I made it less clear than it could be by quoting too much from the clear. This law says it's not patentable if:
"if the actual contribution made by the alleged invention lies *solely* in it being a computer program."
So in other words, for any alleged invention, take out the words "software" and "computer" from the description. Does it still sound like a new invention? If so, it's patentable. If not, it's not. It's either new or not, and it doesn't matter whether it's made of smashed wood or powdered iron.
(Note that both "physical" machines and software machines can be made of either. My mom created some of her software by punching cards made of wood pulp, much as a carpenter would work wood to build some new invention. I created my first software by manipulating bits of iron to form machines.)
Compile: to create a set of *machine instructions* from a high-level programming language, using a compiler
Grace Hopper, who coined the term "compile", defined it as "accept things that were people-oriented and then use the computer to translate to *machine code*.”
A primary purpose of compiling code is so that the user doesn't need to have a copy of the matching version of the interpreter. Compiled code runs by itself. Python bytecode is a couple of steps removed from machine code. Look at how many lines of code are required in the bytecode interpreter to interpret that bytecode and do something with it. Compiled code doesn't need any interpreter, much less hundreds of thousands of lines of interpreter.
Since there is no such thing as a "software patent" in law, it's important to understand what has been changed, and to be clear about what could or should be changed. Here's the key wording of the new law. It's not patentable if:
"A claim in a patent or an application relates to a computer program as such if the actual contribution made by the alleged invention lies solely in it being a computer program."
In other words, if it's not a new invention, just an old invention with "on a computer" added to the end, it's not patentable. That is, if it's not a new invention if made of wood, it's still not new when made of silicon (or magnetic tracks).
I'm about as big a defender of "software patents" as you'll find on Slashdot and that to me is obviously right to me. If it's not new, it's not new. Putting it on a computer doesn't make it new. Duh and yay for them for explicitly stating what should be obvious.
What they didn't change, and really can't as a practical matter, is they did not declare that a new invention magically becomes "not new" if it uses a computer. If I invent a way to resurrect dinosaurs ala Jurassic Park, and they key invention for doing so is a gene sequencing computer program, that's a new invention. The fact that I use software for it neither makes it new nor makes it "not new".
> One of the best obfuscations is to embed an interpreter into your code, and then do all the hard work in the bytecode.
"One of the best" is kind of nebulous, but it's ALWAYS more secure against reverse engineering to distribute a compiled binary, machine code. At least on a PC, or any platform with a decent debugger. Here's why. If you do anything with an interpreter or bytecode, the attacker has at least two options. They can choose to EITHER:
A) Use a debugger to dump the generated machine code and work from that.
OR
B) Use any other method to go after the provided file, the interpreter, or the bytecode.
Distributing a compiled exe (machine code) forces the attacker to do A, eliminating all of the options listed in B.
Of course, what I do, what I think is better, is I ship readable source. Any security needed is handled by actual security, such as encryption of sensitive data, rather than by trying to obfuscate how the program works.
A pyc is pretty much just a parse tree. It's been syntax checked, etc. but not really compiled. As docs.python.com explains, a pyc doesn't run any faster than a.py. The heading on the docs page is:
"Compiled" Python
With compiled in quotes because though some people use that word, it's not really true.
I would pay some of the major contributors or maintainers who developed, tested, or documented the code you use. If they are self-employed like many developers, they can handle it just like any other invoice. No need to label it "support" if you don't want support, you can pay for FOSS software if you want to! I contribute a lot to Moodle, a little to Apache. If you use either of those, I'll gladly accept some accept some payment.
On taxes, it would be BETTER for them to treat it as a donation. So no, this doesn't sound like a tax dodge. it sounds like they have some spare money in a budget for software / a certain project, they use FOSS software, and they want to pay for the software they use. Yay for them.
