If it's really a safety issue then it's kind of like saying - it's ok to bring guns on the planes, just don't use them.
What I'm suggesting is that if it's actually dangerous then we really have no choice but to remove the phones from the planes (ban them outright) or make the planes accomodate them... Doing a feel-good in-between solution is illogical and inherently makes people not take it seriously.
Since airlines will never ban the phones (unless there is a horrible incident first) I think the obvious solution is to mitigate the risk with changes to the planes. I think the "don't use your phones on the plane" option is just a CYA / shift the blame point for the airlines.
Wait and see... in a few years you'll be able to use your cell phone in-flight... somehow. The airlines will make it happen when it's making them money.
Seriously. If it's really an issue then there is no choice but to address the problem in the instruments. They are not going to ban cell phones from the planes and when they are there they are going to be used either intentionally or accidentally.
It's the same situation in hospitals - If cell phones can interfere with medical equipment then people's lives are at risk and they should redesign the equipment... not try in vain to beg everyone to remember to turn off their cell phones.
I would expect that the price of the song would go down with popularity... and I would think that this would also be pretty optimal for artist's sales when considered against copying/trading, etc.
I don't care so much about RUP, but I would like to be able to produce a decent class diagram from source or by hand when I want one and no such tool seems to exist in all of open source... Everything out there (including Argo UML) just sucks.
But presumably the background would be at or higher than the tiny trace that you're looking for. So the machine would be rendered useless.
Several people have also posted that they think the area could be cleaned with solvents. But I have to ask - if it were that easy to clean a really contaminated area, then why couldn't the bad guys just clean their hands before going through the machine? Something is amiss here.
Ok, here's something I've always wondered about. If you have these exquisitly sensitive machines that can detect even a few molecules of material, aren't they by the same token super-vulnerable to being attacked by "chaffing" or overloading?
Couldn't a bad guy simple walk around the airport with some material on his shoes and permanently, for all time, destroy the effectiveness of the instruments? I mean, how could one possibly clean a whole airport down to a few molecules worth of the stuff?
Isn't that a *huge* hole in any "super sensitive" chemical detection system?
I've been thinking about this and the bigger issue of backups lately and was considering what it would be like to do "miniature" versions of all my photos and video - whatever it takes to make them fit onto one big flash drive. I have a few hundred gigs of photos and video on my raid at home and it would take some serious crunching, but if it's all I had left, I think I'd still prefer a little 320x240 video or photo over nothing.
Until the net is faster, syncing 100s of megs of data back and forth weekly or monthly (or 100s of gigs for a full backup) is just going to be prohibitive. I am doing firewire drive backups and sometimes carrying them off-site, but if the "big one" hits I'll probably lose a lot.
Well, Java is also an umbrella for several things. It's a language, a VM spec, a set of core and extension libraries, and a set of profiles that combine features for certain types of devices.
But those are all fairly concrete and easy to talk about, even if we lump them into the term "Java". I do have trouble pinning down all of the elements encompassed by ".Net", but I am cerainly no expert on the topic.
I've been studying Chinese for a number of years and here are a few things I've found very useful:
WenLin chinese editor/dictionary environment: http://www.wenlin.com/ It's really helpful to paste some Chinese into the editor and be able to hover the mouse over words to get instant dictionary lookup.
Pleco Palm Chinese English dictionary: http://pleco.com/oxford.html Best thing to have on your palm/phone in China.
Flash Palm chinese flash cards: http://www.andante.org/chinese_pilot.html This is free and easy to use... Pleco software also has flashcards.
As for books: The old standard Practical Chinese Reader series is good, but I like the newer "Integrated Chinese" by Yao and it has CDs available with listening exercises.
Also, if you have a sat dish check out CCTV9 (now free on Dish network) for their 15 minute daily "Communicate in Chinese" show... I'm encoding these to MP4 and putting them on my Treo650...
It's Java based and seems to have every useful feature you can imagine:
http://azureus.sourceforge.net/
I haven't checked out the new official client yet, but Azureus has always been way ahead of the pack and I assume it still is. (Things like fast restart, nice visualizations of clients and file pieces, etc.)
has anyone else noticed that the drive actually allows two or more fingers to scroll? e.g. I can have three or four fingers on the trackpad and scroll just fine... It actually feels a little more natural to me to use three fingers... kind of like grabbing the whole pad with your hand vs. pointing with a finger.
The only downside I've noticed is that it doesn't seem to be as sensitive as SideTrack to small movements... You have to make a fairly big move to get it to respond.
The article mentions things that they claim have been reproduced... Specifically, having people "think about" and influence the outcome of the random number generators. That's something you could test... Do a double blind experiment.
A Princeton professor doesn't need a million dollars?
