I meant that the workings of the interpreter are kludgy, not the language itself. I agree that perl doesn't have a spec and so by definition, any bug report of perl's behaviour is invalid. (I've had a couple of bug reports dismissed as invalid, only to be fixed a couple of years later when the developers realized that "it's always been that way" is not a good justification for the way a program behaves.)
I don't think that applies to Parrot, which AFAIK is a pretty clean and general design. I'm just not optimistic that the Python community, Tcl community and so on will make the effort to use it. They are interested in their own languages and don't have time for grand unification projects.
I think the Perl hackers want something to run Perl 6 on, and the existing perl5 interpreter isn't up to the job (it is fast and well-tested, but the internals are somewhat kludgy). So they need to write a VM. The idea of running Perl, Tcl, Python and others on the same VM is a good one, it would be nice if the world could live together in harmony and all work on the same underlying interpreter, but I don't think the Python or Tcl maintainers will be interested. Which is a shame.
This is called "no single point of failure". 25 servers with one down= 24 still working...
More likely, 25 servers with one down = most of them broken, because the one that failed was providing DNS or external network connectivity or NFS serving or Kerberos authentication or the database or...
You can't assume that just splitting services across different machines will make them more reliable. Most of the time it makes them less reliable, because instead of a single point of failure you now have several points of failure and if any one of them goes wrong then your systems break. A mainframe is a single point of failure and if it dies, everything dies... but it doesn't tend to die because the hardware and software are designed to be more resilient than standard PC hardware and operating systems.
Yes, you can use commodity hardware and software and distribute your computing tasks to get good reliability, as Google does with its hordes of cheap servers answering search queries. But you have to be clever to do it. Just taking one system and splitting it into twenty-five interdependent systems does not add reliability.
I can't speak on behalf of 'those against Microsoft', but while mindlessly adding up total numbers of disclosed vulnerabilities doesn't give a fair picture (for reasons explained in the links I posted), if you use your brain a bit you can still point to a particular vulnerability as evidence of bad software quality. You need to take into account how severe it is, how exploitable in the default configuration, how long it went unpatched, and so on. All important things to look at, but not reducible to a single number.
It depends what you mean by an 'exposed vulnerability'. There is often a mindset that until a vulnerability is publicly disclosed, it cannot be exploited, and so it is the act of disclosure that creates security risks, rather than the act of writing the buggy code in the first place. If you are counting 'exposed vulnerabilities' you need to count exposure time from the date the vulnerable code was released to the date it was withdrawn or patched - not just counting from some arbitrary public disclosure date. The bug existed long before the program's author found out about it.
Even Bjarne Stroustrup uses "\n" instead of endl (at least sometimes). I think the reasoning is: since the C standard library convention (which C++ inherits) is to fiddle any platform-specific line terminator and show just \n to the application, you might as well write that and let the library turn it to \r\n or whatever as needed. That said, I haven't tested what happens on DOS or Windows platforms (say) with his example program.
Thanks - some real numbers instead of blather (from the other poster) about bifurcations and gaps between supply and demand.
We will only know when the peak is AFTER the peak.
Absolutely - and perhaps not for some years afterwards.
Oil hit $100 a barrel this year. Next year look for $200 a barrel.
If you are sure of this, get yourself a futures trading account and you can make a great deal of money. Crude oil for December 2008 delivery is currently trading around $89 a barrel. Buy one lot of that future (1000 barrels) for $89k now and you will be able to sell it for around $200k next year. There may be tradable products that let you buy oil without having to buy as much as 1000 barrels at a time.
Why in hell would we be trying to get oil out of the tar sands if there was lots of sweet crude in the 1000 meter holes typically found in Alberta?
You already gave the answer to this. The oil price is so high, and expected to remain high, that even tricky oil deposits like tar sands are worth extracting.
