mallory.
With public key crypto, you have the advantage of having a public key you know belongs to a certain p erson. With this, you just know that it's some person on the other end, but you don't know who it is. How are we doing unique identification? I don't see how it's possible without relying on something crackable (password/key/etc...)
The website is currently displaying this:
Our data center (Internap) lost all its power, including redundant backup power, for some unknown reason. (unknown to me, at least) We're currently dealing with bringing our 100+ servers back online. Not fun. We're not happy about this. Sorry...:-/ More details later.
Update #1, 7:35 pm PST: we're up on 'dirty' power for now (it works, but it's unreliable), and we're working to assess the state of the databases. The worst thing we could do right now is rush the site up in an unreliable state. We're checking all the hardware and data, making sure everything's consistent. Where it's not, we'll be restoring from recent backups and replaying all the changes since that time, to get to the current point in time, but in good shape. We'll be providing more technical details later, for those curious, on the power failure (when we learn more), the database details, and the recovery process. For now, please be patient. We'll be working all weekend on this if we have to.
If you want to get technical, neither of those are kernel exploits. NT is a microkernel, despite what people may think and it's doubtful you could find any such exploit anyway.
Damn, this is a sad reflection of Slashdot. I give a perfectly logical refutation and the zealous comment stays higher ranked. Not to mention me getting labelled as a troll for being a dissenter.
I'd like to see ONE, just ONE, reasonable explanation of why this "extremely critical" vulnerability warrants alarmism and WHY MS deserves to be so heavily bashed. Spare me the disconfirmation bias and apply equal standards to all vendors. This is just another vulnerability, one that doesn't apply to most and is easily fixed. Yeah, that that warrants MOMGMSISSOEINSECUREWTFLOLZ@!!!!!!
Well you're right, I should expect slashdot to be alarmist. I mean God forbid Slashdot accurately report something concerning Microsoft. They could have said "easily fixed vulnerability affects only SP2." But no, that wouldn't allow them to feed into their zealotry.
That's the most retarded logic ever. On the one hand, you're going to say people are stupid and don't patch their systems. Then you're going to assume that most people upgraded to SP2? Please. Most people are not going to be running SP2, so don't give me that load of bull.
I just tested on IE6 SP1 which hasn't been patched for a year or so and the DEFAULT SECURITY SETTINGS prevented the exploit from running. Microsoft wins, moronic linux zealots who have no idea what they're talking about lose. Really, are you going to fault a company for the default security settings, the settings which most people have set, for WORKING PROPERLY?
This IS a great thing, it's called a trusted path. This is a security concept that's been around for a long time, but isn't widely implemented. You may be familiar with another trusted path mechanism in windows, the log in screen. It requires you to hit CTRL-ALT-DELETE to login, this is done to prevent fake login programs from fooling users.
Shouldn't they be concentrating on other things, such as actual security vulnerabilities? Seems like they're trying to say "look we're paying attention to security!" without actually doing anything that is effective...
Trusted path mechanisms are a requirement to get the NSA B2 certification for an OS (see urls below), and it most definently is an effective security measure. This may not be terribly relevant to your average user, but to someone dealing with highly confidential information on a computer it is. This feature prevents a) fake windows/programs from giving out false information under the guise of a trusted program, b) fake windows/programs from getting a user to enter sensitive data by posing as a legitimate form for sensitive data entry.
why not use a feature found on nearly every OS and that most end users will recognize - in this case, the lock symbol that indicates whether you're on a secure site or not.
Probably because a lock symbol would be totally useless. Any fake window can easily draw a lock symbol, thus defeating the mechanism.
Don't you know the meaning of "innovation"? it means "we copy other peoples stuff and put our own name on it".
Of course, I totally concur! When Apple 'innovated' Mac OS X they copied "other peoples stuff" from Mach and BSD, isn't it nice to see so much "innovation" in the tech industry today?
(Sure, mod me down. Anti-Apple jokes are bad, especially when they counter an anti-Microsoft one.)
Pehaps you have heard of a VHDL simulator called Modelsim?
Yes, I've used ModelSim on HP-UX *gag*. What I was pointing out in my original post (aside from the talk about open source EDA tools) is that the ML300 development kit doesn't include any VHDL/FPGA tools for Linux. Looking at Xilinx's site again it appears even the non-Linux suite (ISE) is just an evalutation. It's a bit odd though that the included ISE suite doesn't include linux evaluation versions (maybe they just never created an eval for Linux?).
