Thanks for mentioning that. Your post has prompted me to finally set up a page for TurboVM, a virtual machine I have been working on. What makes TurboVM interesting is that it's (1) small and simple, (2) not tied into a programming model like typical VMs that are designed with a single language in mind, and (3) FAST.
There is a bytecode interpreter which seems to outperform OCaml's (widely considered fast) by about a factor 2 to 3, and a compiler that compiles bytecode to C which can then be compiled to native code and will run about as quickly as an equivalent program written in C to begin with (everything compiled with maximum optimizations). An assembler and a disassembler are also provided.
All this is in a pretty early stage of development, not very well tested (I think some of the signed operations are wrongly implemented), poorly documented, and lacking features (right now, programs are just instructions...I want something with sections, labels, linkable libraries, etc.), and so on, but you can download it now and it compiles and runs. I hope some of you will be as excited about it as I am.:-D
This is why I don't consider Firefox, OpenOffice.org, etc (basically, most of the high-profile open-source software) to be prime examples of open-source. Generally, they are similar to (sometimes clones of) commercial software, including the bloat and bugs. _Most_ of the software I use actually isn't like that. And that's why I like it.
``Hey, if you've got the time to make all purchases with cash, if you never buy stuff on-line or via mail order and choose not to maintain a credit card, if you pay all your bills in cash by going to the billing office for each utility instead of mailing a check or providing your check routing information for payment... then more power to you. Fight the man, brother! Just don't waste a lot of fossil fuel in the process:-)''
That's what I did when I lived in the States. Now I live in the Netherlands. I pay with cash, PIN (swipe bank card, enter PIN), bank transfers (sometimes initiated by me, sometimes automatic - you can authorize organizations to deduct what you owe them), and, very rarely, PayPal and credit card. It's a different world. In the States, everybody pays by credit card, and nobody pays with PIN. Here, it's the other way around.
``However, and this was the point of my post, you don't have to be "careless with credit cards or checks" to get in trouble. All that is required to create a fake check is an account number. And credit transactions can be easily faked using the information printed on the card (number and verification code) along with your publicly available address and phone number.''
Perhaps, then, if these systems are so insecure, _any_ use you make of them is careless.
``How many people have an opportunity to memorize your credit card info every day?... many merchants demand your photo ID too -- so now they have your home address!''
My passport doesn't have my address on it.
``There's no way to stop it; you have to give up this information to make a transaction.''
Only if you pay by credit card. If you pay cash, you aren't giving up any information. In most countries I know, you can pay with a bank card, authenticated by a PIN. This isn't secure (the PIN can be recorded and the card cloned), but it seems to work better in practice than what people use in the States.
``You should be worried about these types of transactions, because, as you said, "The money may be mine, but, other than that, it has nothing to do with me." That first bit is pretty darn important. I don't know about you, but I don't want other people to take my money.''
People taking my money is really not what I'm most worried about. I don't carry a lot of money with me and I've never been robbed. What I'm worried about is people affecting what other people think they know about me. I don't know if you know any victims of identity fraud, but I do. Nobody trusts them. They can only get the shittiest of jobs, despite having proper education. They have to pay off debts that were created in their name by other people. They live in fear of the police, because the police are after them for crimes they didn't commit. _This_ is what I'm afraid of. Getting some money stolen from me is minor compared to that, and I'm sure there is insurance against it, too.
I completely agree with your post. The problem isn't that it's easy to get the magic numbers relating to a person, it's that we are willing to believe someone knowing the magic numbers is the person they relate to, even though we should _know_ how easy it is to know those numbers if you're not the person in question.
On the other hand, the examples you gave (credit card and cheque payments) aren't about authentication. They are about payment. I don't know why anybody (including myself) buying anything with my cheques or credit card (neither of which are actually common forms of payment in Europe, where I live) would have anything to do with my identity. These are just payment methods. The money may be mine, but, other than that, it has nothing to do with me.
Of course, the way this reflects on me is that I will seem to be an irresponsible spender if other people buy a lot of things with my credit card and my checques. And, actually, I don't think there's anything wrong with that. After all, I allowed the card or the checques to fall into the wrong hands. Hypothetically speaking, that is, because, when I lived in the States, I kept my checques locked up and never used them, and I didn't have a credit card. I simply paid everything in cash. The security implications of cash are easy to understand: if you have it, you can pay for it. Who you are or how you got it doesn't enter into the question.
And now I think we're back to identity theft. Because, when I don't use cheques or credit cards, that doesn't mean I'm safe. Because someone else could sign up for a credit card or a checking account in my name, and use the card or the cheques to pay. And I would be the one receiving the bad credit rating, which, in cases of identity theft I've seen, not only prevents one from borrowing money, but also from getting a job. And the reason that this can happen is, indeed, that banks and credit companies accept that someone is me when they present some data that anybody could easily obtain.
