Self-reinforcing. Start with an empty 'related' database and a huge library of books. The first person browsing leaves a distinct fingerprint on the database, because the second person 'sees' the first's trail, and follows it. The joy of a traditional library is there is no path trod into the browsing experience, every discovery is fresh, no matter how many times it's been done before.
To get an idea of how it works out in practice, check out the completely bonkers amazon reccomendations for super-low-traffic items.
There's a lot behind this comment that is really important. Sure, you "can" do the same thing with an electronic view of recently returned books - but you have all sorts of crazy privacy implications. If you read on-site in a traditional library, you don't need a name associated with a book to browse the shelves and see what's related, you can anonymously put it in the returns without your identity ever being associated. And it's a lot more casual and discovery-oriented: A lot of times I would walk through a section dedicated to fiction, grab something at random and read a bit of it to see if I liked it. If I did, I might finish it there, or check it out. Automated delivery is very goal-oriented: I know I want THIS book, go fetch it for me and ignore everything else next to it. At best, it could have a 'related reading' list which rapidly becomes a self-reinforcing subset of the available books.
I think we should digitize everything - but keep traditional libraries traditional. Just don't fill an entire moon with books.
The thing is, with a modern design around the capabilites of video cards you have a much cleaner way of grabbing the individual window frabebuffers (textures? Not sure what they're called when compositing) and streaming them as an image remotely. You can couple that with some hints ("Scroll down 50 pixels") and get a very efficient network protocol - that the applications can safely ignore. As far as they're concerned, everything is happining locally, and they don't care that instead of getting scaled and wobbly they're being encoded and streamed across a lan. As long as you forward the same input events, what's the difference?
Not really. It's a much more painful to try to remote a browser vi X11 on a LAN than it is to VNC/RDP into windows. The main issue is that while bandwidth has improved greatly from the early days of X11 there's only so much you can do about latency, and nearly no apps are written to handle that network latency well. It's actually a much better idea to let them do all their tiny operations on a local framebuffer and stream the whole image as a big blob of pixels. Back when X11 was designed, it was basically unthinkable to throw pixel streams across the network, because bandwidth was such a scarse resource (even on a LAN, 10 MB shared collision domain? Ouch.). When your design constraints change so drastically it's only natural that the optimal solution is no longer the same.
Do you not know what escrow funding is? You get a percentage of the promised funds as you reach each milestone, with some portion being released immediately. It's not like a product where the escrow is held until you deliver.
First, since the main complaint against megaupload was they were doing data-deduplication, at what granularity do you need to dedupe before you become infringing? This is problematic because of #2: DMCA complaints lie. Like, the majority of the time. They keyword search and send takedown requests to files with names they don't like without ever seeing the content. So, if a service dedupes content like that all you need to do is upload something that's popular and name it "Britney Spears #1 hit poop" and get it DMCAd. Troll heaven. Third, their "Paying pirates" is a bald-faced lie. Putting up content you own and getting paid for it was a way to make money for independants of all stripes - modmakers, musicians, amateur directors, etc. The fact that some people made money with things they didn't own (And don't forget that takedowns were honored, dispite the misleading wording of the indictment.) doesn't change the fact that it had a massively non-infringing use. As for their "evidence", try to find one ISP where employees don't talk about using their bandwidth to download not-entirely-legit content. It's considered a job perk of a fat pipe.
Lastly, The MU takedown had the intended effect. Filesonic died early this morning as well. If you don't own your own hosting, good fucking luck sharing anything you've created with the world. There's a lot of minecraft mods that are just gone now, for instance.
Add the following URL to AddblockPlus (with http, not hxxp). hxxp://meta.wikimedia.org/w/index.php?title=Special:BannerLoader&banner=blackout*
Since you're needing this comment, you're already aware of SOPA and you want to use wikipedia today. Also, pass it on to anyone who complains. They're aware of SOPA and they get to learn about how they'll need to use obnoxious technological workarounds to legislative damage.
