strcat() and strcpy() are O(n), but the constant is much smaller, since you don't iterate either string, you just malloc and then memcpy. One strlen() is fast. But since you end up doing it almost every time you do anything usefull with null terminated strings, you're burning alot of cycles. And when you screw up a strcpy() or something, and end up with a string without the terminating null, well, thats a bad thing.
Most string classes (at least, every one I've ever seen) does store length data, for exactly the same reason. However, because the compiler still transforms string literals into null terminated strings, you still end up messing with them, and there's not really much you can do about that. Adding a string type (have a compiler switch?) would allow you to avoid that - note that you can still use null terminateds just fine, adding a string type doesn't remove your char arrays.
I'm not sure how you see a performance decrease form using these types of strings - in every case they will be at least as fast as null terminated ones.
Pascal strings. The length of the string is stored in the first byte, with the rest of the string following. This limits you to 255 characters in length, but means you don't have to be looping over strings looking for nulls all the time. strlen() is a single instruction. strcat() can be done in O(1) time. Buffer overflows go away (well, mnostly).
You don't, and in fact can't, deal with page faults in your Java program. Nonetheless, your java program will suffer a performance hit when it page faults. Thats a leaky abstraction.
I believe he was talking more generically, and he's also totally correct about why XML is inefficent, or are you claiming that parsing an XML template is somehow faster than accessing an offset in a binary file?
Templates kick ass, but, at some level, no matter what, you're dealing with the overhead of null terminated strings. A native string type would allow you to avoid this, and doesn't invalidate the coolness of templates.
I had this exact problem when I was trying to learn to use the MFC for gui programming. Could have been partly an issue with the class I was taking, I suppose, but it's a pretty consistent problem in all the books I've seen. It's _hard_ to make the MFC work, and it's easy to break it. The wizards that the IDE want's you to use, general obfuscated (and hidden) code, so unless you already know how to do it all from scratch, you don't know what the IDE is doing. Which would be fine, except that it's easy to screw stuff up, so you then have to fight with the IDE to tell you what the hell it generated, so you can find out where it's breaking.
Well, not really, since string literals are always null terminated strings, so you're always forced to deal with that. And null terminated strings suck. Using pascal strings would have been a better solution, imo - sure, they have arbitrary limits on string size. But so do int's, and you can still abstract a string class to provide arbitrary length strings if you want.
No, you can't. Your abstraction will not be perfect, otherwise you wouldn't need to abstract it. If it's not perfect, it will eventually break. If it breaks, then you need to know how it works to fix it. Someone who's never seen C and who doesn't know what a null terminated string is will be totally incapable of fixing a buffer overrun in the Java libraries. He's not saying we should all use C because abstractions leak. He's saying that when we teach people how to code, we shouldn't ignore the low level. His point about 2-dimensional arrays is one of the best, yet he kinda skipped over it - you can abstract a 2d array all you want to make it easy to work with, but it will be far more efficent when used one way than when used another - and the which way it is will depend on your system, and compiler, and a variety of other things. And if you want to fix problems like that, you need to know how the low levels work.
Well, again, all you're saying is that, as a parent, you are incapable or unwilling to be present when your child uses the internet. If thats the case, then nothing more need be said.
As for how effective it needs to be, the false positive rate needs to be minimal (something that people generally don't require from spam filters, and which is certainly not the case in ANY existing blocking package) and it needs to be trivial to correct false positives, which again is not a feature in any package I'm aware of. On the other hand, if the true positive rate isn't a very high number, much higher than the rate people require from a spam filter, then the software may as well not be there.
On a further note, spam filters are generally customized to one persons needs, or a small group of people - not for the general public. That allows whoever is using them to make thier own decisions about what is spam, what isn't, and what level of false positive/false negative is acceptable.
You also did read those articles you linked to, since neither of them say that the ACLU opposes libraries blocking porn - just as I said, they oppose them being REQUIRED to block porn. And while the article doesn't go into detail, thier arguments in this case are more or less the same as mine. The ALA takes a somewhat stricter stance, which seems to be that at least some form of unblocked access needs to be available (although not to minors, note that limits based on age or legal emancipation are fine), which, again, I agree with although I'm not as hardline about it.