So what's happening, really, is that the banks and credit companies are being irresponsible by accepting weak evidence as proof that someone is me, and then blaming me and making my life miserable when someone else exploits this weakness. This makes me really angry. And then, to make matters worse, most every organization will believe these failing companies on their word when they say I got a credit card and never pay my debts. And then _I_ have to pay to clear my name, before I can get a job or a loan. So _I_ will be in great financial trouble because everybody else uses flawed security.
Of course, all hypothetically. I have never had any of this happen to me. And somehow, in Europe, this seems to be less common. I don't even know if stories like the one I just told are common in the States. I know identity theft runs rampant there, but I'm not sure if the victims are careful as I was in the story, or careless with their credit cards or checques. All I know is that I'm happy it hasn't happened to me, I extend my sympathy to those it has happened to, and I hope the problems in the system get addressed.
Well, in markets where there is actual competition, the market should sort this out.
Doing research about employees' online activities costs a company money. Ending employees' contract because of their activities costs companies employees that cost them money to acquire, and who supposedly did good work. Knowing that your company is watching you even when you're not on duty is probably not good for morale. That could cost the company, as well.
There might actually be benefits to doing this kind of monitoring.
So, in the end, companies that monitor their employees wisely will gain, and companies that go too far in their monitoring will lose. Assuming actual competition, it will be more difficult for companies that lose in this way to compete with th ones that win.
Replying to your post, but it could have as well been someone else's.
``I've installed both on the same machine within the past 2 weeks. Once the desktop is up and I'm clicking around it would be very difficult to tell which OS is running on the box except for the backdrop and default color scheme. Gnome 2.20 is pretty much Gnome 2.20 no matter which distro it sits on top of. Icon placement, desktop panels, menu arrangement, they were pretty much identical. Who cares about apt vs yum either, click Applications->Add/Remove Software and point'n'click your way through installing whatever you need installed.''
I feel this kind of superficial review is really not doing justice to distros that do a lot of hard work to ensure a stable, reliable environment. You've run these distros for two weeks (divided among the two of them), and they superficially look the same to you, so you conclude there is no real difference.
What I wonder at this point is whether you would find differences if you ran each distro for an extended amount of time to get your daily work done, installed a significant amount of software, changed configurations, removed software, upgraded to a new release, etc. This is what will tell you if a distro is well-engineered, the packagers are doing a good job, bug fixes are timely and work well, etc. In my opinion, that says much more about the quality of an operating system than any impression you could have gotten of it in two weeks.
It's nice that people get all excited over eye candy and graphical installers, and I think these are important and both acclaim and criticism are very welcome. But in the end, what matters to me most is that it gets the job done. Debian does this for me. It won't be winning any beauty or coolness contests any time soon, but I find it's one of the few distros where things Just Work. I've seen distro after distro go chasing after polish or features, and, invariably, the result has been degraded quality of the package management. When you can't count on installs or upgrades through the package manager resulting in a working system, and releases are shipped with known show-stopping bugs, I thank the Debian team for providing us with a system where stability, reliability, and quality come first.
I agree with the general message of your post, but I have to nitpick.
``As demand grows, you'll see more vendors opening up specs. It's their right to do so or not, and your right to vote with your wallet.''
Your right to vote with your wallet is only useful if you _can_ vote with your wallet. If nobody will sell you hardware with available specs for a price that you can afford, what will you do?
``The only place OSS is making a dent is server space. Why do you need an advanced GPU on your server?''
A number of points can be made here. First of all, open source is making inroads in other places than server space, too. I don't have exact figures (nobody does), but I see KDE, GNOME, and fvwm desktops often enough. Wal-Mart and Dell are selling PCs with Linux pre-installed. Many routers and like devices use Linux and Busybox. All development work I've been involved in used open source, usually exclusively or almost exclusively. Open source web browsers hold a sizable chunk of the market.
Another point is that there is a bit of a chicken and egg problem. It doesn't make a lot of sense to open specs for the hardware if this will only benefit you a little. So you don't do that if only few people are asking. It doesn't help a lot to ask for specs if you aren't going to get them anyway. So few people ask. There also isn't a lot of software in th open source world that would see a great benefit from working 3D. And it doesn't make a lot of sense to start developing that software if 3D doesn't work anyway.
This is the pit the world's been in, but it's slowly changing. Nvidia has made available good 3D drivers, allowing 3D software to be developed. Now there are Neverwinter Nights, Compiz, Blender, etc. Apparently, Intel has seen value in supporting open source, and there are good open source drivers for Intel graphics cards. And the number of people using open source software appears to be growing. Certainly, awareness of open source is greater than it was, say, 10 years ago. Day by day, the landscape is changing.
``If governments became truly accountable to voters,...''...and voters actually had a clue,...
I mean, seriously. You can't know everything about everything. And when it comes to economics, I'm willing to bet most voters believe things that are the absolute opposite of what experts believe. I think many of the barriers we have in our markets are there exactly because voters want them to be.
``Not an angry reply at all, but just the question, how could a socialist system give incentive for anyone to do much of anything''
Simple. If you don't meet the goals we've set for you, we send you to Gitmo. There can't be a reward for working well (oh no! inequality!), so there must be a punishment for working poorly.
