Trick maybe the wrong word - changing the L&F is by design with code such as: try {
UIManager.setLookAndFeel(UIManager.getSystemLookAn dFeelClassName()); } catch (UnsupportedLookAndFeelException ex) {}
"Additionally, as long as IT security is a separate industry, there will be companies making money based on insecurity -- companies who will lose money if the internet becomes more secure."
All the commercial anti-virus software I've ever used has been full of FUD, displaying big red crosses and popup balloons telling me that my system is at risk because I haven't purchased some additional product or upgrade. I see the same companies rolling out stats about virus attacks and in mainstream media warning of the next big threat, doom saying wherever possible.
Personally, as a programmer, I think the weaknesses in software will be fixed and operating systems changed such that deep probing virus checkers are obsoleted. I'd happily see this whole FUD spreading portion of the security industry die.
Some of his points may however be too general:
"The whole IT security industry is an accident -- an artifact of how the computer industry developed."
There are still places where a security industry will always be needed, such as authentication though RSA tokens/smart-cards/biometrics and the associated infrastructure.
In general I think he's about right though. Over time software will improve and things will be built in such a way that common failures of today are obsoleted just like other engineering disciplines have improved methodologies e.g. airplanes are not built with square windows anymore - http://en.wikipedia.org/wiki/De_Havilland_Comet.
A5 is helpful and should help keep amateurs out when in use (it's upto the network to switch it on), but it's not end to end encryption which would be needed to get around the lawful interception interface specified in GSM networks - the 3GPP spec is here: http://www.3gpp.org/ftp/Specs/latest/R1999/01_seri es/0133-800.zip
This is a great construct, but I found that it can be quite inefficent because it creates an Iterator and uses that to traverse whatever is being passed. For some collections such as ArrayLists, I found using a good old loop and.get(index) performed much faster and avoided creation of Iterators and therefore needed less garbage collection. Foreach is very neat and great in lots of places, but it should come with a small health warning for the cases where performance is critical.
My application was very heavy on traversing ArrayLists though.
Which technology are you describing? It doesn't sound accurate to me, but I'm familiar in only 3GPP standards.
A GSM handset may monitor many cells at one time, basically reading some broadcast data (BSIC etc...) and monitoring the signal level, but it will only be transmitting to one cell at any one time. The broadcast channels from cell towers are constantly on, and an accepted overhead that makes the system work - monitoring these broadcast channels takes no bandwidth from other users.
A WCDMA FDD handset may actually communicate with more than one cell tower at a time, and hence use more bandwidth, but this is a decision made by the network as it assigns the resource, not the handset. Also WCMDA has a tight power control loop, so it is careful not to be wastfull. Again, like GSM, other cells maybe monitored and some information decoded (CellId etc...), but this is again broadcast data that takes no bandwidth from other users.
The problem I think of is more that a lot of network activity would be caused by a plane load of people moving quickly between cells. The network has to tightly co-ordinate the allocation and re-allocation of resource as a person moves between cells, as well as updating databases that record the location area in which the user can be reached. I could believe that planes filled with people quickly moving across the network could cause some critical parts of the network to receive very high loading - especially as I would imagine these bits to have been dimensioned according to models that assume things like the average user is travelling at less than 50 kph.
I've personally seen my blackberry connect to 40+ towers at once. This eats up valuable bandwidth at each cell tower
As described, your Blackberry is merely observing large numbers of cells, and not using all their bandwidth.
Well, here's the thing. We are talking about firmware executed by a processor on the device. The primary operating system doesn't need to know anything about that firmware
Right, but the article states that various vendors are unwilling to allow redistribution of that firmware, hence making it much much more difficult for an OS to support the device.
This really shouldn't be all that much different that writing a host driver for a regular Ethernet LAN card.
Assuming that you were allowed to use and redistribute the firmware, yes, this would be the case. However, without being able to use the manufacturers firmware you are faced with an empty device and a much deeper, more complex interface to the hardware, one which as Theo is quoted in the article as saying, may also have a number of bugs (or errata) that are also undisclosed and need working around.
