It is certainly possible to come up with rules which verify that much code is safe. When the rules don't work, assume the worst. Heuristics which 'solve' the halting problem most of the time are quite possible - or a suitably loose definition of most:-).
You just have to decide which way to fail during the questionable cases. In this case, emulation is allways safe, so that is how you'd fail.
Another case of heuristic is garbage collection. Reference counting and reference tracing are heuristics. Often objects are provably unusable (if you look at the code, not just the data) even while there are still references to them.
Deciding for certain if a piece of data will be used becomes equivalent to the halting problem. But looking for a lack of references is an easy, fail-safe heuristic. When there is a lack of reference, the heuristic says drop it, and the heuristic is right. No reference implies no future access. But often you could have dropped it earlier - that implication is one way.
Have you ever tried to restore a Windows Exchange Backup - after rebuilding the machine from scratch? Or after losing a PDC without having a prebuilt BDC? Do you happen to know how to do a unattended live backup of exchange - is trivial with the gui, but in a backup script?
Ever try to 'fix' Word when it crashes every time you go to add anotations? I found that saving after every annotation seemed to prevent the crashing (Murphy's law, that is, but the crashing was consistant untill I got in the habit of saving every line or so).
Ever get 'license key invalid' every time you login after reboot to a w2k system - with no way to tell what piece of bloatware left this lying around in your registry?
For the routine stuff you'll learn the routine through the emacs tutorial or through random guesses at word menu functions. For the tight situations, a gui doesn't fundamentally change the situation, and can hide important details.
In unix land, anything equivalent to that 'license key invalid' dialog would be trackable back to a particular line in an rc file, or to a kernel configuration file. I checked the standard system startup registry hooks, I also disabled services left behind by various wares. My best guess is that NTS PPPoE, VMware, or ZoneAlarm left something in device driver land, but I couldn't find a list of what was supposed to be there:-/. Anyway, that was a reformat ago, and so I'll never know for certain.
A gui makes it easier to find specific functionality. You pay for it with less obvious/convenient scriptability. You pay for it with less effeciency once you know the features (unless there is a keyboard shortcut). You pay for it with code bloat. Many people are willing to pay these prices. You may be one of them.
Companies only get away with such abuses when they are monopolies. Country coding is another clasic monopolist thing to do. It is the nature of humans to groupthink. This leads to monopoly in entertainment and information production. Even/. benefits from such effects, methinks.
It hasn't become more expensive to produce movies. It has become more expensive to produce movies which stand out, which look expensive. It has gotten cheaper to produce movies.
For this field, I'm not sure that pure capitalism works. Pure capitalism requires that monopolies don't tend to form.
I can imagine not-so-capitalistic approaches which might work. But I never hear of record companies funding starving artist dormitories for local artists.
If such monopolistic abuses are legal, is their occurance the fault of the companies, or of the laws? If money determines the outcome of elections, is that the fault of the politicians, or of the electorate? If consumers tend to buy the same movies that everybody else does - just because everybody else does - who's fault is the resulting monopoly?
If they wanna do this instead of a traditional marketing campain, I'm not gonna complain. I hope it does exactly what they expect it to - so that they do it again.
Seriously though. AFS is everything NFS fails to be. Load balancing, client side caching, easy client config, and security. AFAIK It has been a marketplace failure. They should have at least made the client free years ago. Certainly, IBM won't likely notice the lost revenue.
Mostly the searning curve is because the syntax is optimized for functional (as opposed to prcedural). Nested function declarations and recursion are your friend.
fun rev (nil) = nil
| (h::t) = rev(t) @ [h]
is probably the shortest function to reverse any list. Type is `a list -> `a list. Which indicates that it takes any list and returns a list of identical type.
fun rev l1 =
let
fun rec (nil,l2) = l2
| rec (h::t,l2) = rec(t,h::l2)
in
rec(l1,nil)
end
On the other hand uses an inner tail recursive function for performance. Does the same thing. rec (both lines of it does the work, the rest just wraps it to change the interface.
