On the contrary, I would argue that the right to free speech has everything to do with democracy.
Saddam doesn't want anyone to speak up against his regime because that would allow his opponents to rally the population against him. Revolutions happen when groups of rebels get together and spread propaganda against their oppressors. If you punish everyone who dares speak against you, you can stop rebel movements from forming. So it's impossible to have free speech in a totalitarian state. In a democracy, on the other hand, information is spread freely, and this allows people to decide which government suits them best.
As for people being locked up for saying "unpopular stuff" in democracies, what kind of stuff are you referring to? Death threats? Hate speech? Copyright? As always, your rights stop where other people's rights begin, and speech is no exception. People are locked up for saying things in democracies only when saying those things hurts other people.
Of course you can have a totalitarian state and disguise it as a democracy, but I'm speaking of states which really are democracies, such as the one I'm living in.
"Any system can work"? The states that are most prosperous and have the most personal freedoms (US, Canada, western Europe, etc) are all true democracies. So I guess any system can work, but democracy has shown itself to work better than all the others.
As for communism, we've had communist regimes for almost 100 years and all of them have sucked. We have a lot of "good examples" of communism. How much more suffering is necessary before everyone accepts that communism doesn't work?
I'm no expert on speakers, but don't headphones work with electromagnets? That is, they don't cause any magnetic field unless there is actually current running through them. So headphones in the same bag would never cause problems.
In any case, judging from the physics courses I've had and the orders of magnitude of current involved, I'd say that even with headphones running at high volume, the magnetic field a few centimeters from them would be pathetically weak. Feebler even than the Earth's natural magnetic field.
I never saw the rationale behind optical mice. The extra accuracy gained seems small compared to the massive increase in complexity, although it makes you wonder how companies like MS can charge £10 for a simple analogue one and only £35 for a mouse with an optical camera and significant processing hardware...
Optical mice are just better. They never wear out or need to be cleaned. As an end user, I really like that and I'm willing to pay for it. What more rationale do you need?
I'm not sure why you're complaining that it's too complex. It's not like it's an operating system that becomes harder to program. It works just like an ordinary mouse for both users and programmers; how does this additional complexity disadvantage anyone? That's kind of like saying that the increase in speed of the Pentium 4 doesn't justify the huge increase in complexity.
I didn't mean to say efficiency is bad and should be avoided; I agree with all the benefits you gave of having fast software, but I think there are many tradeoffs involved and that sacrificing efficiency is, a lot of the time, the right decision. And I don't think programmers who manage to build successful software are lazy.
Anyway, I'll answer your questions:
Why would an efficient software design be less flexible?
Because efficiency is diametrically opposed to modularity. If you want to have flexible software, you have to divide it into isolated modules that then communicate with each other across well-defined interfaces. That way, you can easily replace one of the modules with another without having to also modify all the unrelated code that uses it. Dividing things up like this adds a lot of overhead like extra function calls, extra levels of indirection (pointers to pointers to pointers to..), etc.
Also, fast algorithms often depend on having extra information about the data they are working with.
If I know that data is structured in a certain way, I can use clever tricks to take advantage of this. In a flexible design, you want to avoid those kind of tricks across module boundaries, because that makes it harder to replace the old module with a new one which could have its data structured differently.
The most efficient possible design is always the one with no module boundaries at all, because then algorithms have access to all the data in the program. Often called "spaghetti":).
Why would an efficient software design be more buggy?
Because spaghetti code is harder to debug:).
Would an efficient software design necessarily have less features?
That would depend on the features, so not "necessarily" no. But many desirable features do add overhead (because they require extra data to be processed all the time).
Wouldn't you rather have software that took longer to develop, but was more efficient and stable?
That would depend. Nonexistent software is the worst type of software. Of course, once the software is released, nobody cares about how long it took to develop, but that's not the point. If Microsoft had waited until 2010 to release win95, doubtless it wouldn't be such crap, but that wouldn't help anyone during the 15 years they spent without it.
Have you ever been hynotized by Bill Gates?
Heh. I was defending inefficient software in general, not Microsoft's in particular. I'm generally not too fond of MS software either.
