It's your server, you can of course do what you want. I'm just giving you information about how 90% of malware infections occur on web sites. For twenty years I've been remediating compromised servers, and this is how it normally happens.
> From there it will fork off a process and setuid/setgid's the process to the VirtualHost's defined uid/gid.. which has full permission to change any and all the files on the site.
> It's important to note that all SSH, and FTP daemons work in a very similar way.
Do you run your FTP server open with no password required? Probably not, that would be stupid. FTP can be used to change all your files, so you require a login.
Do you run your SSH server open with no password required? Probably not, that would be stupid. SSH can be used to change all of your files, so you require a log in.
Do you run your web server wide open with no password required? Yes! No login required, yet you set it up to have permission to change all of your files. That would be stu...
1970 is the epoch for Unix, 1980 for DOS, because Microsoft is always ten years behind Unix.
Windows actually has a shitload of different epochs. Some of their filesystems use 1980, some use 1601 1980, Excel uses January 0, 1900, some versions of their compiler use 12-30-1899, COM uses 12-31-1899. It's a real cluster fuck.
Policy is that blog posts, and other web sites run by a single individual (where authors are not acountable to editors) are "generally not acceptable": https://en.m.wikipedia.org/wik...
> Articles which are opinion, which reference blog posts are fine.
Opinion articles, including those published by AP, are not acceptable sources of fact.
"Unreliable sources" *may* be cited about *themselves* - you can write "Rush Limbaugh wrote that Pelosi is smarter than him" and link to Limbaugh's site. The source reliably supports the claim that "Limbaugh wrote".
Polls are preferred, but opinion pieces in well-regarded, editorially controlled publications can support the statement that "controversy arose regarding...". If the New York Times opinion pages have pieces arguing a certain point, that's reliable evidence that people were arguing about it.
It seems my post was unclear. It *may* also be that you are so comfortable with your current knowledge that you are somewhat resistant to unfamiliar ideas. If that's so, that's fine. I've made a LOT of money over the last 20 years cleaning up rooted servers run by people who thought they understood this issue.
> ITK.... This allows each account to have permissions of 0600
Whether you do suexec using mod_suexec, php_suexec, mod_ruid2, or mpm_ik doesn't really matter, either way the *effective* permissions are 666. How is it that a script (a visitor) can write to a file chmod 600, or even read it? It's because with mpm_itk, all visitors can read and write ALL files. Let that sink in for a minute - there's no difference in permissions between visitor_log.txt (which should be writeable) and.htaccess or.htpasswd (which shouldn't be). They all have the *same* permissions. visitor_log.txt is writeable, even with 600 permissions, because ALL files are writeable, regardless of permissions.
The alternative, what the documentation suggests that you do if you're not a security expert, is to have only the files that *need* to be writeable as 666, and all others 644, so they are not writeable. You do that by running Apache in its default configuration, by simply not adding mod_suexec or mpm_itk to make your chmod 600 files writeable.
> so I don't have to think about security patches.... > cPanel/WHM
If you care *at all* about security and are running Cpanel or even worse Plesk, you probably want to make to turn off SuExec. Both php suexec and cgi suexec. Basically what suexec does is give all visitors to your site *permission* to change all of your files. In all likelihood one of your PHP scripts gives them the *mechanism* to do so.
Suexec was designed for servers with a thousand hosting customers who have $20/year hosting accounts all on the same server. It has some marginal utility in such a case, protecting customers from each other, though the documentation opens with a warning from the suexec developers "you shouldn't even consider enabling suexec unless you thoroughly understand the security risks". It can't possibly do any good whatsoever on a dedicated server running one site (unless you're planning to attack yourself).
Unfortunately, Cpanel made it easy to enable, after a developer there failed to read even the first few sentences of the suexec documentation.
If it's enabled, your file permissions amd owmership are a little screwed up. Files written by the web server are owned by your login and chmod 644. (That appears to make them unwriteable by visitors, but remember suexec basically bypasses permissions). After disabling suexec, files which *should* be writable by scripts need to be chmod 666, marking those files (and *only* those files) as writeable.
When we started this discussion, that quote at the bottom of the Slashdot page was James Baldwin -- Those who say it can't be done are usually interrupted by others doing it. --
> The iterative version of your program is not using the same algorithm as the recursive version.
Okay so you acknowledge there are iterative algorithms, there are recursive algorithms, and not all iterative algorithms are recursive, right? That's an important point.
> You replaced a depth-first search with a breadth-first search
In fact it's (mostly) depth-first.
> the depth-first search algorithm would imply tracking the chain of pages you came from
Let's try a little experiment. Clear your browser history, then try clicking a link. Amazingly, you can go forward (in depth) without knowing your full history of where you came from! This isn't theoretical, as I said, I've spidered millions and millions of pages, by roughly following the first unvisited link on each page. If I were in the mood, I'd give you a core dump from my spider and you'd notice that nowhere in the core does it have the starting page from several years ago. (Unlike a recursive tree walk, which would have that data.) "But how do you get back, to follow another branch?", you may ask.
