We can farm out a thousand servers to run a website. Don't. Have them be connection brokers.
Design an image for a server that boots, automatically announces itself to the connection brokers, and gets a unique name back.
Now every time you go over the capacity of your own datacentre, spin up that image on a few hundred Amazon/Azure/Whatever servers. In fact, for every two instances outside that you spin up, take off one of the internal ones so you have spares, have enough bandwidth for the connection brokers, etc.
People have been doing this en-masse for decades now in the larger datacentres / websites / infrastructure. Honestly how hard can it be? The only problem is exhausting your upstream bandwidth to TALK to all the servers that you're spinning up elsewhere. That's not something you can get quickly or cheaply if you've underestimated. But you can always just move the connection brokers to the cloud too, and solve that problem.
Sure it'll cost, but then it'll die down and you go back to internal servers if that's what you want. Meanwhile, you can say you had 10m people playing online at once rather than "we crapped out around one million because we designed it badly".
And what the hell is wrong with proper testing, including letting pre-orders go online early, so you can predict demand and fix problems before the proper launch? Oh, no, apparently we just let stuff break nowadays, because people have already paid for it so stuff them.
Dunno if we live in the same decade, but almost EVERYTHING I touch wants to update constantly now unless I turn it off. Windows installs updates on a daily basis if you leave it on the defaults. All modern smartphones. And, yes, consoles.
And given that Steam updates so often, in comparison I hear only a minority complaining about that. Usually when it updates it's either a fix or a new feature. I haven't witnessed a broken update in other 10 years, enough that I consider it one of the most privileged of programs on my computer in that I let it update itself every time (which is a privilege few others get).
I think that's the least of their problems to be honest. The biggest is really just going to be how to meet demand.
And, really, it's not that easy to confuse them unless you are really daft.
Copyright is about content you've made and covers only *your* content that *you* made.
Patents are about things you've thought of and cover anything that uses that idea in a real-life "machine" (at least in most places, where just having an "idea" of some maths can't be patented).
Trademarks are about your branding and product names, and cover only branding and product names in the same area of business as yours.
As it becomes weakened and the end is in sight, run a competition for alternatives.
In that competition, find Bruce's algorithms. Analyse the hell out of them because everyone seems to like them. Do not endorse them for your own use, because you've found a weakness.
At the point stories break about how you are listening to the world's communication, and people back off from EVERYTHING you have touched and might be able to use, go through your list of unpublished weaknesses. The biggest, let's say, being in Bruce's algorithms. Nobody else has spotted it. Nobody wants to touch anything that you've touched. Keep schtum. Let the world migrate to an algorithm you can crack. Put up some token resistance but try not to "endorse" it too much so that people think it's safe from you.
It needs no conspiracy theory. All it needs is an unpublished hole in a new algorithm that was submitted to them for testing, and for someone like the NSA to have found it (which is, basically, their job and what they are 10+ years ahead of academia in, like GCHQ inventing PKE long before RSA even thought of it), and nature and the media to then take their course (this doesn't need "planning", don't forget - it's bad that it happened, but why not use it now that it has).
Let everyone run around like headless chickens throwing themselves at anything "non-NSA" while you sit on the fatal flaw in it you found years ago and didn't approve it for internal use for exactly that reason. Now everyone THINKS they are safe, and yet the NSA are better off than ever before just by keeping quiet and doing their job.
Re:Why do we even go to these orgs anymore...
on
Did NIST Cripple SHA-3?
·
· Score: 5, Informative
In case you haven't noticed, the NSA are spies. They do nothing but infiltrate groups of interest all day long.
Such a group of OS programmers would be the perfect target. And why do we trust Schneier more than anyone else such that his involvement means something is acceptable? I love the guy, but no, that's not how trust works for mass-public security systems. If the NSA/GCHQ spies are working at anywhere near the levels they were back in their heyday of WW2, then Bruce would be my prime candidate for "beyond suspicion" and thus my first inclination that - somewhere, somehow - he could be a shill for them. I'm not seriously saying he is or isn't, but the point of security is that NOBODY should hold any special power over anyone else, certainly not the ability to single-handedly "approve" a worldwide security standard.
No, what we do is carry on as normal. Put all the algorithms to public testing. As attacks are found, knock out the vulnerable ones like a game of Guess Who, and only ever use whatever is still standing. You can't defend against attacks that you do not know about and if such agencies really ARE as worried as we think they might be about the world moving to encryption they can't break, then my first thought would be "what are they moving us towards, without trying to look like they are doing so?" - and there you run into Blowfish/Twofish and similar algorithms that they've had the opportunity to analyse for years now. It would be the perfect coup - make people think you are attacking them, then "be involved" with the only alternative of elliptic-curves and thus make everyone think that's your preference and hence subtly move them onto something else of your choice without even MENTIONING it or being involved with it.
Don't try to out-think a bunch of geniuses working with military-level funding and a real interest in keeping you on something broken. Just follow procedure - stay on what you've got until there's actual evidence it's broken. Don't jump ship to new and interesting and relatively untested things for no reason other than you feel uncomfortable.
I was programming at 8. I was taught programming by a computer manual at 8, actually. I'm no prodigy.
I have a degree but that's from clinging on for dear life to the top of the "fail" cliff for three years. I have a pretty average IT job. In terms of percentile, I doubt I'm in the top 20%.
My slightly-elder brother was programming at a similar time, for the same reasons. He got a degree too, but stopped programming after that. Our parents are basically (and they won't be offended by this) uneducated. I think they have a City & Guilds between them (vocational qualification from many years ago that counts for zip). They wouldn't know programming if it hit them on the head. My teachers actually PULLED ME BACK on programming because I was doing more than they could do and taking their classes for them, and the kids were learning more when I did. I have a school report that says so. Yet we're talking about showing people loops in BBC BASIC in the 1990's, hardly state-of-the-art.
Where did that knowledge come from? Pushy parents? Knowledgeable teachers? No. Reading a book once and tinkering when I was a kid? Yes.
You don't have to be a prodigy to program at 8. You just need to be exposed to it and not told what you should and should not be learning at that age and, most importantly, DO WHAT PEOPLE AROUND YOU DON'T UNDERSTAND THEMSELVES. Hell, the calculus they teach in some European middle schools kicks the crap out of what the UK teaches those going into university.
The stuff I did when I was a kid was because I had an interest in doing it, and an incentive. With formal education, damn, I could have been miles ahead of where I got to AND had everyone in my class at the same level. But if a manky old ZX Spectrum BASIC book, carelessly left open by my brother, can teach me programming at age 8, then it's not any more "difficult" than languages, mathematics, science, geography, archaeology or anything else you care to name.
Whether we should teach it? That's a question of working out what crap that we teach people will help them in their later lives. Most people in school now WILL come across an Excel macro in their professional careers (hell, the PE teachers in my school use them for scoring events because it's just a tool they know how to use and they aren't even particularly IT-literate). But I can name lots of other crap that we teach children that we absolutely SHOULD NOT BE.
And what you class as programming depends on the age. To me, I was programming BASIC at 8. Does that make me a programming genuis? No. Hell, people mock me for knowing BASIC now, despite the fact that I've been programming constantly for 25+ years in every language under the sun.
That's what BASIC was designed to do and in my generation, that was nothing (hell, we used to program games on TI calculators and swap them in our maths class, and not just the geeks) and we thought nothing of a child picking up a book and learning a skill that the parents knew little about. When you get into Scratch, Logo, and basic "control" (e.g. Lego Mindstorms etc.) then programming becomes something that ANY child can do. Literally, any.
You know how I know? I work in schools and in my country EVERY child does a bit of programming by the time they are 10, whether they realise it or not, mandated by government curriculum that are DECADES out of date and now have to include MORE IT in order to catch up with the rest of the world.
The biggest problem in IT is people thinking that using a computer is IT. It's not. In the same way that driving to work isn't automotive engineering. We can all learn to drive. Not all of us will learn how to design and build or even maintain a car ourselves. That's what the UK IT curriculum did wrong until recently and now they've realised what a cataclysmic mistake that was - now they are pushing to teach *real* IT with a generation of teachers that think that an IF statement and a flow-chart is "too hard" for an average 11-year-old.
Though I think the original post is overblown, absorption rates are irrelevant. My suburban house and surrounding land has only X amount of area exposed to sunlight. Most of that is not in direct sunlight. Most of it is actually angled to one way or another or on the side of my house (which the local council would never let me blanket in solar panels unless they were literally invisible).
Even then, assuming we invent a perfect solar convertor, and blanket every square inch of my property, and chop down every tree casting a shadow, there's an absolute maximum of sunlight energy coming to my house and land. For me, for my energy consumption, house-bound solar is a waste of time. By the time it paid the most basic of installation costs off, the panels would be deteriorated by weathering and useless. I've done the maths any number of times, for solar, wind, and everything else. Hell, personal wind wasn't even enough to cover the planning permission costs over the lifetime of the product, let alone the product itself.
