yeah, i hate ads too, but like them or not they pay for the web.
if you wanted to gain a large slice of online revenue, you could:
1) create your own, closed platform 2) entice content creators to your platform by banning non-compliant software 2) effectively ban other ad publishers from using that platform, forcing advertisers to go through you 3) make it hard for web publishers to make money by adding ad- to the platform's web browser.
you may want to get it back. but you're not going to get the DoD grants back to pay for it.
trust me, it'll become the digital version of the survivalist militia. a place where copyright and anti-terrorism laws are regularly broken. the media companies and law enforcement (they will have merged into a single entity by then) will lobby to have it shut down.
i hate to sound like Kyle Reese, but this is how it happens:
July 2010, Apple adds ad-blocking to WebKit.
it makes its way slowly into most popular web browsers cutting off the revenue stream for content publishers on the internet.
those publishers make a move onto one of several closed platforms originally designed for mobile platforms.
after an initial intense fight, a single closed platform dominates. the others fade away.
internet use drops significantly. only free content is available on it, and the mainstream views it increasingly as a refuge for subversives. most households disconnect.
April 3rd, 2017: the internet backbone is shut down.
premium content and visiting traffic moves predominantly to the closed platform.
Secondly, if your String.equals() function is returning immediately on compare failure, the attacker can still use the timing method to reconstruct the hash of the password without gaining access to your database.
i don't think this is true for most (read: any half-decent) hash functions. changing a single bit in the input will radically change the output, and therefore radically change the length of the common prefix.
yeah, they stated that they wiped the drive with zeros using DiskUtility. given that OSX doesn't support TRIM, that would mean that EVERY page is dirty, thus EVERY write requires a read-merge-write cycle, and thus the performance would never degrade since it's already as shitty as it can possibly get. maybe if they'd TRIMmed the whole drive with a decent OS and started from there without zeroing they'd have gotten significantly different results.
but ASLR doesn't affect basic blocks. relative jumps remain untouched, ASLR only affects the base address of loaded modules which are fixed up by the loader. even without ASLR the base address of a DLL isn't guaranteed to be the address that's requested. historically, a DLL can request a preferred base address, but the loader may chose not to load at that address (for example, if something else is already loaded at that address). the only downside to ASLR here is that load-time fixups MUST be applied because, in general, the DLL will NOT be loaded at the requested base address. it used to be that you could optimize the base addresses of the DLLs loaded by your application (using LINK.exe/BASE: ) in such a way as to (almost) guarantee that the DLLs would load at their preferred address and the loader would be able to skip the fixup step. however, processor speed and shared-code pages have made this optimization largely insignificant.
as far as JITed code is concerned, the OS makes no significant guarantees about the location of the memory returned by VirtualAlloc. even with ASLR disabled, two consecutive runs of a JIT on the same machine may well result in code residing in different locations.
why does ASLR complicate debugging? as long as your dumps contain the relocation info and your debugger is aware of it there shouldn't be any problem. wefault, adplus, windbg & visual studio are all ASLR-aware.
DEP was first available in XP SP 2 beta, which was available to developers by the start of 2004. that's over 6 years ago. how much testing does one need?
Is the video tag in HTML5 a kludge? I don't care. Is it more an ideal than a practical implementation? I don't care. Can it compete with a commercial product that has been an accepted part of the web for over 10 years now? I don't care. Is it poorly implemented in most modern browsers, with no agreed upon video codec common to any two of them? I don't care. Would it be getting any attention at all if Steve Jobs hadn't used it as part of his cheap excuse to block free flash apps from his iControlU line of products? I don't care. Does it print money. I don't care. Does it run on my iPhone4?
simple SSL/S.MIME certs can had be had here http://www.startssl.com/. i'm not affiliated with them, but i have gotten a few certs from them. you can't beat the price, and their support is timely and helpful. you have to pay for more advanced certs like multiple names, wildcard, etc...
it's not just that 'many' plugins aren't 32-bit. it's that not all plugins are 64-bit. MS won't make that switch until pretty much every plugin is available in 64-bit - it's just not worth the support calls. 32-bit is fine for ~99.9% of the cases, and for the others, the user is probably sufficiently knowledgeable to know where to find the 64-bit version.
indeed, 64-bit pointers are 2x the size (duh), and that size increase can lead to more page faults. more page faults can easily nullify any advantage gained by having more integer registers. oh yeah, those registers need to be pushed onto the stack, too - more page faults.
64-bit address spaces are great for things that need, or can use, large address spaces (like operating systems and databases), but most everything else is fine with 32-bit.