Really smart people have been fooled before by turning the scientific method on its head and looking for causes that fit selected outcomes... Unless you can make a prediction before something happens you really don't have much to talk about.
If they can demonstrate a link between people thinking and a random number generator in a controlled environment, then they can go claim the Randi prize (randi.org)... It's a million dollars, should be worth their time.
the second season will delve into the religious issues surrounding the Cylons in addition to opening up their society more.
I wish they wouldn't. Am I the only person on earth who like the science fiction part of science fiction? The characters are interesting and maybe I'll care more about what happens to them later, but for now I'd like more fictional science in the science fiction...
It's a good show so far... But if it turns into another soap opera it will just get annoying. Why do these series all turn into soap operas? Two reasons: 1) it's a lot cheaper to film people crying than epic battles and CGI robots... 2) the writers run out of ideas quickly and never seem to go looking for new ones early enough.
Face it - in Java, whenever you are writing to a file, communicating through a network interface or just handling GUI controls, there is always some unmanaged C++ code being executed in your process...
Of course... and Java executes RISC instructions that could reveal flaws in the processor design too... but those levels were not written in the course of daily programming. The native drivers in Java are very small (e.g. all of Swing is built on a few AWT calls for opening windows and doing primitive drawing). And those routines presumably get a lot of scrutiny for all kinds of reasons - security being one and performance being another. I have never heard of a common security problem like a buffer overflow in the native libs shipped with Java... It's going to happen someday of course and that's why people created Java and managed code. To minimize the exposure of those regions.
The futher up the food chain your code goes the more protected it is and the harder it becomes to exploit low level security holes. It's analogous to the way in which you (used to?) gain confidence in the GNU C compiler by having it compile itself and then using the 2nd gen to compile a third... At each step the possibility of simple problems become much more abstract and harder to exploit.
Pat Niemeyer Author of Learning Java, O'Reilly & Associates
the unsafe keyword is not meant for daily consumption.
Wait... I don't know the answer to this, but - won't all C/C++ code running on.NET be tagged as unsafe? Or is the programmer expected to tag every pointer cast or dereference explicitly?
Normal programmers do use C/C++ daily... and it is unsafe. I think the point vs. JNI is valid.
First, technically there's no reason you couldn't build an API allowing pure Java hardware drivers. Sun did it for JavaOS (which apparently went nowhere, but for other reasons). I wish someone would take this idea and port it to Linux, giving us pure Java device drivers.
But in answer to your question - yes, you can use JNI to talk to unsupported hardware by invoking native routines and, internally, the Java libraries use it to invoke native code on the platform for basic services like talking to the filesystem, sockets, or anything that's not written in pure Java.
Many people might be surprised though to know just how much of Java is written *in Java*... The vast majority of the APIs are pure Java code. Only the lowest level stuff is delegated to platform specific code. For example, Java does DNS and most crypto in pure Java.
And finally, most X10 hardware uses a serial API... I have one controlled by Java... also a network of Dallas Seminconductor sensor devices controlled by Java.
Pat Niemeyer Author of Learning Java, O'Reilly & Associates
Solaris - yes, it's unsafe. That's why my Solaris machine gets attacked if I don't have a firewall in front of it for ten seconds.
JVM - no, that's safe. JNI is an API, not a platform. For that matter you can say that any language which uses sockets for network programming or can write a file is unsafe. Not to mention that normal programmers never use JNI... It's a very low level integration API.
Don's comments did not really add anything that wasn't covered in the Slashdot discussion.
Pat Niemeyer Author of Learning Java, O'Reilly & Associates
Gosling's point (which he made specifically referring to an "image" type for example) is about type safety at the bytecode level. All of Java's security starts with the proposition that you can't forge types. Bounds checking and not wiping out the stack are just as important. But the type safe VM is what allows Java to impose security policies on code and even run untrusted code in a sandbox safely.
I agree about JNI. But just to point out the difference again - JNI is an API, it's there for integration. It's not something that a normal programmer will ever use. It doesn't bring unsafe code into the VM, it provides a way to invoke it from the VM.
What you're saying is true, but JNI is not really analogous to unsafe code in the VM. User code in the Java VM must first pass the verifier and any security policy. To me this puts the security decisions up a level... The code can't intentionally or unintentionally wreak havoc on the VM... it can only call an API or not call an API.
Slashdot Mirror
If it's really a safety issue then it's kind of like saying - it's ok to bring guns on the planes, just don't use them.
What I'm suggesting is that if it's actually dangerous then we really have no choice but to remove the phones from the planes (ban them outright) or make the planes accomodate them... Doing a feel-good in-between solution is illogical and inherently makes people not take it seriously.
