Your assuming that even without corporate influence the money will get spent wisely.
While some won't, quite a lot will. Funnily enough, a majority — even a large majority — of people working for the government actually want to do good. (Not all, and at least not always in a way that is truly good, and that's why citizens should be wary, of course.) But waste and corruption? They usually come from the top, especially when it is on a large scale. Particularly wasteful is changing things a long way after the start of a project, you know, in the way Congress (like most politicians everywhere) loves to do. You see it over and over, and every time you know it is wasteful. (Sometimes it can save a worse waste, but the threshold is really rather higher than politicians think.)
Of course, outright corruption should always be stamped out completely. It's costly, and (more importantly) it's wrong. But it need not be endemic.
Me too. I've found it invaluable for finding what projects were using one of my APIs! You might think you know these sorts of things, but you don't. Really. Searching big code-bases is the only way to really find that sort of thing out. The only reason I've not been using it recently is because Google have tried very hard to hide it.
Dear Google.
You know how you have the company ethos being "Don't be evil"? Well, closing down Code Search shows that to be utterly a sham. You're just another evil money-grubbing bunch of scum like Facebook, Microsoft, Apple, Amazon or Oracle. You might as well announce a new program of torturing kittens for profit or biting the heads off babies. After all, it won't lessen anyone's opinion of you.
If I type character in my computer by keyboard and the wrong thing shows up on the screen it is my fault. When the computer recognizes the wrong characters it is the machines fault.
So if some joker switches your keyboard layout to Dvorak (or to Qwerty, if appropriate) then it suddenly becomes the computers fault? It's just doing what it's been told to do; it's about as smart as a petrified tree stump.
The obvious problem being that you have to tell some rather nasty people where you live.
So give the address of the local police station instead. Remember, you don't have to tell the truth to crooks about anything. (Yes, it would mean that you don't get to keep the goods yourself, but that's OK because you're not scum. Right?)
For humans, the biological factors have changed dramatically in the last 50 years or so (effective birth control on the one hand, and far greater risk of disease on the other) but that doesn't instantly undo millions of years of evolution.
WTF? While you're right about birth control, you're dead wrong about disease risk. The invention of antibiotics has made a gigantic difference to disease risk, and while resistance is starting to increase the risk is still massively lower than it was for virtually all of human history. Things that were death sentences 100 years ago can now be cured (or at least contained) with pharmaceuticals. (I wouldn't say that we should trust big pharma, but they've managed to do a lot of good for all that. Their problem is that the low-hanging fruit is now mostly gone; future advances are going to be much harder won.)
I wouldn't be surprised if a disruption of GPS actually will kill people. And I don't blame GPS but the able navigators that probably aren't.
Before GPS, a lot of seamen died from poor navigation. Knowing where you are at sea is hard, especially when conditions are less than ideal. The issue is just that there are far fewer landmarks (hah!) and if visibility is obscured by storm, rain or fog, you just don't know where you are. The old methods of navigation (a chronometer, compass and sextant) are only relatively crude. GPS has made a gigantic difference to marine safety, making going onto known rocks, sandbars and other (semi-)fixed obstacles a much less common occurrence.
It's close to a base (saving a lot of transit time) and great for practicing maneuvering in tricky waters. But they should practice being without GPS by just turning the receivers off, not jamming them.
No, you couldn't because NOBODY had Windows in 91.
'91 was when Win 3.1 came out, and that was when it was becoming obvious that Win really was evolving to becoming a full-time OS. (It wasn't there yet at the time, oh boy it wasn't there, but it was clear that was the way things were going.) Surfing the web at that time (well, info services like gopher) required third-party software, but it definitely existed. I remember using it.
I think he's talking about Convergence, the CA replacement system proposed by Moxie Marlinspike
The problem is there has to be some way to take old server certificates out of use and replace them with new ones, and that mechanism has to be doable without any signature by either the old certificate or the old CA. Moreover, you can legitimately have multiple certificates for one domain. The upshot of that is that if you pop up a dialog each time you detect such a thing happening, you'll train users to click OK for all security problems, which is an astonishingly bad idea! The advantage of the current system is that it has very few false alarms so users take seriously the problems that are detected.
