Maybe we should start a class action alleging that McBride touched us all when we were children. We could sue for one^H^H^Hthree billion dollars and smear his reputation in the same way he is doing to Linux. Dirty pool old boy, dirty pool.
I heard they were planning on licensing the goats.cx image for their latest campaign but talks fell through at the last moment because SCO claimed to own the arsehole in the photo. Oh well.
HAHAHAHAHA. All I can say is: if you really did that then you suck arse and I'd like a cheque for 1 billion dollars for misuse of my IP. I'll reveal what IP I'm accusing you of misusing in the year 2009, but I definitely need the cheque by friday at the latest since my rent is due;-)
Put the code on an FTP server with anonymous access and place the address on SlashDot and an ad in the newspapers and ask them to come pick up their fucking code which you have been looking after for the last few years. Charge them rent on the hard drive space and cartage to take it away;->
Re:Lessening Spam: The True Hollywood Story
on
Replacing SMTP?
·
· Score: 1
Kmail is the same, and that's my choosen client when at home...or Mozilla under Windows (yes, yes, I have to reboot to play games dammit!). If you really want to go downscale however there's always that classic (and still my fav curses client) Pine. Graphics? WTF are they?
Re:Lessening Spam: The True Hollywood Story
on
Replacing SMTP?
·
· Score: 1
I'm not too surprised that one turned out the way it did, but you also shouldn't be surprised if it rises again in a few months because they added you to their "sell this email address" list instead. They may not spam you, but others might. Hard to tell for sure...
Here's one tip however that really will vastly reduce your spam
turn off the preview window.Spammers often attach a special image that is tagged to your address that will confirm it as a working email address when you *preview* the mail. Turn off the preview pane and delete all spammy looking emails based on their subjects (and use spamassassin and TMDA to cull these first). Outlook is your own worst enemy when it comes to confirming the validity of your email address.
If you have viewed a spam and it does have an unsubscribe, you may as well try it now, since they already know your a good address to spam.
Re:Put your money where your mouth is!
on
Replacing SMTP?
·
· Score: 1
blackhawk@ivanhawkes.com
NOTE: I use a combination of RBL, spamassassin and then TMDA for those that fail the spamassassin test. I can put my email address all over the internet and still only receive 1-3 spams / week out of the 30-50 that come in each day. I've also got some bayesian filtering options, but since I use three different email clients against an IMAP server it is too much trouble to train the bayes filters.
I recently wrote an encryption routine that encrypts data based on a password
I've written very basic encryption routines in the past and can highly reccommend you use a modern, well studied, and well tested form of encryption rather than something homebrew. Unless you are deeply skilled in the maths and number theory for crypto then it is likely there are major flaws in your encryption routines. If you're using Windows then try out the cypto routines provided, and under Linux there's always some library you can link to. It's bound to be safer (especially when your dataset has known cribs - like starting with byte markers and the XML.. shebang). Use RSA/triple DES/AES or some stream oriented cyher with a 128bit or greater key and you should be safe from all except government and big business (think really rich) level snooping. Those XML tags will fall to statistical analysis in no time flat.
I can't decide whether this is a troll or not.Not trolling, just not playing nice with the other children today;->
But, regarding steganography, if there is no reason to "hide" the source by distributing only binaries, then why doesn't everybody release their code? Why, when a company releases a software version, do people whine about its faults and ask the company to fix them, rather than fixing them themselves (or getting a programming friend to).
In terms of hiding the source, companies already benefit from the obfuscation that occurs when code is compiled in, and I suspect if they didn't get that basic level of protection more would look to encryption to protect their code. I imagine, instead of self extracting.exes, we would have self extracting and decypting.exes. The problem with this of course is that the key also needs to be distributed, and that's almost certainly why they aren't doing it at present.
People whine to the company to fix the code because hacking a binary is hard work and usually reserved for cracking efforts. If companies also released the source then people *might* consider looking at it and fixing something itself, but the great majority would still just go whining to the companies.
