Please mod the above up. I have recently noticed exactly the same thing -- Microsoft was once the very best vendor out there, bar none, about delivering critical patches like this. In fact, there was a time when Microsoft was extremely good at finding and bringing to light critical flaws even in in the products of other vendors. Many, many long hours were spent at Microsoft looking for flaws in products from software luminaries like Lotus, Digital Research, and Word Perfect. But now, Microsoft seems to have lost the fire in their belly, and they're falling behind. A quick glance at their stock price confirms that investors have noticed this unfortunate trend.
I'm glad that Open Source programmers have taken up the call, and started to finally deliver high quality, unbreakable products. Imagine! The PHP group has a fix out on exactly the same day the bug is released. It's amazing!
Well, what you posted really only finds a set of balanced parens in a string -- it doesn't really "detect" if it's balanced. To do true detection (without the independent subexpression), you'll need to do something like this (and, of course, this is a Perl regexp, not really a "regular expression" as the poster several levels up defined the terms):
#!/usr/bin/perl -w
use strict;
my ($balance, $re); $braces = qr/([^()]*|\((??{$balance})\))*/; $re = qr/^(??{$balance})$/;
while (<>) { chomp; if ($_ =~ $re) { print "balanced parens!\n\n"; } else { print "unbalanced parens\n\n"; } }
Note the difference between "regular expression" which is what they teach you about in CS classes, and "regexps", which is what programmers actually use in Perl and many other languages.
The fact that you appear to make a distinction between "deterministic" and "non-deterministic" finite state-machines makes me think that you have absolutely no idea how Perl regexps differ from the regular expressions we all learned about in CS class.
Here's a challenge -- post a Perl regexp that is not a classical regular expression. I'm betting that 90% of the people posting their useless drivel to this topic couldn't do it.
Strange. I use finite automata all the time. Heck, the state diagram is, to me, one of the most useful parts of just about any of the UML documentation I ever read. And it is immediately obvious when you look at any binary file specification if the person who wrote it knows diddly-doodoo-squat about regular expressions.
People who know regular expressions -- I mean, acutally understand the things, and explain the theory behind them -- are almost always better coders than the people who don't. This is true across amost all domains. In general, people who don't recognize the link between finite automata and regular expressions, and don't believe finite automata have any place in their chosen domain, are generally just really shitty coders. Sorry.
Obviously, the semantics of regular expressions haven't changed one jot or iota in the last umpteen years. As you point out, what Perl calls "regular expressions" actually aren't, but the limited type 2 grammer that Perl calls "regular expressions" should be immediately recognizable to anyone who's done any text processing in the last 20 years or so.
But books like this one really aren't about the semantics of regular expressions. It's a cookbook, full of syntax for the different regular expression engines built into a bunch of languages and libraries. Those have changed a lot over the last few years. It's also full of examples of regular expressions, along with a lot of concrete instructions on how to write and read the beasts.
For the kind of programmer who can tell, just by reading the "perldoc regex" manpage, that Perl regular expressions are really a limited type 2, there really isn't much to find useful in one of these books. For these programmers, some of the example regular expressions are nice, but they're probably not worth $30.
But there are a lot of coders out there who couldn't tell you what a type 3 grammer is to save their life, and their eyes generally glaze over when they're trying to read the regex documentation for their favorite language. For those coders, a book like this is a godsend, especially if they're doing any amount of text processing. The new version, which describes the current syntax of the languages they're most likely to be using, is probably going to be more useful to these coders than the old version, which describes the old syntax of some other languages.
The article is only contentless because when you read "regular expression", you think of the semantics of regular expressions, and the syntax used by different regular expression engines is trivial and simple to you. To the people targetted by this book, the syntax is the difficult part of the regular expression. They simply don't have the mathematical sophistication to even think of the semantics of the things in a general way.