There's only so much land you can steal solar energy from, and everything you steal is taken from something else. If you blanket deserts in the things, the deserts will be covered in shade. If you blanket grasslands in the things, the grass will die. And, as pointed out above, covering urban houses is a waste of time once you take the absolute maximum power of the sun and a theoretically ideal "solar energy converter" of any kind (not just photovoltaics) before you even think about transmission and conversion losses to help your neighbours.
Doing it on a nationwide basis requires SO MUCH LAND that it's almost inconceivable. And that kind of messing about on an industrial scale causes problems we won't notice for 50+ years. We complain about nuclear power plants taking up lots of land and affecting house prices - the necessary hundreds of thousands of square kilometers of solar would be much more devastating (which is why, in general, we can only deploy them small-scale or in unpopulated areas).
Solar has uses. It's not dead, by any means, but the technology has nowhere to go but a dead-end. If we perfect a device that somehow becomes a "black-hole" and captures every single possible bit of energy from the sun, in every frequency of the spectrum, it's still not viable in the long-term (and will never be better than TWICE as efficient as this solar panel - that's what 50% efficiency means, there's no such thing as 101% efficient without breaking laws of thermodynamics, and if we can do that, our energy problems are solved forever without any solar panels at all).
Absorption rates mean nothing. The people decrying this have, from day one, been looking at the best possible theoretical outcome. Sure, you can make "free energy". Sure you can even make profit with the right subsidies and materials. But what you can't do is do that forever, or against increasing energy use.
As I state time and time and time again to my clients:
If I can't reproduce it, I probably can't do anything to fix it.
- Show me the computer that does it. - Show me the actions that make it happen (it doesn't have to be PERFECTLY reproducible, just enough that I stand half-a-chance of going through the debug logs. / debugger and finding out WHAT crashed / went wrong). - Show it happening, right now, in front of me, somehow.
If it's really that prevalent a problem, it's hard to imagine that the above isn't trivially possible. If it's hard to trigger or obscure and requires very particular inputs (e.g. a single example of a particular corrupt file or similar), then a) it's probably not a massive world-wide issue, b) how do you expect anyone to fix it without being in that same situation themselves?
Open/closed source makes NO difference. It's simple debugging. When my network "breaks" and "doesn't work", I need to be able to see it do it. Without seeing it, I can only stab in the dark at potential fixes unless you're describing a problem I know very well already. Without seeing it, I can't even tell if it's not just your computer that's broke and not the network (or application, or website, or whatever).
The amount of "fixes" I see every day just by being in the room with the people who constantly report "major problems" that impact that work every day and stop them working, which resolve themselves by the sheer presence of me standing in the room watching them try to make it happen again is unbelievable. In some cases, I'm sure there is a problem that will trigger eventually and I'll see it and stand a chance of fixing it. But for 99.9% of those problems, we get to that stage because people are ADAMANT that something is broken that I am responsible for and when they come to demonstrate it in front of my superiors to try to explain why they've got NO work done, they are completely unable to. For days on end. With a dozen people around their computers constantly trying to break it deliberately.
The problem evaporates under inspection because - actually - it's usually not a problem at all, or they are doing something they shouldn't (and know full well, so don't reproduce that in their demonstrations), or our offer to replace/rebuild the crappy old machine they insist on using that's the only trigger for the problem is denied because of personal attachment to that broken, crashing, corrupt setup.
If you cannot reproduce a bug, even 1% of the time, in front of someone who has an idea how to debug it then - closed source or not - it's almost impossible to fix. And the more stab-in-the-dark fixes we try, the more frustrated you will be that they don't work.
Demonstrate it. Capture it on video. Provide debug logs. It's not hard on a general-purpose machine capable of running VLC to get such things (on smartphones, etc., it's infinitely more difficult). File a bug. Then we can look at say "Hey, it looks like X is crashing, I wonder why?" or "Can I have a copy of that media file? Oh look, byte X is corrupt... we'll have to handle that case but I suggest you redownload it." or even "God, I don't know! Can we get some other people to try to reproduce this so we can fix it?".
I'm not saying your problem will be fixed. But it stands a better chance that no doing your end of the debug work on the ONLY machine that is exhibiting this problem and interfering with your use of the program (where there are millions of other happy users).
It's not a fob-off. It's not about open-source. It's simple - if you think something is broke, you can't just say "It's broke". You have to give a clue about what's broke or - in the worst case - show us it breaking.
You wouldn't do that to a photocopier engineer. Or a mechanic. Or a doctor. You wouldn't say "It doesn't work" and then not show them what's wrong, or give them the thing to let them play with it and try to reproduce it. What makes you think a software engineer is able to magically and remotely diagnose a problem they can't even see or reproduce?
Re:Not to be a hater...
on
VLC Reaches 2.1
·
· Score: 4, Insightful
You can take it with you on a thumbdrive, don't need to install it, it works perfectly.
It supports virtually all codecs (I remember some problems with old.RM files in the early days, but they were obsolete even before then).
It's a compiled.exe that has some interchangeable DLL's that sit in the same folder and can be swapped without waiting for a new binary release.
It's nice, lightweight, very nice features, very configurable, free AND has all the client/server stuff too.
Personally, SMPlayer (and MPlayer's) early history on Linux was horrible - there was no one GUI that was nice enough on it (I can remember a dozen "XPlayer" where X was just the GUI someone slapped onto MPlayer, and you often had to download the win32 codecs separately - the codec situation was a bit of a faff at times, and I managed to crash it quite a lot).
By comparison, the VLC I use and install every day on hundreds of computers to be the default DVD and media player? I never really witness it crash. It plays everything I throw at it (including obscure CCTV formats). It's tiny and will even run from a network share. And it works the same on Linux, Windows and everything else.
You can say a lot of the same for both MPlayer and VLC - the question really is which one you preferred when you first used it (and when that was), so it's hardly a surprise that some don't like one or the other.
The BBC has David Attenborough, ffs, and yet still we end up with the program dumbed down, repeating previous "information" on animals, and selling itself on 3D and other crap. And last I heard, it was all moved to the Eden channel which I can't get anyway.
The BBC have no interest in keeping this kind of stuff going, so forcing them to keep it is counter-productive. They'll just do their best to cripple it so it "dies" naturally. Already comedians appear on any programs that have the slightest bit of intellect to them to appear "entertaining" to people who wouldn't care less about the program anyway (QI, Science Club, Sky at Night, etc.). Some of them add something (Dara O'Brien or whatever his name is, is actually quite intellectual but still it descends into nob gags, and the people they bring on with him haven't a clue and are just there to be laughed at for not knowing the answer, basically).
Let them kill it off, one of the world's longest running programs on TV, just because they want to. Let them be the idiots. The alternative is a sidelining that will kill it eventually anyway, which is where we've been for the last few years.
The Internet really needs to have a way for people to find content online that has the same ideals as those programs did early on - to educate and inform, not entertain - and let people discover their own niches free of the BBC's over-paid "talent".
Schools and exams are dumbed down already. Now TV is dumbed down. Appeal to the lowest common denominator as always, and suck every outlier back to the "average".
There's little left of merit on the BBC and what there is I cherry-pick out of iPlayer. Let them re-run crap like Doctor-fucking-Who to their heart's content and then wonder why nobody's paying for a TV licence.
Surely those sort of decisions first need a case where - despite all efforts to the contrary - there's something that can't be done as easily any other way as it could if you moved to a new C++ standard.
That's my biggest problem with most of these standards - quite what they add is hard to define, especially when the problems you point out are taken into account. Is there really anything in such a standard that couldn't be replicated by the programmers quite easily enough (or close enough), and would actually save more effort that it would take to create?
Until you find a use case that is advantageous for the exact type of things you do everyday (and which you cannot replicate simply via alternate methods), it's probably best to stay where you are.
Don't see any difference between this and just about any other Internet or mail-order companies.
"Allow 28 days for delivery", ffs, let alone when there's a complaint. Just spent SIX MONTHS waiting for my own car insurance company to acknowledge a single letter of dispute, and I was sending them registered post and threatening court action and STILL they couldn't even be bothered to say "We got your letter. We're looking into this." And, no, they don't have a phone number where anyone on the other end can even BEGIN to deal with things like this.
A company in the US that sells digital video games in the THOUSANDS so gets every technical support problem known to man for things that aren't even their code? I can live with a slow response.
And return policy? It's digital content - I've yet to see any decent policy on such things.
But if you don't like Steam, stay away from it. Less customers like yourself is less hassle for them to deal with. Personally, I've been there since day one and have IMMENSE customer service requirements for the companies that I deign to deal with. But Steam win on the very first item - try your best to ensure that I never need it. Haven't once had to contact them for anything, because I read up and knew what I was buying before I even put a credit card number anywhere near it.