However, giving money away frequently requires a approval process by the board of directors, which meets for times per year, so if it takes two board meetings that's six months. (This so that mid-managers don't give company money to their brothers.)
point of fact: Mac runs FOSS, iOS is the garden
on
Break Microsoft Up
·
· Score: 2
iOS (iPad and iPhone) is the walled garden. Mac runs any FOSS applications you want, so yes Mac is great for free and open software users.
I used Linux exclusively for many years. When I was given a Mac Pro with 32 GB of RAM, two $400 graphics cards, etc. I decided to try it out. In 18 months of use, I've not found any OSS applications that don't run nicely on the Mac.
> you are not lacking better data points - what bank lends money out without knowing credit history?
The ones in TFA. That's been mentioned about a dozen times in the comments also, btw.
Getting a bunch of speeding tickets doesn't affect your ability to pay your bills? Either part of your paycheck goes to pay the tickets, or you EVENTUALLY go to jail, which again makes it harder to pay your bills.
Along with the ability to pay the bills there's whether or not you will be responsible enough to actually do so. That ends up coming down to whether you do what needs to be done, or do whatever you feel like at the moment. People who mow the lawn even when they don't feel like it and go to work even when they don't feel like it might pay their bills even when they don't feel like it.
So yeah , there's actually a good reason nobody wants to loan their money to you.
If you're lacking better data points, like actual credit history, I think it's perfectly reasonable to consider, as one small factor, whether or not they are responsible people. Generally, those who can be trusted in the small things can be trusted in the big things and those can't, can't. Generally.
I don't know, but I smoked a lot of different kinds of weed, and none of stimulated me do anything but smoke more weed and eat whatever was within reach, without need to hassle with a fork.
I wouldn't say LAZY, but certainly mellow or lethargic.
It's kind of ridiculous, isn't it. Once you include gas taxes, car taxes, etc. the national average is 45% in assorted taxes, so I bet NY is 65%.
Come on down, there are plenty of jobs, etc. Well, if you WANT a job building cool shit, doing cloning, computer tech, etc. come on down. If you want to sit around smoking weed all day and complaining that it's not making you rich, please stay on the coasts.
The funny thing is, they're all true. My post was basically a description of me, age 16-20. I started college when I was sixteen. A aced everything the first semester. Then I got stoned. 20 years later, I'm starting my second semester.
The OP is organizing a HEMP fest. Meaning they are a major pot head. It's a safe bet that it was a year ago that they headed toward the computer to post this.
On the way, they stopped at the kitchen for some pop tarts. Then they smoked another doobie. A few hours later, they sat down at the computer. They had to see what the email about Ron Paul said. Then they smoked another bowl. A few months later, they logged into Slashdot. There was a article on Slashdot about Occupy, so they had to read it. It said some Occupy folks would be only 60 miles away, so they had to go join. Of course, for an Occupy event they needed to pick up a QP on the way. When they got there, they smoked a bowl and when they finished smoking three weeks had gone by.
A decent SOHO hardware switch does port mirroring. I just paid $99.99 for a Netgear switch which will mirror at full speed.
To do network mirroring like that in software you'd pretty much need to be flat broke or incompetent. As in totally, government style incompetent. Oh, yeah I suppose you have a point then.:)
That may have been their theory, or it may have been they wondered if US gov was intentionally slowing VPN connections from that part of the world.
If the theory was that capturing data would slow it down, the answer is "no". For that, you'd use port mirroring. Where a switch or router would normally take data in on one line and output it on another, you set it to accept data on the one line and output it on TWO others simultaneously. The data still flows at the same speed. It just flows to two locations separately - the intended recipient and the government.
Yeah, that's what the vast majority of web sites do. PayPal or Google checkout for one-time purchases, CcBill or Verotel for subscriptions. That's not a bad idea.
Most site operators truly need assistance just securing the interfaces to payment processors, and securing passwords. For example, most store passwords using DES hashes (1972) or plaintext until we fix it for them. I think they are correct to focus on their core competency and let professionals with time-tested solutions handle difficult issues outside their expertise. Especially so when the consequences of error can be significant.
