At DefCon last weekend, we announced Mojo Nation, a content-neutral, efficient file sharing system.
In order to have a truly scalable, truly efficient shared filesystem, you need an accounting mechanism to reward people who contribute and to control leeches who consume more than they offer. Mojo Nation offers this, in the form of a fake currency called "Mojo". You can think of it as a "universal upload/download credit" -- whenever your machine connects to the Mojo Nation network and starts serving up files, it is earning Mojo for you, which you can spend to download files yourself.
Note that all Mojo payments are between individual users -- if you want to use someone else's disk space or bandwidth, you pay them in Mojo, not us. Mojo Nation is highly distributed network and even if Autonomous Zone Industries (the parent company) were to vanish from the face of the earth tomorrow, Mojo Nation would continue.
Mojo Nation just stores bits, and the user interface is HTML and is viewed through your web browser, so it is useful for all kinds of files.
When searching for files, you use a search form which is generated from an XML template. Any user can invent a new content type simply by writing a 5-line XML blurb showing what fields and values people might want to search on.
We've already generated templates for music, Gutenberg Press e-texts, world wide web pages, and Debian packages, but we intend to have basically every content type in the MIME content type lists. Also you can generate your own templates and upload them to our SourceForge CVS server.
Check us out on SourceForge and sign up for the mailing list. And download the software and set up a server and start earning Mojo!
Hi! I'm Zooko, Chief Hunchback at Evil Geniuses For A Better Tomorrow.
Until last Saturday, Mojo Nation was a secret project that only four coders had ever touched. As of Saturday, it became a public open source project.
We have a lot of work to do, starting by fixing the bugs in the beta and writing protocol documentation.
I just wanted to make it clear that the "tipping" feature is intended for users to voluntarily pay the legitimate content provider who deserves the credit for the content that you are viewing. This is separate from the Mojo payments that you pay to other users in return for use of their disk space and bandwidth.
Also I want to point out that Mojo Nation is useful for any type of content. You can define a new content type by editing a simple XML template. We currently have templates for music, Project Gutenberg-style texts, Debian package files, and World Wide Web pages. (I couldn't find a list of the valid fields for an RPM package file at 3:00 A.M. at DefCon, so I hope someone else out there will create that template.)
I'm glad you folks are interested in Mojo Nation. I think it is a deeply important idea, and I'm really excited about it. Keep your eye on the SourceForge site -- things should start really moving now that Mojo Nation is public knowledge!
There are several issues here: peer review, architecture, algorithm and implementation.
Peer Review: At each step in the process (architecture, algorithm, and implementation), you should publish your ideas for criticism by experts. slashdot, Advogato, the Cypherpunks mailing list, sci.crypt, and the Crypto++ mailing list might (or might not) be good places to find such people.
Architecture: You should do a public key architecture where every participant has a public/private key pair and the public keys are used to sign and encrypt symmetric keys that are then used for encryption and authentication of messages. There are three feasible architectures for public key distribution. You have to choose one based upon your threat model. Almost all realistic threat models should be handled using the first option: "opportunistic public key distribution". If you don't have a threat model in mind at all then you might as well use the first option. If you do have a threat model which precludes using the first option then I'd like to hear about it -- you must be doing something very interesting indeed.
Option one: "opportunistic public key distribution". The first time any pair of people talk to one another, they exchange public keys in an un-authenticated exchange. (Also: you could just do Diffie-Hellman key generation here.) After that, they remember each other's public keys for future use. This is susceptible to an active attack (a "Man In The Middle Attack"), during the first step (though not afterwards). However the cost to the attacker of executing a MITM attack is probably far more than the payoff. This depends on your threat model.
Option two: make it the user's problem; Each user decides whether to use a given key to talk to another user or not. This is the user interface nightmare that single-handedly prevented strong crypto from becoming standard in e-mail, but for a few applications it might be the right thing.
Option three: hardcoded; Generate key pairs yourself and include them in the application. For example if you are going to have a single central server in your system which you operate then you can generate a key pair for it, put the secret key on the server, and put a copy of the public key into each copy of the client (e.g. include the public key hardcoded into the client source code). This doesn't work as well if you want to distribute copies of your server for other people to operate, but refer to "Option one"...
