That works, too. OpenSSL took the route of using the macro names everywhere (calling them BIO_*), which kind of makes sense because printf wouldn't necessarily have the behavior documented in a contributor's printf(3) man page. That could be a whole 'nother world of hurt.
I've done code that works on multiple platforms. It used to be really, really gnarly: everything platform was always just a little bit different. And you get code that looks just like what I've seen in the snarky comments.
No, you don't. If you have a broken printf on a platform, you write code like:
#ifdef BROKEN_PRINTF int GOOD_printf(...) { /* Work around the breakage */ } #else #define GOOD_printf printf #endif
GOOD_printf("Hello, world!\n");
so that you've encapsulated the damage to one place in your codebase. You don't sprinkle #ifdef BROKEN_PRINTF a thousand different places in 20 modules if you don't want to go insane trying to keep track of it.
The OpenSSL devs aren't getting grief for writing complex code. They're getting grief for writing unnecessarily complex code by an order of magnitude, and they've earned every bit of it.
In the Navy, you never qualify an officer's rank unless describing them officially. A Lieutenant, JG is addressed as "Lieutenant". Lieutenant Commander Smith is simply "Commander Smith". And ${anything} Admiral Jones is just "Admiral Jones". It was impolitic to remind an officer that they were the low-rent version of the "full" version of their rank.
Those are all perfectly legitimate points that have never affected me in any way (iPad Mini 1st gen, 32GB, Wi-Fi). With iTunes Match, my several thousands of MP3s are available in iTunes all the time. My documents are in iCloud and I don't have to store them all locally. And the flipside to "having" to buy apps (which you don't really) is that you can buy apps because developers are actually supporting it. I mean, I know I'm drinking the kool aid and all but it sure is tasty.
You have your preferences, but they're just that: preferences. You like the fact that you can use SD cards and USB drives to expand your tablet; I like that I've never wanted to. Summary: there are no better tablets out there for me for my money.
But their "JUST an OpenBSD implementation"s seem to be imminently portable to other platforms with minimal work. See OpenSSH as perhaps the shining example of this. If I were porting code to a new platform, I'd rather start with something from the OpenBSD guys than just about anyone else. That's why I donated to the project this morning.
When I step on my scale, it tells me if I need to carry an umbrella today (based on the weather forecast it downloaded). Then it sends my weight etc. to my iPhone where it's merged with information from my fitness wristband and my diet tracker. Based on that, I get suggestions like "you've been going to bed a little later than usual. You should catch up." or "drink more water today" or "try to walk this much further than you did yesterday".
One thing I haven't heard discussed is whether affected companies should be notifying their end users about whether they were affected and when it was fixed. I haven't heard from my bank, for example. Where they ever vulnerable? Should I update my password? If they were vulnerable, is it fixed now or would I just be handing an attacker my new password if I were to reset it today?
I wrote up a proposal called Heartbleed headers for communicating this information to site visitors. While I'd like it if everyone picked my idea as the new standard way for doing this, I just wish admins would start using something. We're so close to having a browser plugin be able to tell you "you need to update your password on this site" as you browse. How nice would that be?
So... the business made a stupid decision, and when they realised the error of their ways, rather than trying to reach agreement on the best way forward, you delighted in rubbing their noses in it, using processes designed to protect you to hurt your employing organization instead.
One of the most important pieces of career advice I've received is to make sure that people who cause pain feel the pain. It is not my job to be a whipping boy who suffers for every bad decision I tried to warn someone about. If management insists that I do something really goofy, then they should not be spared from the consequences of their plans. Insulating them only enables them to keep making bad choices and inflicting them on codependent organizations.
You say "rubbing their nose in it". I say "making sure decision makers understand the results of those decisions".
Performance from the WD Black scaled from 66 IOPS at 2T/2Q to 86 IOPS at 16T/16Q, versus the 7K4000 which scaled from 82 IOPS to 102 IOPS.
