The Architect is actually a skilled engineer that makes all the plans for the building. It takes a very long time to make those plans, too. Can be errors, and so on, which are worked out with the builders and the Architect and both know that.
The software idea is comparable to a building idea. "I want a 10 stories building on a tree", that's an idea. Architect is already at a "lower" level.
Well, it's all about having enough experience to balance between "spaghetti" code and "nice classes" and so on. I code a LOT in scripts because of the HUGE amount of time saved. But speed critical code (which is usually small) is usually in C or ASM. Size (memory) critical code is almost always in C, no script also.
I have a database application for example, which is 90% faster than our competition. It's 95% script. Most of the speed is gained by the smarter implementation, not by the optimization of a big bulldozer. It also has a lot less bugs since its a lot less code:)
They did specify they want to use shadow with MD5 here tho (and those are certainly salted). Not that it's all that advisable, it's just not as horrible as some maybe think.
You'll find dozen of matches and you won't know which one is the actual password if it's not dictionary based.
Just pick any match with characters enterable on the keyboard.
Which doesn't help finding the real password, if you have access to the hashes, you have most likely already compromised that system. So the point of being able to login is kinda moot. I did specify that.
Getting a file to match a checksum or a certificate to match a checksum is much more dangerous. You can upload a trojan and make it appear legitimate. You can forge a fake SSL certificate and make it appear legitimate.
It's actually not *that* bad. You can't actually remotely crack MD5 passwords.. or even plain text since you can't access them.
When you can access them it usually means the system is already fully compromised (not in all cases, but in most). Then, you'd better not be using the same password or key for several systems (Arnold S. says: big mistake.) Most don't even know, that you can capture plain text passwords from the SSH server when using password authentication, even with nice SHA2 passwords behind SSH. (using SSH keys and disabling password auth is highly recommended).
So having the passwords hashed with a good algorithm is always a plus, but it's not a big step up. It's quite a small one in fact. You see, even salted MD5 passwords are difficult to recover. You'll find dozen of matches and you won't know which one is the actual password if it's not dictionary based. (and even so, you can't use rainbow tables due to the salt, and it will still take a pretty long time).
Using MD5 is however MUCH worse when used as a security checksum: file checksum, certificate checksum etc. Because there's no salting, and there's no need to find the *original* data here.
You just need to make new data that has the same checksum. Much easier if the aglorithm is broken.
This later reason is actually the reason why MD5 (and to some level, SHA1) are truly broken and inadvisable.
A smart tyrant will stay in place forever. He dies, and leaves place to his son, a different person. Eventually he will fail, or the son's son, you never know. For example, the dark ages in Europe.
Likewise the rich and smart would always stay rich at the expense of other people, in general.
You can apply that at various different levels. Expand your view.
It's probably even part of evolution, just not at the physical level.
death is the only thing that prevents humans from creating greater damage than they already do. death regulates us.
it would be nice if our culture was less afraid of death and started to accept it - it's natural and part of everything. not that one should kill himself or suffer, or things like that, but eventually we all do die. in other civilizations death was not something they would fear, and they would live more happily regarding this.
if it does the above tasks well i don't see why not. it's not like if it was going to force reordering of what you need. But i'd like if it told me "eggs u put there 1 week ago are going to be bad tomorrow if u dont make them today" cause hey, we don't all always remember that stuff. I'm not saying i'd pay extra for it, but if it's there (and will eventually be there) then why not. Can always open the fridge and check everything inside if you prefer that.
We're playing nazi vs usa games since computer games exists, but the nazi ones can't wear the logo. Makes no sense to me to be honest.
I'm pretty sure it actually shocks some people that you can usually play the nazi side. Actually, it's called Axis instead, much more politically correct.
Yes sure the ones wearing it want to be "the axis side" - it doesn't mean they are nazi, it's a war game where you KILL people after all. If the axis had won the war, we'd probably be arguing about not being able to use the american, french, and whatever else flag because "it's bad" anyways.
Cause the next thing is "no you can't use that pair of boobs as logo" Then it is "no you can't use this skull as logo" Then it is "no you can't use something resembling a competing brand name as logo" Then it is "no you can't use the apple fruit as logo"
The was not to run this very game (Angry Birds) on a given platform. It's already running on all platforms, but they had to port it for each.
The point is to have such a popular game working equally well on all platforms via Mozilla's app store.
Not Angry Birds of course, it's pointless, but a game of the same level, it would mean any other such game would be written the same and be truly "write once run anywhere" (what java wanted to be)
Android has custom app stores, by the way, as long as your phone is not all locked up (= choose well what you buy, I've a SGS for example, and various non-Google app stores, all it took is one app to install)
Let's say that Mozilla would need to have an EXTREMELY good app store, that starts fast, have fast and good apps that works WELL everywhere.
Not half-assed polish, but really good stuff.. for this to work. That means if they were to release Angry Birds for it for example, it would work on w7, android, iOS, Symbian, Meego with no customization, and just as well as Angry Birds for iOS/Android (and the store would have to start "instant" no delay.)
