Slashdot Mirror


User: jonadab

jonadab's activity in the archive.

Stories
0
Comments
5,933
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,933

  1. Re:Virus Down, Malware Up on MS Patch Train Leaves the Station · · Score: 1

    > Windows is not only hard to patch in the enterprise, its hard enough to
    > work with that people won't close applicatons! Talk about a double whammy.

    Umm, not wanting to close applications isn't a Windows problem. It has to do with not wanting to lose your place. Leaving things open is like bookmarking your page when you're reading a book: it makes it easy to pick up where you left off. If WinXP users are leaving windows open overnight, this is a sign mostly that XP is, unlike Win9x, stable enough that it is practical to leave it running for more than a day without reboot. This is not a flaw.

    I haven't minimized, much less closed, this web browser window in *months*, and I'm not on a Windows system. (I'm on Mandrake, with the Gnome UI, as it happens. This is neither here nor there.)

    Windows has enough troubles of its own; there's no need to blame it for things that first of all aren't (or shouldn't be) problems and second aren't its fault even if they were.

    The real problem that you're running up against is that Windows needs to be rebooted to get certain kinds of updates (err, most of them) applied. That, and a thirty-year-old class of bug called "buffer overruns" that are mostly a symptom of doing virtually all development in an unsafe, bit-fiddly programming language with unchecked bounds on data types that don't autopromote, don't have intelligent container structure, aren't garbage collected, ...

    The other poster is absolutely correct: C and C++ and their ilk don't have sane semantics for application development. It's one thing using them for inherently low-level stuff, such as kernels and device drivers and boot loaders, but writing whole application suites in them, with the level of complexity of current software, is nuts. There's a new buffer overrun on CERT every single week, usually several of them, and while Windows seems to get more than its fair share, there are *entirely* too many of them on other platforms as well.

    As far as the "privileged account" thing, you're assuming that a privileged account is necessary in order to do dammage. It's not. Sure, a privileged account is needed in order to do the kind of dammage that necessitates an OS reinstall, but frankly, that's not the really bad kind of dammage anyway. A privileged account is *not* needed (on any platform) for any of the following actions:

    * Wipe out the entire contents of the user's home directory. This is MUCH worse than rendering the OS unbootable, because you can't recover the user's data from the OS install CD.
    * Arrange to run whenever the user logs in. (This is theoretically not the same as arranging to run whenever the computer is turned on, but in practice, on virtually all desktop-grade systems, it is the same.)
    * Look through the user's address book, documents, browser cache, and other data for privacy-sensitive information and send it back, over the internet, to the attacker.

    On some platforms it's also possible to log the user's keystrokes without a privileged account. (Not sure if that's possible on WinXP, but then again, on WinXP, it's possible to *get* privileges you don't naturally have, up to and including LocalSystem, due to certain design flaws in the Win32 API. Google "shatter attack". That's just a privilege-escalation attack, but it's a privilege-escalation attack that can't be fixed without breaking backward compatibility for all apps, so it's going to be around for a while.)

    In short, an unprivileged account, while it's not a bad idea, does not really afford any reasonable level of protection. If you're relying on that to prevent Bad Things from happening, you could run into trouble.

    Now, running untrusted stuff in a *different* unprivileged account from the one where you keep your data, that's another thing, especially if your home directory isn't world-readable. Just for example, anything that listens for connections from the internet should be run in its own dedicated account that doesn't

  2. Re:These are not script-kiddies on How Do You Handle Portscanning Attacks? · · Score: 2, Interesting

    > You want evidence? Check your e-mail you stupid moron. Look at the headers
    > of the spam you receive. Notice how a significant chunk of it comes from
    > comcast, verizon, cox cable, TDE, and other broadband IP space.

    I haven't checked this in the last few months, so maybe it's changed, but the last time I did check, virtually 100% of the spam I get came from the APNIC block, and roughly 0% of it came from IP addresses with a corresponding PTR record in DNS for reverse lookup.

