> And is it really possible, as a pratical matter, for technology as complex as GCC to be forked by volunteers?
What's the problem here? I've "forked" a number of C compilers in the past. I found myself working on projects that needed a cross-compiler, so I got one and recompiled it for the new machine. In the process, I invariably had to make a number of changes. Thus, to aid in debugging, I added a builtin caller() function to several compilers that acted pretty much like perl's function of that name. I've also added in a number of hooks to make the code interoperate with debuggers. This should all qualify as a "fork", since my code was never folded back into the original compiler. And yes, I did such things all by myself.
Granted, GNU makes things that are bigger and more complex than most others. But I don't think that forking it would be much of a job for one person who knows a bit about compilers. If GNU didn't want something useful folded back in, the result could well be a fork.
I'd like to opine that this is something that Microsoft richly deserves, and it likely won't be much of a precendent at all.
We've read several news stories about MSN's TOS that gives them ownership of everything on customers' web sites. We've read the stories about their lifting images from customers' web sites and using them in ads. Microsoft's attitude all along has been that they own everything on their machines.
So it's not at all odd that they should be held legally responsible for images that they claim to own.
Lawyers have been pointing out for some time that the way out of this is for ISPs to simply declare that they are merely "carriers" and aren't responsible for the contents of customers' files or communications. A century of precendent with services like the phone system supports the idea that a common carrier can't be made to police the communications over its lines. The communications are the property of the customers, not the company.
Similarly, the corporations (mostly governmental) that maintain the streets and highways aren't responsible for the legality of cargo carried by users' vehicles.
It's likely that the real outcome of this will be to stop Microsoft's attempts to claim ownership of everything produced by their customers. If they persist in making such claims, they will be held liable for the contents of their files, and will be forced to hire staff to examine each and every file on every customer's web site. This will be so expensive that they'll have to either give up the ISP business or declare that they don't own customers' files.
What we want is a situation where we can all put whatever we want on our web sites, and the ISPs can't interfere. Legality should be strictly between a site's owner and the local governments. We want the ISPs to keep their noses out of our content.
They don't seem to define quite what it means, but as near as I can tell, it's pretty much the same thing as the atomup updates that database systems have been doing for a few decades.
What is there in Red Hat's patent application that is actually new?
> I suspect that the majority of computers are not (or, for those in businesses, should not) play digital media.
This doesn't matter. The bill in question will outlaw software that CAN make illicit copies. So any program that merely copies a file (including cp and cat) will become illegal. The DOS "copy" command will also have to be deleted. They'll all have to be replaced by programs that examing the data, determine (how?) whether it contains anything that is copyrighted, and if so, refuse to copy it.
Also, if there is a programming language installed on your computer, it can be used to to write ("reverse engineer") a plain copy program. So programming languages will have to be considered illegal, since they encourage programmers to break the law.
As some people have said, what is being attempted is to make general-purpose computers illegal.
There is a lot of precedence for this sort of legal overkill. Several years ago, there were a number of funny news reports of the town in Oregon that outlawed sex. It was in the guise of a bill that was intended to outlaw sex shows and the like. The way it was written, it outlawed all sex "within view of any place public or private". The lawmakers really were that clueless.
(I haven't heard whether anyone was ever arrested and charged with violating this law by having sex within their own bedroom. Presumably all it would take would be for a married couple to have a child. That would be pretty good proof of illegal activity, unless they could show that they had only had sex outside the town.;-)
If the rest of those people were like me, they didn't recive any notice from yahoo on the subject. I haven't seen anything at all about it from yahoo. I found out about it here at/., and then 10 to 20 minutes later in email from several mailing lists.
Also, I recently went to www.yahoo.com to see if I could find the opt-out page. I totally failed. The only reason I know its URL is messages from other sources. But yahoo has hidden it far too well for my meager brain to find, even when I know it's there somewhere.
> why couldn't the sheet music be quickly distributed on CD/memory card/etc. before the gig?
Well, in an orchestra or band, this would work pretty well, other than the klutziness of fussing with CDs. But I mostly play at "folk" events. The main motive is handling the frequent question "Hey, can you play...?" All too often, the response to that is "Does anyone remember how it goes?"
Right now, I have a semi-solution. I have one of those cute Kyocera smartphones, which comes with a real web browser. I can do a quick web search for a title, and play it through the phone's tiny speaker. Not hi-fi, but it impresses people no end. And in many cases, I've been able to find tunes quickly when someone asks. This gives me no end of geek points.
But this is basically a toy. Its screen is far too small to work on a music stand. A practical music-stand computer would be more like the bigger gadget being discussed here.
