Setting up Windows 95 on a new system is a PAIN. Linux is better (and has problems, too, but that's a different article.)
How To Set Up Windows 95
This is how I set up Windows 95 to achieve a reasonably stable system for playing games - the only thing I do with Win95.
1. FDisk the hardrive if neccessary. Too bad if you've never heard of FDisk. Reboot when done.
2. Format your partitions. Don't forget the/s flag to install the system files.
3. Install Windows 95. (I assume OSR2.) I hope your boot diskette included CD ROM drivers! Reboot when done.
4. Install the Intel chipset drivers for your post-1996 motherboard. Windows will not tell you to do this, but if you don't, you will have Problems. Reboot when done.
5. Install the USB supplement for OSR2 (Undocumented feature - this also enables AGP). Finding the USB supplement on Microsoft's web site is left as an exercise for the reader. Reboot when done.
6. Install drivers for your video card. Reboot when done.
7. Install Intellimouse software for full mouse wheel support. Reboot.
8. Install Microsoft DialUp Networking 1.3 to fix many, many bugs in the DUN that comes with Win95. Reboot, of course.
9. Install a big set of mostly network and security upgrades. Some of these may not be neccessary, but who can tell? There is no documentation! (secupd2, vtcpupd, w95grey, winsock2, winsockup). Reboot. Of course.
Microsoft (at least the research dept.) is aware of upcoming high-resolution devices. The latest issue of MSDN News has an article called "Five Centuries of UI Design" that talks about a new font smoothing technique specially designed for laptops called "ClearType". Instead of treating the three dots of red, blue and green as a single greyscale pixel, this new tech uses them each individually to increase the visual resolution for text by three times - smooth edges, but still sharp text.
In the article they mention that ClearType in combination with the upcoming 200dpi polysilicon devices will produce images "easier to read than most of the print we read today".
Anyway, some random notes: - Betcha Microsoft will make it illegal to reverse engineer ClearType.
- Do the math on a 4000x3000 pixel screen - lets assume it's actually 4096 by 3072. That's 12,582,912 pixels. At 32 bpp, that's 48 MB of memory required for a single framebuffer. Double that for double-buffering, add a load of memory for textures, pixmaps, etc, and we will see graphics cards with 128 MB and up.
MS Office may not be using the regular Win32 API for menus. That doesn't mean it's a conspiracy. It is possible for programs to do "fake menus" which are really just regular windows drawn to look like menus, responding to mouse movement, etc. This can be done using published Win32 API's.
Most people wouldn't bother, because it's a hassle. But, if you want really advanced features for your menus, you do your own. One problem with doing this is it can break other programs, like screen readers for the blind or voice control apps for the physically impaired that hook into the regular API's.
Office has stuff like tear-off menus, menus that are actually on movable toolbars, multiple sets of menus, a different font on menus, icons in menus, etc. The regular Win32 menus API don't support these features, so I'm sure they aren't using it. In fact, I think there is an option somewhere in Office to explicitly turn on "real" menus to improve compatibility with other programs. Or maybe that's in dev studio 6?
I have no great love of Microsoft - my job is writing Win32 applications on NT, and I've actually had to mess around with menu code. I have written apps that did dynamic menus, and I know from experience that the standard API is quite limited.
Of course, if the same Office programs that didn't have fading menus on early betas do have them now... that looks more suspicious. But even then, it could just be that the release Win2K includes updated MS Office DLL's that independently produce the same fading window effect, again using published API's.
I read with interest your recent article on the Andover / VA Linux merger.
Unfortunately, it was marred by a significant error on your part. You appear to believe that VA Linux is a software company, and will thus be in competition with Red Hat and other distribution companies. Therefore, your logic goes, it is inevitable that Andover and Slashdot will be biased against Red Hat.
However this argument is based on a faulty premise. VA Linux is not a software company, they are a hardware company. In fact, it is apparently possible to purchase VA Linux servers with Red Hat software preinstalled.
To quote from "http://www.valinux.com/products/software.html": "Although we do not create our own distribution, VA optimizes the Linux kernel for each system type and includes the most popular Linux distributions preinstalled."
That kind of wrecks your whole argument, doesn't it?
BTW, I am not associated with VA Linux, Redhat, or any other Linux company, so I have no conflict of interest. But I like reading Slashdot.
You, on the other hand, work for a content company. A really big one, in fact. And Andover is a content company. Perhaps you have a conflict of interest that affected the accuracy of your article?
(This email has also been posted as a comment on Slashdot, which covered your story).
When implementing a very complicated algorithm, use the classic software engineering principles of doing a sound design before beginning coding. Write an extremely detailed design document that describes each step in a very complicated algorithm. The more detailed this document is, the better.
In fact, the design doc should break the algorithm down into a hierarchy of structured steps, described in a hierarchy of auto-numbered individual paragraphs in the document. Use headings at least 5 deep. Make sure that that when you are done, you have broken the structure down so completely that there are over 500 such auto-numbered paragraphs. For example, one paragraph might be: (this is a real example)
1.2.4.6.3.13 - Display all impacts for activity where selected mitigations can apply (short pseudocode omitted).
THEN... (and this is the kicker) when you write the code, for each of these paragraphs you write a corresponding global function named:
Act1_2_4_6_3_13()
Do not document these functions. After all, that's what the design document is for! HAHAHAHAHAHA!
Since the design doc is auto-numbered, it will be extremely difficult to keep it up to date with changes in the code (because the function names, of course, are static, not auto-numbered.) This isn't a problem for you because you will not try to keep the document up to date. In fact, do everything you can to destroy all traces of the document.
Those who come after you should only be able to find one or two contradictory, early drafts of the design document hidden on some dusty shelving in the back room near the dead 286 computers.
