In retrospect, I realize I'm just being stubborn. We both want to preserve Slashdot as a respectable discussion forum, and I must concede that taking aim at submitters is not an efficient or productive way at raising the bar for discussion, rather we should raise the bar in the discussion forum. Lastly, I finally understand your point that readers shouldn't be distracted by pointless pot shots at the submitters as it only debases the reputation of Slashdotters.
Having said that, I'm going to take a step in that direction by writing up a petition to bring back Jon Katz. This time, I will refrain from personal attacks like calling him a hyper-dramatic douche bag and will only respond to his inane submissions with serious discussion.
I will no longer respond to stupidity with stupidity, and most of all I will not hold my fellow Slashdotter's frustrations of proper discussion protocol in contempt, no matter how big of a cry baby they are with their "I don't want to have to read this! Why can't the world be perfect?!? Accommodate me! Come on guys! Stop trolling! Get serious!"
Let's just say you'd save yourself a lot of money on fuel for hot air.
1. Slashdot is not a niche site that only reports Kernal release. It's a VERY popular source of tech and science news with a readership capable of performing many inadvertant DOS attacks. That alone makes criticising Slashdot nessecary.
2. You then go on about how the comments makes Slashdot great hinting CNN and Fox could learn something from Slashdot. Well, how about that? WOULDN'T IT BE GREAT IF YOU COULD MAKE JOKES ABOUT FOX NEW'S SPIN (ON FOX NEWS) LIKE YOU CAN ON SLASHDOT???
You're missing the entire point of comments. Comments are there to balance the story if it's incorrect, misleading, of outright manipulative.
Sometimes a particular submitter keeps making the same mistakes OVER and OVER again. Why should we have to shut up, because you tolerate low standards? I want to hear what people with higher standards have to say, and I want the submitters to hear the criticism targeted at them.
Don't you think public scrutany is an important part of an open discussion?
You're ever so funny. Really.
And you are that humorless? Not familiar with injecting a dumb joke for levity sake? You're supposed to use a dumb joke so that you inflict some of the damage on yourself. It's like an olive branch that says, "Don't take me so serious."
This isn't some hobby website on a shoestring budget, therefore it should be subjected to the same criticism that CNN, Fox News, or any other influential news outlet should be subject to...
If you don't like the criticism, don't read them. I personally VALUE comments like these as indicators of how people feel about Slashdot insofar as I'm concerned that Slashdot maintains an acceptable reputation for a serious forum of discussion.
I believe people are horribly biased and will continue to be horribly biased until they understand that thier emotions are playing tricks on thier "rational" mind.
Thankfully for me, my emotions usually compell me to back up my assertions with something concrete, otherwise I feel vulnerable to attack.
Feeling pretty comfortable with my evidence, I'm going to come right out and assert.
Homicide and Violent Crimes are at an all time LOW since 1993. (Hell, it's as good at the 50's and 60's)
Seriously, these stats will shock the shit out of you.
From what I understand, the video game industry is now bigger than the movie industry (for a couple years now?). The games released in the last 10 years have set unprecendented levels violence and realism engaging the player in committing virtual crimes (Grand Theft Auto), from theft, murder all the way up to terrorism.
From what I remember, video games really started getting super-violent from 1993 onward. Isn't that when Doom popularized that realistic genre?
Also, the movies have gotten a lot worse, especially with the proliferation of CGI making violence and gore super realistic. Let's not forget the mass dissemination of porn making it accessible to anyone who can use a search engine.
So why did violence and homicide levels plummet to a THIRD of levels in 1993? Why aren't all the school suffering from shootings on a daily basis?
Too many people assume that video games are making our society more violent. This is clearly untrue. Instead, The reverse has happened. Why?
Is this because of a change in policy? Is being tough and violent now uncool? Could video games have played a role in making society less violent by allowing people to release thier aggression? Was it the result of a lot of things?
Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near.
Hold out baits to entice the enemy. Feign disorder, and crush him.
Never ascribe to evil that which can just as easily be mere incompetence. (or something similar).
I think both parties are stupid. True evil actually requires a degree of intelligence, which I certainly haven't seen from either party.
I think you should spend a lot more time at OpenSecrets.org and note the expert proficency when it comes to handling the legislative detail of thier contributors.
