I have heard it suggested that sampling certain types of electrical/electronic/magnetic properties of the computer and synthesizing them (probably with a similarly random weighting) into a key could produce a truly random key.
Mind you, this is not exactly algorithmic... this involves data sampling from the physical univers.
I'm still waiting until we discover that _everything_ has an underlying pattern... then who'll be laughing last? *heh*
If you want to be served graphics over a link, and want responsiveness and resolution, then you will require a high speed connection. Add to that the thought that if you plan to have a virtual desktop encompassing a large data store, you're talking about having this on-line somewhere and again you are talking about a good high speed connection. And of course, storage space.
For many of us , good high-speed connections are still the holy grail and things like VNC sort of work over the Internet, but if your server machine goes away, suddenly you don't have access to your data, etc. and over a slow link, VNC is kind of choppy.
As the ubiquity of high speed links grows, and the cost of on-line storage and access goes down, and as the feasibility of decent data-security goes up, this kind of idea should become more generally interesting. It isn't a bad idea now... it just isn't a terribly viable business for anyone to get into yet I don't expect.
There isn't that much difference between typical keyboard noise and crunching chips or popcorn if you ask me
No, it's the guy yelling into his throatmike to his teammates or who screams and curses when he gets railgunned in the middle of a soft sentimental moment in the movie that might be disturbing.
Mostly it would bug me cause I wouldn't have been the one having the joy of fragging him.....
Sometimes, just sometimes, one gets trapped attending a movie for reasons not directly related to ones desire to see it. The ability to be there while "not being there" might be handy on those occasions. Of course, it would probably get the thumbs down from the PowersThatForceOneToGo....
If you have no idea why you'd go see something that makes you yawn, visit dictionary.com and check our the word "relationship"....;)
To try something like a server-side permitted originator list? That way the downstream bandwidth from the SMTP destination to the client wouldn't be burnt up and the SMTP server could return errors to someone trying to send to a destination which had not authorized them.
Yes, this would put some sort of list of who your friends are server-side. A bit of a privacy issue I'd guess (not that having all your e-mail readable might not put that to shame!).
It might also take a bit more work on behalf of the SMTP server, but I don't think this would be a crippling level of work.
Of course, the _other_ option is locating spammers and dropping 1000 lb. LGBs on their locations. That'd fix their wagons....
... and it would redefine the term "mail-bombing"....
In all liklihood, I expecttype and quality of sleep will ultimately turn out to be a strong predictor of health, but not the absolute quantity
Probably the case. I have to admit one of the best rests I ever had was sleeping on a beach in Varadero (or in a hammock) with a nice 27 C temp and a lovely sea breeze (and having just had a lovely meal and dos cervezas!). That 2 hour nap probably refreshed me more than many 7-8 hour nights at home.
is that health people require less sleep than people with chronic illness
This just shows that things aren't cut and dried either. Though I totally agree with your comment, I'd like to point out that some manic people (or manic-depressive) can go through very active phases and require very little sleep. Yet they are not entirely well.
One theory I had heard suggested this is a form of illness that befell Winston Churchill during WW2 (and the Blitz particularly). And the claim was made that his inexhaustible energy was part of what kept Britain glued together and probably could not have been supplied by a normal,healthy individual.
Humans are pretty complex.... jumping from datum to conclusion is often like trying a triple jump on a bed of nails... kind of likely to be painful.
I'd have to question the "safer than alcahol" comment. Mild intake of alcahol posses little health risk to anyone with a half-decent lifestyle. Even for a lot of less-than-perfect lifestyles, a glass or two of wine or beer a day (beer not so good, too many calories) or even a shot or two will be a good thing.
Aspirin, depending on the age and other medical conditions, can cause a variety of unpleasant side effects. Now, admittedly, the amount of aspirin we're talking about for a daily dose is low so probably presents no significant risk if you don't have a sensibility or some other health issues.
Both thin the blood. Alcohol is (I beleive) also supposed to drop your blood cholestorol level. I know my doctor suggested that I could take a drink a day (gotta love a prescription I enjoy!) and I find it preferable to taking aspirin (far tastier).
