Slashdot Mirror


User: Anonymous+Brave+Guy

Anonymous+Brave+Guy's activity in the archive.

Stories
0
Comments
12,209
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,209

  1. Re:Get over it already on Ask Slashdot: Life After Firefox 3.6.x? · · Score: 1

    There is no magic. There is only engineering, or at least as close to it as we know how to do so far when it comes to software development.

    We are talking about software that is used by (according to its own makers) more than a quarter of a billion people. We are talking about the kind of bug that (as someone pointed out in another comment in this discussion) potentially opens the door to an entire network. This stuff should be written to standards that would make space shuttle designers and nuclear power station staff sleep easy at night.

    What we actually get is stuff written in C++ via an open source development process where code can get in with the nods of a couple of people each examining the patch alone. Take a look at the fiasco with Flash, Java, etc. when Firefox 10 launched, and tell me with a straight face that this is good enough.

    You're right that software is written by people and people make mistakes. However, that is why we use tools and follow processes that mitigate the effect any one individual mistake can have on the overall project. Processes do exist that have successfully contained those mistakes to the point where there are orders of magnitude fewer bugs going out than typical software today. Programming languages and tools exist that make common kinds of programmer error that often lead to security vulnerabilities effectively impossible. Non-trivial software does exist that is, for practical purposes, almost bug-free.

    But as long as most people assume that it's OK to write security-sensitive end user software in languages like C and C++, as long as most people are happy with relying on little more than a few unit tests as a substitute for a real QA process, as long as most people think a couple of experienced developers glancing over a patch is a substitute for serious peer reviews throughout the development process starting well before anyone writes a line of code, there won't be enough people serious enough about doing better to reach critical mass, and we won't bring the better tools and processes into the mainstream.

  2. Re:Get over it already on Ask Slashdot: Life After Firefox 3.6.x? · · Score: 1

    No, the solution is not to tolerate shoddy software where a steady stream of security vulnerabilities is identified and needs patching and this is considered normal.

    This simply isn't necessary. We know much better, safer ways to make software today. There are better tools, and there are better processes, and there is a mountain of evidence to back up both claims, and no, they aren't absurdly expensive in either time or money.

    But these tools and processes are not the mainstream way today, and as long as the crapware that routinely gets produced by the mainstream way is still considered good enough by enough of its target audience, unfortunately most developers will follow the path of least resistance and we won't achieve critical mass in support of better alternatives and drive an industry-wide move to better software.

    Of course, this isn't just a problem with Firefox, it's a problem with most end user software made today, and it isn't just about security vulnerabilities, it's a problem with absurdly high bug rates in general. But you are constructing a false dichotomy by implying that either we must update our software frequently or we must stay exposed to security vulnerabilities for extended periods.

  3. Re:Get over it already on Ask Slashdot: Life After Firefox 3.6.x? · · Score: 1

    Expecting to run the same version of any software with no security updates for a year is ridiculous.

    No, it isn't. Not even slightly.

    Upgrading existing, working software when you don't actually need any of the new functionality is literally a waste of time. Doing it across the entirety of a large organisation is a serious job, which is going to disrupt other IT operations and potentially every member of staff.

    Just because the Internet allows software makers to distribute updates easily and have applications phone home to check whether updates are available, that isn't an excuse for writing poor quality software and failing to test properly before you ship it in the first place.

    The idea that it is reasonable to expect people to upgrade software -- and platform software at that -- every few weeks is completely, utterly, indefensibly crazy.

  4. Re:Visualization Periodic Table on A Taxonomy of Visualization Techniques · · Score: 3, Insightful

    It is ironic that anyone promoting data visualisation would slavishly copy the layout of the periodic table of the elements, which is one of the most brilliant examples in the history of the field precisely because it is derived from the real underlying structure of the chemical elements and as a result it highlights useful practical relationships. I have yet to discover another data set with the same underlying structure and the same resulting relationships between the data points, and thus I have yet to discover another context where that kind of periodic table is a useful tool rather than a gimmick.

    That said, the content itself at the site you linked to seems interesting. It's just a shame they cheapened it by using a completely inappropriate metaphor.

  5. Re:What's much more important is... on One In Eight Chance of a Financially Catastrophic Solar Storm By 2020 · · Score: 1

    Waterproof, reinforced enclosures measuring perhaps thirty cubic feet in volume and situated fifteen feet below ground aren't terribly difficult to construct.