I've been reading this site for the last few years. In the last few days, I realized that I only read it out of habit, and I've been frantically trying to find any reason to continue reading. I want some reason to justify my behaviour all this time -- something to prove that I haven't been wasting my time. I've found no reason. It seems to me that all the technically capable people have long ago left or stopped posting, and all that remain are a bunch of dumb-ass losers with no real skills or insight.
The stories where never the reason to read this site -- CmdrTaco and the rest are not stupid, but they are pretty damned smug, not nearly as smart as they think they are, and simply don't have anything very interesting to say. Their stories were interesting only as long as they were able to generate interesting replies. They no longer do. I don't know if SlashDot has simply imploded on its own popularity, or if abuses of the Moderation system have driven off the sensible posters, or if my own standards have changed. But I do know I'm no longer interested in reading anything on this site.
I have not found this to be the case with enterprise vendors and customers who pay for real support.
Go away. This is SlashDot. We run overclocked AMD boxen in our bedroom, and pretend like it makes us system administrators. We have no idea what "enterprise vendors" might be. We just know that Cisco is too fucking expensive, and that IBM is a god damned joke.
The site http://needles.itgo.com/~mholden/ really does randomly show some pretty nasty pr0n. And no, the naked guy in the bathtup has not covered himself in "mud".
I'm not an expert on this type of thing, but it looks like the worm caught in the honey-pot is BSD/x86 only.
It appears to be based on the GOBBLE exploit which was released a few days ago, which was BSD only in the form posted on BugTraq. However, GOBBLES claim their exploit can be modified to work on OpenBSD, FreeBSD, Linux 2.4, and Solaris.
There have also been claims that Win32 Apache is vulnerable, although I haven't seen an exploit on BugTraq.
If GOBBLES is correct, then it's only going to be a matter of time before this worm is polished up and set out into the wild in a form that can hit just about everyone. Hell, with some work, maybe a good hacker could clean it up, add it with the Nimda code and hit just about everything under the sun.
You have four different statements there, none of which are really related to each other:
Windows is Commercial,
Windows costs money,
Windows bugs can not be fixed by my Organization, and
Windows bugs can only be fixed by the Vendor
You've strung them together as if they were related, or perhaps as if one follows logically from the other. But they're really not related. It's just (sort of) the business model pretty much invented about the time when MicroSoft started making PC software.
As opposed to every idiot and her brother shredding flags on their radio antennae, because it's the thing to do.
What the fuck are people thinking when they do that? I've even seen a lot of morons running around with the penant from their favorite football team sticking out of one window, and the US flag sticking out of another, both at the same height.
Yeah! I love America just as much as (but no more than) I love these 12 talented athletes who wouldn't know me from adam. What the fuck kind of nimrod advertises that his allegience to his country is of the same quality as his allegiance to a god damned sports team?
This was in the science section before - but worth the front page.
You'll have to forgive me, but I don't understand how SlashDot works. Both articles are in the "Science" section, under the "Space" topic. Why is one on the front page, and one not on the front page?
If the "Front Page" bit has nothing to do with the "Section" bit, why not just click the "Front Page" bit on the original story, instead of running two stories and fragmenting the comments? Aren't the comments valuable at all around here? Or do only the stories matter?
And, are "topics" orthogonal to "sections", or do the sections partition the topics, or what? What the hell is a topic, and why does each story only seem to have one?
The truth is, doing the pattern matching isn't going to be the difficult part of implementing this. The difficult part is going to be implementing the correct rules. It's going to be a real bitch figuring out what the rules should be, and then creating documentation and an interface for the rule parameters so that future users will understand what the parameters are, what the (likely) effect of changing the parameters will be.
It's a good thing he'll be gone after the summer is over, because he won't be around when the users discover that he's missed some important rule. Then, the future users will either have to patch in some extra rules themselves, or abandon the system. As Nelson says, "Ha Ha!"