> >* versioning (no preprocessor madness) > > I'm guessing he meant variants here, the preprocessor is often > used for variants, rarely for versioning.
I does look like variants to me, but appears to be called versioning - check this:
I think that part of the 'close-mouthed' mentality is because it is not easy to identify what a piece of software is actually worth. The fear of accidentally releasing a valuable invention unprotected leads to restriction by default, just because it is easier to manage and low risk. It think it's pretty poor that these companies can't take the time to look into developer requests and decide when they could release some info, but then I guess there is no clear financial reward for such actions.
The thing I do find surprising is that if firmware is moved to the driver and not stored in FLASH on the device itself, it becomes much easier for hobbyists to disassemble and study (sure you can reflow a FLASH chip and mount it on a circuit board of your choosing and then read it, but that's somewhat fiddly). Since Theo talks about developers trying to implement firmware for these devices, I presume that there isn't any encryption or secure signing of the firmware, which surely leaves it vulnerable to reverse engineering. So I wonder what is it that that these companies are trying to protect by restricting use and re-distribution of the firmware?
Ironically, if the devices in question implemented a secure bootloader that accepted only properly signed and encrypted firmware, the firmware itself could be made useless without a device, and hence redistribution might be less of a problem.
Personally, if I had written code that were adopted as a part of a RedHat distribution (or any other), I'd be delighted that the code were being widely distributed and used.
When I've written and released GPL code in the past, I've never had any expectations as to how it will be used outside of the restrictions placed by the GPL; that's part of OSS. Maybe you don't get that, but then, you are an AC - probably never to see this reply.
> Not that it's all roses with Perforce. My impression is that it doesn't scale > very well. Most operations simply lock the entire database.
I agree - the backup solution described and recommended by Perforce works well for small installations, but doesn't scale very well in my experience. It's disappointing given that Perforce use scalability as a selling feature (http://www.perforce.com/perforce/products.html).
I went on a limb and made an alternative way to do checkpoints/backups for exactly the reason you describe - it's difficult to get right and seriously bad if you get it wrong. The write up of what I do is here:
In my opinion it would be simple for Perforce to implement some simple changes to help large scale backups (e.g. make p4d -jj -c "cmd" work), and I've suggested it to their support staff, some of whom I've met in person at various times. However, I haven't heard or seen any indication that they are going to do this... I'm still hopeful, but less so these days.
I also believe that Perforce only does locking at the table level (using flock()), which is most likely why the server often sees poor concurrency, especially with write operations as you describe. The more recent versions of the server are apparently better (2006.x), although I'm yet to upgrade. The server itself is based on SleepyCat Berkley DB tables, which Oracle recently took over and look to have improved (http://www.oracle.com/database/berkeley-db/db/ind ex.html). So maybe future versions of the Perforce server will benefit too. I hope.
While its easy to grab code and quickly put it together to make something that works, it is usually the licences and the difficult to interpret legalese that can limit this approach. This becomes relevant if distribution of the resulting software is required, and is especially relevant in a commercial context. Clean-room implementations are going to be around for a while to come, IMHO.
Actually, I would hope that the compiler would print something here, but alas, my version of GCC doesn't:
[mm1@nv-mike mm1]$ gcc --version gcc (GCC) 3.2.3 20030502 (Red Hat Linux 3.2.3-54) Copyright (C) 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. [mm1@nv-mike mm1]$ echo -e '#include \nint main() { if ( printf != 0 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall [mm1@nv-mike mm1]$
The problem is that comparisons between 0 and a pointer type are silently ignored (to allow NULL to be defined as 0?). If the comparison is with a non-zero value we are warned:
[mm1@nv-mike mm1]$ echo -e '#include \nint main() { if ( printf != 50 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall : In function `main'::2: warning: comparison between pointer and integer [mm1@nv-mike mm1]$
However, if I do something else syntactically valid, but dubious, gcc does give me a hint:
[mm1@nv-mike mm1]$ echo -e '#include \nint main(int argc, char *argv[]) { if ( argc = 0 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall : In function `main'::2: warning: suggest parentheses around assignment used as truth value [mm1@nv-mike mm1]$
Since it would seem rare that you would want to compare a function address (I guess weak linkage could make use of such a comparison), I'm suprised that the compiled doesn't produce a warning and allow somthing like an explicit cast or added parenthesis to neutralise the warning in cases where the programmer really does with to compare a function pointer type will 0.