    I think it depends somewhat on *which* spammers have your email address in their database. As near as I can tell, there are only a few major spamming organizations in the world (perhaps as many as twenty or so) and very few people are on more than one or two of their lists, because they don't share. (They share *within* each organization, but not between, as near as I can tell. As far as why, I could only speculate, but my first guess would be language barriers, and my second guess would be that they can't track eachother down any more easily than we can track them down, so they don't know eachother at all except within each organization. But these are guesses.)

    There's at least one major spamming organization in Eastern Europe; they use IRC to communicate, and they use worms to harvest zombies, and this latter activity has exposed them to the honeynets. They have a hierarchical organization like in cheesy mafia movies, with small circles of trust, where the one or two "innermost" members of each small group/circle also are part of the next most central circle. They mostly send English-language spam but also other European languages, notably Russian and German. If you get spam in Cyrillic characters, it comes from these guys. They probably get most of their addresses from Outlook Express address books, but possibly also from other sources. My home address has only gotten on their list in the last year or so.

    There's at least one *enormous* spamming organization operating out of Asia (with subnets in China, Korea, and several other Asian countries). They send huge amounts of Chinese-language spam, also lots in English, quite a bit in Korean (with Hangul characters), and some in Spanish and a handful of other languages. There is no evidence that they use IRC. They migrate their SMTP servers (or relays, or something) across entire Class-B subnets, but they don't appear to use zombies, because everything they send comes out of the APNIC block. If you report them to abuse@, you end up in their "special" database, which causes you to receive a lot more spam, some of it with totally blank bodies, just for spite. My home address has been on these guys' list since circa 1999, probably because they harvest addresses from usenet, but they also appear to harvest from mailto: links on the web, among other sources.

    We know from previous high-profile news stories on slashdot that there are spammers operating out of the U.S., some of which are fairly big-time, but they use relays elsewhere, including in Asia. I suspect that these guys are mixed up with some of the shadier adware. They're also much more poorly organized than the Asian group or the eastern European group. Some of them actually *buy* their lists of addresses, from other spammers (one another, mostly), but they also harvest addresses from the web. All or nearly all of the spam they send is English-language. These guys are responsible for most of the spam that advertises pharmaceuticals, but they also advertise other things, including websites, software, and financial services. My work address has been on their list for a couple of years now.

    Then there's the African spam. This is where the 419s come from, but they send other stuff too, mostly in English, but also in French. They are not organized at all and appear to operate in small autonomous groups or as individuals, but they do have contact with one another (probably in a very loose web, perhaps largely by virtue of living mostly in the same few large cities, nota

  3. Re:These are not script-kiddies on How Do You Handle Portscanning Attacks? · · Score: 2, Insightful

    > We know these people are ultimately in the U.S.

    The honeynet people seem to think most of them are in eastern Europe. I am also fairly certain that there are a lot of them in China, though this is much harder to confirm. My best evidence is the enormous volume of Chinese-language spam, which I do not suppose would be authored by Americans or Europeans, mostly.

    But anyway, we certainly do not *know* that they are all ultimately in the U.S. There are good solid reasons to believe otherwise. *Some* of them are in the U.S., of course; the U.S. is a big country with a lot of people, so of course it has computer criminals, but there is no reason to believe it has more than its fair share of them.

  4. Re:Sounds more like a DoS to me on How Do You Handle Portscanning Attacks? · · Score: 1

    > It costs me money, its annoying and there's nothing I can do about it
    > because they don't seem to accept the ICMP-HOST-UNREACHABLE reply that
    > my router sends them.

    Then don't send it.

    Host Unreachable implies that the host is unreachable *at the moment*, but might potentially be reachable at some other time. It tells the attacker less than having the port "closed" (where it sends a reply saying nothing's listening on that port, but verifying that there is a system there and possibly providing information about what TCP/IP stack is in use), but it doesn't tell them nothing.
    Ideally you should send no reply at all to port scans. Let them run traceroute and watch the trail vanish at your ISP, as if you were not connected at all.