Anyway, if you want to play with the FPGA, you have to fork over another $1500 for ISE which includes ModelSim XE II Starter Kit, then an additional $945 if you want ModelSim XE II full version.
System Requirements: Microsoft Windows NT 4.0 (SP4), Windows 2000, Sun Solaris 2.7/5.7* or 2.8/5.8, Solaris 2.7/5.7
Bwahahaha, no development tools for linux, suckers! Seriously though there is a severe lack of decent open source EDA tools unfortunatly. There are a few that exist yes, but they are of very low quality or are very slow developing (some vaporware?). Yes, I know, now a bunch of you will go google now, find a bunch of open source EDA tools you've never used, and try to prove me wrong (I'm guesing the vast majority here don't even use EDA tools anyway).
It would be nice if someone tried to organize the different open source EDA projects together as there seems to be disjointed, repeat work out there (and some seem to be going nowhere so they need someone to give them a good kick in the rear).
<rant>Also a bunch of projects advertise that they are trying to create their EDA tool(s) for linux, I mean WTF is up with that? Seriously, I hate to rant but this really deserves it. What's with all the idiots creating linux specific open source projects when they do absolutely nothing that would need linux specifically. People doing that should be shot, if you gave the slightest bit about portability would at least target *nix.</rant>
Anyway, this is harder than it seems, as it is more than just a technical effort (the technical aspect being difficult enough as it is). There needs to be good "managers" and PR type people to organize and advocate this project, so it's not just a bunch of random momos submitting code on occasion that may or may not work with the rest of the program.
This kind ofstuff is great. Appletakes advantage of open protocols like webDAV to implement their services, and they'll still make lots of money off of.Mac.
I agree. This kind ofstuff is great. Microsofttakes advantage of open protocols like webDAV to implement their services, and they'll still makes lots of money off of Hotmail.
Microsoft has been using WebDAV for Hotmail for years (that's how it's retrieved in Outlook), god forbid someone congratulate Microsoft...
Predict high order human behaviors and thought processes by analyzing EEG with some other special herbs and spices thrown in for good measure?
Actually it will to a certain extent. Specific brainwaves have already been identified in past years that are associated with certain coginitive processes. For example, there is a specific brainwave generated when someone identifies/recognizes something (like being shown a picture of a relatives face). You could use a combination of known specific brainwaves to identify the emotional states of people. This technology has been in development for quite some time. Likewise, the monitoring of facial expressions and eye movements are added into the mix. There is a term called (iirc) a "microexpression" which is a split second, small facial and/or eye movement. These microexpressions have been emperically shown to indicate whether or not someone is lying, and could likely be used to help identify other emotional states. It is possible to suppress these microexpressions if you are a well practiced or natural liar (about 5% of the population is composed of natural liars), but it is certainly better than nothing.
The article Decoding Minds, Foiling Adversaries mentions how there are already technologies to identify different types of thoughts using EEGs. It also explains that it's possible to get an EEG reading with one electrode, or with a dome placed above a person's ahead at airport security. It's a bit naive to assume that you can't read brainwaves without direct physical contact, simply because of personal experience with standard EEG equipment considering that we're dealing with more cutting edge research here (with obviously more sophisiticed/sensitive equipment).
First off, I just to need to reiterated that RISC stands for (Reduced Instruction) set not (Reduced Instruction set).
Reduced Instruction Set Computer, oops?
With CISC complex instruction, often 1 long to execute instructive can get into the chip, and halt everything until it finishes. I believe this is why overclockers get burned. But with RISC commands, the chip is able to quickly handle each one, and on most modern achitectures it is able to handle 3-4 RISC commands at the same time.
1 CISC instruction functions as several RISC instructions, so that's not relevant. As for handling several instructions at the same time, the same applies for CISC (thats a cpu specific thing). With MMX and SSE in the Pentium family, you can do multiple mathematical operations simulatenously. Also, it's not like x86 has only one pipeline, like you're making it out to be.
I believe the chip dymanically assumes and tries to optimize the best use of those 40 from 8 by looking ahead, but it *might* occur in the compiler, but that seems less likely. Either way, the coder is only able to access the 8(AIX, BIX... etc...)
It's the compilers job to make optimal use of the reigisters... Anyway, AIX is a register? Could have sworn it was something else and that you really meant EAX, EBX, etc...
If the same register is being used for many commands, but the output of one command is not needed for a future command that uses the same register, the chip will switch the future command to use a different register. So mastery of assembly does not guarentee more faster programs, one also needs to know what chip they are working on, and how it will attempt to optimize the code.