You're talking about what we have now. Most people on the planet do not have a 3D printer. Most have never even SEEN one or know they exist, in fact.
What the article is talking about is the potential.
You can print shapes now, today. You can print kit-form working 3D models that move (the BBC show QI featured one nearly 5 years ago). You've been able to print circuit boards for a long time. If you've not known, you can get pens that lay down / repair copper circuits quite commonly, and we've had plotters for decades.
It's a question of what happens when the combination, when all of what we have available, now, today, is put together into a single consumer device that anyone can buy. And there, 3D printing an MP3 player is not really that hard to imagine. Hell, with FPGA's we are basically "downloading" complex and powerful integrated circuits. There are 3D printers that can lay down multiple materials, including metals.
It wouldn't take a great leap to get a machine that can print an object with integrated copper lines, then pluck an FPGA from a box, program it, and insert it at the relevant point deep inside a plastic model, and then carry on producing the rest of the item.
A 3D-printed MP3 player? We could do it today, with what we have today, if we could be bothered. We do it almost every day, but call it mass-production. The article is really about what happens when that kind of mass-production capability is at home. And then it IS a case of downloading a ZIP with a few 3DS models in it, an FGPA core, and letting the right device loose on it.
I have to agree in part - I'm very, very, very averse to "pre-orders" of any kind, especially speculative pre-orders.
That said, a careful person can get a lot of success out of Kickstarter. The Defense Grid 2 kickstarter? I got more hardware and software out of that than my money was worth within weeks and the game I invested in is definitely being built and yet I'm already "in profit" on what I invested.
I also supported a project set around a guy making a pack of gaming cards. I have them in my hands, and a bonus app on my phone, and a pretty presentation book with games, and a little felt pack to hold them in. I never expected 90% of that even KNOWING what I was investing in, but the guy behind it delivered, and delivered enormously.
It's not "kickstarter" that should be distrusted. It's investment. If it's not your thing, and you're a bad judge of what projects to invest in, then, no, it won't be good for you. I've seen enormous amounts of money thrown away on junk on Kickstarter - big names make no difference, grandiose ideas make no difference, planning and management make no difference. You have to just think to yourself "Who is this person? Can they deliver? Will it be worth THEM delivering?" - you're investing in the people, not the product, or even the execution.
As such, there are plenty of worthwhile things on Kickstarter and I think it's huge sections on indie music, dance projects, art projects etc. are a fabulous idea. But I've never invested in something that I didn't believe would pan out - I checked the HISTORY of the people and my trust in them more than anything to do with the product.
If you invest in a random project because it's something you want, then you might as well buy anything on QVC that "sounds good". The fact that it might turn out to be utter shite that cons you with fancy words and impossible promises is something that you shouldn't even need to be told to factor into your decision.
My father was a mechanic for lorry fleets for decades. He's moved onto delivery driver because there's just not enough "mechanic" work for lorry fleets any more and what there is is centrally managed. Most things are modular and just swapping out kit for a new one.
I work in IT, it's pretty much the same. I was shocked the other day to find a laptop keyboard of a particular model for only £10 on Amazon to repair someone's laptop for them. Every other time I've checked, it's cheaper to buy either an entire second-hand laptop of the same model or a new laptop than to faff about with components. And the other components that are modular (drives, RAM, etc.) are just rip-them-out-and-try-another. Mostly the things that break are plastics that are unique to each model and things like that. By the time you find the right part, or could even 3D print a replacement, and find someone to fit it, it's cheaper to throw it in the bin.
Phones are the same. I wouldn't even bother to take my phone apart, or my sat-nav, or just about anything electrical any more. Throw it away, buy a new one. If I was REALLY desperate for money, I'd pop it open and bodge something temporarily but still be on the lookout for a new one rather than trying to formalise the repair.
Repairs are going the way of the dodo. In a way, it's a loss of the craftsmenship in many industries, but additionally it's the logical choice. It's often cheaper to buy another example of a mass-produced item than to try to apply anything beyond the most simple of repairs to a broken one. I doubt even those companies that take back broken laptops on warranty etc. even bother to recondition them any more. There was a time when that would be profitable but it's a long while since I've seen reconditioned machines as prevalent as they used to be.
Go walk through your house. If your window glass breaks, yeah, you might call a glazier to JUST change the glass. But with double-glazing, anything specialist, films, leading, anything out-of-the-ordinary, you're probably better off just buying a new one. Your car. Your kitchen appliances (ever tried to repair a fridge?). Just about everything.
Back when this stuff was new technology and ridiculously expensive, you *would* get amateurs crack open a TV set and have a go because it was so god-damn expensive and the technology quite understandable that you stood a good chance of making things right. Nowadays, the tech is cheap, the warranties are long, the repairs are hard and the parts are impossible to come by. Even the companies that sell the machines and are called out on warranty repairs don't try to fix them half the time. It's just too wasteful.
I'm an IT Manager. I can't remember the last time I had to actually open a machine and play with expansion cards. Upgrading RAM is a once-in-a-PC's-lifetime event, if at all (with a 2-year replacement cycle, I haven't done it in nearly 8 years, I think). Drives and other components are modular and there's rarely a need to change them (the average "gamer" probably does 10 times more tinkering in the inside of a machine than myself with dozens of machines running a business).
It's all cheap commodity hardware now and is far beyond expansion or tinkering. Hell, I have at least five devices that have ARM chipsets at 800MHz+ running Linux on them, just in the pile of junk that I don't use any more (satnavs, old phones, old handheld consoles, old ebook readers etc.).
The time to cable a telephone isn't even worth it anymore. Stick some Cat6 in and get a VOIP phone.
It's an emotional loss, yes, but it's a completely, utterly, logical one. Nobody NEEDS to know how to repair this stuff. We just need to know how to make it, and make it cheap enough that it doesn't matter.
I always just assumed such things were good sense.
For years people fretted over WEP and then WPA being cracked. At no time was I affected. Sure, I bumped up my wireless to use the new systems, but all the time I was using OpenVPN and other software over the link anyway.
That thing broadcasts through the air - no way I'm trusting a single protocol, and once WEP was dead (and so badly), I certainly never trusted WPA that much either. When that was weakened, WPA2 looked shaky too. But I always had a second layer, and my usage of systems was never affected - there is basically zero overhead on a modern machine of having something like OpenVPN connect automatically over your wireless, even for gaming.
My servers run SSH2, sure, but the same again. I don't expose the ports and only certain things get access anyway. When you can get to an SSH port, you're looking at key-based authentication with passphrases (not made on the target machine). Bam, saved myself from a ton of port spam, plus all the Debian weak-key shite, plus the problem of my remote server being compromised someone and compromising keys that were generated on it.
It's a little paranoid, I have to admit, but when that slight paranoia - borne mainly of a desire to understand how these things work and then, when you have a working system, carrying it on throughout your use of that system - was justified, it becomes a reinforced habit.
And when you have things like VPN daemons running at lower privilege and the only escalation to root being through SSH2 keys over that VPN (and not any other way), then you have a double-protection against things.
Compromise of any one only gets you so far - a limited user account which can only SSH which a key you don't have, or authentication access to something which you can't VPN to anyway. It's not invincibility, but I assumed most of the Slashdot crowd would be doing similar things, just out of the same basic principle - experimentation, self-teaching, applying the same principles that we should to our work, and distrust (not of people like the NSA, but just that a protocol would eventually have a flaw discovered in it, and getting yourself twice the lifetime out of such systems).
It's also the reason I've never touched PPTP or IPSEC. Nothing to do with the NSA or GCHQ. I just never trusted their messes as one is now completely compromised and the other was always balancing on a knife-edge anyway.
Do people honestly NOT have this sort of double-layer protection? I mean, it won't stop GCHQ taking an interest in me, or asking my server host to butt in, but it stops things like simple compromises from ANY source walking straight into systems that they detect are running vulnerable software.
"However, implying that the fat people have less efficient digestive systems implies that somehow people are getting fat while extracting less from their food. Well... how did they get fat then?"
Think of the word "efficiency". The useful energy they get from their food is less than the thin people. Thus, there is a lot more "waste" - both fecal waste and unwanted things making it into the body but NOT being used for energy (e.g. fat).
It's not that they aren't eating the same things - it's that the thin people are able to digest smaller amounts of food to extract the same energy and thus avoid the by-products. In modern food, there's an awful lot of unnecessary fat. If you are processing that directly into energy, or not eating it, then you aren't storing it. If you aren't, then you're storing it as fat and therefore also need to eat more to get the same energy back. Which you also store as fat. And so on.
If you were suddenly thrown back into the stone age and/or trapped on a desert island, what you want is to have a gut that turns most of what you eat into energy (fat is not energy, except indirectly and at a later date, and at great cost - else fat people would be able to run marathons with their energy stores) with almost no waste. Efficient.