---------------------------
Here's a real-life typical code snippet produced using this diabolical method:
if (pProject->GetSecImpactStore()->ConnectedToPrimary (pSuccImpact)) { wPrevFD= pSuccImpact->GetFD(); wPrevECD= pSuccImpact->GetECD(); wPrevEUCD= pSuccImpact->GetEUCD();
// Act 1.2.4.6.4.11.7 recompute firing degrees, given different predecessors // (this is identical to Act 1.2.4.6.3.13) Act1_2_4_6_3_13(pSuccImpact, pProject->GetSecImpactStore());
// Then propagate I2, given that its firing degrees may have changed Act1_2_4_6_4(pSuccImpact, wPrevFD, wPrevECD, wPrevEUCD, pInfEng, pProject, pSecRules); } else { // No other predecessors, so depropagate I2 also (recursion) if (!pStack->IsMember(pSuccImpact)) { Act1_2_4_6_4_11( pInfEng, pProject, pSuccImpact, pSecRules, pStack );
Your post has a lot of good points, especially that even if the NSA can break PGP, as soon as they start to _use_ that capability the cat will be out of the bag and everyone will know it.
BUT....
you meant "source code to an algorithm that can factor large numbers INTO primes in linear time".
Factoring primes is easy. I'm sure you knew that. But I would hate for anyone else to be confused - it's such a common mistake.
Apparently, even Bill Gates (or more likely, his ghost writer) made this mistake in the first edition of "The Road Ahead".
This reminds me of an older (80's?) scifi book, "Cyberbooks" by Ben Bova IIRC. It predated the whole WWW and all the little handheld computers.
An approximate quote from the book:
(naive inventor-type character): "So, with my new invention, we can get and read books without having to go to a store, find them, and buy them! We don't need to print them, truck them across the country, stock them in warehouses, track them in inventory, put them on store shelves, or any of those hassles! It will be great! You'll just buy one cyber-pad, and then adding books to it will be cheap and easy!"
(older, worldly-wise character looks around nervously) "Shhh, keep it down, kid. You're going to get us killed! Don't you see how many jobs you could eliminate with this thing? Don't you realize how big and powerful the publishing and bookstore companies are?"
Once again, science fiction predicted the future. I'll have to dig that book out and read it again.
But really, you can't seriously say that a Linux monopoly would be indistinguishable from a Windows monopoly! It's the source! You always have the source!
You claim it's not really an open-source revolution, but a Linux revolution. I completely disagree! I think one important reason why Linux has grabbed so much mindshare is the GPL.
BSD uses a different license - fair enough, I have no problem with people choosing whatever license they want to release code. But, if I am writing code for free, to give away, I don't want to see that code used for profit by companies that have burned me before. I'm a developer, mostly for Windows at the moment, and I've been burned by Microsoft in the past. Microsoft can use BSD-licensed code, "extend" it, and sell it for profit. Why would I want to support that? That's why I would use the GPL, implicitly would aligning myself with Linux rather than BSD.
And your comments on a Linux "Ruling Class" don't make sense. As long as the source is under the GPL, there is no ruling class. That's the whole point! It's FREE! Free to read, change, and modify! It's completely contrary to the concept of a ruling class that controls access and has special privilege!
The GPL gives you the source, remember - so you can always port to your favorite OS. Try that under the Windows monopoly - difficult, isn't it!
That's how a Linux "monopoly" would be different - the GPL makes a monopoly impossible.
I've been suggesting this repeatedly over the last two days in several of these stories.
The idea of an island outside of any country is interesting, but I doubt you could find an island to purchase that isn't part of a country. Otherwise, who would you buy it from?
A more realistic option is to find a country with really good laws and decent internet connectivity (not just one or two links to the outside world).
The main criteria is that it should be impossible for big companies to get it shut down through injunctions, threats, revenge lawsuits, etc.
Uses for a data haven: - CVS hosting for open source cryptography software - CVS hosting for reverse engineered software - Anonymous remailer - Encrypted mailing lists, irc chat(?) and other useful communication methods - $cientology stuff - the list goes on and on
The big question: What country has good laws for setting up a data haven?
Other questions: - Is there something stupid about this idea that I don't realize? - Does something like this exist already? - If so, can I support it? - What would it take to start one?
Some suggestions from previous responses: - from slashdot user "Nimmy": Forget an untouchable country, instead build distributed data havens. Nimmy is starting a project for this. www.nimlabs.org. - from slashdot user "ralphclark": These already exist as warez sites. Just use the warez sites techniques.
I appreciate both of these responses. But they don't really achieve what I would like to see: a well known url and site that people can proudly point to and say "See that! All that freedom enhancing, privacy protecting code, right there in the open for everyone to easily find, use and contribute to."
I asked this before over in Katz' latest column, but didn't get much in responses.
I'm surprised that the idea of data haven isn't seriously being considered by open source and free speech advocates. The basic concept is straight out of Neal Stephenson's Cryptonomicon, although the idea has been around longer then that.
Someone, in a free country with good laws and a good legal system (i.e. not the US), supported by hackers and privacy supporters all over the world, should set up some servers. These could host reverse engineered open-source programs, CVS repositories, cryptography software, text documents, and other free speech related stuff.
Programs like DeCSS could be hosted there, immune to search and seizure, and out of reach of lawsuits that are only started to bully and threaten.
We need something like this now! It will be essential if reverse-engineering does become illegal in more places, affecting software like Samba and hundreds of other useful programs.
Questions I would really like answered: - Is there something stupid about this idea that I don't realize? - Does something like this exist already? - If so, can I support it? - What would be a good country to do this in? - What would it take to start one?
One active response that I'm surprised isn't mentioned more often is the idea of data haven. The basic concept is straight out of Neal Stephenson's Cryptonomicon, although the idea has been around longer then that.
Someone, in a free country with good laws and a good legal system (i.e. not the US), supported by hackers and privacy supporters all over the world, should set up some really big servers. These could host reverse engineered open-source programs, cryptography software, text documents, and other free speech related stuff.
Programs like deCSS could be hosted there, immune to the machinations of lawyers here. We need something like this now. It will be essential if reverse-engineering does become illegal in the US, affecting software like Samba and hundreds of other useful programs.
Questions I would really like answered: - Does something like this exist already? - If so, can I support it? - What would be a good country to do this in?
I want to encourage everyone to follow Maxmenos' suggestions above. I don't have words for how appalled I am. However, I just joined the EFF 5 minutes ago.
Come on, go do it now! All that is required for evil to triumph is for good people to do nothing.