Slashdot Mirror
but usually you'd just use PLINQ it takes care of all the messy parallel partitioning and aggregation for you...
refcounts? you know about cycles, right?
yeah, i hate ads too, but like them or not they pay for the web.
if you wanted to gain a large slice of online revenue, you could:
1) create your own, closed platform
2) entice content creators to your platform by banning non-compliant software
2) effectively ban other ad publishers from using that platform, forcing advertisers to go through you
3) make it hard for web publishers to make money by adding ad- to the platform's web browser.
i'm sorry but the internet is just like the airlines. 1st-class pays for coach.
check your ISPs level-1 peers. see any media companies represented there? the easiest way to kill bittorrent et al. ? kill the internet.
you may want to get it back. but you're not going to get the DoD grants back to pay for it.
trust me, it'll become the digital version of the survivalist militia. a place where copyright and anti-terrorism laws are regularly broken. the media companies and law enforcement (they will have merged into a single entity by then) will lobby to have it shut down.
no, more like AOL. but without the internet.
i hate to sound like Kyle Reese, but this is how it happens:
July 2010, Apple adds ad-blocking to WebKit.
it makes its way slowly into most popular web browsers cutting off the revenue stream for content publishers on the internet.
those publishers make a move onto one of several closed platforms originally designed for mobile platforms.
after an initial intense fight, a single closed platform dominates. the others fade away.
internet use drops significantly. only free content is available on it, and the mainstream views it increasingly as a refuge for subversives. most households disconnect.
April 3rd, 2017: the internet backbone is shut down.
premium content and visiting traffic moves predominantly to the closed platform.
i suggest you start a web design company that states outright that it refuses to design any sites that work on IE6.
don't worry about getting web design skills first, you won't need them - you won't get any clients...
i don't think this is true for most (read: any half-decent) hash functions. changing a single bit in the input will radically change the output, and therefore radically change the length of the common prefix.
very nice. plays just like the original. now do Exile ;-)
better for whose grandma?
yeah, they stated that they wiped the drive with zeros using DiskUtility. given that OSX doesn't support TRIM, that would mean that EVERY page is dirty, thus EVERY write requires a read-merge-write cycle, and thus the performance would never degrade since it's already as shitty as it can possibly get. maybe if they'd TRIMmed the whole drive with a decent OS and started from there without zeroing they'd have gotten significantly different results.
but ASLR doesn't affect basic blocks. relative jumps remain untouched, ASLR only affects the base address of loaded modules which are fixed up by the loader. even without ASLR the base address of a DLL isn't guaranteed to be the address that's requested. historically, a DLL can request a preferred base address, but the loader may chose not to load at that address (for example, if something else is already loaded at that address). the only downside to ASLR here is that load-time fixups MUST be applied because, in general, the DLL will NOT be loaded at the requested base address. it used to be that you could optimize the base addresses of the DLLs loaded by your application (using LINK.exe /BASE: ) in such a way as to (almost) guarantee that the DLLs would load at their preferred address and the loader would be able to skip the fixup step. however, processor speed and shared-code pages have made this optimization largely insignificant.
as far as JITed code is concerned, the OS makes no significant guarantees about the location of the memory returned by VirtualAlloc. even with ASLR disabled, two consecutive runs of a JIT on the same machine may well result in code residing in different locations.
why does ASLR complicate debugging? as long as your dumps contain the relocation info and your debugger is aware of it there shouldn't be any problem. wefault, adplus, windbg & visual studio are all ASLR-aware.
DEP was first available in XP SP 2 beta, which was available to developers by the start of 2004. that's over 6 years ago. how much testing does one need?
Is the video tag in HTML5 a kludge?
I don't care.
Is it more an ideal than a practical implementation?
I don't care.
Can it compete with a commercial product that has been an accepted part of the web for over 10 years now?
I don't care.
Is it poorly implemented in most modern browsers, with no agreed upon video codec common to any two of them?
I don't care.
Would it be getting any attention at all if Steve Jobs hadn't used it as part of his cheap excuse to block free flash apps from his iControlU line of products?
I don't care.
Does it print money.
I don't care. Does it run on my iPhone4?
the startcom root cert has been distributed by browser vendors for a while now. eg: it was shipped via Windows Update in Sept/2009
simple SSL/S.MIME certs can had be had here http://www.startssl.com/. i'm not affiliated with them, but i have gotten a few certs from them. you can't beat the price, and their support is timely and helpful. you have to pay for more advanced certs like multiple names, wildcard, etc...
-1: Pedant
it's not just that 'many' plugins aren't 32-bit. it's that not all plugins are 64-bit. MS won't make that switch until pretty much every plugin is available in 64-bit - it's just not worth the support calls. 32-bit is fine for ~99.9% of the cases, and for the others, the user is probably sufficiently knowledgeable to know where to find the 64-bit version.
indeed, 64-bit pointers are 2x the size (duh), and that size increase can lead to more page faults. more page faults can easily nullify any advantage gained by having more integer registers. oh yeah, those registers need to be pushed onto the stack, too - more page faults.
64-bit address spaces are great for things that need, or can use, large address spaces (like operating systems and databases), but most everything else is fine with 32-bit.
maybe you should get a 64-bit OS that can run 32-bit apps?
why is this an excellent purpose? C++ doesn't bother with this, neither does Java. why bother?
Danger, Will Robi
*** STOP: 0x00000019 (0x00000000, 0xC00E0FF0, 0xFFFFEFD4, 0xC0000000)
BAD_POOL_HEADER
, yet.