The real problem is that browser makers have been falling down on their part of the job. It's important that they only include the master certificates of CAs that are genuinely trustworthy. Genuinely trustworthy CAs don't screw the trust system around (though they might charge more than you'd like; c'est la vie) and they ensure that the subordinate CAs that they admit are also trustworthy.
So your ISP gets a cert signed by random crappy browser-trusted cert authority (e.g., run by an intrusive government) for some domain(s) they are interested in monitoring traffic on, and due to the way SSL is implemented in browsers, you have no idea they are sniffing all your traffic to that site.
SSL is broken.
But coming up with something more secure that is still practical, that's hard. Not having certificates last indefinitely is a good thing (limits the amount of damage from an undetected theft) as is not forcing the use of the same CA every time. It's just that some CAs should never have been trusted in the first place and some clients are crap at checking whether a certificate is actually good. One isn't a protocol problem but instead a social one (and just requires a few companies to be crushed into paste to rectify) and the other is a quality-of-implementation issue.
You can't achieve perfect security even for all that (what if a blackhat is looking over the shoulder of the legitimate admin when the logs are being browsed? SSL doesn't prevent that! Oh noes!!!) and it's important that at least some people remain vigilant for problems. But you're advocating throwing many babies out with a rather small amount of bathwater, because all the major alternatives are either more vulnerable in general or require practices that will be desperately insecure in the hands of non-experts. The good thing about SSL is that, apart from the issues with trustworthiness of CAs, it deals very well with securing the communications channel without presenting decisions to users that they are unqualified to make; J Random User cannot and will not verify a signature of anything by hand, since just clicking OK is easier, and that leaves them much more vulnerable than at the moment.
Of course, if your real complaint is that you can't use self-signed certificates to get secure trustable SSL for free, then you're really just a grasping cheap-ass skinflint that is part of the problem, not the solution. The only way they can work is if the certs are pre-distributed to the clients (because anyone can issue them, they can be issued by anyone at all saying anything at all, which is precisely the meaning of untrustable). That. Does. Not. Scale. At. All.
Instead the series both Hacker and Sir Humphrey were vain and often very foolish men.
Each was written to be like that type of person as seen by the opposing group (so politicians as seen by bureaucrats and bureaucrats as seen by politicians). Left and right are really unimportant in that particular struggle.
The brilliant part is that both are largely how the general public views both groups, in part because of that superlative sitcom.
I remember when there were more gopher sites than websites. Gopher's licensing wasn't bad, but they reserved the right to change it, so HTTP took over because it was free.
No, it took over because HTTP was better at handling HTML and that was better for describing hypertext (I remember when Gopher consisted of pages that were either a bunch of links or a load of plain text; it hadn't occurred to anyone at the time to merge the two) and that (especially with embedded images, and later forms) was engaging for a great many people. The brilliance of the web (i.e., of Tim Berners-Lee) was not HTTP or HTML — the former sucked before 1.0 and still wasn't all that great until 1.1, and the latter is verbose and unpleasant to write — but rather the combination, especially with graphical clients available. I suspect that the web wouldn't have taken off without NCSA Mosaic, even though it sucked in so many ways.
That's not to say that the internet wouldn't have taken off. Email has traced its own path, as has News (and slashdot would have mostly worked in the latter).
Presumably the IP addresses would work as well, and failing that, use a different DNS provider or a local hosts file. Seems like a bit of a waste of time for the Belgian courts.
The problem is that what the judge (or rather the plaintiff in the relevant case) really wants is to block access to the Pirate Bay website as a service, yet that's hard to actually specify. The service has many DNS names. The IP address might be shared. The service could be on multiple IP addresses (and could most certainly be migrated). Conceivably, the servers could be seized, but they might be shared (and jurisdiction would have to be established, which would be difficult). Seizing a purely virtual entity is really tricky, as backups make it trivial to resurrect.
While TPB are damned idiots for being such blatant scofflaws, shutting them down is not a task I'd even bother with. It'd be like trying to kill a hydra in clown shoes.
So, basically, 90% of the applications you really want - Games with multiplayer(sockets), image viewers/manipulators(File IO), stuff like wget(sockets), web browsers(both), raw media players(like Mplayer, etc)(File IO) - won't be available from the store.