In any case, wireless IP connectivity would be far superior to CDs. No mess, no used CDs to dispose of, no picking up last evening's CD by mistake. And you can do real-time changes in the program when you have a good reason to. It gives you access to everything that's online, after all.
Omigod - I just reached karma 50! Gaaak! I've been far too serious and responsible lately. What'll all my friends think? I hope it's not too easy to find out who's really behind a/. id...
I promise I won't do it again, really!
(Actually, I suspect this problem is easy to fix. I've noticed that when I write things that I think are funny, and forget the smiley, they get modded down. Oh yeah, before I forget:-)
I've been involved with people doing music online. This is "music" in the sense of something that you put on a music stand and read, not "music" as in something that you put in a player and listen to.
One major barrier to use is getting the screen sitting on the music stand. Your typical big screen is hardly portable. Your typical laptop opens up in a way that just doesn't physically work on a music stand. This device opens sideways and lies flat, giving it a lot of potential.
Remaining questions: Can I get it with wireless IP access? If not, forget it. Setting up an Internet connection for N of them at a gig would typically take far longer than the gig itself takes. And if wireless access is via the usual phone-company route with per-minute connection charges, forget it. The cost of N phone connections would typically be more than you make at the gig. Unless it's a true "always on" IP setup, it's not usable.
Also, what happens when someone bumps the music stand and the gadget hits the floor? Do I buy a new one?
Also, forget Windows. If you want quality sheet music on a screen, you want a Mac or linux. Windows only supports commercial music packages with proprietary file formats. If I can't exchange the music files with other musicians, I won't even look at it.
There have in fact been experiments with using computers to display sheet music. One of the things that kills the idea is when the musicians discover that they can't write on the music. This is a total showstopper. In particular, no orchestra or band musician would consider using music if they couldn't write their own notes and comments on it. The article implies some sort of handwritten input ability. How good is it? Can I write on the displayed text itself? If not, forget it.
So we still have a way to go before it's usable. But this gadget shows some slight promise to solving some of the physical problems of current hardware.
> If the code behind the interface doesn't match the documentation, it's not for you to fix.
Hey, thanks! That's an incredibly elegant summary of what I was saying. It explains exactly why I can't vouch for the correctness of any of my software.
(Yeah, I know; you didn't intend it that way. But the fact is you're exactly right. In many cases, even when I know where the bug is, I'm not permitted to fix it. That's the way commercial software development works. It explains a lot.)
Ummm... I've used a number of java apps in recent years. So I'm not convinced. The people who designed the language clearly had safety and correctness in mind. But a *lot* of the java programmers don't. Or their bosses don't permit it.
There is one highly relevant difference between the way that we deal with hardware and software. With hardware, inner details, schematics, and the like are usually easily available. Often this is required by law in any critical applications.
With software, most programmers are writing code to run on systems (kernels, runtime libraries, and the like) that are usually proprietary. The inner details are not just neglected; the companies intentionally keep them secret and prosecute people who leak them.
As a result, software can't be made reliable, not even in principle.
We do have a few exceptions, e.g. linux and all the GNU stuff. If *everything* underneath your code is Open Source, then in principle you can examine it and find problems. (It ain't easy, but at least it's doable if your employer will permit the time that it takes).
But we're facing a major battle just getting Open Source software accepted by a tiny part of the market. In most jobs, you are required to write code for systems whose inner working you are not permitted to know.
The US government is even using proprietary, binary-only computer systems in secure and mission-critical situations. Anyone who expects the code in such situations to be reliable is either utterly ignorant or actively malicious.
Myself; I'd welcome rules that make me and other software developers responsible for bugs in our code. If there were such a legal requirement, I could point to it when someone denies me access to the information that I need, and say "I can't possibly write correct code when you are keeping vital information from me. Show me the inner details of these parts of the system, and I'll agree to write reliable code for it."
Of course, in a couple of cases, when I've gotten my hands on such details, I've proceeded to write a proof that certain things could not be done reliably on that system. "Fix that bug in that library, and I'll vouch for my code. Until then, here's my bug report describing exactly how it will fail."
Unfortunately, when I've done this, the usual result was that I was looking for another job soon thereafter.
(One such lost job was when I proved that certain sensors in a nuclear power plant could not be made to work reliably due to their software. But that was 20 years ago; maybe they've fixed it by now.;-)
Some years back, as a grad student, I saw a bunch of colleagues do a rather unnerving experiment. Much of the number crunching was, as usual, done in Fortran. So they instrumented the compiler to silently test for integer overflow, report when it happened, and also report whether the program tested for it.
Their result was that roughly 50% of the Fortran programs on the mainframe computer produced at least one number in the output that was wrong due to undetected integer overflow.
