This was a concern of mine for a project that I started researching, which would have accepted source files from the web and compiled them (I still want to take it further but havn't got the time).
The most obvious problems are commands like \input, allowing files to be read, which could be disasterous (e.g. \input{/etc/passwd}).
Potentially worse is \write18, which allows you to write a file..
All is not lost however, after asking a suitably enlightened TeXnician, Thomas Esser (the te in teTeX), one just has to specify the appropriate options in texmf.cnf to restrict file access, both read and write.
For example
shell_escape = f
openout_any = p
openin_any = p
In this manner one can put restrictions on what TeX can do in the manner of sandboxing. It's fairly rudimentary but certainly effective!
..it is a programming language with no security model..
I'm not convinced this is the responsibility of the language, should this not be an issue with the platform, for example languages such as C++, FORTRAN 90 etc say nothing about "security", whereas the Java platform does.
...or even code signing...
I'm not sure code-signing is helpful (this is a general statement) as it doesn't prevent something bad being done, just who you trust to do it!
With other constraints such as memory usage and cpu time (from the shell), you can make TeX suprisingly bullet proof. One of it's advantages in this respect is that it is a straightforward, linear and deterministic system.
there is no reason not to start scanning paper-based photos in high-resolution
Apart from the fact that standard photographic prints are not really much better than a 300dpi equivalent image. Higher than that and you are just filling space on a hard drive, not getting more information from the image.
If we want real scientific information to be available to the masses, we should get the scientific journals to publish their material online for free.
Good luck. Someone has to pay. If you want to do that you will need an author pays model, such as in Optics Express. Alternatively you could go to the arXiv, of course there, you won't get the "benefit" of peer review.
Then, not being scientificly trained in the appropriate field, how do you make any sense of what you are reading?
In case anyone is purplexed, it is a reference to Dr. Strangelove, excellent and also the film debut of the voice of Darth Vader, or James Earl Jones as he is also known.
We have been looking at this for the purpose of acting as a backup server (disk space is running short). Came across a review which under due consideration I think rules it out. The application we have is for a set of redundent backup servers serving NFS backups. Since this doesn't support NFS out of the box it pretty much rules it out straight away. The lack of hot swap is also a no-no. In my opinion RAID is not much use unless you can couple that with a redundent disk which can be swapped in automatically when one fails. This is also not supported.
That said, the one aspect of it I like is the ease of extensibility. Daisy chaining these units is quite an attractive thing.
I have been considering some form of distrubuted storage cluster. In other words an array of machines which presents a single logical drive with redundency on a machine basis. Do people here have any experience with this (GFS et al.)? Care to comment?
[shameless plug]
In case anyone is wondering, the backup s/w is my own concontion yarbu. Which automates hourly, daily, weekly and monthly backups. I've been running this for about a year with ~1TB of backup under its control, spanning about a dozen machines. It's a lifesaver (not as fancy-shmancy as some others but very reliable).
You don't use an ammeter, instead measure the magnetic field generated by the current in the ring. It would remain constant if the current remains constant.
Ahh Yes Minister. I never appreciated it as a child. I now see it as terrifyingly close to the truth.
Perhaps that is what made it such a sublime comedy. Highly reccomended! As fresh today as it was during the TR (Thatcher Regina), perhaps because the nature of politics is a universal constant.
..everyone in the UK with a TV who pays £120/year to them..
Of course, these things are flexible. One must change with the times, so don't be surprised if you will need a license for your PC in a decade. Presumably this will be conducted using trusted computing! Gotta love it!
I don't think you don't understand the problem. The point of a power transmission system is to supply the load with a certain amount of power. The scenario can be understood by simply considering two resistors in series, one representing the resistance due to the power line, the other due to the load.
The aim of the game is to minimise the power wasted in the transmission line for a given amount of power supplied to the load.
P_load=I V_load
so
I=P_load/V_load
Now, the power lost in the line is P_line
P_line=I^2 R_line
Since I is the same in the load and the power line (they are in series)
P_line=R_line P_load^2/V_load^2
Hopefully you can see that the power lost in the line is inversely proportional to the load voltage.
This is why power lines run at such high potentials. Decreasing R_line is expensive and only has linear dependence, you don't want to reduce P_load since that defeats the point of a power line, leaving just one option, increasing V_load.