About the only advantage of fat storage is heat insulation (e.g. being thrown into an ice age / mountain environment), but that's actually not as good as just being able to get more energy out of the food you DO eat (because then you eat less, so your food store lasts longer, and you generate more internal body heat from it). You do lose lots of weight very quickly if you go to the Arctic, and it's something we've only been able to do very recently because of the available clothing and shelter and most importantly high-energy foods. Do if you look at the people going there or living there, they are NOT obese.
Fat is not a directly useful energy store. So in terms of efficiency, generating fat is a waste. It's what your body does only in the presence of excess nutrients that it can't process and serves little useful purpose because, archaeologically, we never had exposure to, nor a need, for that much energy in our food. It's basically an overload of a system that has never been able to get that amount of energy for a sustained time historically. Fat helps a little if you have a single binge (e.g. killing a large animal) followed by a fast and the food would otherwise go off, but it's not a good use of the energy otherwise.
Efficiency is quite important, both in antiquity and modern days. If you can eat less now and get the same energy from it, your food stores last longer, and you need to "hunt" less, which gives you time to do other things. And let's not get into the efficiency of trying to "hunt" or "forage" with fat stores that are classed as obese.
I haven't rented a DVD in my life. I once went with a schoolfriend and he rented a VHS. That's as close as I get.
I haven't been to a cinema in years. Nearly a decade. And before that, my cinema trips are minimal. I have been to the cinema more times in the US than I have been in the UK town I lived in for 20 years. I have been to the US - once. For a week.
My personal contribution to anything Hollywood is so small as to be infinitesimal. But, I realise that I'm an outlier here.
The problem is that democracy, in and of itself, is not as democratic as the word suggests. I cannot vote for myself. I cannot vote for you (unless you live in my country, maybe even my locality, and pay an awful lot of money and your time to register yourself as a candidate), I cannot vote for anyone that I have ever personally met and had a drink with. This, I have an issue with that extends beyond anything else.
However, I agree that the alternatives are no more appetising - yet I would argue that democracy in its current form is not "more appetising" than any other form of government. They all suffer the same basic problems, when you look deeply enough. Claiming that somehow democracy is a superior form of government is a claim that can only invite argument and comparisons - if I can't vote for who I want, even myself, does that make it a democracy? Or are we back to the "chosen few" model again already, in one simple swoop of the associated administrative issues of everyone being able to vote for anyone else?
(For example, would writing down an ID number of an individual that you WANT to vote for, instead of a box-ticking exercise, not be as simple as - and more fair - than ticking between half-a-dozen people you've never met and who obviously WANT a career in politics for some reason? Then the big-name people could publish their ID numbers and get people to write them on the ballot, and I could vote for me, or my friend Jack, too. I'd still "lose" the vote, of course, probably to a celebrity, but it would have some semblance of democracy about it).
However you cut it, the vast majority of people did not put any government in charge of them into power freely, nor would ever agree with all their policies. That is the inherent problem.
The problem HERE is that the US government, with aid from allies admittedly, has broken what was an international effort and network. And people are trying to say that "we" voted them in - no, we didn't. I have absolutely NO control whatsoever over that. And that's the most worrying part. If Russia, to pluck a country at random, was to have done the same to the US, and be the first revealed to have done so, and did so in contravention of its own and international laws, would we be having the discussion, or would my country now be in the middle of another battle?
The Internet wasn't the US's to break. Parts of it might have originated there (but not even the majority of it), but it has never owned it. But now "we" (collectively engineers and other people of the world) have to fix it. There's a very common mistake of thinking that the US is the only part of the world with an opinion, or which might want to do things its own way.
And so the goal is to bring the "inter" back into the Internet once more. Let the US do what it wants. Because when the rest of the world is only passing and can only be interacted with, using fully-encrypted traffic, their spying efforts get exactly what the outcome they brought upon themselves - more work, and less results.
What compromised foundation? A compiler that you can suck out and replace in a second with any of the alternatives?
Your *CODE* doesn't corrupt when you compile with a rogue compiler (that's what source management is for), only the base binary built from it.
The point is not to assume that your compiler is safe, but to work in a way that - WITH A SAFE COMPILER - your code is fine. Other people will be working with different compilers and - AGAIN - by comparing outputs of different compilers you can work on the assumption that they are not ALL compromised and so anything you use to code is fine. The step of later finding that GCC is malicious is a matter of replacing compiler and recompiling, not corrupting every line of code you've written in the meantime.
But losing YEARS of effort because you can't write a single line of code until you've audited GCC is insanity.
I didn't elect any of your governments. Or even my own, come to that.
Even if I had have voted, I could not have voted for/against certain provisions, so my vote means nothing in terms of individual actions by the government. We still went to war despite most people who voted the parties in not agreeing with it (and look likely to do so again soon).
My commercial choices don't "make" Hollywood, or other people, anything. People are dumb now, have been in the future, and always will be. Most of the "most popular" shows / movies, I've never seen in my life.
And, yes, everything "we" do is fucked up. That's why it takes the few who SEE that to come along and fix it - for themselves at first, and others later.
I don't get how you then jump to the last paragraph of your comment. His suggestion is actually pretty smart, fairly dangerous to assert in the current climate, and a call-to-peaceful-arms to regain freedoms we had, lost, the Internet returned, and we've lost again.
All he really wants is a secure Internet. How can you break that down to be a "bad" thing that's not practically relevant? I've been arguing that the same would happen for years, it's just taken discovery of major government tampering to make it happen.
A secure Internet? Boy, I'd pay to have one now. Trouble is, Tor is SSSSLLLOOOWWW, and not that secure (because eventually it has to talk to insecure sites for anything "popular"), private darknets are frowned-upon and limited in scope, and the public Internet is largely unencrypted unless we're about to put in a credit-card number (where our transactions are then once-again trackable).
Personal privacy is something that the governments of the world do not want us to have, but cannot give anywhere near a reasonable explanation why. As such, it's something I'd like to have. And that comes about by engineers, the same type as those who designed a network that anyone can join, anyone can talk to anyone else, and anyone can extend and expand without government authorisation, building such a thing.
I'm pretty sure I have a comment on here from my first few posts, back pre-2000-ish) that says pretty much exactly what's happened - governments will overstep the mark, we'll all go into a much more secure mode (no more plain text emails whizzing around email servers), and eventually it will be impossible to track or trace anything even though the actual communication is inherently public - even someone ordering groceries.
Though it is well worthy of investigation, I don't see that it's a prerequisite.
If your source code has all been compiled with a malicious compiler, but otherwise represents the bulk of your work, it doesn't take much to recompile it with another compiler later on. The problem can be fixed retroactively, and only prior binaries suffer the problems.
Additionally, auditing GCC would take years (and is, and has, been done by quite a few people), and the "double-compiler" trick pretty much rules out rogue interpretations that weren't in the source sneaking their way into the binary.
So, although important, the problem is fixable, and we can plough on with everything else first, rather than wait for the results of some lengthy GCC audit.
To be honest, more useful would be to implement double-compilation checking into the build system and then build with EVERY compiler and spot any differences. I think you'll find quite a lot of distros already do that, just to be sure (more from clever malware than some state-sponsored effort). Rather than relying on one compiler, get ALL the compilers involved, rogue or not, and spot the ones that do something different to all the rest.
So, no, they must NOT start with that. They should do that alongside everything else. And shout the second they see something suspicious. Unless you are compiling from source yourself, you're already trusting the person who builds the binaries and those distributing them not to play with SHA1 hashes, etc. that they confirm to the source they say they do.
Finding out later down the road that GCC is compromised isn't such a big deal in the scope of such a project (but obviously very serious elsewhere) - just recompile with something else, mark all previous binaries as untrusted and off you go. And in the meantime, the double-compile trick will let you know if any one particular compiler is doing ANYTHING it shouldn't anyway.
Waiting 10+ years for an audit of GCC is not unrealistic, but completely impractical to be something that acts as a prerequisite to anything else.
Every single project started by a person "with a great idea", and who won't tell anyone else, that I've ever seen, came to nothing. Hell, I was dragged into a few being a "programmer" when I was younger and it usually revolved around some crap idea that hadn't been tested or even defined to the point you could start implementing it.
Every single project that was successful was successful LONG before it got to the point that other people thought about stealing its code. It got those people coming BECAUSE they thought it was a good idea and worth copying etc., but still they had YEARS of head-start on any cloner coming along.
Ideasmen are cheap. A coder who can turn it into reality is much rarer. And that coder will probably make a better ideasman than anyone else.
Slashdot Mirror
Honestly, how hard can it be?
We can farm out a thousand servers to run a website. Don't. Have them be connection brokers.
Design an image for a server that boots, automatically announces itself to the connection brokers, and gets a unique name back.