The parent poster has hit it on the head. Even a freely given effort should be of high quality. Since when is a desire for a quality result a BAD thing? Since when is having standards a BAD thing?
Sure, sometimes people don't produce the best possible result. But if they try to, most of us are willing to let that go. This current set of mods to SF's terms of use falls under the category of NOT TRYING.
A privacy policy with wiggle room is NOT a privacy policy with any merit. Either your personal privacy is protected or it is not. There is no grey area here.
The only purpose for installing loopholes and change-without-warning clauses is that so one day you can use them. Saying they won't use them is utterly fatuous thinking. If the loophole wasn't there, they would be UNABLE to use it, ergo their would be no danger. If the loophole is there and they are ABLE to use it, there is a chance that one day it will be used in an unpleasant fashion.
I realize that few things in life are free. But watching the gradual erosion of SF and other projects is painful.
I myself run a small website, but I *pay for it* and thus am not compelled to display ad streams. And we do have a privacy policy and we (me and my co-developer) would not allow the site to go up without a strong privacy policy. Additionally we explicitly outline the rights of contributors and the site editors. There are no illusions or wiggle room lawyers clauses. But then, we would sooner amputate ourselves at the knees than have our use and privacy policies written by lawyers....
And one last aside: Whether I code for open source or not, whether I host open source or not... none of that speaks to my ability to criticize something I perceive as distasteful. Don't commit an ad hominem against someone who criticises this change and say "What have you done for us lately?". The criticism either stands on its own merits or not, and that merit is NOT determined by what the critic has personally contributed or failed to.
If I use an , then I'm only doing the eqiuvalent of providing a direct way to hop to the illustration on page 32 of your book without reading the rest of the book.
This would be like someone walking in to the library, flipping the book open to that page, looking at the image, then leaving. This is NOT illegal. And yet the image is copyrighted.
So by providing a link to it, all I provide is directions of how to get to it quickly. This isn't like displaying the image (by downloading it and presenting it on my page as a mirror). That would be like copying the page in the book and putting it in my own book. That is wrong.
Now, having objected to your analogy, I'd point out that it isn't usually hard to get permission to use things. As the owner of a website that tries to have appropriate behaviours, I always ask contributors or people whose work I wish to use for explicit written permission and usually get their review of an article encompassing their work before publicly linking to it (and if I'm to host their content, I make sure we both understand that and we have a submission policy that covers the rights we reserve and which we leave in the hands of the author). This removes a lot of the problems.
Now, admittedly no modern episodes have reached the scale of the Holocaust, but look at what has been going on the the states of the former Yugoslavia, in Rwanda, in the Northern parts of Iraq with the Kurds, and in other areas and you'd have to say that the concept of ethnic cleansing (same old horror, new buzzword) is alive and prospering.
It isn't a matter of if this happens, just if anyone takes notice and does anything about it. A lot of these get written off as "internal matters" or "civil wars" (oxymoron such as that is). The day that the international community stops excusing and allowing genocide under the guise of non-interference in the politics of nations is a day I'm not holding my breath waiting for. It would make for a much more palatable world if every innocent life had the same value, but to date there seems to be little data to support such a claim.
That's what a lot of geek computers already look like, never having the case closed because they are constantly in some state of modification or alteration!
At times of war, such as now, we have to be the best and on our toes. The enemy and the evil that lives in the middle east are devious and cunning. They have no regard for human lives (as we sadly remember from a few months back), they are not human and they advocate religions of pure violence.
I'm trying to imagine a more inflammatory beginning. It actually strains the mind to do so. Pure violence? PURE 100% VIOLENCE? They are not human? Did this philosophy come out of a crackerjack box? The thinking behind it obviously did.
And you posted as an AC because obviously either the user registration process is beyond you or you are afraid to stand up for what you (supposedly) believe. That's just lovely.