Yes, a system admin could use administrative powers to log in as the target user and would have seen a random youtube video posted on somebody's wall. Which demonstrates nothing without an explanation of what it's supposed to demonstrate.
To the helldesk graduate reading his message, and to anyone else, it was a broken link - an error saying "no such page".
The Facebook rep should have asked for further information - and that's exactly what they did.
A) It doesn't necessarily require that the CC be sent over the internet. You COULD phone it in. On some sites, we used to have an applet for your modem to call the payment system directly. Today's version of that would befor the game setup to include a VPN-like client. That can be followed by a confirmation call or other one-time security measures. Even if it WERE sent over the internet with no extra security, doing that once is better than doing it every time you buy a game token.
B) unsecured? You oobviously haven't seen our payment server, or the PCI standards required for all systems that store CC info. Yeah, credit card billing requires storing credit card information. You do that on a hardened internal system, not a publicly accessible web server.
C) What?! It's a bad idea to follow secure procedures because not doing so would be bad? If they want to set up a new payment card, they go through the secure procedure again, which is allowed to include time delays, phone confirmation, etc. Those security elements are not then required each time you want to buy a game trinket.
To look at it another way, you're saying "it's dumb to have passports or driver's licences. Since you need to have security measures in place to acquire that identification, you should go through the same verification processes every time you want to buy a beer". That's actually a very powerful principle for security generally - do thorough verification ONCE, for good security, then issue a secure token for convenient use. That's the underlying reason sites protected by the Strongbox security system are so much more secure, for example. Competing systems do all their checks for every hit, dozens of times per page, so their verification can't be very thorough.
He posted his "bug report". It was a few words, just saying "there is a bug" with no hint of what bug or what the exploit could possibly be. It then had a broken link to an uninteresting post, a post that was private.
To my mind, it doesn't even qualify for the complaint department, much less was it anything close to being a proper report of a security issue.
Further, in response to Facebook comments pointing out that his message was very hard to read due to the pre-school level grammar, spelling, and use of capitals, he said "don caar nver fic red undrlin words" (or something to that effect), so he KNOWS his messages are nearly unreadable and he "don caar". If I get a message where the spelling is completely wrong, the grammar is completely wrong, and the use of capitals is completely wrong, I'd probably suspect that the claim is completely wrong as well.
One use would be for ongoing purchases in / for the game. When you sign up, they store the CC on a protected payment system that's not directly accessible from the internet. The internet-accessible server has only a secure salted hash of the CC. For a purchase, the client prompts for the CC to use, then sends the hash of it to the public server. That confirms that the user truly has presented the correct card number. The public server can then call the one and only function exposed by the payment server, billcard(hash,amount).
That way they can prove that the customer entered the card number into their game, without sending the card number over the internet.
Indeed, in the eye of the beholder. The vast majority of people would say that a guy who can just sit around smoking weed with no worries about food, water, shelter, or basic medicine is rich indeed. Some Americans are so incredibly spoiled. They sit around complaining in their air conditioned homes, having no idea what daily life is like picking coffee in 100 heat with 80% humidity, or 80 hours in a Chinese factory, or living with the explosions of war munitions around you daily.
The eye of the beholder is closed.
New York city IS an expensive place to live. I wonder why so many people choose to go there. What does it have that's worth giving up so much that your income could otherwise buy? For me, I'm happy with my $95K three-bedroom house in Texas. Apparently millions of people find something in NYC that's incredibly awesome, though.
It does account for inflation to 2008 because I used the value in 2008 dollars.
The comparison is actually slanted WAY in Obama's favor to say it's roughly equal because the numbers I gave show Obama's CURRENT deficits are about equal to all other deficits PLUS the accumulated interest. In other words, every million in overspending by Carter counts as two million because we're including the interest on the original million. If you simply add up other president's deficits, they sum is less than Obama's first term.
GP here. A few minutes before you posted , I posted that "factually incorrect" didn't belong in that part post. He is correct, some people do act like their guy can do no wrong.
Come to think of it, I used to be more like that myself.
