If, and only if, you're programming in a language which doesn't provide any constructs to do error handling. Dijkstra was right, goto's are a bad idea and should not exist in a language. Knuth was right, in the absence of something replacing goto you're better of using it then not using (if done properly).
All of that discussion is passed us now, most of us have been writing software without using goto for the last two decades, goto has been replaced with try/catch constructs, labeled breaks, switch statements etc. None of the examples Knuth provides in that paper are still relevant in any modern language. By that measure, Dijkstra won.
It's not surprising either, Dijkstra was always in utopia, talking about how things would be if he build the world himself (which doesn't mean he's wrong). Knuth has always been about how to deal with the current reality (including the state of programming languages), and not so much about changing that reality.
It seems everyone wants to be a "software engineer", but nobody wants to focus on the "hard stuff", and instead chant "let java/X do it for you".
...
BTW, I think there is a lot of skill needed to be able to look at problem, figure out what libraries can/can not help and then pull it all together into a cohesive solution.
Isn't that the skill which makes you an engineer? Engineers don't go into the woods to take down trees, they never weld anything together and generally didn't add a single nail to the bridge which gets to carry their name.
Realistically, most programmers actually aren't the engineer, the are the lumberjacks and the welders. Sadly though, the engineering phase is skipped in most software projects. Thats why the fun and the quality is gone in a lot of software work. Programmers should actually grow up and become proper engineers and architects instead of just implementing the first thing which comes to mind.
The programmers of those libraries should start doing that first though, one of the reasons working with all those libraries is a pain in the butt is because the are largely unintuitive, unclean, incompatible and each in need of their own workarounds. I'm sure any programmer here can list a few libraries he just hates like nothing else, but simply cannot avoid using.
Someday all our software will be the result of proper engineering, although probably not in my lifetime.
Very well possible, I do log all my conversations. It could also be the result of wiretaps, I don't think it's encrypted in any way. Or perhaps MS does log those messages, if that's the case they at least didn't document the procedure to retrieve those in this document.
So, does this manual that Cryptome put up reveal any dark secrets, or is the complaint justified here? I wouldn't bet either way without reading it.
No, it outlines the procedures for getting data about hotmail and live users from Microsoft, it shows examples of what data is provided, what each piece of data means etc. It also tells what information is stored and how long and which type of warrant/court order is required for certain types of information. An interesting read, but nothing that shocked me so far (I didn't read all of it yet).
On the other hand, I can't really see why MS goes out of it's way to prevent this document from being public. It's the kind of documentation they could just as well publish on their own website, everything in there is, as far as I can see, simply the result of what's in the law. If you have a problem with that, complain to the ones that made the law...
The only thing in there which MS probably doesn't want to be published are a few phone numbers and email addresses and frankly those should have been redacted out.
Worse yet,... endorsing the use and adoption of open source software...
What can one take away from this letter? That the BSA would rather have you pirate Microsoft products than use Linux?
Yes they do, because Microsoft can take a lot of piracy, that just lost income. They will try to prevent that as much as possible, but at least it affects only those pirated copies and they have some change of getting that money somehow later on.
When people start moving to alternatives, OSS or otherwise, they loose the same amount of money, but with no change on ever recovering any of it, no change of selling any of their other product (the all run on Windows) and one of their competitors grows, gets a showcase and it might even spread around (this is especially risky if the competitor is actually better). So yeah, from their perspective it makes sense they rather see you pirate MS product then use Linux.
And thats all fine, however when they start forcing governments to feel the same way it becomes scary. Very scary, because Microsoft would probably also rather not have a free market at all, that would really help their shareholders a lot.
So now we'll have to choose whether we hate him because he is an annoying attention seeking lier, or because he thinks Vista is an excellent product. He considers himself to be this amazingly successful nice bloke, but he also thinks he is the most hated person on the internet.
Did anybody tell him there is all sorts of stuff between black and white? I means, compared to him even slashdots frontpage is full of nuance.
Well, I can tell you what the article is going to say. It's going to tell you that it's all somebody else's fault. And if anything was wrong, it's because InfoWorld approved of his immoral behavior, which somehow makes it not his fault anymore.
Rough, guess, I'll RTFA now. But he is just that kind of guy...
What makes you think that EBay didn't simply safe that 100K because of other factors. The thing is 'burning' methane, if it does so with the same efficiency as a coal plant it would still save EBay money because there is no third party supplying the electricity, and there is no loss in the transportation of that electricity. And apparently there are some nice subsidies in place as well. All of that could well add up to that 100K.
