The grandparent did appear to address that, saying that if you turn it off, you can't access the SSD drive. My Googling confirms that, though there's some debate as to whether it's because of the security system, or because Linux lacks the drivers for the internal SSD drive. The latter seems unlikely given Apple uses mostly off the shelf stuff these days, but who knows?
As an ex-Amigan, you have no idea how much I wish that were true. Windows and Mac would have been so much better had they took the right lessons from that platform.
Both platforms, unfortunately, predate the Amiga, and copied virtually nothing from it even after the Amiga was launched.
Why did Microsoft make "Ctrl-c" the keyboard shortcut for copy? Because ctrl-c on unix hard exits programs.
They didn't. That was Wordperfect. In MS DOS and MSBASIC before it ^C means break, just like it does in Unix.
Why did Microsoft make systems paths with C:\this\slash instead of/this/slash? Deliberate incompatibility.
Quite the opposite. When MS DOS first came out, it didn't support subdirectories (each disk just had a root directory.) The designer (MS DOS was bought, not written, by Microsoft) chose to use "/" as a prefix for options to DOS commands (for example "DIR/W") - similar to, for example, DCL
When MS DOS 2.0 came out Microsoft added subdirectories. They chose backslash because it was the nearest thing they had available to regular slashes, but slashes were already used by legacy software to indicate command line options. There's supposedly a switch you can throw that flips the meaning of backslashes and slashes, but it wasn't default because MS DOS 2.0 was supposed to be compatible with MS DOS 1.x. I don't know if it still exists in NT based operating systems, my guess is not.
Anyway, the reason Microsoft wanted slashes, and wanted to make them at least available, is because for a time the "high end" OS it wanted to push was its own version of Unix, Xenix. So, actually, yes they did want to use the same format, they just couldn't make it default.
Why did Microsoft make their line endings different? Deliberate incompatibility.
No, deliberate compatibility. At the time MS DOS was written, the "standard" operating system was CP/M. MS DOS contained some features designed to make it easy to live in a CP/M world. This included a similar API, making it easier for CP/M software to be ported. But they also adopted, wholesale, the format for CP/M text files, which are: plain ASCII, CR+LF for EOL, and ^Z for EOF.
FWIW Bear in mind both (let's forget the ^C thing given you're wrong, cmd.exe treats ^C as break too) of the decisions you're criticizing that aren't false were made before 1982, when Unix was something most people ran on minicomputers, was still relatively obscure, and when the company that was doing the most to try to make it available for PCs was... Microsoft.
The first season was awful. I don't think the second was that good either but the consensus seems to be that's when it turned around and I can understand that, but third season was excellent.
You may remember the entire first season focused on Hawkgirl and how awful it was to be chased by a supervillian through time who wants to have her, while being in a love triangle between her true love and the Atom.
Well, let's put it this way: there's no Hawkgirl in the second season other than a farewell in the first episode. After that she's gone, and for the most part they steer away from those kinds of arcs from then on.
Second season: In my view, so-so, but others love it. One immediate positive: No Hawkgirl, they do introduce Vixen and start giving her the Hawkgirl OMGLIFESUCKS treatment but back away from that quickly. Positives: They start to explore the characters, including looking into complexities in characters who'd previously been archetypes such as Mick (the gruff flame thrower guy.) Let down to an extent by some paper thin villains and some fairly run of the mill episodes. Two episodes that stand out as great episodes are "Raiders of the Lost Art", a tribute to George Lucas, and "Moonshot".
Third season: It really takes off. A lot of surreal humor that somehow still makes sense. A new character, Zari, who works as a kind of straight-gal against an increasingly bizarre storyline. The series ends with an ending that should have been a disaster, and would have been if any other show had done it, as it's ludicrously over the top, but it works because literally every decision and event that's lead to it makes perfect sense and it's the only possible outcome. That season also has an episode that I feel is one of the best put together pieces of TV I've seen in a long time, "Here I go again", which (openly) references Groundhog Day, but does it well and appropriately.
Fourth season: Mixed, but we're mid way through it. There's been at least one episode that, to my mind, was too over the top (that is, it failed the Season 3's Finale example of "OTT but completely logical and explainable") but otherwise it's been good TV.