Algorithm: You probably just want Triple-DES and RSA (after September of this year, when RSA becomes free of patents) or else Triple-DES and Diffie-Hellman. It should be easy to switch to a different symmetric cipher later after the new ones have been peer-reviewed and tried by fire, but for starters you want the old standbys that have already withstood the test of time. They will be fast enough for you at first and if you need more speed later you can switch.
Implementation: Your first choice should be to use an extant implementation. Don't try to implement it yourself no matter how simple it looks. Satan's Computer is deceptively subtle to people who are used to hacking Murphy's Computer.
I prefer Wei Dai's Crypto++ library, but that is because I'm doing complex non-standard crypto tricks. If you just want simple "encrypt/authenticate a stream" functionality then use a TLS implementation like OpenSSL. By the way, if anyone wants to make Python wrappers for Crypto++ (possibly with the aid of Swig) then I would love to hear about it!
Okay that's my advice. Specific pitfalls to avoid are: skipping peer-review, trying to design a generalized perfect public key architecture to handle all possible threat models, using a newfangled or non-standard algorithm ("In open source hackery, newfangled is good. In crypto, not."), and implementing it yourself instead of using a library.
Please direct all flames and accolades to: zooko@schowto.mad-scientist.com
Imagine, oh poor benighted soul who does not have apt-get, how much better life would be if, next time you want to install a new package, say the "hugs" Haskell interpreter, you just type apt-get install hugs and it downloads hugs (and any other packages that hugs requires) and installs it within a few seconds. As far as I can tell hugs (and hundreds or perhaps thousands of other packages) are not available at all in pre-packaged form for RedHat.
How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.
I'd like to see a DS10 versus an Athlon system measured performing tasks that I actually need to do quickly. These include:
Compiling C and C++ programs, with complex Makefiles.
Playing whatever the latest first-person shooter or massive multiplayer RPG is.
Running interpreted Python scripts with lots of natively compiled modules.
Traversing a file system with a complex "find" and "grep" query.
Serving static web pages.
Doing RSA, triple-DES and SHA1.
Running complex Emacs LISP scripts in XEmacs.
Serving as an active server -- running Python scripts in response to (possibly many simultaneous) requests over TCP/IP.
Playing audio and video files.
Running the occasional Java program (mainly just hushmail.com).
There might be some things that I've missed. Why don't you folks chime in with what kind of tasks really matter to you. Basically any time you end up _waiting_ on the computer, or anything that would be of higher value to you if it could use more CPU cycles.
If I did scientific computing and simulation then of course I would have included that here. Hm -- in fact, I might be doing something like that on my next computer, so include something like:
Trying to categorize RNA or DNA or protein sequences using suffix arrays with dynamic programming, including sometimes large datasets.
Some sophisticated algorithm to infer categories (functional or historical) of sequences.
Randomly generating, recombining, and mutating programs in a sophisticated dynamic programming language like Haskell and then running the resulting programs; doing this a zillion times.
If some of the people who have access to both Alphas and AMDs could do some benchmarks which helped me predict the performance of these kinds of tasks I would much appreciate it. (Hint: hard disk latency might be a big issue.)
The hypothesis that Tim Sweeney presents as fact in the first paragraph ("When you read about linguistics, the study of human languages (not computer languages), a recurring theme is...") is considered to be a myth by most linguists.
Sorry I don't know of a web page explaining how Shapir-Whorf (as this hypothesis is called) has been discredited by evidence.
I was at the Bay Area Cypherpunks Physical Meeting and I overheard some ZKS officers suggesting that people should use e-gold to buy Freedom nyms. But it isn't on their web page yet, eh?
Freedom works in two ways as I understand it. First as an encrypting freedom-routing client at the IP layer of your TCP/IP stack and second as an HTTP proxy that plugs into your TCP/IP stack.
This means that it should already work with Mozilla. Anybody tried it?
Tom, it seems to me that you are excusing some of Perl's syntactic trickiness by comparing it favorably to things that are even more tricky, such as C, shell languages, Leibniz's calculus notation, regular expressions, English, etc. This seems unnecessary. Surely we can acknowledge Perl's weaknesses while still valuing the language, and the culture surrounding it, in its full context. Being aware of these problems will help everyone to use Perl more effectively and to learn from its mistakes.