And as someone else noted already, it's a nice alternative for those huge diesel generators found at datacenters.
American SUV = 16 liters/100 km American sedan = 9.4 liters/100 km
Prius = 4.7 liters/100 km
vehicle in article = 0.085 liters/100 km
Fixed...
Hell, I own a 11 years old European overpowered turbo-charged estate car, I only drive short stretches and I've got a really, really heavy right foot. But I do average better then 9.4 liters/100 km. The fuel consumption numbers on American cars amaze me every time, here's a hint: Bigger is not always better.
Well, lets say they weren't really keeping up with then news if they didn't notice that this "Devil Mountain Software" company (who's software they distribute and who's founder they employ) suddenly had a new CTO in lots of publications, some of them rather in the spotlight. Especially because it appears to be a one man business ran from his home. (Which is fine, but a shop like that doesn't suddenly have a CTO).
Well, they are seeing a spike in I/O, but they didn't actually measure performance nor did they take into account how people are using their system. So effectively they might just be comparing grandma playing solitaire on her XP machine to a gamer playing some demanding game on his Windows 7 box and claim that Windows 7 needs more memory and I/O. They didn't normalize the results in any way, but you can be fairly certain that the first users upgrading to Windows 7 are the gamers and other more demanding users. Also, Windows 7 machines are more likely to run other more recent software, so perhaps it's just that Office 2007 and the Office 2010 beta are a bigger resource hogs compared to Office XP en Office 2003.
It's all just statistics, but without really knowing what is being measured and blindly assuming that correlation means cause. But hey, we got a percentage so it must be true...
Ok, I'm truly curious here. How the heck would the OS know what memory space corresponds to the active tab in FF versus the inactive tabs or other application data?
It wouldn't know about tabs as such. However, it could track which page was accessed/changed/created most recently. Memory related to the currently active tab is likely to be the most recently used memory.
Yea that's the one. There's an auction for them for $60 each on ebay right now.
That's $120 to interconnect just two points. I'd think the house has to be pretty big to make that cheaper then pulling some Cat5e cable, which will even get you the additional benefit of being able to do 1Gbps as well.
This often leads to 'filling quotas' in workforces. Qualified people are passed over so that someone who fills the quota can be hired.
Which could lead to interesting things. Imagine a company which hired to many non-white people placing an job ad which explicitly states only white people can apply?
<cynic-mode>
Just hire your own cleaning staff, instead of outsourcing that, and you can be racist all you want for the important jobs...
</cynic-mode>
But why do you assume it's underperformance on behalf of the candidate, rather than bias in the hiring system?
Because even racists are innocent until proven otherwise?
I'd be fine with a law bankrupting any company which is proven to be racist, but it's just plain wrong when the company has to prove they are innocent.
And in the long term, it might just create a market for something which is neither ARM nor x86. And that something may well be build by Intel as well. The only reason we stick to x86 is binary compatibility, with more open-source that becomes less important.
Likewise with ZIP codes in the EU: it may seem ridiculous but ZIP code databases are copyrighted there.
They are still not copyrighted. That very instance of the database may be protected, you can't just rip it and use it for whatever you want. Not even of the database is publicly searchable.
But you can go out and start collecting that very same information on your own and create your own database. Once you've done that you can use that in any way you see fit.
What you can't do is wait till somebody else has done all the hard work and then just grab that for free, which seems fair enough to me.
No, the payment processor is made to believe that PIN authentication isn't used. The false PIN-OK message is between the MITM and the terminal. The PIN entered is not actually compared to the PIN on the card. The MITM handles the card according to the "chip and signature" protocol and the terminal according to the "chip and PIN" protocol.
And since the terminal is handled according to the Chip and PIN protocol and the payment processor is talking to the terminal the payment processor will believe that PIN authentication is used.
Also, the PIN is never send to the card at al. Instead the MitM response to that request with a 'PIN OK' response.
I will never ever use a debit or credit card again, thanks to what I have found out today.
Smart move. Nevermind this attack will never hurt you when you are using your card, but only when you loose it.
If you know where your card is and report it to your bank as soon as it's stolen your fine.
Slashdot Mirror
If, and only if, you're programming in a language which doesn't provide any constructs to do error handling. Dijkstra was right, goto's are a bad idea and should not exist in a language. Knuth was right, in the absence of something replacing goto you're better of using it then not using (if done properly).