So assuming IOPS scales linearly with heads (they don't), you'd need about 1,000 heads to get similar random access performance out of HDDs as one SSD.
There's a reason everyone's migrating to SSDs for anything remotely IO related.
I'm not saying this is the "right" or "best" solution, but...
I taught my son to punch hard and aim for the nose: "if you miss, you'll get his mouth or cheek or eye and it'll still hurt". I also explained that if the bully hit, slapped, tripped, or otherwise battered him, that my son was to lay him out. "What if I get in trouble?", he asked. "You let me handle that part", I replied. We had to play-act it a few times because my boy kept wanting to say something first, like "if you touch me again I'll hit you in the nose!" No. You've already warned him before and he kept it up. Don't talk: act.
Cut to a week later when the teacher was waiting for me when I went to get my son from school. "He hit another kid today." "Was it so-and-so?" "Yes." "Good. I told him to." The teacher looked around, leaned in and confessed: "someone needed to belt that little asshole."
The bullying ended that day. My boy stopped coming home with torn clothes, scratches, and bruises. My son got an enormous confidence boost and hasn't had a problem with other little thugs since then.
Violence is not the solution to all problems, but damned if it can't fix some.
... so much of the internet depends on for security just one reviewer for a commit seems way way way too little, honestly checking anything into openssl (or gnutls) should be at least a 4-step approval process (submitter -> mantainer for that area -> overall library mantainer -> security officer), for any code that includes buffers/malloc especially if related to user supplied data the final security review should be a panel.
Plus three extra steps: compiles without warnings, passes Valgrind, and makes it through an intensive test suite.
Follow the proposed specification at http://heartbleedheader.com to tell your users when you've patched your servers. This eliminates the guessing: "is it OK to update my password now? Do I even need to? Can I trust that I'm not being MITMed with their old SSL key that an attacker stole?" It's bad enough using the tools at hand to detect that information from a single site, let alone the hundreds you might have in your password manager.
"Obviously, the first performance enhancement you do on any computer you own is max out the RAM"
I don't think it's that unreasonable. My MacBook has two RAM slots. 8GB of RAM from Newegg is about $80 and 16GB is about $150. Given that you can't start with 8 and then later add more - you have to replace what's already there - I tend to go with 16GB right from the start. If it saves me an hour of grief over the course of the three years I'll be using it, then it's more than paid for itself.
...or programming, like a huge chunk of the Slashdot community. A text editor and a few terminal windows don't chew through RAM, granted, but I've never had so much memory that a compiler didn't wish it had more. I'm also running a lot of local daemons (RabbitMQ, Cassandra, Mongo, Redis, etc.) so that I can run a full test suite without Internet access and all of those want their pound of flesh.
My company laptop has 8GB of RAM. The fact that swap is on an SSD is the only thing that makes it a comfortable development environment.
There is a difference between a risky endeavour and certain death.
Not really. There are some fields of endeavor that are incredibly, inherently, irreducibly dangerous. Space travel is one of them. There's not much of a gap between, say, a 25% chance of fiery or icy death and a 100% one. It's certainly not the same as the difference between driving to work and taking flight in a space shuttle.
Instinctively, we accept risk of death when the reward justifies it. Being a successful astronaut is rewarding - in terms of prestige if nothing else.
Have you ever listened to an astronaut? To a person, they'd all return to space in a heartbeat if asked. Their motivations have very little to do with personal prestige - they just want to return to the stars.
A compelling scientific mission that will add to human knowledge is arguably more rewarding for civilization, but not for the individual who dies, and the reward is too abstract for our instinctive response.
There's no place for instinctive response here. My instincts are that climbing into a tin foil capsule on top of a fuel tank filled with 5 million pounds of kerosene and LOX is insane. And yet people have worked out the risk-reward calculations and decided that hey, this is a good thing we should do.
Plus it's not obvious that there is a lot that live astronauts can do that do that robots can't.
Well, other than collect data on the effects of deep space travel on human physiology, and the ever-present "anything a robot hasn't been specifically designed to do".