I'd like to try to contrast Perl with Python in regards to "syntactic density". I haven't studied Perl and Python very deeply as languages, but I've hacked in each of them enough to have the following intuitive belief:
If you take two programs which accomplish the same fairly complex task, each written by a suitably proficient coder, one in Perl and one in Python, then there will be a lot more syntactically correct variants of the Perl program which differ from the original Perl program by a small syntactic change (which could easily be miswritten or misread), than there are syntactically correct variants of the Python program which differ from the original Python program by a comparably small syntactic change. Note that the metric that I am using to measure the "smallness" of a syntactic change is precisely the measure that we all care about: how easy it is to misread or miswrite.
If you imagine the programming language as a space with a point for each syntactially-correct program then I think Perl has a denser distribution of syntactically correct programs -- it is "syntactically dense". I hypothesize that Python is "syntactically sparse".
You gave lots of great examples of syntactically small and semantically large differences for English, C, Bourne shell, etc.. I can think of plenty of examples for Perl as well, but I can come up with only one in Python. Namely, that it is easy to miswrite (or more commonly to misedit)
for i in range(10):\n\tdoSomething()\r\tdoSomethingElse() when you meant for i in range(10):\n\tdoSomething()\rdoSomethingElse()
. I would be curious if anyone can come up with any more.
(Your example of exception versus return value is, I think, semantic rather than syntactic, but as long as we're on the subject, I further hypothesize that the typical syntactic-variant Perl program will run normally although with different behavior, while a syntactic-variant Python program is more likely to stop with a diagnostic message. I gather by second-hand quotes originally from you, Tom, that this is actually a desideratum in Perl.)
I had become quite a Python bigot last year, and I was enthusiastic enough in my praise for Python's "lack of gotchas" compared to Perl that some friends of mine actually undertook the experiment of rewriting a few non-trivial Perl scripts of theirs in Python. The conclusion was quite a shocker for me: they went back to Perl. Since then I've been trying to develop a theory of why some intelligent, competent people like Perl and others don't. (Leaving aside the obvious bias of learning, and of translating, that favors the old language over the new one.)
I think it might have to do with how good you are at rigorous symbolic manipulation, as distinct from linguistic processing. I am a very good programmer, but I am really bad at syntax. Give me a couple of weeks away from C and I'll promptly forget whether its "int[] foo;" or "int foo[];". (In fact, now that I think about it, I have forgotten the answer to that one! No wait -- the former is Java, the latter is C. Java syntax is "fresh in my mind" right now.) When I wrote the Python examples above, I had to go look up the online docs at python.org just to double-check that I wasn't embarassing myself with incorrect punctuation.
Interestingly, I am also really bad at mathematical notation, but good at natural language. I've noticed that when I'm reading a book that has equations (which I do fairly often), the words flow easily past and reveal their meaning to me, but the equations are all opaque blobs that offer no information other than how much space they take up on the page. It requires a deliberate effort and a mental "shift of gears" to stop "reading" and start dissecting the equation.
Neither of these things worry me too much. I get by just fine at programming by relying on automated tools (like verbose compilers and interpreters, and syntax-highlighting and auto-indentation in an editor) and references (like the handy little Perl summary card). I get by okay at my mathematical hobbies by reasoning in words (out loud or with my internal voice) and by building spatial models and graphs (on paper/whiteboard or in my imagination).
Hm. I wonder if someone shouldn't do a controlled experiment to see if there is a high correlation between Perl-haters and symbolically-challenged folks such as myself. Could be a paper here.:-) It also ties in with the debate in linguistics and pegagogy about how much people read natural language by using the phonological part of the words and to how much they map straight from the written symbol to the meaning.
(By the way, even though I am good at English and at Python, I can't think of anything about natural language that I would like to see in a programming language: context sensitivity? ambiguity? syntactic density? No thanks to all of it!)
Two years ago reasonable and informed people could (and did) doubt Echelon's existence. But today if you doubt Echelon's existence, then clearly you haven't been paying attention. Duncan Campbell is the man who blew the lid off Echelon, and his report in all of its detailed and independently substantiated glory is available for free on his web page.
The EchelonWatch page by the ACLU is another good source with current news.
Calm down, people. This is obviously just a mistake. If you think Corel is deliberately setting out to violate the law and torpedo their own product then you're an idiot.
Someone needs to calmly and politely point out their error and try to help them do damage control so that this incident doesn't make their target market nervous about trying Linux.