Now every time you go over the capacity of your own datacentre, spin up that image on a few hundred Amazon/Azure/Whatever servers. In fact, for every two instances outside that you spin up, take off one of the internal ones so you have spares, have enough bandwidth for the connection brokers, etc.
People have been doing this en-masse for decades now in the larger datacentres / websites / infrastructure. Honestly how hard can it be? The only problem is exhausting your upstream bandwidth to TALK to all the servers that you're spinning up elsewhere. That's not something you can get quickly or cheaply if you've underestimated. But you can always just move the connection brokers to the cloud too, and solve that problem.
Sure it'll cost, but then it'll die down and you go back to internal servers if that's what you want. Meanwhile, you can say you had 10m people playing online at once rather than "we crapped out around one million because we designed it badly".
And what the hell is wrong with proper testing, including letting pre-orders go online early, so you can predict demand and fix problems before the proper launch? Oh, no, apparently we just let stuff break nowadays, because people have already paid for it so stuff them.
Dunno if we live in the same decade, but almost EVERYTHING I touch wants to update constantly now unless I turn it off. Windows installs updates on a daily basis if you leave it on the defaults. All modern smartphones. And, yes, consoles.
And given that Steam updates so often, in comparison I hear only a minority complaining about that. Usually when it updates it's either a fix or a new feature. I haven't witnessed a broken update in other 10 years, enough that I consider it one of the most privileged of programs on my computer in that I let it update itself every time (which is a privilege few others get).
I think that's the least of their problems to be honest. The biggest is really just going to be how to meet demand.
You're thinking of patents.
And, really, it's not that easy to confuse them unless you are really daft.
Copyright is about content you've made and covers only *your* content that *you* made.
Patents are about things you've thought of and cover anything that uses that idea in a real-life "machine" (at least in most places, where just having an "idea" of some maths can't be patented).
Trademarks are about your branding and product names, and cover only branding and product names in the same area of business as yours.
Implement AES.
As it becomes weakened and the end is in sight, run a competition for alternatives.
In that competition, find Bruce's algorithms. Analyse the hell out of them because everyone seems to like them. Do not endorse them for your own use, because you've found a weakness.
At the point stories break about how you are listening to the world's communication, and people back off from EVERYTHING you have touched and might be able to use, go through your list of unpublished weaknesses. The biggest, let's say, being in Bruce's algorithms. Nobody else has spotted it. Nobody wants to touch anything that you've touched. Keep schtum. Let the world migrate to an algorithm you can crack. Put up some token resistance but try not to "endorse" it too much so that people think it's safe from you.
It needs no conspiracy theory. All it needs is an unpublished hole in a new algorithm that was submitted to them for testing, and for someone like the NSA to have found it (which is, basically, their job and what they are 10+ years ahead of academia in, like GCHQ inventing PKE long before RSA even thought of it), and nature and the media to then take their course (this doesn't need "planning", don't forget - it's bad that it happened, but why not use it now that it has).
Let everyone run around like headless chickens throwing themselves at anything "non-NSA" while you sit on the fatal flaw in it you found years ago and didn't approve it for internal use for exactly that reason. Now everyone THINKS they are safe, and yet the NSA are better off than ever before just by keeping quiet and doing their job.
In case you haven't noticed, the NSA are spies. They do nothing but infiltrate groups of interest all day long.
Such a group of OS programmers would be the perfect target. And why do we trust Schneier more than anyone else such that his involvement means something is acceptable? I love the guy, but no, that's not how trust works for mass-public security systems. If the NSA/GCHQ spies are working at anywhere near the levels they were back in their heyday of WW2, then Bruce would be my prime candidate for "beyond suspicion" and thus my first inclination that - somewhere, somehow - he could be a shill for them. I'm not seriously saying he is or isn't, but the point of security is that NOBODY should hold any special power over anyone else, certainly not the ability to single-handedly "approve" a worldwide security standard.
No, what we do is carry on as normal. Put all the algorithms to public testing. As attacks are found, knock out the vulnerable ones like a game of Guess Who, and only ever use whatever is still standing. You can't defend against attacks that you do not know about and if such agencies really ARE as worried as we think they might be about the world moving to encryption they can't break, then my first thought would be "what are they moving us towards, without trying to look like they are doing so?" - and there you run into Blowfish/Twofish and similar algorithms that they've had the opportunity to analyse for years now. It would be the perfect coup - make people think you are attacking them, then "be involved" with the only alternative of elliptic-curves and thus make everyone think that's your preference and hence subtly move them onto something else of your choice without even MENTIONING it or being involved with it.
Don't try to out-think a bunch of geniuses working with military-level funding and a real interest in keeping you on something broken. Just follow procedure - stay on what you've got until there's actual evidence it's broken. Don't jump ship to new and interesting and relatively untested things for no reason other than you feel uncomfortable.
I was programming at 8.
I was taught programming by a computer manual at 8, actually.
I'm no prodigy.
I have a degree but that's from clinging on for dear life to the top of the "fail" cliff for three years. I have a pretty average IT job. In terms of percentile, I doubt I'm in the top 20%.
My slightly-elder brother was programming at a similar time, for the same reasons. He got a degree too, but stopped programming after that. Our parents are basically (and they won't be offended by this) uneducated. I think they have a City & Guilds between them (vocational qualification from many years ago that counts for zip). They wouldn't know programming if it hit them on the head. My teachers actually PULLED ME BACK on programming because I was doing more than they could do and taking their classes for them, and the kids were learning more when I did. I have a school report that says so. Yet we're talking about showing people loops in BBC BASIC in the 1990's, hardly state-of-the-art.
Where did that knowledge come from? Pushy parents? Knowledgeable teachers? No. Reading a book once and tinkering when I was a kid? Yes.
You don't have to be a prodigy to program at 8. You just need to be exposed to it and not told what you should and should not be learning at that age and, most importantly, DO WHAT PEOPLE AROUND YOU DON'T UNDERSTAND THEMSELVES. Hell, the calculus they teach in some European middle schools kicks the crap out of what the UK teaches those going into university.
The stuff I did when I was a kid was because I had an interest in doing it, and an incentive. With formal education, damn, I could have been miles ahead of where I got to AND had everyone in my class at the same level. But if a manky old ZX Spectrum BASIC book, carelessly left open by my brother, can teach me programming at age 8, then it's not any more "difficult" than languages, mathematics, science, geography, archaeology or anything else you care to name.
Whether we should teach it? That's a question of working out what crap that we teach people will help them in their later lives. Most people in school now WILL come across an Excel macro in their professional careers (hell, the PE teachers in my school use them for scoring events because it's just a tool they know how to use and they aren't even particularly IT-literate). But I can name lots of other crap that we teach children that we absolutely SHOULD NOT BE.
And what you class as programming depends on the age. To me, I was programming BASIC at 8. Does that make me a programming genuis? No. Hell, people mock me for knowing BASIC now, despite the fact that I've been programming constantly for 25+ years in every language under the sun.
That's what BASIC was designed to do and in my generation, that was nothing (hell, we used to program games on TI calculators and swap them in our maths class, and not just the geeks) and we thought nothing of a child picking up a book and learning a skill that the parents knew little about. When you get into Scratch, Logo, and basic "control" (e.g. Lego Mindstorms etc.) then programming becomes something that ANY child can do. Literally, any.
You know how I know? I work in schools and in my country EVERY child does a bit of programming by the time they are 10, whether they realise it or not, mandated by government curriculum that are DECADES out of date and now have to include MORE IT in order to catch up with the rest of the world.
The biggest problem in IT is people thinking that using a computer is IT. It's not. In the same way that driving to work isn't automotive engineering. We can all learn to drive. Not all of us will learn how to design and build or even maintain a car ourselves. That's what the UK IT curriculum did wrong until recently and now they've realised what a cataclysmic mistake that was - now they are pushing to teach *real* IT with a generation of teachers that think that an IF statement and a flow-chart is "too hard" for an average 11-year-old.
Though I think the original post is overblown, absorption rates are irrelevant. My suburban house and surrounding land has only X amount of area exposed to sunlight. Most of that is not in direct sunlight. Most of it is actually angled to one way or another or on the side of my house (which the local council would never let me blanket in solar panels unless they were literally invisible).
Even then, assuming we invent a perfect solar convertor, and blanket every square inch of my property, and chop down every tree casting a shadow, there's an absolute maximum of sunlight energy coming to my house and land. For me, for my energy consumption, house-bound solar is a waste of time. By the time it paid the most basic of installation costs off, the panels would be deteriorated by weathering and useless. I've done the maths any number of times, for solar, wind, and everything else. Hell, personal wind wasn't even enough to cover the planning permission costs over the lifetime of the product, let alone the product itself.