``If your friend has a Turing complete language...''
It's strongly normalizing (every program terminates), so it's not Turing complete.
``If, however, he doesn't have a Turing complete language then I question it's usefulness to the general public (I can ensure any program terminates out there by killing it after 1000 steps, but that isn't terribly useful and few have any need of a language to enforce that). Maybe there will be some specific market for it, I would guess there are some embedded systems that may benefit from such a thing, but then I also bet they already do something more specific to their domain with existing well tested languages/environments.''
The language we're talking about is Piffle and it's a packet filtering language. It looks sort of like C or Pascal, and it has types, functions (but not recursion) and bounded loops. One can tell the compiler the maximum amount of CPU time and memory a program is allowed to use, and the compiler will then accept the program only if it cannot exceed these bounds.
It's easy to see how the language could be used in other areas than packet filtering with the addition of some functionality. I personally think it would be very useful for programming real-time systems. As far as I know, real-time systems are currently typically programmed in C, which doesn't actually offer any guarantees on execution time.
``I rather suspect that he/she has created a language few will use, hasn't tested it thoroughly, or will be "close" to releasing it until the end of time. My guess is also that if you think you have created a language that "can not" be broken (and is thus totally bug free) then you also fall into that very same category.''
You can do this with Mailvisa (and, I reckon, most other spam filters that use machine learning).
With Mailvisa, it works like this:
1. You read an article 2. You decide if you liked it or not 3. You put it in a "good articles" directory if you liked it, and a "bad articles" directory if you didn't 4. Once you have collected a number of articles, you train Mailvisa on them 5. Run every new article through Mailvisa. If it says it's spam, you probably don't want to read it 6. Repeat from step 1
Other Bayesian filters vary in the details. With Mailvisa, you want to only train once in a while, because it takes annoyingly long to load and store the databases. With other filters, this may not be the case, so you can train after every message. Some filters should only be trained with messages they classified wrongly (perhaps this goes for Mailvisa, too, but I get 100% precision (less than 1 message in 1000 wrongly classified as spam) and recall in the upper 90%s by training on all messages).
It would be nice if this functionality were integrated with other software (e.g. mail clients, RSS readers, etc.). Mailvisa is a stand-alone program and is not specific to filtering email, but it also isn't integrated with any other software that I am aware of. It would be much nicer if, when viewing a message, you could press a button to indicate that this message was good, or another button to indicate that this message was bad, and the filter of your choice would then be trained with that information.
``What happens when I send some modified data to the your server farm to process and it's actually a replicating virus.''
I am working on a programming language that, among other things, will have a subset that cannot affect the outside world (except if functions that can are passed into a program written in this subset as arguments). In other words, code written in this subset of the language cannot open files, send packets over the network, etc. etc. The only thing it can do is return values.
As long as submitted programs are in such a language, running the server is a perfectly safe operation.
A friend of mine has implemented a programming language in which every program terminates within a finite number of steps. I believe (but I am not entirely sure) that you can fairly simply determine the (worst-case) number of steps by performing static analysis on the program (I'm sure it's possible, not sure it's simple). In any case, you get the guarantee that programs written in this language terminate, so they won't hog the CPU forever. And you can determine how long it is going to take before you run the program. I am thinking to incorporate these features into my programming language as well, at some point.
``You could probably sell the same chair back to Ballmer several times:)''
So that's where they got the idea...
Speed Improvements Are Nice, But Not Enough
on
Ruby 1.9.0 Released
·
· Score: 1
It's nice to see that Ruby interpreter speed is improving. Performance and compile time checking (think static types) are about the only areas in which I find Ruby lacking. Looking at the table on the shootout page, though, I find that performance has only improved by a factor 2. That's impressive...but it's not enough.
Last I measured, Ruby was about a factor 300 slower than C on low-level code (measuring the performance of high-level functionality implemented in the interpreter is not so interesting, because that isn't actually implemented in Ruby). That means there is still a long way to go before Ruby is actually competitive with the likes of Common Lisp, OCaml, Haskell, or Lua in terms of performance (I wouldn't compare to C or Fortran, because these languages are much more limited in what abstrations they offer).
Still, Ruby is a great language, and I hope they keep up the great work. I end up writing quite a lot of code in Ruby, because it's very _easy_. The language is mostly very well designed, which means you aren't likely to run into limitations of the language, and there is support (either shipped with the language, or available as a third-party module) for almost everything I want to do. Speed isn't usually an issue. And when it is, it's possible (and easy) to write an extension in C.
The one thing I wish they would get rid of is the distinction between blocks and lambdas.
Good job. That post shows that you are actually interested in getting things right, and not just in perpetrating whatever idea you have no matter what the facts are. It also shows you know what you're talking about. I am happy I decided to reply to your original post, and I apologize for the strong language I used.