This itself would be bad enough. But a bunch of us followed this up by asking Fortran programmers about it. What we did specifically was to point out that, unlike floating point, where there's an interrupt, integer arithmetic required a separate instruction to test the overflow flag. So testing for integer overflow took extra cpu cycles. Then we asked them whether they thought that software should be modified to always test for integer overflow, as is done with floating point.
The answer was overwhelmingly that if it took extra cpu cycles, the software should not check for overflow.
When we pointed out that this introduced the risk of programs producing incorrect results, the Fortran programmers invariably said that didn't matter. Faster is better, even if some of the results are wrong.
I think of this whenever I read about computers used in medical, transportation, or other areas where malfunctioning software could put lives at risk.I don't believe that the "software culture" has changed significantly in this respect since then.
So what else could it be? And note that if I get modded down, there will probably be some (equally funny) followups accusing the moderators of anti-Semitism.
> I hope that you get modded down as a troll, motherfucker.
Y'know, I once heard someone point out that every father is a motherfucker. Since then, I haven't taken the term as an insult.
I got infected by the Klez virus at least 15 years ago. I heard tapes of the Klezmer Conservatory Band, the Klezmatics, Brave Old World, and reissues of Dave Tarras recordings from the 20's and 30's. Believe me, it just gets worse. Last Saturday (after sunset), I was at a klez jam, about two dozen people playing clarinets, fiddles, accordions, etc., and it lasted well past midnight.
Makes it difficult to get up in the morning and go to church, I'll tell ya.
Haven't confessed it to any priest yet, though. I'm not sure I'd trust the priests here in the Boston area with such information.
There doesn't seem to be a cure, either. I don't know anyone who caught this one who ever got over it.
> Bottom line: everybody with a computer needs some sort of antivirus protection,
Yeah, and probably the best way to get it at present is to install FreeBSD. OpenBSD and linux are close behind it.
A curious thing that I keep noticing is that the overwhelming majority of virii and other such perversities are on Microsoft systems. A few are on Macs. People try to wiggle out of this by saying that unixoid systems aren't common enough to be attractive to virus writers. But the first "demo" viruses in the early 80's were on unix systems, and the unix world is infested with hackers. Also, nearly half the cpus in the world are running some unix-like system (including a lot that were sold with Windows, and are listed as Windows machines in the sales figures). The real reason that unix-type systems aren't being hit is that they are much less susceptible.
Similarly, with the Y2K problem, I saw here and there a few comments that almost all the known Y2K bugs were on IBM and Microsoft systems. Cobol programs were at the top of the list of problems at the application level. But the media made very little note of this. They told us that Y2K was a universal computer problem. Well, most people using unix-type systems did nothing much to prepare for Y2K, and nothing much went wrong.
We could use a lot more finger pointing at the systems and software that are sucsceptible to such problems. Maybe then they'd get fixed. But the media is in love with IBM and Microsoft, and goes out of its way to not mention their names when there are problems. So they'll just continue to get away with selling susceptible systems to the gullible public.
We had prototype email viruses 20 years ago. And the solution was known 20 years ago. For Microsoft to continue foisting them on the public is unconscionable.
This sort of thing seems to have happened already.
Back in the 80's and early 90's, I worked for a couple of companies whose lawyers advised against building products on Sys/V unix, on the grounds that their reading of the ATT license implied that any program compiled with the ATT compiler and linked to the Sys/V libraries (yes, including libc.a) would become the property of ATT.
This seems to have been the way a lot of lawyers interpreted the Sys/V licence, and it is widely believed to be one of the things that killed off Sys/V.
Considering that linux is in effect a reimplementation of Sys/V (i.e., POSIX), this seems quite believable. This shows that it wasn't Sys/V itself that developers found objectionable.
This could well be a real case of a company shooting its own product in the foot by trying to sneak in an "everything you develop on our system belongs to us" license.
Maybe Microsoft will kill its own systems off the same way. I know a number of developers of quality sound software who don't want to sell in the Microsoft market. Their argument is that if they sell directly to customers, Real Player kills their product and users have to keep reinstalling it. The only way to get off Real Player's hit list is to sign a Microsoft license, and that essentially hands over the rights to your software to Microsoft.
A couple years ago I worked for a company that built firewall and other security software. While I was there, they pulled the NT version of their software, and announced that future releases would only be on unix/linux systems. Their management gave numerous reasons. Primary was the inherent unreliability of a system with hidden "black box" internals whose behaviour they couldn't know or promise. And part of their reason was the very real danger that Microsoft would require integration with NT as the price for getting access to internals, giving Microsoft effective ownership of the code.
With enough of this sort of thing, Microsoft may wake up one day and find that nobody is willing to develop any more software on their systems.