    I think perhaps you and I have very different ideas of what "difficult" means in this context!!

    That said, I very much agree with your real point.

  6. Re:What's much more important is... on One In Eight Chance of a Financially Catastrophic Solar Storm By 2020 · · Score: 4, Insightful

    Store your backups in geographically diverse locations, in hardened containers, preferably some of them subterranean. Of course, you're already doing that anyhow, right?

    Storing back-ups in hardened containers in subterranean bunkers? No, I'm not, and somehow I doubt most other people here are either.

    Backing things up safely, securely and frequently is surprisingly hard for individuals to do given all the technical wonders we have in the world today.

    (In case anyone's knee is jerking, please read the actual terms and check the actual reliability stats of any Internet-based back-up service you're about to recommend before you post it. Chances are, you'll never make the post.)

  7. Re:Typical cars in the UK today are smaller on The Specter of Gasoline At $5 a Gallon · · Score: 1

    I'm not sure which cars you're looking at, but most current models of all three compacts I mentioned here in the UK have a kerb weight under 3,000lbs. In terms of fuel economy, even the higher performance models measure around 40mpg on the standard combined cycle, while the models aiming for economy are approaching 60mpg (that's petrol, not diesel, in both cases).

    So, when you compare that against the cars you mentioned before, typical family cars here in the UK really do get about 2-3x the fuel-efficiency today. I'm not sure why you'd have figures so much worse for whatever models they sell in the US, but I don't think you've disproved my underlying point that cars in the US tend to be big and thirsty compared to those in many other places around the world.

  8. Re:But this price rise is artificial.... on The Specter of Gasoline At $5 a Gallon · · Score: 1

    I don't equate AWD with a tank. My own vehicle is AWD, and one of the reasons for choosing it was difficulty I had in my previous car, which didn't handle moderate snow well.

    But you don't need big cars to navigate a city without much public transport. In fact, other things being equal, the smaller, more efficient and more environmentally friendly the better if all you're doing is transporting one person a few miles to work. Of course you also have to take into account things like transporting cargo and safety factors, so other things aren't always equal, but still, having limited public transportation isn't an excuse to go around driving large, inefficient vehicles.

  9. Typical cars in the UK today are smaller on The Specter of Gasoline At $5 a Gallon · · Score: 1

    The irony here is that I think you genuinely don't realise that all of the cars you desribed would be regarded as "muscle cars" in most of the world, and 20mpg is a terrible average for any car made today.

    Here in the UK, a typical family today might have a small family car (what the US industry calls a compact) such as the Ford Focus, Vauxhall Astra or VW Golf, and a smaller runabout like a Ford Fiesta, Vauxhall Corsa or Renault Clio. The trend is very much away from larger cars like saloons (sedans) and estates (station wagons).

    Of course there are also larger "executive" cars and specialist vehicles like MPVs (which are increasingly popular with larger families who need to transport more than a couple of kids) and these vehicles are bigger, heavier, and more thirsty. But those are the exception, and most cars you see on the road today are smaller and more fuel efficient.

    This trend is partly motivated by ever-rising prices at the pump that increasingly penalise cars with poor fuel efficiency, and by a taxation system that now heavily penalises cars with poor emissions such as large 4x4s (SUVs) and high performance sports cars.

  10. Re:But this price rise is artificial.... on The Specter of Gasoline At $5 a Gallon · · Score: 1

    A few people from the US have mentioned these "different emissions laws" now.

    Can someone please explain to the rest of us exactly what those laws actually say, and why they prohibit driving a smaller car that emits fewer pollutants and gets much better mileage than a larger, heavier car with a bigger engine using the same underlying technology?

  11. Re:But this price rise is artificial.... on The Specter of Gasoline At $5 a Gallon · · Score: 2

    Well, you could just try driving cars instead of tanks. I hear they sometimes get a better mpg rate. ;-)

  12. Re:Winter/mud/etc. on Rearview Car Cameras Likely Mandated By 2014 · · Score: 1

    Absolutely, sometimes you have no choice but to reverse into a tight space anyway, just because of the physics of how steering works. I don't know whether that or the safety benefit was the original reason the manoeuvres learned for a driving test were standardised as they are today. Fortunately both indications point in the same direction...

  13. Re:I'll just on Rearview Car Cameras Likely Mandated By 2014 · · Score: 1

    By "looking over both shoulders", do you mean "behind you"?

    No, I mean behind you and to either side.

    What guarantee is there that the driver will be monitoring the camera display?