Now I will nitpick a bit, for the benefit of people reading this thread (yeah, right;-) ) who want to have a more complete understanding of what is going on. It took me a bit to understand your code (which is very elegant, by the way), but what I eventually got was this (first repeating the code for completeness):
sub copy_fields {
my ($x, $y) = splice @_, 0, 2;
$x->$_($y->$_) for @_; }
This is a function which, when called, will assign its first argument to $x and its second argument to $y. It will then iterate over the rest of the arguments, and, for each argument, use it as a property on the object in $x and the object in $y, assigning the value of that property of $y to the identically-named property on $x.
So, when you call the function like copy_fields($a, $b, 'firstname', 'lastname', 'birthday'); (I hope passing the field names as strings is the right way to do it in Perl; I'm not a Perl hacker), you will end up with $a->firstname being the same as $b->firstname, $a->lastname the same as $b->lastname, and $a->birthday the same as $b->birthday.
In Common Lisp, you can write code that does exactly the same thing. For example,
(defun copy-fields-function (x y &rest fields)
(loop for field in fields
do (setf (slot-value x field) (slot-value y field))))
You can then call this function like (copy-fields-function a b 'firstname 'lastname 'birthday) and get the named fields from b copied to a, just like in the Perl code above.
The above code uses regular functions (both in Perl and in Lisp). So, if copy-fields can be implemented as a normal function, why did I drag macros into this? Well, the difference between functions and macros lies in when things are evaluated.
Astute readers will have noticed that the names of the fields in the call to copy-fields-function above have quotes in front of them, whereas the copy-fields in my original post took them without quotes. This is because, when you call a function, the arguments are evaluated first, and the values that result from that are passed to the function. So if you wrote (copy-fields-function a b firstname lastname birthday), you would be asking to pass the _values_ assigned to firstname, lastname, and birthday into the function, which would likely result in an error. Instead, putting quotes in front of the symbols causes the symbols themselves to be passed to the function, which is what you want in this case. (Without the quotes, the equivalent call to the Perl version would be copy_fields($a, $b, $firstname, $lastname, $birthday);).
By contrast, arguments to macros are always passed to the macro as written, without evaluating them first. This is what allows macros to perform transformations on source code. Functions cannot do this, because, by the time the function actually gets to do anything, all its arguments will have been evaluated already. And this is an essential point, because it means that macros can control order of evaluation. The source code given as an argument to a macro may be evaluated once, more than once, or not at all. Thus, you can use macros to implement control structures, like conditionals, loops, pattern matching, etc. Or lazy evaluation. Or object systems. Macros allow you to extend the language...without having to modify the compiler. That's a lot of power for a single construct.
Another thing to mention is that, whereas functions (at least semantically) do their work
It's not that Microsoft actively _prevents_ you from installing competing software (browser, media player,...) on their OS. But the fact that they _include_ their own already poisons the market. Windows's dominance of the desktop market means that the vast majority of desktop users _also_ get Internet Explorer. They _can_ install a different browser, but this requires extra effort that many people are (understandably) not willing to make.
It is the extra effort that people have to make to get a browser other than Internet Explorer that makes it so difficult for other browser vendors to compete. Many people won't even _consider_ installing a different browser. On top of that, Internet Explorer's dominance makes webmasters (understandably) reluctant of breaking compatibility with it. This means that vendors of other browsers can add features all they want, but if Internet Explorer doesn't support those features, they will not be widely used. This, again, makes it hard for browser vendors to even make it compelling for users to make the extra effort of installing a browser other than Internet Explorer.
For a measure of exactly how hard it is to compete with Internet Explorer, just consider how much it took before Firefox finally started to take away market share from Internet Explorer. Tabs, ad blocking, built-in search bar, better security track record, I don't even know all the extra features. And a large ad in the New York Times. All this implemented in a product that customers could download for free, with no ads or nagware or any other nuisances. This is not a level playing field. This is Firefox being pushed up Microsofts mountain an inch at a time, thanks to hordes of volunteers and I don't know how much money in donations.
"Microsoft should be required openly, fully and faithfully to implement free and open industry standards."
Meh, I don't see why. It's up to the customers. They should use open standars, so that they have freedom to select the best vendor and can interoperate with everybody else. If customers choose to pay to get locked into proprietary formats (be they Microsoft's or anybody else's), I don't see how that's Microsoft's fault.
``Opera Software issued a complaint to the Competition Commissioner based on anti-competitive behavior in the web browser market.''
Now there is something to that. Microsoft is _still_ using their dominance on the desktop market to push their browser (push in a very real sense - IE7 was pushed over Windows update without asking any questions, as far as I understand). The poor support for standards in Internet Explorer causes webmasters extra work, but also combines with the fact that it's bundled with a widely sold operating system to make competition even more difficult for vendors of other browsers.
I understand that the sort of bundling Microsoft does here is illegal in both the USA and the EU (but note that IANAL). _That_ is something they can be held accountable for.
I found the line of thought intriguing, until it said "negative temperature". The whole point of "absolute zero" is that there _are_ no negative temperatures.
``In the *NIX world its almost impossible to hide a running process.''
Ah, yeah? I don't think so. Given that you've already compromised the host, that is. And if you can't hide your process, you can always try to masquerade as a process that should be running.