I'm always suspicious of any law or bill or regulation thats presented as being for the protection of children. Sometimes it's legitimate. Sometimes, the lawmaker is well-meaning and there's no hidden agenda. I would have to be shown a distinct gain for society before I would accept any bill that proposes to limit rights, and in the case of free speach, my personal bar is even higher. It's not speculation that filtering software is insufficent, it's an informed professional opinion. As for whether it's a problem - well, yeah, it's speculation that it's not. And I speculate again that any problems that DO occur can easily be solved without blocking software. If you have actual documented cases where it's impossible for other means of controlling access to be used (public terminals, librarian present, restrict access to adults), along with a documented history of porn viewing there being a "problem" - that is, that porn viewing was frequent and blatant enough that a signifigant amount of people were bothered and/or harmed by it, or that it prevented other people from accessing library resources - then I'll listen to you.
SPEWS blocks my IP, which is a cable modem dynamic IP. I have no idea if it's because my ISP doesn't crack down on spammers or what, but considering that it is (literally) my only choice for broadband, it's fairly annoying.
Just because something is loosely defined does not mean there can be no objectivity when dealing with it.
This is exactly why an objective filter (software) cannot be relied upon. Your definition would include the vast majority of modern television, commercials, and womens magazines.
Note in all this that I'm not objecting to libraries blocking porn, or even blocking anything they want - I'm against the flat mandate that they MUST block porn. To my knowledge, there is no filtering software available with is both a) more than minimally effective and b) provides an open blacklist and c) who is not known to block sites that are in no way pornographic.
I could care less if I can get porn at a library. However, I do not want anyone outside the local community deciding what appropriate content (for anyone!) to view is. I especially don't want a for-profit company to be deciding, since all the major censorware providers don't just limit themselves to pornography/violence/the other things they're supposed to block. I think it's unreasonable to put the (enormous) administrative task of administering a blacklist onto local librarians, when it's much more effective to simply have unblocked computers readily available. Give people some credit. More importantly, make them take some responsibility. Libraries are not there so you can dump your kids at them. Libraries are not there so teenagers can get off looking at porn - hell, considering how public the terminals are at most libraries, I doubt that this has EVER been a real problem at any library ever. But it sure makes for good campaign fodder.
It all depends on how you're gonna look at it. How about automagic installation of applications, complete with dependency checking? apt fulfills all the functions of windows update and MSI combined, and, to my knowledge, pre-dates (at least working implementations of) both of them. How about Jabber? Microsoft doesn't have anything like a generic, protocol neutral IM framework.
I think the issue here is that there's a pretty signifigant difference in the nature of OS vrs. MS (and perhaps closed source in general) "innovation". Open source projects are more likely to do something new within an existing framework - after all, one of the big concepts in open source is using other peoples work. Changes to protocols will be gradual and open, to the degree where they don't feel like innovation, because you see the process as it happens.
Lets talk about UI... it's true, KDE/Gnome/etc take alot of direction from MS and Apple, but they take alot of things farther than either of those companies do (at least pre-OSX). For example, themes. A pretty logical outgrowth of skinnable applications, but prior to winXP only OS applications let themes, for example, control what kind of window frame your windows had, or have any signifigant control over widgets.
How about the libraries you use to create UIs? MS has the windows API (painful to work with directly) and the MFC (almost as painful). The MFC is poorly implemented and mainly survives because it's MS native. The open source Qt is much cleaner, providing more elegant solutions, and it's signals and slots event structure is something that I've never seen anywhere else -although.NET apparently has delegates that function much the same way.
the UI for wmp8 is... bad. Really bad. Like, really, really really terribly bad. That said, from a technical standpoint, it's the best media player I've used - stable, very forgiving of errors in encoding (important for all those poorly ripped porn movies off of kazaa!), excellet codec support. I'm very torn.
I'm sure it's a joke, but if she runs her buisness ouf of her home, as the article sugests, then, by spam standards, if you've ever recieved an email from her, then you have a pre-existing buisness relationship and have every right to call, email, or fax her directly.