Just because I have a 60Gig HD, it doesn't mean that the software I run can be bloated because "I've got plenty of space." Very flawed logic.
That attitude makes a lot of sense to me. Software design is a matter of tradeoffs. If software was more efficient, that would mean it would either be less flexible, and/or more buggy, have less features, be released later, etc. The bottom line is that optimization takes time and that's time that could be spent on other things.
Frankly I would hate it if Office didn't have some of the features I use just so it could run on someone's 486. I need those features more than I need speed, with the computer I have.
I'm fairly well versed in the workings of TCP/IP
and I don't think what you describe is
technically possible. Because TCP uses a 3-way
handshake, the only packet that can be spoofed
is the initial SYN packet (which can be useful
for port scanning in ways pretty much like you
described). But in order to send the request
string for robots.txt, a full TCP connection
must be established.
Say host A is connecting to host B. This needs
to happen in order to have a successful connection:
A sends initial SYN packet to B requesting
connection
B sends back ACK,SYN packet accepting connection, with a random sequence number
A sends back an ACK packet containing the sequence number given to it in step 2
Only after this is done can text like "GET/robots.txt"
be sent. As you can see, step 3 can't
be spoofed, because the correct sequence number
is required and the only way to get it (barring
router-level spying, which most attackers can't do) is to actually
be the host A which receives packet 2. Check out RFC793 for excessive detail:).
So, I would say a bunch of hosts really are
requesting robots.txt for some weird reason (still perhaps security-related, but not spoofing).
Someone correct me if I'm wrong, but I'm pretty
sure about this.
Sounds like a cool idea, but not really worthwhile. Getting two completely different games to interact with each other would be monstrously complex, for the few benefits it would bring. Especially if they are from different companies.
Just transfering simple info (for example, taking a character from one RPG and playing with it in another) would already be really hard. In fact I only know of one series of games that does that (Quest for Glory), and the same coders worked on every game from that series. Now try to get two competing teams of developers to agree on a file format for saved RPG characters: impossible.
And that's orders of magnitude easier than your GTA/race car game example. Something like that would require at least hundreds of hours of work and tens of thousands of lines of code, if it was done during the development cycle. If you would like to patch it onto an existing game, forget it. There's nothing harder than twisting nonflexible code to do something it was never planned to do.
Adding a lot of flexibility to code that should normally be lean and optimized (like game code) is _really hard_. In fact, the whole reason for object oriented programming is that it's supposed to make problems like that easier to solve.
And what would you get for your efforts? An initial slight "cool factor", and then race car game players complaining that the GTA players are lagging them and vice versa:).
Anyway, the idea is neat, but it's not really practical right now.
mpg123 decodes mp3s properly? I have several mp3s that play just fine under Winamp (never tried Sonique), but that are heavily garbled or not played at all in mpg123.
It might be true that mpg123 plays better mp3s that stick perfectly to the mp3 spec, but in practice, problems like that are much more annoying than any minor inaccuracy in decoded sound (which I assume is the nature of the flaw you were referring to).
As other people said, that'll only block traffic
from slashdot.org itself, not people who came
from a slashdot link.
IIRC, HTTP clients tell a server what site they
are coming from (it's called something like
the referrer). You could toggle a setting in
your HTTP server to block people whose referrer
says slashdot.org. Of course, crafty slashdotters
could still bypass the link entirely, but
it would work at least partially, compared to
your solution which wouldn't work at all.
The basic codes are all there but the
connecting code would be a pain in the donkey.
I have some programming experience, and I think
what you suggest would be more than a pain: it would be easier
to start from scratch. You'd need to make
loads of fundamental changes to, for example,
SimAnt, in order to get it to interoperate with
anything. It was designed to be run on its own, draws directly to the screen, doesn't have an architecture that can be implemented over a network, etc.
Although it's conceptually possible
to imagine such a mesh, the codebases just weren't designed with
that in mind, so you can't just grab them and
make them work with each other:(.