Corel is a small, struggling company and they are probably working way too hard trying to break new ground for Linux in the mainstream marketplace. Their lawyers are probably wrestling with a thousand complicated issues about how to embrace Linux and still protect Corel from the usual suite of legal threats by opportunistic consumers and predatory competitors. They are bound to make a few mistakes, but they're not trying to rip anybody off.
(Note: this is a reprint of this comment. It is more on-topic here.
The good things about Debian are that it is technically sophisticated and stable (even the so-called "unstable" versions are very stable), and that it is developed by thousands of hackers which means there are more packages and newer versions. (There are currently... 3944 packages in potato.)
The bad things about Debian are that it takes way too long between stable releases, and there isn't a GUI for install, package management, and configuration. Hopefully Corel's contributions will fix all of the bad things, making the perfect free operating system!
(Note that currently the Debianistas are undergoing a crisis about their organization and personality issues and many are dissatisfied with how things are done. I considered mentioning this chaos in the list of "bad things about Debian", but I thought about it and realized that all of the hundreds of packages that I use still work great and that from my perspective as a Debian user the only thing I can legitimately complain about is the lag time between stable releases and the lack of idiot proof, pretty GUI tools.)
(Also note that I said "the perfect free operating system" instead of "the perfect free Linux distribution", because Debian can be layered on top of any suitable kernel, in theory. Work is already progressing on Debian-GNU-Hurd. Anyone want to build up a Debian-OpenBSD for me?:-))
Read all about it in the Corel's Linux Distribution white paper or visit linux.corel.com for news and job openings...
The fastest way to truly colonize space is not to fund ridiculously expensive and mostly useless corporate welfare projects like the space station, but to spend that money on education and growing the economy. In 20 or 30 years the Space Station will be just another sad reminder of the impotent wastefulness of governments, like the moon landings and Mir, but by that same time, a wealthy and educated Earth will be ready to begin actual colonization.
I haven't done the necessary research to actually convince myself of this hypothesis, but it seems more plausible to me than the viewpoint promulgated by NASA -- that we should give them half a trillion dollars and not worry about the fact that we're not actually getting any closer to space by it.
The good things about Debian are that it is technically sophisticated and stable (even the so-called "unstable" versions are very stable), and that it is developed by thousands of hackers which means there are more packages and newer versions. (There are currently... 3944 packages in potato.)
The bad things about Debian are that it takes way too long between stable releases, and there isn't a GUI for install, package management, and configuration.
Hopefully Corel's contributions will fix all of the bad things, making the perfect free operating system!
(Note that currently the Debianistas are undergoing a crisis about their organization and personality issues and many are dissatisfied with how things are done. I considered mentioning this chaos in the list of "bad things about Debian", but I thought about it and realized that all of the hundreds of packages that I use still work great and that from my perspective as a Debian user the only thing I can legitimately complain about is the lag time between stable releases and the lack of idiot proof, pretty GUI tools.)
(Also note that I said "the perfect free operating system" instead of "the perfect free Linux distribution", because Debian can be layered on top of any suitable kernel, in theory. Work is already progressing on Debian-GNU-Hurd. Anyone want to build up a Debian-OpenBSD for me?:-))
Ouch. I've been labelled a troll. I can't see what I've done to deserve it, other than use an exclamation mark when proclaiming a relative value.
In fact my article has some useful facts and describes both the good and the bad things about the Debian distribution. It deserves a much better score.
The cypherpunks have been working on "non-erasable Internet space" for some time now. They call them "Eternity servers" and they already have some working prototypes running. If you would like to see a world where it is mathematically impossible to censor someone's web pages (without taking down the whole 'Net), then visit some of the following sites, and/or subscribe to the cypherpunks list and pitch in!
ChalTech StrongARM Board looks beautiful!
on
Tiny Linux Boxen
·
· Score: 1
Hey that article that you pointed to was most impressive. They are actually producing the first 25 boards already!
If i understand it right you can buy one of those boards for $2000, plug it into a PCI slot, and you now have 6 new CPUs, very close to your main CPU, that are each about as fast as a Pentium II/233MHz at integer operations. That is mind-bogglingly impressive, and whichever one of the slashdot editors who dropped your story on the floor deserves a demotion.