Actually, with netBIOS, there IS such a sign - an unsercured windows machine actively advertises itself on the network. Blame Microsoft for a stupid default configuration, blame Compaq and Gateway and all the other OEMs for shipping Windows in that configuration, or blame users who don't know and don't want to know (that last is important) anything about computer security or the need for it, but the fact is: If your unsecured (default) windows machine is hooked directly to the internet without a firewall of some kind (hardware or software) you not only of leaving the doors unlocked, you are literally opening them and inviting everyone in. There's alot of blame to be partioned out for the sad state of home computer security, but users have to take thier share. A computer is NOT an appliance, and you ARE responsible for a minimum level of knowlege and precaution.
Incidently, my job is totally independent of fuckwit users.
Anyone who sends bulk email with intentionally deceptive subject lines is not likely to actually obey removal requests - spammers who DO obey removel requests, without then reselling the address (or re-selling it to themselves) aren't spammers - they are mailing list operators. Because you'll stop getting mail from them if you ask.
Re: It certainly is more evil than commercials
on
The Economics of Spam
·
· Score: 2
I'll dispute that - companies often spend (sometimes amazingly huge) amounts of money on advertising because of groupthink - they all learned exactly the same thing in buisness school, and advertising costs are often NOT looked at for any strict return on investment.
I don't know for sure, but I would generally assume that people who write security oriented software like OpenSSH and tcpdump would maintain updated, secured servers.
Okay, I've been confused about this MD5 thing. Most often, the MD5s are either in a file in the ftproot, or in the readme if you've owned the server enough to stick a trojan in the source code, can't you just put in the MD5s of your altered source? I thought the main reason for checksums was to check for corrupt/missing data after the download, which was way more important in the noisy line modem days.
Thats where the filtering/neural net software talked about in the CIPA article would come in REALLY handy... if I had an AI assistant that could analyze my porn, and filter and sort it by category, length, resolution, etc, that would make me really happy. In all kinds of probably disturbing ways.
even a neural net can't make a qualitive judgment about the intent of a site - maybe you've got some really incredibly good technology and it uses image recogition on graphics and is able to detect that there are bunch of naked boobs on a website, combined with a bunch of other sex related terms - is it a tit fetish site, or is it a site on breast prothesis for breast cancer patients? You're talking about a neural net with all (or a large portion of )the judgment of a human being, and if you had one of those you could use it for a hell of a lot more than porn filtering. Hell, even with a human, or team of humans filtering, odds are that you're going to slip through a fair amount of material. If you could provide the patent number for this neural net technique, however, I'd be interested in the implementation used. One assumes the patent actually details how you avoid things like false positives while still keeping a reasonable rate of false negatives.
Slashdot Mirror
Most string classes (at least, every one I've ever seen) does store length data, for exactly the same reason. However, because the compiler still transforms string literals into null terminated strings, you still end up messing with them, and there's not really much you can do about that. Adding a string type (have a compiler switch?) would allow you to avoid that - note that you can still use null terminateds just fine, adding a string type doesn't remove your char arrays.
I'm not sure how you see a performance decrease form using these types of strings - in every case they will be at least as fast as null terminated ones.
Pascal strings. The length of the string is stored in the first byte, with the rest of the string following. This limits you to 255 characters in length, but means you don't have to be looping over strings looking for nulls all the time. strlen() is a single instruction. strcat() can be done in O(1) time. Buffer overflows go away (well, mnostly).
You don't, and in fact can't, deal with page faults in your Java program. Nonetheless, your java program will suffer a performance hit when it page faults. Thats a leaky abstraction.
I believe he was talking more generically, and he's also totally correct about why XML is inefficent, or are you claiming that parsing an XML template is somehow faster than accessing an offset in a binary file?
Templates kick ass, but, at some level, no matter what, you're dealing with the overhead of null terminated strings. A native string type would allow you to avoid this, and doesn't invalidate the coolness of templates.