What makes it watchable? A mix of surreal humor, commentary, interesting characters, and very little of the "OMG my life sucks, I'm a superhero who has been elected the most powerful man in this city but I think I'm Batman I'm so depressed" bullshit that you see in other Arrowverse shows.
Certainly the CWâ(TM)s DC shows quickly degenerated into nothing but angsty relationship melodramas
Well, some may have done. LoT managed to turn from an angsty relationship melodrama (which it started as) into something awesome, so occasionally it goes the other way...
If curing patients is not a sustainable business model, what good does it do to suppress this fact?
Reality: It's probably true. Which means those arguing that healthcare needs to be not 100% taken care of using the free market are right.
Can we stop pretending the "free market" is the solution to everything? It isn't. Healthcare is an obvious area where it just plain doesn't work. When you have a woman whose leg has been crushed between a subway train and a station platform screaming at people NOT TO CALL FOR AN AMBULANCE because she's going to have to pay $5,000 just for the ambulance, plus god knows what else on ER care, and that's WITH the Obamacare "Everyone has insurance! Everyone must participate in the glorious capitalist healthcare system!" thing in place, you know it's fucked beyond measure.
It's not going to work. It's never going to work. Let's fund this one with taxes.
That was my first thought, but in all honesty, the summary could have done with more context. Are Sony et al also having problems shifting Blu-ray players? Are we seeing any declines in the number of discs sold? It's entirely possible it's just a failing format, but it's also possible that Samsung just isn't very good at this particular market segment.
I've been wanting Slashdot to do that for ages, but until recently you couldn't even reply to a message you just posted for five minutes, let alone place a clarification (or edit or delete it.)
I'm not as married to the idea that people shouldn't be able to edit their comments as others are, as long as something about the comment shows its been edited there shouldn't be an issue. But clarifications is a decent compromise between people like me who see the value in being able to withdraw stuff that communicates the wrong thing, and people who believe everyone should be punished for typing too quickly and not passing their comments by a proof reader and a (human) editor before posting them.
Well, even if you take a radically wide definition of the word "safe" and just say it's safe if the immediate effects of using it aren't harmful (that is, it's not going to explode in your face), there are plenty of safer energy storage systems.
But something that's polluting to the degree hydrocarbons are, with the potential to destroy the entire planet over time, is hardly "safe". And if you try to fix it, it stops being "cheap" too. Which is why, in practice, a modern battery powered vehicle charged by a Nuclear energy/renewables based power grid has a much lower TCO than an equivalent gasoline powered vehicle.
That would be incredibly stupid as the potential damages from lawsuits against Monsanto for the cancer caused by RoundUp sales to date would dwarf any potential increased profits they'd get from "RoundUp 2 - Now With Less Cancer!(tm)"
NYC will do just fine. It absolutely never needed Amazon, and Amazon would have caused problems for it (it's expensive enough to live there as it is due to the national shortage of decent urban space), not solved anything.
As far as the notion that it was right for a massive business to punish a city because its government didn't want to subsidize it, I'm truly disgusted that anyone would suggest such a thing. I'd like to see less subsidies to corporate consumers in general (Amazon is a corporate consumer, a user, not provider, of infrastructure, for example), and for cities across the country to stop competing with one another on who can flush their local economies down the toilet as quickly as possible just to attract a large employer who'll cost local taxpayers more than they bring in.
I don't own an AR-15, but I was under the impression that the lower receiver was actually a component that doesn't require much in terms of dealing with stresses - it's essentially the AR-15's control panel, with the actual work done by the upper receiver and barrel.
If my understanding is correct (and it might not be), then the lower receiver can easily be made using a 3D printer.
If it can, then this blows a hole in the way AR-15s are currently regulated. The ATF has to decide at some point whether something constitutes a firearm or not, and right now has a rule that the AR-15's lower receiver is the firearm. It's this component that, for example, cannot be mailed directly to from a seller to an unlicensed buyer across state lines, and requires buyers undergo a NICS "background check".
Every other part of an AR-15, which is a modular rifle, can be, and there's no NICS test needed to buy the other components of an AR-15.
So, in theory, unless the ATF changes its mind about what constitutes an AR-15, it's now relatively easy to obtain an AR-15 without any kind of check, not even the shitty "Not really a background check but it was the best we could do" NICS thing.
And I have no idea if the ATF can change its mind about this anyway.