As the EFF press release says:
"Today's decision is a major wake up call for the $30 billion Linux community," said EFF Co-founder John Gilmore. "If Judge Kaplan's reading of the DMCA holds, then it will become illegal to build open source products that can interoperate and/or compete with proprietary ones for displaying copyrighted content."
(Yeah, this is redundant. But it's worth repeating.)
Hey Nitrozac. I browse at +2 and I've never seen a petrified post except for a couple that got moderated up as Funny. (except when I'm moderating, and I browse at -1, or when I'm meta moderating and get to approve of people moderating the petrified posts down).
I agree those posts are the worst thing on Slashdot. We should try to get rid of them. But, banning IP's is a bad idea. People can change their IPs, and sometimes many people can be behind the same IP.
I think that allowing posting only by logged in users is a good idea. However, logged in people should still be able to post anonymously - but moderation of their anonymous comments should still apply to them. I also like the idea of people temporarily losing the right to post every time they get moderated down to -1. That would get rid of a lot of the petrified stuff, and would be nice.
But mainly, I think Slashdot works ok. It's certainly better then the newsgroups, which I gave up on six years ago. In the meantime, I think you need to change your viewing options. Aren't the default viewing options +2? If not, I certainly think they should be. We don't want new users to see all the crap unless they want to.
I agree with almost everything you say... but have one minor nit to pick.
An individual ethernet card is fundamentally a serial device, as you say. But don't many large servers have several network cards? I know the big Mindcraft server benchmarks used quad CPU, quad ethernet cards.
If you made a webserver that knew about transport, it would have to know about dealing with multiple ethernet cards, right? And what if it's not ethernet, but FDDI or something exotic? Perhaps this would be more trouble than it's worth? Especially if the gains were small - as you point out, 20% improvements aren't that big a deal.
On the other hand, isn't there a web server-in-a-kernel module designed for pure speed? Maybe it knows about transport, or could be extended that way...
That's a bad situation you paint. But as long as Matrox, ATI, and 3dfx keep their hardware specifications open, it cannot happen.
That's what's great about open source. Even if Matrox gives up on writing drivers, and Precision Insight dries up and blows away, and nVidia forms an alliance with AOL Time Warner, RedHat, and VA Linux, and the trumpets blow, and the four horsemen of the apocrapalypse come thundering out of the clouds...
...it doesn't matter, because we will have source. And John Carmack likes the G400 and is working on the driver. So are a lot of other smart, less famous people. So I'll be able to play Quake III anyway.
(And people who do actual work with OpenGL will be able to do that, too.)
A suspicious person (who, me?) might think that the reason nVidia is participating in this effort is so that they can "support linux" _without_ having to release specs for their hardware. Bah.
I have a TNT2 and I like the performance, but I've been burned in the past by unsupported hardware. So, I've made up my mind to only buy hardware with open-source drivers in the future.
The Matrox G400 MAX is looking like the choice for my next machine... (ooo! DualHead!) but maybe nVidia will see the light, open the source, and I'll get a geForce (ooo! T&L!)
>>Computers are just simple turing machines. This means that everything they do is utterly predictable.
>That statement can't be proven, because it's false. To site just the example I'm most familiar with, genetic algorithms and genetic programming have produced results that are unpredictable
While you might be right, your example sucks. Genetic algorithms are very simple. They are predictable. Every time you run the genetic programming software with the same inputs, you get the same outputs. If you had enough time, you could dump out the entire execution trace of the program and read though it and understand every single thing that the program did, and why.
There are no computer programs in existence that are unpredictable in the sense that humans are unpredictable.
Now, I am not claiming that such a thing is impossible. Perhaps we will eventually understand human brains so well that we will be able to say that humans are, in principle, predictable as well. Or perhaps we will discover that human brains use some sort of quantum process (Roger Penrose's theory, IIRC). But if we discover that, then we could reverse engineer it and build it into computers to give them the same capabilities.
But we aren't there yet. A genetic algorithm which comes up with interesting designs isn't even close - most genetic algorithms are just a random walk in some problem space, and the fitness testing part of the genetic algorithm program works for finding local maxima which correspond to good solutions to the problem.
They are interesting engineering, but really, there not that interesting from a theoretical point of view.
If someone was to discover that NP=P, that would be the biggest and most significant event in the field of computer science and mathematics since... um.... since forever, really.
It is not just a "guess". Sure, it has not been proven that NP != P. But most computer scientists strongly believe that P!=NP. Calling it a guess is like saying that Stephen Hawking "guesses" that the universe started with a Big Bang.
When I die, the first question I ask God will be... "So, what's with the P!=NP thing?":-)
So now this Harel decides that a problem is insoluble? [...] Who does this guy thinks he is, the All-knowing deus?
(sigh). No, no, no. Go study some theoretical computer science before you attack researchers who actually know something about it.
There are large classes of interesting problems which are incomputable. And that's not just because some PhD said "I tried for four years to solve this problem, and I couldn't figure out how to do it, so it must be incomputable."
Incomputable is a technical term in computer science. Problems can be proved incomputable. These proofs are not trivial. They usually are based on a formal, mathematical model of a computer. If some problem P is proved incomputable, and if the proof is correct, then no real computer that has the same limitations as the "model" computer will ever be able to solve the problem either. It has nothing to do with speed or memory, either. These problems are simply not solvable with our current models of computatation.
Now, IIRC, the "Church-Turing-Tarski Thesis" states that all reasonable (realistic) models of computation will have the same limitations, so if that theorem is true, then no computer will ever solve these problems.
So, any research effort to try to solve the problem with current computers is totally futile. It would be like trying to find a solution to the equation "n * 0 = 100".
You are correct that sometimes, trying to solve a problem yields other results. The way to try to solve these problems is to try to find an alternative model of computation, and prove that it is not resticted to the same class of problems as existing computers.
For example, there is some interesting research being done on the limits of quantum computation. Perhaps quantum computers will be able to solve a larger class of problems. That might disprove the Church-Turing-Tarski thesis.