    Of course, that doesn't prevent them from scanning you anyway. Repeatedly.

  5. Most popular game ever? Erhm, perspective... on 2 Million Azeroth Citizens · · Score: 1

    > if World of WarCraft proves popular in China, as well as other soon to
    > be launched territories such as Taiwan, Hong Kong and Macau, it could
    > quickly become the most globally popular online game in history.

    Not likely. Perhaps the most popular MMORPG, or *possibly* the most popular commercial paid-subscription-based online game. But no game that requires a paid subscription to play is going to be the most globally popular online game in history. That's solidly locked in by popular pay-for-free-online games, especially the standard sort that you can play on a lot of different sites, because the rules are well-known and simple. My bet would be on hangman, actually, although checkers and euchre are pretty popular also, and tic-tac-toe, and reversi...

    Even a relatively erudite game such as chess has *WAY* more online players (in the US alone, much less worldwide) than World of Warcraft can dream about.

  6. Re:Heh on Rocky Planet Discovered · · Score: 1

    > terra-forming Mars by moving all of our heavy pollution industry there.
    > The idea was to create an atmosphere of carbon dioxide that plants like
    > and that traps heat, then grow plants for oxygen.

    As it stands now, Mars doesn't have enough gravity to hold enough atmosphere. First we have to drop a bunch of asteroids on it, to increase its mass to about that of Earth, *then* install an atmosphere. The other thing is, heavy industry doesn't create atmosphere ex nihilo; all it does is changes the atmosphere that's already extant. So we'd need to add a whole lot of some kind of gas, preferably nitrogen mostly, to serve as a starting point for the atmosphere.

    The good news is, Mars doesn't have anything nasty in the atmosphere (unlike, say, Venus). This is good, because adding stuff is easier than getting rid of stuff. Still, it's a long, difficult project.

    The hardest problem for terraforming Mars is figuring out how to get it warm enough, which probably involves moving it closer to the sun. That's a toughie. I'm not convinced we have the technology yet to do that part. Moving asteroids about is one thing (expensive, but feasible with current technology), but whole planets is something else.

  7. Re:Heh on Rocky Planet Discovered · · Score: 1

    > So in a galaxy of over 50 billion (US billion) stars, roughly half of
    > which are main-line stars like our sun,

    Where are you going to find a Galaxy like that? In *this* Galaxy, most of the stars are blue or white dwarfs.

    > it is impossible for any one of them to have a planet with similar
    > chemical composition, global climate, and other general attributes as Earth?

    Not impossible per se, just VERY unlikely.

    The problem is that there are a *lot* of variables. Any one factor doesn't cause so much trouble, but probabilities are multiplicative. What's the probability that a given planet is in the right size range? One in fifty? Doesn't sound like any big deal, right? But then you have to multiply it by dozens of other probabilities for various factors. One in fifty is probably not far off from the geometric mean of these. When you multiply all that out, the probability that any given planet is "just like" Earth, it's going to come to something on the order of one in ten to some fairly big power (like several hundred, perhaps). Multiply a hundred billion stars (ten to the seventh power) by that, and it doesn't even phase it. A hundred billion stars is nothing.

    > Remember, vastly improbable is different from truly impossible.

    Yeah, but you act like fifty billion is a big number. With these levels of improbability, it's a *tiny* number. Miniscule. If there were a thousand times as many stars in the galaxy, it would scarcely change the probability at all (i.e., it would still be very unlikely). If there were a *billion* times as many stars in the galaxy, it would *still* be unlikely.

    There will of course be dozens of planets that are similar to earth in one way or another -- planets with mostly nitrogen in the atmosphere, planets with the right amount of oxygen in the atmosphere, planets the right distance from the right kind of star, planets with enormous amounts of liquid water, planets with rocks and plenty of dry land, planets with the right amount of gravity, planets with an axial tilt, planets with this factor or that factor -- but they would all require some kind of terraforming to be habitable, because it's exceedingly unlikely that any of them will match *every* factor.