This kind of problem is why object-oriented
programming and related paradigms are so popular. Good OO code diminishes,
though of course doesn't eliminate, this sort
of problem (i.e. getting code to do things it conceptually could do, even if that's not what it was written for at first).
I define my model of the world as the world in which no perception of the world informs me of anything at all.
That's a perfectly logical and coherent position. IIRC, a school of thought called solipsism based their philosophy on the idea that nothing we perceive has any relevance to reality whatsoever.
That doesn't mean I don't think it's a silly and unreasonable position to take. If that is true, it means all actions we take are completely futile, since there is no information which we can use to make a good decision. Such a philosophy is therefore useless.
I prefer to choose a philosophy that gives me an idea of what I should do. There's no proof that my perceptions have anything to do with reality, but I don't have anything better to go on, so I might as well treat them as if they did represent reality.
I actually think there's a lot
more strategy involved with the myriad of maps and players then in
chess (played on a 8 by 8 board with set denominations of moves for
each player).
I agree that there is a substantial amount of strategy involved
in FPSes (I used to play quite a lot) but please,
this is wildly exaggerating and insulting to
chess players.
Chess is a game of pure strategy: players spend
100% of their energy evaluating what they should
do. Master chess players spend their entire
lives memorizing patterns and learning the
hundreds of complex principles governing the
game. Deciding what to play takes several minutes of deep thought
in a serious chess game, as opposed to the
quick decisions you must take in FPSes. Furthermore, the game has been studied for centuries and we are still finding new things about it.
So I would say that FPSes are not even remotely
comparable strategy-wise to chess. You might as
well compare soccer to chess. Soccer and FPSes
certainly require a lot of skills and I respect
players of both, but deep-strategy games they
are not.
Imho, don't take it too seriously. Internet
communities all eventually either die out or are invaded
by hordes of lamers. That's just life. Look
at what happened to usenet.
Just move on, find another community or game
that you like, or play only with your own personal
clique of friends (that's what I do now).
Also, your memories of Kali are probably much
too rosy:). I know that when I played, I
met lots of idiots who insult me when I grunt
rush them, people who only played on GOW high resources, people
on 9600 baud modems, cheaters, racists, etc.
But of course all I remember are the really good
games I had.
I use lynx about half of the time also. The
interface is comfortable (I like never having
to use the mouse) and
I get to read everything in the font and color I
like best. And 90% of the time I don't need
the functionality of a GUI browser.
I use lynx for the same reason I use vim: it
just has a nice, comfortable, predictable
environment (I know I won't run into stupid javascript or annoying second browser windows, for example). Elite-ness or crappy hardware has nothing to do with it.
(disclaimer: I've never cracked anything myself; this
is just how I would guess this is done)
I agree that using %s generally causes no possible
root exploits. But there's a little known
printf conversion character that allows
you to *write* into the printf argument. It's
%n. What it does is write the integer value
of how many characters were written up to date by printf
into an integer argument. (don't ask me why anyone would want this for legitimate purposes...)
So, for example, say the vulnerable printf is:
char string[50];
printf("blahblah: %s", string);
From what I understand, the locale vulnerability
allows you to replace the "%s" by anything you
want. So you could tell the computer, for example,
that in your country "blahblah" should be
written "lots_of_random_characters...%n%n%n%n%n%n...(evil assembly code)".
With a carefully calculated number of beginning
characters and %ns, you could overwrite the
function's return address (after the string on the stack) to contain the address of your evil
assembly code, thus gaining root when the function
returns. How this would work exactly would
depend on the specific compiler/OS, more study
would be needed to write a
working exploit.
There might be other ways to exploit the problem,
but that's my theory.
If C was designed to make more sense, that wouldn't really
be a problem. if(string == "literal") is a
perfectly valid construct and works the way you want it to in C++ (with the string
class) and Java.
That said, it's true that sloppy programmers
are also a big problem.
Sure, freedom is very important. But IMHO,
it has nothing to do with software. I was
caught up in RMS's rhetoric also until I realized
that he was distorting the word "free" for his
own purposes. By using "free", he is milking a word we have grown to worship, and is indirectly
comparing closed source software to jails and
fascist governments. This has the natural tendency to attract people to his beliefs, when in fact no such ethical
issues arise with software (according to most
people's fundamental values, anyway; I can't speak for yours or RMS', of course).