The compiler does such optimizations, it decides what the registers are going to be used for, unless you have some super intelligent chip with a built in optimizing compiler. Mastery of assembly DOES guarantee faster programs, if one doesn't know how to optimize for the chip well they are working on, obviously they don't have mastery of it. You speak as if the chip as if it were an optmizing compiler, it's not. It does try to do things to speed things up, like with branch prediction, but not to the extent you're implying. Anyway, someone with mastery of assembly will write code so that the optimizations the chip can do, will work out well (i.e. write it so the branch prediction part of it does predict correctly [no miss!])..
Slashdot Mirror
Actually, you're wrong about analog. There's absolutely no reason why software can't generate an exactly identical waveform to what your analog deal will generate. The only difference is teh sound card and speakers. In the case of the sound card there are better professional ones and speakers...just get decent onees.
What I'm wondering is, what really differentiates keyboards nowadays? Sure, you can slap on a pretty interface an dall, but the music you make will still sound the same won't it? Isn't there open source software that can replicate all the same stuff? I can understand how it was years ago, with crappier sound technology and slower computers, but not now. I remember a "learning keyboard" thing for the mac years ago, can't remember what it was called, but surely that and all the korg stuff can be replicated perfectly?
Wow that's very informative, thanks for that. I'm going to go around telling everyone this so you get in trouble, lol ;-P
To add: This is like translating a translation of a translation of a translation... Try translating something from language A->language B. Now translate it from language B->C. Now translate language C->A. It's something different. Now rinse, wash and repeat a million times. It just doesn't work.
How incredibly naive... It's supposed to be an intermediary for different languages? If we pretend (in magical happy ideals land) that languages all have equivalent constructs (which they DON'T), it's still a horrible idea. This means people need to write new parsers for all these languages to convert to/from XML in some undoubtedly grotesquely complex XML based language. Yes, new parsers, because existing ones are made to translate to machine or some other non-equivalent code. It's far from a simple modification.
On to the equivalent constructs thing. What you are proposing is silly for this reason alone. In order to make code work, you need to take the incompatible construct and translate it into so much more complex combination of simple code chunks. Then, when you translate back to the original language again, it will show up as the complex code, not the original incompatible construct. The reason for this is the same reason that decompilers can't properly generate the original code. That's what this is--a combination of an "XML code generator" and a decompiler. Decompilers have failed miserably.
This is not to mention the fact that intermediate languages like Java byte code and MSIL have been worked on for a long time, and they still haven't got it right. XML is not going to magically fix JACK SHIT.
Lastly, people have been trying to come up with good refactoring software for decades and it's still sub-par. That's because, as I said, these people at BEST, have some exist open source compiler to start from, but even then it's a huge pain. Have you seen how grotesquely ugly gcc is? The most you can take from it are it's grammar files, everything else is incomprehensible junk unless you've spent quite a while studying gcc.
Maybe I'm missing something here, but what prevents a MITM attack? Mallory pretends to be Bob, gets the bits from Alice and sends back which bits he read using which method. Alice tells him and *boom* he has the entire message. Mallory then starts a completely NEW quantum connection with Bob and repeats the message (possibly altered) sent to Mallory. With public key crypto, you have the advantage of having a public key you know belongs to a certain p erson. With this, you just know that it's some person on the other end, but you don't know who it is. How are we doing unique identification? I don't see how it's possible without relying on something crackable (password/key/etc...)
Aside from the 83 plus, the regular versions are a lot more common. Your critcism is unfounded.
That's not going to prevent paranoid morons from blaming it on Six Apart though...
Update #1, 7:35 pm PST: we're up on 'dirty' power for now (it works, but it's unreliable), and we're working to assess the state of the databases. The worst thing we could do right now is rush the site up in an unreliable state. We're checking all the hardware and data, making sure everything's consistent. Where it's not, we'll be restoring from recent backups and replaying all the changes since that time, to get to the current point in time, but in good shape. We'll be providing more technical details later, for those curious, on the power failure (when we learn more), the database details, and the recovery process. For now, please be patient. We'll be working all weekend on this if we have to.
Why are you mirroring an MSNBC Article? They have tons of bandiwdth. You ARE karma whoring, moderate this down.
If you want to get technical, neither of those are kernel exploits. NT is a microkernel, despite what people may think and it's doubtful you could find any such exploit anyway.