    There may be another reasonably Earth-like planet *somewhere*, simply because the universe is preposterously enormous, but there's unlikely to be a really good match in our local cluster, much less in the Milky Way.

    This doesn't mean we could never inhabit any other planet, but terraforming of some kind is *going* to be required, and I don't just mean planting some green stuff and letting it grow.

  8. Re:Heh on Rocky Planet Discovered · · Score: 1

    > We've got a ways go to if this is the most earthlike one.

    Indeed. Two further points...

    First off, they're not counting Mars, because it's not extrasolar.

    Second, we're never going to find a planet *exactly* like Earth (no, I don't mean specific continent shapes, I just mean exactly comparable, so that living there would be no weirder for us than living on a different part of Earth), because there are simply too many variables. If we find one with exactly the right mass, so that the gravity is perfect, and exactly the right distance from the right type of star, it probably won't have a large moon that keeps its axis at a nice tilt, so it won't have temperate zones with seasons. If we find one that has that, it won't have a metric buttload of liquid water. If we find one that has that, it won't have a mostly-nitrogen atmosphere with the right amount of oxygen so that we can breathe but it's safe to burn candles. If we somehow managed to find one with all those things, it would probably be too far from the Galactic core, so it wouldn't have enough heavy elements (think: stuff to make steel out of and whatnot) or else too close, so that there would be dangerous levels of radiation. And so on and so forth. There are a zillion of those variables, things that differ from one planet to another, that we'd want to get "right" to find a "perfect" match for Earth. Not going to happen.

    Actually, it's rather amazing how similar Mars is to Earth, given how close it is to us. It needs some terraforming to be colonizable -- little things like dropping a few hundred thousand asteroids onto it to raise the mass enough so that it can hold enough atmosphere for us -- but it's a better starting point than we're likely to find easily. If we could just figure out how to nudge it a bit closer to the sun, without irretrievably destabilizing its orbit, the whole project might even be doable, given enough time and funding.

    Incidentally, if you needed a reason to take care of Earth, here is one: it would be *mighty* hard to find a replacement.

  9. Re:Avoid ask.slashdot for a few days... on Steve Jobs In Praise of Dropping Out · · Score: 1

    > the material in college is usually taught in such a dry, abstracted way

    Ah, let me guess: big university. Huge lecture halls, and the professors who don't know your name, right? I'm sorry, you lose.

    Things are usually somewhat less dry and abstracted at smaller schools with a lower ratio of students to teachers. Ideally you want to go to a school where the student-teacher ratio is lower than 30 in just about every class (with allowances for exceptions for one or two classes that are inherently lecture-oriented) and lower than 20 on average. I have, of course, generalized quite a bit here, but these are *good* generalizations that hold true much more often than not. Huge universities should be avoided, unless your main goal is to have a winning football team to root for. The best schools have only a few hundred students. The tuition figures are a little higher, but you also tend to get better financial aid, in addition to a better (and more interesting) education.

  10. Re:erm.. WTF on $100,000 Poker Bot Tournament · · Score: 2, Insightful

    > Poker is just getting random cards and betting on them

    No, poker is mostly about figuring out what your opponent is thinking, without letting him know what you're thinking, while he's busy trying to figure out what you're thinking, without showing you what he's thinking. The cards are just the medium, the subject you're both thinking various things about.

    Now, poker could *devolve* into what you describe if all (or all but one) of the players were bots. But as played between humans, it's not like that at all. Why do you think a lot of quite heavy-duty math geeks suck at it?

  11. Re:You're just not used to it. on The First Annual Underhanded C Contest · · Score: 1

    > A picky compiler is a blessing, not a curse. It's much easier to identify
    > and fix compile errors than run-time errors.