    None, but at least if they look away and then look back again they'll see what's really there. Tiger4's approach requires seeing what will become the blind spot to know that it is clear to start with, and then consistently monitoring every possible way in or out of that area to be confident that nothing has sneaked by that you're about to run over. That's a pretty tall order under realistic conditions.

  14. Re:Close but no cigar for the moment... on Remastered Star Trek: the Next Generation Blu-ray a Huge Leap Forward · · Score: 1

    But... But... Voyager was the only series that didn't have any alternate universe episodes!

    Oh, that's what you meant.

  15. Re:Don't Buy It! on Remastered Star Trek: the Next Generation Blu-ray a Huge Leap Forward · · Score: 1

    I guess I shouldn't be surprised. I figured Lucas was involved the moment I heard there were five lights.

  16. Re:Winter/mud/etc. on Rearview Car Cameras Likely Mandated By 2014 · · Score: 1

    Also a valid point, but again I think it's probably fair to say it's happened to me about half a dozen times in my entire driving career. If there's someone that close behind me who's being really being so aggressive that I can't come to a halt before passing the space (so those behind me have to as well) and then quickly turn forward and then back the other way to reverse in without them trying to drive through me to take my space, then I'd probably rather move along and leave them be, even if it means looking around for another space.

  17. Re:Winter/mud/etc. on Rearview Car Cameras Likely Mandated By 2014 · · Score: 1

    Many people don't reverse park because that makes it more difficult to access the rear of the car, which is especially likely to be a problem when you visit say a supermarket.

    That is a fair point, and I have heard some professional driving instructors suggesting such an exception to the general rule.

    I respectfully disagree with them. I think safety is more important than convenience, and a supermarket car park is exactly the kind of place where driving out forwards is significantly safer than reversing.

    In any case, IME the loading problem is mostly a moot point. You can get your shopping to your car boot just fine in most supermarket car parks even if you do back up close to a fence and there are other cars on both sides. I genuinely can't remember the last time it was a problem for me.

    (I acknowledge that it might be a problem for some people with physical limitations that make it difficult to lift shopping bags for any distance at all, but there is usually reserved parking with extra space around the vehicle for such people, and many supermarkets now offer carry-to-car services to those who need them. And of course anyone with that level of physical disability is probably going to struggle to reverse out of a space safely anyway, so I don't think we can really treat them the same as everyone else when considering best practice for drivers in general.)

  18. Re:I'll just on Rearview Car Cameras Likely Mandated By 2014 · · Score: 1

    Unfortunately, most drivers are not so observant, and in any case unless you can monitor all ways into and out of the blind spot 100% of the time (which is not possible while manoeuvring if you need to look over both shoulders, for example) you have no guarantee. I'm glad you drive carefully, but don't forget that many people don't.

  19. Re:Christ, on Rearview Car Cameras Likely Mandated By 2014 · · Score: 0

    You're ignoring the costs of the emergency services to deal with an accident, the economic hit of disrupting transport infrastructure in the event of a serious accident, the costs of property damage (including to the car) in non-injury accidents, and numerous other factors. But I suspect you already knew that and were just trolling.

  20. Re:Winter/mud/etc. on Rearview Car Cameras Likely Mandated By 2014 · · Score: 3, Interesting

    Here in the UK, drivers are taught to reverse from the road into a driveway (or from a major road into a minor one when manoeuvring) and then drive out forwards. This means you're going the more dangerous way around (backwards) into the quieter area rather than the busier one, you have a better view of the busier area to choose when to complete your move, and usually you can concentrate on looking one way into a driveway/road you're reversing into instead of both.

    A fair proportion of drivers actually do this, but you see a disturbing number of people who will just drive straight forward into a space in a car park by the shops, only to reverse back out later into a "road" where there are often other vehicles manoeuvring, pedestrians walking past close to vehicles where they can be hard to see, people wheeling stuff around on their way to their car, kids running off, and so on. Then they act all surprised when they back out and miss something. So, score one for better driver education.

    Having said that, I would love to have better parking assistance with my car. It's a great vehicle, but the one big downer about modern safety design with curves everywhere is that it's much harder to judge how close you really to nearby hazards when manoeuvring in tight spaces. Similarly, all those crumple zones and such are great, but they do mean that rear windows tend to start higher up these days and obviously I can't see through solid bodywork to know how close I've got to that wall/post/child behind my car. In any case, whichever way you look, there's always a region near the ground you can't see from the driver's seat. So, score one for technology that allows careful drivers a better view around their vehicle as well. It's not like this vs. driver training is an either-or thing, when things like choosing to reverse in the safer direction only take ten seconds to teach and half a minute more to justify why.