The reason people should read this book is that many, many programmers out there do not have a theoretical computer science background. People who are self taught, or took a two year course from a technical school may be highly skilled programmers - I don't want to diss them. But they probably don't understand the limits of computation, and that might get them into trouble someday.
And I haven't even mentioned intractability - the gigantic class of problems that we don't know how to solve quickly when the problem gets large. For example, many optimization problems seem easy on paper when you have a set of 2 or 3 objects. You code up a little demo program that can handle 10 to 20 objects. It seems a little slow, but you figure you can optimize it and find a better algorithm, and use a faster computer. Meanwhile Marketing is promising people that you will be able to solve the problem with 1000 objects.
Maybe you work on the problem for months and never solve it and get fired. Or maybe you discover that the problem is intractable - NP-complete, for example - and that there is no known algorithm to solve the problem, and probably isn't one, and even the fastest imaginable computer using the best known algorithm could only handle 50 objects.
This is why everyone should read a little about intractability and incomputability. Ok enough ranting, back to work. Torrey Hoffman (Azog)
1500 is not that expensive compared to the average Microsoft certification, at least here in Canada. A friend of mine is doing MSCE. And, I'm sure you don't have to do all the distribution-specific exams. Surely one or two would suffice.
I would be interested in doing tests like this, not because I think I couldn't learn it on my own, but because the tests would make sure I didn't miss anything.
A lot of people here are talking about "learning it on your own", and I fully support that - it's how I learned almost everything I use on a day to day basis (a Msc in computer science doesn't actually get you too far actually _programming_) But... when you learn on your own you sometimes miss things. You can get wrong ideas about how things work that perhaps wouldn't be corrected by small at-home network experiments, or the FAQs.
It's hard to cover every little area with self-directed study. I think a combination is best: some courses, or at least some really good books to provide an overview of all the areas and subjects worth knowing and some basic facts. Then lots of experimentation and digging through the documents and code to really, really understand it deeply.
Yeah, right. Try to find a compliant company for anything you buy. Get them to put it in writing. (They won't, of course). It is difficult to find out who is and is not compliant. Companies release meaningless, optimistic, reports that have been edited by the legal department to be content free.
"We fully expect... we are very confident... we have spent a lot of money and time preparing... blah blah blah."
But never "We completed repairs on all our hardware and software on June 10, 1999, and have been running extensive system testing since then. No significant problems have been found in the repaired systems."
If I saw a few reports like that, I'd be much more confident about the Y2K outcome.
You can't brute force it because you can get anything out of it.
Suppose the cryptotext is 120987210983109321387939
and you try "key" (in the brute force sense) 094502308749382827388383 and get a decode: "Sell 1000 of MSFT now"
but how do you know that you shouldn't have used key 398320975298732932990239 which produces the decode "Buy 2390 of RHAT now" ?
The point with one-time pads is that you can get any plaintext just by changing the decode key. This is why it there is no way to brute-force or otherwise break one-time pads. But for the system to work, they really have to be one time.
This doesn't happen with other forms of cryptography, because normally only one key produces anything resembling plain text, and all other keys produce garbage. (Of course, most decode keys for one-time pads give you garbage too).
Sadly, the article contains many factual errors and editing slip-ups such as repeated and misplaced sentences.
Definitions are suspect and inconsistently used. For example, their use of the term "spoofing" does not match my understanding of the word. Doesn't it usually refer to forging packets? But I might be wrong.
Some of the arguments seem incoherent, and many statements are unsubstantiated.
For example, in the "Beyond the hype" section, an argument is made that terrorist attacks on the infrastructure might not be effective because the infrastructure fails often anyway. This ignores the significant difference between normal failure modes and a planned terrorist attack. They could have done better - I wrote some comments on physical infrastructure attacks in the original Slashdot article, and other comments from people with more knowlege than I did as well.
The statement "Any system put together in the last few years will have been implemented with security in mind" is simply false, with many counterexamples available.
Really, the commentary on the original Slashdot article asking for input was more interesting and informative. I expected Janes to go beyond that with some really interesting research.
Well, I disagree with you. I know a lot about the problem. But I think there is a high probability of significant problems that will affect many people. I am not frightened - I am prepared.
Some facts to keep in mind:
44% of MAJOR corporations will NOT have their mission critical systems fixed by January. (Source: Cap Gemini, see this ComputerWorld article). And over half a million small companies are fixing nothing in advance, instead hoping to fix on failure.
Only 13% of small and midsize chemical and petroleum firms in the United States have completed preparations. Many of these are close to residential areas, and an accident could be a significant health risk.
The US FDA says 4053 high-risk biomedical devices remain noncompliant, and more than half of health-care providers will not be ready.
The IRS (yes the IRS!) is still doing INVENTORY of the computers in their field offices, and will almost certainly not be completely ready in time.
The US State Dept: "80 countries are at moderate to high risk, and there will be failures at every economic level in every region of the world."
Economic disruption is inevitable. It is impossible to predict how bad it will be, as that will depend on what systems fail and how long it will take to repair them. Even if every computer system in North America was completely fixed, we are dependent on trade with many countries who are far, far behind. Like Japan and Germany.
I am no doomsayer - I think North American banks and stock markets are probably OK, and the electrical grid is probably mostly fixed and will work. So civilization will not come to an end.
Don't panic. But don't believe that just because people are working on it, that it will be done in time. That is apparently your opinion - maybe you can explain why nearly all software projects are late, buggy, and over budget? Do you think that Y2K repairs will somehow be immune to these inevitable problems?
You blame the media for being uninformed. I agree - but I think they are far to likely to swallow the happy-happy joy-joy stories of official spokespeople and ignore the very real problems that are out there.
Not everything will be fixed. Your life may be affected, hopefully only in small ways. Deal.
Slashdot Mirror
Setting up Windows 95 on a new system is a PAIN. Linux is better (and has problems, too, but that's a different article.)
/s flag to install the system files.
How To Set Up Windows 95
This is how I set up Windows 95 to achieve a reasonably stable system for playing games - the only thing I do with Win95.