I guess Theo de Raadt maybe had a point in the KernelTrap interview [http://www.kerneltrap.org/node/6550] posted yesterday on Slashdot when he said:
"I would love to see a new C compiler that was fully compliant, did minimal optimization, was small and fast, and high quality."
Maybe in this case, a compiler is the wrong tool and lint would be better?
> In other words, the manufacturers are prohibited by FCC rules from > making a device that a consumer can run in a licensed band or at a > higher-than-allowed output power.
Interestingly the output powers for most electronic devices are likely to be controlled using calibration data tables stored in FLASH to allow for production tolerances - certainly this is the case of cell phones. What normally happens is that each device is programmed with default calibration that allows most devices to transmit at the correct power. Somewhere on the production line the output powers will be tested, and if a device fails by transmitting either at a lower or higher than expected power, the calibration table updated to compensate.
Since these cal tables are stored in FLASH, anyone with the right tools could update the calibration and squeeze an extra dB out of the device. It's not trivial to protect against such changes in a device either.
I like the middle ground of having a range of pre-built binaries that are optimised for common machine types, allowing the user to install the one most appropriate. This allows benefits in performance, as well as reducing the permutations of the software that need supporting.
The Moox builds (http://www.moox.ws/ of Firefox did exactly this, and gave a noticable performance increase over the 'regular' mozilla.com pre-built binaries for Win32. Before the site went down, there were also benchmarks of his builds showing the performance increase - the PDF is still in the Wayback machine linked from the following page: http://web.archive.org/web/20050216043112/http://m oox.ws/tech/mozilla.
I guess the issue here is that maybe iTunes isn't making it clear that it is tracking users in this way.
However, last.fm has plugins for various media players to do just this tracking, and I find it makes really good recommendations. I guess the other great thing is that last.fm also allows you to hear full tracks of its recommendations for free, as well as other concocted radio stations - I'm not sure I could see Apple doing this, although personally I've bought a lot more music since getting hooked on last.fm.
I could well imagine that for some people this iTunes functionality will be great.
You can use ssh to make a tunnel with the -D option. Any application that supports SOCKS (or can be sockified) can then use the tunnel almost transparently.
Not that I like IDEs, but I was impressed that the VS 2005 editor is folding default. I think this addresses the articles gripes about not being able to read the whole code, at least partially.
Folding is a great feature, and one that lots of good editors (Textpad is my current preference) seem to omit:( I can only hope that this will alert people to the great use of folding, and we will see more folding editors in the future.
I got that too. The cow started kicking villages apart, so I'd give him a good slapping. Then he thought I was bad and my castle thing turned into a urchin. The damn cow didn't seem ot behave much better either, and it was around that point that I got bored and stopped playing.
Shame, because it was a beautiful game and had a lot of potential. Still Populous III: The Beginning was awesome and much more fun - B&W was soon forgotten...
> Indeed, many credit Microsoft's success to its highly > regarded programming tools, which make it easier for > developers to write software that run on Windows.
Bleh. Windows doesn't even come with a compiler.
I think that's probably why a lot of developers like Unix so much - most systems come with a compiler as standard and the man pages give you all the APIs you need. Grab your favourite editor and off you go!
Slashdot Mirror
Trick maybe the wrong word - changing the L&F is by design with code such as:
n dFeelClassName());
g .html
try
{
UIManager.setLookAndFeel(UIManager.getSystemLookA
}
catch (UnsupportedLookAndFeelException ex) {}
While not perfect, it is pretty good. There are screen shots and some of the deficiencies laid out here: http://today.java.net/pub/a/today/2003/12/08/swin
I think some of his points are good:
"Additionally, as long as IT security is a separate industry, there will be companies making money based on insecurity -- companies who will lose money if the internet becomes more secure."