I think this case had two things going for it, neither to be underestimated:
1. Microsoft's power to litigate and make news. 2. The impact this patent would have on just about every web user.
Factor #2 has been demonstrated to have some leverage in the realm of very obvious patents (BT's hyperlink patent).
While Eolas' patent may seem obvious to your average software engineer, it isn't to your average Joe. Had it not been Microsoft, I think the impact of the installed base would have been a significant factor.
Had it been MS vs. the World, I think it would sink thier reputation to where even loyal Microsoft users would want to stop buying thier products.
From what I understand, it isn't the patent clerks' job to scan the Internet and look for prior art, rather thier search for prior art is limited to thier own patent database.
I wouldn't be surprised if these 2 clerks were forced by USPTO policy to grant these patents, regardless of thier opinions. I suspect this policy has been influenced by the Commerce Dept. and many federal judges over many years of litigation..
Hell, they may ever reassign the same 2 clerks to re-evaluate the patents with a little pressure from the top to invalidate them in light of new evidence.
Think of reversing a patent as invalidating evidence, which will probably be submitted to an appeals court at a later time. Once you've found evidence is invalid or is misrepresented, then all arguments based on that evidence need to be reargued.
This reversing of a patent will probably be submitted to the appeals court (if there isn't already a more convienent avenue), which will overturn the prior decisions.
So, if you want to get started advocating an open e-voting system for your neck of the woods or an alternative to Diebold, then you can get started now.
If you want to push printed receipts, I'm sure you can hire someone who could write an interface to a little thermal printer via the COM ports.
* Is Fox News pushing the FCC for a broadcasting flag in this story? * Is Fox News trying to extort money out from owners of smart card programmers? * Is Fox News accusing The Simpsons of violating the DMCA?
Don't get me wrong, I find the story hilarious, but it's already being covered by every other news outlet. (With the exception of Fox News?)
From that, you'll see that both Lawyers give 3 times more to Democrats than Republicans, and the Entertainment industry gives almost 4 times more to Democrats.
More important than that, you should really get to know who the House and Senate committee leaders are, and check out who's giving them money.
It's interesting to how each respective party campaigns under vague, divisive, and meaningless issues like Abortion, Gays and Lesbians, Taxes, and Social Security to win votes, and people eat it up!
I especially love the notion of "liberal" and "conservative" as if each party is trying to save you from the other's excessive spending (R: Military, Homeland Security) or the other's special favors to big business (D: DMCA, Legal Industry, Securities + Investing).
Next time you cast your vote, I suggest you look at each canidate and figure out who's giving them money, and then ask yourself:
Do I want to prop up the Securities and Investment industry or the Insurance Industry this year?
I don't want to come off as stupid, but I still don't understand.
Why do those particular numbers corrispond with those particular letters? I understand there is encryption involved, but I don't have the software to decrypt the code.
...who take a bulk of money from the **AA's, not to mention a HUGE bulk from the legal profession in general.
I'm not saying the Republicans are any better. They might be, but I don't know how you can honestly sit there with such shock as to how this administration might disagee with an oppressive policy that happened to be installed by the last administration and happened to benefit the last administration's contributors. (It's right there on OpenSecrets.org)
Can you break out of the political dichotomy for a second to recognize that there are good and bad things about both political parties, as well as good and bad things about this administrations.
I know it's hard to see the good this administration did, especially with all those fuckups looming over thier heads, but you should atleast make an effort to be objective.
Lastly, Do you realize that by attributing every government decision to "The Man", you discredit every other valid point you make. People will stop listening to you, and you will stop any valuable insight you might have from spreading.
The moral: Don't give away objective thinking for political ends.
I guess to sum up your post, while Win32 was generally a pretty straightforward C API, which made adapting it to other paradigms considerably complicated.
In your first example, you cite the problem of managing a Windows lifetime, which is vulerable to being destroyed by other code. Frankly, this isn't just a problem with Win32 as it is with any system that isn't using reference counting or garbage collection.
Fortunately, Win32 atleast gives you the opportunity to handle a WM_DESTROY message (which isn't available for other objects) when a Window is being destroyed. Win32 also provides functions to help test the validity of handles, which combined with other tricks can be a mostly reliable validity test.