Also, today's a great day for creative wiki editing.
actually you picked a terrible example - Crysis 2 was written for consoles and ported to PC, which means it's didn't even support DX11 on release, and it certainly doesn't have a DX11 optimized workflow. The levels are smaller, more confined, the textures have to fit in console RAM, etc. You're not missing out on anything by not having a new card.
Ugh, don't say 'pixel perfect', I utterly despise pixel-perfect designs. What DPI? 100? 80? 120? 600 for print?
pixel-perfect designs that break when I set a minimum font size are obnoxious as hell, when I have to select text that flows under other elements and paste it somewhere to read it. Ugh. Seriously, don't even think about giving designers that kind of control until they've proven themselves able to design for something other than their own monitor.
Well, for one both the exploit and the detector are broken by default - it's looking for per_cpu__current_task for >=2.6.30 kernels and not every kernel has that - it's just 'current_task' on 2.6.36-rc4. Turn off that check and both the detector and exploit work. Ignoring the l33+, the important bits are the shellcode and any remnants of the exploit when run.
The exploit itself is trivial to understand - compat_alloc_user_space() didn't check the bounds, and one user didn't properly handle the checking first.
Here's the actual exploit: getsockopt(7, SOL_IP, MCAST_MSFILTER, 0x804b4a0, 0x804b8a8) = -1 EFAULT (Bad address) and a quick glance at net/compat.c shows that no check is made on optlen. The rest is just stack-trashing and shellcode, your basic exploit.
He asked when you could do the equivilant of rm/bin/rm - which you can't in windows. Although I'm not entirely sure that's a filesystem thing, it's a VFS layer thing where an open is an automatic exclusive read lock.
Which is why you get the ridiculous volume shadow copy bullshit and forced reboots to update anything.
I'm more interested in the soundstage with the wire-fu of people with circles painted on them dancing around. That looked like an interesting way to do a movie.
Assassin's Creed 2 on PC has a confirmed release date on Tuesday 09 March 2010. It is 1 days left until you can play Assassin's Creed 2 on your PC in the USA. View below for more Assassin's Creed 2 release date details.
For US gamers, it's not even out yet, so the only people playing in the US have illicit copies in one way or another.
So we should allow censorship because of your anecdotal evidence about your nephew-in-law? Thanks, but no thanks.
I flatly refuse to accept that what we watch does not affect us. Movies like Saw and Hostel simply cannot be psychologically inert, the content is just too potent.
Yeah, and I flatly believe that you're qualified to tie your own shoes, much less determine what other people can and cannot do.
I've always found that testing was simpler when you could outright reject so many bad usages of methods at compile-time.
Maybe you're testing the wrong thing?
First, why do you need to see what happens when you call a method the wrong way? Call it the right way.
Now, how do you know you're calling it the right way, if you don't have a compiler or IDE telling you so? Because you test the point at which you're calling it.
In other words, test the behavior you actually expect, which is more or less the same kinds of tests you'd do in a strictly-typed language anyway. Ignore types. If there's a type issue, it should throw an exception at some point during testing. If it doesn't, your tests aren't thorough enough and you're going to be bitten, sooner or later, by another, non-type-related issue.
See, that's the exact problem, I reject the concept of testing code via an audit of all it's callers. You can't test a future callsite when you write your code now, especially when it may be someone else doing it. Yes, you can throw a runtime error, but then the same guy who used your interface incorrectly ALSO has to handle an exception correctly, and you're asking a lot of a junior programmer doing piddly work. In a typed language, it's impossible to get a method you're not explicitly expecting (and can test for).
I'd honestly be happier without a lot of the boilerplate in C++ (and doubly so in java!), but at the same time I don't want someone accidentally sending an object representing the database table of employees to the network.Serialize() method because they used a CamelCase variable name instead of an lower_underscores somewhere. It gets doubly bad when it's in an unlikely error handler that they didn't test properly - I don't want the validity of MY code depending on someone else implementing their tests perfectly, that's the antithesis of encapsulation.
I guess the next question is, how much real work have you done in a dynamically-typed lanugage?