All of that discussion is passed us now, most of us have been writing software without using goto for the last two decades, goto has been replaced with try/catch constructs, labeled breaks, switch statements etc. None of the examples Knuth provides in that paper are still relevant in any modern language. By that measure, Dijkstra won.
It's not surprising either, Dijkstra was always in utopia, talking about how things would be if he build the world himself (which doesn't mean he's wrong). Knuth has always been about how to deal with the current reality (including the state of programming languages), and not so much about changing that reality.
"It explained Apple's philosophy and purpose; that people, not just government and big corporations, should run technology."
source
Clearly Apple would want the people to be in charge of what they can and cannot do with their iPhone.
There is no such thing as Former NSA. There is only 'in line' and 'dead before dawn'.
BTW, I think there is a lot of skill needed to be able to look at problem, figure out what libraries can/can not help and then pull it all together into a cohesive solution.
Isn't that the skill which makes you an engineer? Engineers don't go into the woods to take down trees, they never weld anything together and generally didn't add a single nail to the bridge which gets to carry their name.
Realistically, most programmers actually aren't the engineer, the are the lumberjacks and the welders. Sadly though, the engineering phase is skipped in most software projects. Thats why the fun and the quality is gone in a lot of software work. Programmers should actually grow up and become proper engineers and architects instead of just implementing the first thing which comes to mind.
The programmers of those libraries should start doing that first though, one of the reasons working with all those libraries is a pain in the butt is because the are largely unintuitive, unclean, incompatible and each in need of their own workarounds. I'm sure any programmer here can list a few libraries he just hates like nothing else, but simply cannot avoid using.
Someday all our software will be the result of proper engineering, although probably not in my lifetime.
When I press the middle one, it applies the brakes.
Or the cable snaps and nothing happens. Luckily that is rather unlikely, and will only happen if you suddenly have to break really hard...
"The last time I was sober, man I felt bad." :)
Obviously, he meant that the apps/contacts/e-mails/schedules/etc. that are stored on the phone constitute his "life", not the phone itself.
Well being a proper geek, he surely he had a proper backup of those. Right?
Gary: Dammit, if they want this to be an ad, an ad it will be. And a highly publicized one as well.
Very well possible, I do log all my conversations. It could also be the result of wiretaps, I don't think it's encrypted in any way. Or perhaps MS does log those messages, if that's the case they at least didn't document the procedure to retrieve those in this document.
So, does this manual that Cryptome put up reveal any dark secrets, or is the complaint justified here? I wouldn't bet either way without reading it.
No, it outlines the procedures for getting data about hotmail and live users from Microsoft, it shows examples of what data is provided, what each piece of data means etc. It also tells what information is stored and how long and which type of warrant/court order is required for certain types of information. An interesting read, but nothing that shocked me so far (I didn't read all of it yet).
On the other hand, I can't really see why MS goes out of it's way to prevent this document from being public. It's the kind of documentation they could just as well publish on their own website, everything in there is, as far as I can see, simply the result of what's in the law. If you have a problem with that, complain to the ones that made the law...
The only thing in there which MS probably doesn't want to be published are a few phone numbers and email addresses and frankly those should have been redacted out.
What can one take away from this letter? That the BSA would rather have you pirate Microsoft products than use Linux?
Yes they do, because Microsoft can take a lot of piracy, that just lost income. They will try to prevent that as much as possible, but at least it affects only those pirated copies and they have some change of getting that money somehow later on.
When people start moving to alternatives, OSS or otherwise, they loose the same amount of money, but with no change on ever recovering any of it, no change of selling any of their other product (the all run on Windows) and one of their competitors grows, gets a showcase and it might even spread around (this is especially risky if the competitor is actually better). So yeah, from their perspective it makes sense they rather see you pirate MS product then use Linux.
And thats all fine, however when they start forcing governments to feel the same way it becomes scary. Very scary, because Microsoft would probably also rather not have a free market at all, that would really help their shareholders a lot.
So now we'll have to choose whether we hate him because he is an annoying attention seeking lier, or because he thinks Vista is an excellent product. He considers himself to be this amazingly successful nice bloke, but he also thinks he is the most hated person on the internet.
Did anybody tell him there is all sorts of stuff between black and white? I means, compared to him even slashdots frontpage is full of nuance.
Well, I can tell you what the article is going to say. It's going to tell you that it's all somebody else's fault. And if anything was wrong, it's because InfoWorld approved of his immoral behavior, which somehow makes it not his fault anymore.