Wasn't there a report along this line just last week?
> "Do you think developing countries will bable to use open source to develop and keep pace with the western world?" My answer: not unless they get open governments to support it.
This misses one of the main points pushing open source in much of the developing world: Commercial software has secret inner workings that you can't know about. This puts you at the mercy of the corporation that built the software. It can have all sorts of trapdoors and spy code, and if you're on the network, the software can be sending your data back to headquarters without you knowing it.
This is especially worrying to closed governments. If you were a third-world dictator, would you want a big American corporation to have a secret pipeline into your computers?
The only real solution to such worries is to follow the same rule as any high-security installation: You only run programs for which you have all the source code. And you compile them yourself. And you make sure that you have a pool of loyal citizens who have the training to study the software and tell you what it can and can't do to you, and maybe modify it for your own purposes.
Yeah, some governments are buying Microsoft and other corporations' software. They'll eventually find themselves at the mercy of those corporations. Maybe we should feel sorry for them. The smart ones won't fall into this trap.
This shows a profound lack of knowledge of the Computing literature. Back in 1982 (December issue IIRC), there was an article published describing The Newcastle Connection. This was a fully-distributed unix system built on exactly the same model. It was a unix system that incorporated other systems as components, treating the network as a bus. The result was a large multi-processor unix system.
They weren't nearly the last ones to announce that they had done such a thing. For a while, in the mid-80's, it was somewhat of an inside joke. It seemed that everyone was making their own distributed unix system using the same design.
I built one myself, and so did a fellow down the hall from me (at Project Athena at MIT). We both spent about a month of our spare time on it, and both of ours worked. One of my demos consisted of a Makefile with source scattered across as many machines as I could get accounts on. I showed that, despite the fact that the clocks on some machines were off by hours or days, my code correctly adjusted for clock skews and compiled the right things. I didn't need to modify make or the compiler, I just linked them to my libcnet.a, which replaced all the system calls with my distributed routines, and they corrected for the clock problems.
The problem isn't the difficulty in building a truly distributed system. Any competent software engineer should be able to do that. The problem is that the commercial world has no interest in selling such a thing, and the non-commercial world remains ignorant of things like this that were demoed several decades ago.
One of the true frustrations from having built such a system is having to work with things like NFS, that still can't get its clocks right (at least not without requiring super-user permissions on every subsystem). When I decided to solve this problem so that make would work, it took me a morning, and I didn't use super-user permissions anywhere.
BTW, the Newcastle system was used internally in a number of corporations. But the many attempts to make it more widespread just hit brick walls. So now we have the kludgery of HTTP and URLs rather than the simple, elegant schemes that the various distributed-system people have used.
> sure... each slashdotter is going have a project on par with a nuclear physisist...
Well, there was the new order-N sort algorithm that was described recently.
It was based on the concept of a quantum computer. The idea was that in to sort N items, you use quantum indeterminacy to choose a random permutation of the items. This will cause the universe to split into multiple copies, one per permutation. You test the resulting list (an order N operation), and if it's not sorted, you destroy the universe. In the remaining universe, the list will be sorted.
Destruction of the universe was left as an exercise for the reader.
If this isn't on a par with nuclear physics, I don't know what is. And it's Just a Matter of Programming...
> I noticed that all of my traffic was being routed through Arlington VA. This stopped about two months ago.
That was when they finally got their filter software installed at your ISP, and they no longer needed to route the traffic through their overloaded central site.
Ya gotta realize that they have a tremendous logistical problem. You can't install software in every router overnight. If you have millions of sites on your watch list, you first need to hit the routing tables to redirect those sites' traffic to one of your (big and fast) sites. Then you can take the time to put in the local filters.
Also, the NSA and FBI don't have millions of people on staff to do this. They've been paying lots of overtime in the past six months, and they're still way behind in the work.
Note that IE has long identified itself with an id string that starts with "Mozilla/...". I doubt that the Netscape folk ever seriously considered challenging this blatant infringement. Against a giant like Microsoft, it would cost you millions of dollars and a decade of time. You'd be bankrupt long before you won the case.
> Just because kids like spaghetti, and kids like peanut butter, doesn't mean they'll like spaghetti and peanut butter.
Well, if they're the kids of typical computer geeks, they'll be very familiar with Thai and Vietnamese food, so peanut butter on spaghetti won't strike them as the least bit odd. But they might complain that you left out the scallions and bean sprouts, and maybe it could use a bit of hot pepper sauce.
> And is it really possible, as a pratical matter, for technology as complex as GCC to be forked by volunteers?