I made it less clear than it could be by quoting too much from the clear. This law says it's not patentable if:
"if the actual contribution made by the alleged invention lies *solely* in it being a computer program."
So in other words, for any alleged invention, take out the words "software" and "computer" from the description.
Does it still sound like a new invention? If so, it's patentable. If not, it's not. It's either new or not, and it doesn't matter whether it's
made of smashed wood or powdered iron.
(Note that both "physical" machines and software machines can be made of either. My mom created some of her software by punching cards made of wood pulp, much as a carpenter would work wood to build some new invention. I created my first software by manipulating bits of iron to form machines.)
Compile: to create a set of *machine instructions* from a high-level programming language, using a compiler
Grace Hopper, who coined the term "compile", defined it as "accept things that were people-oriented and then use the computer to translate to *machine code*.”
A primary purpose of compiling code is so that the user doesn't need to have a copy of the matching version of the interpreter. Compiled code runs by itself.
Python bytecode is a couple of steps removed from machine code. Look at how many lines of code are required in the bytecode interpreter to interpret that bytecode and do something with it. Compiled code doesn't need any interpreter, much less hundreds of thousands of lines of interpreter.
Since there is no such thing as a "software patent" in law, it's important to understand what has been changed, and to be clear about what could or should be changed. Here's the key wording of the new law. It's not patentable if:
"A claim in a patent or an application relates to a computer program as such if the actual contribution made by the alleged invention lies solely in it being a computer program."
In other words, if it's not a new invention, just an old invention with "on a computer" added to the end, it's not patentable. That is, if it's not a new invention if made of wood, it's still not new when made of silicon (or magnetic tracks).
I'm about as big a defender of "software patents" as you'll find on Slashdot and that to me is obviously right to me. If it's not new, it's not new.
Putting it on a computer doesn't make it new. Duh and yay for them for explicitly stating what should be obvious.
What they didn't change, and really can't as a practical matter, is they did not declare that a new invention magically becomes "not new" if it uses a computer.
If I invent a way to resurrect dinosaurs ala Jurassic Park, and they key invention for doing so is a gene sequencing computer program, that's a new invention.
The fact that I use software for it neither makes it new nor makes it "not new".
> One of the best obfuscations is to embed an interpreter into your code, and then do all the hard work in the bytecode.
"One of the best" is kind of nebulous, but it's ALWAYS more secure against reverse engineering to distribute a compiled binary, machine code. At least on a PC, or any platform with a decent debugger. Here's why. If you do anything with an interpreter or bytecode, the attacker has at least two options. They can choose to EITHER:
A) Use a debugger to dump the generated machine code and work from that.
OR
B) Use any other method to go after the provided file, the interpreter, or the bytecode.
Distributing a compiled exe (machine code) forces the attacker to do A, eliminating all of the options listed in B.
Of course, what I do, what I think is better, is I ship readable source. Any security needed is handled by actual security, such as encryption of sensitive data, rather than by trying to obfuscate how the program works.
A pyc is pretty much just a parse tree. It's been syntax checked, etc. but not really compiled. As docs.python.com explains, a pyc doesn't run any faster than a .py. The heading on the docs page is:
"Compiled" Python
With compiled in quotes because though some people use that word, it's not really true.
I would pay some of the major contributors or maintainers who developed, tested, or documented the code you use. If they are self-employed like many developers,
they can handle it just like any other invoice. No need to label it "support" if you don't want support, you can pay for FOSS software if you want to! I contribute a lot to Moodle, a little to Apache. If you use either of those, I'll gladly accept some accept some payment.
On taxes, it would be BETTER for them to treat it as a donation. So no, this doesn't sound like a tax dodge. it sounds like they have some spare money in a budget for software / a certain project, they use FOSS software, and they want to pay for the software they use. Yay for them.
However, giving money away frequently requires a approval process by the board of directors, which meets for times per year, so if it takes two board meetings that's six months. (This so that mid-managers don't give company money to their brothers.)
iOS (iPad and iPhone) is the walled garden.