When you grow up, you can come join the rest of us who realize life isn't entirely binary (black/white, on/off, good/evil) and that how you think about other people says a lot about who you are, then come back and join the discussion. And feel free to stand up and be counted by name.
Then maybe you'll be able to contribute to the discussion in an adult fasion. There are those who actually understand that the enemies of our way of life _are_ entirely human and this is the greatest part of the tragedy. It'd be really convenient to kick them out of the species, but life don't work that way.
God, that kind of rubbish makes me ill. But I guess that makes for a great trolling, now doesn't it? I only hope you're a slashtroll, because if you aren't, you've got some serious psychological damage.
I'd rather have one-click shopping for all of my patch needs so that I can spend more time writing code or playing Quake. MS understands this.
Oh good! 1 click to the latest MS Insecurity Patch!
I'm not inately against one click patching, but to suggest that Linux can't do it and Windows gets it right (seems to be what you're implying) while ignoring the side effects of some of MS more hysterical patches is somewhat like putting the cart before the horse. When MS can deliver security (of at least a reasonable degree) along with its patching capabilites and other neat ideas, then it'll be something impressive. Until then, it'll just be another Security Chasm waiting to be installed.
Whereas I agree with the sentiment that these are application bugs and app bugs can't be blamed on the OS, one _can_ take the OS to task for failing to adequately protect itself (ie allowing the applications to do horrible things to it).
Things like MAPI are a lovely opportunity for crapulent software apps to make the OS perform in a similarly crapulent fashion. Is this good OS design? This is like the question of whether it is solely the criminal to blame when your house with the doors open and windows flung wide is burgled.... yes of course we blame the crook! But does that make your security practice laudible? I think not.
Yes, I did. You'll note my principal security focus was on the INTELLECTUAL PROPERTY issue, not run-time security. They are very different considerations. Codebase security and system integrity are both valid concerns, but different.
You'll also note I did not _recommend_ disabling run-time bounds checking, I just pointed out that it is an option if you absolutely NEED THE SPEED. Obviously, you'd have to decide if you were willing to undertake the inherent risks in disabling this kind of check. In some cases, this may be necessary. (Though again, why you'd be using Java in these circumstances is a question - writing MMORPG technology isn't hard real-time though there are serious performance benchmarks).
BTW, disabling run-time bounds checking on all-arrays does not mean you don't have any security. It just removes the "father knows best" work in the JVM and the compiler into the hands of the programmer. One can still be careful with how one accesses strings (for example using some secure string classes). One does not NEED to have the system do the work for him or her. And there may be times you need every processor cycle. If having the system run-time check array bounds is expensive enough to cause a critical failure in my system, and I can't sell it, then it really doesn't matter how secure it is.
Also, I'd like to point out that using strncpy() in C and a number of other sensible precautions have existed for years, and C/C++ programmers still _routinely_ don't bother.
There are two ways to have security: Have the OS do it for you (Do you enjoy the sandbox? Works well, can't do much in it!) or having conscientious and well-trained programmers. Since there hasn't been much emphasis on security in programming courses at Colleges, Universities and trade schools, this lack of attention is scarcely surprising. But is the solution better educated programmers or paternalistic tools? I know which I'd choose, just in case the tool isn't designed to handle something a well educated programmer might catch.
And BTW, I made an exception this once to talk to an AC. You were motivated enough to comment, so I assume laziness isn't the shortcoming. So I'll have to assume you don't like to stand up for things you say....
Huge.dlls? I didn't find the JET embedded JVM to be terribly huge. Of course, our app runs at somewhere between 30 and 60 Mb of memory usage and disk space waaaay beyond that. So I wasn't looking at it for size as a primary concern. The in-memory footprint was smaller than when running the HotSpot VM. The disk space hit just doesn't seem like an issue anymore. But, YMMV.:)
That might not merit any kind of identification as a "new thing" as I think that goes back a year or two.
On another note:
It's just a pity the massive trolling going on tonight (not by the parent of this, I'm just too lazy to submit the complaint separately) is a sign of some people's vast need to get a life.