I had this exact problem when I was trying to learn to use the MFC for gui programming. Could have been partly an issue with the class I was taking, I suppose, but it's a pretty consistent problem in all the books I've seen. It's _hard_ to make the MFC work, and it's easy to break it. The wizards that the IDE want's you to use, general obfuscated (and hidden) code, so unless you already know how to do it all from scratch, you don't know what the IDE is doing. Which would be fine, except that it's easy to screw stuff up, so you then have to fight with the IDE to tell you what the hell it generated, so you can find out where it's breaking.
Well, not really, since string literals are always null terminated strings, so you're always forced to deal with that. And null terminated strings suck. Using pascal strings would have been a better solution, imo - sure, they have arbitrary limits on string size. But so do int's, and you can still abstract a string class to provide arbitrary length strings if you want.
No, you can't. Your abstraction will not be perfect, otherwise you wouldn't need to abstract it. If it's not perfect, it will eventually break. If it breaks, then you need to know how it works to fix it. Someone who's never seen C and who doesn't know what a null terminated string is will be totally incapable of fixing a buffer overrun in the Java libraries. He's not saying we should all use C because abstractions leak. He's saying that when we teach people how to code, we shouldn't ignore the low level. His point about 2-dimensional arrays is one of the best, yet he kinda skipped over it - you can abstract a 2d array all you want to make it easy to work with, but it will be far more efficent when used one way than when used another - and the which way it is will depend on your system, and compiler, and a variety of other things. And if you want to fix problems like that, you need to know how the low levels work.
See his linked article on strings for an excellent reading on why null terminated strings suck. C is lousy at dealing with strings.
As for how effective it needs to be, the false positive rate needs to be minimal (something that people generally don't require from spam filters, and which is certainly not the case in ANY existing blocking package) and it needs to be trivial to correct false positives, which again is not a feature in any package I'm aware of. On the other hand, if the true positive rate isn't a very high number, much higher than the rate people require from a spam filter, then the software may as well not be there.
On a further note, spam filters are generally customized to one persons needs, or a small group of people - not for the general public. That allows whoever is using them to make thier own decisions about what is spam, what isn't, and what level of false positive/false negative is acceptable.
You also did read those articles you linked to, since neither of them say that the ACLU opposes libraries blocking porn - just as I said, they oppose them being REQUIRED to block porn. And while the article doesn't go into detail, thier arguments in this case are more or less the same as mine. The ALA takes a somewhat stricter stance, which seems to be that at least some form of unblocked access needs to be available (although not to minors, note that limits based on age or legal emancipation are fine), which, again, I agree with although I'm not as hardline about it.
I'm always suspicious of any law or bill or regulation thats presented as being for the protection of children. Sometimes it's legitimate. Sometimes, the lawmaker is well-meaning and there's no hidden agenda. I would have to be shown a distinct gain for society before I would accept any bill that proposes to limit rights, and in the case of free speach, my personal bar is even higher. It's not speculation that filtering software is insufficent, it's an informed professional opinion. As for whether it's a problem - well, yeah, it's speculation that it's not. And I speculate again that any problems that DO occur can easily be solved without blocking software. If you have actual documented cases where it's impossible for other means of controlling access to be used (public terminals, librarian present, restrict access to adults), along with a documented history of porn viewing there being a "problem" - that is, that porn viewing was frequent and blatant enough that a signifigant amount of people were bothered and/or harmed by it, or that it prevented other people from accessing library resources - then I'll listen to you.
SPEWS blocks my IP, which is a cable modem dynamic IP. I have no idea if it's because my ISP doesn't crack down on spammers or what, but considering that it is (literally) my only choice for broadband, it's fairly annoying.
This is exactly why an objective filter (software) cannot be relied upon. Your definition would include the vast majority of modern television, commercials, and womens magazines.
Note in all this that I'm not objecting to libraries blocking porn, or even blocking anything they want - I'm against the flat mandate that they MUST block porn. To my knowledge, there is no filtering software available with is both a) more than minimally effective and b) provides an open blacklist and c) who is not known to block sites that are in no way pornographic.