There's only so much land you can steal solar energy from, and everything you steal is taken from something else. If you blanket deserts in the things, the deserts will be covered in shade. If you blanket grasslands in the things, the grass will die. And, as pointed out above, covering urban houses is a waste of time once you take the absolute maximum power of the sun and a theoretically ideal "solar energy converter" of any kind (not just photovoltaics) before you even think about transmission and conversion losses to help your neighbours.
Doing it on a nationwide basis requires SO MUCH LAND that it's almost inconceivable. And that kind of messing about on an industrial scale causes problems we won't notice for 50+ years. We complain about nuclear power plants taking up lots of land and affecting house prices - the necessary hundreds of thousands of square kilometers of solar would be much more devastating (which is why, in general, we can only deploy them small-scale or in unpopulated areas).
Solar has uses. It's not dead, by any means, but the technology has nowhere to go but a dead-end. If we perfect a device that somehow becomes a "black-hole" and captures every single possible bit of energy from the sun, in every frequency of the spectrum, it's still not viable in the long-term (and will never be better than TWICE as efficient as this solar panel - that's what 50% efficiency means, there's no such thing as 101% efficient without breaking laws of thermodynamics, and if we can do that, our energy problems are solved forever without any solar panels at all).
Absorption rates mean nothing. The people decrying this have, from day one, been looking at the best possible theoretical outcome. Sure, you can make "free energy". Sure you can even make profit with the right subsidies and materials. But what you can't do is do that forever, or against increasing energy use.
As I state time and time and time again to my clients:
If I can't reproduce it, I probably can't do anything to fix it.
- Show me the computer that does it.
- Show me the actions that make it happen (it doesn't have to be PERFECTLY reproducible, just enough that I stand half-a-chance of going through the debug logs. / debugger and finding out WHAT crashed / went wrong).
- Show it happening, right now, in front of me, somehow.
If it's really that prevalent a problem, it's hard to imagine that the above isn't trivially possible. If it's hard to trigger or obscure and requires very particular inputs (e.g. a single example of a particular corrupt file or similar), then a) it's probably not a massive world-wide issue, b) how do you expect anyone to fix it without being in that same situation themselves?
Open/closed source makes NO difference. It's simple debugging. When my network "breaks" and "doesn't work", I need to be able to see it do it. Without seeing it, I can only stab in the dark at potential fixes unless you're describing a problem I know very well already. Without seeing it, I can't even tell if it's not just your computer that's broke and not the network (or application, or website, or whatever).
The amount of "fixes" I see every day just by being in the room with the people who constantly report "major problems" that impact that work every day and stop them working, which resolve themselves by the sheer presence of me standing in the room watching them try to make it happen again is unbelievable. In some cases, I'm sure there is a problem that will trigger eventually and I'll see it and stand a chance of fixing it. But for 99.9% of those problems, we get to that stage because people are ADAMANT that something is broken that I am responsible for and when they come to demonstrate it in front of my superiors to try to explain why they've got NO work done, they are completely unable to. For days on end. With a dozen people around their computers constantly trying to break it deliberately.
The problem evaporates under inspection because - actually - it's usually not a problem at all, or they are doing something they shouldn't (and know full well, so don't reproduce that in their demonstrations), or our offer to replace/rebuild the crappy old machine they insist on using that's the only trigger for the problem is denied because of personal attachment to that broken, crashing, corrupt setup.
If you cannot reproduce a bug, even 1% of the time, in front of someone who has an idea how to debug it then - closed source or not - it's almost impossible to fix. And the more stab-in-the-dark fixes we try, the more frustrated you will be that they don't work.
Demonstrate it. Capture it on video. Provide debug logs. It's not hard on a general-purpose machine capable of running VLC to get such things (on smartphones, etc., it's infinitely more difficult). File a bug. Then we can look at say "Hey, it looks like X is crashing, I wonder why?" or "Can I have a copy of that media file? Oh look, byte X is corrupt... we'll have to handle that case but I suggest you redownload it." or even "God, I don't know! Can we get some other people to try to reproduce this so we can fix it?".
I'm not saying your problem will be fixed. But it stands a better chance that no doing your end of the debug work on the ONLY machine that is exhibiting this problem and interfering with your use of the program (where there are millions of other happy users).
It's not a fob-off. It's not about open-source. It's simple - if you think something is broke, you can't just say "It's broke". You have to give a clue about what's broke or - in the worst case - show us it breaking.
You wouldn't do that to a photocopier engineer. Or a mechanic. Or a doctor. You wouldn't say "It doesn't work" and then not show them what's wrong, or give them the thing to let them play with it and try to reproduce it. What makes you think a software engineer is able to magically and remotely diagnose a problem they can't even see or reproduce?
You can take it with you on a thumbdrive, don't need to install it, it works perfectly.
It supports virtually all codecs (I remember some problems with old .RM files in the early days, but they were obsolete even before then).
It's a compiled .exe that has some interchangeable DLL's that sit in the same folder and can be swapped without waiting for a new binary release.
It's nice, lightweight, very nice features, very configurable, free AND has all the client/server stuff too.
Personally, SMPlayer (and MPlayer's) early history on Linux was horrible - there was no one GUI that was nice enough on it (I can remember a dozen "XPlayer" where X was just the GUI someone slapped onto MPlayer, and you often had to download the win32 codecs separately - the codec situation was a bit of a faff at times, and I managed to crash it quite a lot).
By comparison, the VLC I use and install every day on hundreds of computers to be the default DVD and media player? I never really witness it crash. It plays everything I throw at it (including obscure CCTV formats). It's tiny and will even run from a network share. And it works the same on Linux, Windows and everything else.
You can say a lot of the same for both MPlayer and VLC - the question really is which one you preferred when you first used it (and when that was), so it's hardly a surprise that some don't like one or the other.
Doesn't matter. Broadcast TV is dying.
The BBC has David Attenborough, ffs, and yet still we end up with the program dumbed down, repeating previous "information" on animals, and selling itself on 3D and other crap. And last I heard, it was all moved to the Eden channel which I can't get anyway.
The BBC have no interest in keeping this kind of stuff going, so forcing them to keep it is counter-productive. They'll just do their best to cripple it so it "dies" naturally. Already comedians appear on any programs that have the slightest bit of intellect to them to appear "entertaining" to people who wouldn't care less about the program anyway (QI, Science Club, Sky at Night, etc.). Some of them add something (Dara O'Brien or whatever his name is, is actually quite intellectual but still it descends into nob gags, and the people they bring on with him haven't a clue and are just there to be laughed at for not knowing the answer, basically).
Let them kill it off, one of the world's longest running programs on TV, just because they want to. Let them be the idiots. The alternative is a sidelining that will kill it eventually anyway, which is where we've been for the last few years.
The Internet really needs to have a way for people to find content online that has the same ideals as those programs did early on - to educate and inform, not entertain - and let people discover their own niches free of the BBC's over-paid "talent".
Schools and exams are dumbed down already. Now TV is dumbed down. Appeal to the lowest common denominator as always, and suck every outlier back to the "average".
There's little left of merit on the BBC and what there is I cherry-pick out of iPlayer. Let them re-run crap like Doctor-fucking-Who to their heart's content and then wonder why nobody's paying for a TV licence.
Surely those sort of decisions first need a case where - despite all efforts to the contrary - there's something that can't be done as easily any other way as it could if you moved to a new C++ standard.
That's my biggest problem with most of these standards - quite what they add is hard to define, especially when the problems you point out are taken into account. Is there really anything in such a standard that couldn't be replicated by the programmers quite easily enough (or close enough), and would actually save more effort that it would take to create?
Until you find a use case that is advantageous for the exact type of things you do everyday (and which you cannot replicate simply via alternate methods), it's probably best to stay where you are.
Don't see any difference between this and just about any other Internet or mail-order companies.
"Allow 28 days for delivery", ffs, let alone when there's a complaint. Just spent SIX MONTHS waiting for my own car insurance company to acknowledge a single letter of dispute, and I was sending them registered post and threatening court action and STILL they couldn't even be bothered to say "We got your letter. We're looking into this." And, no, they don't have a phone number where anyone on the other end can even BEGIN to deal with things like this.
A company in the US that sells digital video games in the THOUSANDS so gets every technical support problem known to man for things that aren't even their code? I can live with a slow response.
And return policy? It's digital content - I've yet to see any decent policy on such things.
But if you don't like Steam, stay away from it. Less customers like yourself is less hassle for them to deal with. Personally, I've been there since day one and have IMMENSE customer service requirements for the companies that I deign to deal with. But Steam win on the very first item - try your best to ensure that I never need it. Haven't once had to contact them for anything, because I read up and knew what I was buying before I even put a credit card number anywhere near it.
You're talking about what we have now. Most people on the planet do not have a 3D printer. Most have never even SEEN one or know they exist, in fact.
What the article is talking about is the potential.