First, I have to identify that we (my company) do use the JET byte->native compiler by Excelsior. Good product, I've recommended it to others and they've had success with it too. In our case, it produced a 10-15% speed increase, some in-memory size savings, and it had one huge advantage missing from the byte code: SECURITY!
After experimentation, I'm pretty convinced that the decompilers on the market that work on obfuscated byte code KICK THE CRAP OUT OF THE OBFUSCATORS. The long and the short of it is the decompiled code is pretty decipherable.
If you want to protect your IP (Intellectual Property), that's not a good thing. In fact, that might be (if you are in a competitive arena) a VeryBadThing(TM). The native code (especially optimized native code) is far harder to effectively decompile into something usefully readable which crackers and script kiddies can abuse or which competitors can peruse. This benefit alone makes it worth going this route if you can.
One of the other things the article missed:
It didn't devote much thought to the settings and optimizations these compilers provide. The Excelsior compiler (by example, I looked at Bullet Train and some others before we picked Excelsior) provides ways to disable certain safety checks (like array bounds checks) for extra speed. If you're in a fairly aggressive environment with some pretty significant timing issues (I won't say hard realtime, because anyone doing hard realtime should be using something like QNX), you will find that even these small gains may be useful (and the risks they introduce acceptible). But the article didn't even hint at these possibilities.
So, if you want to build something that is less likely to be cracked or examined, this type of tool is the way to go. Excelsior, for example, is fairly easy to setup. I did get some help from their guys, but only because our product includes OpenGL, QuickTime, a bunch of XML parser stuff, DirectX, sound support, UI, etc. - a whole pile of external dependencies. The buddy I recommended it to had his project up in going in half an hour or so, with a more modest project (but still a useful, full fledged app with GUI).
Undoubtedly, these won't solve all your ills and they may introduce some new difficulties in bug hunting (though some of the new debuggers coming out with these products are very neat also). So you will want to look at what you need, what your concerns are (security, speed, cross platform deployment, etc) and decide accordingly.
Now replay the scene where Maul lights the second blade - as if you _didn't_ know he had one from the trailer. That could have been a "holy f*cking sh*t!!!" moment that would have made the entire film.
Terminator II was much the same. If you look at the way it was filmed, you'll realize that up until the T1000 and T800 go at each other to save Sarah Connor's son (name escapes me), you don't know that Arnie is a good guy. He walks like the original T1000, talks like him, and as you see him coming down the corridor discarding the box of roses to pull out his shotgun, you would have _assumed_ he was the same bad-ass-bastard come to whack the young'un. Until the other guy and he started going at it, and then you'd have said "WTF?" and the movie would have been a neater experience. But the trailers sold that hold plot device.... I hate people who make movie trailers or write novel covers... they either are so formulaic as to be painful or they spit out the whole story or they do both.
I'd mod the trailers that are produced like that -1 Revealing....
The one I saw up here in the Frozen Ass North (or not so Frozen this year!) looked like a trailer for some sort of (ick!) romantic drama rather than a kick-keister-and-take-names sci-fi action flick....
Re:The problem isn't always getting up there
on
Apollo 1
·
· Score: 2
Precisely. As I understand it (I'm a CompSci type with some EE background, not some PhysDude), it is hard to radiate heat because you lack anything to radiate it into (some thought of emitting heat as a wave of some kind, but the rate of radiation is really cut down because of the lack of a medium (matter) to transfer heat to).
The gravity effects are scary. You can (in theory) put in spin-habs and such and there are fancy treadmills that help the astronauts keep up bone density, but I don't know if they've gotten over some of the effects like the immune system depression. (I think I read about that in an Analog issue a while ago).
Let us just say space is nasty. The sea floor is nasty. The antarctic is nasty. Other planets will be nasty. But overcoming such challenges is part of the path to progress and growth. And at least it will never be boring!:)
Slashdot Mirror
I have heard it suggested that sampling certain types of electrical/electronic/magnetic properties of the computer and synthesizing them (probably with a similarly random weighting) into a key could produce a truly random key.