However, because you're working with a C API, it is generally expected that you properly allocate and deallocate your resources in a consistent manner, thus the design shouldn't be vulnerable to rogue code deleting resources it shouldn't be deleting. In other words, all parts of the software has to agree on a single owner who is responsible for deleting the resource.
If you really need to support a multi-owner scenario, then you should really be using reference counting, garbage collection, or some other system that hides and encapsulates your resources with dear life.
There are generally not many reasons to expose window handles to unknown code, but when it does happen, there's not much you can do to prevent problems.
However, I am more sympathetic to your message scenarios. Adapting messages to an OO paradigm was never straightforward in practice. However, it always seemed to work well for the non-OO diehards, which used to really bug the shit out of me.
Win32 was just one of those things that was good enough solution for it's time and for what it did, but it really is time to move on to something better.
Like you, I'm wondering how they plan on phasing Win32 out of.NET if they haven't already made Windows.Forms equally capable as Win32.
Win32 is messy, and most Windows C(++) programmers avoid using Win32 directly at all costs (that's what MFC and ATL are for).
Most Windows C++ programmers I know are happy to deal with the API. Even novice MFC programmers tend to have a good idea of how the API is structured, as MFC is just a fairly simple wrapper mirroring that structure.
It sounds like might have used MFC, but I seriously doubt you've ever touched ATL (A true nightmare for many), which is more geared towards creating COM components and threading environments to run under MTS.
To be fair: Win32 is fairly simple and straightforward compared to a lot of the alternatives. It's a simple C library which has a very simple and consistent structure revolving around Windows objects, making it an OO-Lite type API.
I agree with your reasons to get rid of Win32, but I would hardly call Win32 complicated. (Cumbersome at times, yes, but not complicated)
Are there others? It's almost as if the majority of "conservatives" are either too stupid to understand what being conservative on the various issues means, or are so desperate, they'll support this bizarro Republicrat (Who's worse than most democrats) rather than conceed to symbolic political failure.
Do you think we'll possibly be seeing an end to neo-conservatism with the Republican party so depedent on the Christian/rural vote?
The DMV charges fees for most services, and I would propose that people pay a $20-30 fee to cover the costs.
That shifts it to YOUR bottom line. Would you pay $20-$30 to protect your financial assets?
All the DMV would have to do is buy the devices in bulk (which they really end up reselling), print the public key on your driver's license, and support a simple revocation database.
From considering that maybe companies like Microsoft should be held liable for knowningly shipping an insecure product?
The last thing I want to see is the software be subjected to the same liability/litigation as the aerospace industry, but I don't believe a EULA should protect a manufacturer from not fixing a product that is inherantly secure.
The question we need to ask ourselves, "Has Microsoft knowingly done nothing to fix a security hole?"
1 key - Government Verification 1 key - Corrisponding with Drivers License (Use sparringly for occasional verification in financial affairs.)
50 additional keys - Which could be registered and published under Aliases of your choosing by a third-party registration service?
I believe this sort of system should be implemented as a core specification which the states would be required to adopt.
Manufacturers of devices would have stricter standards subjecting the manufacturers to severe penalties if they fail to meet the standards. They would also have to pay for government testing.
Like I mentioned in my other email. This would NOT be a National ID system that would be used everywhere, rather a voluntary authentication service to be used sparringly. Furthermore, it would be illegal for any company to require a public key.
I do like your idea, which I think should be handled with additional public keys.
I should have prefaced my proposal by emphasizing that this idea is not a National Identification system, rather it's an authentication service to enable you to better protect your assets.
The only involvement the federal government would have would be mandating the States to implement the standard. The states would be free to purchase the devices from any manufacturer who meets the security specification.
The manufacturer will pay for all inspection costs and will accept liability if thier device is cracked because of failure to meet the specification.
Verification algorithms would be written and published in most programming languages (Probably RSA).
Now to address your scenarios:
1. I just got mugged. Suddenly I can't prove I'm who am I, while some lowlife punk just proved he's me and bought a Ferrari. And I can't even drive it!
That's when you call a 1-800 number where you enter your public key and a password to revoke your public key. Oh, and I hope your mugger looks like your twin, because the Ferrari dealership will ask for your driver's license which will have your public key on it.
As long as your revoking your public key, you might want to cancel your credit cards while your at it.
After that, the prodecure is the same as getting a replacement drivers license. You'll need a copy of birth certificate, passport, or another approved document verifying who you are who you claim.