Simply 'being first' will not be a compelling reason for others to enable suicide, or be left to watch it helplessly from a distance.
Then use any of the other millions of reasons why human space travel is something we need to start figuring out and practicing.
The hell you can't. What that's saying is "we refuse to honor the wishes of educated, rational adults to make decisions we wouldn't". I guarantee that all of the Mercury astronauts knew there was a good chance they were going to die during each mission. They knew the failure modes, the risks, the potential ways they might get splattered across our planet in fiery ashes. And they still wanted to go! I cannot understand how it could possibly be unethical to explain the dangers and still give candidates the right to say, "yeah, I know I'm not coming back. For personal pride, for adventure, for my country, and for humanity I choose to go anyway. Now step aside and light this candle."
My Apple Wireless Keyboard is almost identical to a Model M: the keys are in the same basic arrangement, they're squarish, each key's label contrasts with the plastic of the key itself, and they have many of the same non-alphanumeric keys (shift, delete, etc.). They are clearly infringing.
There are only so many ways you can make the thing and still have it usable by people who've practiced on others with similar features. In short: form follows function. This seems utterly obvious and doomed to be smacked down.
I think it'll reach the same level of "settled" as interracial marriage. A few holdouts will still bitch about it or turn up their noses, but everyone else will wonder what the big deal was about and get on with their own lives.
It could be argued, yes, but down that path lies madness: "my boss campaigned heavily for Obama. I don't believe he will treat me, an open Republican, fairly."
Again, I disagree with Eich. I'm am not defending his (to me) awful opinions. But I've known plenty of people with shitty opinions who nonetheless treated those around them with dignity and respect. If he acts on his beliefs, then it's time to react.
Slashdot Mirror
That works, too. OpenSSL took the route of using the macro names everywhere (calling them BIO_*), which kind of makes sense because printf wouldn't necessarily have the behavior documented in a contributor's printf(3) man page. That could be a whole 'nother world of hurt.
I've done code that works on multiple platforms. It used to be really, really gnarly: everything platform was always just a little bit different. And you get code that looks just like what I've seen in the snarky comments.
No, you don't. If you have a broken printf on a platform, you write code like:
so that you've encapsulated the damage to one place in your codebase. You don't sprinkle #ifdef BROKEN_PRINTF a thousand different places in 20 modules if you don't want to go insane trying to keep track of it.
The OpenSSL devs aren't getting grief for writing complex code. They're getting grief for writing unnecessarily complex code by an order of magnitude, and they've earned every bit of it.
"Bing, the discount search engine!"
In the Navy, you never qualify an officer's rank unless describing them officially. A Lieutenant, JG is addressed as "Lieutenant". Lieutenant Commander Smith is simply "Commander Smith". And ${anything} Admiral Jones is just "Admiral Jones". It was impolitic to remind an officer that they were the low-rent version of the "full" version of their rank.
Those are all perfectly legitimate points that have never affected me in any way (iPad Mini 1st gen, 32GB, Wi-Fi). With iTunes Match, my several thousands of MP3s are available in iTunes all the time. My documents are in iCloud and I don't have to store them all locally. And the flipside to "having" to buy apps (which you don't really) is that you can buy apps because developers are actually supporting it. I mean, I know I'm drinking the kool aid and all but it sure is tasty.
You have your preferences, but they're just that: preferences. You like the fact that you can use SD cards and USB drives to expand your tablet; I like that I've never wanted to. Summary: there are no better tablets out there for me for my money.
But their "JUST an OpenBSD implementation"s seem to be imminently portable to other platforms with minimal work. See OpenSSH as perhaps the shining example of this. If I were porting code to a new platform, I'd rather start with something from the OpenBSD guys than just about anyone else. That's why I donated to the project this morning.
When I step on my scale, it tells me if I need to carry an umbrella today (based on the weather forecast it downloaded). Then it sends my weight etc. to my iPhone where it's merged with information from my fitness wristband and my diet tracker. Based on that, I get suggestions like "you've been going to bed a little later than usual. You should catch up." or "drink more water today" or "try to walk this much further than you did yesterday".