Slashdot Mirror
Thanks for mentioning that. Your post has prompted me to finally set up a page for TurboVM, a virtual machine I have been working on. What makes TurboVM interesting is that it's (1) small and simple, (2) not tied into a programming model like typical VMs that are designed with a single language in mind, and (3) FAST.
:-D
There is a bytecode interpreter which seems to outperform OCaml's (widely considered fast) by about a factor 2 to 3, and a compiler that compiles bytecode to C which can then be compiled to native code and will run about as quickly as an equivalent program written in C to begin with (everything compiled with maximum optimizations). An assembler and a disassembler are also provided.
All this is in a pretty early stage of development, not very well tested (I think some of the signed operations are wrongly implemented), poorly documented, and lacking features (right now, programs are just instructions...I want something with sections, labels, linkable libraries, etc.), and so on, but you can download it now and it compiles and runs. I hope some of you will be as excited about it as I am.
While I feel you may be right, has anyone considered that 2008 may be the year of Linux on the mobile?
This is why I don't consider Firefox, OpenOffice.org, etc (basically, most of the high-profile open-source software) to be prime examples of open-source. Generally, they are similar to (sometimes clones of) commercial software, including the bloat and bugs. _Most_ of the software I use actually isn't like that. And that's why I like it.
``Hey, if you've got the time to make all purchases with cash, if you never buy stuff on-line or via mail order and choose not to maintain a credit card, if you pay all your bills in cash by going to the billing office for each utility instead of mailing a check or providing your check routing information for payment... then more power to you. Fight the man, brother! Just don't waste a lot of fossil fuel in the process :-)''
That's what I did when I lived in the States. Now I live in the Netherlands. I pay with cash, PIN (swipe bank card, enter PIN), bank transfers (sometimes initiated by me, sometimes automatic - you can authorize organizations to deduct what you owe them), and, very rarely, PayPal and credit card. It's a different world. In the States, everybody pays by credit card, and nobody pays with PIN. Here, it's the other way around.
How does having your RSA SecureID stolen improve your situation over having, for example, your credit card stolen?
``However, and this was the point of my post, you don't have to be "careless with credit cards or checks" to get in trouble. All that is required to create a fake check is an account number. And credit transactions can be easily faked using the information printed on the card (number and verification code) along with your publicly available address and phone number.''
... many merchants demand your photo ID too -- so now they have your home address!''
Perhaps, then, if these systems are so insecure, _any_ use you make of them is careless.
``How many people have an opportunity to memorize your credit card info every day?
My passport doesn't have my address on it.
``There's no way to stop it; you have to give up this information to make a transaction.''
Only if you pay by credit card. If you pay cash, you aren't giving up any information. In most countries I know, you can pay with a bank card, authenticated by a PIN. This isn't secure (the PIN can be recorded and the card cloned), but it seems to work better in practice than what people use in the States.
``You should be worried about these types of transactions, because, as you said, "The money may be mine, but, other than that, it has nothing to do with me." That first bit is pretty darn important. I don't know about you, but I don't want other people to take my money.''
People taking my money is really not what I'm most worried about. I don't carry a lot of money with me and I've never been robbed. What I'm worried about is people affecting what other people think they know about me. I don't know if you know any victims of identity fraud, but I do. Nobody trusts them. They can only get the shittiest of jobs, despite having proper education. They have to pay off debts that were created in their name by other people. They live in fear of the police, because the police are after them for crimes they didn't commit. _This_ is what I'm afraid of. Getting some money stolen from me is minor compared to that, and I'm sure there is insurance against it, too.
I completely agree with your post. The problem isn't that it's easy to get the magic numbers relating to a person, it's that we are willing to believe someone knowing the magic numbers is the person they relate to, even though we should _know_ how easy it is to know those numbers if you're not the person in question.
On the other hand, the examples you gave (credit card and cheque payments) aren't about authentication. They are about payment. I don't know why anybody (including myself) buying anything with my cheques or credit card (neither of which are actually common forms of payment in Europe, where I live) would have anything to do with my identity. These are just payment methods. The money may be mine, but, other than that, it has nothing to do with me.
Of course, the way this reflects on me is that I will seem to be an irresponsible spender if other people buy a lot of things with my credit card and my checques. And, actually, I don't think there's anything wrong with that. After all, I allowed the card or the checques to fall into the wrong hands. Hypothetically speaking, that is, because, when I lived in the States, I kept my checques locked up and never used them, and I didn't have a credit card. I simply paid everything in cash. The security implications of cash are easy to understand: if you have it, you can pay for it. Who you are or how you got it doesn't enter into the question.
And now I think we're back to identity theft. Because, when I don't use cheques or credit cards, that doesn't mean I'm safe. Because someone else could sign up for a credit card or a checking account in my name, and use the card or the cheques to pay. And I would be the one receiving the bad credit rating, which, in cases of identity theft I've seen, not only prevents one from borrowing money, but also from getting a job. And the reason that this can happen is, indeed, that banks and credit companies accept that someone is me when they present some data that anybody could easily obtain.