  21. Re:Unless you are very, very careful on Harris Exits Cloud Hosting, Citing Fed Server Hugging · · Score: 1

    I think you're wrong about SEO. The trouble is that there are plenty of people who do peddle SEO in a way that is snake-oilish, as if there's some silver bullet that will magically get your unknown small company to the top of Google's rankings. That's nonsense of course, but many small companies who get their founder's dad's neighbour's kid to design the site either don't get the basics in place or do something that actively harms their ranking because Google penalises that behaviour (ironically often a result of some shady technique that was advocated by the snake-oil SEO salesmen last week). Perhaps "competence" would be a better term than "optimization", because a lot of it is just common sense and not doing anything actively bad, but so many web sites are incompetently designed that you can definitely gain an advantage just by not doing anything wrong, and to that extent SEO is a useful and legitimate goal.

    As for the cloud, I've been arguing -- since before it was even called by that name -- that shoving everything onto external resources like that has serious disadvantages for a lot of organisations. I think what most of these organisations are actually looking for is a way to reduce the absurd overheads of deploying and maintaining software across their entire network and/or a way to centralise and standardise their infrastructure. You could achieve those goals just as well by running your own mini-datacentre(s) with a whole bunch of virtualised servers and running web-based applications on those instead.

    However, there will be a lot of resistance to supporting this model from the kind of companies that provide "cloud" services. For one thing, they are making a fortune doing relatively little, and will continue to do so as long as they can peddle their software as a service you pay for on subscription rather than a one-off purchase. For another thing, they can keep all their source code in-house where customers can't rip it off (or see how bad it is). Because a lot of the programming tools that are commonly used for server-side web work are quite easily reverse engineered or executed directly from the original source code, there are going to be concerns -- and possibly legitimate ones, not just hiding bad work -- about giving the entire package to customers to install on their own servers.

    I do think there is going to be a big window, probably starting in a year or two, for software businesses that support this model to make serious profits. I think someone will realise that they can turn the ability for customers to host in-house for better security and reliability into a competitive advantage, bring in reasonable revenues from charging business-scale prices for software up-front even if it's only a one-off fee, and crucially, probably convert a lot of the "losses" from no longer operating subscription-based SaaS into an alternative revenue stream from providing genuine ongoing support and customisation, which is what "enterprise" software companies have done for years anyway and isn't (IMHO) the real reason they're losing out to these new-fangled cloud-based services today.

  22. Re:Server Hugging on Harris Exits Cloud Hosting, Citing Fed Server Hugging · · Score: 2

    I believe the EU has encountered some situations in which companies can either be breaking the EU laws, or breaking the US laws ... it's not possible to be in compliance with both if one prevents you giving access, and the other insists they get it.

    IIRC, one potential conflict (I know of no actual test case yet) is that EU privacy rules forbid the export of personal data to places without adequate safeguards (which includes the US), but the US has laws that any US-based business must hand over any data it has to the US government on demand under certain circumstances. If the US company operates an office within the EU, normally keeps personal data from the EU within the EU, but gets a demand for the data via its US head office, they could be in a legal grey area (or more precisely, they could be in a very black-and-white situation according to the law in both jurisdictions, but those situations would conflict).

    I have to wonder how much subtle background damage US government/business culture might be doing to the US economy today. On the one hand, there is the very laissez-faire attitude to innovation, which includes an unusually tolerant approach (by global standards) to invasion of individual privacy by businesses, which leads to conflicting standards like the one we're talking about above when you start trading internationally. On the other hand, there seems to be a trend that is very much not laissez-faire recently when it comes to government intervention, and in particular government control of communications infrastructure and rights to access data, which was collected by businesses rather than the government itself, on demand in various contexts. Again, the end result is concerns about privacy and even industrial espionage.

    Perhaps in the US culture this is supposed to be dealt with by the courts. If an organisation has the resources to bring a successful lawsuit, it can actually reshape the law in the US. (This is very different to the situation in various other jurisdictions, where case law can set precedents for interpreting statutes but can never override them.)