I fail to see how you jump to that conclusion. Virtually all of those can work just fine with asynchronous operations; it's just a matter of rethinking from "read this now" to "get this data in and call me back when you're done", which isn't as difficult as you might imagine, especially if you're using a language (like C#) with 'yield'. (The only one I'm not 100% sure about is the multiplayer game; while in theory it should be possible, I don't know the practicalities there.) To say they can't be done asynchronously is silly.
Whether the provided API is suitable for doing them all though, I don't know.
Eclipse's memory usage has to do with it's OSGi underpinnings.
I'm not sure it does; Eclipse was still a bloated pig before it was switched to OSGi. The problem really seems to be if you have a lot of plugin modules loaded (like I have...)
What? Not existing and never existent? I can assure you that Skype most certainly does exist and has done for an infinite-percent longer than my sister ever has.
[Microsoft] also has deals lined up with providers in the U.K.,...
That's hardly surprising, given that most TV content in the UK is already available on competing platforms, and has been for a while. This is just MS playing catch-up with what Sony's PS3 has done for a while now; the surprising thing is how long they took to do it.
You made the first affirmation, burden of proof to educate is yours.
I see a lot of server-side Java use round here. I see a lot in the companies I work with, which are of various sizes. I see a little Ruby, but not really very much. I don't see any Python at all. (Not to say it's not there, but I don't see it.) I also see a fair amount of C#, but only really in the Microsoft-based shops. YMMV.
Java's big in business. It's mainly big in business because it's already big in business. Yes, that's circular, but what I mean is that there's a large install-base of Java code and not a lot of desire to rewrite it all. A key factor in that is the sheer number of high-quality libraries and development tools available; it's grown into a very rich ecosystem indeed. The identity of the company that owns the core platform isn't that big a deal, so long as they don't make any massive blunders (trying to charge large licensing fees would be such a blunder; having a bug in a particular release is nowhere near as critical). Like it or not, Java's very entrenched now.
Exactly! Why send a probe to a distance that is not significantly closer to the sun than the earth? They are observing visible light, ultraviolet and X-rays, which could be observed from the earth or from an earth orbit.
First, you get more detail if you're close. Second, they'll also be making in situ particle and magnetic measurements and those you can't get any other way. Right now, we've got lots of conjecture about what's going on in the heliosphere close to the sun, but damn little actual data; some things you can only measure by getting an instrument to the location, other things could theoretically be measured remotely but practically can't because the instruments would be overwhelmed by the friendly local star. Without better measurements in that area, there's just no way to sort out a model of what's going on; the models that we have tell us clearly that we don't understand enough (the results they give when dealing with the area[*] close to the sun are ridiculous, so all we can do is use the models further out where they work better).
I'm not a solar physicist, but I work on a team that integrates solar data from many missions (and earth-based observatories too) and I know from talking to the solar physicists on the team that the results of this probe will be very useful. [* That word should be "volume", but it makes the sentence sound stupid. ]
Well, strictly it is a Nobel Prize in that it is one of the prizes specified by Alfred Nobel's will (unlike the Economics Prize). However, the committee that awards it is Norwegian (for reasons that are too complicated for me to remember and too dull for me to look up) and it's always been highly political. The award to Obama was not actually that remarkable by the standards of the Peace Prize, given that it had previously been given to some highly dodgy characters. (Any organization that gives an award for peace to Henry Kissinger and Yasser Arafat has got to be not taken too seriously.)
That's a funny statement. Do you think algorithms don't, oh, maybe... operate on data?
In the real word, most programs operate via the use of many different algorithms applied to data that's been organized into state. Moreover, the requirements for what those programs do will change, and quite rapidly. (Customers tend to not appreciate what a program can do for them until they see the work-in-progress, and then they think of more things for that program to do. That's human nature.)
Slashdot Mirror
Your assuming that even without corporate influence the money will get spent wisely.
While some won't, quite a lot will. Funnily enough, a majority — even a large majority — of people working for the government actually want to do good. (Not all, and at least not always in a way that is truly good, and that's why citizens should be wary, of course.) But waste and corruption? They usually come from the top, especially when it is on a large scale. Particularly wasteful is changing things a long way after the start of a project, you know, in the way Congress (like most politicians everywhere) loves to do. You see it over and over, and every time you know it is wasteful. (Sometimes it can save a worse waste, but the threshold is really rather higher than politicians think.)