1. FDisk the hardrive if neccessary. Too bad if you've never heard of FDisk. Reboot when done.
2. Format your partitions. Don't forget the
3. Install Windows 95. (I assume OSR2.) I hope your boot diskette included CD ROM drivers! Reboot when done.
4. Install the Intel chipset drivers for your post-1996 motherboard. Windows will not tell you to do this, but if you don't, you will have Problems. Reboot when done.
5. Install the USB supplement for OSR2 (Undocumented feature - this also enables AGP). Finding the USB supplement on Microsoft's web site is left as an exercise for the reader. Reboot when done.
6. Install drivers for your video card. Reboot when done.
7. Install Intellimouse software for full mouse wheel support. Reboot.
8. Install Microsoft DialUp Networking 1.3 to fix many, many bugs in the DUN that comes with Win95. Reboot, of course.
9. Install a big set of mostly network and security upgrades. Some of these may not be neccessary, but who can tell? There is no documentation! (secupd2, vtcpupd, w95grey, winsock2, winsockup). Reboot. Of course.
Microsoft (at least the research dept.) is aware of upcoming high-resolution devices. The latest issue of MSDN News has an article called "Five Centuries of UI Design" that talks about a new font smoothing technique specially designed for laptops called "ClearType". Instead of treating the three dots of red, blue and green as a single greyscale pixel, this new tech uses them each individually to increase the visual resolution for text by three times - smooth edges, but still sharp text.
In the article they mention that ClearType in combination with the upcoming 200dpi polysilicon devices will produce images "easier to read than most of the print we read today".
Anyway, some random notes:
- Betcha Microsoft will make it illegal to reverse engineer ClearType.
- Do the math on a 4000x3000 pixel screen - lets assume it's actually 4096 by 3072. That's 12,582,912 pixels. At 32 bpp, that's 48 MB of memory required for a single framebuffer. Double that for double-buffering, add a load of memory for textures, pixmaps, etc, and we will see graphics cards with 128 MB and up.
Yow!
Torrey Hoffman (Azog)
MS Office may not be using the regular Win32 API for menus. That doesn't mean it's a conspiracy. It is possible for programs to do "fake menus" which are really just regular windows drawn to look like menus, responding to mouse movement, etc. This can be done using published Win32 API's.
Most people wouldn't bother, because it's a hassle. But, if you want really advanced features for your menus, you do your own. One problem with doing this is it can break other programs, like screen readers for the blind or voice control apps for the physically impaired that hook into the regular API's.
Office has stuff like tear-off menus, menus that are actually on movable toolbars, multiple sets of menus, a different font on menus, icons in menus, etc. The regular Win32 menus API don't support these features, so I'm sure they aren't using it. In fact, I think there is an option somewhere in Office to explicitly turn on "real" menus to improve compatibility with other programs. Or maybe that's in dev studio 6?
I have no great love of Microsoft - my job is writing Win32 applications on NT, and I've actually had to mess around with menu code. I have written apps that did dynamic menus, and I know from experience that the standard API is quite limited.
Of course, if the same Office programs that didn't have fading menus on early betas do have them now... that looks more suspicious. But even then, it could just be that the release Win2K includes updated MS Office DLL's that independently produce the same fading window effect, again using published API's.
Torrey Hoffman (Azog)
I read with interest your recent article on the Andover / VA Linux merger.
Unfortunately, it was marred by a significant error on your part. You appear to believe that VA Linux is a software company, and will thus be in competition with Red Hat and other distribution companies. Therefore, your logic goes, it is inevitable that Andover and Slashdot will be biased against Red Hat.
However this argument is based on a faulty premise. VA Linux is not a software company, they are a hardware company. In fact, it is apparently possible to purchase VA Linux servers with Red Hat software preinstalled.
To quote from "http://www.valinux.com/products/software.html":
"Although we do not create our own distribution, VA optimizes the Linux kernel for each system type and includes the most popular Linux distributions preinstalled."
That kind of wrecks your whole argument, doesn't it?
BTW, I am not associated with VA Linux, Redhat, or any other Linux company, so I have no conflict of interest. But I like reading Slashdot.
You, on the other hand, work for a content company. A really big one, in fact. And Andover is a content company. Perhaps you have a conflict of interest that affected the accuracy of your article?
(This email has also been posted as a comment on Slashdot, which covered your story).
Torrey Hoffman
Azog on Slashdot
Here's the core of an email I just sent as an update to the unmaintainable code document.
y (pSuccImpact))
// Act 1.2.4.6.4.11.7 recompute firing degrees, given different predecessors
// (this is identical to Act 1.2.4.6.3.13)
// Then propagate I2, given that its firing degrees may have changed
// No other predecessors, so depropagate I2 also (recursion)
// Act 1.2.4.6.4.11.10 Then kill impact I2
But my experience is so awful I must share the agony with as many as possible. So here you are - another way to write unmaintainable code...
(cue creepy music)
--------------------------------------
When implementing a very complicated algorithm, use the classic software engineering principles of doing a sound design before beginning coding. Write an extremely detailed design document that describes each step in a very complicated algorithm. The more detailed this document is, the better.
In fact, the design doc should break the algorithm down into a hierarchy of structured steps, described in a hierarchy of auto-numbered individual paragraphs in the document. Use headings at least 5 deep. Make sure that that when you are done, you have broken the structure down so completely that there are over 500 such auto-numbered paragraphs. For example, one paragraph might be: (this is a real example)
1.2.4.6.3.13 - Display all impacts for activity where selected mitigations can apply
(short pseudocode omitted).
THEN... (and this is the kicker) when you write the code, for each of these paragraphs you write a corresponding global function named:
Act1_2_4_6_3_13()
Do not document these functions. After all, that's what the design document is for! HAHAHAHAHAHA!
Since the design doc is auto-numbered, it will be extremely difficult to keep it up to date with changes in the code (because the function names, of course, are static, not auto-numbered.) This isn't a problem for you because you will not try to keep the document up to date. In fact, do everything you can to destroy all traces of the document.
Those who come after you should only be able to find one or two contradictory, early drafts of the design document hidden on some dusty shelving in the back room near the dead 286 computers.