What's the problem here? I've "forked" a number of C compilers in the past. I found myself working on projects that needed a cross-compiler, so I got one
and recompiled it for the new machine. In the process, I invariably had to make a number of changes. Thus, to aid in debugging, I added a builtin caller() function to several compilers that acted pretty much like perl's function of that name. I've also added in a number of hooks to make the code interoperate with debuggers. This should all qualify as a "fork", since my code was never folded back into the original compiler. And yes, I did such things all by myself.
Granted, GNU makes things that are bigger and more complex than most others. But I don't think that forking it would be much of a job for one person who knows a bit about compilers. If GNU didn't want something useful folded back in, the result could well be a fork.
I'd like to opine that this is something that Microsoft richly deserves, and it likely won't be much of a precendent at all.
We've read several news stories about MSN's TOS that gives them ownership of everything on customers' web sites. We've read the stories about their lifting images from customers' web sites and using them in ads. Microsoft's attitude all along has been that they own everything on their machines.
So it's not at all odd that they should be held legally responsible for images that they claim to own.
Lawyers have been pointing out for some time that the way out of this is for ISPs to simply declare that they are merely "carriers" and aren't responsible for the contents of customers' files or communications. A century of precendent with services like the phone system supports the idea that a common carrier can't be made to police the communications over its lines. The communications are the property of the customers, not the company.
Similarly, the corporations (mostly governmental) that maintain the streets and highways aren't responsible for the legality of cargo carried by users' vehicles.
It's likely that the real outcome of this will be to stop Microsoft's attempts to claim ownership of everything produced by their customers. If they persist in making such claims, they will be held liable for the contents of their files, and will be forced to hire staff to examine each and every file on every customer's web site. This will be so expensive that they'll have to either give up the ISP business or declare that they don't own customers' files.
What we want is a situation where we can all put whatever we want on our web sites, and the ISPs can't interfere. Legality should be strictly between a site's owner and the local governments. We want the ISPs to keep their noses out of our content.
Microsoft has just had its nose slapped.
They don't seem to define quite what it means, but as near as I can tell, it's pretty much the same thing as the atomup updates that database systems have been doing for a few decades.
What is there in Red Hat's patent application that is actually new?
I think the term is "Microshafted".
> I suspect that the majority of computers are not (or, for those in businesses, should not) play digital media.
;-)
This doesn't matter. The bill in question will outlaw software that CAN make illicit copies. So any program that merely copies a file (including cp and cat) will become illegal. The DOS "copy" command will also have to be deleted. They'll all have to be replaced by programs that examing the data, determine (how?) whether it contains anything that is copyrighted, and if so, refuse to copy it.
Also, if there is a programming language installed on your computer, it can be used to to write ("reverse engineer") a plain copy program. So programming languages will have to be considered illegal, since they encourage programmers to break the law.
As some people have said, what is being attempted is to make general-purpose computers illegal.
There is a lot of precedence for this sort of legal overkill. Several years ago, there were a number of funny news reports of the town in Oregon that outlawed sex. It was in the guise of a bill that was intended to outlaw sex shows and the like. The way it was written, it outlawed all sex "within view of any place public or private". The lawmakers really were that clueless.
(I haven't heard whether anyone was ever arrested and charged with violating this law by having sex within their own bedroom. Presumably all it would take would be for a married couple to have a child. That would be pretty good proof of illegal activity, unless they could show that they had only had sex outside the town.
If the rest of those people were like me, they didn't recive any notice from yahoo on the subject. I haven't seen anything at all about it from yahoo. I found out about it here at /., and then 10 to 20 minutes later in email from several mailing lists.
Also, I recently went to www.yahoo.com to see if I could find the opt-out page. I totally failed. The only reason I know its URL is messages from other sources. But yahoo has hidden it far too well for my meager brain to find, even when I know it's there somewhere.
> why couldn't the sheet music be quickly distributed on CD/memory card/etc. before the gig?
...?" All too often, the response to that is "Does anyone remember how it goes?"
Well, in an orchestra or band, this would work pretty well, other than the klutziness of fussing with CDs. But I mostly play at "folk" events. The main motive is handling the frequent question "Hey, can you play
Right now, I have a semi-solution. I have one of those cute Kyocera smartphones, which comes with a real web browser. I can do a quick web search for a title, and play it through the phone's tiny speaker. Not hi-fi, but it impresses people no end. And in many cases, I've been able to find tunes quickly when someone asks. This gives me no end of geek points.
But this is basically a toy. Its screen is far too small to work on a music stand. A practical music-stand computer would be more like the bigger gadget being discussed here.
In any case, wireless IP connectivity would be far superior to CDs. No mess, no used CDs to dispose of, no picking up last evening's CD by mistake. And you can do real-time changes in the program when you have a good reason to. It gives you access to everything that's online, after all.
If you can find it.