Name one kind of manslaughter that isn't like murder.
The difference between gambling and insurance is motive and intent. Gambling is about trying to make it rich. Insurance is about preventing an unforeseen event causing undue hardship. They're not the same thing even if they use similar mechanisms to achieve their set goals.
its proponents gloss over the fact that bad coders will then just make other mistakes
Rust's proponents probably do not believe your apparent believe that every programmer makes the same number of mistakes regardless of what programming language they're using. They're probably of the opinion that if someone makes 11 mistakes in C, including 8 buffer overflows, they'll probably make a little over 3 in Rust.
That's a reasonable assumption, and they're probably correct. They probably won't find eight other things to do wrong in order to make up for the lack of buffer overflows.
Nope. Bad coders are dangerous and they are so in any language.
So people who aren't Bad Coders(tm) never slip up and make mistakes?
Also try reading this. It explains how a typical corporate process resulted in the rug being pulled and nobody realizing code that did work correctly now had cases where it wouldn't.
Now, before you say "Sure, but that could have happened in Java or C# too!", that's true, but in Java you wouldn't have given anyone the opportunity to overwrite the stack with data and code of your choosing.
What worries me is that most C programmers think they're good programmers. The better the programmer, the more likely it is they realize they too can make mistakes. The fact there's a whole bunch of people waving the C flag yelling "C is only bad if it's programmed by people who are worse than me" is deeply disconcerting for that reason.
California have it in their grasp to be able to put in a TRUE high-speed with hyperloop.
No, they don't. Hyperloop doesn't exist, it's a theoretical project with some extremely limited proofs of concept built that, currently, don't even prove it can run faster than HSR. If it's viable at all it'll be 20 years or so before we can see it, and in the mean time it suffers ABSOLUTELY EVERY SINGLE PROBLEM THAT HSR DOES.
Yes, I said it. Remember how Musk pretended it was "cheaper" than HSR? He did that by connecting two points that were 50-100 miles away from LA and SF, and by only "connecting" (if you call building stations 50-100 miles away "connecting") those two cities. He also handwaved about the costs, and ignored the fact that many of the things he proposed such as some way of building cheaper viaducts would also improve the costs for HSR if they were actually practical and cost that little.
Add to that the reality that it's probably a horrible way to travel even if it works, and ultimately it's not easy to understand why so many people are for it, beyond misunderstanding it and/or having the classic American prejudice against HSR because it's what those damned furry-ners do.
Musk was never proposing Hyperloop because it was a good idea, he was proposing it because he's a fucking car manufacturer.
I think there's a gap between useless and being able to prove that p=np if it comes to advice rather than making boolean decisions on whether to accept a commit.
As a really simple example, if a program uses strcpy but there's no apparent use of strlen before in the same function, you can probably reasonably issue a warning that the code there may be unsafe and explain why. You shouldn't block it because you don't know that there's some other way that the programmer knows strcpy is safe in context, but at the same time it's going to be worth highlighting as a potential issue.
And you display how a maliciously malformed string is a problem!
Nope. There is no maliciously malformed string in my example. I processed it presuming it might be too long, and used what ANSI considers the correct function to copy it to an array of known size.
My entire post was on strings entering the system - once it's in and validated you don't have more problems with null-terminated than with ptr_length.
I just gave you an example of how a built in ANSI function has problems outputting valid null terminated strings. strncpy wouldn't have worked the same way with a length+characters approach because it wouldn't have made sense, it would have had to put \3HEL (or \3\0HE) to be placed in the buffer, not HELL. (Of course, because strings would end up being a type, it'd be more like:
and newstring would have returned something in the form:
struct { int length; char text[4]; }
and so you'd still have HELL in text[] but length would be set to 4. Of course, my hypothetical C variant we're talking about would actually also have a buffersize property in the struct it returns so functions like strcpy can actually know from the start how big the destination is.
Using ptr+length doesn't buy you anything unless you trust the length, in which case you may as well trust the null-terminator.
No, that's not how any of this works. ptr+length works because you generally know there is a length to begin with. You do not know there is a null, at least, not one at the end of the string. You can safely presume the length is correct because there's no reason for it to be wrong. An off by one error isn't going to cause the length to be omitted.