So what's happening, really, is that the banks and credit companies are being irresponsible by accepting weak evidence as proof that someone is me, and then blaming me and making my life miserable when someone else exploits this weakness. This makes me really angry. And then, to make matters worse, most every organization will believe these failing companies on their word when they say I got a credit card and never pay my debts. And then _I_ have to pay to clear my name, before I can get a job or a loan. So _I_ will be in great financial trouble because everybody else uses flawed security.
Of course, all hypothetically. I have never had any of this happen to me. And somehow, in Europe, this seems to be less common. I don't even know if stories like the one I just told are common in the States. I know identity theft runs rampant there, but I'm not sure if the victims are careful as I was in the story, or careless with their credit cards or checques. All I know is that I'm happy it hasn't happened to me, I extend my sympathy to those it has happened to, and I hope the problems in the system get addressed.
Well, in markets where there is actual competition, the market should sort this out.
Doing research about employees' online activities costs a company money. Ending employees' contract because of their activities costs companies employees that cost them money to acquire, and who supposedly did good work. Knowing that your company is watching you even when you're not on duty is probably not good for morale. That could cost the company, as well.
There might actually be benefits to doing this kind of monitoring.
So, in the end, companies that monitor their employees wisely will gain, and companies that go too far in their monitoring will lose. Assuming actual competition, it will be more difficult for companies that lose in this way to compete with th ones that win.
Replying to your post, but it could have as well been someone else's.
``I've installed both on the same machine within the past 2 weeks. Once the desktop is up and I'm clicking around it would be very difficult to tell which OS is running on the box except for the backdrop and default color scheme. Gnome 2.20 is pretty much Gnome 2.20 no matter which distro it sits on top of. Icon placement, desktop panels, menu arrangement, they were pretty much identical. Who cares about apt vs yum either, click Applications->Add/Remove Software and point'n'click your way through installing whatever you need installed.''
I feel this kind of superficial review is really not doing justice to distros that do a lot of hard work to ensure a stable, reliable environment. You've run these distros for two weeks (divided among the two of them), and they superficially look the same to you, so you conclude there is no real difference.
What I wonder at this point is whether you would find differences if you ran each distro for an extended amount of time to get your daily work done, installed a significant amount of software, changed configurations, removed software, upgraded to a new release, etc. This is what will tell you if a distro is well-engineered, the packagers are doing a good job, bug fixes are timely and work well, etc. In my opinion, that says much more about the quality of an operating system than any impression you could have gotten of it in two weeks.
It's nice that people get all excited over eye candy and graphical installers, and I think these are important and both acclaim and criticism are very welcome. But in the end, what matters to me most is that it gets the job done. Debian does this for me. It won't be winning any beauty or coolness contests any time soon, but I find it's one of the few distros where things Just Work. I've seen distro after distro go chasing after polish or features, and, invariably, the result has been degraded quality of the package management. When you can't count on installs or upgrades through the package manager resulting in a working system, and releases are shipped with known show-stopping bugs, I thank the Debian team for providing us with a system where stability, reliability, and quality come first.
I agree with the general message of your post, but I have to nitpick.
``As demand grows, you'll see more vendors opening up specs. It's their right to do so or not, and your right to vote with your wallet.''
Your right to vote with your wallet is only useful if you _can_ vote with your wallet. If nobody will sell you hardware with available specs for a price that you can afford, what will you do?
``The only place OSS is making a dent is server space. Why do you need an advanced GPU on your server?''
A number of points can be made here. First of all, open source is making inroads in other places than server space, too. I don't have exact figures (nobody does), but I see KDE, GNOME, and fvwm desktops often enough. Wal-Mart and Dell are selling PCs with Linux pre-installed. Many routers and like devices use Linux and Busybox. All development work I've been involved in used open source, usually exclusively or almost exclusively. Open source web browsers hold a sizable chunk of the market.
Another point is that there is a bit of a chicken and egg problem. It doesn't make a lot of sense to open specs for the hardware if this will only benefit you a little. So you don't do that if only few people are asking. It doesn't help a lot to ask for specs if you aren't going to get them anyway. So few people ask. There also isn't a lot of software in th open source world that would see a great benefit from working 3D. And it doesn't make a lot of sense to start developing that software if 3D doesn't work anyway.
This is the pit the world's been in, but it's slowly changing. Nvidia has made available good 3D drivers, allowing 3D software to be developed. Now there are Neverwinter Nights, Compiz, Blender, etc. Apparently, Intel has seen value in supporting open source, and there are good open source drivers for Intel graphics cards. And the number of people using open source software appears to be growing. Certainly, awareness of open source is greater than it was, say, 10 years ago. Day by day, the landscape is changing.
``If governments became truly accountable to voters, ...'' ...and voters actually had a clue, ...
I mean, seriously. You can't know everything about everything. And when it comes to economics, I'm willing to bet most voters believe things that are the absolute opposite of what experts believe. I think many of the barriers we have in our markets are there exactly because voters want them to be.