Compare to the amount of code required to reverse a list in any other language. This second version doesn't rely built in libraries for linked lists - you could create an equivalent custom list type in about 3 lines.
I'd like to point out that reference count garbage collection is faster to think about. In practice, the CS profs will generally tell you that it tends to be slwer than copying (or even mark sweep), unless you are running near your memmory limit. It and mark sweep both fail to address memmory fragmentation.
Think about it. Every object gains a few bytes of size. Every time you change a pointer, you need to also add, subtract, and test for 0. And... loop shaped data structures never get collected.
BTW great post. I just didn't want to let it be thought that reference counting ts a particularly clever form of gc.
Roughly speaking, the copying collector family (which includs the algorithms used hotspot) has overhead proportional to the amount of data (in both bytes and objects) saved - not the amount of data collected. This is very different than mark sweep.
On the other hand, the box/unbox problem is still a good topic for debate. Boxing means wrapping into an indepedent object so that the garbage collectors and utility classes and remote references can be less type aware.
Java provides a set of unboxed scalars (int, byte, etc), and the ability to manually box them. It sound like C# gives the ability to treat structs as scalars - effectively unboxing them.
Some languages (ML in particular) defer boxing questions to the compiler. This makes the compiler author sweat more if he'd like to avoid the overhead associated with boxing. Problems like this explain why SML/NJ is such big program.
He described this as a behavior of the netscape provided classes. Again, this is likely a case of trusted classes being too helpfull, not of a total jvm sandbox model breakdown. Is the netscape JVM source available?
This is the same sort of hole as, say, the old bsd mmap problem. Just as user/supervisor modes make it possible to write a system which puts processes in sandboxes, the JVM security system makes it possible to put applets into sandboxes. But in both cases, getting the security checks correct is a non-trivial exercise.
Ok. W.R.T the second exception, and looking at the Sun JDK 1.3 source, I think Sun has fixed it in recent versions. But I also think I see what likely happened wrong in the earlier version.
Basically, you can't easily not do the open, because you need to get the port and host address from the impl attribute of the socket - after telling it to open. I think that a more sound approach would be to make impl flexible enough to do it's dns setup without actually opening.
Anyway though, the upshot is that the current approach requires that we trust the close method on impl. Looking back through the initializers which create impl, I think this is safe, but hard to prove safe. My guess is that the earlier JVM classes did this incorrectly - they trusted s.close instead of s.impl.close. Which is bad; we don't know where s has been.
Actually, what I really want to know is why only 128 bits? RC4 with a normal, 8bit box, will take a key up to a kilabit or so. Just as only the old export grade initialization routine limited to 40 bits, it is only the initialization routine which limits it to 128. The only extra overhead comes in initialization/key exchange.
To say nothing of the obvious extention to a 16 bit box (which might well be faster, not slower, on modern procs)
I only mention, cuz this sort of thing makes me wonder what 'no such agency' is really capable of. In several senses of the word.
Suck claims that the mistake was deciding to rewrite everything. This is wrong. Rewriting everything is not a bad idea in and of itself.
Read up on 'second systems effect'. They decided to rewrite everything, and overconfidence lead them to throw in everything at once while doing so. If they had half those things done, and people were now starting on the second half, we wouldn't be having this discussion.
HTML 4.0 layout, Javascript, and Java. That is all that they should be focused on. These features would give us a perfectly workable browser. Mail and news should be the next project, get them done and stable. Then worry about that XML stuff that nobody uses anyway. Then worry about the kitchen sink. One or two subsystems at a time, no more.
The question isn't if people will hack on mozilla. The question is how many of the current projects will ever be finished. All or nothing development often gives nothing. Eventually people will learn.
ICBM have rounded nose for similar, but not exactly the same reasons. The pressures around supersonic projectiles are not simple, and blunt noses are often the most efficient. Bullet makers know this. It has to do with shock waves spreading off the nose - I think you want the nose to be close to the angle of the shock waves, more or less.
