Well, that's Itanium, and see what it got them...
on
Inside Intel
·
· Score: 3, Interesting
Basically, Itanium was designed to address the "efficiency" issue, as well as enabling faster turnaround on new designs with a simpler core.
We all know how that turned out, don't we? Fundamentally, Intel is trapped by their own success. They haven't successfully introduced a really new architecture since the i860/i960, and that was YEARS ago.
People don't want "efficient" ot "elegant" processors. They want MegaHertz.
Ah, but my problem is that I need the glasses, I am quite blind and so if I decided to buy one of these as a stylish HUD or video viewer, I'd be half blind.
No problemo. You just hook this display into a digital video camera, and the movie will be overlaid over the "real world" data.
...and thus we have another leap forward for amorality...
Well, I try to innovate where I can:-)
Don't you mean Microsoft didn't do anything *illegal*?
No, I really mean that I think they didn't do anything wrong, given the nature of web polls. I'll try to explain:
If I insult you and tell you lies, I have done nothing illegal, but does that make it right?
Technically, that is a crime - at least if you do it in public. People get sued for it all the time. Look up the terms "slander" and "defamation of character" sometime.
Microsoft has clearly violated the intent of this poll. If Sun had done the same thing, you know Microsoft would be howling for blood.
What evidence do you have that Sun didn't try to rig the poll? Or that somebody at ZDNet didn't "adjust" the results to make them look more interesting? For that matter, what evidence can you offer that any of the votes were cast by somebody who actually builds software for a living? There simply isn't any evidence to be had re: the validity of the results...
And that's my whole point. From the perspective of an end-user of the poll data, the results are essentially random (in that they have no correlation to what the poll purports to "measure"). If my reputation, or the reputation of my company or its products might be harmed by the results of one of these polls, then I should do whatever I can to ensure a good outcome. An argument could be made that for a public company like Microsoft, that they have an obligation to the shareholders to do these sorts of things.
I do believe that the situation is quite different in the case of scientifically conducted surveys. But a web-poll is one step above graffiti on a wall in terms of scientific rigor.
My preferred solution would actually be to have a rational discussion with the various "news" sites about why these kinds of polls do more harm than good, or about ways to encourage more accurate data collection. However, I really doubt they'd be interested, since they have no vested interest in getting accurate results.
This is disinformation, plain and simple.
If there was any information content to be had from the poll, I'd agree. Given that there isn't, it's hard to argue that the final results are any more "disinforming" than the results before the "tampering".
I know that I will never buy any software written by Mark Bessey.
Oh well. I guess I'll just have to live with that. On the other hand, since you apparently base your purchasing decisions on ZDNet's user polls, that's probably not much of a loss, anyway.:-)
Since they had a vested interest in creating a false perception, and proceeded to try to do so, I think they have acted fraudulently.
I disagree, and not just because of the technical definition of "fraud". here's my thinking on the subject (for the record, I have helped "fix" online polls before, and I still think Microsoft is evil):
Anybody who knows anything about statistics knows that online polls are meaningless. Unfortunately, a lot of decision makers at large companies are deficient in their math education (which is a whole different story).
So, it's possible that somebody might be influenced by the poll. Since the poll is known to have no scientific basis, there's no reason not to rig it, since that looks better for Microsoft. Unless you get "caught", of course.
Unless online poll providers make some effort to ensure that their poll results are valid and accurate, or to educate the viewers that they're not, it's always going to be in somebody's best interest to try to swing the poll.
Fundamentally, I think that fixing a poll is no different from other actions that companies take to protect their reputation or promote their products.
I don't think that Microsoft did anything really wrong here. It'd be different if online polls had any of the same validity that real polls do. But they don't, which makes it merely a question of who most effectively stuffs the ballot box.
There's no reason to think that any of the people who voted in that poll are actually planning to deploy any kind of Web infrastructure, ever. Most of those who voted are probably 13 year olds who think that "Java is cool", so they voted for it.
Even if the poll results were completely "fair" before MS started stuffing ballots, who's to say that the cross-section of people that responded was at all appropriate. Real polling companies spend a lot of effort trying to get statistically-valid results, which is why they charge money for the service.