Anyhow, the correct thing may be to not implement any rules. Keep the human around to actually fill in the blanks, and just use "Mr. Computer" to simplify coordination between the 400 students and the scheduler.
Figure out how the human scheduler does his work now, and automate the truly tedious parts of it (like, copying the schedule over from last week, going through hundreds of slips of paper with time-off requests, totalling up the coverage for all the time slots for all the days, and marking off requested scheduled times). Then, let the human do the heavy lifting, and deal with things like "Suzy doesn't like to work the Bill", and "George wants a few extra hours this week, if he can get them", or "Brenda will only work on Friday evening if no-one else will do it."
But automating the whole thing a few days before you leave town forever is just begging to create a nightmare application that doesn't quite do exactly what they need in a way that anyone there is trained to understand. The fact that you seem concerned about "algorithm maintenance" instead of "rule maintenance" makes me doubly sure that you probably shouldn't build this system.
Well, unless you just want to build the thing, for fun, and you really don't give a damn if they use it. Then, go ahead. Knock yourself out. But don't prentend like you give a poop about maintenance, 'cuz it ain't gonna be maintained.
I have a degree in "AI". Really. I have no reason to just make that up.
Anyhow, it turns out that I am unable to implement standard AI algorithms. I have no idea where the standard AI algorithm repositories are on the net, and I am unaware of any of the standard textbooks on the subjet. In fact, I am unable to do even the most basic library research on my own.
Should I sue the school that gave me this fucked up, worthless degree? Or are my shortcomings entirely my own fault?
Dear Slashdot,
I have a degree in "AI". Really. I'm not just making this up.
Anyhow, it turns out that I am unable to implement standard AI algorithms. I have no idea where the standard AI algorithm repositories are on the net, and I am unaware of and of the standard books on the subjet. In fact, I am unable to do even the most basic library research on my own.
Should I sue the school that gave me this fucked up, worthless degree? Or are my shortcomings entirely my own fault?
Sincerely,
Bobby.
Slashdot Mirror
I'm glad that Open Source programmers have taken up the call, and started to finally deliver high quality, unbreakable products. Imagine! The PHP group has a fix out on exactly the same day the bug is released. It's amazing!
Well, what you posted really only finds a set of balanced parens in a string -- it doesn't really "detect" if it's balanced. To do true detection (without the independent subexpression), you'll need to do something like this (and, of course, this is a Perl regexp, not really a "regular expression" as the poster several levels up defined the terms):
#!/usr/bin/perl -w
use strict;
my ($balance, $re);
$braces = qr/([^()]*|\((??{$balance})\))*/;
$re = qr/^(??{$balance})$/;
while (<>) {
chomp;
if ($_ =~ $re) {
print "balanced parens!\n\n";
}
else {
print "unbalanced parens\n\n";
}
}
The fact that you appear to make a distinction between "deterministic" and "non-deterministic" finite state-machines makes me think that you have absolutely no idea how Perl regexps differ from the regular expressions we all learned about in CS class.
Here's a challenge -- post a Perl regexp that is not a classical regular expression. I'm betting that 90% of the people posting their useless drivel to this topic couldn't do it.
People who know regular expressions -- I mean, acutally understand the things, and explain the theory behind them -- are almost always better coders than the people who don't. This is true across amost all domains. In general, people who don't recognize the link between finite automata and regular expressions, and don't believe finite automata have any place in their chosen domain, are generally just really shitty coders. Sorry.
But books like this one really aren't about the semantics of regular expressions. It's a cookbook, full of syntax for the different regular expression engines built into a bunch of languages and libraries. Those have changed a lot over the last few years. It's also full of examples of regular expressions, along with a lot of concrete instructions on how to write and read the beasts.
For the kind of programmer who can tell, just by reading the "perldoc regex" manpage, that Perl regular expressions are really a limited type 2, there really isn't much to find useful in one of these books. For these programmers, some of the example regular expressions are nice, but they're probably not worth $30.