Actually Linus lost track of many such things because too self centered or ego driven (which happens to most of us when you such success and things to deal with but anyways)
This very patch is a prime example, if it goes *default* in the kernel. It's a patch that favors *only* Linus's usage of linux: Browse the web while his kernel compiles. Now imagine you start your video from a tty (mplayer blah_1080p.avi) and it takes 95% cpu to be smooth, then you start your browser.. uho.
In BeOS I could^H^H^H *can* (haiku, too) start 5 videos on and old PC, browse the web and: - the browser is smooth like butter - the 5 videos are a bit choppy (no miracles but that the point) but they all run at the same speed
Now _that_ is what I want a desktop scheduler to be like.
With more criticism he could see that some would want this auto grouping option, but the majority wouldn't. Now what does that tell us? It tell us that it's _either_: A/ Not the best solution (i.e. our scheduler sux) B/ Grouping should be smarter or more easily configurable (it's currently configurable in the previous kernel version and can do just what this kernel patch does!)
What's cool is that Arch is actually pretty stable and works well, yet it's pretty bleeding edge (although to be honest this kernel will be in testing, not stable. probably in stable 2 weeks after 2.6.37 is released)
you dont have to be equal in everything. you may open the door and she may bring u a beer. that's a bit of a cliché but you know, it means you can do nice things and she can do nice things which are not necessarily the exact same thing. I hope that wasnt too confusing.
When I left home I could finally fart during dinner time and walk around naked in the morning. One of these had to go when a gf came around though. I should probably post that as anonymous but..:p
Afaik the Beagle XM decodes 1080p30, you might want to look into it.
For me, Gumstix size is required to be "pocketable". The Beagle is fine for tiny computers (but that doesn't fit in the pocket).
Might end up buying one of the 720p Android phones myself however, at the next generation in 2011 these phones will be cheaper, more reliable, use less power, be smaller, and more "open source" than the various boards doing 720p today.
Slashdot Mirror
That's not quite a good analogy.
The Architect is actually a skilled engineer that makes all the plans for the building. It takes a very long time to make those plans, too. Can be errors, and so on, which are worked out with the builders and the Architect and both know that.
The software idea is comparable to a building idea. "I want a 10 stories building on a tree", that's an idea. Architect is already at a "lower" level.
Well, it's all about having enough experience to balance between "spaghetti" code and "nice classes" and so on.
I code a LOT in scripts because of the HUGE amount of time saved. But speed critical code (which is usually small) is usually in C or ASM.
Size (memory) critical code is almost always in C, no script also.
I have a database application for example, which is 90% faster than our competition. It's 95% script. Most of the speed is gained by the smarter implementation, not by the optimization of a big bulldozer. It also has a lot less bugs since its a lot less code :)
They did specify they want to use shadow with MD5 here tho (and those are certainly salted). Not that it's all that advisable, it's just not as horrible as some maybe think.
Nice bullets M. Lupin ! :)
You'll find dozen of matches and you won't know which one is the actual password if it's not dictionary based.
Just pick any match with characters enterable on the keyboard.
Which doesn't help finding the real password, if you have access to the hashes, you have most likely already compromised that system. So the point of being able to login is kinda moot. I did specify that.
Getting a file to match a checksum or a certificate to match a checksum is much more dangerous.
You can upload a trojan and make it appear legitimate. You can forge a fake SSL certificate and make it appear legitimate.
It's actually not *that* bad. You can't actually remotely crack MD5 passwords.. or even plain text since you can't access them.
When you can access them it usually means the system is already fully compromised (not in all cases, but in most).
Then, you'd better not be using the same password or key for several systems (Arnold S. says: big mistake.)
Most don't even know, that you can capture plain text passwords from the SSH server when using password authentication, even with nice SHA2 passwords behind SSH. (using SSH keys and disabling password auth is highly recommended).
So having the passwords hashed with a good algorithm is always a plus, but it's not a big step up. It's quite a small one in fact. You see, even salted MD5 passwords are difficult to recover. You'll find dozen of matches and you won't know which one is the actual password if it's not dictionary based. (and even so, you can't use rainbow tables due to the salt, and it will still take a pretty long time).
Using MD5 is however MUCH worse when used as a security checksum: file checksum, certificate checksum etc. Because there's no salting, and there's no need to find the *original* data here.
You just need to make new data that has the same checksum. Much easier if the aglorithm is broken.
This later reason is actually the reason why MD5 (and to some level, SHA1) are truly broken and inadvisable.
then die with it, natural selection will avoid it in the future *cough* ;-)
(kidding)
You don't see it at the right level.
A smart tyrant will stay in place forever. He dies, and leaves place to his son, a different person. Eventually he will fail, or the son's son, you never know. For example, the dark ages in Europe.
Likewise the rich and smart would always stay rich at the expense of other people, in general.
You can apply that at various different levels. Expand your view.