Mostly cleanup of other people's work. Most of my work is in systems or embedded level, and as you pointed out below, that's not something you can generally throw 10x the hardware at. I'm most fluent in the C-syntax languages (C, C++, Java, PHP which is... well, PHP), although I've hit a good chunk of the procedural languages over the years (Python, ruby, lisp being the big names).
Is sendmail.cf considered turing complete?:)
it's a serious PITA to hunt down every caller and see what types they can possibly call the broken method with.
Why would you want to? This is why I ask what work you've done -- I can't recall ever, in all the Ruby or Javascript work I've done, seeing a method called with the wrong type, or wondering what type a method should be (or is being) called with.
And I was doing crazier things than you seem to be suggesting -- in JavaScript, I can quite literally pull a method out of one object and insert it into another object, on the fly. Yet somehow, proper design meant I never had type issues.
It's probably because most of my work on dynamically typed languages are when someone DIDN'T properly design, and I get to fix it. Or more commonly, someone did design it properly, but they went on to bigger and better things, and someone else made some changes that seemed to work, until another piece somewhere else came online and.... The normal bitrot you see on projects.
Runtime typechecking is more accurately "crashtime type checking",
Or, if you've done your job right, test-time checking. Static type checking could be seen as a subset of unit testing.
"testing" gets pre-empted by "deadlines". You don't get called in to panic-bugfix a system when they implemented "testing" properly.
I see more usage of dynamic typing in webwork than anywhere else.
I think that has to do with two things -- the need to get to market first, and the choice of hardware platform. If you wrote a new video game in Ruby, and your competitors used C++, your framerate would suck relative to theirs, and you can't exactly tell your users to buy ten times the hardware to make up for it. But if you wrote a new webapp in Ruby, and your competitors used C++, you'll hit the market before they have a working prototype, and you can buy ten times the hardware if you need to.
That honestly depends on a lot of things, I wouldn't write a 3d rendering engine in ruby, but it might be the right call for the slower-paced scripting of game events. Right tool for the job and all that. Back to dynamic typing - what's a specific thing that you can do (in a well-designed system) with a dynamic type that you can't do with polymorphism or templating? I've always found that testing was simpler when you could outright reject so many bad usages of methods at compile-time.
I prefer static types, because when I deal with a project in maintenence mode it's a serious PITA to hunt down every caller and see what types they can possibly call the broken method with.
Runtime typechecking is more accurately "crashtime type checking", good luck managing to keep a system completely operational after you throw an exception deep within a legacy library.
I suppose it depends on what you're doing, I see more usage of dynamic typing in webwork than anywhere else.
And it wouldn't hurt the users to become carpenters and build their own houses, and farmers and grow their own food, and mechanics and fix their own car, and programmers to write their own software, and actors to star in their own plays, and lawyers to argue their own cases, and neurosurgeons to perform brain surgury on themselves, and pilots to fly themselves....
It's an idiotic statement when used for any other profession, patently ridiculous when applied to everything at once, yet strangely common among computer geeks. Why? "Because I know it" is an invalid answer for anyone who is not perfect at every possible profession.
Why is it SO IMPORTANT that every machine have these tools so that you, the hotshot computer guy who knows everything about windows (HAH!) can avoid having to keep a USB stick on your keychain?
And what happens when there's two paths to the same physical disk? That's not impossible now, under configurations that the tool is supposed to handle. The OS really needs to be able to handle the situation because it IS the same - the physical disk and virtual disks are different 'paths' to the same thing.
The other part is a nice cartel of purchasers who set minimum prices and maintain large backstock in warehouses to avoid reducing the value of the market.
Slashdot Mirror
Self-reinforcing. Start with an empty 'related' database and a huge library of books. The first person browsing leaves a distinct fingerprint on the database, because the second person 'sees' the first's trail, and follows it. The joy of a traditional library is there is no path trod into the browsing experience, every discovery is fresh, no matter how many times it's been done before.
To get an idea of how it works out in practice, check out the completely bonkers amazon reccomendations for super-low-traffic items.