Regards,
--Z
P.S. If anyone knows of a slashdot alternative where such good stories don't get dropped on the floor and where the Penguin and Star Wars fluff and the bullshit like "Chaos Theory applied to laser communications" does get dropped on the floor, please e-mail .
This random story selection stuff
on
Tiny Linux Boxen
·
· Score: 1
Yeah, i too am wishing for a slashdot alternative. Maybe we should post to "Ask Slashdot" asking for a slashdot alternative...
Slashdot Mirror
Hi! I'm Zooko, Chief Hunchback at Evil Geniuses For A Better Tomorrow.
At DefCon last weekend, we announced Mojo Nation, a content-neutral, efficient file sharing system.
In order to have a truly scalable, truly efficient shared filesystem, you need an accounting mechanism to reward people who contribute and to control leeches who consume more than they offer. Mojo Nation offers this, in the form of a fake currency called "Mojo". You can think of it as a "universal upload/download credit" -- whenever your machine connects to the Mojo Nation network and starts serving up files, it is earning Mojo for you, which you can spend to download files yourself.
Note that all Mojo payments are between individual users -- if you want to use someone else's disk space or bandwidth, you pay them in Mojo, not us. Mojo Nation is highly distributed network and even if Autonomous Zone Industries (the parent company) were to vanish from the face of the earth tomorrow, Mojo Nation would continue.
Mojo Nation just stores bits, and the user interface is HTML and is viewed through your web browser, so it is useful for all kinds of files.
When searching for files, you use a search form which is generated from an XML template. Any user can invent a new content type simply by writing a 5-line XML blurb showing what fields and values people might want to search on.
We've already generated templates for music, Gutenberg Press e-texts, world wide web pages, and Debian packages, but we intend to have basically every content type in the MIME content type lists. Also you can generate your own templates and upload them to our SourceForge CVS server.
Check us out on SourceForge and sign up for the mailing list. And download the software and set up a server and start earning Mojo!
Regards,
Zooko
Hi! I'm Zooko, Chief Hunchback at Evil Geniuses For A Better Tomorrow.
Until last Saturday, Mojo Nation was a secret project that only four coders had ever touched. As of Saturday, it became a public open source project.
We have a lot of work to do, starting by fixing the bugs in the beta and writing protocol documentation.
I just wanted to make it clear that the "tipping" feature is intended for users to voluntarily pay the legitimate content provider who deserves the credit for the content that you are viewing. This is separate from the Mojo payments that you pay to other users in return for use of their disk space and bandwidth.
Also I want to point out that Mojo Nation is useful for any type of content. You can define a new content type by editing a simple XML template. We currently have templates for music, Project Gutenberg-style texts, Debian package files, and World Wide Web pages. (I couldn't find a list of the valid fields for an RPM package file at 3:00 A.M. at DefCon, so I hope someone else out there will create that template.)
I'm glad you folks are interested in Mojo Nation. I think it is a deeply important idea, and I'm really excited about it. Keep your eye on the SourceForge site -- things should start really moving now that Mojo Nation is public knowledge!
Regards,
Zooko
There are several issues here: peer review, architecture, algorithm and implementation.
Peer Review: At each step in the process (architecture, algorithm, and implementation), you should publish your ideas for criticism by experts. slashdot, Advogato, the Cypherpunks mailing list, sci.crypt, and the Crypto++ mailing list might (or might not) be good places to find such people.
Architecture: You should do a public key architecture where every participant has a public/private key pair and the public keys are used to sign and encrypt symmetric keys that are then used for encryption and authentication of messages. There are three feasible architectures for public key distribution. You have to choose one based upon your threat model. Almost all realistic threat models should be handled using the first option: "opportunistic public key distribution". If you don't have a threat model in mind at all then you might as well use the first option. If you do have a threat model which precludes using the first option then I'd like to hear about it -- you must be doing something very interesting indeed.
Algorithm: You probably just want Triple-DES and RSA (after September of this year, when RSA becomes free of patents) or else Triple-DES and Diffie-Hellman. It should be easy to switch to a different symmetric cipher later after the new ones have been peer-reviewed and tried by fire, but for starters you want the old standbys that have already withstood the test of time. They will be fast enough for you at first and if you need more speed later you can switch.
Implementation: Your first choice should be to use an extant implementation. Don't try to implement it yourself no matter how simple it looks. Satan's Computer is deceptively subtle to people who are used to hacking Murphy's Computer.