And then he goes and accuses proprietary developers
of misusing the word "piracy"!
Just because it is possible to modify and copy
software, does not imply it is a fundamental human
right, as RMS suggests with his use of the word
"freedom". Just because it is physically possible
for me to drive on the wrong side of the road,
does that mean my freedom is being unfairly restricted
by the policemen who stop me from doing so?
And please, drop the "enemy" stuff. Big
companies aren't full of evil monsters but
people like you and me and RMS, with values and
a sense of ethics. Bill Gates honestly believes that by leading the software world, he is doing it a big service. Nobody is trying to
oppress you.
Actually, that should be "ninenkan mae". You have to add -kan to the time (which usually expresses duration, e.g. "Toukyou ni isshuukan ita" = "(someone) was in Tokyo for a week") when you use "mae" to mean "ago".
You're saying that Linux is easier to administer
for beginners than NT? In my experience, it's
the other way around. I remember spending a
dozen frustrating hours vainly trying to get an
ssh server working at all on an RH6 box, because
of inadequate documentation and cryptic error
messages (I later got it working on an RH6.2 system).
Ditto for samba.
And don't even get me started
on sendmail: its configuration files look more
cryptic than perl. Trying to get things to work properly, I ended up with a hack
that accidentally caused cron to send its messages to the
admin of my ISP rather than me.
If w2k has similar problems, that just goes
to confirm the theory that All OSes Suck.
I'm all for complaining about windows, but I
wouldn't hold up linux as a beacon of non-suckiness.
"Hey, nice shoes!"
"Thanks, here's a $1 micropayment!"
If we wanted to do that, we could do it already,
with ordinary cash. So I don't see why the
existence of electronic micropayments would change
anything about our attitudes.
Slashdot Mirror
Saddam doesn't want anyone to speak up against his regime because that would allow his opponents to rally the population against him. Revolutions happen when groups of rebels get together and spread propaganda against their oppressors. If you punish everyone who dares speak against you, you can stop rebel movements from forming. So it's impossible to have free speech in a totalitarian state. In a democracy, on the other hand, information is spread freely, and this allows people to decide which government suits them best.
As for people being locked up for saying "unpopular stuff" in democracies, what kind of stuff are you referring to? Death threats? Hate speech? Copyright? As always, your rights stop where other people's rights begin, and speech is no exception. People are locked up for saying things in democracies only when saying those things hurts other people.
Of course you can have a totalitarian state and disguise it as a democracy, but I'm speaking of states which really are democracies, such as the one I'm living in.
"Any system can work"? The states that are most prosperous and have the most personal freedoms (US, Canada, western Europe, etc) are all true democracies. So I guess any system can work, but democracy has shown itself to work better than all the others.
As for communism, we've had communist regimes for almost 100 years and all of them have sucked. We have a lot of "good examples" of communism. How much more suffering is necessary before everyone accepts that communism doesn't work?
No need for flames. It's bad enough having to deal with being wrong without being personally attacked on top of that. Sheesh.
In any case, judging from the physics courses I've had and the orders of magnitude of current involved, I'd say that even with headphones running at high volume, the magnetic field a few centimeters from them would be pathetically weak. Feebler even than the Earth's natural magnetic field.
Optical mice are just better. They never wear out or need to be cleaned. As an end user, I really like that and I'm willing to pay for it. What more rationale do you need?
I'm not sure why you're complaining that it's too complex. It's not like it's an operating system that becomes harder to program. It works just like an ordinary mouse for both users and programmers; how does this additional complexity disadvantage anyone? That's kind of like saying that the increase in speed of the Pentium 4 doesn't justify the huge increase in complexity.
Anyway, I'll answer your questions:
Because efficiency is diametrically opposed to modularity. If you want to have flexible software, you have to divide it into isolated modules that then communicate with each other across well-defined interfaces. That way, you can easily replace one of the modules with another without having to also modify all the unrelated code that uses it. Dividing things up like this adds a lot of overhead like extra function calls, extra levels of indirection (pointers to pointers to pointers to ..), etc.