It's probably even part of evolution, just not at the physical level.
Well, I don't wanna make babies, I just wanna fuck. That should work with immortality right?!
death is the only thing that prevents humans from creating greater damage than they already do. death regulates us.
it would be nice if our culture was less afraid of death and started to accept it - it's natural and part of everything. not that one should kill himself or suffer, or things like that, but eventually we all do die. in other civilizations death was not something they would fear, and they would live more happily regarding this.
if it does the above tasks well i don't see why not. it's not like if it was going to force reordering of what you need. But i'd like if it told me "eggs u put there 1 week ago are going to be bad tomorrow if u dont make them today" cause hey, we don't all always remember that stuff.
I'm not saying i'd pay extra for it, but if it's there (and will eventually be there) then why not. Can always open the fridge and check everything inside if you prefer that.
We're playing nazi vs usa games since computer games exists, but the nazi ones can't wear the logo. Makes no sense to me to be honest.
I'm pretty sure it actually shocks some people that you can usually play the nazi side. Actually, it's called Axis instead, much more politically correct.
Yes sure the ones wearing it want to be "the axis side" - it doesn't mean they are nazi, it's a war game where you KILL people after all.
If the axis had won the war, we'd probably be arguing about not being able to use the american, french, and whatever else flag because "it's bad" anyways.
Cause the next thing is "no you can't use that pair of boobs as logo"
Then it is "no you can't use this skull as logo"
Then it is "no you can't use something resembling a competing brand name as logo"
Then it is "no you can't use the apple fruit as logo"
Computers make this kind of stuff extremely easy.
So complaining at the first stage makes sense.
It sounds like there's going to be lengthy lawsuits lasting a decade or more and that the companies have reason to sue -- good reason.
They aren't going to collect. China is a sovereign nation and can as a result do whatever it wants. That trumps justice in this age.
I'm not sure in which age it did not.
The point was not* :(
Damn me
The was not to run this very game (Angry Birds) on a given platform. It's already running on all platforms, but they had to port it for each.
The point is to have such a popular game working equally well on all platforms via Mozilla's app store.
Not Angry Birds of course, it's pointless, but a game of the same level, it would mean any other such game would be written the same and be truly "write once run anywhere" (what java wanted to be)
Android has custom app stores, by the way, as long as your phone is not all locked up (= choose well what you buy, I've a SGS for example, and various non-Google app stores, all it took is one app to install)
Let's say that Mozilla would need to have an EXTREMELY good app store, that starts fast, have fast and good apps that works WELL everywhere.
Not half-assed polish, but really good stuff.. for this to work. That means if they were to release Angry Birds for it for example, it would work on w7, android, iOS, Symbian, Meego with no customization, and just as well as Angry Birds for iOS/Android (and the store would have to start "instant" no delay.)
And I'm not sure they can deliver that.
Yeah I do like their view on this. Much more efficient. Debian would be the sharp opposite ;)
Cause you can patch BFS in anyway? :)
Actually Linus lost track of many such things because too self centered or ego driven (which happens to most of us when you such success and things to deal with but anyways)
This very patch is a prime example, if it goes *default* in the kernel.
It's a patch that favors *only* Linus's usage of linux: Browse the web while his kernel compiles. Now imagine you start your video from a tty (mplayer blah_1080p.avi) and it takes 95% cpu to be smooth, then you start your browser.. uho.
In BeOS I could^H^H^H *can* (haiku, too) start 5 videos on and old PC, browse the web and:
- the browser is smooth like butter
- the 5 videos are a bit choppy (no miracles but that the point) but they all run at the same speed
Now _that_ is what I want a desktop scheduler to be like.
With more criticism he could see that some would want this auto grouping option, but the majority wouldn't. Now what does that tell us?
It tell us that it's _either_:
A/ Not the best solution (i.e. our scheduler sux)
B/ Grouping should be smarter or more easily configurable (it's currently configurable in the previous kernel version and can do just what this kernel patch does!)
What's cool is that Arch is actually pretty stable and works well, yet it's pretty bleeding edge (although to be honest this kernel will be in testing, not stable. probably in stable 2 weeks after 2.6.37 is released)
I'd just point out that the kernel is GPLv2 btw :) Slight differences here and thee although not really for that case.
you dont have to be equal in everything.
you may open the door and she may bring u a beer. that's a bit of a cliché but you know, it means you can do nice things and she can do nice things which are not necessarily the exact same thing. I hope that wasnt too confusing.
true that:p
When I left home I could finally fart during dinner time and walk around naked in the morning. :p
One of these had to go when a gf came around though.
I should probably post that as anonymous but..
Afaik the Beagle XM decodes 1080p30, you might want to look into it.
For me, Gumstix size is required to be "pocketable". The Beagle is fine for tiny computers (but that doesn't fit in the pocket).
Might end up buying one of the 720p Android phones myself however, at the next generation in 2011 these phones will be cheaper, more reliable, use less power, be smaller, and more "open source" than the various boards doing 720p today.