If two different people attempt to claim to be the same person withen a short period, then the latter person will probably be detained at the DMV or Post Office until he/she can verify thier identity. Meanwhile, all public keys will be revoked until the matter is settled.
2. My batteries have run out. Can you trust me to be me until I can replace them?
No I won't trust you, because your device is solar powered like many pocket calculators.
3. "Mr Anderson, it seems you lead two lives." Sorry, no. I don't want it to be possible to easily track me, have everything I do recorded. It's already bad enough with my bank, credit card companies, credit agencies, etc, keeping tabs on me to a large degree.
Think of this as your social security number. You don't give your social security number away letting everybody track you.
Neither do you give your private key to everybody, rather you would only give it to people and organizations you trust.
Furthermore, I would add legislation that would fine any company who required your private key for doing business. The security of this system works best when it's using sparringly and above all voluntary.
Even a half-assed scheme could prevent most cases
on
Cringely on Identity Theft
·
· Score: 3, Interesting
You cant prevent crimes from happening, you can only improve the ability to catch the criminals, and reduce the damages.
Sure you can, especially when the current security system is virtually non-existant.
My proposal is simple:
* 2 key-pairs are issued every individual by the DMV
* The first (public) key is freely given to everybody
* The second (private) key is stored on a chip in a credit-card sized pocket calculator like device, or smart card. ($5-$10 device which is paid by the driver upon issuance)
When you need to prove your identity, you will be challenged with a random number, which can only be encrypted with the private key and verified by the public key.
* Challenger gives you random number
* Your encrypt device encrypts number with private key
* Challenger verifies encryption with public key.
In the event a private key is comprimised, the corrisponding public key will be published on a public database (which keys institutions should be required to check) and a new private key will be issued.
The encryption community has come up with many solutions for this problem over the last few decades, and I know the consumer electronics and card issuance industry (which I used to work) would love nothing more than the government to stop dragging it's heels and select one of the many drafted standards.
We can solve this problem without creating another government institution or delegating it to one corporatation.
Why aren't nerds pushing for an open and honest solution to this problem? Aren't solving problems like this a nerd's wetdream?
Like I said before, even a half-assed scheme would be better than our current social-security passwords.
The entire purpose of regulatory bodies is to shape the market such that companies act in ways beneficial to the public interest, where absent regulation they would be inclined to cut corners for short term profit, setting up everyone for a disaster in the long run.
I think you're underestimating the consumer. I personally have decided *NOT* to choose VOIP over Verizon's $50/Umlimited plan, because I personally value the reliability of the copper network.
Many people, including my brother, feel otherwise which is why they opted to not to invest the local phone network, but rather their alternative broadband network (cable modem, wireless, etc.)
IMO, I think this type of competition is healthy for the Telco's and is forcing them to provide a better product. Even my mother understands that reliability is an important factor when deciding to replace your ILEC with VOIP, and despite the constant sales pitches from my brother, she still opted to stick with Verizon.
Don't underestimate the consumer.
(Not that we ALL haven't dealt with idiot customers)
After reading the last Slashdot story making artificial diamonds, I talked with a number of people.
A couple of years ago, DeBeers went to the FTC to make ensure that man made diamonds could not be marketed as diamonds. It worked. Man made diamonds have to be sold as "Cultured Diamonds" to clearly indicate that what they are buying wasn't the product of 5 million years geothermal heat and compression.
After talking with a couple of coworkers and jewelers about cultured diamonds, I discovered that most people were expecting a catch and were reluctant to believe cultured diamonds had the same value of "real" diamonds.
I believe there is a huge psychological barrier that cultured diamonds have to overcome before they can serious threaten DeBeers.
One should especially note the history of Cultured Emeralds, which after 20-30 years, are only valued at a fraction of "real" emeralds.
Slashdot Mirror
In retrospect, I realize I'm just being stubborn. We both want to preserve Slashdot as a respectable discussion forum, and I must concede that taking aim at submitters is not an efficient or productive way at raising the bar for discussion, rather we should raise the bar in the discussion forum. Lastly, I finally understand your point that readers shouldn't be distracted by pointless pot shots at the submitters as it only debases the reputation of Slashdotters.