    This is true. A real problem with C compilation is not that it's picky, but that it takes so blasted long. I have no idea whether the other poster was alluding to this or not, but the change-compile-run cycle of C, for a project of any substantial size, using popular readily-available compilers (and here I am mostly thinking of gcc), is about three orders of magnitude longer than the leading high-level languages of today.

    > Most people who don't like C are really just saying they don't like
    > low-level programming because that's what it was designed for, and
    > that's what it's perfect for. Too many newbie programmers get used to
    > some modern, flash-in-the-pan, all-things-to-all-people languages and
    > when they are faced with the challenges of low-level languages rashly
    > conclude that it's the language's fault they're having problems.
    > C is the perfect language for the job it was designed for. The same
    > cannot be said for most more modern languages.

    C is far from perfect, but it is well-suited to low-level programming, for things like boot loaders and schedulers and device drivers. The real reason a lot of us have decided we don't like C is because misguided people are using it for things it is *not* at *all* well-suited for, merely because it is ubiquitous, and we get exposed to it in that context. Frankly, 99% of the world's programmers today will never work on that kind of project, because almost all development is of higher-level applications that would be better developed in higher-level languages. (This was less true a few years ago, when performance was such a critical issue that people would pay twice as much for software that ran 20% faster on the same hardware, but these days, most applications can be written in higher level languages and will perform reasonably (as in, spend most of their time sitting there waiting on the user, the network, or a disk) on five-year-old hardware that sells for under a hundred bucks on ebay.)

  12. Re:It's a bad idea on The First Annual Underhanded C Contest · · Score: 1

    > C gives you just enough rope to hang yourself.
    > Java gives you a polished floor on which you can slip and break your neck.

    I can go along with these.

    > C++ gives you a thermo-nuclear device.

    I think it's more like razorwire -- even better for hanging yourself than C's plain old rope, since you can easily lacerate your hands in the process.

    Of course, my language of choice has frequently been called a Swiss Army chainsaw, and it doesn't require a lot of imagination to think of ways to hurt yourself with that. I think Perl6 is supposed to be more like a multiblade Swiss Army butterfly-action light sabre, or something. (The ability to dork significantly with the language's grammar seems particularly powerful, i.e., particularly dangerous...)

  13. Re:This will work on The First Annual Underhanded C Contest · · Score: 1

    I think the other poster meant free speech as in loosened tongues, not political expression.

  14. Re:Balls? on Windows to Have Better CLI · · Score: 1

    > Microsoft does employ Haskell's lead developer

    Interesting. I didn't know that. (I don't really know a lot about Haskell. I know it's a so-called pure-functional language, and what that means, and that monads are its way of serializing externalities to deal with state, and that Pugs is written in it, and apart from that, little else.)

  15. Re:Balls? on Windows to Have Better CLI · · Score: 1

    > > so now it appears to be a Blackcomb feature.
    > Along with everything else that was going to be in Longhorn

    Not everything, just the big-ticket items, like the full-featured WinFS (which is probably not terribly important anyway, at least in the short term), the improved shell (which is definitely important for geeks and sysadmins), and being based fully on .NET (which is only important insofar as it has buzzword value).

    I'm sure a lot of little features made it in, though, stuff that won't get talked about much, like those horrible "Personalized Menus" that were added in XP, improved GUI themability and stuff (I am almost sure one of the leaked-Longhorn-build screenshots I saw had a panel applet), you know, a lot of little things that add up to make the upgrade compelling for people who don't want to miss out on features their friends have.

    Also I anticipate assorted security improvements in Longhorn. After seeing SP2, I'm convinced that Microsoft will be able to deliver some worthwhile bits in that regard for Longhorn, though obviously it will not solve everything. They seem to understand the relevant issues *much* better than was apparent a couple of years ago. I'm hoping they come through with their promised holistic security overhaul of Outlook Express, the component that up to now is the single worst thing they've ever produced, security-wise. If they do even a moderately decent job of fixing that, it will be a good thing not just for OE users but for everyone who uses internet email.