I prefer Wei Dai's Crypto++ library, but that is because I'm doing complex non-standard crypto tricks. If you just want simple "encrypt/authenticate a stream" functionality then use a TLS implementation like OpenSSL. By the way, if anyone wants to make Python wrappers for Crypto++ (possibly with the aid of Swig) then I would love to hear about it!
Okay that's my advice. Specific pitfalls to avoid are: skipping peer-review, trying to design a generalized perfect public key architecture to handle all possible threat models, using a newfangled or non-standard algorithm ("In open source hackery, newfangled is good. In crypto, not."), and implementing it yourself instead of using a library.
Please direct all flames and accolades to: zooko@schowto.mad-scientist.com
apt rocks!
Imagine, oh poor benighted soul who does not have apt-get, how much better life would be if, next time you want to install a new package, say the "hugs" Haskell interpreter, you just type apt-get install hugs and it downloads hugs (and any other packages that hugs requires) and installs it within a few seconds. As far as I can tell hugs (and hundreds or perhaps thousands of other packages) are not available at all in pre-packaged form for RedHat.
Zooko
How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.
freedom.net
It's an implementation of Chaumian mixes (similar to the cypherpunks remailer network) and it is _really_ anonymous.
Zooko
I'd like to see a DS10 versus an Athlon system measured performing tasks that I actually need to do quickly. These include:
There might be some things that I've missed. Why don't you folks chime in with what kind of tasks really matter to you. Basically any time you end up _waiting_ on the computer, or anything that would be of higher value to you if it could use more CPU cycles.
If I did scientific computing and simulation then of course I would have included that here. Hm -- in fact, I might be doing something like that on my next computer, so include something like:
If some of the people who have access to both Alphas and AMDs could do some benchmarks which helped me predict the performance of these kinds of tasks I would much appreciate it. (Hint: hard disk latency might be a big issue.)
Zooko
Turing Complete WM == SCWM!
Publish it anonymously through the cypherpunks remailers and/or "www.freedom.net".
Sorry I misspelled "Sapir-Whorf".
Zooko
The hypothesis that Tim Sweeney presents as fact in the first paragraph ("When you read about linguistics, the study of human languages (not computer languages), a recurring theme is...") is considered to be a myth by most linguists.
Sorry I don't know of a web page explaining how Shapir-Whorf (as this hypothesis is called) has been discredited by evidence.
Zooko
Is Transmeta going to publish the architecture so that we can make a native Linux port instead of running x86 Linux through the interpreter?
Is Transmeta going to publish the architecture so that we can make a native Linux port instead of running x86 Linux through the interpreter?
I was at the Bay Area Cypherpunks Physical Meeting and I overheard some ZKS officers suggesting that people should use e-gold to buy Freedom nyms. But it isn't on their web page yet, eh?
Zooko
P.S. Hi, Jim Ray!
Freedom works in two ways as I understand it. First as an encrypting freedom-routing client at the IP layer of your TCP/IP stack and second as an HTTP proxy that plugs into your TCP/IP stack.
This means that it should already work with Mozilla. Anybody tried it?
Zooko
Tom, it seems to me that you are excusing some of Perl's syntactic trickiness by comparing it favorably to things that are even more tricky, such as C, shell languages, Leibniz's calculus notation, regular expressions, English, etc. This seems unnecessary. Surely we can acknowledge Perl's weaknesses while still valuing the language, and the culture surrounding it, in its full context. Being aware of these problems will help everyone to use Perl more effectively and to learn from its mistakes.
I'd like to try to contrast Perl with Python in regards to "syntactic density". I haven't studied Perl and Python very deeply as languages, but I've hacked in each of them enough to have the following intuitive belief:
If you take two programs which accomplish the same fairly complex task, each written by a suitably proficient coder, one in Perl and one in Python, then there will be a lot more syntactically correct variants of the Perl program which differ from the original Perl program by a small syntactic change (which could easily be miswritten or misread), than there are syntactically correct variants of the Python program which differ from the original Python program by a comparably small syntactic change. Note that the metric that I am using to measure the "smallness" of a syntactic change is precisely the measure that we all care about: how easy it is to misread or miswrite.