The first thing apparent is that once you've spidered a page, you're not going to spider the same page again, so you can forget all about it! There is no need to track all the parents. You need only remember some *unvisited* pages, none of the visited pages. So no, it's not correct to say "depth-first search algorithm would imply tracking the chain of pages you came from". Rather, you must track the head of the branch you did NOT come from. That'll be where you go next if you end up on http://hmpg.net/ (check out that page).
Further, we're discussing spidering the web, which is first a network, not tree. You seem to be thinking in terms of a tree. More importantly, the web is a real practical, thing, for which I gave an algorithm that's actually been at work for many years, as opposed to walking some theoretical tree. Because of the nature of the web, as a real network, you can discard 99.999% of the information which you would need for a complete walk of a theoretical tree. No need to remember *every* link you didn't visit, you'll never spider every page on the web anyway, and if you wanted to try you could always start back at dmoz.org or *any* large list of links. The network (the actual www) is such that there are many nodes (sites) which connect indirectly to ~every other available site. So the actual working algorithm doesn't know where it came from. What it *does* remember is a list of 1,0000 URLs it can go TO next. That's all it needs to know - where to go next, not where it came from. It ends up being depth-first because I made the list of "next URLs" a 1,000 element LIFO. I've also run it breadth-first by simply working the other end of the list, FIFO.
The second sentence is missing the version number. That should say:
For example, Red Hat Enterprise 5, released in 2007 with kernel 2.6.18, has some support from Red Hat until November 30, 2020.
For Red Hat 6 (kernel 2..32), they'll soon stop adding support for new hardware and it'll be security fixes and important bugs only. That may work for me until 8 is released. I prefer not to replace the OS more than once every ten years or so, so I'de prefer to skip version 7.
Most distros will support their long-term kernels well after kernell.org moves on. For example, Red Hat Enterprise, released in 2007, with kernel 2.6.18, has some support from Red hat until November 30, 2020.
RHEL 6,RHEL 7, and their debranded CentOS twins provide important security updates for ten years. I use CentOS 6, kernel 2.6.32, supported from 2010 to 2020. I'll probably switch to CentOS 7 (or 8) in 2018 or so.
Throughout each Wikipedia article, you'll see references to sources, with the full information about each source listed at the bottom of the article. That's because Wikipedia isn't (supposed to be) the source of any information, it's supposed to be a list of sources, summarized.
As someone else pointed out, Wikipedia rules do not allow citing another Wikipedia article as a source, because encyclopedias are not considered a reliable source, no.
Encyclopedias, including Wikipedia, ARE good first place to look to *find* sources.
> but the iterative version of the function still needs to track the same data
It seems to me that it does not. Looking at the actual state information of my program after running for three years appears to confirm that.
In a moment, you may wish to refer to my code posted above, but we'll start by talking about the clearly recursive version.
Some years ago, I pointed my spider at a large, deep directory of urls with many links. Imagine dmoz.org. Since then, it's followed links several million deep. Were it recursive (in the traditional sense), there would now be several million copies of the function *running*, each with a stack pointer to its parent. For the URL it's currently spidering, we'd have the full history of how it got there, the url that linked to it, all on the stack. Also any other variables local to the function would still be live in memory - millions of instances because millions of instances of the function are still running.
Using the iterative algorithm I posted above, I think you can see that we do NOT track any data whatsoever about how we got to the current URL. All of the information about past pages, which would be on the stack in a recursive algorithm, do not exist in my program. So in fact it does *not* "track the same data" and your idea that it "can still run out of memory" is disproven by the fact that it's been running for years, millions and millions of iterations, and it's still using the same 3MB of RAM that it started with, plus a few MB for the queue.
You are certainly correct that you *can* simulate iteration by using recursion. That doesn't mean you must.
The key point, to me, is that at least what I mean by "recursive" is that there is a parent and a child. The parent doesn't return/exit until its child does - and its child, and its child, and its child, and its child... With the iterative algorithm, one completes, and releases all of its memory, then another one starts. There is only one instance running at any given time, and therefore only one copy of the variables. There is no "parent", only "previous", which has no other relation to the currently running code - the previous URL isn't even the one that linked to the current url!
The old way was that employers would pinky swear that there were no Americans to fill the jobs, and the regulatory agencies could audit it (but very rarely did).
The new way is you get priority by offering a salary higher than those "just out of school" data scientists normally make. You say you want "data scientists, and good ones". Fine, you can have them, you just have to pay a salary commensurate with "data scientists, and good ones". And you DON'T have to go into a lottery against Infosys with their applications for underpaid code monkeys.
Specifically, the priority level of your application is: (The salary you're offering) / (The average salary of data scientists in your area). So if you want good ones, pay a good salary and you get them - without having to win the H1-B lottery.
That's a great article, thanks. I didn't expect to really get anything out of it, since I pretty much understand the main points. It turns out he mentioned some things I hadn't thought of and reminded me of others.