  16. Re:Balls? on Windows to Have Better CLI · · Score: 1

    Monads are a Haskell feature. HTH.HAND.

    However, my concern with this announcement is that the improved CLI was previously a major Longhorn feature (the most compelling, as far as I was concerned). But he said 3-5 years, so now it appears to be a Blackcomb feature. Bummer.

  17. Re:They're adding IDN support NOW??? on 'Lower Rights' IE 7.0 Coming · · Score: 1

    > Maybe showing the proper URL (i.e. http : // www. españa.com) but with
    > a different color ( for instance red)

    That would an accessibility violation. Thou Shalt Not Hardcode Colors, EVER. It's not 1985 anymore.

    > Or make it pulsating

    NO. If one more thing pulsates, I'm going to go postal.

    > Turning it off is NOT the solution.

    Long-term, no. Turning it off is an acknowledgement that, as it currently stands, it isn't ready yet. It causes worse problems than it solves and, currently, the problems it causes impact more people than the ones it solves. (Yes, there are many more people in the world, total, who don't speak English, but internet usage is still heavily slanted the other direction at this point.)

    Long-term, it will be necessary to solve this correctly, which probably means allowing the user to specify (at install time or in the prefs) which languages they want support for, with the default being just the l10n language (i.e., the one the menus and stuff are written in; presumably the user can read that, we hope) plus, for backward compatibility reasons, ASCII.

    > and on a mouseover have a little popup showing that punycode text
    > that corresponds to it.

    That requires too much action on the user's part.

    Just showing both in the first place, one above the other, makes more sense. For instance, the real URI could be shown in the location bar as usual, and if an IDN is detected a separate IDN bar could appear below it. (I'd throw in an ASCII-art screenshot here, but slashcode doesn't like the "junk" characters.)

    The IDN bar could autohide when no IDN is in use, presumably. This might work decently as an interim solution.

  18. Re:Congrats! on Debian 3.1 (Sarge) Released · · Score: 1

    > I wonder what the people who complain that Debian is outdated will say now?

    Nothing. For a while.

    But you know, to *maintain* that relevance, they will eventually have to
    release Etch someday.

  19. Re:radar guns on Closed Source -> Charges Dismissed? · · Score: 1

    > so yes, there may be more damage, but everyone is already doing it.

    Do you really think "people are doing it" is a valid argument for anything?
    There are a *lot* of things that people are doing that nevertheless aren't
    a very good idea.

  20. Re:radar guns on Closed Source -> Charges Dismissed? · · Score: 2, Insightful

    > if you actually do the speed limit, in some cases, you are putting yourself
    > in more danger

    This is true only in a relative few places -- and in those places, as a rule,
    the cops don't go after the people who are just going with the flow; they go
    after the idiots who are passing the people who are going with the flow.

    > there is no proof that going 10-15 over the speed limit increases my
    > potential for getting into an accident

    I suspect there may actually be, but in any case that's largely irrelevant.
    The likelihood of getting into an accident isn't the point: the amount of
    dammage caused if there *is* an accident (whether you cause the accident or
    not) is the point. Momentum is proportional to the square of velocity, so
    at 70mph you can cause 160% as much dammage as at 55mph, and that can be
    the difference between injury and death -- for you, or for someone else.

    What really bugs me, though is the people who do 55mph through a residential
    25mph zone with on-street parking and children playing. I think the ticket
    amount should be based on the *ratio* between the speed they were going and
    the posted limit, rather than the *difference*, or perhaps both, multiplied
    by the square of how many prior tickets you've had (if you've had any).

  21. Re:FP only? on 8th Annual ICFP Contest · · Score: 1

    > Can I write my program in C and look whether or not I'll be able to
    > adapt it just as quickly?