I suspect that the ICBM is more worried about lack of friction post reentry. Much like a bullet, except that ICBM may be worried about excess heat more than loosing speed. Just a guess though, if I actually knew, I probably wouldn't be allowed to talk about it:-)
Delta rockets make plenty of lift in the downward direction. Is just about all that they do in fact. Not too difficult to produce thrust in two directions at once, witness the harrier transitioning from hover to forward flight. Difficult to do so cheaply or efficiently though.
The article made a technical mistake that is confusing people. Cavitation does not create a vacum. It pulls disolved air and/or water vapor out of the water. I haven't found a great explanation on the web, though some site get it right and some seem a bit misleading if you don't read carefully/completely. Good applied fluid dynamics books will get it right. You can watch the bubbles float up off of the propeller in submarine movies. That isn't because the boat is leaking.
It does not occur with sufficiently pure water. In addition to the disolved air, the amount of particulate impurities (dust) also has an effect. Apparently, like raindrops and ice, the bubbles like to have something to form from.
It still might be better than supersonic atmospheric flight, especially w.r.t. thermal characteristics. You have two interfaces to spread the heat disipation over, and water might carry away the excess heat better than air does. Also, if the cavity is in a more or less steady state, there is much less expansion and contraction going on. Even in air, the problems are most serious in the transonic regime where parts of the flow over the body are supersonic and parts aren't. The concord can turn off it's afterburners past mach 1.5 or so.
For the purposes given by the original posters, the data needs to be innocuous-looking, not suspicion-arousing. Steganography is certainly the best way of ensuring this.
Stenography is, by definition, the study of doing this. For the most secure stenography, the bits that you are replacing must seem random before you start and after you finish. A good stenography package would check for this; I don't know if any do.
Yeah. I guess it would be hard to put anything meaningfull on the contract about what sort of box they are getting for their money.
Guess it depends on how clued in your user's are, and how good you are at social engineering. Not that I am advocating this "hide the timesharing completely" approach in any way shape or form.
Unix people have been building time sharing systems for a long time. For 25k, I'll bet that I can get pretty close to this sort of thing. Let's take an inventory of what you really need.
You want each client to run and admin their own webserver.
You don't want each client to be able to affect the others. This means no rampant interfering resource usage.
Now, lets talk about how one might do this using off the shelf stuff.
Two ways to run multiple indepentenly admined web servers come to mind:
The new FreeBSD kernel supports the jail syscall. This can attach collection of processes to a particular ip address. I rather suspect that this is exactly the sort of thing that it is meant to be used for.
On linux, you can permission individual ports. Each client runs their webserver on a different port. Use ip masquerading to redirect connections to diffent ips (port 80) to different ports (localhost).
Unix timesharing systems have been hit with all sort of internal dos attacks. My personal favorite is the shell script which does nothing but call itself in an infinite loop. Hence the creation if killall. All of these attacks (which can be negligence as much as anything intentional) have defenses. Unix is meant to be multi-user, even if we forget in the PC-laden age. We have:
Process limits - With not too hostile users, it shouldn't be too difficult to keep their web servers from running away. Note that csh is the ussual interface to this functionality.
So what do you really get for your 25k? My guess is a little bit of convenience. Maybe a bit of transparency to your users - don't have to tell them it is a shared box if you replace login to use per ip password file, could rewire the reboot command to do a kill for the users in question and rerun 'their'/init.d scripts, etc.
And if this package doesn't take off and becomes unsupported... then where are you? It doesn't quite sound like the sort of thing which will work with the next version of whatever OS it is for. Unless it is a colletion of perl and shell scripts (about what I would use), in which case you could patch it up if necessary. Do you get a source code license for your 25K? Is their customer care any good?