One important point I wish I had thought about earlier is what he calls "lock-in". That term has a negative connotation, perhaps, but call it "loyalty" and it sounds good. Some things are just easier to switch providers than other things. My main business was one where people rarely switch, and had I gone for more market share earlier, development costs would have further discouraged competition. I missed out on at least a million dollars by growing slowly.
I just saw that I typed "3,5000" square feet. Obviously that should be 3,500. It's a pretty big house, five bedrooms, but it's not 35,000 square feet. 35,000 is a neighborhood, not a house.:)
I forgot to include another good tip that will get you $3,000 closer to 10% down. In your offer on the house, make the top line offer $3,000 more, with the seller kicking you back $3,000 to cover the cost of appraisal and such.
Technically, the seller isn't supposed to pay any of your down payment, but they can hand you money to cover expenses like appraisal.
Depending in the mortgage company, the 1.5% refund from your agent may or may not be allowed to go *directly* toward the down payment. If it's not allowed, you just apply it to the down payment *indirectly*. You just have to find a way to "borrow" the money for 30 days without technically borrowing it. A 401K "loan" may not count as a loan because you're borrowing your own money. Putting off paying a bill that isn't due until the end of the month isn't technically a loan. An IRA rollover puts the money in your pocket for 30 days if you do it right, etc.
So you use $4K of your "not borrowed" money to make the down payment, then use the agent's refund to replace the money.
One other thing - you didn't say where you live. If you're in the bay area, will shit yeah housing is outrageous. I just bought in the hottest Dallas suburb, a 3,5000 square foot house with a pool for $245,000.
I didn't touch on FICO score either. A good FICO score will reduce your interest rate, of course. You need your FICO credit scores to be above 700, preferably above 740. That's FICO brand score, Vantage Score, freecreditreport.com, etc aren't what matters. The number one easiest, most effective way to quickly increase your score is to make sure your credit card balance is 6%-8% of the limit. Higher or lower reduces your score. (Though 3% or so is good too, don't go to zero balance). Your balance should all be on one card. Just like the down payment has cutoffs at 10% and 20%, so does the FICO score. 701 will get a better rate than 699. If you're close to the next bracket, adding a few points to move up a bracket will make a difference.
It sure can be a frustrating thing. You know financially you're much better off owning (landlords make money because renting costs more than buying), but getting the down payment together and everything can be pretty difficult. I studied mortgages and such extensively when I bought my houses (without a huge down payment) - maybe I can help, if you'd like to discuss it.
> Then I need extra insurance since the 2008 crash & a couple family illnesses (thanks private medical system) wiped out my savings.
PMI sucks donkey dick. It sucks even more if you have less than 10% down. Which includes 9.9% down. 10% has significantly lower PMI than 9.9%. There are three ways to get 10% down. On the finance side, the first trick I use is my buyer's agent refunds me 1.5%. He gets paid 3% commission, and splits it with me. Obviously he's NOT a full-service broker who is going to spend days driving me around. I drive myself around looking at houses. When I find what I want, he handles the contract and pays me $4,500 for the privilege of doing so.
If you're having trouble hitting 10% (or striving for 20% down), don't pay loan origination fees or anything to the mortgage broker or bank, at least not much. A good loan officer can trade you back and forth on fees versus interest rate, so you can always get a no-fee loan or very low fees. Your interest rate will appear to be slightly higher in exchange BUT hitting that 10% down mark will *reduce* your interest rate. By getting over that 10% (or 20%) mark, you reduce the rate + PMI by about as much as the no-fee option "increased" it - and you'll pay PMI for a shorter time.
You can consider a slightly longer commute, or a slightly smaller house, or one that needs a little TLC to get the cost of your first house down, in order to be able to hit 10% down.
On the side of saving up a bit more down payment, I'll just refer you to Dave Ramsey. He has a radio show, and a podcast you can listen to in the car for free. His books and CDs are available cheap on ebay.
Certain government programs have *permanent* PMI. Fuck that. You want the normal PMI that goes away after you have 20% equity. (Not that you *want* PMI, but with less than 20% down you're going to have it.)
> The way mortgage math works out you're paying almost all interest for the first 15 years of a 30 year loan
You can greatly improve that ratio of interest to principal after two to three years. More on that later, after some long-winded explanation.
You actually get to decide what percentage of your payment goes to interest and which percentage goes to principal. You made a couple comments on this, one indicating you understand it, but another indicating maybe you don't fully. Let's see if we can get clear on this. Suppose you borrow 200K at 3% for one year. What's the interest? 3% of 200K is 6K, that's the amount of interest you pay in the first year. You don't pay the interest "up front", you pay interest as you incur it. If someome paid their loan off in ten years, the first year they'd pay ~$6K in interest and ~$20K in principal. Does that make sense? (Obviously few people pay off a mortgage in ten years, but a short term makes the math more transparent.) Suppose someone said "I'm a masochist, so I want to make sure I'm paying on this damn loan for as long as possible - make me pay for 30 years." How can a mathematician help this masochist pay for as long as possible? Well just pay interest every year, pay very little principal, and it'll take 30 years to pay it off.:) In a very real way, the interest is such a huge chunk of the payment only if you insist on paying for 30 damn years. You may know that you *can*, after you get your next raise, decide to pay a lot less interest by paying a bit more principal each month, which causes your loan to be paid off much sooner.