Mind you, this is not exactly algorithmic... this involves data sampling from the physical univers.
I'm still waiting until we discover that _everything_ has an underlying pattern... then who'll be laughing last? *heh*
If you want to be served graphics over a link, and want responsiveness and resolution, then you will require a high speed connection. Add to that the thought that if you plan to have a virtual desktop encompassing a large data store, you're talking about having this on-line somewhere and again you are talking about a good high speed connection. And of course, storage space.
For many of us , good high-speed connections are still the holy grail and things like VNC sort of work over the Internet, but if your server machine goes away, suddenly you don't have access to your data, etc. and over a slow link, VNC is kind of choppy.
As the ubiquity of high speed links grows, and the cost of on-line storage and access goes down, and as the feasibility of decent data-security goes up, this kind of idea should become more generally interesting. It isn't a bad idea now... it just isn't a terribly viable business for anyone to get into yet I don't expect.
There isn't that much difference between typical keyboard noise and crunching chips or popcorn if you ask me
No, it's the guy yelling into his throatmike to his teammates or who screams and curses when he gets railgunned in the middle of a soft sentimental moment in the movie that might be disturbing.
Mostly it would bug me cause I wouldn't have been the one having the joy of fragging him.....
Sometimes, just sometimes, one gets trapped attending a movie for reasons not directly related to ones desire to see it. The ability to be there while "not being there" might be handy on those occasions. Of course, it would probably get the thumbs down from the PowersThatForceOneToGo....
;)
If you have no idea why you'd go see something that makes you yawn, visit dictionary.com and check our the word "relationship"....
To try something like a server-side permitted originator list? That way the downstream bandwidth from the SMTP destination to the client wouldn't be burnt up and the SMTP server could return errors to someone trying to send to a destination which had not authorized them.
... and it would redefine the term "mail-bombing"....
Yes, this would put some sort of list of who your friends are server-side. A bit of a privacy issue I'd guess (not that having all your e-mail readable might not put that to shame!).
It might also take a bit more work on behalf of the SMTP server, but I don't think this would be a crippling level of work.
Of course, the _other_ option is locating spammers and dropping 1000 lb. LGBs on their locations. That'd fix their wagons....
In all liklihood, I expecttype and quality of sleep will ultimately turn out to be a strong predictor of health, but not the absolute quantity
Probably the case. I have to admit one of the best rests I ever had was sleeping on a beach in Varadero (or in a hammock) with a nice 27 C temp and a lovely sea breeze (and having just had a lovely meal and dos cervezas!). That 2 hour nap probably refreshed me more than many 7-8 hour nights at home.
is that health people require less sleep than people with chronic illness
This just shows that things aren't cut and dried either. Though I totally agree with your comment, I'd like to point out that some manic people (or manic-depressive) can go through very active phases and require very little sleep. Yet they are not entirely well.
One theory I had heard suggested this is a form of illness that befell Winston Churchill during WW2 (and the Blitz particularly). And the claim was made that his inexhaustible energy was part of what kept Britain glued together and probably could not have been supplied by a normal,healthy individual.
Humans are pretty complex.... jumping from datum to conclusion is often like trying a triple jump on a bed of nails... kind of likely to be painful.
I'd have to question the "safer than alcahol" comment. Mild intake of alcahol posses little health risk to anyone with a half-decent lifestyle. Even for a lot of less-than-perfect lifestyles, a glass or two of wine or beer a day (beer not so good, too many calories) or even a shot or two will be a good thing.
Aspirin, depending on the age and other medical conditions, can cause a variety of unpleasant side effects. Now, admittedly, the amount of aspirin we're talking about for a daily dose is low so probably presents no significant risk if you don't have a sensibility or some other health issues.
Both thin the blood. Alcohol is (I beleive) also supposed to drop your blood cholestorol level. I know my doctor suggested that I could take a drink a day (gotta love a prescription I enjoy!) and I find it preferable to taking aspirin (far tastier).