Having said that, I'm going to take a step in that direction by writing up a petition to bring back Jon Katz. This time, I will refrain from personal attacks like calling him a hyper-dramatic douche bag and will only respond to his inane submissions with serious discussion.
I will no longer respond to stupidity with stupidity, and most of all I will not hold my fellow Slashdotter's frustrations of proper discussion protocol in contempt, no matter how big of a cry baby they are with their "I don't want to have to read this! Why can't the world be perfect?!? Accommodate me! Come on guys! Stop trolling! Get serious!"
Thank you for hearing my apology.
Let's just say you'd save yourself a lot of money on fuel for hot air.
1. Slashdot is not a niche site that only reports Kernal release. It's a VERY popular source of tech and science news with a readership capable of performing many inadvertant DOS attacks. That alone makes criticising Slashdot nessecary.
2. You then go on about how the comments makes Slashdot great hinting CNN and Fox could learn something from Slashdot. Well, how about that? WOULDN'T IT BE GREAT IF YOU COULD MAKE JOKES ABOUT FOX NEW'S SPIN (ON FOX NEWS) LIKE YOU CAN ON SLASHDOT???
You're missing the entire point of comments. Comments are there to balance the story if it's incorrect, misleading, of outright manipulative.
Sometimes a particular submitter keeps making the same mistakes OVER and OVER again. Why should we have to shut up, because you tolerate low standards? I want to hear what people with higher standards have to say, and I want the submitters to hear the criticism targeted at them.
Don't you think public scrutany is an important part of an open discussion?
You're ever so funny. Really.
And you are that humorless? Not familiar with injecting a dumb joke for levity sake? You're supposed to use a dumb joke so that you inflict some of the damage on yourself. It's like an olive branch that says, "Don't take me so serious."
You almost had my sympathy when it dawned on me:
...and yes. Sometimes it IS Funny.
This is a Commercial News Outlet
This isn't some hobby website on a shoestring budget, therefore it should be subjected to the same criticism that CNN, Fox News, or any other influential news outlet should be subject to...
If you don't like the criticism, don't read them. I personally VALUE comments like these as indicators of how people feel about Slashdot insofar as I'm concerned that Slashdot maintains an acceptable reputation for a serious forum of discussion.
Bitch! (Sorry, name calling seemed appropriate.)
I believe people are horribly biased and will continue to be horribly biased until they understand that thier emotions are playing tricks on thier "rational" mind.
Thankfully for me, my emotions usually compell me to back up my assertions with something concrete, otherwise I feel vulnerable to attack.
Feeling pretty comfortable with my evidence, I'm going to come right out and assert.
Homicide and Violent Crimes are at an all time LOW since 1993. (Hell, it's as good at the 50's and 60's)
Seriously, these stats will shock the shit out of you.
Bureau of Justice Statistics
Teen Homicide Statistics
Violent Crime Statistics
From what I understand, the video game industry is now bigger than the movie industry (for a couple years now?). The games released in the last 10 years have set unprecendented levels violence and realism engaging the player in committing virtual crimes (Grand Theft Auto), from theft, murder all the way up to terrorism.
From what I remember, video games really started getting super-violent from 1993 onward. Isn't that when Doom popularized that realistic genre?
Also, the movies have gotten a lot worse, especially with the proliferation of CGI making violence and gore super realistic. Let's not forget the mass dissemination of porn making it accessible to anyone who can use a search engine.
So why did violence and homicide levels plummet to a THIRD of levels in 1993? Why aren't all the school suffering from shootings on a daily basis?
Too many people assume that video games are making our society more violent. This is clearly untrue. Instead, The reverse has happened. Why?
Is this because of a change in policy? Is being tough and violent now uncool? Could video games have played a role in making society less violent by allowing people to release thier aggression? Was it the result of a lot of things?
Sun Tzu:
Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near.
Hold out baits to entice the enemy. Feign disorder, and crush him.
Never ascribe to evil that which can just as easily be mere incompetence. (or something similar).
I think both parties are stupid. True evil actually requires a degree of intelligence, which I certainly haven't seen from either party.
I think you should spend a lot more time at OpenSecrets.org and note the expert proficency when it comes to handling the legislative detail of thier contributors.
I think this case had two things going for it, neither to be underestimated:
1. Microsoft's power to litigate and make news.
2. The impact this patent would have on just about every web user.
Factor #2 has been demonstrated to have some leverage in the realm of very obvious patents (BT's hyperlink patent).