I gave you an example of how a simple off-by-one error can cause a string to buffer overflow if you're using nulls. This is an error that cannot occur in a ptr+length environment. Can you, conversely, think of an error that can occur in a ptr+length environment that wouldn't occur in a null terminated string environment?
Also, just throwing it out there, serviscope_minor didn't mention it, but I thought I will because TBH it's an even bigger flaw, but how do you handle it when there's a null in the middle of your string? I've always hated null termination for that reason, it reminds me of the old CP/M and DOS issue where text files couldn't contain a ^Z otherwise it'd be treated as the end of the file.
Also (while I'm on it), don't you find it a pain to have to use strlen each time you want to append strings to one another?
I mean, I just find it surprising anyone's saying "No, I must defend null terminated strings!" rather than "Oh yeah, another reason why they're shit and C is terrible."
That snippet you posted has a bug because the length indicator was wrong.
No, the length was right. The length is the size of the buffer. The buffer has four characters. It's 100% correct.
The solution is not to ban languages the youngin's don't like, the solution is for MS to stop releasing crap
If you've reached an age where you feel you can describe Rust users as "youngins" and you don't see the value in Rust and the problems with C, then there's a serious problem.
(Besides, nobody's taking your C compiler away from you or talking about that - they're talking about not using it any more for code you need to be able to trust. There is absolutely no reason on Earth for a replacement TCP/IP stack, web browser, or email client you switch to be written in C. There are safer alternatives that are just as efficient. If you want to write them in C, go ahead, just expect thinking people to want alternatives to your implementation written in safer environments.)
C's flaws are obvious. Why do people feel the need to pretend it's OK? You don't Slashdot flooded with apologists for PHP every time a Wordpress vulnerability gets publicized.
While C does allow you to do a lot of dangerous things, a modern compiler will warn you and a competent developer will know how to avoid most of them
A modern compiler will not warn you unless it's obvious. And, I hate to say this, but your use of the word "most" should have told you you're on the wrong side of this argument.
Look, C is dangerous. It's slightly more efficient than most of the alternatives, and most of the alternatives that it's speed comparable to are somewhat more awkward to work with.
The argument "But it's OK in the hands of experts" is wrong. If you consider yourself enough of an expert to write C that doesn't contain security bugs, you're exhibiting Dunning-Kruger syndrome, not expertise.
Using better languages reduces the number of bugs you'll make, regardless of whether you're a real expert or someone who just thinks they are. Part of that is because detecting the kinds of error that causes security issues will usually uncover other kinds of bugs too.
A true C expert is someone who's so familiar with its flaws they'd rather use something else, not someone arrogant enough to think their code is perfect.
Slashdot Mirror
The grandparent did appear to address that, saying that if you turn it off, you can't access the SSD drive. My Googling confirms that, though there's some debate as to whether it's because of the security system, or because Linux lacks the drivers for the internal SSD drive. The latter seems unlikely given Apple uses mostly off the shelf stuff these days, but who knows?
As an ex-Amigan, you have no idea how much I wish that were true. Windows and Mac would have been so much better had they took the right lessons from that platform.
Both platforms, unfortunately, predate the Amiga, and copied virtually nothing from it even after the Amiga was launched.
They didn't. That was Wordperfect. In MS DOS and MSBASIC before it ^C means break, just like it does in Unix.
Quite the opposite. When MS DOS first came out, it didn't support subdirectories (each disk just had a root directory.) The designer (MS DOS was bought, not written, by Microsoft) chose to use "/" as a prefix for options to DOS commands (for example "DIR /W") - similar to, for example, DCL
When MS DOS 2.0 came out Microsoft added subdirectories. They chose backslash because it was the nearest thing they had available to regular slashes, but slashes were already used by legacy software to indicate command line options. There's supposedly a switch you can throw that flips the meaning of backslashes and slashes, but it wasn't default because MS DOS 2.0 was supposed to be compatible with MS DOS 1.x. I don't know if it still exists in NT based operating systems, my guess is not.
Anyway, the reason Microsoft wanted slashes, and wanted to make them at least available, is because for a time the "high end" OS it wanted to push was its own version of Unix, Xenix. So, actually, yes they did want to use the same format, they just couldn't make it default.
No, deliberate compatibility. At the time MS DOS was written, the "standard" operating system was CP/M. MS DOS contained some features designed to make it easy to live in a CP/M world. This included a similar API, making it easier for CP/M software to be ported. But they also adopted, wholesale, the format for CP/M text files, which are: plain ASCII, CR+LF for EOL, and ^Z for EOF.