If you imagine the programming language as a space with a point for each syntactially-correct program then I think Perl has a denser distribution of syntactically correct programs -- it is "syntactically dense". I hypothesize that Python is "syntactically sparse".
You gave lots of great examples of syntactically small and semantically large differences for English, C, Bourne shell, etc.. I can think of plenty of examples for Perl as well, but I can come up with only one in Python. Namely, that it is easy to miswrite (or more commonly to misedit)
for i in range(10):\n\tdoSomething()\r\tdoSomethingElse()when you meant
for i in range(10):\n\tdoSomething()\rdoSomethingElse()
. I would be curious if anyone can come up with any more.
(Your example of exception versus return value is, I think, semantic rather than syntactic, but as long as we're on the subject, I further hypothesize that the typical syntactic-variant Perl program will run normally although with different behavior, while a syntactic-variant Python program is more likely to stop with a diagnostic message. I gather by second-hand quotes originally from you, Tom, that this is actually a desideratum in Perl.)
I had become quite a Python bigot last year, and I was enthusiastic enough in my praise for Python's "lack of gotchas" compared to Perl that some friends of mine actually undertook the experiment of rewriting a few non-trivial Perl scripts of theirs in Python. The conclusion was quite a shocker for me: they went back to Perl. Since then I've been trying to develop a theory of why some intelligent, competent people like Perl and others don't. (Leaving aside the obvious bias of learning, and of translating, that favors the old language over the new one.)
I think it might have to do with how good you are at rigorous symbolic manipulation, as distinct from linguistic processing. I am a very good programmer, but I am really bad at syntax. Give me a couple of weeks away from C and I'll promptly forget whether its "int[] foo;" or "int foo[];". (In fact, now that I think about it, I have forgotten the answer to that one! No wait -- the former is Java, the latter is C. Java syntax is "fresh in my mind" right now.) When I wrote the Python examples above, I had to go look up the online docs at python.org just to double-check that I wasn't embarassing myself with incorrect punctuation.
Interestingly, I am also really bad at mathematical notation, but good at natural language. I've noticed that when I'm reading a book that has equations (which I do fairly often), the words flow easily past and reveal their meaning to me, but the equations are all opaque blobs that offer no information other than how much space they take up on the page. It requires a deliberate effort and a mental "shift of gears" to stop "reading" and start dissecting the equation.
Neither of these things worry me too much. I get by just fine at programming by relying on automated tools (like verbose compilers and interpreters, and syntax-highlighting and auto-indentation in an editor) and references (like the handy little Perl summary card). I get by okay at my mathematical hobbies by reasoning in words (out loud or with my internal voice) and by building spatial models and graphs (on paper/whiteboard or in my imagination).
Hm. I wonder if someone shouldn't do a controlled experiment to see if there is a high correlation between Perl-haters and symbolically-challenged folks such as myself. Could be a paper here. :-) It also ties in with the debate in linguistics and pegagogy about how much people read natural language by using the phonological part of the words and to how much they map straight from the written symbol to the meaning.
(By the way, even though I am good at English and at Python, I can't think of anything about natural language that I would like to see in a programming language: context sensitivity? ambiguity? syntactic density? No thanks to all of it!)
Regards,
Zooko
You only think that because in English there is no word for "The mental entity made up of the intersection of two individual minds.".
Zooko
Folks:
Two years ago reasonable and informed people could (and did) doubt Echelon's existence. But today if you doubt Echelon's existence, then clearly you haven't been paying attention. Duncan Campbell is the man who blew the lid off Echelon, and his report in all of its detailed and independently substantiated glory is available for free on his web page.
The EchelonWatch page by the ACLU is another good source with current news.
Regards,
Zooko
Calm down, people. This is obviously just a mistake. If you think Corel is deliberately setting out to violate the law and torpedo their own product then you're an idiot.
Someone needs to calmly and politely point out their error and try to help them do damage control so that this incident doesn't make their target market nervous about trying Linux.
Corel is a small, struggling company and they are probably working way too hard trying to break new ground for Linux in the mainstream marketplace. Their lawyers are probably wrestling with a thousand complicated issues about how to embrace Linux and still protect Corel from the usual suite of legal threats by opportunistic consumers and predatory competitors. They are bound to make a few mistakes, but they're not trying to rip anybody off.
Help them, don't hurt them.
Zooko
(Note: this is a reprint of this comment. It is more on-topic here.