While Eolas' patent may seem obvious to your average software engineer, it isn't to your average Joe. Had it not been Microsoft, I think the impact of the installed base would have been a significant factor.
Had it been MS vs. the World, I think it would sink thier reputation to where even loyal Microsoft users would want to stop buying thier products.
From what I understand, it isn't the patent clerks' job to scan the Internet and look for prior art, rather thier search for prior art is limited to thier own patent database.
I wouldn't be surprised if these 2 clerks were forced by USPTO policy to grant these patents, regardless of thier opinions. I suspect this policy has been influenced by the Commerce Dept. and many federal judges over many years of litigation..
Hell, they may ever reassign the same 2 clerks to re-evaluate the patents with a little pressure from the top to invalidate them in light of new evidence.
Think of reversing a patent as invalidating evidence, which will probably be submitted to an appeals court at a later time. Once you've found evidence is invalid or is misrepresented, then all arguments based on that evidence need to be reargued.
This reversing of a patent will probably be submitted to the appeals court (if there isn't already a more convienent avenue), which will overturn the prior decisions.
It's GPLed and available to download at this link:
http://www.elections.act.gov.au/evacs.tar.gz
So, if you want to get started advocating an open e-voting system for your neck of the woods or an alternative to Diebold, then you can get started now.
If you want to push printed receipts, I'm sure you can hire someone who could write an interface to a little thermal printer via the COM ports.
* Is Fox News pushing the FCC for a broadcasting flag in this story?
* Is Fox News trying to extort money out from owners of smart card programmers?
* Is Fox News accusing The Simpsons of violating the DMCA?
Don't get me wrong, I find the story hilarious, but it's already being covered by every other news outlet. (With the exception of Fox News?)
I hope you don't suffer from the same dilusion the parent poster does about the president controlling everything.
Here ya go:
Top Industries
From that, you'll see that both Lawyers give 3 times more to Democrats than Republicans, and the Entertainment industry gives almost 4 times more to Democrats.
More important than that, you should really get to know who the House and Senate committee leaders are, and check out who's giving them money.
It's interesting to how each respective party campaigns under vague, divisive, and meaningless issues like Abortion, Gays and Lesbians, Taxes, and Social Security to win votes, and people eat it up!
I especially love the notion of "liberal" and "conservative" as if each party is trying to save you from the other's excessive spending (R: Military, Homeland Security) or the other's special favors to big business (D: DMCA, Legal Industry, Securities + Investing).
Next time you cast your vote, I suggest you look at each canidate and figure out who's giving them money, and then ask yourself:
Do I want to prop up the Securities and Investment industry or the Insurance Industry this year?
I don't want to come off as stupid, but I still don't understand.
Why do those particular numbers corrispond with those particular letters? I understand there is encryption involved, but I don't have the software to decrypt the code.
Is this like a ROT13 joke?
...who take a bulk of money from the **AA's, not to mention a HUGE bulk from the legal profession in general.
I'm not saying the Republicans are any better. They might be, but I don't know how you can honestly sit there with such shock as to how this administration might disagee with an oppressive policy that happened to be installed by the last administration and happened to benefit the last administration's contributors. (It's right there on OpenSecrets.org)
Can you break out of the political dichotomy for a second to recognize that there are good and bad things about both political parties, as well as good and bad things about this administrations.
I know it's hard to see the good this administration did, especially with all those fuckups looming over thier heads, but you should atleast make an effort to be objective.
Lastly, Do you realize that by attributing every government decision to "The Man", you discredit every other valid point you make. People will stop listening to you, and you will stop any valuable insight you might have from spreading.
The moral: Don't give away objective thinking for political ends.
I guess to sum up your post, while Win32 was generally a pretty straightforward C API, which made adapting it to other paradigms considerably complicated.
.NET if they haven't already made Windows.Forms equally capable as Win32.
In your first example, you cite the problem of managing a Windows lifetime, which is vulerable to being destroyed by other code. Frankly, this isn't just a problem with Win32 as it is with any system that isn't using reference counting or garbage collection.
Fortunately, Win32 atleast gives you the opportunity to handle a WM_DESTROY message (which isn't available for other objects) when a Window is being destroyed. Win32 also provides functions to help test the validity of handles, which combined with other tricks can be a mostly reliable validity test.