The parent poster has hit it on the head. Even a freely given effort should be of high quality. Since when is a desire for a quality result a BAD thing? Since when is having standards a BAD thing?
Sure, sometimes people don't produce the best possible result. But if they try to, most of us are willing to let that go. This current set of mods to SF's terms of use falls under the category of NOT TRYING.
A privacy policy with wiggle room is NOT a privacy policy with any merit. Either your personal privacy is protected or it is not. There is no grey area here.
The only purpose for installing loopholes and change-without-warning clauses is that so one day you can use them. Saying they won't use them is utterly fatuous thinking. If the loophole wasn't there, they would be UNABLE to use it, ergo their would be no danger. If the loophole is there and they are ABLE to use it, there is a chance that one day it will be used in an unpleasant fashion.
I realize that few things in life are free. But watching the gradual erosion of SF and other projects is painful.
I myself run a small website, but I *pay for it* and thus am not compelled to display ad streams. And we do have a privacy policy and we (me and my co-developer) would not allow the site to go up without a strong privacy policy. Additionally we explicitly outline the rights of contributors and the site editors. There are no illusions or wiggle room lawyers clauses. But then, we would sooner amputate ourselves at the knees than have our use and privacy policies written by lawyers....
And one last aside: Whether I code for open source or not, whether I host open source or not... none of that speaks to my ability to criticize something I perceive as distasteful. Don't commit an ad hominem against someone who criticises this change and say "What have you done for us lately?". The criticism either stands on its own merits or not, and that merit is NOT determined by what the critic has personally contributed or failed to.
If I use an image source link, then I'm only
:(
DOH! tried to put this in angle brackets and of course it disappears....
I think you missed a key item here, Xerithane.
If I use an , then I'm only doing the eqiuvalent of providing a direct way to hop to the illustration on page 32 of your book without reading the rest of the book.
This would be like someone walking in to the library, flipping the book open to that page, looking at the image, then leaving. This is NOT illegal. And yet the image is copyrighted.
So by providing a link to it, all I provide is directions of how to get to it quickly. This isn't like displaying the image (by downloading it and presenting it on my page as a mirror). That would be like copying the page in the book and putting it in my own book. That is wrong.
Now, having objected to your analogy, I'd point out that it isn't usually hard to get permission to use things. As the owner of a website that tries to have appropriate behaviours, I always ask contributors or people whose work I wish to use for explicit written permission and usually get their review of an article encompassing their work before publicly linking to it (and if I'm to host their content, I make sure we both understand that and we have a submission policy that covers the rights we reserve and which we leave in the hands of the author). This removes a lot of the problems.
Now, admittedly no modern episodes have reached the scale of the Holocaust, but look at what has been going on the the states of the former Yugoslavia, in Rwanda, in the Northern parts of Iraq with the Kurds, and in other areas and you'd have to say that the concept of ethnic cleansing (same old horror, new buzzword) is alive and prospering.
It isn't a matter of if this happens, just if anyone takes notice and does anything about it. A lot of these get written off as "internal matters" or "civil wars" (oxymoron such as that is). The day that the international community stops excusing and allowing genocide under the guise of non-interference in the politics of nations is a day I'm not holding my breath waiting for. It would make for a much more palatable world if every innocent life had the same value, but to date there seems to be little data to support such a claim.
And if you knew where and when the meeting took place, we'd never know anything about the contents.
That's what a lot of geek computers already look like, never having the case closed because they are constantly in some state of modification or alteration!
At times of war, such as now, we have to be the best and on our toes. The enemy and the evil that lives in the middle east are devious and cunning. They have no regard for human lives (as we sadly remember from a few months back), they are not human and they advocate religions of pure violence.
I'm trying to imagine a more inflammatory beginning. It actually strains the mind to do so. Pure violence? PURE 100% VIOLENCE? They are not human? Did this philosophy come out of a crackerjack box? The thinking behind it obviously did.
And you posted as an AC because obviously either the user registration process is beyond you or you are afraid to stand up for what you (supposedly) believe. That's just lovely.