I think that's not so shabby.
One thing I haven't heard discussed is whether affected companies should be notifying their end users about whether they were affected and when it was fixed. I haven't heard from my bank, for example. Where they ever vulnerable? Should I update my password? If they were vulnerable, is it fixed now or would I just be handing an attacker my new password if I were to reset it today?
I wrote up a proposal called Heartbleed headers for communicating this information to site visitors. While I'd like it if everyone picked my idea as the new standard way for doing this, I just wish admins would start using something. We're so close to having a browser plugin be able to tell you "you need to update your password on this site" as you browse. How nice would that be?
So... the business made a stupid decision, and when they realised the error of their ways, rather than trying to reach agreement on the best way forward, you delighted in rubbing their noses in it, using processes designed to protect you to hurt your employing organization instead.
One of the most important pieces of career advice I've received is to make sure that people who cause pain feel the pain. It is not my job to be a whipping boy who suffers for every bad decision I tried to warn someone about. If management insists that I do something really goofy, then they should not be spared from the consequences of their plans. Insulating them only enables them to keep making bad choices and inflicting them on codependent organizations.
You say "rubbing their nose in it". I say "making sure decision makers understand the results of those decisions".
And having succeeded, they continue to use those same computers to this day.
From a review of the Samsung 840 EVO 1TB SSD I just stuck in my MacBook Pro:
From the same site reviewing a WD Black 4TB HDD:
Performance from the WD Black scaled from 66 IOPS at 2T/2Q to 86 IOPS at 16T/16Q, versus the 7K4000 which scaled from 82 IOPS to 102 IOPS.
So assuming IOPS scales linearly with heads (they don't), you'd need about 1,000 heads to get similar random access performance out of HDDs as one SSD.
There's a reason everyone's migrating to SSDs for anything remotely IO related.
You're a good dad. Thank you.
I'm not saying this is the "right" or "best" solution, but...
I taught my son to punch hard and aim for the nose: "if you miss, you'll get his mouth or cheek or eye and it'll still hurt". I also explained that if the bully hit, slapped, tripped, or otherwise battered him, that my son was to lay him out. "What if I get in trouble?", he asked. "You let me handle that part", I replied. We had to play-act it a few times because my boy kept wanting to say something first, like "if you touch me again I'll hit you in the nose!" No. You've already warned him before and he kept it up. Don't talk: act.
Cut to a week later when the teacher was waiting for me when I went to get my son from school. "He hit another kid today." "Was it so-and-so?" "Yes." "Good. I told him to." The teacher looked around, leaned in and confessed: "someone needed to belt that little asshole."
The bullying ended that day. My boy stopped coming home with torn clothes, scratches, and bruises. My son got an enormous confidence boost and hasn't had a problem with other little thugs since then.
Violence is not the solution to all problems, but damned if it can't fix some.
... so much of the internet depends on for security just one reviewer for a commit seems way way way too little, honestly checking anything into openssl (or gnutls) should be at least a 4-step approval process (submitter -> mantainer for that area -> overall library mantainer -> security officer), for any code that includes buffers/malloc especially if related to user supplied data the final security review should be a panel.
Plus three extra steps: compiles without warnings, passes Valgrind, and makes it through an intensive test suite.
Follow the proposed specification at http://heartbleedheader.com to tell your users when you've patched your servers. This eliminates the guessing: "is it OK to update my password now? Do I even need to? Can I trust that I'm not being MITMed with their old SSL key that an attacker stole?" It's bad enough using the tools at hand to detect that information from a single site, let alone the hundreds you might have in your password manager.
"Obviously, the first performance enhancement you do on any computer you own is max out the RAM"
I don't think it's that unreasonable. My MacBook has two RAM slots. 8GB of RAM from Newegg is about $80 and 16GB is about $150. Given that you can't start with 8 and then later add more - you have to replace what's already there - I tend to go with 16GB right from the start. If it saves me an hour of grief over the course of the three years I'll be using it, then it's more than paid for itself.