The good things about Debian are that it is technically sophisticated and stable (even the so-called "unstable" versions are very stable), and that it is developed by thousands of hackers which means there are more packages and newer versions. (There are currently... 3944 packages in potato.)
The bad things about Debian are that it takes way too long between stable releases, and there isn't a GUI for install, package management, and configuration. Hopefully Corel's contributions will fix all of the bad things, making the perfect free operating system!
(Note that currently the Debianistas are undergoing a crisis about their organization and personality issues and many are dissatisfied with how things are done. I considered mentioning this chaos in the list of "bad things about Debian", but I thought about it and realized that all of the hundreds of packages that I use still work great and that from my perspective as a Debian user the only thing I can legitimately complain about is the lag time between stable releases and the lack of idiot proof, pretty GUI tools.)
(Also note that I said "the perfect free operating system" instead of "the perfect free Linux distribution", because Debian can be layered on top of any suitable kernel, in theory. Work is already progressing on Debian-GNU-Hurd. Anyone want to build up a Debian-OpenBSD for me? :-))
Read all about it in the Corel's Linux Distribution white paper or visit linux.corel.com for news and job openings...
Zooko
Consider this hypothesis:
The fastest way to truly colonize space is not to fund ridiculously expensive and mostly useless corporate welfare projects like the space station, but to spend that money on education and growing the economy. In 20 or 30 years the Space Station will be just another sad reminder of the impotent wastefulness of governments, like the moon landings and Mir, but by that same time, a wealthy and educated Earth will be ready to begin actual colonization.
I haven't done the necessary research to actually convince myself of this hypothesis, but it seems more plausible to me than the viewpoint promulgated by NASA -- that we should give them half a trillion dollars and not worry about the fact that we're not actually getting any closer to space by it.
Zooko
The good things about Debian are that it is technically sophisticated and stable (even the so-called "unstable" versions are very stable), and that it is developed by thousands of hackers which means there are more packages and newer versions. (There are currently... 3944 packages in potato.)
The bad things about Debian are that it takes way too long between stable releases, and there isn't a GUI for install, package management, and configuration.
Hopefully Corel's contributions will fix all of the bad things, making the perfect free operating system!
(Note that currently the Debianistas are undergoing a crisis about their organization and personality issues and many are dissatisfied with how things are done. I considered mentioning this chaos in the list of "bad things about Debian", but I thought about it and realized that all of the hundreds of packages that I use still work great and that from my perspective as a Debian user the only thing I can legitimately complain about is the lag time between stable releases and the lack of idiot proof, pretty GUI tools.)(Also note that I said "the perfect free operating system" instead of "the perfect free Linux distribution", because Debian can be layered on top of any suitable kernel, in theory. Work is already progressing on Debian-GNU-Hurd. Anyone want to build up a Debian-OpenBSD for me? :-))
Read all about it in the Corel's Linux Distribution white paper or visit linux.corel.com for news and job openings...
Zooko
Ouch. I've been labelled a troll. I can't see what I've done to deserve it, other than use an exclamation mark when proclaiming a relative value.
In fact my article has some useful facts and describes both the good and the bad things about the Debian distribution. It deserves a much better score.
Now how does this meta-moderation thing work...
Zooko
The cypherpunks have been working on "non-erasable Internet space" for some time now. They call them "Eternity servers" and they already have some working prototypes running. If you would like to see a world where it is mathematically impossible to censor someone's web pages (without taking down the whole 'Net), then visit some of the following sites, and/or subscribe to the cypherpunks list and pitch in!
Hey that article that you pointed to was most impressive. They are actually producing the first 25 boards already!
If i understand it right you can buy one of those boards for $2000, plug it into a PCI slot, and you now have 6 new CPUs, very close to your main CPU, that are each about as fast as a Pentium II/233MHz at integer operations. That is mind-bogglingly impressive, and whichever one of the slashdot editors who dropped your story on the floor deserves a demotion.
Regards,
--Z
P.S. If anyone knows of a slashdot alternative where such good stories don't get dropped on the floor and where the Penguin and Star Wars fluff and the bullshit like "Chaos Theory applied to laser communications" does get dropped on the floor, please e-mail .
Yeah, i too am wishing for a slashdot alternative. Maybe we should post to "Ask Slashdot" asking for a slashdot alternative...
--z