Damn, this is a sad reflection of Slashdot. I give a perfectly logical refutation and the zealous comment stays higher ranked. Not to mention me getting labelled as a troll for being a dissenter.
I'd like to see ONE, just ONE, reasonable explanation of why this "extremely critical" vulnerability warrants alarmism and WHY MS deserves to be so heavily bashed. Spare me the disconfirmation bias and apply equal standards to all vendors. This is just another vulnerability, one that doesn't apply to most and is easily fixed. Yeah, that that warrants MOMGMSISSOEINSECUREWTFLOLZ@!!!!!!
Well you're right, I should expect slashdot to be alarmist. I mean God forbid Slashdot accurately report something concerning Microsoft. They could have said "easily fixed vulnerability affects only SP2." But no, that wouldn't allow them to feed into their zealotry.
That's the most retarded logic ever. On the one hand, you're going to say people are stupid and don't patch their systems. Then you're going to assume that most people upgraded to SP2? Please. Most people are not going to be running SP2, so don't give me that load of bull.
I just tested on IE6 SP1 which hasn't been patched for a year or so and the DEFAULT SECURITY SETTINGS prevented the exploit from running. Microsoft wins, moronic linux zealots who have no idea what they're talking about lose. Really, are you going to fault a company for the default security settings, the settings which most people have set, for WORKING PROPERLY?
This IS a great thing, it's called a trusted path. This is a security concept that's been around for a long time, but isn't widely implemented. You may be familiar with another trusted path mechanism in windows, the log in screen. It requires you to hit CTRL-ALT-DELETE to login, this is done to prevent fake login programs from fooling users.
h tml
Shouldn't they be concentrating on other things, such as actual security vulnerabilities? Seems like they're trying to say "look we're paying attention to security!" without actually doing anything that is effective...
Trusted path mechanisms are a requirement to get the NSA B2 certification for an OS (see urls below), and it most definently is an effective security measure. This may not be terribly relevant to your average user, but to someone dealing with highly confidential information on a computer it is. This feature prevents a) fake windows/programs from giving out false information under the guise of a trusted program, b) fake windows/programs from getting a user to enter sensitive data by posing as a legitimate form for sensitive data entry.
http://www.radium.ncsc.mil/tpep/epl/epl-by-class.
http://www.astrolox.com/libraryc/orange.html
why not use a feature found on nearly every OS and that most end users will recognize - in this case, the lock symbol that indicates whether you're on a secure site or not.
Probably because a lock symbol would be totally useless. Any fake window can easily draw a lock symbol, thus defeating the mechanism.
Don't you know the meaning of "innovation"? it means "we copy other peoples stuff and put our own name on it".
Of course, I totally concur! When Apple 'innovated' Mac OS X they copied "other peoples stuff" from Mach and BSD, isn't it nice to see so much "innovation" in the tech industry today?
(Sure, mod me down. Anti-Apple jokes are bad, especially when they counter an anti-Microsoft one.)
Pehaps you have heard of a VHDL simulator called Modelsim?
Yes, I've used ModelSim on HP-UX *gag*. What I was pointing out in my original post (aside from the talk about open source EDA tools) is that the ML300 development kit doesn't include any VHDL/FPGA tools for Linux. Looking at Xilinx's site again it appears even the non-Linux suite (ISE) is just an evalutation. It's a bit odd though that the included ISE suite doesn't include linux evaluation versions (maybe they just never created an eval for Linux?).
Anyway, if you want to play with the FPGA, you have to fork over another $1500 for ISE which includes ModelSim XE II Starter Kit, then an additional $945 if you want ModelSim XE II full version.
System Requirements: Microsoft Windows NT 4.0 (SP4), Windows 2000, Sun Solaris 2.7/5.7* or 2.8/5.8, Solaris 2.7/5.7
Bwahahaha, no development tools for linux, suckers! Seriously though there is a severe lack of decent open source EDA tools unfortunatly. There are a few that exist yes, but they are of very low quality or are very slow developing (some vaporware?). Yes, I know, now a bunch of you will go google now, find a bunch of open source EDA tools you've never used, and try to prove me wrong (I'm guesing the vast majority here don't even use EDA tools anyway).
It would be nice if someone tried to organize the different open source EDA projects together as there seems to be disjointed, repeat work out there (and some seem to be going nowhere so they need someone to give them a good kick in the rear).