Mac runs any FOSS applications you want, so yes Mac is great for free and open software users.
I used Linux exclusively for many years. When I was given a Mac Pro with 32 GB of RAM, two $400 graphics cards, etc. I decided to try it out. In 18 months of use, I've not found any OSS applications that don't run nicely on the Mac.
> you are not lacking better data points - what bank lends money out without knowing credit history?
The ones in TFA. That's been mentioned about a dozen times in the comments also, btw.
Getting a bunch of speeding tickets doesn't affect your ability to pay your bills? Either part of your paycheck goes to pay the tickets, or you EVENTUALLY go to jail, which again makes it harder to pay your bills.
Along with the ability to pay the bills there's whether or not you will be responsible enough to actually do so. That ends up coming down to whether you do what needs to be done, or do whatever you feel like at the moment. People who mow the lawn even when they don't feel like it and go to work even when they don't feel like it might pay their bills even when they don't feel like it.
So yeah , there's actually a good reason nobody wants to loan their money to you.
If you're lacking better data points, like actual credit history, I think it's perfectly reasonable to consider, as one small factor, whether or not they are responsible people. Generally, those who can be trusted in the small things can be trusted in the big things and those can't, can't. Generally.
I don't know, but I smoked a lot of different kinds of weed, and none of stimulated me do anything but smoke more weed and eat whatever was within reach, without need to hassle with a fork.
I wouldn't say LAZY, but certainly mellow or lethargic.
It's kind of ridiculous, isn't it. Once you include gas taxes, car taxes, etc. the national average is 45% in assorted taxes, so I bet NY is 65%.
Come on down, there are plenty of jobs, etc. Well, if you WANT a job building cool shit, doing cloning, computer tech, etc. come on down. If you want to sit around smoking weed all day and complaining that it's not making you rich, please stay on the coasts.
The funny thing is, they're all true. My post was basically a description of me, age 16-20. I started college when I was sixteen. A aced everything the first semester. Then I got stoned. 20 years later, I'm starting my second semester.
The OP is organizing a HEMP fest. Meaning they are a major pot head. It's a safe bet that it was a year ago that they headed toward the computer to post this.
On the way, they stopped at the kitchen for some pop tarts. Then they smoked another doobie. A few hours later, they sat down at the computer. They had to see what the email about Ron Paul said. Then they smoked another bowl. A few months later, they logged into Slashdot. There was a article on Slashdot about Occupy, so they had to read it. It said some Occupy folks would be only 60 miles away, so they had to go join. Of course, for an Occupy event they needed to pick up a QP on the way. When they got there, they smoked a bowl and when they finished smoking three weeks had gone by.
A decent SOHO hardware switch does port mirroring. I just paid $99.99 for a Netgear switch which will mirror at full speed.
To do network mirroring like that in software you'd pretty much need to be flat broke or incompetent. As in totally, government style incompetent. Oh, yeah I suppose you have a point then. :)
That may have been their theory, or it may have been they wondered if US gov was intentionally slowing VPN connections from that part of the world.
If the theory was that capturing data would slow it down, the answer is "no". For that, you'd use port mirroring. Where a switch or router would normally take data in on one line and output it on another, you set it to accept data on the one line and output it on TWO others simultaneously. The data still flows at the same speed. It just flows to two locations separately - the intended recipient and the government.
Yeah, that's what the vast majority of web sites do. PayPal or Google checkout for one-time purchases, CcBill or Verotel for subscriptions. That's not a bad idea.
Most site operators truly need assistance just securing the interfaces to payment processors, and securing passwords. For example, most store passwords using DES hashes (1972) or plaintext until we fix it for them. I think they are correct to focus on their core competency and let professionals with time-tested solutions handle difficult issues outside their expertise. Especially so when the consequences of error can be significant.
Yes, a system admin could use administrative powers to log in as the target user and would have seen a random youtube video posted on somebody's wall. Which demonstrates nothing without an explanation of what it's supposed to demonstrate.