    However, the result of that culture is that you have an economy where businesses operate relatively unrestricted yet always under the shadow of government intervention, and where lawsuits are thrown around as commercial weapons as just "a cost of doing business". Obviously having a legal system is not unique to the US, but it does seem to favour a very litigious approach where the ground rules are vague if there are any at all, and that uncertainty always carries a cost.

    For example, I have a company in the UK that does IT contract work, and we carry a professional indemnity insurance policy. The terms of that policy specifically exclude any work done in the US (or Canada, curiously) from the cover. That's a pretty clear suggestion that the insurance underwriters consider the risk of being involved in an expensive lawsuit in the US or Canada so high that they would rather lose the custom of any business that works there. That in turn is a strong disincentive for my company (and the many others who belong to the same professional bodies as we do and who take out the same associated insurance policies) to do business with anyone in the US or Canada. I don't know whether that pattern is repeated elsewhere in Europe or around the world, but given that the insurers are basically interested in the money, it seems likely. If so, that's a serious impediment to international trade for business in the US, and maybe we're starting to see the results with stories like the one we're discussing in this thread.

  23. Re:I might just be a luddite, but on UK To Dim Highway Lights To Save Money · · Score: 1

    I agree with you again about the basic "arms race" problem.

    I hadn't heard of the polarization idea before, though it's kind of obvious now that I think about it. I suppose the problem is that it could reduce the light received from other sources as well, which is fine if it's cutting out some glare from other very bright sources like low sun, but not so great if it obscures a source that is relatively dim but relevant to the driver such as a warning light on a foggy road or a cyclist riding at night with weak lights.

  24. Re:I might just be a luddite, but on UK To Dim Highway Lights To Save Money · · Score: 1

    Illumination on roads is a tricky issue, to be sure.

    There is fairly strong evidence that improved lighting significantly decreases both the rate and the severity of accidents. See, for example, this summary by the Royal Society for the Prevention of Accidents. You do have to be careful not to draw conclusions beyond what is actually supported by the stats in each case, but there seems to be a clear pattern there. I'm reasonably sure I once read a paper arguing that lighting our motorways 24/7 would be the most cost-effective way to save lives on the road today, though I can't immediately find it.

    For the same reason, there is often a good argument for using brighter headlights on cars. Typical headlights of a few years ago didn't necessarily provide enough illumination out to a safe stopping distance for high speed travel, even for skilled drivers, with good vision, driving within the speed limit, in capable vehicles, on a straight road, in good weather. Obviously in practice that's a rare combination, and worsening any of those criteria only increases the need for better illumination. If nothing else, we have much better understanding of the visual limitations of older drivers now, particularly the dramatic reduction in how much light gets through as people get older.

    That said, your point about being blinded by other cars' headlights is a very serious concern, and I totally agree with you that it's a problem that needs addressing as a priority. Personally, I'm hopeful that the current trend in adaptive lighting, where lights are directed differently as driving conditions change, will allow us to continue using brighter and wider beams, but without allowing them to drift up to the point where they will dazzle other drivers.

    There also seems to be research going on into adaptive materials that might be used in vehicle windscreens or night-driving glasses that would act as a filter for exceptionally bright lights, and even into HUDs that actively highlight hard-to-see dangers in low-light conditions based on thermal imaging, RADAR, and other cool toys. Given that there is a lot of money to be made in improving road safety, aside from the obvious social desirability of doing so, I suspect if we look back on this discussion in ten years the night driving technology that is starting to appear on high-end vehicles today will seem like something from (if you'll excuse the pun) the dark ages.

  25. Re:... that content makers demand. on Proposed Video Copy Protection Scheme For HTML5 Raises W3C Ire · · Score: 1

    I agree the groups are not mutually exclusive. I am an existence proof for the overlap myself: as a consumer, I am generally not in favour of DRM because it so often goes wrong in practice, but I will use (and pay for) DRM'd content where I consider the ratio of benefit to risk of getting screwed is (very) high. Similarly, as a producer I would prefer not to use DRM on services I offer because it never offers any direct benefit to honest customers and almost inevitably has some risk of interfering with their enjoyment, but I do accept that there are useful business models (for both producer and consumer) that realistically require some kind of DRM to be commercially viable, at least for now.

    That said, I think it is still reasonable to assume that those vehemently objecting to this standardisation process are a small minority of the Internet-using public, while those who consume DRM'd content are a substantial majority. Given that we're debating whether something is significant enough to justify standardisation and the effort for browser makers to support the new standard, I think the number of people using it (or, if you prefer, to proportion of the user base using it) is the most important consideration.