Of course, outright corruption should always be stamped out completely. It's costly, and (more importantly) it's wrong. But it need not be endemic.
Yes, I agree. When I wrote the original it had paragraphs. But one forgets that you're posting as HTML and haste makes one neglect P tags.
And properly checking the preview it seems.
I suspect that big money can be made ...
Only if you get the scaling factor on your printing press wrong!
Code Search is the part I'll miss the most.
Me too. I've found it invaluable for finding what projects were using one of my APIs! You might think you know these sorts of things, but you don't. Really. Searching big code-bases is the only way to really find that sort of thing out. The only reason I've not been using it recently is because Google have tried very hard to hide it.
Dear Google.
You know how you have the company ethos being "Don't be evil"? Well, closing down Code Search shows that to be utterly a sham. You're just another evil money-grubbing bunch of scum like Facebook, Microsoft, Apple, Amazon or Oracle. You might as well announce a new program of torturing kittens for profit or biting the heads off babies. After all, it won't lessen anyone's opinion of you.
If I type character in my computer by keyboard and the wrong thing shows up on the screen it is my fault. When the computer recognizes the wrong characters it is the machines fault.
So if some joker switches your keyboard layout to Dvorak (or to Qwerty, if appropriate) then it suddenly becomes the computers fault? It's just doing what it's been told to do; it's about as smart as a petrified tree stump.
The obvious problem being that you have to tell some rather nasty people where you live.
So give the address of the local police station instead. Remember, you don't have to tell the truth to crooks about anything. (Yes, it would mean that you don't get to keep the goods yourself, but that's OK because you're not scum. Right?)
For humans, the biological factors have changed dramatically in the last 50 years or so (effective birth control on the one hand, and far greater risk of disease on the other) but that doesn't instantly undo millions of years of evolution.
WTF? While you're right about birth control, you're dead wrong about disease risk. The invention of antibiotics has made a gigantic difference to disease risk, and while resistance is starting to increase the risk is still massively lower than it was for virtually all of human history. Things that were death sentences 100 years ago can now be cured (or at least contained) with pharmaceuticals. (I wouldn't say that we should trust big pharma, but they've managed to do a lot of good for all that. Their problem is that the low-hanging fruit is now mostly gone; future advances are going to be much harder won.)
I wouldn't be surprised if a disruption of GPS actually will kill people. And I don't blame GPS but the able navigators that probably aren't.
Before GPS, a lot of seamen died from poor navigation. Knowing where you are at sea is hard, especially when conditions are less than ideal. The issue is just that there are far fewer landmarks (hah!) and if visibility is obscured by storm, rain or fog, you just don't know where you are. The old methods of navigation (a chronometer, compass and sextant) are only relatively crude. GPS has made a gigantic difference to marine safety, making going onto known rocks, sandbars and other (semi-)fixed obstacles a much less common occurrence.
Seriously, guys. Off the coast of Scotland?
It's close to a base (saving a lot of transit time) and great for practicing maneuvering in tricky waters. But they should practice being without GPS by just turning the receivers off, not jamming them.
No, you couldn't because NOBODY had Windows in 91.
'91 was when Win 3.1 came out, and that was when it was becoming obvious that Win really was evolving to becoming a full-time OS. (It wasn't there yet at the time, oh boy it wasn't there, but it was clear that was the way things were going.) Surfing the web at that time (well, info services like gopher) required third-party software, but it definitely existed. I remember using it.
I think he's talking about Convergence, the CA replacement system proposed by Moxie Marlinspike
The problem is there has to be some way to take old server certificates out of use and replace them with new ones, and that mechanism has to be doable without any signature by either the old certificate or the old CA. Moreover, you can legitimately have multiple certificates for one domain. The upshot of that is that if you pop up a dialog each time you detect such a thing happening, you'll train users to click OK for all security problems, which is an astonishingly bad idea! The advantage of the current system is that it has very few false alarms so users take seriously the problems that are detected.
The real problem is that browser makers have been falling down on their part of the job. It's important that they only include the master certificates of CAs that are genuinely trustworthy. Genuinely trustworthy CAs don't screw the trust system around (though they might charge more than you'd like; c'est la vie) and they ensure that the subordinate CAs that they admit are also trustworthy.