You can print shapes now, today. You can print kit-form working 3D models that move (the BBC show QI featured one nearly 5 years ago). You've been able to print circuit boards for a long time. If you've not known, you can get pens that lay down / repair copper circuits quite commonly, and we've had plotters for decades.
It's a question of what happens when the combination, when all of what we have available, now, today, is put together into a single consumer device that anyone can buy. And there, 3D printing an MP3 player is not really that hard to imagine. Hell, with FPGA's we are basically "downloading" complex and powerful integrated circuits. There are 3D printers that can lay down multiple materials, including metals.
It wouldn't take a great leap to get a machine that can print an object with integrated copper lines, then pluck an FPGA from a box, program it, and insert it at the relevant point deep inside a plastic model, and then carry on producing the rest of the item.
A 3D-printed MP3 player? We could do it today, with what we have today, if we could be bothered. We do it almost every day, but call it mass-production. The article is really about what happens when that kind of mass-production capability is at home. And then it IS a case of downloading a ZIP with a few 3DS models in it, an FGPA core, and letting the right device loose on it.
I have to agree in part - I'm very, very, very averse to "pre-orders" of any kind, especially speculative pre-orders.
That said, a careful person can get a lot of success out of Kickstarter. The Defense Grid 2 kickstarter? I got more hardware and software out of that than my money was worth within weeks and the game I invested in is definitely being built and yet I'm already "in profit" on what I invested.
I also supported a project set around a guy making a pack of gaming cards. I have them in my hands, and a bonus app on my phone, and a pretty presentation book with games, and a little felt pack to hold them in. I never expected 90% of that even KNOWING what I was investing in, but the guy behind it delivered, and delivered enormously.
It's not "kickstarter" that should be distrusted. It's investment. If it's not your thing, and you're a bad judge of what projects to invest in, then, no, it won't be good for you. I've seen enormous amounts of money thrown away on junk on Kickstarter - big names make no difference, grandiose ideas make no difference, planning and management make no difference. You have to just think to yourself "Who is this person? Can they deliver? Will it be worth THEM delivering?" - you're investing in the people, not the product, or even the execution.
As such, there are plenty of worthwhile things on Kickstarter and I think it's huge sections on indie music, dance projects, art projects etc. are a fabulous idea. But I've never invested in something that I didn't believe would pan out - I checked the HISTORY of the people and my trust in them more than anything to do with the product.
If you invest in a random project because it's something you want, then you might as well buy anything on QVC that "sounds good". The fact that it might turn out to be utter shite that cons you with fancy words and impossible promises is something that you shouldn't even need to be told to factor into your decision.
You are confusing propulsion with power (i.e. we can talk to it).
http://www.bbc.co.uk/news/science-environment-24026153
Plutonium power on board, expected to last a few years at best.
Otherwise, yes, it's an object in space moving and will continue to move until something stops it. Not much use when it stops talking back, though.
I'd rather hear something about NASA work every day than the shit that graces my news channels.
Voyager is nuclear.
It has about 10 years of power left.
Everything is going the same way.
My father was a mechanic for lorry fleets for decades. He's moved onto delivery driver because there's just not enough "mechanic" work for lorry fleets any more and what there is is centrally managed. Most things are modular and just swapping out kit for a new one.
I work in IT, it's pretty much the same. I was shocked the other day to find a laptop keyboard of a particular model for only £10 on Amazon to repair someone's laptop for them. Every other time I've checked, it's cheaper to buy either an entire second-hand laptop of the same model or a new laptop than to faff about with components. And the other components that are modular (drives, RAM, etc.) are just rip-them-out-and-try-another. Mostly the things that break are plastics that are unique to each model and things like that. By the time you find the right part, or could even 3D print a replacement, and find someone to fit it, it's cheaper to throw it in the bin.
Phones are the same. I wouldn't even bother to take my phone apart, or my sat-nav, or just about anything electrical any more. Throw it away, buy a new one. If I was REALLY desperate for money, I'd pop it open and bodge something temporarily but still be on the lookout for a new one rather than trying to formalise the repair.
Repairs are going the way of the dodo. In a way, it's a loss of the craftsmenship in many industries, but additionally it's the logical choice. It's often cheaper to buy another example of a mass-produced item than to try to apply anything beyond the most simple of repairs to a broken one. I doubt even those companies that take back broken laptops on warranty etc. even bother to recondition them any more. There was a time when that would be profitable but it's a long while since I've seen reconditioned machines as prevalent as they used to be.
Go walk through your house. If your window glass breaks, yeah, you might call a glazier to JUST change the glass. But with double-glazing, anything specialist, films, leading, anything out-of-the-ordinary, you're probably better off just buying a new one. Your car. Your kitchen appliances (ever tried to repair a fridge?). Just about everything.
Back when this stuff was new technology and ridiculously expensive, you *would* get amateurs crack open a TV set and have a go because it was so god-damn expensive and the technology quite understandable that you stood a good chance of making things right. Nowadays, the tech is cheap, the warranties are long, the repairs are hard and the parts are impossible to come by. Even the companies that sell the machines and are called out on warranty repairs don't try to fix them half the time. It's just too wasteful.
I'm an IT Manager. I can't remember the last time I had to actually open a machine and play with expansion cards. Upgrading RAM is a once-in-a-PC's-lifetime event, if at all (with a 2-year replacement cycle, I haven't done it in nearly 8 years, I think). Drives and other components are modular and there's rarely a need to change them (the average "gamer" probably does 10 times more tinkering in the inside of a machine than myself with dozens of machines running a business).
It's all cheap commodity hardware now and is far beyond expansion or tinkering. Hell, I have at least five devices that have ARM chipsets at 800MHz+ running Linux on them, just in the pile of junk that I don't use any more (satnavs, old phones, old handheld consoles, old ebook readers etc.).
The time to cable a telephone isn't even worth it anymore. Stick some Cat6 in and get a VOIP phone.
It's an emotional loss, yes, but it's a completely, utterly, logical one. Nobody NEEDS to know how to repair this stuff. We just need to know how to make it, and make it cheap enough that it doesn't matter.
I always just assumed such things were good sense.
For years people fretted over WEP and then WPA being cracked. At no time was I affected. Sure, I bumped up my wireless to use the new systems, but all the time I was using OpenVPN and other software over the link anyway.
That thing broadcasts through the air - no way I'm trusting a single protocol, and once WEP was dead (and so badly), I certainly never trusted WPA that much either. When that was weakened, WPA2 looked shaky too. But I always had a second layer, and my usage of systems was never affected - there is basically zero overhead on a modern machine of having something like OpenVPN connect automatically over your wireless, even for gaming.
My servers run SSH2, sure, but the same again. I don't expose the ports and only certain things get access anyway. When you can get to an SSH port, you're looking at key-based authentication with passphrases (not made on the target machine). Bam, saved myself from a ton of port spam, plus all the Debian weak-key shite, plus the problem of my remote server being compromised someone and compromising keys that were generated on it.
It's a little paranoid, I have to admit, but when that slight paranoia - borne mainly of a desire to understand how these things work and then, when you have a working system, carrying it on throughout your use of that system - was justified, it becomes a reinforced habit.
And when you have things like VPN daemons running at lower privilege and the only escalation to root being through SSH2 keys over that VPN (and not any other way), then you have a double-protection against things.
Compromise of any one only gets you so far - a limited user account which can only SSH which a key you don't have, or authentication access to something which you can't VPN to anyway. It's not invincibility, but I assumed most of the Slashdot crowd would be doing similar things, just out of the same basic principle - experimentation, self-teaching, applying the same principles that we should to our work, and distrust (not of people like the NSA, but just that a protocol would eventually have a flaw discovered in it, and getting yourself twice the lifetime out of such systems).
It's also the reason I've never touched PPTP or IPSEC. Nothing to do with the NSA or GCHQ. I just never trusted their messes as one is now completely compromised and the other was always balancing on a knife-edge anyway.
Do people honestly NOT have this sort of double-layer protection? I mean, it won't stop GCHQ taking an interest in me, or asking my server host to butt in, but it stops things like simple compromises from ANY source walking straight into systems that they detect are running vulnerable software.
"However, implying that the fat people have less efficient digestive systems implies that somehow people are getting fat while extracting less from their food. Well... how did they get fat then?"
Think of the word "efficiency". The useful energy they get from their food is less than the thin people. Thus, there is a lot more "waste" - both fecal waste and unwanted things making it into the body but NOT being used for energy (e.g. fat).
It's not that they aren't eating the same things - it's that the thin people are able to digest smaller amounts of food to extract the same energy and thus avoid the by-products. In modern food, there's an awful lot of unnecessary fat. If you are processing that directly into energy, or not eating it, then you aren't storing it. If you aren't, then you're storing it as fat and therefore also need to eat more to get the same energy back. Which you also store as fat. And so on.