FWIW Bear in mind both (let's forget the ^C thing given you're wrong, cmd.exe treats ^C as break too) of the decisions you're criticizing that aren't false were made before 1982, when Unix was something most people ran on minicomputers, was still relatively obscure, and when the company that was doing the most to try to make it available for PCs was... Microsoft.
Ah, so it's Facebook for Windows, useful in case Ivan also needs to know what video games you played and when.
The first season was awful. I don't think the second was that good either but the consensus seems to be that's when it turned around and I can understand that, but third season was excellent.
You may remember the entire first season focused on Hawkgirl and how awful it was to be chased by a supervillian through time who wants to have her, while being in a love triangle between her true love and the Atom.
Well, let's put it this way: there's no Hawkgirl in the second season other than a farewell in the first episode. After that she's gone, and for the most part they steer away from those kinds of arcs from then on.
First season: Terrible. Not surprised you gave up
Second season: In my view, so-so, but others love it. One immediate positive: No Hawkgirl, they do introduce Vixen and start giving her the Hawkgirl OMGLIFESUCKS treatment but back away from that quickly. Positives: They start to explore the characters, including looking into complexities in characters who'd previously been archetypes such as Mick (the gruff flame thrower guy.) Let down to an extent by some paper thin villains and some fairly run of the mill episodes. Two episodes that stand out as great episodes are "Raiders of the Lost Art", a tribute to George Lucas, and "Moonshot".
Third season: It really takes off. A lot of surreal humor that somehow still makes sense. A new character, Zari, who works as a kind of straight-gal against an increasingly bizarre storyline. The series ends with an ending that should have been a disaster, and would have been if any other show had done it, as it's ludicrously over the top, but it works because literally every decision and event that's lead to it makes perfect sense and it's the only possible outcome. That season also has an episode that I feel is one of the best put together pieces of TV I've seen in a long time, "Here I go again", which (openly) references Groundhog Day, but does it well and appropriately.
Fourth season: Mixed, but we're mid way through it. There's been at least one episode that, to my mind, was too over the top (that is, it failed the Season 3's Finale example of "OTT but completely logical and explainable") but otherwise it's been good TV.
What makes it watchable? A mix of surreal humor, commentary, interesting characters, and very little of the "OMG my life sucks, I'm a superhero who has been elected the most powerful man in this city but I think I'm Batman I'm so depressed" bullshit that you see in other Arrowverse shows.
It's really good, worth binging.
Well, some may have done. LoT managed to turn from an angsty relationship melodrama (which it started as) into something awesome, so occasionally it goes the other way...
Why?
If curing patients is not a sustainable business model, what good does it do to suppress this fact?
Reality: It's probably true. Which means those arguing that healthcare needs to be not 100% taken care of using the free market are right.
Can we stop pretending the "free market" is the solution to everything? It isn't. Healthcare is an obvious area where it just plain doesn't work. When you have a woman whose leg has been crushed between a subway train and a station platform screaming at people NOT TO CALL FOR AN AMBULANCE because she's going to have to pay $5,000 just for the ambulance, plus god knows what else on ER care, and that's WITH the Obamacare "Everyone has insurance! Everyone must participate in the glorious capitalist healthcare system!" thing in place, you know it's fucked beyond measure.
It's not going to work. It's never going to work. Let's fund this one with taxes.
That was my first thought, but in all honesty, the summary could have done with more context. Are Sony et al also having problems shifting Blu-ray players? Are we seeing any declines in the number of discs sold? It's entirely possible it's just a failing format, but it's also possible that Samsung just isn't very good at this particular market segment.
I've been wanting Slashdot to do that for ages, but until recently you couldn't even reply to a message you just posted for five minutes, let alone place a clarification (or edit or delete it.)
I'm not as married to the idea that people shouldn't be able to edit their comments as others are, as long as something about the comment shows its been edited there shouldn't be an issue. But clarifications is a decent compromise between people like me who see the value in being able to withdraw stuff that communicates the wrong thing, and people who believe everyone should be punished for typing too quickly and not passing their comments by a proof reader and a (human) editor before posting them.