However, because you're working with a C API, it is generally expected that you properly allocate and deallocate your resources in a consistent manner, thus the design shouldn't be vulnerable to rogue code deleting resources it shouldn't be deleting. In other words, all parts of the software has to agree on a single owner who is responsible for deleting the resource.
If you really need to support a multi-owner scenario, then you should really be using reference counting, garbage collection, or some other system that hides and encapsulates your resources with dear life.
There are generally not many reasons to expose window handles to unknown code, but when it does happen, there's not much you can do to prevent problems.
However, I am more sympathetic to your message scenarios. Adapting messages to an OO paradigm was never straightforward in practice. However, it always seemed to work well for the non-OO diehards, which used to really bug the shit out of me.
Win32 was just one of those things that was good enough solution for it's time and for what it did, but it really is time to move on to something better.
Like you, I'm wondering how they plan on phasing Win32 out of
Win32 is messy, and most Windows C(++) programmers avoid using Win32 directly at all costs (that's what MFC and ATL are for).
Most Windows C++ programmers I know are happy to deal with the API. Even novice MFC programmers tend to have a good idea of how the API is structured, as MFC is just a fairly simple wrapper mirroring that structure.
It sounds like might have used MFC, but I seriously doubt you've ever touched ATL (A true nightmare for many), which is more geared towards creating COM components and threading environments to run under MTS.
To be fair: Win32 is fairly simple and straightforward compared to a lot of the alternatives. It's a simple C library which has a very simple and consistent structure revolving around Windows objects, making it an OO-Lite type API.
I agree with your reasons to get rid of Win32, but I would hardly call Win32 complicated. (Cumbersome at times, yes, but not complicated)
Are there others? It's almost as if the majority of "conservatives" are either too stupid to understand what being conservative on the various issues means, or are so desperate, they'll support this bizarro Republicrat (Who's worse than most democrats) rather than conceed to symbolic political failure.
Do you think we'll possibly be seeing an end to neo-conservatism with the Republican party so depedent on the Christian/rural vote?
The DMV charges fees for most services, and I would propose that people pay a $20-30 fee to cover the costs.
That shifts it to YOUR bottom line. Would you pay $20-$30 to protect your financial assets?
All the DMV would have to do is buy the devices in bulk (which they really end up reselling), print the public key on your driver's license, and support a simple revocation database.
From considering that maybe companies like Microsoft should be held liable for knowningly shipping an insecure product?
The last thing I want to see is the software be subjected to the same liability/litigation as the aerospace industry, but I don't believe a EULA should protect a manufacturer from not fixing a product that is inherantly secure.
The question we need to ask ourselves, "Has Microsoft knowingly done nothing to fix a security hole?"
Nah! Let's just legislate RTFM!
1 key - Government Verification
1 key - Corrisponding with Drivers License
(Use sparringly for occasional verification in financial affairs.)
50 additional keys - Which could be registered and published under Aliases of your choosing by a third-party registration service?
I believe this sort of system should be implemented as a core specification which the states would be required to adopt.
Manufacturers of devices would have stricter standards subjecting the manufacturers to severe penalties if they fail to meet the standards. They would also have to pay for government testing.
Like I mentioned in my other email. This would NOT be a National ID system that would be used everywhere, rather a voluntary authentication service to be used sparringly. Furthermore, it would be illegal for any company to require a public key.
I do like your idea, which I think should be handled with additional public keys.
I should have prefaced my proposal by emphasizing that this idea is not a National Identification system, rather it's an authentication service to enable you to better protect your assets.
The only involvement the federal government would have would be mandating the States to implement the standard. The states would be free to purchase the devices from any manufacturer who meets the security specification.
The manufacturer will pay for all inspection costs and will accept liability if thier device is cracked because of failure to meet the specification.
Verification algorithms would be written and published in most programming languages (Probably RSA).
Now to address your scenarios:
1. I just got mugged. Suddenly I can't prove I'm who am I, while some lowlife punk just proved he's me and bought a Ferrari. And I can't even drive it!
That's when you call a 1-800 number where you enter your public key and a password to revoke your public key. Oh, and I hope your mugger looks like your twin, because the Ferrari dealership will ask for your driver's license which will have your public key on it.