If you were suddenly thrown back into the stone age and/or trapped on a desert island, what you want is to have a gut that turns most of what you eat into energy (fat is not energy, except indirectly and at a later date, and at great cost - else fat people would be able to run marathons with their energy stores) with almost no waste. Efficient.
About the only advantage of fat storage is heat insulation (e.g. being thrown into an ice age / mountain environment), but that's actually not as good as just being able to get more energy out of the food you DO eat (because then you eat less, so your food store lasts longer, and you generate more internal body heat from it). You do lose lots of weight very quickly if you go to the Arctic, and it's something we've only been able to do very recently because of the available clothing and shelter and most importantly high-energy foods. Do if you look at the people going there or living there, they are NOT obese.
Fat is not a directly useful energy store. So in terms of efficiency, generating fat is a waste. It's what your body does only in the presence of excess nutrients that it can't process and serves little useful purpose because, archaeologically, we never had exposure to, nor a need, for that much energy in our food. It's basically an overload of a system that has never been able to get that amount of energy for a sustained time historically. Fat helps a little if you have a single binge (e.g. killing a large animal) followed by a fast and the food would otherwise go off, but it's not a good use of the energy otherwise.
Efficiency is quite important, both in antiquity and modern days. If you can eat less now and get the same energy from it, your food stores last longer, and you need to "hunt" less, which gives you time to do other things. And let's not get into the efficiency of trying to "hunt" or "forage" with fat stores that are classed as obese.
I haven't rented a DVD in my life. I once went with a schoolfriend and he rented a VHS. That's as close as I get.
I haven't been to a cinema in years. Nearly a decade. And before that, my cinema trips are minimal. I have been to the cinema more times in the US than I have been in the UK town I lived in for 20 years. I have been to the US - once. For a week.
My personal contribution to anything Hollywood is so small as to be infinitesimal. But, I realise that I'm an outlier here.
The problem is that democracy, in and of itself, is not as democratic as the word suggests. I cannot vote for myself. I cannot vote for you (unless you live in my country, maybe even my locality, and pay an awful lot of money and your time to register yourself as a candidate), I cannot vote for anyone that I have ever personally met and had a drink with. This, I have an issue with that extends beyond anything else.
However, I agree that the alternatives are no more appetising - yet I would argue that democracy in its current form is not "more appetising" than any other form of government. They all suffer the same basic problems, when you look deeply enough. Claiming that somehow democracy is a superior form of government is a claim that can only invite argument and comparisons - if I can't vote for who I want, even myself, does that make it a democracy? Or are we back to the "chosen few" model again already, in one simple swoop of the associated administrative issues of everyone being able to vote for anyone else?
(For example, would writing down an ID number of an individual that you WANT to vote for, instead of a box-ticking exercise, not be as simple as - and more fair - than ticking between half-a-dozen people you've never met and who obviously WANT a career in politics for some reason? Then the big-name people could publish their ID numbers and get people to write them on the ballot, and I could vote for me, or my friend Jack, too. I'd still "lose" the vote, of course, probably to a celebrity, but it would have some semblance of democracy about it).
However you cut it, the vast majority of people did not put any government in charge of them into power freely, nor would ever agree with all their policies. That is the inherent problem.
The problem HERE is that the US government, with aid from allies admittedly, has broken what was an international effort and network. And people are trying to say that "we" voted them in - no, we didn't. I have absolutely NO control whatsoever over that. And that's the most worrying part. If Russia, to pluck a country at random, was to have done the same to the US, and be the first revealed to have done so, and did so in contravention of its own and international laws, would we be having the discussion, or would my country now be in the middle of another battle?
The Internet wasn't the US's to break. Parts of it might have originated there (but not even the majority of it), but it has never owned it. But now "we" (collectively engineers and other people of the world) have to fix it. There's a very common mistake of thinking that the US is the only part of the world with an opinion, or which might want to do things its own way.
And so the goal is to bring the "inter" back into the Internet once more. Let the US do what it wants. Because when the rest of the world is only passing and can only be interacted with, using fully-encrypted traffic, their spying efforts get exactly what the outcome they brought upon themselves - more work, and less results.
What compromised foundation? A compiler that you can suck out and replace in a second with any of the alternatives?
Your *CODE* doesn't corrupt when you compile with a rogue compiler (that's what source management is for), only the base binary built from it.
The point is not to assume that your compiler is safe, but to work in a way that - WITH A SAFE COMPILER - your code is fine. Other people will be working with different compilers and - AGAIN - by comparing outputs of different compilers you can work on the assumption that they are not ALL compromised and so anything you use to code is fine. The step of later finding that GCC is malicious is a matter of replacing compiler and recompiling, not corrupting every line of code you've written in the meantime.
But losing YEARS of effort because you can't write a single line of code until you've audited GCC is insanity.
America is not the world. I'm from the UK.
I didn't elect any of your governments. Or even my own, come to that.
Even if I had have voted, I could not have voted for/against certain provisions, so my vote means nothing in terms of individual actions by the government. We still went to war despite most people who voted the parties in not agreeing with it (and look likely to do so again soon).
My commercial choices don't "make" Hollywood, or other people, anything. People are dumb now, have been in the future, and always will be. Most of the "most popular" shows / movies, I've never seen in my life.
And, yes, everything "we" do is fucked up. That's why it takes the few who SEE that to come along and fix it - for themselves at first, and others later.
I don't get how you then jump to the last paragraph of your comment. His suggestion is actually pretty smart, fairly dangerous to assert in the current climate, and a call-to-peaceful-arms to regain freedoms we had, lost, the Internet returned, and we've lost again.
All he really wants is a secure Internet. How can you break that down to be a "bad" thing that's not practically relevant? I've been arguing that the same would happen for years, it's just taken discovery of major government tampering to make it happen.
A secure Internet? Boy, I'd pay to have one now. Trouble is, Tor is SSSSLLLOOOWWW, and not that secure (because eventually it has to talk to insecure sites for anything "popular"), private darknets are frowned-upon and limited in scope, and the public Internet is largely unencrypted unless we're about to put in a credit-card number (where our transactions are then once-again trackable).
Personal privacy is something that the governments of the world do not want us to have, but cannot give anywhere near a reasonable explanation why. As such, it's something I'd like to have. And that comes about by engineers, the same type as those who designed a network that anyone can join, anyone can talk to anyone else, and anyone can extend and expand without government authorisation, building such a thing.
I'm pretty sure I have a comment on here from my first few posts, back pre-2000-ish) that says pretty much exactly what's happened - governments will overstep the mark, we'll all go into a much more secure mode (no more plain text emails whizzing around email servers), and eventually it will be impossible to track or trace anything even though the actual communication is inherently public - even someone ordering groceries.
Though it is well worthy of investigation, I don't see that it's a prerequisite.
If your source code has all been compiled with a malicious compiler, but otherwise represents the bulk of your work, it doesn't take much to recompile it with another compiler later on. The problem can be fixed retroactively, and only prior binaries suffer the problems.
Additionally, auditing GCC would take years (and is, and has, been done by quite a few people), and the "double-compiler" trick pretty much rules out rogue interpretations that weren't in the source sneaking their way into the binary.
So, although important, the problem is fixable, and we can plough on with everything else first, rather than wait for the results of some lengthy GCC audit.
To be honest, more useful would be to implement double-compilation checking into the build system and then build with EVERY compiler and spot any differences. I think you'll find quite a lot of distros already do that, just to be sure (more from clever malware than some state-sponsored effort). Rather than relying on one compiler, get ALL the compilers involved, rogue or not, and spot the ones that do something different to all the rest.
So, no, they must NOT start with that. They should do that alongside everything else. And shout the second they see something suspicious. Unless you are compiling from source yourself, you're already trusting the person who builds the binaries and those distributing them not to play with SHA1 hashes, etc. that they confirm to the source they say they do.
Finding out later down the road that GCC is compromised isn't such a big deal in the scope of such a project (but obviously very serious elsewhere) - just recompile with something else, mark all previous binaries as untrusted and off you go. And in the meantime, the double-compile trick will let you know if any one particular compiler is doing ANYTHING it shouldn't anyway.
Waiting 10+ years for an audit of GCC is not unrealistic, but completely impractical to be something that acts as a prerequisite to anything else.
In terms of video games:
Every single project started by a person "with a great idea", and who won't tell anyone else, that I've ever seen, came to nothing. Hell, I was dragged into a few being a "programmer" when I was younger and it usually revolved around some crap idea that hadn't been tested or even defined to the point you could start implementing it.
Every single project that was successful was successful LONG before it got to the point that other people thought about stealing its code. It got those people coming BECAUSE they thought it was a good idea and worth copying etc., but still they had YEARS of head-start on any cloner coming along.
Ideasmen are cheap. A coder who can turn it into reality is much rarer. And that coder will probably make a better ideasman than anyone else.