Well, even if you take a radically wide definition of the word "safe" and just say it's safe if the immediate effects of using it aren't harmful (that is, it's not going to explode in your face), there are plenty of safer energy storage systems.
But something that's polluting to the degree hydrocarbons are, with the potential to destroy the entire planet over time, is hardly "safe". And if you try to fix it, it stops being "cheap" too. Which is why, in practice, a modern battery powered vehicle charged by a Nuclear energy/renewables based power grid has a much lower TCO than an equivalent gasoline powered vehicle.
That would be incredibly stupid as the potential damages from lawsuits against Monsanto for the cancer caused by RoundUp sales to date would dwarf any potential increased profits they'd get from "RoundUp 2 - Now With Less Cancer!(tm)"
- a renter.
NYC will do just fine. It absolutely never needed Amazon, and Amazon would have caused problems for it (it's expensive enough to live there as it is due to the national shortage of decent urban space), not solved anything.
As far as the notion that it was right for a massive business to punish a city because its government didn't want to subsidize it, I'm truly disgusted that anyone would suggest such a thing. I'd like to see less subsidies to corporate consumers in general (Amazon is a corporate consumer, a user, not provider, of infrastructure, for example), and for cities across the country to stop competing with one another on who can flush their local economies down the toilet as quickly as possible just to attract a large employer who'll cost local taxpayers more than they bring in.
Plus if Bezos gets a home in Flint, MI, I bet the water problem will get fixed pretty quickly.
I don't own an AR-15, but I was under the impression that the lower receiver was actually a component that doesn't require much in terms of dealing with stresses - it's essentially the AR-15's control panel, with the actual work done by the upper receiver and barrel.
If my understanding is correct (and it might not be), then the lower receiver can easily be made using a 3D printer.
If it can, then this blows a hole in the way AR-15s are currently regulated. The ATF has to decide at some point whether something constitutes a firearm or not, and right now has a rule that the AR-15's lower receiver is the firearm. It's this component that, for example, cannot be mailed directly to from a seller to an unlicensed buyer across state lines, and requires buyers undergo a NICS "background check".
Every other part of an AR-15, which is a modular rifle, can be, and there's no NICS test needed to buy the other components of an AR-15.
So, in theory, unless the ATF changes its mind about what constitutes an AR-15, it's now relatively easy to obtain an AR-15 without any kind of check, not even the shitty "Not really a background check but it was the best we could do" NICS thing.
And I have no idea if the ATF can change its mind about this anyway.
Name one kind of manslaughter that isn't like murder.
The difference between gambling and insurance is motive and intent. Gambling is about trying to make it rich. Insurance is about preventing an unforeseen event causing undue hardship. They're not the same thing even if they use similar mechanisms to achieve their set goals.
Rust's proponents probably do not believe your apparent believe that every programmer makes the same number of mistakes regardless of what programming language they're using. They're probably of the opinion that if someone makes 11 mistakes in C, including 8 buffer overflows, they'll probably make a little over 3 in Rust.
That's a reasonable assumption, and they're probably correct. They probably won't find eight other things to do wrong in order to make up for the lack of buffer overflows.
So people who aren't Bad Coders(tm) never slip up and make mistakes?
Also try reading this. It explains how a typical corporate process resulted in the rug being pulled and nobody realizing code that did work correctly now had cases where it wouldn't.
Now, before you say "Sure, but that could have happened in Java or C# too!", that's true, but in Java you wouldn't have given anyone the opportunity to overwrite the stack with data and code of your choosing.
What worries me is that most C programmers think they're good programmers. The better the programmer, the more likely it is they realize they too can make mistakes. The fact there's a whole bunch of people waving the C flag yelling "C is only bad if it's programmed by people who are worse than me" is deeply disconcerting for that reason.
No, they don't. Hyperloop doesn't exist, it's a theoretical project with some extremely limited proofs of concept built that, currently, don't even prove it can run faster than HSR. If it's viable at all it'll be 20 years or so before we can see it, and in the mean time it suffers ABSOLUTELY EVERY SINGLE PROBLEM THAT HSR DOES.
Yes, I said it. Remember how Musk pretended it was "cheaper" than HSR? He did that by connecting two points that were 50-100 miles away from LA and SF, and by only "connecting" (if you call building stations 50-100 miles away "connecting") those two cities. He also handwaved about the costs, and ignored the fact that many of the things he proposed such as some way of building cheaper viaducts would also improve the costs for HSR if they were actually practical and cost that little.