All the commercial anti-virus software I've ever used has been full of FUD, displaying big red crosses and popup balloons telling me that my system is at risk because I haven't purchased some additional product or upgrade. I see the same companies rolling out stats about virus attacks and in mainstream media warning of the next big threat, doom saying wherever possible.
Personally, as a programmer, I think the weaknesses in software will be fixed and operating systems changed such that deep probing virus checkers are obsoleted. I'd happily see this whole FUD spreading portion of the security industry die.
Some of his points may however be too general:
"The whole IT security industry is an accident -- an artifact of how the computer industry developed."
There are still places where a security industry will always be needed, such as authentication though RSA tokens/smart-cards/biometrics and the associated infrastructure.
In general I think he's about right though. Over time software will improve and things will be built in such a way that common failures of today are obsoleted just like other engineering disciplines have improved methodologies e.g. airplanes are not built with square windows anymore - http://en.wikipedia.org/wiki/De_Havilland_Comet.
A5 is helpful and should help keep amateurs out when in use (it's upto the network to switch it on), but it's not end to end encryption which would be needed to get around the lawful interception interface specified in GSM networks - the 3GPP spec is here: http://www.3gpp.org/ftp/Specs/latest/R1999/01_seri es/0133-800.zip
Note section 4.2, "Background Technical Requirements":
iostat is probably an easier way to achieve similar output.
It still doesn't break it down by task though, so not really the iotop people are looking for.
This is a great construct, but I found that it can be quite inefficent because it creates an Iterator and uses that to traverse whatever is being passed. For some collections such as ArrayLists, I found using a good old loop and .get(index) performed much faster and avoided creation of Iterators and therefore needed less garbage collection. Foreach is very neat and great in lots of places, but it should come with a small health warning for the cases where performance is critical.
My application was very heavy on traversing ArrayLists though.
Which technology are you describing? It doesn't sound accurate to me, but I'm familiar in only 3GPP standards.
A GSM handset may monitor many cells at one time, basically reading some broadcast data (BSIC etc...) and monitoring the signal level, but it will only be transmitting to one cell at any one time. The broadcast channels from cell towers are constantly on, and an accepted overhead that makes the system work - monitoring these broadcast channels takes no bandwidth from other users.
A WCDMA FDD handset may actually communicate with more than one cell tower at a time, and hence use more bandwidth, but this is a decision made by the network as it assigns the resource, not the handset. Also WCMDA has a tight power control loop, so it is careful not to be wastfull. Again, like GSM, other cells maybe monitored and some information decoded (CellId etc...), but this is again broadcast data that takes no bandwidth from other users.
The problem I think of is more that a lot of network activity would be caused by a plane load of people moving quickly between cells. The network has to tightly co-ordinate the allocation and re-allocation of resource as a person moves between cells, as well as updating databases that record the location area in which the user can be reached. I could believe that planes filled with people quickly moving across the network could cause some critical parts of the network to receive very high loading - especially as I would imagine these bits to have been dimensioned according to models that assume things like the average user is travelling at less than 50 kph.
I've personally seen my blackberry connect to 40+ towers at once. This eats up valuable bandwidth at each cell tower
As described, your Blackberry is merely observing large numbers of cells, and not using all their bandwidth.
Ditto domain and web hosting.
Well, here's the thing. We are talking about firmware executed by a processor on the device. The primary operating system doesn't need to know anything about that firmware
Right, but the article states that various vendors are unwilling to allow redistribution of that firmware, hence making it much much more difficult for an OS to support the device.
This really shouldn't be all that much different that writing a host driver for a regular Ethernet LAN card.
Assuming that you were allowed to use and redistribute the firmware, yes, this would be the case. However, without being able to use the manufacturers firmware you are faced with an empty device and a much deeper, more complex interface to the hardware, one which as Theo is quoted in the article as saying, may also have a number of bugs (or errata) that are also undisclosed and need working around.
> >* versioning (no preprocessor madness)
>
> I'm guessing he meant variants here, the preprocessor is often
> used for variants, rarely for versioning.