I know that if any product I work on shows up in a popularity poll (again), I'll vote early and often, and encourage others to do the same.
Seems like AES would have been a slam-dunk for ths. Or use WEP, or really anything but DES. Selling a product with 56-bit encryption in the 21st century shows a pretty extreme lack of cryptographic savvy
This had to have been designed by somebody as a side-project, then was commercialized when "the higher-ups" heard of it. Really, why would you choose DES, unless you had the code already lying around, or something?
Replay attacks are a protocol problem, and are best handled at that level, with timestamps, for instance.
Quantum Cryptography is all about protecting against undetected interception of your signal. If the detection problem gets solved, this could be a real revolution in the security of communication links.
The line can't be tapped, because if you intercept the photons, you can't re-create the signal. Read an article on Quatum Cryptography.
-Mark
"only a few square km"
on
Lunar Lasers
·
· Score: 2
I really doubt that you can focus a beam of microwaves with a reasonably-sized dish on the moon, and have it spread only to a couple square km over a distance of 100,000 Km. (That's about the right distance from Earth to Moon, isn't it?)
If only I hadn't slept through that explanation of diffraction all those years ago... Does anybody here actually know the math?
-Mark
Re:Microwave
on
Lunar Lasers
·
· Score: 5, Informative
Microwaves are easy to recieve - you simply stretch out a wire between two insulated poles, and the power just flows. That's the big advantage of microwaves over other power transmission possibilities.
Granted, given the spill-over from the "concentrated" beam of microwaves, you'll probably have to use some frequency that's not very popular for communication, but it's probably do-able.
The people who are worried about power-line emissions would probably go insane over this, though - the exposure levels would be MUCH higher.
Arguably, Microsoft's market dominance and the personal fortunes of its founders are the direct result of the success of Microsoft Basic and other earlier products. Gates and Allen did write code back in the "old days"...
Halogen light bulbs (as used in most projectors) will actually not last as long if you run them at a lower voltage. There's a cutoff point at which the halogen scavenging doesn't work anymore, and the filament will plate out on the bulb...
Like PayPal says, they're not an escrow service or a bank. If you want to make secure transactions with someone you've never met, you'll need to hire a trusted intermediary.
Would it be nice if Paypal was a little more customer-oriented? Yes, undoubtably. Unfortunately, their business model is all about minimizing costs, so they're really not in the customer-service business.
Really, there's nothing new here. You need to read all the fine print before you sign up for something. A "free" service will always have a lower level of customer service than a service that charges for it.
An interesting issue that's raised in some of the articles is how PayPal is ideal for money laundering. I never really thought about that, but it definitely looks like something that Ashcrft and Co. might decide to look into.
The more I use C the more I believe it is impossible to prevent memory related bugs. A portable language, it is. A suitably secure language, it is not.
I disagree. Maybe one of these days I'll actually get off my behind and write a C translator that actually does detect and reasonably handle common memory allocation and pointer-related errors.
The point is that there's nothing in the C language specification that makes it inherently less safe than any other language. Just because almost all C implementations don't do bounds checking on array and pointer access doesn't mean that it's impossible to do so, for instance.
For example, consider a compiler that converts C code into Java bytecodes. Obviously (?), programs compiled with that compiler would have all the same protections against memory corruption and unintended access that a Java program has...
The basic idea is that you experiment on a local system (in the debugger) to characterize to behavior of malloc()/free() when this bug is triggered.
Once you've done that, you should be able to get free() to overwrite some specific piece of memory by doing a glob operation that succeeds, followed immediately by one that fails, or some such.
Then, you use that building block to work out an attack. It's not exactly rocket science, but it IS more complicated to exploit than a typical security hole.
Slashdot Mirror
Basically, Itanium was designed to address the "efficiency" issue, as well as enabling faster turnaround on new designs with a simpler core.
We all know how that turned out, don't we? Fundamentally, Intel is trapped by their own success. They haven't successfully introduced a really new architecture since the i860/i960, and that was YEARS ago.
People don't want "efficient" ot "elegant" processors. They want MegaHertz.