There's a lot behind this comment that is really important. Sure, you "can" do the same thing with an electronic view of recently returned books - but you have all sorts of crazy privacy implications. If you read on-site in a traditional library, you don't need a name associated with a book to browse the shelves and see what's related, you can anonymously put it in the returns without your identity ever being associated. And it's a lot more casual and discovery-oriented: A lot of times I would walk through a section dedicated to fiction, grab something at random and read a bit of it to see if I liked it. If I did, I might finish it there, or check it out. Automated delivery is very goal-oriented: I know I want THIS book, go fetch it for me and ignore everything else next to it. At best, it could have a 'related reading' list which rapidly becomes a self-reinforcing subset of the available books.
I think we should digitize everything - but keep traditional libraries traditional. Just don't fill an entire moon with books.
The thing is, with a modern design around the capabilites of video cards you have a much cleaner way of grabbing the individual window frabebuffers (textures? Not sure what they're called when compositing) and streaming them as an image remotely. You can couple that with some hints ("Scroll down 50 pixels") and get a very efficient network protocol - that the applications can safely ignore. As far as they're concerned, everything is happining locally, and they don't care that instead of getting scaled and wobbly they're being encoded and streamed across a lan. As long as you forward the same input events, what's the difference?
Not really. It's a much more painful to try to remote a browser vi X11 on a LAN than it is to VNC/RDP into windows. The main issue is that while bandwidth has improved greatly from the early days of X11 there's only so much you can do about latency, and nearly no apps are written to handle that network latency well. It's actually a much better idea to let them do all their tiny operations on a local framebuffer and stream the whole image as a big blob of pixels. Back when X11 was designed, it was basically unthinkable to throw pixel streams across the network, because bandwidth was such a scarse resource (even on a LAN, 10 MB shared collision domain? Ouch.). When your design constraints change so drastically it's only natural that the optimal solution is no longer the same.
Do you not know what escrow funding is? You get a percentage of the promised funds as you reach each milestone, with some portion being released immediately. It's not like a product where the escrow is held until you deliver.
If only there were a -1 WRONG button.
That's for Pwn2Own, which google is also not particpating in. Pwnium (what this is about) allows pre-written exploits.
I've got a few issues with this whole thing.
First, since the main complaint against megaupload was they were doing data-deduplication, at what granularity do you need to dedupe before you become infringing?
This is problematic because of #2: DMCA complaints lie. Like, the majority of the time. They keyword search and send takedown requests to files with names they don't like without ever seeing the content. So, if a service dedupes content like that all you need to do is upload something that's popular and name it "Britney Spears #1 hit poop" and get it DMCAd. Troll heaven.
Third, their "Paying pirates" is a bald-faced lie. Putting up content you own and getting paid for it was a way to make money for independants of all stripes - modmakers, musicians, amateur directors, etc. The fact that some people made money with things they didn't own (And don't forget that takedowns were honored, dispite the misleading wording of the indictment.) doesn't change the fact that it had a massively non-infringing use. As for their "evidence", try to find one ISP where employees don't talk about using their bandwidth to download not-entirely-legit content. It's considered a job perk of a fat pipe.
Lastly, The MU takedown had the intended effect. Filesonic died early this morning as well. If you don't own your own hosting, good fucking luck sharing anything you've created with the world. There's a lot of minecraft mods that are just gone now, for instance.
Add the following URL to AddblockPlus (with http, not hxxp).
hxxp://meta.wikimedia.org/w/index.php?title=Special:BannerLoader&banner=blackout*
Since you're needing this comment, you're already aware of SOPA and you want to use wikipedia today. Also, pass it on to anyone who complains. They're aware of SOPA and they get to learn about how they'll need to use obnoxious technological workarounds to legislative damage.
Also, today's a great day for creative wiki editing.
actually you picked a terrible example - Crysis 2 was written for consoles and ported to PC, which means it's didn't even support DX11 on release, and it certainly doesn't have a DX11 optimized workflow. The levels are smaller, more confined, the textures have to fit in console RAM, etc. You're not missing
out on anything by not having a new card.