16GB is basically video editing only.
...or programming, like a huge chunk of the Slashdot community. A text editor and a few terminal windows don't chew through RAM, granted, but I've never had so much memory that a compiler didn't wish it had more. I'm also running a lot of local daemons (RabbitMQ, Cassandra, Mongo, Redis, etc.) so that I can run a full test suite without Internet access and all of those want their pound of flesh.
My company laptop has 8GB of RAM. The fact that swap is on an SSD is the only thing that makes it a comfortable development environment.
There is a difference between a risky endeavour and certain death.
Not really. There are some fields of endeavor that are incredibly, inherently, irreducibly dangerous. Space travel is one of them. There's not much of a gap between, say, a 25% chance of fiery or icy death and a 100% one. It's certainly not the same as the difference between driving to work and taking flight in a space shuttle.
Instinctively, we accept risk of death when the reward justifies it. Being a successful astronaut is rewarding - in terms of prestige if nothing else.
Have you ever listened to an astronaut? To a person, they'd all return to space in a heartbeat if asked. Their motivations have very little to do with personal prestige - they just want to return to the stars.
A compelling scientific mission that will add to human knowledge is arguably more rewarding for civilization, but not for the individual who dies, and the reward is too abstract for our instinctive response.
There's no place for instinctive response here. My instincts are that climbing into a tin foil capsule on top of a fuel tank filled with 5 million pounds of kerosene and LOX is insane. And yet people have worked out the risk-reward calculations and decided that hey, this is a good thing we should do.
Plus it's not obvious that there is a lot that live astronauts can do that do that robots can't.
Well, other than collect data on the effects of deep space travel on human physiology, and the ever-present "anything a robot hasn't been specifically designed to do".
Simply 'being first' will not be a compelling reason for others to enable suicide, or be left to watch it helplessly from a distance.
Then use any of the other millions of reasons why human space travel is something we need to start figuring out and practicing.
The hell you can't. What that's saying is "we refuse to honor the wishes of educated, rational adults to make decisions we wouldn't". I guarantee that all of the Mercury astronauts knew there was a good chance they were going to die during each mission. They knew the failure modes, the risks, the potential ways they might get splattered across our planet in fiery ashes. And they still wanted to go! I cannot understand how it could possibly be unethical to explain the dangers and still give candidates the right to say, "yeah, I know I'm not coming back. For personal pride, for adventure, for my country, and for humanity I choose to go anyway. Now step aside and light this candle."
I'm thinking the submitter is so busy submitting articles that he doesn't have time to read them, or even to comment on anything else.
I'd always thought MySQL was NoSQL to begin with. "Datatypes? Integrity? What geezer wants those! LOL! We're webscale!"
(I love NoSQL DBs like Cassandra for the right applications. I haven't ever found an application for which I'd love MySQL.)
My Apple Wireless Keyboard is almost identical to a Model M: the keys are in the same basic arrangement, they're squarish, each key's label contrasts with the plastic of the key itself, and they have many of the same non-alphanumeric keys (shift, delete, etc.). They are clearly infringing.
There are only so many ways you can make the thing and still have it usable by people who've practiced on others with similar features. In short: form follows function. This seems utterly obvious and doomed to be smacked down.
I think it'll reach the same level of "settled" as interracial marriage. A few holdouts will still bitch about it or turn up their noses, but everyone else will wonder what the big deal was about and get on with their own lives.
According to the EEOC, that's not even remotely OK, even for private employers.
It could be argued, yes, but down that path lies madness: "my boss campaigned heavily for Obama. I don't believe he will treat me, an open Republican, fairly."
Again, I disagree with Eich. I'm am not defending his (to me) awful opinions. But I've known plenty of people with shitty opinions who nonetheless treated those around them with dignity and respect. If he acts on his beliefs, then it's time to react.