So, how is a big blob of assembly code, possibly not working 100%, stripped of identifiers and comments, nearly as useful as "properly written" C/C++?Because you can modify it and reasseble it to get a customised version of the code. Now, this is by no means a substitute for the c/c++/whatever code if it's available, but it is a valid technique for replacing and updating small sections of code. I've personally done it to viruses and some older software (back in my DOS days) to get an idea of what they're doing, or to remove some unwanted code snippets. It looks like I'll have to do it again shortly too, because the NVidia driver for the XBox is only available in binary form. A quick disassemble, a long period of code inspection, and an equally long translation to equivalent c and we will have an open source version of the driver. It'd be nice if NVidia simply released the source code, but that isn't going to happen:-
Hehe, just fucking with you, but are we allowed to count all that crap at the top of the page. This is my crappy, and likely to run to ruination (no return statement), assembly program. 1 byte of code, two lines of assembler.
You're right though, many assembler instructions take 2-3 bytes to represent IIRC and will distill to a single line of code using another 1-8 bytes (or more) for the data.
It looks like what it does is similar, but not quite as useful, as what Bounds Checker (now called Dev Partner) does. This is debug code and a runtime instrumentation that is added to your code. It then checks the parameters of every single library call you make and ensures you pass good values. It can detect things like passing in a bad handle to a function and memory leaks...all good stuff at development time.
This product looks less useful because it will not process it in regard to user input, and user input is the thing *most* likely to bring your system down.
I would say it's worth running the check, but think of it not as a way to say your code is clean, but a way to say your code is not dirty.
I assume you are talking about vtables here? These would be created by both the compiler and the runtime. Under Windows the runtime is responsble for loading the code, performing fixups, then executing it. This is known behaviour and could be emulated by the software.
Compiled code has been used intentionally by programmers as a sort of encryption/stenography
Speaking as a programmer I can say this is a load of horse pucky. Firstly, if we wanted to use encryption, we would simply use encryption. Secondly, stenograhpy is deliberating hiding information within outher information, but that's not what compiled code is doing. Sheesh, I can't believe anyone modded this crap up.
Code is actually compiled from human readable form (text, source code, ASM) into a binary form that may be loaded and executed by the computer. This process is not designed to obscure it from humans, but make it readable by computers. Since any decent decompiler can take that binary and get a working (or mostly working) set of source from it (just not the same as the original, and usually only in assembler) it makes both a lousy form of encryption and steganography.
That reference to DARPA has me a little worried about the sort of uses this technology will be put to. I wonder, are the CIA trying to shore up holes in their translation abilities (particularly for Arabic/etc) by using software. What happens when you pair this technology up with the Echelon project? Are we going to see a dramatic rise in the ability of the government to spy on nationals and particularly foreign nationals now?
Small businesses who need bespoke work will still need your skills. These offshore operations work best for big projects (multi-million) and call centres/etc. The little mom and pop shops and small businesses will not be able to see value through this. Make that your target market.
Me too mate. Anyway, you can always trade up to consulting and design/architecture/etc if you've got enough experience (which I have:-)) It's not as much fun as hacking code but you can go home and do some Open Source hacking in the evenings, which is the way I cope with the fact I mainly do planning and costing now.
Currently, outsourcing to India is about 60% of the cost of doing it in the US. This used to be more like 10% at one time, and I expect it to keep rising in time with the mantra "charge whatever the market will bear". Expect figures more like 75% when more companies start to glom onto this. It's still a cost saving to the US companies so they will go ahead with it, but it's nowhere near the saving it used to be.
So, not in fact hard to replace at all by the sounds of it. Are you at least qualified with an MCSE or something (or Linux equivalent) because I suspect the Indians guys are going to be. That's how they compete, by providing better quality of service at a lower price. This is usually backed up by some figures on defects / lines of code, etc.
I'll be the first to say it sux0r to be replaced using sweat shop labour for my chosen career, but they can't do it to all of us, so we need to adapt to the new working conditions and find the niche that is hard to replace.
And I agree with you entirely, but you seem to have forgotten that the original story was
called "Using XML in Performance Sensensitive Apps" in this case the guy was talking about using
it in a 1000 per sec concurrent request system which IMO is crazy.
Oh yeh, I forgot about that. In which case the guy is crazy unless he's planning on building a reasonable sized cluster or moving the transforms back onto the client machines. It's easy enough to do 1000 hits/sec, but 1000 page request / sec is another ballpark altogether. NOTE: even my XBox can handle 850 hits/secs!