When you grow up, you can come join the rest of us who realize life isn't entirely binary (black/white, on/off, good/evil) and that how you think about other people says a lot about who you are, then come back and join the discussion. And feel free to stand up and be counted by name.
Then maybe you'll be able to contribute to the discussion in an adult fasion. There are those who actually understand that the enemies of our way of life _are_ entirely human and this is the greatest part of the tragedy. It'd be really convenient to kick them out of the species, but life don't work that way.
God, that kind of rubbish makes me ill. But I guess that makes for a great trolling, now doesn't it? I only hope you're a slashtroll, because if you aren't, you've got some serious psychological damage.
I'd rather have one-click shopping for all of my patch needs so that I can spend more time writing code or playing Quake. MS understands this.
Oh good! 1 click to the latest MS Insecurity Patch!
I'm not inately against one click patching, but to suggest that Linux can't do it and Windows gets it right (seems to be what you're implying) while ignoring the side effects of some of MS more hysterical patches is somewhat like putting the cart before the horse. When MS can deliver security (of at least a reasonable degree) along with its patching capabilites and other neat ideas, then it'll be something impressive. Until then, it'll just be another Security Chasm waiting to be installed.
Whereas I agree with the sentiment that these are application bugs and app bugs can't be blamed on the OS, one _can_ take the OS to task for failing to adequately protect itself (ie allowing the applications to do horrible things to it).
Things like MAPI are a lovely opportunity for crapulent software apps to make the OS perform in a similarly crapulent fashion. Is this good OS design? This is like the question of whether it is solely the criminal to blame when your house with the doors open and windows flung wide is burgled.... yes of course we blame the crook! But does that make your security practice laudible? I think not.
Yes, I did. You'll note my principal security focus was on the INTELLECTUAL PROPERTY issue, not run-time security. They are very different considerations. Codebase security and system integrity are both valid concerns, but different.
You'll also note I did not _recommend_ disabling run-time bounds checking, I just pointed out that it is an option if you absolutely NEED THE SPEED. Obviously, you'd have to decide if you were willing to undertake the inherent risks in disabling this kind of check. In some cases, this may be necessary. (Though again, why you'd be using Java in these circumstances is a question - writing MMORPG technology isn't hard real-time though there are serious performance benchmarks).
BTW, disabling run-time bounds checking on all-arrays does not mean you don't have any security. It just removes the "father knows best" work in the JVM and the compiler into the hands of the programmer. One can still be careful with how one accesses strings (for example using some secure string classes). One does not NEED to have the system do the work for him or her. And there may be times you need every processor cycle. If having the system run-time check array bounds is expensive enough to cause a critical failure in my system, and I can't sell it, then it really doesn't matter how secure it is.
Also, I'd like to point out that using strncpy() in C and a number of other sensible precautions have existed for years, and C/C++ programmers still _routinely_ don't bother.
There are two ways to have security: Have the OS do it for you (Do you enjoy the sandbox? Works well, can't do much in it!) or having conscientious and well-trained programmers. Since there hasn't been much emphasis on security in programming courses at Colleges, Universities and trade schools, this lack of attention is scarcely surprising. But is the solution better educated programmers or paternalistic tools? I know which I'd choose, just in case the tool isn't designed to handle something a well educated programmer might catch.
And BTW, I made an exception this once to talk to an AC. You were motivated enough to comment, so I assume laziness isn't the shortcoming. So I'll have to assume you don't like to stand up for things you say....
Huge .dlls? I didn't find the JET embedded JVM to be terribly huge. Of course, our app runs at somewhere between 30 and 60 Mb of memory usage and disk space waaaay beyond that. So I wasn't looking at it for size as a primary concern. The in-memory footprint was smaller than when running the HotSpot VM. The disk space hit just doesn't seem like an issue anymore. But, YMMV. :)
That might not merit any kind of identification as a "new thing" as I think that goes back a year or two.