It might be worth it, if they make it truely easy to multi host, and give you a source license, and you are short of rack space and/or using really expensive boxen. But I wouldn't bet on it.
You could also store info in the return address, since everybody knows that you can't trust it. More likely to be filtered/noticed though. Not sure how well the whole info in the CRC would work.. in a very real sense, a CRC is redundant information by definition.
Sending out enough ping packets to have good data throughput might be easy to notice, so for something things you might make the extra data piggyback an inocent looking data stream.
For example, you could hide it in the acknowledgement packets while receiving a Real Audio stream of chinese gummit approved propaganda from a website that pays extra attention to the response packets.
I think that there is an audio coupling modem for the palm pilot - might make for something comparatively easy to hide/loose if necessary. An audio modem, a selection of international calling card numbers, a selection of payphones, and a palm encryption package... Just what every secret agent needs (and needs to hide).
I don't know if any good crypto tools have been ported to the palm, but if you can do RSA in JavaScript I'm sure that you can do twofish on a palm.
In addition to file stenography, there are ways to pass information over the internet that are oft unchecked for.
The internet auditing project story mentions an unknown hacker who liked to use fake DNS packets to carry data. It also mentions SSH ESP, a toolkit for putting ssh over packets normally left alone by firewalls, though I've not yet seen other references to it.
I mean, the ping packet is required to carry an arbitrary dataset to it's destination. And you get a reply. I wonder if some ping tools will fill it with pseudo random numbers? Hard to differentiate that from an encrypted message. I have yet to be on a network with outgoing ping disabled, though it certainly could be fwalled.
I was once desperate for an expression based if or case statement in SQL (like the ?: construct in c/c++/java). While the specific DB we were using might have had such support, the experienced sql persons and documentation that I referenced didn't yeild and answer.
I think that sort of says it all. If aren't putting conditionals into expressions, you aren't doing functional programming. Almost by definition.
I ended up doing the conversion through a temp table. This is roughly similar. But not really the same.
You can't *truly* translate law into common language for the same reason that the only true description of a program is the program itself: namely, any layman's description is likely to gloss over precisely the elements of phraseology or punctuation that will turn out to be most ambiguous (and hence critical) later. Most laymen could do as little with such a lay explanation as they could with an explanation of Perl or APL code. Debugging is a skilled art in law or software.
It might be that the essense of code (especially good code) is the code itself. I can debate that some though. I've certainly occasionaly made code harder to read in the name of efficiency.
Irregardless, you are thinking in terms of the techie. Consider it in terms of the consumer. Even if you don't start with a spec for your program, you'll metaphorically have one at the end. This is the nature of software engineering.
In code, the end user need not be involved in low level debugging. But the end user can and should be able to discuss the spec, and be able to discuss whether the spec meets their needs. If this can't be done, the spec isn't up to spec:-)
Similary, there are plenty of websites listing and sorting bugs in various systems and how to work around them. They aren't just of interest to programmers, many are quite consumer oriented.
What is equivalent for legal code? Political activists sites sort of list what they call bugs, but I've yet to see a proper database per say.
So, do they expect altavista to figure out all the sites which cover this sort of thing, and not link to them. How? Trust the sites to identify themselves? Keyword recognition?
If somebody in Amsterdam decided to put up an informational website using, how would the us search engines keep such links out? Hard to filter on words like 'speed' and 'crack'. What about netnews posts? Text files in gnutella? Freenet? Sealand? Enforceablilty sounds like something that politicos in question haven't considered. It is bad karma to pass laws you can't enforce consistantly. Politicos should be reminded of this.
Another argument against censorship is that even if you disagree with the material being censored, censorship is like painting over the termite-holes. No matter how bad you think drugs are, the problem is that people look for them, not that they exist. Convincing people that they need to be responsible is the right solution. Give them enough rope to hang themselves, and one way or the other, they'll learn to respect rope.