I'm already well familiar with the htons () and ntohs () functions seeing as I've programmed low level network handling code. Those functions aren't really the issue, it's the way some broken (read Microsoft) compilers *don't* follow the standards and lay their structure out differently in memory. You only need 1 compiler on 1 platform to be doing this to end up with a forked code base because blasting records to the drive or network won't work with these dysfunctional compilers. That is the main issue. Let's not be forgetting different architectures ideas on the size of an int, so this will need to be handled, possibly with typedefs.
No doubt you've read about all these terms in some book and think you're being smart but all
you've done is prove my point about high level coders being clueless.Your inability to see the value in losing a little performace to gain a lot of compatibilty is showing who the real clueless person in this thread is. It's all about the right tool for the right job. XML is not meant for low level networking or for high speed transfers, or for low footprint data storage. What it does, and does well, is allow tow disparate systems to speak a rudimentary and easy to parse common language.
Slashdot Mirror
BENDER: (flicks fishing rod at fry's arse) FRY: Oh, my small intestine!
Maybe we should start a class action alleging that McBride touched us all when we were children. We could sue for one^H^H^Hthree billion dollars and smear his reputation in the same way he is doing to Linux. Dirty pool old boy, dirty pool.
I heard they were planning on licensing the goats.cx image for their latest campaign but talks fell through at the last moment because SCO claimed to own the arsehole in the photo. Oh well.
HAHAHAHAHA. All I can say is: if you really did that then you suck arse and I'd like a cheque for 1 billion dollars for misuse of my IP. I'll reveal what IP I'm accusing you of misusing in the year 2009, but I definitely need the cheque by friday at the latest since my rent is due ;-)
1 word: up2date. RedHat puts out the new binaries on up2date and we're all patched up and tucked into bed in time for the evening news.
Put the code on an FTP server with anonymous access and place the address on SlashDot and an ad in the newspapers and ask them to come pick up their fucking code which you have been looking after for the last few years. Charge them rent on the hard drive space and cartage to take it away ;->
Kmail is the same, and that's my choosen client when at home...or Mozilla under Windows (yes, yes, I have to reboot to play games dammit!). If you really want to go downscale however there's always that classic (and still my fav curses client) Pine. Graphics? WTF are they?
Here's one tip however that really will vastly reduce your spam
turn off the preview window.Spammers often attach a special image that is tagged to your address that will confirm it as a working email address when you *preview* the mail. Turn off the preview pane and delete all spammy looking emails based on their subjects (and use spamassassin and TMDA to cull these first). Outlook is your own worst enemy when it comes to confirming the validity of your email address.
If you have viewed a spam and it does have an unsubscribe, you may as well try it now, since they already know your a good address to spam.
NOTE: I use a combination of RBL, spamassassin and then TMDA for those that fail the spamassassin test. I can put my email address all over the internet and still only receive 1-3 spams / week out of the 30-50 that come in each day. I've also got some bayesian filtering options, but since I use three different email clients against an IMAP server it is too much trouble to train the bayes filters.
I've written very basic encryption routines in the past and can highly reccommend you use a modern, well studied, and well tested form of encryption rather than something homebrew. Unless you are deeply skilled in the maths and number theory for crypto then it is likely there are major flaws in your encryption routines. If you're using Windows then try out the cypto routines provided, and under Linux there's always some library you can link to. It's bound to be safer (especially when your dataset has known cribs - like starting with byte markers and the XML.. shebang). Use RSA/triple DES/AES or some stream oriented cyher with a 128bit or greater key and you should be safe from all except government and big business (think really rich) level snooping. Those XML tags will fall to statistical analysis in no time flat.
But, regarding steganography, if there is no reason to "hide" the source by distributing only binaries, then why doesn't everybody release their code? Why, when a company releases a software version, do people whine about its faults and ask the company to fix them, rather than fixing them themselves (or getting a programming friend to).
In terms of hiding the source, companies already benefit from the obfuscation that occurs when code is compiled in, and I suspect if they didn't get that basic level of protection more would look to encryption to protect their code. I imagine, instead of self extracting .exes, we would have self extracting and decypting .exes. The problem with this of course is that the key also needs to be distributed, and that's almost certainly why they aren't doing it at present.
People whine to the company to fix the code because hacking a binary is hard work and usually reserved for cracking efforts. If companies also released the source then people *might* consider looking at it and fixing something itself, but the great majority would still just go whining to the companies.