Since airlines will never ban the phones (unless there is a horrible incident first) I think the obvious solution is to mitigate the risk with changes to the planes. I think the "don't use your phones on the plane" option is just a CYA / shift the blame point for the airlines.
Wait and see... in a few years you'll be able to use your cell phone in-flight... somehow. The airlines will make it happen when it's making them money.
Seriously. If it's really an issue then there is no choice but to address the problem in the instruments. They are not going to ban cell phones from the planes and when they are there they are going to be used either intentionally or accidentally.
It's the same situation in hospitals - If cell phones can interfere with medical equipment then people's lives are at risk and they should redesign the equipment... not try in vain to beg everyone to remember to turn off their cell phones.
Remember that you (as a mammal) are covered in tiny hairs. I think you "feel" electrostatic charges because these hairs stand on end.
I would expect that the price of the song would go down with popularity... and I would think that this would also be pretty optimal for artist's sales when considered against copying/trading, etc.
Pat
It looks nice, but is there a way to go from source code to a diagram? Or perhaps some additional tool to bridge that gap?
thanks,
Pat
I don't care so much about RUP, but I would like to be able to produce a decent class diagram from source or by hand when I want one and no such tool seems to exist in all of open source... Everything out there (including Argo UML) just sucks.
Pat
But presumably the background would be at or higher than the tiny trace that you're looking for. So the machine would be rendered useless.
Several people have also posted that they think the area could be cleaned with solvents. But I have to ask - if it were that easy to clean a really contaminated area, then why couldn't the bad guys just clean their hands before going through the machine? Something is amiss here.
-Pat
Ok, here's something I've always wondered about. If you have these exquisitly sensitive machines that can detect even a few molecules of material, aren't they by the same token super-vulnerable to being attacked by "chaffing" or overloading?
Couldn't a bad guy simple walk around the airport with some material on his shoes and permanently, for all time, destroy the effectiveness of the instruments? I mean, how could one possibly clean a whole airport down to a few molecules worth of the stuff?
Isn't that a *huge* hole in any "super sensitive" chemical detection system?
I've been thinking about this and the bigger issue of backups lately and was considering what it would be like to do "miniature" versions of all my photos and video - whatever it takes to make them fit onto one big flash drive. I have a few hundred gigs of photos and video on my raid at home and it would take some serious crunching, but if it's all I had left, I think I'd still prefer a little 320x240 video or photo over nothing.
Until the net is faster, syncing 100s of megs of data back and forth weekly or monthly (or 100s of gigs for a full backup) is just going to be prohibitive. I am doing firewire drive backups and sometimes carrying them off-site, but if the "big one" hits I'll probably lose a lot.
- Pat
Well, Java is also an umbrella for several things. It's a language, a VM spec, a set of core and extension libraries, and a set of profiles that combine features for certain types of devices.
But those are all fairly concrete and easy to talk about, even if we lump them into the term "Java". I do have trouble pinning down all of the elements encompassed by ".Net", but I am cerainly no expert on the topic.
Pat Niemeyer
I've been studying Chinese for a number of years and here are a few things I've found very useful:
WenLin chinese editor/dictionary environment: http://www.wenlin.com/
It's really helpful to paste some Chinese into the editor and be able to hover the mouse over words to get instant dictionary lookup.
Pleco Palm Chinese English dictionary:
http://pleco.com/oxford.html
Best thing to have on your palm/phone in China.
Flash Palm chinese flash cards:
http://www.andante.org/chinese_pilot.html
This is free and easy to use... Pleco software also has flashcards.
As for books: The old standard Practical Chinese Reader series is good, but I like the newer "Integrated Chinese" by Yao and it has CDs available with listening exercises.
Also, if you have a sat dish check out CCTV9 (now free on Dish network) for their 15 minute daily "Communicate in Chinese" show... I'm encoding these to MP4 and putting them on my Treo650...
Pat
It's Java based and seems to have every useful feature you can imagine:
http://azureus.sourceforge.net/
I haven't checked out the new official client yet, but Azureus has always been way ahead of the pack and I assume it still is. (Things like fast restart, nice visualizations of clients and file pieces, etc.)
Pat
has anyone else noticed that the drive actually allows two or more fingers to scroll? e.g. I can have three or four fingers on the trackpad and scroll just fine... It actually feels a little more natural to me to use three fingers... kind of like grabbing the whole pad with your hand vs. pointing with a finger.
The only downside I've noticed is that it doesn't seem to be as sensitive as SideTrack to small movements... You have to make a fairly big move to get it to respond.
Pat
The article mentions things that they claim have been reproduced... Specifically, having people "think about" and influence the outcome of the random number generators. That's something you could test... Do a double blind experiment.
Pat
A Princeton professor doesn't need a million dollars?