Also, fast algorithms often depend on having extra information about the data they are working with. If I know that data is structured in a certain way, I can use clever tricks to take advantage of this. In a flexible design, you want to avoid those kind of tricks across module boundaries, because that makes it harder to replace the old module with a new one which could have its data structured differently.
The most efficient possible design is always the one with no module boundaries at all, because then algorithms have access to all the data in the program. Often called "spaghetti" :).
Because spaghetti code is harder to debug :).
That would depend on the features, so not "necessarily" no. But many desirable features do add overhead (because they require extra data to be processed all the time).
That would depend. Nonexistent software is the worst type of software. Of course, once the software is released, nobody cares about how long it took to develop, but that's not the point. If Microsoft had waited until 2010 to release win95, doubtless it wouldn't be such crap, but that wouldn't help anyone during the 15 years they spent without it.
Heh. I was defending inefficient software in general, not Microsoft's in particular. I'm generally not too fond of MS software either.
That attitude makes a lot of sense to me. Software design is a matter of tradeoffs. If software was more efficient, that would mean it would either be less flexible, and/or more buggy, have less features, be released later, etc. The bottom line is that optimization takes time and that's time that could be spent on other things.
Frankly I would hate it if Office didn't have some of the features I use just so it could run on someone's 486. I need those features more than I need speed, with the computer I have.
Say host A is connecting to host B. This needs to happen in order to have a successful connection:
- A sends initial SYN packet to B requesting
connection
- B sends back ACK,SYN packet accepting connection, with a random sequence number
- A sends back an ACK packet containing the sequence number given to it in step 2
Only after this is done can text like "GETSo, I would say a bunch of hosts really are requesting robots.txt for some weird reason (still perhaps security-related, but not spoofing). Someone correct me if I'm wrong, but I'm pretty sure about this.
Just transfering simple info (for example, taking a character from one RPG and playing with it in another) would already be really hard. In fact I only know of one series of games that does that (Quest for Glory), and the same coders worked on every game from that series. Now try to get two competing teams of developers to agree on a file format for saved RPG characters: impossible.
And that's orders of magnitude easier than your GTA/race car game example. Something like that would require at least hundreds of hours of work and tens of thousands of lines of code, if it was done during the development cycle. If you would like to patch it onto an existing game, forget it. There's nothing harder than twisting nonflexible code to do something it was never planned to do.
Adding a lot of flexibility to code that should normally be lean and optimized (like game code) is _really hard_. In fact, the whole reason for object oriented programming is that it's supposed to make problems like that easier to solve. And what would you get for your efforts? An initial slight "cool factor", and then race car game players complaining that the GTA players are lagging them and vice versa :).
Anyway, the idea is neat, but it's not really practical right now.
It might be true that mpg123 plays better mp3s that stick perfectly to the mp3 spec, but in practice, problems like that are much more annoying than any minor inaccuracy in decoded sound (which I assume is the nature of the flaw you were referring to).
IIRC, HTTP clients tell a server what site they are coming from (it's called something like the referrer). You could toggle a setting in your HTTP server to block people whose referrer says slashdot.org. Of course, crafty slashdotters could still bypass the link entirely, but it would work at least partially, compared to your solution which wouldn't work at all.
I have some programming experience, and I think what you suggest would be more than a pain: it would be easier to start from scratch. You'd need to make loads of fundamental changes to, for example, SimAnt, in order to get it to interoperate with anything. It was designed to be run on its own, draws directly to the screen, doesn't have an architecture that can be implemented over a network, etc.
Although it's conceptually possible to imagine such a mesh, the codebases just weren't designed with that in mind, so you can't just grab them and make them work with each other :(.
This kind of problem is why object-oriented programming and related paradigms are so popular. Good OO code diminishes, though of course doesn't eliminate, this sort of problem (i.e. getting code to do things it conceptually could do, even if that's not what it was written for at first).