Omigod - I just reached karma 50! Gaaak! I've been far too serious and responsible lately. What'll all my friends think? I hope it's not too easy to find out who's really behind a /. id ...
I promise I won't do it again, really!
(Actually, I suspect this problem is easy to fix. I've noticed that when I write things that I think are funny, and forget the smiley, they get modded down. Oh yeah, before I forget:-)
I've been involved with people doing music online. This is "music" in the sense of something that you put on a music stand and read, not "music" as in something that you put in a player and listen to.
One major barrier to use is getting the screen sitting on the music stand. Your typical big screen is hardly portable. Your typical laptop opens up in a way that just doesn't physically work on a music stand. This device opens sideways and lies flat, giving it a lot of potential.
Remaining questions: Can I get it with wireless IP access? If not, forget it. Setting up an Internet connection for N of them at a gig would typically take far longer than the gig itself takes. And if wireless access is via the usual phone-company route with per-minute connection charges, forget it. The cost of N phone connections would typically be more than you make at the gig. Unless it's a true "always on" IP setup, it's not usable.
Also, what happens when someone bumps the music stand and the gadget hits the floor? Do I buy a new one?
Also, forget Windows. If you want quality sheet music on a screen, you want a Mac or linux. Windows only supports commercial music packages with proprietary file formats. If I can't exchange the music files with other musicians, I won't even look at it.
There have in fact been experiments with using computers to display sheet music. One of the things that kills the idea is when the musicians discover that they can't write on the music. This is a total showstopper. In particular, no orchestra or band musician would consider using music if they couldn't write their own notes and comments on it. The article implies some sort of handwritten input ability. How good is it? Can I write on the displayed text itself? If not, forget it.
So we still have a way to go before it's usable. But this gadget shows some slight promise to solving some of the physical problems of current hardware.
> If the code behind the interface doesn't match the documentation, it's not for you to fix.
Hey, thanks! That's an incredibly elegant summary of what I was saying. It explains exactly why I can't vouch for the correctness of any of my software.
(Yeah, I know; you didn't intend it that way. But the fact is you're exactly right. In many cases, even when I know where the bug is, I'm not permitted to fix it. That's the way commercial software development works. It explains a lot.)
Ummm ... I've used a number of java apps in recent years. So I'm not convinced. The people who designed the language clearly had safety and correctness in mind. But a *lot* of the java programmers don't. Or their bosses don't permit it.
There is one highly relevant difference between the way that we deal with hardware and software. With hardware, inner details, schematics, and the like are usually easily available. Often this is required by law in any critical applications.
;-)
With software, most programmers are writing code to run on systems (kernels, runtime libraries, and the like) that are usually proprietary. The inner details are not just neglected; the companies intentionally keep them secret and prosecute people who leak them.
As a result, software can't be made reliable, not even in principle.
We do have a few exceptions, e.g. linux and all the GNU stuff. If *everything* underneath your code is Open Source, then in principle you can examine it and find problems. (It ain't easy, but at least it's doable if your employer will permit the time that it takes).
But we're facing a major battle just getting Open Source software accepted by a tiny part of the market. In most jobs, you are required to write code for systems whose inner working you are not permitted to know.
The US government is even using proprietary, binary-only computer systems in secure and mission-critical situations. Anyone who expects the code in such situations to be reliable is either utterly ignorant or actively malicious.
Myself; I'd welcome rules that make me and other software developers responsible for bugs in our code. If there were such a legal requirement, I could point to it when someone denies me access to the information that I need, and say "I can't possibly write correct code when you are keeping vital information from me. Show me the inner details of these parts of the system, and I'll agree to write reliable code for it."
Of course, in a couple of cases, when I've gotten my hands on such details, I've proceeded to write a proof that certain things could not be done reliably on that system. "Fix that bug in that library, and I'll vouch for my code. Until then, here's my bug report describing exactly how it will fail."
Unfortunately, when I've done this, the usual result was that I was looking for another job soon thereafter.
(One such lost job was when I proved that certain sensors in a nuclear power plant could not be made to work reliably due to their software. But that was 20 years ago; maybe they've fixed it by now.
Some years back, as a grad student, I saw a bunch of colleagues do a rather unnerving experiment. Much of the number crunching was, as usual, done in Fortran. So they instrumented the compiler to silently test for integer overflow, report when it happened, and also report whether the program tested for it.
Their result was that roughly 50% of the Fortran programs on the mainframe computer produced at least one number in the output that was wrong due to undetected integer overflow.
This itself would be bad enough. But a bunch of us followed this up by asking Fortran programmers about it. What we did specifically was to point out that, unlike floating point, where there's an interrupt, integer arithmetic required a separate instruction to test the overflow flag. So testing for integer overflow took extra cpu cycles. Then we asked them whether they thought that software should be modified to always test for integer overflow, as is done with floating point.