    You're going to write a non-trivial program in three days, in C? Is that even possible? Bear in mind, this competition is being held by functional-programming nerds, so the problem is likely to be the sort of thing that's most easily solved by using continuations for backtracking or some such technique.

  22. Re:Lisp on 8th Annual ICFP Contest · · Score: 1

    > I enjoyed programming in Lisp, but it fell out of favor.

    Lisp fell out of favor because it was ahead of its time. On the hardware avaialable in 1975, a language such as C was able, by not providing any useful highlevel abstractions, to wring useful performance out of the hardware. So naturally such languages almost completely took over.

    The up-and-coming languages that are gaining favor now actually have more in common with lisp than they do with C, in a lot of ways. Not everything, obviously, and specifically not the paren-based syntax, but most of the VHLLs now provide such things as anonymous subroutines with lexical closures, garbage collection, and so forth, which are really the important features of lisp. These so-called "scripting" languages (Perl, Ruby, Python, ...) are beginning to (gradually) displace traditional compiled languages (C, C++, ...) and be used more and more for application development. (No, Perl5 doesn't have real gc (it refcounts); Perl6 will, though.)

  23. Re:Wow on 8th Annual ICFP Contest · · Score: 1

    > This is why we moved from more functional languages, to more Object
    > Oriented languages.

    Huh? No. Most people who moved to more OO languages were coming from procedural/imperative languages, not from functional languages.

    > If someone writes a program abstract enough, then adding functionality
    > is as simple as throwing in a new object, inhieriting, and you're done.

    Object-orientation isn't the only kind of abstraction. The FP equivalent to re-writing a base class is to pass a different closure/callback. (No, it's not really equivalent. Well, it is in the Turing-equivalence sense, but it's wrapping things in a different abstraction. OO and FP are quite different in that sense. That's why they're both useful.)

    > Things like function pointers, generic structures, generic pointers,
    > and type casting

    I have never heard of a functional programming language that has pointers in the traditional C-ish sense, nor one that has the kind of type system that makes casts necessary. I'm sure there probably is one, but I'm not familiar with it, and it's certainly not the norm in the FP world.

    > (most of these being very Cish/Pascalish things because that's all of
    > the functional programming I do)

    This is the first time I have ever heard C or Pascal called a functional
    language. C is normally considered a low-level or procedural language, much
    like assembly language, and Pascal is generally classified as a Structured
    Programming or B&D language. Both of those paradigms are at least as
    different from functional programming as they are from object-oriented.

    A good example of a functional programming language would be Scheme. (A very bad example of a functional language would be unlambda. HTH.HAND.)

    Personally, I prefer multiparadigmatic languages.

  24. Just move the ctrl key to a sensible location on Poor Man's Kinesis Keyboard: The K'nexis Keyboard · · Score: 1

    My ctrl key is on a home position (specifically, where QWERTY puts the semicolon (so my semicolon is where QWERTY puts left bracket and brace (which I've moved to where the Windows/Meta keys usually are (and relocated those to the function-key row (yes, I know a little lisp (why do you ask?)))))). My shift key is also on a home position (where QWERTY puts A (so I put A where QWERTY puts K, and K where QWERTY puts left shift (there is also a ctrl key in the usual place, for those situations where my fingers aren't on the home positions))). My pinkies don't hurt any more.

    I'm using an Avant Stellar, but I think any remappable keyboard could do this stuff, and it _might_ even be achievable softwarily, in much the same way as people change their input methods to Dvorak or whatever.

  25. How much will it warm the ocean on Water Now More Awesome Than Previously Thought · · Score: 1

    I wonder how *much* of this can be done before it warms the deep ocean to an unacceptable degree. Obviously, the small Mariana project isn't going to be a problem -- the ocean is a really BIG heat sink, and Saipan is pretty small. But the article talks breathlessly about meeting the whole world's energy needs, and I'm a lot less sure about that. Wouldn't that warm up the deep oceans of the world by a few degrees? Talk about global warming...