---------------------------
Here's a real-life typical code snippet produced using this diabolical method:
if (pProject->GetSecImpactStore()->ConnectedToPrimar
{
wPrevFD= pSuccImpact->GetFD();
wPrevECD= pSuccImpact->GetECD();
wPrevEUCD= pSuccImpact->GetEUCD();
Act1_2_4_6_3_13(pSuccImpact, pProject->GetSecImpactStore());
Act1_2_4_6_4(pSuccImpact, wPrevFD, wPrevECD, wPrevEUCD, pInfEng, pProject, pSecRules);
}
else
{
if (!pStack->IsMember(pSuccImpact))
{
Act1_2_4_6_4_11( pInfEng, pProject, pSuccImpact, pSecRules, pStack );
Act1_2_4_6_4_11_10( pInfEng, pProject, pSuccImpact, pProject->GetSecImpactStore() );
}
}
This goes on for thousands of lines.
--------------------------------------
Thank you for sharing my pain.
Torrey Hoffman (Azog)
Your post has a lot of good points, especially that even if the NSA can break PGP, as soon as they start to _use_ that capability the cat will be out of the bag and everyone will know it.
BUT....
you meant "source code to an algorithm that can factor large numbers INTO primes in linear time".
Factoring primes is easy. I'm sure you knew that. But I would hate for anyone else to be confused - it's such a common mistake.
Apparently, even Bill Gates (or more likely, his ghost writer) made this mistake in the first edition of "The Road Ahead".
Torrey Hoffman (Azog)
This reminds me of an older (80's?) scifi book, "Cyberbooks" by Ben Bova IIRC. It predated the whole WWW and all the little handheld computers.
An approximate quote from the book:
(naive inventor-type character): "So, with my new invention, we can get and read books without having to go to a store, find them, and buy them! We don't need to print them, truck them across the country, stock them in warehouses, track them in inventory, put them on store shelves, or any of those hassles! It will be great! You'll just buy one cyber-pad, and then adding books to it will be cheap and easy!"
(older, worldly-wise character looks around nervously) "Shhh, keep it down, kid. You're going to get us killed! Don't you see how many jobs you could eliminate with this thing? Don't you realize how big and powerful the publishing and bookstore companies are?"
Once again, science fiction predicted the future. I'll have to dig that book out and read it again.
Torrey Hoffman (Azog)
You have some good points regarding BSD and IBM.
But really, you can't seriously say that a Linux monopoly would be indistinguishable from a Windows monopoly! It's the source! You always have the source!
You claim it's not really an open-source revolution, but a Linux revolution. I completely disagree! I think one important reason why Linux has grabbed so much mindshare is the GPL.
BSD uses a different license - fair enough, I have no problem with people choosing whatever license they want to release code. But, if I am writing code for free, to give away, I don't want to see that code used for profit by companies that have burned me before. I'm a developer, mostly for Windows at the moment, and I've been burned by Microsoft in the past. Microsoft can use BSD-licensed code, "extend" it, and sell it for profit. Why would I want to support that? That's why I would use the GPL, implicitly would aligning myself with Linux rather than BSD.
And your comments on a Linux "Ruling Class" don't make sense. As long as the source is under the GPL, there is no ruling class. That's the whole point! It's FREE! Free to read, change, and modify! It's completely contrary to the concept of a ruling class that controls access and has special privilege!
The GPL gives you the source, remember - so you can always port to your favorite OS. Try that under the Windows monopoly - difficult, isn't it!
That's how a Linux "monopoly" would be different - the GPL makes a monopoly impossible.
Torrey Hoffman (Azog)
I've been suggesting this repeatedly over the last two days in several of these stories.
The idea of an island outside of any country is interesting, but I doubt you could find an island to purchase that isn't part of a country. Otherwise, who would you buy it from?
A more realistic option is to find a country with really good laws and decent internet connectivity (not just one or two links to the outside world).
The main criteria is that it should be impossible for big companies to get it shut down through injunctions, threats, revenge lawsuits, etc.
Uses for a data haven:
- CVS hosting for open source cryptography software
- CVS hosting for reverse engineered software
- Anonymous remailer
- Encrypted mailing lists, irc chat(?) and other useful communication methods
- $cientology stuff
- the list goes on and on
The big question:
What country has good laws for setting up a data haven?
Other questions:
- Is there something stupid about this idea that I don't realize?
- Does something like this exist already?
- If so, can I support it?
- What would it take to start one?
Some suggestions from previous responses:
- from slashdot user "Nimmy": Forget an untouchable country, instead build distributed data havens. Nimmy is starting a project for this. www.nimlabs.org.
- from slashdot user "ralphclark": These already exist as warez sites. Just use the warez sites techniques.
I appreciate both of these responses. But they don't really achieve what I would like to see: a well known url and site that people can proudly point to and say "See that! All that freedom enhancing, privacy protecting code, right there in the open for everyone to easily find, use and contribute to."
Torrey Hoffman (Azog)
I asked this before over in Katz' latest column, but didn't get much in responses.
I'm surprised that the idea of data haven isn't seriously being considered by open source and free speech advocates. The basic concept is straight out of Neal Stephenson's Cryptonomicon, although the idea has been around longer then that.
Someone, in a free country with good laws and a good legal system (i.e. not the US), supported by hackers and privacy supporters all over the world, should set up some servers. These could host reverse engineered open-source programs, CVS repositories, cryptography software, text documents, and other free speech related stuff.
Programs like DeCSS could be hosted there, immune to search and seizure, and out of reach of lawsuits that are only started to bully and threaten.
We need something like this now! It will be essential if reverse-engineering does become illegal in more places, affecting software like Samba and hundreds of other useful programs.
Questions I would really like answered:
- Is there something stupid about this idea that I don't realize?
- Does something like this exist already?
- If so, can I support it?
- What would be a good country to do this in?
- What would it take to start one?
One active response that I'm surprised isn't mentioned more often is the idea of data haven. The basic concept is straight out of Neal Stephenson's Cryptonomicon, although the idea has been around longer then that.
Someone, in a free country with good laws and a good legal system (i.e. not the US), supported by hackers and privacy supporters all over the world, should set up some really big servers. These could host reverse engineered open-source programs, cryptography software, text documents, and other free speech related stuff.