Rough, guess, I'll RTFA now. But he is just that kind of guy...
What makes you think that EBay didn't simply safe that 100K because of other factors. The thing is 'burning' methane, if it does so with the same efficiency as a coal plant it would still save EBay money because there is no third party supplying the electricity, and there is no loss in the transportation of that electricity. And apparently there are some nice subsidies in place as well. All of that could well add up to that 100K.
And as someone else noted already, it's a nice alternative for those huge diesel generators found at datacenters.
American SUV = 16 liters/100 km
American sedan = 9.4 liters/100 km
Prius = 4.7 liters/100 km
vehicle in article = 0.085 liters/100 km
Fixed...
Hell, I own a 11 years old European overpowered turbo-charged estate car, I only drive short stretches and I've got a really, really heavy right foot. But I do average better then 9.4 liters/100 km. The fuel consumption numbers on American cars amaze me every time, here's a hint: Bigger is not always better.
Well, lets say they weren't really keeping up with then news if they didn't notice that this "Devil Mountain Software" company (who's software they distribute and who's founder they employ) suddenly had a new CTO in lots of publications, some of them rather in the spotlight. Especially because it appears to be a one man business ran from his home. (Which is fine, but a shop like that doesn't suddenly have a CTO).
Well, they are seeing a spike in I/O, but they didn't actually measure performance nor did they take into account how people are using their system. So effectively they might just be comparing grandma playing solitaire on her XP machine to a gamer playing some demanding game on his Windows 7 box and claim that Windows 7 needs more memory and I/O. They didn't normalize the results in any way, but you can be fairly certain that the first users upgrading to Windows 7 are the gamers and other more demanding users. Also, Windows 7 machines are more likely to run other more recent software, so perhaps it's just that Office 2007 and the Office 2010 beta are a bigger resource hogs compared to Office XP en Office 2003.
It's all just statistics, but without really knowing what is being measured and blindly assuming that correlation means cause. But hey, we got a percentage so it must be true...
Ok, I'm truly curious here. How the heck would the OS know what memory space corresponds to the active tab in FF versus the inactive tabs or other application data?
It wouldn't know about tabs as such. However, it could track which page was accessed/changed/created most recently. Memory related to the currently active tab is likely to be the most recently used memory.
Yea that's the one. There's an auction for them for $60 each on ebay right now.
That's $120 to interconnect just two points. I'd think the house has to be pretty big to make that cheaper then pulling some Cat5e cable, which will even get you the additional benefit of being able to do 1Gbps as well.
This often leads to 'filling quotas' in workforces. Qualified people are passed over so that someone who fills the quota can be hired.
Which could lead to interesting things. Imagine a company which hired to many non-white people placing an job ad which explicitly states only white people can apply?
<cynic-mode>
Just hire your own cleaning staff, instead of outsourcing that, and you can be racist all you want for the important jobs...
</cynic-mode>
But why do you assume it's underperformance on behalf of the candidate, rather than bias in the hiring system?
Because even racists are innocent until proven otherwise?
I'd be fine with a law bankrupting any company which is proven to be racist, but it's just plain wrong when the company has to prove they are innocent.
And in the long term, it might just create a market for something which is neither ARM nor x86. And that something may well be build by Intel as well. The only reason we stick to x86 is binary compatibility, with more open-source that becomes less important.
Likewise with ZIP codes in the EU: it may seem ridiculous but ZIP code databases are copyrighted there.
They are still not copyrighted. That very instance of the database may be protected, you can't just rip it and use it for whatever you want. Not even of the database is publicly searchable.
But you can go out and start collecting that very same information on your own and create your own database. Once you've done that you can use that in any way you see fit.
What you can't do is wait till somebody else has done all the hard work and then just grab that for free, which seems fair enough to me.
No, the payment processor is made to believe that PIN authentication isn't used. The false PIN-OK message is between the MITM and the terminal. The PIN entered is not actually compared to the PIN on the card. The MITM handles the card according to the "chip and signature" protocol and the terminal according to the "chip and PIN" protocol.
And since the terminal is handled according to the Chip and PIN protocol and the payment processor is talking to the terminal the payment processor will believe that PIN authentication is used.
Also, the PIN is never send to the card at al. Instead the MitM response to that request with a 'PIN OK' response.
I will never ever use a debit or credit card again, thanks to what I have found out today.
Smart move. Nevermind this attack will never hurt you when you are using your card, but only when you loose it. If you know where your card is and report it to your bank as soon as it's stolen your fine.