Add to that the reality that it's probably a horrible way to travel even if it works, and ultimately it's not easy to understand why so many people are for it, beyond misunderstanding it and/or having the classic American prejudice against HSR because it's what those damned furry-ners do.
Musk was never proposing Hyperloop because it was a good idea, he was proposing it because he's a fucking car manufacturer.
I think there's a gap between useless and being able to prove that p=np if it comes to advice rather than making boolean decisions on whether to accept a commit.
As a really simple example, if a program uses strcpy but there's no apparent use of strlen before in the same function, you can probably reasonably issue a warning that the code there may be unsafe and explain why. You shouldn't block it because you don't know that there's some other way that the programmer knows strcpy is safe in context, but at the same time it's going to be worth highlighting as a potential issue.
True, in this case, but people making IntraEurope trips, for example, can always catch trains.
Nope. There is no maliciously malformed string in my example. I processed it presuming it might be too long, and used what ANSI considers the correct function to copy it to an array of known size.
I just gave you an example of how a built in ANSI function has problems outputting valid null terminated strings. strncpy wouldn't have worked the same way with a length+characters approach because it wouldn't have made sense, it would have had to put \3HEL (or \3\0HE) to be placed in the buffer, not HELL. (Of course, because strings would end up being a type, it'd be more like:
and newstring would have returned something in the form:
and so you'd still have HELL in text[] but length would be set to 4. Of course, my hypothetical C variant we're talking about would actually also have a buffersize property in the struct it returns so functions like strcpy can actually know from the start how big the destination is.
No, that's not how any of this works. ptr+length works because you generally know there is a length to begin with. You do not know there is a null, at least, not one at the end of the string. You can safely presume the length is correct because there's no reason for it to be wrong. An off by one error isn't going to cause the length to be omitted.
I gave you an example of how a simple off-by-one error can cause a string to buffer overflow if you're using nulls. This is an error that cannot occur in a ptr+length environment. Can you, conversely, think of an error that can occur in a ptr+length environment that wouldn't occur in a null terminated string environment?
Also, just throwing it out there, serviscope_minor didn't mention it, but I thought I will because TBH it's an even bigger flaw, but how do you handle it when there's a null in the middle of your string? I've always hated null termination for that reason, it reminds me of the old CP/M and DOS issue where text files couldn't contain a ^Z otherwise it'd be treated as the end of the file.
Also (while I'm on it), don't you find it a pain to have to use strlen each time you want to append strings to one another?
I mean, I just find it surprising anyone's saying "No, I must defend null terminated strings!" rather than "Oh yeah, another reason why they're shit and C is terrible."
No, the length was right. The length is the size of the buffer. The buffer has four characters. It's 100% correct.
If you've reached an age where you feel you can describe Rust users as "youngins" and you don't see the value in Rust and the problems with C, then there's a serious problem.
(Besides, nobody's taking your C compiler away from you or talking about that - they're talking about not using it any more for code you need to be able to trust. There is absolutely no reason on Earth for a replacement TCP/IP stack, web browser, or email client you switch to be written in C. There are safer alternatives that are just as efficient. If you want to write them in C, go ahead, just expect thinking people to want alternatives to your implementation written in safer environments.)
C's flaws are obvious. Why do people feel the need to pretend it's OK? You don't Slashdot flooded with apologists for PHP every time a Wordpress vulnerability gets publicized.
A modern compiler will not warn you unless it's obvious. And, I hate to say this, but your use of the word "most" should have told you you're on the wrong side of this argument.
Look, C is dangerous. It's slightly more efficient than most of the alternatives, and most of the alternatives that it's speed comparable to are somewhat more awkward to work with.
The argument "But it's OK in the hands of experts" is wrong. If you consider yourself enough of an expert to write C that doesn't contain security bugs, you're exhibiting Dunning-Kruger syndrome, not expertise.
Using better languages reduces the number of bugs you'll make, regardless of whether you're a real expert or someone who just thinks they are. Part of that is because detecting the kinds of error that causes security issues will usually uncover other kinds of bugs too.
A true C expert is someone who's so familiar with its flaws they'd rather use something else, not someone arrogant enough to think their code is perfect.