Really smart people have been fooled before by turning the scientific method on its head and looking for causes that fit selected outcomes... Unless you can make a prediction before something happens you really don't have much to talk about.
Pat
If they can demonstrate a link between people thinking and a random number generator in a controlled environment, then they can go claim the Randi prize (randi.org)... It's a million dollars, should be worth their time.
I doubt they'll be collecting it.
Pat Niemeyer
the second season will delve into the religious issues surrounding the Cylons in addition to opening up their society more.
I wish they wouldn't. Am I the only person on earth who like the science fiction part of science fiction? The characters are interesting and maybe I'll care more about what happens to them later, but for now I'd like more fictional science in the science fiction...
It's a good show so far... But if it turns into another soap opera it will just get annoying. Why do these series all turn into soap operas? Two reasons: 1) it's a lot cheaper to film people crying than epic battles and CGI robots... 2) the writers run out of ideas quickly and never seem to go looking for new ones early enough.
Pat
Neat.
Pat Niemeyer
Face it - in Java, whenever you are writing to a file, communicating through a network interface or just handling GUI controls, there is always some unmanaged C++ code being executed in your process...
Of course... and Java executes RISC instructions that could reveal flaws in the processor design too... but those levels were not written in the course of daily programming. The native drivers in Java are very small (e.g. all of Swing is built on a few AWT calls for opening windows and doing primitive drawing). And those routines presumably get a lot of scrutiny for all kinds of reasons - security being one and performance being another. I have never heard of a common security problem like a buffer overflow in the native libs shipped with Java... It's going to happen someday of course and that's why people created Java and managed code. To minimize the exposure of those regions.
The futher up the food chain your code goes the more protected it is and the harder it becomes to exploit low level security holes. It's analogous to the way in which you (used to?) gain confidence in the GNU C compiler by having it compile itself and then using the 2nd gen to compile a third... At each step the possibility of simple problems become much more abstract and harder to exploit.
Pat Niemeyer
Author of Learning Java, O'Reilly & Associates
the unsafe keyword is not meant for daily consumption.
.NET be tagged as unsafe? Or is the programmer expected to tag every pointer cast or dereference explicitly?
Wait... I don't know the answer to this, but - won't all C/C++ code running on
Normal programmers do use C/C++ daily... and it is unsafe. I think the point vs. JNI is valid.
Pat Niemeyer
First, technically there's no reason you couldn't build an API allowing pure Java hardware drivers. Sun did it for JavaOS (which apparently went nowhere, but for other reasons). I wish someone would take this idea and port it to Linux, giving us pure Java device drivers.
But in answer to your question - yes, you can use JNI to talk to unsupported hardware by invoking native routines and, internally, the Java libraries use it to invoke native code on the platform for basic services like talking to the filesystem, sockets, or anything that's not written in pure Java.
Many people might be surprised though to know just how much of Java is written *in Java*... The vast majority of the APIs are pure Java code. Only the lowest level stuff is delegated to platform specific code. For example, Java does DNS and most crypto in pure Java.
And finally, most X10 hardware uses a serial API... I have one controlled by Java... also a network of Dallas Seminconductor sensor devices controlled by Java.
Pat Niemeyer
Author of Learning Java, O'Reilly & Associates
Solaris - yes, it's unsafe. That's why my Solaris machine gets attacked if I don't have a firewall in front of it for ten seconds.
JVM - no, that's safe. JNI is an API, not a platform. For that matter you can say that any language which uses sockets for network programming or can write a file is unsafe. Not to mention that normal programmers never use JNI... It's a very low level integration API.
Don's comments did not really add anything that wasn't covered in the Slashdot discussion.
Pat Niemeyer
Author of Learning Java, O'Reilly & Associates
Gosling's point (which he made specifically referring to an "image" type for example) is about type safety at the bytecode level. All of Java's security starts with the proposition that you can't forge types. Bounds checking and not wiping out the stack are just as important. But the type safe VM is what allows Java to impose security policies on code and even run untrusted code in a sandbox safely.
.NET.
I assume the same applies to managed code in
Pat Niemeyer
Thanks and as someone else pointed out I was replying to the troll... I should know better. Don't know why I did that.
Pat Niemeyer
I agree about JNI. But just to point out the difference again - JNI is an API, it's there for integration. It's not something that a normal programmer will ever use. It doesn't bring unsafe code into the VM, it provides a way to invoke it from the VM.
What you're saying is true, but JNI is not really analogous to unsafe code in the VM. User code in the Java VM must first pass the verifier and any security policy. To me this puts the security decisions up a level... The code can't intentionally or unintentionally wreak havoc on the VM... it can only call an API or not call an API.
Pat Niemeyer