So your ISP gets a cert signed by random crappy browser-trusted cert authority (e.g., run by an intrusive government) for some domain(s) they are interested in monitoring traffic on, and due to the way SSL is implemented in browsers, you have no idea they are sniffing all your traffic to that site.
SSL is broken.
But coming up with something more secure that is still practical, that's hard. Not having certificates last indefinitely is a good thing (limits the amount of damage from an undetected theft) as is not forcing the use of the same CA every time. It's just that some CAs should never have been trusted in the first place and some clients are crap at checking whether a certificate is actually good. One isn't a protocol problem but instead a social one (and just requires a few companies to be crushed into paste to rectify) and the other is a quality-of-implementation issue.
You can't achieve perfect security even for all that (what if a blackhat is looking over the shoulder of the legitimate admin when the logs are being browsed? SSL doesn't prevent that! Oh noes!!!) and it's important that at least some people remain vigilant for problems. But you're advocating throwing many babies out with a rather small amount of bathwater, because all the major alternatives are either more vulnerable in general or require practices that will be desperately insecure in the hands of non-experts. The good thing about SSL is that, apart from the issues with trustworthiness of CAs, it deals very well with securing the communications channel without presenting decisions to users that they are unqualified to make; J Random User cannot and will not verify a signature of anything by hand, since just clicking OK is easier, and that leaves them much more vulnerable than at the moment.
Of course, if your real complaint is that you can't use self-signed certificates to get secure trustable SSL for free, then you're really just a grasping cheap-ass skinflint that is part of the problem, not the solution. The only way they can work is if the certs are pre-distributed to the clients (because anyone can issue them, they can be issued by anyone at all saying anything at all, which is precisely the meaning of untrustable). That. Does. Not. Scale. At. All.
Slashdot correctly quoted the University of Manchester article. It used "boron nitrate" repeatedly and only used "boron nitride" in a quote.
I've just checked; the "nitrate" is present once and "nitride" three times. Looks like a press-office error.
(Disclosure: I work for the same university.)
Instead the series both Hacker and Sir Humphrey were vain and often very foolish men.
Each was written to be like that type of person as seen by the opposing group (so politicians as seen by bureaucrats and bureaucrats as seen by politicians). Left and right are really unimportant in that particular struggle.
The brilliant part is that both are largely how the general public views both groups, in part because of that superlative sitcom.
I remember when there were more gopher sites than websites. Gopher's licensing wasn't bad, but they reserved the right to change it, so HTTP took over because it was free.
No, it took over because HTTP was better at handling HTML and that was better for describing hypertext (I remember when Gopher consisted of pages that were either a bunch of links or a load of plain text; it hadn't occurred to anyone at the time to merge the two) and that (especially with embedded images, and later forms) was engaging for a great many people. The brilliance of the web (i.e., of Tim Berners-Lee) was not HTTP or HTML — the former sucked before 1.0 and still wasn't all that great until 1.1, and the latter is verbose and unpleasant to write — but rather the combination, especially with graphical clients available. I suspect that the web wouldn't have taken off without NCSA Mosaic, even though it sucked in so many ways.
That's not to say that the internet wouldn't have taken off. Email has traced its own path, as has News (and slashdot would have mostly worked in the latter).
Presumably the IP addresses would work as well, and failing that, use a different DNS provider or a local hosts file. Seems like a bit of a waste of time for the Belgian courts.
The problem is that what the judge (or rather the plaintiff in the relevant case) really wants is to block access to the Pirate Bay website as a service, yet that's hard to actually specify. The service has many DNS names. The IP address might be shared. The service could be on multiple IP addresses (and could most certainly be migrated). Conceivably, the servers could be seized, but they might be shared (and jurisdiction would have to be established, which would be difficult). Seizing a purely virtual entity is really tricky, as backups make it trivial to resurrect.
While TPB are damned idiots for being such blatant scofflaws, shutting them down is not a task I'd even bother with. It'd be like trying to kill a hydra in clown shoes.
To me, as long as people are selfishly and deliberately trying to prevent others from going about their lives, you should be free to run them over.