Course, that last statement applies to many fields. Anybody want to set up a website along the lines of Mr. Cranky , but rating politicians instead? Or a place to read legislation converted into 'everyday language' - can't be harder than explaining computer code in everyday language. Politics is o so very dry. Somebody should do something about that.
Currently, copmanies like Microsoft can and do shrug off all responsibility for buggy software. Should they be liable when then know about a bug and fail to issue a patch? Fail to advertise a patch? Can/should such reparations be limited to the purchase price? What about when they didn't know about the bug, but rushed testing.
I don't know if this is moving a bit beyond the specific legal issues addressed in warantees. But, in general, should there be liability associated with distributing buggy code? Dow Corning won't sell you certain fiberglass resins if you let slip that you are going to use them for a homebuilt aircraft - all sorts of silly things come out of such liabilities.
Should there be degrees of negligence? And, as a practical matter, will the ability to afford lawyers factor into the determination of such.
Do you want a special exemption for free software? Free in what sense? 'IE free' or 'emacs free'? Java free?
Have we reached the stage where we need to evolve ourselves? Where we are in control of evolution? It's a scary thought. Granted, this article only hints of what may be possible in the future, but it's a concept that is relatively new and frighteningly, very feasable. The ability to modify genes in an unborn embryo.
We are already in control of our evolution. We don't allways admit it, but we've been thinking about where kids come from for a long time. We aren't as ruthless as we are when engineering crops through natural selection, but the principle applies. And we've certainly made serious changes to certian other species. (where is corn 'native' to? how about cows?)
Anyway you look at it, memes evolve much faster than genes.
Also, evolution of both memes and genes tends to be punctuated, not continuous. Paradigm shifts and extinction events are cut from the same cloth. We are what we think. We think what we learn. We learn memes.
Slashdot Mirror
You just have to decide which way to fail during the questionable cases. In this case, emulation is allways safe, so that is how you'd fail.
Another case of heuristic is garbage collection. Reference counting and reference tracing are heuristics. Often objects are provably unusable (if you look at the code, not just the data) even while there are still references to them.
Deciding for certain if a piece of data will be used becomes equivalent to the halting problem. But looking for a lack of references is an easy, fail-safe heuristic. When there is a lack of reference, the heuristic says drop it, and the heuristic is right. No reference implies no future access. But often you could have dropped it earlier - that implication is one way.
Ever try to 'fix' Word when it crashes every time you go to add anotations? I found that saving after every annotation seemed to prevent the crashing (Murphy's law, that is, but the crashing was consistant untill I got in the habit of saving every line or so).
Ever get 'license key invalid' every time you login after reboot to a w2k system - with no way to tell what piece of bloatware left this lying around in your registry?
For the routine stuff you'll learn the routine through the emacs tutorial or through random guesses at word menu functions. For the tight situations, a gui doesn't fundamentally change the situation, and can hide important details.
In unix land, anything equivalent to that 'license key invalid' dialog would be trackable back to a particular line in an rc file, or to a kernel configuration file. I checked the standard system startup registry hooks, I also disabled services left behind by various wares. My best guess is that NTS PPPoE, VMware, or ZoneAlarm left something in device driver land, but I couldn't find a list of what was supposed to be there :-/. Anyway, that was a reformat ago, and so I'll never know for certain.
A gui makes it easier to find specific functionality. You pay for it with less obvious/convenient scriptability. You pay for it with less effeciency once you know the features (unless there is a keyboard shortcut). You pay for it with code bloat. Many people are willing to pay these prices. You may be one of them.
It hasn't become more expensive to produce movies. It has become more expensive to produce movies which stand out, which look expensive. It has gotten cheaper to produce movies.
For this field, I'm not sure that pure capitalism works. Pure capitalism requires that monopolies don't tend to form.
I can imagine not-so-capitalistic approaches which might work. But I never hear of record companies funding starving artist dormitories for local artists.