So, how is a big blob of assembly code, possibly not working 100%, stripped of identifiers and comments, nearly as useful as "properly written" C/C++?Because you can modify it and reasseble it to get a customised version of the code. Now, this is by no means a substitute for the c/c++/whatever code if it's available, but it is a valid technique for replacing and updating small sections of code. I've personally done it to viruses and some older software (back in my DOS days) to get an idea of what they're doing, or to remove some unwanted code snippets. It looks like I'll have to do it again shortly too, because the NVidia driver for the XBox is only available in binary form. A quick disassemble, a long period of code inspection, and an equally long translation to equivalent c and we will have an open source version of the driver. It'd be nice if NVidia simply released the source code, but that isn't going to happen :-
Hehe, just fucking with you, but are we allowed to count all that crap at the top of the page. This is my crappy, and likely to run to ruination (no return statement), assembly program. 1 byte of code, two lines of assembler.
You're right though, many assembler instructions take 2-3 bytes to represent IIRC and will distill to a single line of code using another 1-8 bytes (or more) for the data.
nop
nop
nop
repeats 47 more times.
This product looks less useful because it will not process it in regard to user input, and user input is the thing *most* likely to bring your system down.
I would say it's worth running the check, but think of it not as a way to say your code is clean, but a way to say your code is not dirty.
I assume you are talking about vtables here? These would be created by both the compiler and the runtime. Under Windows the runtime is responsble for loading the code, performing fixups, then executing it. This is known behaviour and could be emulated by the software.
Speaking as a programmer I can say this is a load of horse pucky. Firstly, if we wanted to use encryption, we would simply use encryption. Secondly, stenograhpy is deliberating hiding information within outher information, but that's not what compiled code is doing. Sheesh, I can't believe anyone modded this crap up.
Code is actually compiled from human readable form (text, source code, ASM) into a binary form that may be loaded and executed by the computer. This process is not designed to obscure it from humans, but make it readable by computers. Since any decent decompiler can take that binary and get a working (or mostly working) set of source from it (just not the same as the original, and usually only in assembler) it makes both a lousy form of encryption and steganography.
You done good be rite is. We fckuing enGlish good nows.
That reference to DARPA has me a little worried about the sort of uses this technology will be put to. I wonder, are the CIA trying to shore up holes in their translation abilities (particularly for Arabic/etc) by using software. What happens when you pair this technology up with the Echelon project? Are we going to see a dramatic rise in the ability of the government to spy on nationals and particularly foreign nationals now?
Small businesses who need bespoke work will still need your skills. These offshore operations work best for big projects (multi-million) and call centres/etc. The little mom and pop shops and small businesses will not be able to see value through this. Make that your target market.
Me too mate. Anyway, you can always trade up to consulting and design/architecture/etc if you've got enough experience (which I have :-)) It's not as much fun as hacking code but you can go home and do some Open Source hacking in the evenings, which is the way I cope with the fact I mainly do planning and costing now.
Currently, outsourcing to India is about 60% of the cost of doing it in the US. This used to be more like 10% at one time, and I expect it to keep rising in time with the mantra "charge whatever the market will bear". Expect figures more like 75% when more companies start to glom onto this. It's still a cost saving to the US companies so they will go ahead with it, but it's nowhere near the saving it used to be.
I'll be the first to say it sux0r to be replaced using sweat shop labour for my chosen career, but they can't do it to all of us, so we need to adapt to the new working conditions and find the niche that is hard to replace.
Oh yeh, I forgot about that. In which case the guy is crazy unless he's planning on building a reasonable sized cluster or moving the transforms back onto the client machines. It's easy enough to do 1000 hits/sec, but 1000 page request / sec is another ballpark altogether. NOTE: even my XBox can handle 850 hits/secs!
No doubt you've read about all these terms in some book and think you're being smart but all you've done is prove my point about high level coders being clueless.Your inability to see the value in losing a little performace to gain a lot of compatibilty is showing who the real clueless person in this thread is. It's all about the right tool for the right job. XML is not meant for low level networking or for high speed transfers, or for low footprint data storage. What it does, and does well, is allow tow disparate systems to speak a rudimentary and easy to parse common language.
No, because it is a POSIX based system that is Unix like.