Programs like deCSS could be hosted there, immune to the machinations of lawyers here. We need something like this now. It will be essential if reverse-engineering does become illegal in the US, affecting software like Samba and hundreds of other useful programs.
Questions I would really like answered:
- Does something like this exist already?
- If so, can I support it?
- What would be a good country to do this in?
I want to encourage everyone to follow Maxmenos' suggestions above. I don't have words for how appalled I am. However, I just joined the EFF 5 minutes ago.
Come on everyone - Use the slashdot effect for good. Join EFF! It's a secure site, and it starts at $20!
Come on, go do it now! All that is required for evil to triumph is for good people to do nothing.
As the EFF press release says:
"Today's decision is a major wake up call for the $30 billion Linux community," said EFF Co-founder John Gilmore. "If Judge Kaplan's reading of the DMCA holds, then it will become illegal to build open source products that can interoperate and/or compete with proprietary ones for displaying copyrighted content."
(Yeah, this is redundant. But it's worth repeating.)
Hey Nitrozac. I browse at +2 and I've never seen a petrified post except for a couple that got moderated up as Funny. (except when I'm moderating, and I browse at -1, or when I'm meta moderating and get to approve of people moderating the petrified posts down).
I agree those posts are the worst thing on Slashdot. We should try to get rid of them. But, banning IP's is a bad idea. People can change their IPs, and sometimes many people can be behind the same IP.
I think that allowing posting only by logged in users is a good idea. However, logged in people should still be able to post anonymously - but moderation of their anonymous comments should still apply to them. I also like the idea of people temporarily losing the right to post every time they get moderated down to -1. That would get rid of a lot of the petrified stuff, and would be nice.
But mainly, I think Slashdot works ok. It's certainly better then the newsgroups, which I gave up on six years ago. In the meantime, I think you need to change your viewing options. Aren't the default viewing options +2? If not, I certainly think they should be. We don't want new users to see all the crap unless they want to.
And I like your comic strip, by the way.
Torrey Hoffman (Azog)
I agree with almost everything you say... but have one minor nit to pick.
An individual ethernet card is fundamentally a serial device, as you say. But don't many large servers have several network cards? I know the big Mindcraft server benchmarks used quad CPU, quad ethernet cards.
If you made a webserver that knew about transport, it would have to know about dealing with multiple ethernet cards, right? And what if it's not ethernet, but FDDI or something exotic? Perhaps this would be more trouble than it's worth? Especially if the gains were small - as you point out, 20% improvements aren't that big a deal.
On the other hand, isn't there a web server-in-a-kernel module designed for pure speed? Maybe it knows about transport, or could be extended that way...
Someone who knows more than me can step in now...
That's a bad situation you paint. But as long as Matrox, ATI, and 3dfx keep their hardware specifications open, it cannot happen.
That's what's great about open source. Even if Matrox gives up on writing drivers, and Precision Insight dries up and blows away, and nVidia forms an alliance with AOL Time Warner, RedHat, and VA Linux, and the trumpets blow, and the four horsemen of the apocrapalypse come thundering out of the clouds...
...it doesn't matter, because we will have source. And John Carmack likes the G400 and is working on the driver. So are a lot of other smart, less famous people. So I'll be able to play Quake III anyway.
(And people who do actual work with OpenGL will be able to do that, too.)
A suspicious person (who, me?) might think that the reason nVidia is participating in this effort is so that they can "support linux" _without_ having to release specs for their hardware. Bah.
I have a TNT2 and I like the performance, but I've been burned in the past by unsupported hardware. So, I've made up my mind to only buy hardware with open-source drivers in the future.
The Matrox G400 MAX is looking like the choice for my next machine... (ooo! DualHead!) but maybe nVidia will see the light, open the source, and I'll get a geForce (ooo! T&L!)
Thanks, yes, you are completely correct - another case of "I should have previewed one more time".
Torrey Hoffman (Azog)
There are no computer programs in existence that are unpredictable in the sense that humans are unpredictable.
Now, I am not claiming that such a thing is impossible. Perhaps we will eventually understand human brains so well that we will be able to say that humans are, in principle, predictable as well. Or perhaps we will discover that human brains use some sort of quantum process (Roger Penrose's theory, IIRC). But if we discover that, then we could reverse engineer it and build it into computers to give them the same capabilities.
But we aren't there yet. A genetic algorithm which comes up with interesting designs isn't even close - most genetic algorithms are just a random walk in some problem space, and the fitness testing part of the genetic algorithm program works for finding local maxima which correspond to good solutions to the problem.
They are interesting engineering, but really, there not that interesting from a theoretical point of view.
Torrey Hoffman (Azog)
If someone was to discover that NP=P, that would be the biggest and most significant event in the field of computer science and mathematics since... um.... since forever, really.
:-)
It is not just a "guess". Sure, it has not been proven that NP != P. But most computer scientists strongly believe that P!=NP. Calling it a guess is like saying that Stephen Hawking "guesses" that the universe started with a Big Bang.
When I die, the first question I ask God will be... "So, what's with the P!=NP thing?"
Torrey Hoffman (Azog)
There are large classes of interesting problems which are incomputable. And that's not just because some PhD said "I tried for four years to solve this problem, and I couldn't figure out how to do it, so it must be incomputable."
Incomputable is a technical term in computer science. Problems can be proved incomputable. These proofs are not trivial. They usually are based on a formal, mathematical model of a computer. If some problem P is proved incomputable, and if the proof is correct, then no real computer that has the same limitations as the "model" computer will ever be able to solve the problem either. It has nothing to do with speed or memory, either. These problems are simply not solvable with our current models of computatation.
Now, IIRC, the "Church-Turing-Tarski Thesis" states that all reasonable (realistic) models of computation will have the same limitations, so if that theorem is true, then no computer will ever solve these problems.
So, any research effort to try to solve the problem with current computers is totally futile. It would be like trying to find a solution to the equation "n * 0 = 100".
You are correct that sometimes, trying to solve a problem yields other results. The way to try to solve these problems is to try to find an alternative model of computation, and prove that it is not resticted to the same class of problems as existing computers.