The situation is more complex with AC power of course since their is capacitative coupling between the line and the ground. This this is an extra source of loss that can be visualised like this. For the interested reader, much of the energy is actually transmitted in the field surrounding the line, not as is commanly thought in the metal making up the line. Look up the Poynting vector and work it out for a pair of wires if you are interested.
BTW, who is your physics TA in your college? He should be ashamed of himself.
I think the parent poster is referring to the ohmic losses due to transmission of power. Power dissipation is proportional to current squared.
P = I^2R
for an Ohmic system (any sensible cable), so if you want your cables to remain cool, I must be reduced, hence V increased.
This is of course why national grids are at 10s-100s of KV.
Of course once you want to use it to charge a battery, you have to use a transformer (or equivalent) to reduce the voltage and increase the current, something that would have to happen as close as possible to where the battery is.
Having said all that, I can't see petrol station forecourts dispensing a heady mixture of petrol and 10KV high power spark machines just yet, at least not with guys like this around!;-)
The PDA for me has worked the best as a raw text entry device.
I second that...
doesn't involve a lot of math or derivations
I tend to use LaTeX for documents so even that works out fine. Once you've go the hang of how to write equations etc (a few hours) it's dead easy. I've really come full circle regarding word processing, if you don't have this-or-that feature you don't play with it and inevitably end up doing more work!
As an aside, for those using PalmOS type devices I can recommend peditPro http://home.columbus.rr.com/nevai/palm/. In the end most people don't really need that colour screen and multimedia capability my trusty second hand Handspring does everything I need.
You're like a liberal who thinks the gov't can end poverty by wealth redistribution.
[offtopic I know]
That implies a strange type of liberalism, I'm guessing you're American. A good round-up of Liberal* can be found here and the American flavour here.
It's always struck me as ironic that calling something or someone a liberal is viewed as a bad thing in the "Land of the Free". I assume it's just a FUD campaign by the ultra-wrongwingers to make people think "Liberal"==="Evil Satanist".
[rant ends]
I am rather busy at the moment but will reply to your point properly soon.
It's gratifying to get involved in a decent discussion on this place for a change - but rather time consuming. In case I don't reply before these pages become static or by the Wednesday of next week, please prod me via e-mail (I cannot contact you as your e-mail is not public).
Slashdot Mirror
Hmmm, cunning... Ta.
This was a concern of mine for a project that I started researching, which would have accepted source files from the web and compiled them (I still want to take it further but havn't got the time).
The most obvious problems are commands like \input, allowing files to be read, which could be disasterous (e.g. \input{/etc/passwd}).
Potentially worse is \write18, which allows you to write a file..
All is not lost however, after asking a suitably enlightened TeXnician, Thomas Esser (the te in teTeX), one just has to specify the appropriate options in texmf.cnf to restrict file access, both read and write.
For example
In this manner one can put restrictions on what TeX can do in the manner of sandboxing. It's fairly rudimentary but certainly effective!I'm not convinced this is the responsibility of the language, should this not be an issue with the platform, for example languages such as C++, FORTRAN 90 etc say nothing about "security", whereas the Java platform does.
I'm not sure code-signing is helpful (this is a general statement) as it doesn't prevent something bad being done, just who you trust to do it!
With other constraints such as memory usage and cpu time (from the shell), you can make TeX suprisingly bullet proof. One of it's advantages in this respect is that it is a straightforward, linear and deterministic system.
Oooo... stop it!! First three rules of comedy; no puns, no puns and no puns.
Apart from the fact that standard photographic prints are not really much better than a 300dpi equivalent image. Higher than that and you are just filling space on a hard drive, not getting more information from the image.
If we want real scientific information to be available to the masses, we should get the scientific journals to publish their material online for free.
Good luck. Someone has to pay. If you want to do that you will need an author pays model, such as in Optics Express. Alternatively you could go to the arXiv, of course there, you won't get the "benefit" of peer review.
Then, not being scientificly trained in the appropriate field, how do you make any sense of what you are reading?
It's not such an easy problem to solve.
Drat! You beat me to it!
In case anyone is purplexed, it is a reference to Dr. Strangelove, excellent and also the film debut of the voice of Darth Vader, or James Earl Jones as he is also known.
That said, the one aspect of it I like is the ease of extensibility. Daisy chaining these units is quite an attractive thing.
I have been considering some form of distrubuted storage cluster. In other words an array of machines which presents a single logical drive with redundency on a machine basis. Do people here have any experience with this (GFS et al.)? Care to comment?