That's a perfectly logical and coherent position. IIRC, a school of thought called solipsism based their philosophy on the idea that nothing we perceive has any relevance to reality whatsoever.
That doesn't mean I don't think it's a silly and unreasonable position to take. If that is true, it means all actions we take are completely futile, since there is no information which we can use to make a good decision. Such a philosophy is therefore useless.
I prefer to choose a philosophy that gives me an idea of what I should do. There's no proof that my perceptions have anything to do with reality, but I don't have anything better to go on, so I might as well treat them as if they did represent reality.
I agree that there is a substantial amount of strategy involved in FPSes (I used to play quite a lot) but please, this is wildly exaggerating and insulting to chess players.
Chess is a game of pure strategy: players spend 100% of their energy evaluating what they should do. Master chess players spend their entire lives memorizing patterns and learning the hundreds of complex principles governing the game. Deciding what to play takes several minutes of deep thought in a serious chess game, as opposed to the quick decisions you must take in FPSes. Furthermore, the game has been studied for centuries and we are still finding new things about it.
So I would say that FPSes are not even remotely comparable strategy-wise to chess. You might as well compare soccer to chess. Soccer and FPSes certainly require a lot of skills and I respect players of both, but deep-strategy games they are not.
Just move on, find another community or game that you like, or play only with your own personal clique of friends (that's what I do now).
Also, your memories of Kali are probably much too rosy :). I know that when I played, I
met lots of idiots who insult me when I grunt
rush them, people who only played on GOW high resources, people
on 9600 baud modems, cheaters, racists, etc.
But of course all I remember are the really good
games I had.
I use lynx for the same reason I use vim: it just has a nice, comfortable, predictable environment (I know I won't run into stupid javascript or annoying second browser windows, for example). Elite-ness or crappy hardware has nothing to do with it.
I agree that using %s generally causes no possible root exploits. But there's a little known printf conversion character that allows you to *write* into the printf argument. It's %n. What it does is write the integer value of how many characters were written up to date by printf into an integer argument. (don't ask me why anyone would want this for legitimate purposes ...)
So, for example, say the vulnerable printf is:
From what I understand, the locale vulnerability allows you to replace the "%s" by anything you want. So you could tell the computer, for example, that in your country "blahblah" should be written "lots_of_random_characters...%n%n%n%n%n%n...(evil assembly code)". With a carefully calculated number of beginning characters and %ns, you could overwrite the function's return address (after the string on the stack) to contain the address of your evil assembly code, thus gaining root when the function returns. How this would work exactly would depend on the specific compiler/OS, more study would be needed to write a working exploit.
There might be other ways to exploit the problem, but that's my theory.
That said, it's true that sloppy programmers are also a big problem.
Other than that, I agree with you.
I can't help but point out that C++ iostreams (as well as the IO facilities of many other languages) aren't vulnerable to this sort of thing :).
Oops. -nen is an exception to that rule, sorry. Never mind.
Just because it is possible to modify and copy software, does not imply it is a fundamental human right, as RMS suggests with his use of the word "freedom". Just because it is physically possible for me to drive on the wrong side of the road, does that mean my freedom is being unfairly restricted by the policemen who stop me from doing so?
And please, drop the "enemy" stuff. Big companies aren't full of evil monsters but people like you and me and RMS, with values and a sense of ethics. Bill Gates honestly believes that by leading the software world, he is doing it a big service. Nobody is trying to oppress you.
Check your facts before you show off :).
And don't even get me started on sendmail: its configuration files look more cryptic than perl. Trying to get things to work properly, I ended up with a hack that accidentally caused cron to send its messages to the admin of my ISP rather than me.
If w2k has similar problems, that just goes to confirm the theory that All OSes Suck. I'm all for complaining about windows, but I wouldn't hold up linux as a beacon of non-suckiness.
I read in Carmack's .plan that he was planning
on using Java in Q3 for that also. The idea
was ditched later for unexplained technical reasons, though.
"Thanks, here's a $1 micropayment!"
If we wanted to do that, we could do it already, with ordinary cash. So I don't see why the existence of electronic micropayments would change anything about our attitudes.