I could care less if I can get porn at a library. However, I do not want anyone outside the local community deciding what appropriate content (for anyone!) to view is. I especially don't want a for-profit company to be deciding, since all the major censorware providers don't just limit themselves to pornography/violence/the other things they're supposed to block. I think it's unreasonable to put the (enormous) administrative task of administering a blacklist onto local librarians, when it's much more effective to simply have unblocked computers readily available. Give people some credit. More importantly, make them take some responsibility. Libraries are not there so you can dump your kids at them. Libraries are not there so teenagers can get off looking at porn - hell, considering how public the terminals are at most libraries, I doubt that this has EVER been a real problem at any library ever. But it sure makes for good campaign fodder.
There is no such thing as an internal wireless network.
I think the issue here is that there's a pretty signifigant difference in the nature of OS vrs. MS (and perhaps closed source in general) "innovation". Open source projects are more likely to do something new within an existing framework - after all, one of the big concepts in open source is using other peoples work. Changes to protocols will be gradual and open, to the degree where they don't feel like innovation, because you see the process as it happens.
Lets talk about UI... it's true, KDE/Gnome/etc take alot of direction from MS and Apple, but they take alot of things farther than either of those companies do (at least pre-OSX). For example, themes. A pretty logical outgrowth of skinnable applications, but prior to winXP only OS applications let themes, for example, control what kind of window frame your windows had, or have any signifigant control over widgets.
How about the libraries you use to create UIs? MS has the windows API (painful to work with directly) and the MFC (almost as painful). The MFC is poorly implemented and mainly survives because it's MS native. The open source Qt is much cleaner, providing more elegant solutions, and it's signals and slots event structure is something that I've never seen anywhere else -although .NET apparently has delegates that function much the same way.
the UI for wmp8 is... bad. Really bad. Like, really, really really terribly bad. That said, from a technical standpoint, it's the best media player I've used - stable, very forgiving of errors in encoding (important for all those poorly ripped porn movies off of kazaa!), excellet codec support. I'm very torn.
I'm sure it's a joke, but if she runs her buisness ouf of her home, as the article sugests, then, by spam standards, if you've ever recieved an email from her, then you have a pre-existing buisness relationship and have every right to call, email, or fax her directly.
*point telco*
Incidently, my job is totally independent of fuckwit users.
For what it's worth, No-CD cracks are not illegal, although you may be liable for civil penalties for using them.
Anyone who sends bulk email with intentionally deceptive subject lines is not likely to actually obey removal requests - spammers who DO obey removel requests, without then reselling the address (or re-selling it to themselves) aren't spammers - they are mailing list operators. Because you'll stop getting mail from them if you ask.
I'll dispute that - companies often spend (sometimes amazingly huge) amounts of money on advertising because of groupthink - they all learned exactly the same thing in buisness school, and advertising costs are often NOT looked at for any strict return on investment.
I don't know for sure, but I would generally assume that people who write security oriented software like OpenSSH and tcpdump would maintain updated, secured servers.
Okay, I've been confused about this MD5 thing. Most often, the MD5s are either in a file in the ftproot, or in the readme if you've owned the server enough to stick a trojan in the source code, can't you just put in the MD5s of your altered source? I thought the main reason for checksums was to check for corrupt/missing data after the download, which was way more important in the noisy line modem days.
Thats where the filtering/neural net software talked about in the CIPA article would come in REALLY handy... if I had an AI assistant that could analyze my porn, and filter and sort it by category, length, resolution, etc, that would make me really happy. In all kinds of probably disturbing ways.
even a neural net can't make a qualitive judgment about the intent of a site - maybe you've got some really incredibly good technology and it uses image recogition on graphics and is able to detect that there are bunch of naked boobs on a website, combined with a bunch of other sex related terms - is it a tit fetish site, or is it a site on breast prothesis for breast cancer patients? You're talking about a neural net with all (or a large portion of )the judgment of a human being, and if you had one of those you could use it for a hell of a lot more than porn filtering. Hell, even with a human, or team of humans filtering, odds are that you're going to slip through a fair amount of material. If you could provide the patent number for this neural net technique, however, I'd be interested in the implementation used. One assumes the patent actually details how you avoid things like false positives while still keeping a reasonable rate of false negatives.