<rant>Also a bunch of projects advertise that they are trying to create their EDA tool(s) for linux, I mean WTF is up with that? Seriously, I hate to rant but this really deserves it. What's with all the idiots creating linux specific open source projects when they do absolutely nothing that would need linux specifically. People doing that should be shot, if you gave the slightest bit about portability would at least target *nix.</rant>
Anyway, this is harder than it seems, as it is more than just a technical effort (the technical aspect being difficult enough as it is). There needs to be good "managers" and PR type people to organize and advocate this project, so it's not just a bunch of random momos submitting code on occasion that may or may not work with the rest of the program.
Ok, lets see if I've been hacked...
$ md5
d41d8cd98f00b204e9800998ecf8427e
So I put d41d8cd98f00b204e9800998ecf8427e in the search engine and it came up with 560 hits (compared with 3170 from google).
That's because d41d8cd98f00b204e9800998ecf8427e is the md5 of an empty file, and not suprisingly there are a lot of empty files.
This kind ofstuff is great. Appletakes advantage of open protocols like webDAV to implement their services, and they'll still make lots of money off of .Mac.
I agree. This kind ofstuff is great. Microsofttakes advantage of open protocols like webDAV to implement their services, and they'll still makes lots of money off of Hotmail.
Microsoft has been using WebDAV for Hotmail for years (that's how it's retrieved in Outlook), god forbid someone congratulate Microsoft...
Predict high order human behaviors and thought processes by analyzing EEG with some other special herbs and spices thrown in for good measure?
Actually it will to a certain extent. Specific brainwaves have already been identified in past years that are associated with certain coginitive processes. For example, there is a specific brainwave generated when someone identifies/recognizes something (like being shown a picture of a relatives face). You could use a combination of known specific brainwaves to identify the emotional states of people. This technology has been in development for quite some time. Likewise, the monitoring of facial expressions and eye movements are added into the mix. There is a term called (iirc) a "microexpression" which is a split second, small facial and/or eye movement. These microexpressions have been emperically shown to indicate whether or not someone is lying, and could likely be used to help identify other emotional states. It is possible to suppress these microexpressions if you are a well practiced or natural liar (about 5% of the population is composed of natural liars), but it is certainly better than nothing.
The article Decoding Minds, Foiling Adversaries mentions how there are already technologies to identify different types of thoughts using EEGs. It also explains that it's possible to get an EEG reading with one electrode, or with a dome placed above a person's ahead at airport security. It's a bit naive to assume that you can't read brainwaves without direct physical contact, simply because of personal experience with standard EEG equipment considering that we're dealing with more cutting edge research here (with obviously more sophisiticed/sensitive equipment).
First off, I just to need to reiterated that RISC stands for (Reduced Instruction) set not (Reduced Instruction set).
Reduced Instruction Set Computer, oops?
With CISC complex instruction, often 1 long to execute instructive can get into the chip, and halt everything until it finishes. I believe this is why overclockers get burned. But with RISC commands, the chip is able to quickly handle each one, and on most modern achitectures it is able to handle 3-4 RISC commands at the same time.
1 CISC instruction functions as several RISC instructions, so that's not relevant. As for handling several instructions at the same time, the same applies for CISC (thats a cpu specific thing). With MMX and SSE in the Pentium family, you can do multiple mathematical operations simulatenously. Also, it's not like x86 has only one pipeline, like you're making it out to be.
I believe the chip dymanically assumes and tries to optimize the best use of those 40 from 8 by looking ahead, but it *might* occur in the compiler, but that seems less likely. Either way, the coder is only able to access the 8(AIX, BIX... etc...)
It's the compilers job to make optimal use of the reigisters... Anyway, AIX is a register? Could have sworn it was something else and that you really meant EAX, EBX, etc...
If the same register is being used for many commands, but the output of one command is not needed for a future command that uses the same register, the chip will switch the future command to use a different register. So mastery of assembly does not guarentee more faster programs, one also needs to know what chip they are working on, and how it will attempt to optimize the code.
The compiler does such optimizations, it decides what the registers are going to be used for, unless you have some super intelligent chip with a built in optimizing compiler. Mastery of assembly DOES guarantee faster programs, if one doesn't know how to optimize for the chip well they are working on, obviously they don't have mastery of it. You speak as if the chip as if it were an optmizing compiler, it's not. It does try to do things to speed things up, like with branch prediction, but not to the extent you're implying. Anyway, someone with mastery of assembly will write code so that the optimizations the chip can do, will work out well (i.e. write it so the branch prediction part of it does predict correctly [no miss!])..