But there are a lot of coders out there who couldn't tell you what a type 3 grammer is to save their life, and their eyes generally glaze over when they're trying to read the regex documentation for their favorite language. For those coders, a book like this is a godsend, especially if they're doing any amount of text processing. The new version, which describes the current syntax of the languages they're most likely to be using, is probably going to be more useful to these coders than the old version, which describes the old syntax of some other languages.
The article is only contentless because when you read "regular expression", you think of the semantics of regular expressions, and the syntax used by different regular expression engines is trivial and simple to you. To the people targetted by this book, the syntax is the difficult part of the regular expression. They simply don't have the mathematical sophistication to even think of the semantics of the things in a general way.
I've been reading this site for the last few years. In the last few days, I realized that I only read it out of habit, and I've been frantically trying to find any reason to continue reading. I want some reason to justify my behaviour all this time -- something to prove that I haven't been wasting my time. I've found no reason. It seems to me that all the technically capable people have long ago left or stopped posting, and all that remain are a bunch of dumb-ass losers with no real skills or insight.
The stories where never the reason to read this site -- CmdrTaco and the rest are not stupid, but they are pretty damned smug, not nearly as smart as they think they are, and simply don't have anything very interesting to say. Their stories were interesting only as long as they were able to generate interesting replies. They no longer do. I don't know if SlashDot has simply imploded on its own popularity, or if abuses of the Moderation system have driven off the sensible posters, or if my own standards have changed. But I do know I'm no longer interested in reading anything on this site.
See you all on the dark side.
I have not found this to be the case with enterprise vendors and customers who pay for real support.
Go away. This is SlashDot. We run overclocked AMD boxen in our bedroom, and pretend like it makes us system administrators. We have no idea what "enterprise vendors" might be. We just know that Cisco is too fucking expensive, and that IBM is a god damned joke.
Regardless, even when it doesn't pop up the pr0n, it does still pop up a bunch of ads, before redirecting to the site corect site http://www.ccsu.edu/datamining/resources.html.
This post is quite inaccurate and we will be responding, also on bugtraq, momentarily.
It's been several hours, and we're still waiting for "momentarily" to happen.
Could you post a story on SlashDot, too?
Nothing "falls" where there's no gravity.
If there is no gravity in space, what holds the earth in orbit around the sun, and the moon in orbit around the earth?
It appears to be based on the GOBBLE exploit which was released a few days ago, which was BSD only in the form posted on BugTraq. However, GOBBLES claim their exploit can be modified to work on OpenBSD, FreeBSD, Linux 2.4, and Solaris.
There have also been claims that Win32 Apache is vulnerable, although I haven't seen an exploit on BugTraq. If GOBBLES is correct, then it's only going to be a matter of time before this worm is polished up and set out into the wild in a form that can hit just about everyone. Hell, with some work, maybe a good hacker could clean it up, add it with the Nimda code and hit just about everything under the sun.
- Windows is Commercial,
- Windows costs money,
- Windows bugs can not be fixed by my Organization, and
- Windows bugs can only be fixed by the Vendor
You've strung them together as if they were related, or perhaps as if one follows logically from the other. But they're really not related. It's just (sort of) the business model pretty much invented about the time when MicroSoft started making PC software."I ain't gonna have no more babies if the gobenment ain't gonna give me no more subsidy"
  -- Some Moron
Of course, we all know that moron went out and got preggers again anyhow. 'Cuz she was a stupid fucking moron.
As opposed to every idiot and her brother shredding flags on their radio antennae, because it's the thing to do.
What the fuck are people thinking when they do that? I've even seen a lot of morons running around with the penant from their favorite football team sticking out of one window, and the US flag sticking out of another, both at the same height.
Yeah! I love America just as much as (but no more than) I love these 12 talented athletes who wouldn't know me from adam. What the fuck kind of nimrod advertises that his allegience to his country is of the same quality as his allegiance to a god damned sports team?