The answer was overwhelmingly that if it took extra cpu cycles, the software should not check for overflow.
When we pointed out that this introduced the risk of programs producing incorrect results, the Fortran programmers invariably said that didn't matter. Faster is better, even if some of the results are wrong.
I think of this whenever I read about computers used in medical, transportation, or other areas where malfunctioning software could put lives at risk.I don't believe that the "software culture" has changed significantly in this respect since then.
> Y'see, "klez" is like "klezmer" ...
So what else could it be? And note that if I get modded down, there will probably be some (equally funny) followups accusing the moderators of anti-Semitism.
> I hope that you get modded down as a troll, motherfucker.
Y'know, I once heard someone point out that every father is a motherfucker. Since then, I haven't taken the term as an insult.
I got infected by the Klez virus at least 15 years ago. I heard tapes of the Klezmer Conservatory Band, the Klezmatics, Brave Old World, and reissues of Dave Tarras recordings from the 20's and 30's. Believe me, it just gets worse. Last Saturday (after sunset), I was at a klez jam, about two dozen people playing clarinets, fiddles, accordions, etc., and it lasted well past midnight.
Makes it difficult to get up in the morning and go to church, I'll tell ya.
Haven't confessed it to any priest yet, though. I'm not sure I'd trust the priests here in the Boston area with such information.
There doesn't seem to be a cure, either. I don't know anyone who caught this one who ever got over it.
> Bottom line: everybody with a computer needs some sort of antivirus protection,
Yeah, and probably the best way to get it at present is to install FreeBSD. OpenBSD and linux are close behind it.
A curious thing that I keep noticing is that the overwhelming majority of virii and other such perversities are on Microsoft systems. A few are on Macs. People try to wiggle out of this by saying that unixoid systems aren't common enough to be attractive to virus writers. But the first "demo" viruses in the early 80's were on unix systems, and the unix world is infested with hackers. Also, nearly half the cpus in the world are running some unix-like system (including a lot that were sold with Windows, and are listed as Windows machines in the sales figures). The real reason that unix-type systems aren't being hit is that they are much less susceptible.
Similarly, with the Y2K problem, I saw here and there a few comments that almost all the known Y2K bugs were on IBM and Microsoft systems. Cobol programs were at the top of the list of problems at the application level. But the media made very little note of this. They told us that Y2K was a universal computer problem. Well, most people using unix-type systems did nothing much to prepare for Y2K, and nothing much went wrong.
We could use a lot more finger pointing at the systems and software that are sucsceptible to such problems. Maybe then they'd get fixed. But the media is in love with IBM and Microsoft, and goes out of its way to not mention their names when there are problems. So they'll just continue to get away with selling susceptible systems to the gullible public.
We had prototype email viruses 20 years ago. And the solution was known 20 years ago. For Microsoft to continue foisting them on the public is unconscionable.
This sort of thing seems to have happened already.
Back in the 80's and early 90's, I worked for a couple of companies whose lawyers advised against building products on Sys/V unix, on the grounds that
their reading of the ATT license implied that any program compiled with the ATT compiler and linked to the Sys/V libraries (yes, including libc.a) would become the property of ATT.
This seems to have been the way a lot of lawyers interpreted the Sys/V licence, and it is widely believed to be one of the things that killed off Sys/V.
Considering that linux is in effect a reimplementation of Sys/V (i.e., POSIX), this seems quite believable. This shows that it wasn't Sys/V itself that developers found objectionable.
This could well be a real case of a company shooting its own product in the foot by trying to sneak in an "everything you develop on our system belongs to us" license.
Maybe Microsoft will kill its own systems off the same way. I know a number of developers of quality sound software who don't want to sell in the Microsoft market. Their argument is that if they sell directly to customers, Real Player kills their product and users have to keep reinstalling it. The only way to get off Real Player's hit list is to sign a Microsoft license, and that essentially hands over the rights to your software to Microsoft.
A couple years ago I worked for a company that built firewall and other security software. While I was there, they pulled the NT version of their software, and announced that future releases would only be on unix/linux systems. Their management gave numerous reasons. Primary was the inherent unreliability of a system with hidden "black box" internals whose behaviour they couldn't know or promise. And part of their reason was the very real danger that Microsoft would require integration with NT as the price for getting access to internals, giving Microsoft effective ownership of the code.
With enough of this sort of thing, Microsoft may wake up one day and find that nobody is willing to develop any more software on their systems.
Wasn't there a report along this line just last week?
Damn! I wrote my own about two months ago.