I does look like variants to me, but appears to be called versioning - check this:
http://www.digitalmars.com/d/version.html
I think that part of the 'close-mouthed' mentality is because it is not easy to identify what a piece of software is actually worth. The fear of accidentally releasing a valuable invention unprotected leads to restriction by default, just because it is easier to manage and low risk. It think it's pretty poor that these companies can't take the time to look into developer requests and decide when they could release some info, but then I guess there is no clear financial reward for such actions.
The thing I do find surprising is that if firmware is moved to the driver and not stored in FLASH on the device itself, it becomes much easier for hobbyists to disassemble and study (sure you can reflow a FLASH chip and mount it on a circuit board of your choosing and then read it, but that's somewhat fiddly). Since Theo talks about developers trying to implement firmware for these devices, I presume that there isn't any encryption or secure signing of the firmware, which surely leaves it vulnerable to reverse engineering. So I wonder what is it that that these companies are trying to protect by restricting use and re-distribution of the firmware?
Ironically, if the devices in question implemented a secure bootloader that accepted only properly signed and encrypted firmware, the firmware itself could be made useless without a device, and hence redistribution might be less of a problem.
Personally, if I had written code that were adopted as a part of a RedHat distribution (or any other), I'd be delighted that the code were being widely distributed and used.
When I've written and released GPL code in the past, I've never had any expectations as to how it will be used outside of the restrictions placed by the GPL; that's part of OSS. Maybe you don't get that, but then, you are an AC - probably never to see this reply.
> Not that it's all roses with Perforce. My impression is that it doesn't scale
d ex.html). So maybe future versions of the Perforce server will benefit too. I hope.
> very well. Most operations simply lock the entire database.
I agree - the backup solution described and recommended by Perforce works well for small installations, but doesn't scale very well in my experience. It's disappointing given that Perforce use scalability as a selling feature (http://www.perforce.com/perforce/products.html).
I went on a limb and made an alternative way to do checkpoints/backups for exactly the reason you describe - it's difficult to get right and seriously bad if you get it wrong. The write up of what I do is here:
http://www.mcternan.co.uk/PerforceBackup/
In my opinion it would be simple for Perforce to implement some simple changes to help large scale backups (e.g. make p4d -jj -c "cmd" work), and I've suggested it to their support staff, some of whom I've met in person at various times. However, I haven't heard or seen any indication that they are going to do this... I'm still hopeful, but less so these days.
I also believe that Perforce only does locking at the table level (using flock()), which is most likely why the server often sees poor concurrency, especially with write operations as you describe. The more recent versions of the server are apparently better (2006.x), although I'm yet to upgrade. The server itself is based on SleepyCat Berkley DB tables, which Oracle recently took over and look to have improved (http://www.oracle.com/database/berkeley-db/db/in
While its easy to grab code and quickly put it together to make something that works, it is usually the licences and the difficult to interpret legalese that can limit this approach. This becomes relevant if distribution of the resulting software is required, and is especially relevant in a commercial context. Clean-room implementations are going to be around for a while to come, IMHO.
> there is only ONE feature opera has I wish other browswers would get.
> the resume function. operas is really awesome. it works so well.
The "Session Manager" extension may help bridge the gap (although not entirely):
https://addons.mozilla.org/firefox/2324/
Actually, I would hope that the compiler would print something here, but alas, my version of GCC doesn't:
:2: warning: comparison between pointer and integer
:2: warning: suggest parentheses around assignment used as truth value
[mm1@nv-mike mm1]$ gcc --version
gcc (GCC) 3.2.3 20030502 (Red Hat Linux 3.2.3-54)
Copyright (C) 2002 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
[mm1@nv-mike mm1]$ echo -e '#include \nint main() { if ( printf != 0 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall
[mm1@nv-mike mm1]$
The problem is that comparisons between 0 and a pointer type are silently ignored (to allow NULL to be defined as 0?). If the comparison is with a non-zero value we are warned:
[mm1@nv-mike mm1]$ echo -e '#include \nint main() { if ( printf != 50 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall
: In function `main':
[mm1@nv-mike mm1]$
However, if I do something else syntactically valid, but dubious, gcc does give me a hint:
[mm1@nv-mike mm1]$ echo -e '#include \nint main(int argc, char *argv[]) { if ( argc = 0 ) printf("Sucks\\n"); return 0; }' | gcc -xc - -Wall
: In function `main':
[mm1@nv-mike mm1]$
Since it would seem rare that you would want to compare a function address (I guess weak linkage could make use of such a comparison), I'm suprised that the compiled doesn't produce a warning and allow somthing like an explicit cast or added parenthesis to neutralise the warning in cases where the programmer really does with to compare a function pointer type will 0.