In your particular case, you can also decrease the interest and pay it off sooner WITHOUT increasing your payment. That damn PMI? We're going to try to get rid of that
RIAA has some issues, no doubt, and some of the millions of songs that independent artists offer on Myspace are great. You said something very specific which doesn't make sense to me, though:
> Free publicity has value, if the RIAA, MPAA, etc, etc would all realize this
Exactly what do you imagine the value to be in publicity for a song they can't sell? The *purpose* of generating publicity around music is to sell the music. What benefit is there to a record company to produce music they can't sell?
That's almost exactly what they did. First, they need your browser history. And your Twitter / Facebook profile needs to be wide open publicly. And you have to use Twitter regularly.
If they had been smarter, they would have just looked at which Facebook and Twitter profiles you visited most often, and from there inferred those are probably your closest friends. A list of your closest friends fairly well identifies your profile. They decided to make it a tad more complex, though.
Rather than looking at the friends list, they looked at links appearing in the person's feed. They reasoned that if the subject' browsing history shows them clicking in 50 links from a Twitter feed, it's probably an account that has those 50 links in their feed.
It would be interesting to compare costs of different systems. In the US, state Attorney's General offices handle some of these things, the FTC handles some, etc. Each spends resources (money) to do so and each collects fines from time to time. Here, when the Attorney General and the regulatory agencies let things fall through the cracks, any concerned citizen can address via a class action, and the bigger the problem, the bigger is the incentive to organize a class action.
I haven't seen any studies, I would like to, but my guess is that the three systems together may be more effective than any one alternative.
Concatenation is not *arithmetic*. There's a whole lot of math that isn't arithmetic. For example, relational algebra has six fundamental operators, and one of those is essentially concatenation.
True, DKIM authenticates the server. Most servers, in turn, authenticate the sender of outgoing mail.
So in the entertaining example of the DNC, we have the DNC's server, itself cryptographically authenticated, attesting that Donna Brazile sent those messages, using her password. Theoretically yes, the DNC's own server *could* be lying. Or else a politician is lying.
Texas is one of the least-taxed states. We have no state income tax (on individuals) and reasonable sales taxes. Texas total state tax burden is 7.6%. Compare California, Wisconsin, and llinois at about 11%. Some states are 12%. Only Alaska is less than 7.1%.
While that's true, it's not necessarily *bad*. Without class actions, or if class actions weren't lucrative for the lawyers who organize them, the companies would just get away with it. The lawyers basically a reward for going after companies v who screw consumers over, with sufficient investigation to prove in court what the companies did and how consumers were harmed.
It's not a perfect system, but I'd rather have (proper) class actions than not have them. When a company screws me out of $5 or $10 I'd rather a lawyer go after them (and get the $5) then just let the company get away with screwing epople2 over.
> t's just flash and bling. But then again, it works for Hollywood celebrities
Flash and bling worked out pretty well for the Celebrity Apprentice too.:)
I've noticed that it's very difficult to predict how well a candidate will do once after are elected and become president or whatever. Candidates that look pretty good turn out to be ineffective leaders, candidates that seem unqualified sometimes turn out to be very effective. I hope that pattern repeats in US.
In all the years I was running companies, I always felt like the need to beg for outside money wasn't necessarily a positive indicator.;) I grew my businesses organically, reinvesting profit.
All of my several companies stayed small. Profitable, but in a very small way. I now see, probably too late, the value of *growth*. If you want to be successful in a big way, it's perfectly okay to focus on getting big first, if you have a solid plan for profitability. A major funding round is a landmark of getting bigger, which is an essential part of big success.
Specifically, in new markets - a new product category, a new geographical market, etc, the correct course is to quickly establish market share, borrowing as necessary, then shift to a sustainable, profitable strategy as the market matures. An example would be smartphones ten years ago vs today. Ten years ago, it would have been a good idea to spend (lose) a hundred million dollars in the course of becoming a significant player in the brand new smartphone market. A few years later (2012-today), you'd shift to making money from your strong position in the market.
Obviously getting confused and investing heavily to become a player in a shrinking market would be dumb. If a company is losing money in order to enter the desktop PC market, that's probably a mistake. But if they are "losing money" developing a practical quantum computer, that may be very good and a new round of funding that allows them to grow and do more R&D is good news. Tesla is a good example - they are losing tons of money, but for the purpose of becoming the dominant company in an expanding market, electric cars.
Slashdot Mirror
It's your server, you can of course do what you want. I'm just giving you information about how 90% of malware infections occur on web sites. For twenty years I've been remediating compromised servers, and this is how it normally happens.