``Not an angry reply at all, but just the question, how could a socialist system give incentive for anyone to do much of anything''
Simple. If you don't meet the goals we've set for you, we send you to Gitmo. There can't be a reward for working well (oh no! inequality!), so there must be a punishment for working poorly.
``If your friend has a Turing complete language ...''
It's strongly normalizing (every program terminates), so it's not Turing complete.
``If, however, he doesn't have a Turing complete language then I question it's usefulness to the general public (I can ensure any program terminates out there by killing it after 1000 steps, but that isn't terribly useful and few have any need of a language to enforce that). Maybe there will be some specific market for it, I would guess there are some embedded systems that may benefit from such a thing, but then I also bet they already do something more specific to their domain with existing well tested languages/environments.''
The language we're talking about is Piffle and it's a packet filtering language. It looks sort of like C or Pascal, and it has types, functions (but not recursion) and bounded loops. One can tell the compiler the maximum amount of CPU time and memory a program is allowed to use, and the compiler will then accept the program only if it cannot exceed these bounds.
It's easy to see how the language could be used in other areas than packet filtering with the addition of some functionality. I personally think it would be very useful for programming real-time systems. As far as I know, real-time systems are currently typically programmed in C, which doesn't actually offer any guarantees on execution time.
``I rather suspect that he/she has created a language few will use, hasn't tested it thoroughly, or will be "close" to releasing it until the end of time. My guess is also that if you think you have created a language that "can not" be broken (and is thus totally bug free) then you also fall into that very same category.''
That is, of course, entirely possible.
I'm not sure what "intelligent software agents" are, really. But I'm sure I'm ready for them once they have something useful to offer me.
You can do this with Mailvisa (and, I reckon, most other spam filters that use machine learning).
With Mailvisa, it works like this:
1. You read an article
2. You decide if you liked it or not
3. You put it in a "good articles" directory if you liked it, and a "bad articles" directory if you didn't
4. Once you have collected a number of articles, you train Mailvisa on them
5. Run every new article through Mailvisa. If it says it's spam, you probably don't want to read it
6. Repeat from step 1
Other Bayesian filters vary in the details. With Mailvisa, you want to only train once in a while, because it takes annoyingly long to load and store the databases. With other filters, this may not be the case, so you can train after every message. Some filters should only be trained with messages they classified wrongly (perhaps this goes for Mailvisa, too, but I get 100% precision (less than 1 message in 1000 wrongly classified as spam) and recall in the upper 90%s by training on all messages).
It would be nice if this functionality were integrated with other software (e.g. mail clients, RSS readers, etc.). Mailvisa is a stand-alone program and is not specific to filtering email, but it also isn't integrated with any other software that I am aware of. It would be much nicer if, when viewing a message, you could press a button to indicate that this message was good, or another button to indicate that this message was bad, and the filter of your choice would then be trained with that information.
``What happens when I send some modified data to the your server farm to process and it's actually a replicating virus.''
I am working on a programming language that, among other things, will have a subset that cannot affect the outside world (except if functions that can are passed into a program written in this subset as arguments). In other words, code written in this subset of the language cannot open files, send packets over the network, etc. etc. The only thing it can do is return values.
As long as submitted programs are in such a language, running the server is a perfectly safe operation.
A friend of mine has implemented a programming language in which every program terminates within a finite number of steps. I believe (but I am not entirely sure) that you can fairly simply determine the (worst-case) number of steps by performing static analysis on the program (I'm sure it's possible, not sure it's simple). In any case, you get the guarantee that programs written in this language terminate, so they won't hog the CPU forever. And you can determine how long it is going to take before you run the program. I am thinking to incorporate these features into my programming language as well, at some point.
"Nearly every scholar agrees that Bell and Watson were the first to transmit intelligible speech by electrical means."
;-)
Are you saying that Italian is not intelligible speech?
``You could probably sell the same chair back to Ballmer several times :)''
So that's where they got the idea...
It's nice to see that Ruby interpreter speed is improving. Performance and compile time checking (think static types) are about the only areas in which I find Ruby lacking. Looking at the table on the shootout page, though, I find that performance has only improved by a factor 2. That's impressive...but it's not enough.
Last I measured, Ruby was about a factor 300 slower than C on low-level code (measuring the performance of high-level functionality implemented in the interpreter is not so interesting, because that isn't actually implemented in Ruby). That means there is still a long way to go before Ruby is actually competitive with the likes of Common Lisp, OCaml, Haskell, or Lua in terms of performance (I wouldn't compare to C or Fortran, because these languages are much more limited in what abstrations they offer).
Still, Ruby is a great language, and I hope they keep up the great work. I end up writing quite a lot of code in Ruby, because it's very _easy_. The language is mostly very well designed, which means you aren't likely to run into limitations of the language, and there is support (either shipped with the language, or available as a third-party module) for almost everything I want to do. Speed isn't usually an issue. And when it is, it's possible (and easy) to write an extension in C.
The one thing I wish they would get rid of is the distinction between blocks and lambdas.