Wait, I missed the announcement where nVidia dumped all their hardware internal documentation on the Xorg guys and said 'have fun'?
There _IS_ no competition for linux until that happens, there's ATI and some proprietary vendor I never think of when buying cards.
that's why you use async IO instead of select/poll.
Ugh, don't say 'pixel perfect', I utterly despise pixel-perfect designs. What DPI? 100? 80? 120? 600 for print?
pixel-perfect designs that break when I set a minimum font size are obnoxious as hell, when I have to select text that flows under other elements and paste it somewhere to read it. Ugh. Seriously, don't even think about giving designers that kind of control until they've proven themselves able to design for something other than their own monitor.
Good news! You don't need to execute it with root privileges, it gets those for itself.
Well, for one both the exploit and the detector are broken by default - it's looking for per_cpu__current_task for >=2.6.30 kernels and not every kernel has that - it's just 'current_task' on 2.6.36-rc4. Turn off that check and both the detector and exploit work. Ignoring the l33+, the important bits are the shellcode and any remnants of the exploit when run.
The exploit itself is trivial to understand - compat_alloc_user_space() didn't check the bounds, and one user didn't properly handle the checking first.
Here's the actual exploit:
getsockopt(7, SOL_IP, MCAST_MSFILTER, 0x804b4a0, 0x804b8a8) = -1 EFAULT (Bad address)
and a quick glance at net/compat.c shows that no check is made on optlen. The rest is just stack-trashing and shellcode,
your basic exploit.
He asked when you could do the equivilant of rm /bin/rm - which you can't in windows. Although I'm not entirely sure that's a filesystem thing, it's a VFS layer thing where an open is an automatic exclusive read lock.
Which is why you get the ridiculous volume shadow copy bullshit and forced reboots to update anything.
I'm more interested in the soundstage with the wire-fu of people with circles painted on them dancing around. That looked like an interesting way to do a movie.
If the first poster doesn't have a comment like "Yeah I'm using one of them right now, my internet is blazingly fast", it's a wasted opportunity.
Assassin's Creed 2 on PC has a confirmed release date on Tuesday 09 March 2010. It is 1 days left until you can play Assassin's Creed 2 on your PC in the USA. View below for more Assassin's Creed 2 release date details.
For US gamers, it's not even out yet, so the only people playing in the US have illicit copies in one way or another.
So we should allow censorship because of your anecdotal evidence about your nephew-in-law? Thanks, but no thanks.
I flatly refuse to accept that what we watch does not affect us. Movies like Saw and Hostel simply cannot be psychologically inert, the content is just too potent.
Yeah, and I flatly believe that you're qualified to tie your own shoes, much less determine what other people can and cannot do.
I've always found that testing was simpler when you could outright reject so many bad usages of methods at compile-time.
Maybe you're testing the wrong thing?
First, why do you need to see what happens when you call a method the wrong way? Call it the right way.
Now, how do you know you're calling it the right way, if you don't have a compiler or IDE telling you so? Because you test the point at which you're calling it.
In other words, test the behavior you actually expect, which is more or less the same kinds of tests you'd do in a strictly-typed language anyway. Ignore types. If there's a type issue, it should throw an exception at some point during testing. If it doesn't, your tests aren't thorough enough and you're going to be bitten, sooner or later, by another, non-type-related issue.
See, that's the exact problem, I reject the concept of testing code via an audit of all it's callers. You can't test a future callsite when you write your code now, especially when it may be someone else doing it. Yes, you can throw a runtime error, but then the same guy who used your interface incorrectly ALSO has to handle an exception correctly, and you're asking a lot of a junior programmer doing piddly work. In a typed language, it's impossible to get a method you're not explicitly expecting (and can test for).