To the helldesk graduate reading his message, and to anyone else, it was a broken link - an error saying "no such page".
The Facebook rep should have asked for further information - and that's exactly what they did.
A) It doesn't necessarily require that the CC be sent over the internet. You COULD phone it in. On some sites, we used to have an applet for your modem to call the payment system directly. Today's version of that would befor the game setup to include a VPN-like client. That can be followed by a confirmation call or other one-time security measures. Even if it WERE sent over the internet with no extra security, doing that once is better than doing it every time you buy a game token.
B) unsecured? You oobviously haven't seen our payment server, or the PCI standards required for all systems that store CC info. Yeah, credit card billing requires storing credit card information. You do that on a hardened internal system, not a publicly accessible web server.
C) What?! It's a bad idea to follow secure procedures because not doing so would be bad? If they want to set up a new payment card, they go through the secure procedure again, which is allowed to include time delays, phone confirmation, etc. Those security elements are not then required each time you want to buy a game trinket.
To look at it another way, you're saying "it's dumb to have passports or driver's licences. Since you need to have security measures in place to acquire that identification, you should go through the same verification processes every time you want to buy a beer". That's actually a very powerful principle for security generally - do thorough verification ONCE, for good security, then issue a secure token for convenient use. That's the underlying reason sites protected by the Strongbox security system are so much more secure, for example. Competing systems do all their checks for every hit, dozens of times per page, so their verification can't be very thorough.
He posted his "bug report". It was a few words, just saying "there is a bug" with no hint of what bug or what the exploit could possibly be. It then had a broken link to an uninteresting post, a post that was private.
To my mind, it doesn't even qualify for the complaint department, much less was it anything close to being a proper report of a security issue.
Further, in response to Facebook comments pointing out that his message was very hard to read due to the pre-school level grammar, spelling, and use of capitals, he said "don caar nver fic red undrlin words" (or something to that effect), so he KNOWS his messages are nearly unreadable and he "don caar". If I get a message where the spelling is completely wrong, the grammar is completely wrong, and the use of capitals is completely wrong, I'd probably suspect that the claim is completely wrong as well.
One use would be for ongoing purchases in / for the game. When you sign up, they store the CC on a protected payment system that's not directly accessible from the internet. The internet-accessible server has only a secure salted hash of the CC. For a purchase, the client prompts for the CC to use, then sends the hash of it to the public server. That confirms that the user truly has presented the correct card number. The public server can then call the one and only function exposed by the payment server, billcard(hash,amount).
That way they can prove that the customer entered the card number into their game, without sending the card number over the internet.
Indeed, in the eye of the beholder. The vast majority of people would say that a guy who can just sit around smoking weed with no worries about food, water, shelter, or basic medicine is rich indeed. Some Americans are so incredibly spoiled. They sit around complaining in their air conditioned homes, having no idea what daily life is like picking coffee in 100 heat with 80% humidity, or 80 hours in a Chinese factory, or living with the explosions of war munitions around you daily.
The eye of the beholder is closed.
New York city IS an expensive place to live. I wonder why so many people choose to go there. What does it have that's worth giving up so much that your income could otherwise buy? For me, I'm happy with my $95K three-bedroom house in Texas. Apparently millions of people find something in NYC that's incredibly awesome, though.
It does account for inflation to 2008 because I used the value in 2008 dollars.
The comparison is actually slanted WAY in Obama's favor to say it's roughly equal because the numbers I gave show Obama's CURRENT deficits are about equal to all other deficits PLUS the accumulated interest. In other words, every million in overspending by Carter counts as two million because we're including the interest on the original million. If you simply add up other president's deficits, they sum is less than Obama's first term.
Thanks for the info. I'm not sure that giving to universities etc. is self-interest, but thanks anyway.
GP here. A few minutes before you posted , I posted that "factually incorrect" didn't belong in that part post. He is correct, some people do act like their guy can do no wrong.
Come to think of it, I used to be more like that myself.