Then you get to be free to be prosecuted for vehicular manslaughter. Or maybe murder. Freedom's not nice unless you extend it fairly to others too.
So, basically, 90% of the applications you really want - Games with multiplayer(sockets), image viewers/manipulators(File IO), stuff like wget(sockets), web browsers(both), raw media players(like Mplayer, etc)(File IO) - won't be available from the store.
I fail to see how you jump to that conclusion. Virtually all of those can work just fine with asynchronous operations; it's just a matter of rethinking from "read this now" to "get this data in and call me back when you're done", which isn't as difficult as you might imagine, especially if you're using a language (like C#) with 'yield'. (The only one I'm not 100% sure about is the multiplayer game; while in theory it should be possible, I don't know the practicalities there.) To say they can't be done asynchronously is silly.
Whether the provided API is suitable for doing them all though, I don't know.
Eclipse's memory usage has to do with it's OSGi underpinnings.
I'm not sure it does; Eclipse was still a bloated pig before it was switched to OSGi. The problem really seems to be if you have a lot of plugin modules loaded (like I have...)
But it's like kissing your sister
What? Not existing and never existent? I can assure you that Skype most certainly does exist and has done for an infinite-percent longer than my sister ever has.
[Microsoft] also has deals lined up with providers in the U.K., ...
That's hardly surprising, given that most TV content in the UK is already available on competing platforms, and has been for a while. This is just MS playing catch-up with what Sony's PS3 has done for a while now; the surprising thing is how long they took to do it.
You made the first affirmation, burden of proof to educate is yours.
I see a lot of server-side Java use round here. I see a lot in the companies I work with, which are of various sizes. I see a little Ruby, but not really very much. I don't see any Python at all. (Not to say it's not there, but I don't see it.) I also see a fair amount of C#, but only really in the Microsoft-based shops. YMMV.
Java's big in business. It's mainly big in business because it's already big in business. Yes, that's circular, but what I mean is that there's a large install-base of Java code and not a lot of desire to rewrite it all. A key factor in that is the sheer number of high-quality libraries and development tools available; it's grown into a very rich ecosystem indeed. The identity of the company that owns the core platform isn't that big a deal, so long as they don't make any massive blunders (trying to charge large licensing fees would be such a blunder; having a bug in a particular release is nowhere near as critical). Like it or not, Java's very entrenched now.
Exactly! Why send a probe to a distance that is not significantly closer to the sun than the earth? They are observing visible light, ultraviolet and X-rays, which could be observed from the earth or from an earth orbit.
First, you get more detail if you're close. Second, they'll also be making in situ particle and magnetic measurements and those you can't get any other way. Right now, we've got lots of conjecture about what's going on in the heliosphere close to the sun, but damn little actual data; some things you can only measure by getting an instrument to the location, other things could theoretically be measured remotely but practically can't because the instruments would be overwhelmed by the friendly local star. Without better measurements in that area, there's just no way to sort out a model of what's going on; the models that we have tell us clearly that we don't understand enough (the results they give when dealing with the area[*] close to the sun are ridiculous, so all we can do is use the models further out where they work better).
I'm not a solar physicist, but I work on a team that integrates solar data from many missions (and earth-based observatories too) and I know from talking to the solar physicists on the team that the results of this probe will be very useful.
[* That word should be "volume", but it makes the sentence sound stupid. ]
Nobel Peace Prize != Nobel Prize
Well, strictly it is a Nobel Prize in that it is one of the prizes specified by Alfred Nobel's will (unlike the Economics Prize). However, the committee that awards it is Norwegian (for reasons that are too complicated for me to remember and too dull for me to look up) and it's always been highly political. The award to Obama was not actually that remarkable by the standards of the Peace Prize, given that it had previously been given to some highly dodgy characters. (Any organization that gives an award for peace to Henry Kissinger and Yasser Arafat has got to be not taken too seriously.)
That's a funny statement. Do you think algorithms don't, oh, maybe... operate on data?
In the real word, most programs operate via the use of many different algorithms applied to data that's been organized into state. Moreover, the requirements for what those programs do will change, and quite rapidly. (Customers tend to not appreciate what a program can do for them until they see the work-in-progress, and then they think of more things for that program to do. That's human nature.)