For example, there is some interesting research being done on the limits of quantum computation. Perhaps quantum computers will be able to solve a larger class of problems. That might disprove the Church-Turing-Tarski thesis.
The reason people should read this book is that many, many programmers out there do not have a theoretical computer science background. People who are self taught, or took a two year course from a technical school may be highly skilled programmers - I don't want to diss them. But they probably don't understand the limits of computation, and that might get them into trouble someday.
And I haven't even mentioned intractability - the gigantic class of problems that we don't know how to solve quickly when the problem gets large. For example, many optimization problems seem easy on paper when you have a set of 2 or 3 objects. You code up a little demo program that can handle 10 to 20 objects. It seems a little slow, but you figure you can optimize it and find a better algorithm, and use a faster computer. Meanwhile Marketing is promising people that you will be able to solve the problem with 1000 objects.
Maybe you work on the problem for months and never solve it and get fired. Or maybe you discover that the problem is intractable - NP-complete, for example - and that there is no known algorithm to solve the problem, and probably isn't one, and even the fastest imaginable computer using the best known algorithm could only handle 50 objects.
This is why everyone should read a little about intractability and incomputability. Ok enough ranting, back to work.
Torrey Hoffman (Azog)
1500 is not that expensive compared to the average Microsoft certification, at least here in Canada. A friend of mine is doing MSCE. And, I'm sure you don't have to do all the distribution-specific exams. Surely one or two would suffice.
I would be interested in doing tests like this, not because I think I couldn't learn it on my own, but because the tests would make sure I didn't miss anything.
A lot of people here are talking about "learning it on your own", and I fully support that - it's how I learned almost everything I use on a day to day basis (a Msc in computer science doesn't actually get you too far actually _programming_) But... when you learn on your own you sometimes miss things. You can get wrong ideas about how things work that perhaps wouldn't be corrected by small at-home network experiments, or the FAQs.
It's hard to cover every little area with self-directed study. I think a combination is best: some courses, or at least some really good books to provide an overview of all the areas and subjects worth knowing and some basic facts. Then lots of experimentation and digging through the documents and code to really, really understand it deeply.
Yeah, right. Try to find a compliant company for anything you buy. Get them to put it in writing. (They won't, of course).
It is difficult to find out who is and is not compliant. Companies release meaningless, optimistic, reports that have been edited by the legal department to be content free.
"We fully expect... we are very confident... we have spent a lot of money and time preparing... blah blah blah."
But never "We completed repairs on all our hardware and software on June 10, 1999, and have been running extensive system testing since then. No significant problems have been found in the repaired systems."
If I saw a few reports like that, I'd be much more confident about the Y2K outcome.
Torrey (Azog) Hoffman
You can't brute force it because you can get anything out of it.
Suppose the cryptotext is
120987210983109321387939
and you try "key" (in the brute force sense)
094502308749382827388383 and get a decode:
"Sell 1000 of MSFT now"
but how do you know that you shouldn't have used key
398320975298732932990239
which produces the decode
"Buy 2390 of RHAT now" ?
The point with one-time pads is that you can get any plaintext just by changing the decode key. This is why it there is no way to brute-force or otherwise break one-time pads. But for the system to work, they really have to be one time.
This doesn't happen with other forms of cryptography, because normally only one key produces anything resembling plain text, and all other keys produce garbage. (Of course, most decode keys for one-time pads give you garbage too).
Torrey Hoffman (Azog)
Sadly, the article contains many factual errors and editing slip-ups such as repeated and misplaced sentences.
Definitions are suspect and inconsistently used. For example, their use of the term "spoofing" does not match my understanding of the word. Doesn't it usually refer to forging packets? But I might be wrong.
Some of the arguments seem incoherent, and many statements are unsubstantiated.
For example, in the "Beyond the hype" section, an argument is made that terrorist attacks on the infrastructure might not be effective because the infrastructure fails often anyway. This ignores the significant difference between normal failure modes and a planned terrorist attack. They could have done better - I wrote some comments on physical infrastructure attacks in the original Slashdot article, and other comments from people with more knowlege than I did as well.
The statement "Any system put together in the last few years will have been implemented with security in mind" is simply false, with many counterexamples available.
Really, the commentary on the original Slashdot article asking for input was more interesting and informative. I expected Janes to go beyond that with some really interesting research.
Disappointing.
Torrey (Azog) Hoffman
Well, I disagree with you. I know a lot about the problem. But I think there is a high probability of significant problems that will affect many people. I am not frightened - I am prepared.
Some facts to keep in mind:
44% of MAJOR corporations will NOT have their mission critical systems fixed by January. (Source: Cap Gemini, see this ComputerWorld article). And over half a million small companies are fixing nothing in advance, instead hoping to fix on failure.
Only 13% of small and midsize chemical and petroleum firms in the United States have completed preparations. Many of these are close to residential areas, and an accident could be a significant health risk.
The US FDA says 4053 high-risk biomedical devices remain noncompliant, and more than half of health-care providers will not be ready.
The IRS (yes the IRS!) is still doing INVENTORY of the computers in their field offices, and will almost certainly not be completely ready in time.
The US State Dept: "80 countries are at moderate to high risk, and there will be failures at every economic level in every region of the world."
Economic disruption is inevitable. It is impossible to predict how bad it will be, as that will depend on what systems fail and how long it will take to repair them. Even if every computer system in North America was completely fixed, we are dependent on trade with many countries who are far, far behind. Like Japan and Germany.
I am no doomsayer - I think North American banks and stock markets are probably OK, and the electrical grid is probably mostly fixed and will work. So civilization will not come to an end.
Don't panic. But don't believe that just because people are working on it, that it will be done in time. That is apparently your opinion - maybe you can explain why nearly all software projects are late, buggy, and over budget? Do you think that Y2K repairs will somehow be immune to these inevitable problems?
You blame the media for being uninformed. I agree - but I think they are far to likely to swallow the happy-happy joy-joy stories of official spokespeople and ignore the very real problems that are out there.
Not everything will be fixed. Your life may be affected, hopefully only in small ways. Deal.
Torrey (Azog) Hoffman