Re:Bet there still isn't a decent "Stop!" button
on
HTML V5 and XHTML V2
·
· Score: 1
The fact that the PHP developers are idiots and the MySQL quoting rules are complex does not mean it is impossible to safely quote HTML. There are three things you must do (in this order):
- change every & character to & - change every < character to < - change every > character to >
That is guaranteed to give you safe text you can put inside a <p> or other element. If you want to paste user-generated input in other places, such as <div style="$user_text">, then you would have to worry about closing quotation marks and other crap. But this too is easy if you know what characters are legitimate:
$user_text =~/^[A-Za-z0-9]{1,100}$/ or die 'bad characters in user text';
Straightforward and watertight - this also checks the length to avoid any possible buffer overrun in dodgy browsers. You could use one of Perl's Unicode character classes instead. There is no need to worry about 101 different ways to make a double quote - there are probably that many glyphs which _look_ like a " character in popular fonts, but only one of them is the " character. Write code with a whitelist of safe characters, rather than trying to catch 'bad' ones, and you'll be safe.
1. What is 'supply'? 2. What is 'demand'? 3. What is 'the gap between supply and demand'? 4. How can we measure whether it is 'growing', and is this indeed the case? 5. How do you know that 'supply increases steadily over time'? 6. Is there 'an acceleration of the rate of increase of the oil price'? How is the rate of increase measured and over what timescale? 7. What is a 'bifurcation point' and why does it matter?
Agreed. Surely $90/barrel oil prices will provide enough incentive for consumers to buy fuel-efficient vehicles. Let the market sort it out. If there are externalities such as global warming which aren't fairly reflected in the price, then tax gasoline or require the purchase of carbon credits to cap CO2 emissions at an agreed safe level.
But of course such a move would be politically unpopular, so we get this instead, which looks like it affects only the car industry and not 'American families' etc.
Clearly, the #1 test for any new web authoring service or information repository is whether it will be capable of archiving priceless webcomic knowledge for future generations.
Google's article doesn't answer the burning question: is the K in Knol pronounced or silent?
Oh you Knol, you are vile and vermicious! You are slimy and soggy and squishous! But we won't take heed of ya, We've got Wikipedia, So hop it and don't get ambitious!
That's my mistake - not reading the spec but visiting any number of half-baked E-Z TEACH YOURSELF CSS 4 DUMMIES websites. I'll print it out and go through it some weekend.
Yes, this must be the number 1 CSS question: how do I lay out my page with two columns, or otherwise reproduce the same layout I can trivially get by using elements? The only answers I've seen have been complicated and frilly (like most CSS tutorials) but, being a CSS neophyte, I was hoping for an idiot-proof guide 'instead of _this_ do _this_'. Or is it just not possible to use CSS to get the same control over layout that you have with nested tables?
In Asians, there is a gene that makes ear wax more dry.
The selective advantage of this is what, exactly? And is it strong enough to make this gene spread through a large part of the population in only 40 thousand years?
Since Slashdot jumped the shark a few years back. Most of the opinion pieces from Dvorak etc. are poorly informed wishful thinking or trolling. Should Disney buy Apple?
I think C was designed mainly to make it easy to write a C compiler (the history of C++ is similar, although it has certainly gone off the rails a bit since the early days).
(a) a written offer is kind of pointless, when you can download busybox source code off the net free of charge (and we can assume that anyone with this router has an Internet connection...)
(b) again, you can study the busybox source code whenever you want, whether you have bought this router or not.
I support the GPL and of course it should be enforceable but I wonder what makes this particular router a target for spending time and money on a lawsuit. Surely there are more pressing threats to freedom that the SFLC could be busying themselves with. Or do they just sue as a matter of principle?
Your roommate was able to get the code off the net anyway. He didn't need a letter from Verizon offering to send him the code on CD for a handling charge of ten dollars. So what real benefit would users get from this lawsuit?
Agreed, but most of that doesn't help the users (who could download busybox sources from the net anyway). I'm just wondering what the point is to this legal action - if there is some wrong to be righted, or if they're just enforcing compliance because they can. I doubt that Verizon or the hardware manufacturer have made any enhancements to busybox.