Now I will nitpick a bit, for the benefit of people reading this thread (yeah, right
This is a function which, when called, will assign its first argument to $x and its second argument to $y. It will then iterate over the rest of the arguments, and, for each argument, use it as a property on the object in $x and the object in $y, assigning the value of that property of $y to the identically-named property on $x.
So, when you call the function like copy_fields($a, $b, 'firstname', 'lastname', 'birthday'); (I hope passing the field names as strings is the right way to do it in Perl; I'm not a Perl hacker), you will end up with $a->firstname being the same as $b->firstname, $a->lastname the same as $b->lastname, and $a->birthday the same as $b->birthday.
In Common Lisp, you can write code that does exactly the same thing. For example,
You can then call this function like (copy-fields-function a b 'firstname 'lastname 'birthday) and get the named fields from b copied to a, just like in the Perl code above.
The above code uses regular functions (both in Perl and in Lisp). So, if copy-fields can be implemented as a normal function, why did I drag macros into this? Well, the difference between functions and macros lies in when things are evaluated.
Astute readers will have noticed that the names of the fields in the call to copy-fields-function above have quotes in front of them, whereas the copy-fields in my original post took them without quotes. This is because, when you call a function, the arguments are evaluated first, and the values that result from that are passed to the function. So if you wrote (copy-fields-function a b firstname lastname birthday), you would be asking to pass the _values_ assigned to firstname, lastname, and birthday into the function, which would likely result in an error. Instead, putting quotes in front of the symbols causes the symbols themselves to be passed to the function, which is what you want in this case. (Without the quotes, the equivalent call to the Perl version would be copy_fields($a, $b, $firstname, $lastname, $birthday);).
By contrast, arguments to macros are always passed to the macro as written, without evaluating them first. This is what allows macros to perform transformations on source code. Functions cannot do this, because, by the time the function actually gets to do anything, all its arguments will have been evaluated already. And this is an essential point, because it means that macros can control order of evaluation. The source code given as an argument to a macro may be evaluated once, more than once, or not at all. Thus, you can use macros to implement control structures, like conditionals, loops, pattern matching, etc. Or lazy evaluation. Or object systems. Macros allow you to extend the language...without having to modify the compiler. That's a lot of power for a single construct.
Another thing to mention is that, whereas functions (at least semantically) do their work
It's not that Microsoft actively _prevents_ you from installing competing software (browser, media player, ...) on their OS. But the fact that they _include_ their own already poisons the market. Windows's dominance of the desktop market means that the vast majority of desktop users _also_ get Internet Explorer. They _can_ install a different browser, but this requires extra effort that many people are (understandably) not willing to make.
It is the extra effort that people have to make to get a browser other than Internet Explorer that makes it so difficult for other browser vendors to compete. Many people won't even _consider_ installing a different browser. On top of that, Internet Explorer's dominance makes webmasters (understandably) reluctant of breaking compatibility with it. This means that vendors of other browsers can add features all they want, but if Internet Explorer doesn't support those features, they will not be widely used. This, again, makes it hard for browser vendors to even make it compelling for users to make the extra effort of installing a browser other than Internet Explorer.
For a measure of exactly how hard it is to compete with Internet Explorer, just consider how much it took before Firefox finally started to take away market share from Internet Explorer. Tabs, ad blocking, built-in search bar, better security track record, I don't even know all the extra features. And a large ad in the New York Times. All this implemented in a product that customers could download for free, with no ads or nagware or any other nuisances. This is not a level playing field. This is Firefox being pushed up Microsofts mountain an inch at a time, thanks to hordes of volunteers and I don't know how much money in donations.
"Microsoft should be required openly, fully and faithfully to implement free and open industry standards."
Meh, I don't see why. It's up to the customers. They should use open standars, so that they have freedom to select the best vendor and can interoperate with everybody else. If customers choose to pay to get locked into proprietary formats (be they Microsoft's or anybody else's), I don't see how that's Microsoft's fault.
``Opera Software issued a complaint to the Competition Commissioner based on anti-competitive behavior in the web browser market.''
Now there is something to that. Microsoft is _still_ using their dominance on the desktop market to push their browser (push in a very real sense - IE7 was pushed over Windows update without asking any questions, as far as I understand). The poor support for standards in Internet Explorer causes webmasters extra work, but also combines with the fact that it's bundled with a widely sold operating system to make competition even more difficult for vendors of other browsers.
I understand that the sort of bundling Microsoft does here is illegal in both the USA and the EU (but note that IANAL). _That_ is something they can be held accountable for.
I found the line of thought intriguing, until it said "negative temperature". The whole point of "absolute zero" is that there _are_ no negative temperatures.
``In the *NIX world its almost impossible to hide a running process.''
Ah, yeah? I don't think so. Given that you've already compromised the host, that is. And if you can't hide your process, you can always try to masquerade as a process that should be running.
``If only Microsoft would spend that much effort on windows update...''
They do, but they spend their efforts on making sure it doesn't work for pirates, rather than on making sure it works better for customers.