Maybe I'll grab theirs and see if it gives me any ideas.
> "Do you think developing countries will bable to use open source to develop and keep pace with the western world?" My answer: not unless they get open governments to support it.
...
This misses one of the main points pushing open source in much of the developing world: Commercial software has secret inner workings that you can't know about. This puts you at the mercy of the corporation that built the software. It can have all sorts of trapdoors and spy code, and if you're on the network, the software can be sending your data back to headquarters without you knowing it.
This is especially worrying to closed governments. If you were a third-world dictator, would you want a big American corporation to have a secret pipeline into your computers?
The only real solution to such worries is to follow the same rule as any high-security installation: You only run programs for which you have all the source code. And you compile them yourself. And you make sure that you have a pool of loyal citizens who have the training to study the software and tell you what it can and can't do to you, and maybe modify it for your own purposes.
Yeah, some governments are buying Microsoft and other corporations' software. They'll eventually find themselves at the mercy of those corporations. Maybe we should feel sorry for them. The smart ones won't fall into this trap.
There's also the price issue
This shows a profound lack of knowledge of the Computing literature. Back in 1982 (December issue IIRC), there was an article published describing The Newcastle Connection. This was a fully-distributed unix system built on exactly the same model. It was a unix system that incorporated other systems as components, treating the network as a bus. The result was a large multi-processor unix system.
They weren't nearly the last ones to announce that they had done such a thing. For a while, in the mid-80's, it was somewhat of an inside joke. It seemed that everyone was making their own distributed unix system using the same design.
I built one myself, and so did a fellow down the hall from me (at Project Athena at MIT). We both spent about a month of our spare time on it, and both of ours worked. One of my demos consisted of a Makefile with source scattered across as many machines as I could get accounts on. I showed that, despite the fact that the clocks on some machines were off by hours or days, my code correctly adjusted for clock skews and compiled the right things. I didn't need to modify make or the compiler, I just linked them to my libcnet.a, which replaced all the system calls with my distributed routines, and they corrected for the clock problems.
The problem isn't the difficulty in building a truly distributed system. Any competent software engineer should be able to do that. The problem is that the commercial world has no interest in selling such a thing, and the non-commercial world remains ignorant of things like this that were demoed several decades ago.
One of the true frustrations from having built such a system is having to work with things like NFS, that still can't get its clocks right (at least not without requiring super-user permissions on every subsystem). When I decided to solve this problem so that make would work, it took me a morning, and I didn't use super-user permissions anywhere.
BTW, the Newcastle system was used internally in a number of corporations. But the many attempts to make it more widespread just hit brick walls. So now we have the kludgery of HTTP and URLs rather than the simple, elegant schemes that the various distributed-system people have used.
> You're not funny.
Well, of course not. I was just repeating someone else's algorithm. They deserve the credit for the humor, not me.
> sure... each slashdotter is going have a project on par with a nuclear physisist ...
...
Well, there was the new order-N sort algorithm that was described recently.
It was based on the concept of a quantum computer. The idea was that in to sort N items, you use quantum indeterminacy to choose a random permutation of the items. This will cause the universe to split into multiple copies, one per permutation. You test the resulting list (an order N operation), and if it's not sorted, you destroy the universe. In the remaining universe, the list will be sorted.
Destruction of the universe was left as an exercise for the reader.
If this isn't on a par with nuclear physics, I don't know what is. And it's Just a Matter of Programming
> I noticed that all of my traffic was being routed through Arlington VA. This stopped about two months ago.
That was when they finally got their filter software installed at your ISP, and they no longer needed to route the traffic through their overloaded central site.
Ya gotta realize that they have a tremendous logistical problem. You can't install software in every router overnight. If you have millions of sites on your watch list, you first need to hit the routing tables to redirect those sites' traffic to one of your (big and fast) sites. Then you can take the time to put in the local filters.
Also, the NSA and FBI don't have millions of people on staff to do this. They've been paying lots of overtime in the past six months, and they're still way behind in the work.
Why don't you send them a resume?
Note that IE has long identified itself with an id string that starts with "Mozilla/ ...". I doubt that the Netscape folk ever seriously considered challenging this blatant infringement. Against a giant like Microsoft, it would cost you millions of dollars and a decade of time. You'd be bankrupt long before you won the case.
...
Anyway, it's funny; laugh
> Just because kids like spaghetti, and kids like peanut butter, doesn't mean they'll like spaghetti and peanut butter.
Well, if they're the kids of typical computer geeks, they'll be very familiar with Thai and Vietnamese food, so peanut butter on spaghetti won't strike them as the least bit odd. But they might complain that you left out the scallions and bean sprouts, and maybe it could use a bit of hot pepper sauce.