If such monopolistic abuses are legal, is their occurance the fault of the companies, or of the laws? If money determines the outcome of elections, is that the fault of the politicians, or of the electorate? If consumers tend to buy the same movies that everybody else does - just because everybody else does - who's fault is the resulting monopoly?
Seriously though. AFS is everything NFS fails to be. Load balancing, client side caching, easy client config, and security. AFAIK It has been a marketplace failure. They should have at least made the client free years ago. Certainly, IBM won't likely notice the lost revenue.
fun rev (nil) = nil
| (h::t) = rev(t) @ [h]
is probably the shortest function to reverse any list. Type is `a list -> `a list. Which indicates that it takes any list and returns a list of identical type.
fun rev l1 =
let
fun rec (nil,l2) = l2
| rec (h::t,l2) = rec(t,h::l2)
in
rec(l1,nil)
end
On the other hand uses an inner tail recursive function for performance. Does the same thing. rec (both lines of it does the work, the rest just wraps it to change the interface.
Compare to the amount of code required to reverse a list in any other language. This second version doesn't rely built in libraries for linked lists - you could create an equivalent custom list type in about 3 lines.
Think about it. Every object gains a few bytes of size. Every time you change a pointer, you need to also add, subtract, and test for 0. And... loop shaped data structures never get collected.
BTW great post. I just didn't want to let it be thought that reference counting ts a particularly clever form of gc.
On the other hand, the box/unbox problem is still a good topic for debate. Boxing means wrapping into an indepedent object so that the garbage collectors and utility classes and remote references can be less type aware.
Java provides a set of unboxed scalars (int, byte, etc), and the ability to manually box them. It sound like C# gives the ability to treat structs as scalars - effectively unboxing them.
Some languages (ML in particular) defer boxing questions to the compiler. This makes the compiler author sweat more if he'd like to avoid the overhead associated with boxing. Problems like this explain why SML/NJ is such big program.
He described this as a behavior of the netscape provided classes. Again, this is likely a case of trusted classes being too helpfull, not of a total jvm sandbox model breakdown. Is the netscape JVM source available?
This is the same sort of hole as, say, the old bsd mmap problem. Just as user/supervisor modes make it possible to write a system which puts processes in sandboxes, the JVM security system makes it possible to put applets into sandboxes. But in both cases, getting the security checks correct is a non-trivial exercise.
the enlightening method, from ServerSocket is:
t HostAddress(),
protected final void implAccept(Socket s)
throws IOException {
try {
s.impl.address = new InetAddress();
s.impl.fd = new FileDescriptor();
impl.accept(s.impl);
SecurityManager security =
System.getSecurityManager();
if (security != null) {
security.checkAccept(s.impl.getInetAddress().ge
s.impl.getPort());
}
} catch (IOException e) {
s.impl.close();
throw e;
} catch (SecurityException e) {
s.impl.close();
throw e;
}
}
Basically, you can't easily not do the open, because you need to get the port and host address from the impl attribute of the socket - after telling it to open. I think that a more sound approach would be to make impl flexible enough to do it's dns setup without actually opening.
Anyway though, the upshot is that the current approach requires that we trust the close method on impl. Looking back through the initializers which create impl, I think this is safe, but hard to prove safe. My guess is that the earlier JVM classes did this incorrectly - they trusted s.close instead of s.impl.close. Which is bad; we don't know where s has been.
To say nothing of the obvious extention to a 16 bit box (which might well be faster, not slower, on modern procs)
I only mention, cuz this sort of thing makes me wonder what 'no such agency' is really capable of. In several senses of the word.
Read up on 'second systems effect'. They decided to rewrite everything, and overconfidence lead them to throw in everything at once while doing so. If they had half those things done, and people were now starting on the second half, we wouldn't be having this discussion.
HTML 4.0 layout, Javascript, and Java. That is all that they should be focused on. These features would give us a perfectly workable browser. Mail and news should be the next project, get them done and stable. Then worry about that XML stuff that nobody uses anyway. Then worry about the kitchen sink. One or two subsystems at a time, no more.