-Mark
Ah, but my problem is that I need the glasses, I am quite blind and so if I decided to buy one of these as a stylish HUD or video viewer, I'd be half blind.
No problemo. You just hook this display into a digital video camera, and the movie will be overlaid over the "real world" data.
-Mark
Well, I try to innovate where I can :-)
Don't you mean Microsoft didn't do anything *illegal*?
No, I really mean that I think they didn't do anything wrong, given the nature of web polls. I'll try to explain:
If I insult you and tell you lies, I have done nothing illegal, but does that make it right?
Technically, that is a crime - at least if you do it in public. People get sued for it all the time. Look up the terms "slander" and "defamation of character" sometime.
Microsoft has clearly violated the intent of this poll. If Sun had done the same thing, you know Microsoft would be howling for blood.
What evidence do you have that Sun didn't try to rig the poll? Or that somebody at ZDNet didn't "adjust" the results to make them look more interesting? For that matter, what evidence can you offer that any of the votes were cast by somebody who actually builds software for a living? There simply isn't any evidence to be had re: the validity of the results...
And that's my whole point. From the perspective of an end-user of the poll data, the results are essentially random (in that they have no correlation to what the poll purports to "measure"). If my reputation, or the reputation of my company or its products might be harmed by the results of one of these polls, then I should do whatever I can to ensure a good outcome. An argument could be made that for a public company like Microsoft, that they have an obligation to the shareholders to do these sorts of things.
I do believe that the situation is quite different in the case of scientifically conducted surveys. But a web-poll is one step above graffiti on a wall in terms of scientific rigor.
My preferred solution would actually be to have a rational discussion with the various "news" sites about why these kinds of polls do more harm than good, or about ways to encourage more accurate data collection. However, I really doubt they'd be interested, since they have no vested interest in getting accurate results.
This is disinformation, plain and simple.
If there was any information content to be had from the poll, I'd agree. Given that there isn't, it's hard to argue that the final results are any more "disinforming" than the results before the "tampering".
I know that I will never buy any software written by Mark Bessey.
Oh well. I guess I'll just have to live with that. On the other hand, since you apparently base your purchasing decisions on ZDNet's user polls, that's probably not much of a loss, anyway. :-)
-Mark
I disagree, and not just because of the technical definition of "fraud". here's my thinking on the subject (for the record, I have helped "fix" online polls before, and I still think Microsoft is evil):
Anybody who knows anything about statistics knows that online polls are meaningless. Unfortunately, a lot of decision makers at large companies are deficient in their math education (which is a whole different story).
So, it's possible that somebody might be influenced by the poll. Since the poll is known to have no scientific basis, there's no reason not to rig it, since that looks better for Microsoft. Unless you get "caught", of course.
Unless online poll providers make some effort to ensure that their poll results are valid and accurate, or to educate the viewers that they're not, it's always going to be in somebody's best interest to try to swing the poll.
Fundamentally, I think that fixing a poll is no different from other actions that companies take to protect their reputation or promote their products.
-Mark
There's no reason to think that any of the people who voted in that poll are actually planning to deploy any kind of Web infrastructure, ever. Most of those who voted are probably 13 year olds who think that "Java is cool", so they voted for it.
Even if the poll results were completely "fair" before MS started stuffing ballots, who's to say that the cross-section of people that responded was at all appropriate. Real polling companies spend a lot of effort trying to get statistically-valid results, which is why they charge money for the service.
I know that if any product I work on shows up in a popularity poll (again), I'll vote early and often, and encourage others to do the same.
-Mark
This had to have been designed by somebody as a side-project, then was commercialized when "the higher-ups" heard of it. Really, why would you choose DES, unless you had the code already lying around, or something?
-Mark
Replay attacks are a protocol problem, and are best handled at that level, with timestamps, for instance.
Quantum Cryptography is all about protecting against undetected interception of your signal. If the detection problem gets solved, this could be a real revolution in the security of communication links.
-Mark
The line can't be tapped, because if you intercept the photons, you can't re-create the signal. Read an article on Quatum Cryptography.