> From there it will fork off a process and setuid/setgid's the process to the VirtualHost's defined uid/gid .. which has full permission to change any and all the files on the site.
> It's important to note that all SSH, and FTP daemons work in a very similar way.
Do you run your FTP server open with no password required?
Probably not, that would be stupid. FTP can be used to change all your files, so you require a login.
Do you run your SSH server open with no password required?
Probably not, that would be stupid. SSH can be used to change all of your files, so you require a log in.
Do you run your web server wide open with no password required?
Yes! No login required, yet you set it up to have permission to change all of your files. That would be stu...
1970 is the epoch for Unix, 1980 for DOS, because Microsoft is always ten years behind Unix.
Windows actually has a shitload of different epochs. Some of their filesystems use 1980, some use 1601
1980, Excel uses January 0, 1900, some versions of their compiler use 12-30-1899, COM uses 12-31-1899. It's a real cluster fuck.
> definition of a source. Blog posts are fine.
Policy is that blog posts, and other web sites run by a single individual (where authors are not acountable to editors) are "generally not acceptable":
https://en.m.wikipedia.org/wik...
> Articles which are opinion, which reference blog posts are fine.
Opinion articles, including those published by AP, are not acceptable sources of fact.
"Unreliable sources" *may* be cited about *themselves* - you can write "Rush Limbaugh wrote that Pelosi is smarter than him" and link to Limbaugh's site. The source reliably supports the claim that "Limbaugh wrote".
Polls are preferred, but opinion pieces in well-regarded, editorially controlled publications can support the statement that "controversy arose regarding ...". If the New York Times opinion pages have pieces arguing a certain point, that's reliable evidence that people were arguing about it.
It seems my post was unclear. It *may* also be that you are so comfortable with your current knowledge that you are somewhat resistant to unfamiliar ideas. If that's so, that's fine. I've made a LOT of money over the last 20 years cleaning up rooted servers run by people who thought they understood this issue.
> ITK. ... This allows each account to have permissions of 0600
Whether you do suexec using mod_suexec, php_suexec, mod_ruid2, or mpm_ik doesn't really matter, either way the *effective* permissions are 666. How is it that a script (a visitor) can write to a file chmod 600, or even read it? It's because with mpm_itk, all visitors can read and write ALL files. Let that sink in for a minute - there's no difference in permissions between visitor_log.txt (which should be writeable) and .htaccess or .htpasswd (which shouldn't be). They all have the *same* permissions. visitor_log.txt is writeable, even with 600 permissions, because ALL files are writeable, regardless of permissions.
The alternative, what the documentation suggests that you do if you're not a security expert, is to have only the files that *need* to be writeable as 666, and all others 644, so they are not writeable. You do that by running Apache in its default configuration, by simply not adding mod_suexec or mpm_itk to make your chmod 600 files writeable.
> so I don't have to think about security patches. ...
> cPanel/WHM
If you care *at all* about security and are running Cpanel or even worse Plesk, you probably want to make to turn off SuExec. Both php suexec and cgi suexec. Basically what suexec does is give all visitors to your site *permission* to change all of your files. In all likelihood one of your PHP scripts gives them the *mechanism* to do so.
Suexec was designed for servers with a thousand hosting customers who have $20/year hosting accounts all on the same server. It has some marginal utility in such a case, protecting customers from each other, though the documentation opens with a warning from the suexec developers "you shouldn't even consider enabling suexec unless you thoroughly understand the security risks". It can't possibly do any good whatsoever on a dedicated server running one site (unless you're planning to attack yourself).
Unfortunately, Cpanel made it easy to enable, after a developer there failed to read even the first few sentences of the suexec documentation.
If it's enabled, your file permissions amd owmership are a little screwed up. Files written by the web server are owned by your login and chmod 644. (That appears to make them unwriteable by visitors, but remember suexec basically bypasses permissions). After disabling suexec, files which *should* be writable by scripts need to be chmod 666, marking those files (and *only* those files) as writeable.
When we started this discussion, that quote at the bottom of the Slashdot page was James Baldwin
--
Those who say it can't be done are usually interrupted by others doing it.
--
> The iterative version of your program is not using the same algorithm as the recursive version.
Okay so you acknowledge there are iterative algorithms, there are recursive algorithms, and not all iterative algorithms are recursive, right? That's an important point.
> You replaced a depth-first search with a breadth-first search
In fact it's (mostly) depth-first.
> the depth-first search algorithm would imply tracking the chain of pages you came from
Let's try a little experiment. Clear your browser history, then try clicking a link. Amazingly, you can go forward (in depth) without knowing your full history of where you came from! This isn't theoretical, as I said, I've spidered millions and millions of pages, by roughly following the first unvisited link on each page. If I were in the mood, I'd give you a core dump from my spider and you'd notice that nowhere in the core does it have the starting page from several years ago. (Unlike a recursive tree walk, which would have that data.) "But how do you get back, to follow another branch?", you may ask.