This was in the science section before - but worth the front page.
You'll have to forgive me, but I don't understand how SlashDot works. Both articles are in the "Science" section, under the "Space" topic. Why is one on the front page, and one not on the front page?
If the "Front Page" bit has nothing to do with the "Section" bit, why not just click the "Front Page" bit on the original story, instead of running two stories and fragmenting the comments? Aren't the comments valuable at all around here? Or do only the stories matter?
And, are "topics" orthogonal to "sections", or do the sections partition the topics, or what? What the hell is a topic, and why does each story only seem to have one?
Schedle For Week of 6/22:
- Abe Aableson
- Bobby Boring
- Zippy Zzyzzix
The truth is, doing the pattern matching isn't going to be the difficult part of implementing this. The difficult part is going to be implementing the correct rules. It's going to be a real bitch figuring out what the rules should be, and then creating documentation and an interface for the rule parameters so that future users will understand what the parameters are, what the (likely) effect of changing the parameters will be.- Mon: 8:00 a.m. - 12:00 a.m.
- Tue: 8:00 a.m. - 12:00 a.m.
- Wed: 8:00 a.m. - 12:00 a.m.
- Thr: 8:00 a.m. - 12:00 a.m.
- Fri: 8:00 a.m. - 3:30 p.m., 4:15 p.m. - 12:00 a.m.
Total Hours: 79.25- Mon: none
- Tue: none
- Wed: none
- Thr: none
- Fri: 3:30 p.m. - 4:15 p.m.
Total Hours: 0.75- Mon: none
- Tue: none
- Wed: none
- Thr: none
- Fri: none
Total Hours: 0It's a good thing he'll be gone after the summer is over, because he won't be around when the users discover that he's missed some important rule. Then, the future users will either have to patch in some extra rules themselves, or abandon the system. As Nelson says, "Ha Ha!"
Anyhow, the correct thing may be to not implement any rules. Keep the human around to actually fill in the blanks, and just use "Mr. Computer" to simplify coordination between the 400 students and the scheduler.
Figure out how the human scheduler does his work now, and automate the truly tedious parts of it (like, copying the schedule over from last week, going through hundreds of slips of paper with time-off requests, totalling up the coverage for all the time slots for all the days, and marking off requested scheduled times). Then, let the human do the heavy lifting, and deal with things like "Suzy doesn't like to work the Bill", and "George wants a few extra hours this week, if he can get them", or "Brenda will only work on Friday evening if no-one else will do it."
But automating the whole thing a few days before you leave town forever is just begging to create a nightmare application that doesn't quite do exactly what they need in a way that anyone there is trained to understand. The fact that you seem concerned about "algorithm maintenance" instead of "rule maintenance" makes me doubly sure that you probably shouldn't build this system.
Well, unless you just want to build the thing, for fun, and you really don't give a damn if they use it. Then, go ahead. Knock yourself out. But don't prentend like you give a poop about maintenance, 'cuz it ain't gonna be maintained.
Dear Slashdot,
I have a degree in "AI". Really. I have no reason to just make that up.
Anyhow, it turns out that I am unable to implement standard AI algorithms. I have no idea where the standard AI algorithm repositories are on the net, and I am unaware of any of the standard textbooks on the subjet. In fact, I am unable to do even the most basic library research on my own.
Should I sue the school that gave me this fucked up, worthless degree? Or are my shortcomings entirely my own fault?
Sincerely,
Phil (The Turnip Head) John
Dear Slashdot, I have a degree in "AI". Really. I'm not just making this up. Anyhow, it turns out that I am unable to implement standard AI algorithms. I have no idea where the standard AI algorithm repositories are on the net, and I am unaware of and of the standard books on the subjet. In fact, I am unable to do even the most basic library research on my own. Should I sue the school that gave me this fucked up, worthless degree? Or are my shortcomings entirely my own fault? Sincerely, Bobby.