[shameless plug] In case anyone is wondering, the backup s/w is my own concontion yarbu. Which automates hourly, daily, weekly and monthly backups. I've been running this for about a year with ~1TB of backup under its control, spanning about a dozen machines. It's a lifesaver (not as fancy-shmancy as some others but very reliable).
You don't use an ammeter, instead measure the magnetic field generated by the current in the ring. It would remain constant if the current remains constant.
Perhaps that is what made it such a sublime comedy. Highly reccomended! As fresh today as it was during the TR (Thatcher Regina), perhaps because the nature of politics is a universal constant.
Well, of course! You wouldn't want to be accused of socialism would you? ;-/
Would you mind explaining exactly what std::tr1 is? I don't find it obvious from your code example.
Thanks
Of course, these things are flexible. One must change with the times, so don't be surprised if you will need a license for your PC in a decade. Presumably this will be conducted using trusted computing! Gotta love it!
Now, where's my tin-foil hat?
You should try the 99% stuff. Yowch!
Bitter? Not arf!
Goodness knows how they even make it solid.
I'm a fundamentalist apatheist.
Apathy rules!
Well, it would if it could be bothered.
Personally my choice is being Agnostic.
;-)
Tsk, that's so "last year". Why don't you stop beating around the bush and become a fundamentalist agnostic.
Still if I don't people won't understand....
I don't think you don't understand the problem. The point of a power transmission system is to supply the load with a certain amount of power. The scenario can be understood by simply considering two resistors in series, one representing the resistance due to the power line, the other due to the load.
The aim of the game is to minimise the power wasted in the transmission line for a given amount of power supplied to the load.
so Now, the power lost in the line is P_line Since I is the same in the load and the power line (they are in series) Hopefully you can see that the power lost in the line is inversely proportional to the load voltage.This is why power lines run at such high potentials. Decreasing R_line is expensive and only has linear dependence, you don't want to reduce P_load since that defeats the point of a power line, leaving just one option, increasing V_load.
The situation is more complex with AC power of course since their is capacitative coupling between the line and the ground. This this is an extra source of loss that can be visualised like this. For the interested reader, much of the energy is actually transmitted in the field surrounding the line, not as is commanly thought in the metal making up the line. Look up the Poynting vector and work it out for a pair of wires if you are interested.
BTW, who is your physics TA in your college? He should be ashamed of himself.I will pass on the message.
for an Ohmic system (any sensible cable), so if you want your cables to remain cool, I must be reduced, hence V increased.
This is of course why national grids are at 10s-100s of KV.
Of course once you want to use it to charge a battery, you have to use a transformer (or equivalent) to reduce the voltage and increase the current, something that would have to happen as close as possible to where the battery is.
Having said all that, I can't see petrol station forecourts dispensing a heady mixture of petrol and 10KV high power spark machines just yet, at least not with guys like this around! ;-)
I second that... doesn't involve a lot of math or derivations
I tend to use LaTeX for documents so even that works out fine. Once you've go the hang of how to write equations etc (a few hours) it's dead easy. I've really come full circle regarding word processing, if you don't have this-or-that feature you don't play with it and inevitably end up doing more work!
As an aside, for those using PalmOS type devices I can recommend peditPro http://home.columbus.rr.com/nevai/palm/. In the end most people don't really need that colour screen and multimedia capability my trusty second hand Handspring does everything I need.
00s (is that what this decade is called?1?)
;-)
I prefer "The Naughties".
Ahh the classic rub. Come now, you're not coming over all cynical about your democracy are you? ;-)
Well, I'm off home for a well-earned break. All the best for the new year.
[offtopic I know]
That implies a strange type of liberalism, I'm guessing you're American. A good round-up of Liberal* can be found here and the American flavour here.
It's always struck me as ironic that calling something or someone a liberal is viewed as a bad thing in the "Land of the Free". I assume it's just a FUD campaign by the ultra-wrongwingers to make people think "Liberal"==="Evil Satanist". [rant ends]
A body of pathologists.
flourescent lights would always dimly glow when not turned on
This has been used in a sculpture "Field" by Richard Box, artist in residence at the University of Bristol.
It looks great. Has anybody here seen it?
I am rather busy at the moment but will reply to your point properly soon.
It's gratifying to get involved in a decent discussion on this place for a change - but rather time consuming. In case I don't reply before these pages become static or by the Wednesday of next week, please prod me via e-mail (I cannot contact you as your e-mail is not public).
-ed