The first thing apparent is that once you've spidered a page, you're not going to spider the same page again, so you can forget all about it! There is no need to track all the parents. You need only remember some *unvisited* pages, none of the visited pages. So no, it's not correct to say "depth-first search algorithm would imply tracking the chain of pages you came from". Rather, you must track the head of the branch you did NOT come from. That'll be where you go next if you end up on http://hmpg.net/ (check out that page).
Further, we're discussing spidering the web, which is first a network, not tree. You seem to be thinking in terms of a tree. More importantly, the web is a real practical, thing, for which I gave an algorithm that's actually been at work for many years, as opposed to walking some theoretical tree. Because of the nature of the web, as a real network, you can discard 99.999% of the information which you would need for a complete walk of a theoretical tree. No need to remember *every* link you didn't visit, you'll never spider every page on the web anyway, and if you wanted to try you could always start back at dmoz.org or *any* large list of links. The network (the actual www) is such that there are many nodes (sites) which connect indirectly to ~every other available site. So the actual working algorithm doesn't know where it came from. What it *does* remember is a list of 1,0000 URLs it can go TO next. That's all it needs to know - where to go next, not where it came from. It ends up being depth-first because I made the list of "next URLs" a 1,000 element LIFO. I've also run it breadth-first by simply working the other end of the list, FIFO.
The second sentence is missing the version number. That should say:
For example, Red Hat Enterprise 5, released in 2007 with kernel 2.6.18, has some support from Red Hat until November 30, 2020.
For Red Hat 6 (kernel 2..32), they'll soon stop adding support for new hardware and it'll be security fixes and important bugs only. That may work for me until 8 is released. I prefer not to replace the OS more than once every ten years or so, so I'de prefer to skip version 7.
Most distros will support their long-term kernels well after kernell.org moves on. For example, Red Hat Enterprise, released in 2007, with kernel 2.6.18, has some support from Red hat until November 30, 2020.
RHEL 6,RHEL 7, and their debranded CentOS twins provide important security updates for ten years. I use CentOS 6, kernel 2.6.32, supported from 2010 to 2020. I'll probably switch to CentOS 7 (or 8) in 2018 or so.
Throughout each Wikipedia article, you'll see references to sources, with the full information about each source listed at the bottom of the article. That's because Wikipedia isn't (supposed to be) the source of any information, it's supposed to be a list of sources, summarized.
As someone else pointed out, Wikipedia rules do not allow citing another Wikipedia article as a source, because encyclopedias are not considered a reliable source, no.
Encyclopedias, including Wikipedia, ARE good first place to look to *find* sources.
> but the iterative version of the function still needs to track the same data
It seems to me that it does not. Looking at the actual state information of my program after running for three years appears to confirm that.
In a moment, you may wish to refer to my code posted above, but we'll start by talking about the clearly recursive version.
Some years ago, I pointed my spider at a large, deep directory of urls with many links. Imagine dmoz.org. Since then, it's followed links several million deep. Were it recursive (in the traditional sense), there would now be several million copies of the function *running*, each with a stack pointer to its parent. For the URL it's currently spidering, we'd have the full history of how it got there, the url that linked to it, all on the stack. Also any other variables local to the function would still be live in memory - millions of instances because millions of instances of the function are still running.
Using the iterative algorithm I posted above, I think you can see that we do NOT track any data whatsoever about how we got to the current URL. All of the information about past pages, which would be on the stack in a recursive algorithm, do not exist in my program. So in fact it does *not* "track the same data" and your idea that it "can still run out of memory" is disproven by the fact that it's been running for years, millions and millions of iterations, and it's still using the same 3MB of RAM that it started with, plus a few MB for the queue.
You are certainly correct that you *can* simulate iteration by using recursion. That doesn't mean you must.
The key point, to me, is that at least what I mean by "recursive" is that there is a parent and a child. The parent doesn't return/exit until its child does - and its child, and its child, and its child, and its child ...
With the iterative algorithm, one completes, and releases all of its memory, then another one starts. There is only one instance running at any given time, and therefore only one copy of the variables. There is no "parent", only "previous", which has no other relation to the currently running code - the previous URL isn't even the one that linked to the current url!
The old way was that employers would pinky swear that there were no Americans to fill the jobs, and the regulatory agencies could audit it (but very rarely did).
The new way is you get priority by offering a salary higher than those "just out of school" data scientists normally make. You say you want "data scientists, and good ones". Fine, you can have them, you just have to pay a salary commensurate with "data scientists, and good ones". And you DON'T have to go into a lottery against Infosys with their applications for underpaid code monkeys.
Specifically, the priority level of your application is:
(The salary you're offering) / (The average salary of data scientists in your area).
So if you want good ones, pay a good salary and you get them - without having to win the H1-B lottery.
That's a great article, thanks. I didn't expect to really get anything out of it, since I pretty much understand the main points. It turns out he mentioned some things I hadn't thought of and reminded me of others.