As long as your revoking your public key, you might want to cancel your credit cards while your at it.
After that, the prodecure is the same as getting a replacement drivers license. You'll need a copy of birth certificate, passport, or another approved document verifying who you are who you claim.
If two different people attempt to claim to be the same person withen a short period, then the latter person will probably be detained at the DMV or Post Office until he/she can verify thier identity. Meanwhile, all public keys will be revoked until the matter is settled.
2. My batteries have run out. Can you trust me to be me until I can replace them?
No I won't trust you, because your device is solar powered like many pocket calculators.
3. "Mr Anderson, it seems you lead two lives." Sorry, no. I don't want it to be possible to easily track me, have everything I do recorded. It's already bad enough with my bank, credit card companies, credit agencies, etc, keeping tabs on me to a large degree.
Think of this as your social security number. You don't give your social security number away letting everybody track you.
Neither do you give your private key to everybody, rather you would only give it to people and organizations you trust.
Furthermore, I would add legislation that would fine any company who required your private key for doing business. The security of this system works best when it's using sparringly and above all voluntary.
You cant prevent crimes from happening, you can only improve the ability to catch the criminals, and reduce the damages.
Sure you can, especially when the current security system is virtually non-existant.
My proposal is simple:
* 2 key-pairs are issued every individual by the DMV
* The first (public) key is freely given to everybody
* The second (private) key is stored on a chip in a credit-card sized pocket calculator like device, or smart card. ($5-$10 device which is paid by the driver upon issuance)
When you need to prove your identity, you will be challenged with a random number, which can only be encrypted with the private key and verified by the public key.
* Challenger gives you random number
* Your encrypt device encrypts number with private key
* Challenger verifies encryption with public key.
In the event a private key is comprimised, the corrisponding public key will be published on a public database (which keys institutions should be required to check) and a new private key will be issued.
The encryption community has come up with many solutions for this problem over the last few decades, and I know the consumer electronics and card issuance industry (which I used to work) would love nothing more than the government to stop dragging it's heels and select one of the many drafted standards.
We can solve this problem without creating another government institution or delegating it to one corporatation.
Why aren't nerds pushing for an open and honest solution to this problem? Aren't solving problems like this a nerd's wetdream?
Like I said before, even a half-assed scheme would be better than our current social-security passwords.
Don't like my solution? What are your ideas?
The entire purpose of regulatory bodies is to shape the market such that companies act in ways beneficial to the public interest, where absent regulation they would be inclined to cut corners for short term profit, setting up everyone for a disaster in the long run.
I think you're underestimating the consumer. I personally have decided *NOT* to choose VOIP over Verizon's $50/Umlimited plan, because I personally value the reliability of the copper network.
Many people, including my brother, feel otherwise which is why they opted to not to invest the local phone network, but rather their alternative broadband network (cable modem, wireless, etc.)
IMO, I think this type of competition is healthy for the Telco's and is forcing them to provide a better product. Even my mother understands that reliability is an important factor when deciding to replace your ILEC with VOIP, and despite the constant sales pitches from my brother, she still opted to stick with Verizon.
Don't underestimate the consumer.
(Not that we ALL haven't dealt with idiot customers)
What I'm trying to figure out is why the hell the EU is actually considering adopting OUR patent system.
Do they really want to subject their software industry to the US's HUGE software patent portfolio?
After reading the last Slashdot story making artificial diamonds, I talked with a number of people.
A couple of years ago, DeBeers went to the FTC to make ensure that man made diamonds could not be marketed as diamonds. It worked. Man made diamonds have to be sold as "Cultured Diamonds" to clearly indicate that what they are buying wasn't the product of 5 million years geothermal heat and compression.
After talking with a couple of coworkers and jewelers about cultured diamonds, I discovered that most people were expecting a catch and were reluctant to believe cultured diamonds had the same value of "real" diamonds.
I believe there is a huge psychological barrier that cultured diamonds have to overcome before they can serious threaten DeBeers.
One should especially note the history of Cultured Emeralds, which after 20-30 years, are only valued at a fraction of "real" emeralds.
I've read the DMCA and I've seen the provisions for reverse engineering which especially applies for the purpose of creating a compatible technology.
This seems like a clear case of reverse engineering to create a compatible DVD player.
How is it this case and the 2600 case got so far?