On another note: It's just a pity the massive trolling going on tonight (not by the parent of this, I'm just too lazy to submit the complaint separately) is a sign of some people's vast need to get a life.
First, I have to identify that we (my company) do use the JET byte->native compiler by Excelsior. Good product, I've recommended it to others and they've had success with it too. In our case, it produced a 10-15% speed increase, some in-memory size savings, and it had one huge advantage missing from the byte code: SECURITY!
After experimentation, I'm pretty convinced that the decompilers on the market that work on obfuscated byte code KICK THE CRAP OUT OF THE OBFUSCATORS. The long and the short of it is the decompiled code is pretty decipherable.
If you want to protect your IP (Intellectual Property), that's not a good thing. In fact, that might be (if you are in a competitive arena) a VeryBadThing(TM). The native code (especially optimized native code) is far harder to effectively decompile into something usefully readable which crackers and script kiddies can abuse or which competitors can peruse. This benefit alone makes it worth going this route if you can.
One of the other things the article missed:
It didn't devote much thought to the settings and optimizations these compilers provide. The Excelsior compiler (by example, I looked at Bullet Train and some others before we picked Excelsior) provides ways to disable certain safety checks (like array bounds checks) for extra speed. If you're in a fairly aggressive environment with some pretty significant timing issues (I won't say hard realtime, because anyone doing hard realtime should be using something like QNX), you will find that even these small gains may be useful (and the risks they introduce acceptible). But the article didn't even hint at these possibilities.
So, if you want to build something that is less likely to be cracked or examined, this type of tool is the way to go. Excelsior, for example, is fairly easy to setup. I did get some help from their guys, but only because our product includes OpenGL, QuickTime, a bunch of XML parser stuff, DirectX, sound support, UI, etc. - a whole pile of external dependencies. The buddy I recommended it to had his project up in going in half an hour or so, with a more modest project (but still a useful, full fledged app with GUI).
Undoubtedly, these won't solve all your ills and they may introduce some new difficulties in bug hunting (though some of the new debuggers coming out with these products are very neat also). So you will want to look at what you need, what your concerns are (security, speed, cross platform deployment, etc) and decide accordingly.
I just wonder where we'll recruit a crew of gung-ho fighters with the classic Big Eyes, Small Mouth syndrome....
Now replay the scene where Maul lights the second blade - as if you _didn't_ know he had one from the trailer. That could have been a "holy f*cking sh*t!!!" moment that would have made the entire film.
Terminator II was much the same. If you look at the way it was filmed, you'll realize that up until the T1000 and T800 go at each other to save Sarah Connor's son (name escapes me), you don't know that Arnie is a good guy. He walks like the original T1000, talks like him, and as you see him coming down the corridor discarding the box of roses to pull out his shotgun, you would have _assumed_ he was the same bad-ass-bastard come to whack the young'un. Until the other guy and he started going at it, and then you'd have said "WTF?" and the movie would have been a neater experience. But the trailers sold that hold plot device.... I hate people who make movie trailers or write novel covers... they either are so formulaic as to be painful or they spit out the whole story or they do both.
I'd mod the trailers that are produced like that -1 Revealing....
The one I saw up here in the Frozen Ass North (or not so Frozen this year!) looked like a trailer for some sort of (ick!) romantic drama rather than a kick-keister-and-take-names sci-fi action flick....
Precisely. As I understand it (I'm a CompSci type with some EE background, not some PhysDude), it is hard to radiate heat because you lack anything to radiate it into (some thought of emitting heat as a wave of some kind, but the rate of radiation is really cut down because of the lack of a medium (matter) to transfer heat to).
:)
The gravity effects are scary. You can (in theory) put in spin-habs and such and there are fancy treadmills that help the astronauts keep up bone density, but I don't know if they've gotten over some of the effects like the immune system depression. (I think I read about that in an Analog issue a while ago).
Let us just say space is nasty. The sea floor is nasty. The antarctic is nasty. Other planets will be nasty. But overcoming such challenges is part of the path to progress and growth. And at least it will never be boring!