One important point I wish I had thought about earlier is what he calls "lock-in". That term has a negative connotation, perhaps, but call it "loyalty" and it sounds good. Some things are just easier to switch providers than other things. My main business was one where people rarely switch, and had I gone for more market share earlier, development costs would have further discouraged competition. I missed out on at least a million dollars by growing slowly.
I just saw that I typed "3,5000" square feet. Obviously that should be 3,500. It's a pretty big house, five bedrooms, but it's not 35,000 square feet. 35,000 is a neighborhood, not a house. :)
I forgot to include another good tip that will get you $3,000 closer to 10% down. In your offer on the house, make the top line offer $3,000 more, with the seller kicking you back $3,000 to cover the cost of appraisal and such.
Technically, the seller isn't supposed to pay any of your down payment, but they can hand you money to cover expenses like appraisal.
Depending in the mortgage company, the 1.5% refund from your agent may or may not be allowed to go *directly* toward the down payment. If it's not allowed, you just apply it to the down payment *indirectly*. You just have to find a way to "borrow" the money for 30 days without technically borrowing it. A 401K "loan" may not count as a loan because you're borrowing your own money. Putting off paying a bill that isn't due until the end of the month isn't technically a loan. An IRA rollover puts the money in your pocket for 30 days if you do it right, etc.
So you use $4K of your "not borrowed" money to make the down payment, then use the agent's refund to replace the money.
One other thing - you didn't say where you live. If you're in the bay area, will shit yeah housing is outrageous. I just bought in the hottest Dallas suburb, a 3,5000 square foot house with a pool for $245,000.
I didn't touch on FICO score either. A good FICO score will reduce your interest rate, of course. You need your FICO credit scores to be above 700, preferably above 740. That's FICO brand score, Vantage Score, freecreditreport.com, etc aren't what matters. The number one easiest, most effective way to quickly increase your score is to make sure your credit card balance is 6%-8% of the limit. Higher or lower reduces your score. (Though 3% or so is good too, don't go to zero balance). Your balance should all be on one card. Just like the down payment has cutoffs at 10% and 20%, so does the FICO score. 701 will get a better rate than 699. If you're close to the next bracket, adding a few points to move up a bracket will make a difference.
It sure can be a frustrating thing. You know financially you're much better off owning (landlords make money because renting costs more than buying), but getting the down payment together and everything can be pretty difficult. I studied mortgages and such extensively when I bought my houses (without a huge down payment) - maybe I can help, if you'd like to discuss it.
> Then I need extra insurance since the 2008 crash & a couple family illnesses (thanks private medical system) wiped out my savings.
PMI sucks donkey dick. It sucks even more if you have less than 10% down. Which includes 9.9% down. 10% has significantly lower PMI than 9.9%. There are three ways to get 10% down. On the finance side, the first trick I use is my buyer's agent refunds me 1.5%. He gets paid 3% commission, and splits it with me. Obviously he's NOT a full-service broker who is going to spend days driving me around. I drive myself around looking at houses. When I find what I want, he handles the contract and pays me $4,500 for the privilege of doing so.
If you're having trouble hitting 10% (or striving for 20% down), don't pay loan origination fees or anything to the mortgage broker or bank, at least not much. A good loan officer can trade you back and forth on fees versus interest rate, so you can always get a no-fee loan or very low fees. Your interest rate will appear to be slightly higher in exchange BUT hitting that 10% down mark will *reduce* your interest rate. By getting over that 10% (or 20%) mark, you reduce the rate + PMI by about as much as the no-fee option "increased" it - and you'll pay PMI for a shorter time.
You can consider a slightly longer commute, or a slightly smaller house, or one that needs a little TLC to get the cost of your first house down, in order to be able to hit 10% down.
On the side of saving up a bit more down payment, I'll just refer you to Dave Ramsey. He has a radio show, and a podcast you can listen to in the car for free. His books and CDs are available cheap on ebay.
Certain government programs have *permanent* PMI. Fuck that. You want the normal PMI that goes away after you have 20% equity. (Not that you *want* PMI, but with less than 20% down you're going to have it.)
> The way mortgage math works out you're paying almost all interest for the first 15 years of a 30 year loan
You can greatly improve that ratio of interest to principal after two to three years. More on that later, after some long-winded explanation.
You actually get to decide what percentage of your payment goes to interest and which percentage goes to principal. You made a couple comments on this, one indicating you understand it, but another indicating maybe you don't fully. Let's see if we can get clear on this. Suppose you borrow 200K at 3% for one year. What's the interest? 3% of 200K is 6K, that's the amount of interest you pay in the first year. You don't pay the interest "up front", you pay interest as you incur it. If someome paid their loan off in ten years, the first year they'd pay ~$6K in interest and ~$20K in principal. Does that make sense? (Obviously few people pay off a mortgage in ten years, but a short term makes the math more transparent.) Suppose someone said "I'm a masochist, so I want to make sure I'm paying on this damn loan for as long as possible - make me pay for 30 years." How can a mathematician help this masochist pay for as long as possible? Well just pay interest every year, pay very little principal, and it'll take 30 years to pay it off. :) In a very real way, the interest is such a huge chunk of the payment only if you insist on paying for 30 damn years. You may know that you *can*, after you get your next raise, decide to pay a lot less interest by paying a bit more principal each month, which causes your loan to be paid off much sooner.