-Mark
I really doubt that you can focus a beam of microwaves with a reasonably-sized dish on the moon, and have it spread only to a couple square km over a distance of 100,000 Km. (That's about the right distance from Earth to Moon, isn't it?)
If only I hadn't slept through that explanation of diffraction all those years ago... Does anybody here actually know the math?
-Mark
Microwaves are easy to recieve - you simply stretch out a wire between two insulated poles, and the power just flows. That's the big advantage of microwaves over other power transmission possibilities.
Granted, given the spill-over from the "concentrated" beam of microwaves, you'll probably have to use some frequency that's not very popular for communication, but it's probably do-able.
The people who are worried about power-line emissions would probably go insane over this, though - the exposure levels would be MUCH higher.
-Mark
Arguably, Microsoft's market dominance and the personal fortunes of its founders are the direct result of the success of Microsoft Basic and other earlier products. Gates and Allen did write code back in the "old days"...
-Mark
That's what I thought at first, but then there was this other quote in the Wired article:
Doody said one computer held more than 5,000 individual movie titles.
Even if the movies are pretty heavily compressed, that's got to be hundreds of Gigs, at any rate.
-Mark
Let's see:
1. Bill Gates
2. Paul Allen
...
hmm...anybody else? Is Microsoft the only company to make billionaires out of programmers?
That pretty much describes any Java-based technology, doesn't it?
-Mark
Halogen light bulbs (as used in most projectors) will actually not last as long if you run them at a lower voltage. There's a cutoff point at which the halogen scavenging doesn't work anymore, and the filament will plate out on the bulb...
Would it be nice if Paypal was a little more customer-oriented? Yes, undoubtably. Unfortunately, their business model is all about minimizing costs, so they're really not in the customer-service business.
Really, there's nothing new here. You need to read all the fine print before you sign up for something. A "free" service will always have a lower level of customer service than a service that charges for it.
An interesting issue that's raised in some of the articles is how PayPal is ideal for money laundering. I never really thought about that, but it definitely looks like something that Ashcrft and Co. might decide to look into.
-Mark
The US Army's HEL sites:
http://www.smdc.army.mil/FactSheets/THEL.html
http://www.smdc.army.mil/FactSheets/HELSTF.html
TRW's contribution:
http://www.trw.com/thel
-Mark
http://lasers.llnl.gov/lst/helstf.html
I disagree. Maybe one of these days I'll actually get off my behind and write a C translator that actually does detect and reasonably handle common memory allocation and pointer-related errors.
The point is that there's nothing in the C language specification that makes it inherently less safe than any other language. Just because almost all C implementations don't do bounds checking on array and pointer access doesn't mean that it's impossible to do so, for instance.
For example, consider a compiler that converts C code into Java bytecodes. Obviously (?), programs compiled with that compiler would have all the same protections against memory corruption and unintended access that a Java program has...
-Mark
...Linux is (or maybe GCC).
Regardless of whether you think C is a good language for high-level applications (I don't), there's nothing wrong with the C language, as such.
This bug is the result of a poor implementation of malloc() and free(). Passing an invalid pointer to free() shouldn't corrupt the heap.
It's not impossible to write a C implementation that's immune to the vast majority of these problems.
-Mark
It's definitely not trivial, but...
The basic idea is that you experiment on a local system (in the debugger) to characterize to behavior of malloc()/free() when this bug is triggered.
Once you've done that, you should be able to get free() to overwrite some specific piece of memory by doing a glob operation that succeeds, followed immediately by one that fails, or some such.
Then, you use that building block to work out an attack. It's not exactly rocket science, but it IS more complicated to exploit than a typical security hole.
-Mark
Well, I suppose it's too much to ask for MSNBC to get the terminology right.
Okay, I'm done beating this dead (trojan) horse.
Not much more likely than the FBI being arrested for breaking and entering when they do a raid.
At least they still need a warrant to do this, right? right?
I vote for "slugbot".
That's just what the world needs - meat-eating robots....
>
Don't these people watch Sci-Fi movies? What were they thinking?
Bruce, you've played a number of "unconventional" heroes on TV and in films. Which character was the most fun to play?