The question isn't if people will hack on mozilla. The question is how many of the current projects will ever be finished. All or nothing development often gives nothing. Eventually people will learn.
I suspect that the ICBM is more worried about lack of friction post reentry. Much like a bullet, except that ICBM may be worried about excess heat more than loosing speed. Just a guess though, if I actually knew, I probably wouldn't be allowed to talk about it :-)
The article made a technical mistake that is confusing people. Cavitation does not create a vacum. It pulls disolved air and/or water vapor out of the water. I haven't found a great explanation on the web, though some site get it right and some seem a bit misleading if you don't read carefully/completely. Good applied fluid dynamics books will get it right. You can watch the bubbles float up off of the propeller in submarine movies. That isn't because the boat is leaking.
It does not occur with sufficiently pure water. In addition to the disolved air, the amount of particulate impurities (dust) also has an effect. Apparently, like raindrops and ice, the bubbles like to have something to form from.
It still might be better than supersonic atmospheric flight, especially w.r.t. thermal characteristics. You have two interfaces to spread the heat disipation over, and water might carry away the excess heat better than air does. Also, if the cavity is in a more or less steady state, there is much less expansion and contraction going on. Even in air, the problems are most serious in the transonic regime where parts of the flow over the body are supersonic and parts aren't. The concord can turn off it's afterburners past mach 1.5 or so.
Stenography is, by definition, the study of doing this. For the most secure stenography, the bits that you are replacing must seem random before you start and after you finish. A good stenography package would check for this; I don't know if any do.
Guess it depends on how clued in your user's are, and how good you are at social engineering. Not that I am advocating this "hide the timesharing completely" approach in any way shape or form.
- You want each client to run and admin their own webserver.
- You don't want each client to be able to affect the others. This means no rampant interfering resource usage.
Now, lets talk about how one might do this using off the shelf stuff.- Two ways to run multiple indepentenly admined web servers come to mind:
- The new FreeBSD kernel supports the jail syscall. This can attach collection of processes to a particular ip address. I rather suspect that this is exactly the sort of thing that it is meant to be used for.
- On linux, you can permission individual ports. Each client runs their webserver on a different port. Use ip masquerading to redirect connections to diffent ips (port 80) to different ports (localhost).
- Unix timesharing systems have been hit with all sort of internal dos attacks. My personal favorite is the shell script which does nothing but call itself in an infinite loop. Hence the creation if killall. All of these attacks (which can be negligence as much as anything intentional) have defenses. Unix is meant to be multi-user, even if we forget in the PC-laden age. We have:
- Quotas - x% of the hard drive, coming right up.
- Process limits - With not too hostile users, it shouldn't be too difficult to keep their web servers from running away. Note that csh is the ussual interface to this functionality.
So what do you really get for your 25k? My guess is a little bit of convenience. Maybe a bit of transparency to your users - don't have to tell them it is a shared box if you replace login to use per ip password file, could rewire the reboot command to do a kill for the users in question and rerun 'their'And if this package doesn't take off and becomes unsupported... then where are you? It doesn't quite sound like the sort of thing which will work with the next version of whatever OS it is for. Unless it is a colletion of perl and shell scripts (about what I would use), in which case you could patch it up if necessary. Do you get a source code license for your 25K? Is their customer care any good?
It might be worth it, if they make it truely easy to multi host, and give you a source license, and you are short of rack space and/or using really expensive boxen. But I wouldn't bet on it.
Sending out enough ping packets to have good data throughput might be easy to notice, so for something things you might make the extra data piggyback an inocent looking data stream.
For example, you could hide it in the acknowledgement packets while receiving a Real Audio stream of chinese gummit approved propaganda from a website that pays extra attention to the response packets.
I think that there is an audio coupling modem for the palm pilot - might make for something comparatively easy to hide/loose if necessary. An audio modem, a selection of international calling card numbers, a selection of payphones, and a palm encryption package... Just what every secret agent needs (and needs to hide).