In your particular case, you can also decrease the interest and pay it off sooner WITHOUT increasing your payment. That damn PMI? We're going to try to get rid of that
RIAA has some issues, no doubt, and some of the millions of songs that independent artists offer on Myspace are great. You said something very specific which doesn't make sense to me, though:
> Free publicity has value, if the RIAA, MPAA, etc, etc would all realize this
Exactly what do you imagine the value to be in publicity for a song they can't sell? The *purpose* of generating publicity around music is to sell the music. What benefit is there to a record company to produce music they can't sell?
That's almost exactly what they did. First, they need your browser history. And your Twitter / Facebook profile needs to be wide open publicly. And you have to use Twitter regularly.
If they had been smarter, they would have just looked at which Facebook and Twitter profiles you visited most often, and from there inferred those are probably your closest friends. A list of your closest friends fairly well identifies your profile. They decided to make it a tad more complex, though.
Rather than looking at the friends list, they looked at links appearing in the person's feed. They reasoned that if the subject' browsing history shows them clicking in 50 links from a Twitter feed, it's probably an account that has those 50 links in their feed.
It would be interesting to compare costs of different systems. In the US, state Attorney's General offices handle some of these things, the FTC handles some, etc. Each spends resources (money) to do so and each collects fines from time to time. Here, when the Attorney General and the regulatory agencies let things fall through the cracks, any concerned citizen can address via a class action, and the bigger the problem, the bigger is the incentive to organize a class action.
I haven't seen any studies, I would like to, but my guess is that the three systems together may be more effective than any one alternative.
Concatenation is not *arithmetic*. There's a whole lot of math that isn't arithmetic. For example, relational algebra has six fundamental operators, and one of those is essentially concatenation.
True, DKIM authenticates the server. Most servers, in turn, authenticate the sender of outgoing mail.
So in the entertaining example of the DNC, we have the DNC's server, itself cryptographically authenticated, attesting that Donna Brazile sent those messages, using her password. Theoretically yes, the DNC's own server *could* be lying. Or else a politician is lying.
Texas is one of the least-taxed states. We have no state income tax (on individuals) and reasonable sales taxes. Texas total state tax burden is 7.6%. Compare California, Wisconsin, and llinois at about 11%. Some states are 12%. Only Alaska is less than 7.1%.
https://taxfoundation.org/stat...
While that's true, it's not necessarily *bad*. Without class actions, or if class actions weren't lucrative for the lawyers who organize them, the companies would just get away with it. The lawyers basically a reward for going after companies v who screw consumers over, with sufficient investigation to prove in court what the companies did and how consumers were harmed.
It's not a perfect system, but I'd rather have (proper) class actions than not have them. When a company screws me out of $5 or $10 I'd rather a lawyer go after them (and get the $5) then just let the company get away with screwing epople2 over.
Your sig, "The Daddy casts sleep on the Baby. The Baby resists!", would have really made me laugh last night.
Is that a quote from somewhere?
> t's just flash and bling. But then again, it works for Hollywood celebrities
Flash and bling worked out pretty well for the Celebrity Apprentice too. :)
I've noticed that it's very difficult to predict how well a candidate will do once after are elected and become president or whatever. Candidates that look pretty good turn out to be ineffective leaders, candidates that seem unqualified sometimes turn out to be very effective. I hope that pattern repeats in US.
In all the years I was running companies, I always felt like the need to beg for outside money wasn't necessarily a positive indicator. ;) I grew my businesses organically, reinvesting profit.
All of my several companies stayed small. Profitable, but in a very small way. I now see, probably too late, the value of *growth*. If you want to be successful in a big way, it's perfectly okay to focus on getting big first, if you have a solid plan for profitability. A major funding round is a landmark of getting bigger, which is an essential part of big success.
Specifically, in new markets - a new product category, a new geographical market, etc, the correct course is to quickly establish market share, borrowing as necessary, then shift to a sustainable, profitable strategy as the market matures. An example would be smartphones ten years ago vs today. Ten years ago, it would have been a good idea to spend (lose) a hundred million dollars in the course of becoming a significant player in the brand new smartphone market. A few years later (2012-today), you'd shift to making money from your strong position in the market.
Obviously getting confused and investing heavily to become a player in a shrinking market would be dumb. If a company is losing money in order to enter the desktop PC market, that's probably a mistake. But if they are "losing money" developing a practical quantum computer, that may be very good and a new round of funding that allows them to grow and do more R&D is good news. Tesla is a good example - they are losing tons of money, but for the purpose of becoming the dominant company in an expanding market, electric cars.