I guess Theo de Raadt maybe had a point in the KernelTrap interview [http://www.kerneltrap.org/node/6550] posted yesterday on Slashdot when he said:
"I would love to see a new C compiler that was fully compliant, did minimal optimization, was small and fast, and high quality."
Maybe in this case, a compiler is the wrong tool and lint would be better?
> In other words, the manufacturers are prohibited by FCC rules from
> making a device that a consumer can run in a licensed band or at a
> higher-than-allowed output power.
Interestingly the output powers for most electronic devices are likely to be controlled using calibration data tables stored in FLASH to allow for production tolerances - certainly this is the case of cell phones. What normally happens is that each device is programmed with default calibration that allows most devices to transmit at the correct power. Somewhere on the production line the output powers will be tested, and if a device fails by transmitting either at a lower or higher than expected power, the calibration table updated to compensate.
Since these cal tables are stored in FLASH, anyone with the right tools could update the calibration and squeeze an extra dB out of the device. It's not trivial to protect against such changes in a device either.
I like the middle ground of having a range of pre-built binaries that are optimised for common machine types, allowing the user to install the one most appropriate. This allows benefits in performance, as well as reducing the permutations of the software that need supporting.
m oox.ws/tech/mozilla.
The Moox builds (http://www.moox.ws/ of Firefox did exactly this, and gave a noticable performance increase over the 'regular' mozilla.com pre-built binaries for Win32. Before the site went down, there were also benchmarks of his builds showing the performance increase - the PDF is still in the Wayback machine linked from the following page: http://web.archive.org/web/20050216043112/http://
I guess the issue here is that maybe iTunes isn't making it clear that it is tracking users in this way.
However, last.fm has plugins for various media players to do just this tracking, and I find it makes really good recommendations. I guess the other great thing is that last.fm also allows you to hear full tracks of its recommendations for free, as well as other concocted radio stations - I'm not sure I could see Apple doing this, although personally I've bought a lot more music since getting hooked on last.fm.
I could well imagine that for some people this iTunes functionality will be great.
Hehe - I was thinking of 'robots in disguise' when I wrote the first comment :)
Aren't some transformers submerged in oil for the same reasons?
You can use ssh to make a tunnel with the -D option. Any application that supports SOCKS (or can be sockified) can then use the tunnel almost transparently.
Not that I like IDEs, but I was impressed that the VS 2005 editor is folding default. I think this addresses the articles gripes about not being able to read the whole code, at least partially.
:( I can only hope that this will alert people to the great use of folding, and we will see more folding editors in the future.
r s_with_folding_capability
Folding is a great feature, and one that lots of good editors (Textpad is my current preference) seem to omit
There is a short list of such editors here:
http://en.wikipedia.org/wiki/Folding_editor#Edito
I got that too. The cow started kicking villages apart, so I'd give him a good slapping. Then he thought I was bad and my castle thing turned into a urchin. The damn cow didn't seem ot behave much better either, and it was around that point that I got bored and stopped playing.
Shame, because it was a beautiful game and had a lot of potential. Still Populous III: The Beginning was awesome and much more fun - B&W was soon forgotten...
> Indeed, many credit Microsoft's success to its highly
> regarded programming tools, which make it easier for
> developers to write software that run on Windows.
Bleh. Windows doesn't even come with a compiler.
I think that's probably why a lot of developers like Unix so much - most systems come with a compiler as standard and the man pages give you all the APIs you need. Grab your favourite editor and off you go!
Exactly what I thought.