I'd honestly be happier without a lot of the boilerplate in C++ (and doubly so in java!), but at the same time I don't want someone accidentally sending an object representing the database table of employees to the network.Serialize() method because they used a CamelCase variable name instead of an lower_underscores somewhere. It gets doubly bad when it's in an unlikely error handler that they didn't test properly - I don't want the validity of MY code depending on someone else implementing their tests perfectly, that's the antithesis of encapsulation.
I prefer static types,
I guess the next question is, how much real work have you done in a dynamically-typed lanugage?
Mostly cleanup of other people's work. Most of my work is in systems or embedded level, and as you pointed out below, that's not something you can generally throw 10x the hardware at. I'm most fluent in the C-syntax languages (C, C++, Java, PHP which is... well, PHP), although I've hit a good chunk of the procedural languages over the years (Python, ruby, lisp being the big names).
Is sendmail.cf considered turing complete? :)
it's a serious PITA to hunt down every caller and see what types they can possibly call the broken method with.
Why would you want to? This is why I ask what work you've done -- I can't recall ever, in all the Ruby or Javascript work I've done, seeing a method called with the wrong type, or wondering what type a method should be (or is being) called with.
And I was doing crazier things than you seem to be suggesting -- in JavaScript, I can quite literally pull a method out of one object and insert it into another object, on the fly. Yet somehow, proper design meant I never had type issues.
It's probably because most of my work on dynamically typed languages are when someone DIDN'T properly design, and I get to fix it. Or more commonly, someone did design it properly, but they went on to bigger and better things, and someone else made some changes that seemed to work, until another piece somewhere else came online and.... The normal bitrot you see on projects.
Runtime typechecking is more accurately "crashtime type checking",
Or, if you've done your job right, test-time checking. Static type checking could be seen as a subset of unit testing.
"testing" gets pre-empted by "deadlines". You don't get called in to panic-bugfix a system when they implemented "testing" properly.
I see more usage of dynamic typing in webwork than anywhere else.
I think that has to do with two things -- the need to get to market first, and the choice of hardware platform. If you wrote a new video game in Ruby, and your competitors used C++, your framerate would suck relative to theirs, and you can't exactly tell your users to buy ten times the hardware to make up for it. But if you wrote a new webapp in Ruby, and your competitors used C++, you'll hit the market before they have a working prototype, and you can buy ten times the hardware if you need to.
That honestly depends on a lot of things, I wouldn't write a 3d rendering engine in ruby, but it might be the right call for the slower-paced scripting of game events. Right tool for the job and all that. Back to dynamic typing - what's a specific thing that you can do (in a well-designed system) with a dynamic type that you can't do with polymorphism or templating? I've always found that testing was simpler when you could outright reject so many bad usages of methods at compile-time.
I prefer static types, because when I deal with a project in maintenence mode it's a serious PITA to hunt down every caller and see what types they can possibly call the broken method with.
Runtime typechecking is more accurately "crashtime type checking", good luck managing to keep a system completely operational after you throw an exception deep within a legacy library.
I suppose it depends on what you're doing, I see more usage of dynamic typing in webwork than anywhere else.
And it wouldn't hurt the users to become carpenters and build their own houses, and farmers and grow their own food, and mechanics and fix their own car, and programmers to write their own software, and actors to star in their own plays, and lawyers to argue their own cases, and neurosurgeons to perform brain surgury on themselves, and pilots to fly themselves....
It's an idiotic statement when used for any other profession, patently ridiculous when applied to everything at once, yet strangely common among computer geeks. Why? "Because I know it" is an invalid answer for anyone who is not perfect at every possible profession.
Why is it SO IMPORTANT that every machine have these tools so that you, the hotshot computer guy who knows everything about windows (HAH!) can avoid having to keep a USB stick on your keychain?
And what happens when there's two paths to the same physical disk? That's not impossible now, under configurations that the tool is supposed to handle. The OS really needs to be able to handle the situation because it IS the same - the physical disk and virtual disks are different 'paths' to the same thing.
The other part is a nice cartel of purchasers who set minimum prices and maintain large backstock in warehouses to avoid reducing the value of the market.
And marketing! Don't forget marketing!
A diamond is forever, indeed.