I don't know if any good crypto tools have been ported to the palm, but if you can do RSA in JavaScript I'm sure that you can do twofish on a palm.
The internet auditing project story mentions an unknown hacker who liked to use fake DNS packets to carry data. It also mentions SSH ESP, a toolkit for putting ssh over packets normally left alone by firewalls, though I've not yet seen other references to it.
I mean, the ping packet is required to carry an arbitrary dataset to it's destination. And you get a reply. I wonder if some ping tools will fill it with pseudo random numbers? Hard to differentiate that from an encrypted message. I have yet to be on a network with outgoing ping disabled, though it certainly could be fwalled.
I think that sort of says it all. If aren't putting conditionals into expressions, you aren't doing functional programming. Almost by definition.
I ended up doing the conversion through a temp table. This is roughly similar. But not really the same.
You can't *truly* translate law into common language for the same reason that the only true description of a program is the program itself: namely, any layman's description is likely to gloss over precisely the elements of phraseology or punctuation that will turn out to be most ambiguous (and hence critical) later. Most laymen could do as little with such a lay explanation as they could with an explanation of Perl or APL code. Debugging is a skilled art in law or software.
It might be that the essense of code (especially good code) is the code itself. I can debate that some though. I've certainly occasionaly made code harder to read in the name of efficiency.
Irregardless, you are thinking in terms of the techie. Consider it in terms of the consumer. Even if you don't start with a spec for your program, you'll metaphorically have one at the end. This is the nature of software engineering.
In code, the end user need not be involved in low level debugging. But the end user can and should be able to discuss the spec, and be able to discuss whether the spec meets their needs. If this can't be done, the spec isn't up to spec :-)
Similary, there are plenty of websites listing and sorting bugs in various systems and how to work around them. They aren't just of interest to programmers, many are quite consumer oriented.
What is equivalent for legal code? Political activists sites sort of list what they call bugs, but I've yet to see a proper database per say.
If somebody in Amsterdam decided to put up an informational website using, how would the us search engines keep such links out? Hard to filter on words like 'speed' and 'crack'. What about netnews posts? Text files in gnutella? Freenet? Sealand? Enforceablilty sounds like something that politicos in question haven't considered. It is bad karma to pass laws you can't enforce consistantly. Politicos should be reminded of this.
Another argument against censorship is that even if you disagree with the material being censored, censorship is like painting over the termite-holes. No matter how bad you think drugs are, the problem is that people look for them, not that they exist. Convincing people that they need to be responsible is the right solution. Give them enough rope to hang themselves, and one way or the other, they'll learn to respect rope.
Course, that last statement applies to many fields. Anybody want to set up a website along the lines of Mr. Cranky , but rating politicians instead? Or a place to read legislation converted into 'everyday language' - can't be harder than explaining computer code in everyday language. Politics is o so very dry. Somebody should do something about that.
I don't know if this is moving a bit beyond the specific legal issues addressed in warantees. But, in general, should there be liability associated with distributing buggy code? Dow Corning won't sell you certain fiberglass resins if you let slip that you are going to use them for a homebuilt aircraft - all sorts of silly things come out of such liabilities.
Should there be degrees of negligence? And, as a practical matter, will the ability to afford lawyers factor into the determination of such.
Do you want a special exemption for free software? Free in what sense? 'IE free' or 'emacs free'? Java free?
We are already in control of our evolution. We don't allways admit it, but we've been thinking about where kids come from for a long time. We aren't as ruthless as we are when engineering crops through natural selection, but the principle applies. And we've certainly made serious changes to certian other species. (where is corn 'native' to? how about cows?)
Anyway you look at it, memes evolve much faster than genes.
Also, evolution of both memes and genes tends to be punctuated, not continuous. Paradigm shifts and extinction events are cut from the same cloth. We are what we think. We think what we learn. We learn memes.