I must admit that it would be awfully silly to create a low level language that is interpreted.
Not at all. Open Firmware (used in the OLPC among other devices) is built around a Forth interpreter which can be used to write device drivers and hardware initialization code. Pascal was originally implemented as a p-code interpreter. And so on.
Do the users have admin rights on the router to install a new version of busybox? If not, sending them the source code seems like a pointless formality, like a map to a country you are forbidden from visiting.
Slashdot Mirror
I meant that the workings of the interpreter are kludgy, not the language itself. I agree that perl doesn't have a spec and so by definition, any bug report of perl's behaviour is invalid. (I've had a couple of bug reports dismissed as invalid, only to be fixed a couple of years later when the developers realized that "it's always been that way" is not a good justification for the way a program behaves.)
I don't think that applies to Parrot, which AFAIK is a pretty clean and general design. I'm just not optimistic that the Python community, Tcl community and so on will make the effort to use it. They are interested in their own languages and don't have time for grand unification projects.
I think the Perl hackers want something to run Perl 6 on, and the existing perl5 interpreter isn't up to the job (it is fast and well-tested, but the internals are somewhat kludgy). So they need to write a VM. The idea of running Perl, Tcl, Python and others on the same VM is a good one, it would be nice if the world could live together in harmony and all work on the same underlying interpreter, but I don't think the Python or Tcl maintainers will be interested. Which is a shame.
More likely, 25 servers with one down = most of them broken, because the one that failed was providing DNS or external network connectivity or NFS serving or Kerberos authentication or the database or...
You can't assume that just splitting services across different machines will make them more reliable. Most of the time it makes them less reliable, because instead of a single point of failure you now have several points of failure and if any one of them goes wrong then your systems break. A mainframe is a single point of failure and if it dies, everything dies... but it doesn't tend to die because the hardware and software are designed to be more resilient than standard PC hardware and operating systems.
Yes, you can use commodity hardware and software and distribute your computing tasks to get good reliability, as Google does with its hordes of cheap servers answering search queries. But you have to be clever to do it. Just taking one system and splitting it into twenty-five interdependent systems does not add reliability.
I can't speak on behalf of 'those against Microsoft', but while mindlessly adding up total numbers of disclosed vulnerabilities doesn't give a fair picture (for reasons explained in the links I posted), if you use your brain a bit you can still point to a particular vulnerability as evidence of bad software quality. You need to take into account how severe it is, how exploitable in the default configuration, how long it went unpatched, and so on. All important things to look at, but not reducible to a single number.
It depends what you mean by an 'exposed vulnerability'. There is often a mindset that until a vulnerability is publicly disclosed, it cannot be exploited, and so it is the act of disclosure that creates security risks, rather than the act of writing the buggy code in the first place. If you are counting 'exposed vulnerabilities' you need to count exposure time from the date the vulnerable code was released to the date it was withdrawn or patched - not just counting from some arbitrary public disclosure date. The bug existed long before the program's author found out about it.
How many times does it have to be repeated? Counting vulnerabilities is a stupid way to measure security. Counting vulnerabilities is a stupid way to measure security. Counting vulnerabilities is a stupid way to measure security.
Shouldn't Slashdot link to some more insightful analysis?
Will it include The Ballad of Bilbo Baggins by Leonard Nimoy?
Even Bjarne Stroustrup uses "\n" instead of endl (at least sometimes). I think the reasoning is: since the C standard library convention (which C++ inherits) is to fiddle any platform-specific line terminator and show just \n to the application, you might as well write that and let the library turn it to \r\n or whatever as needed. That said, I haven't tested what happens on DOS or Windows platforms (say) with his example program.
The fact that the PHP developers are idiots and the MySQL quoting rules are complex does not mean it is impossible to safely quote HTML. There are three things you must do (in this order):
/^[A-Za-z0-9]{1,100}$/ or die 'bad characters in user text';
- change every & character to &
- change every < character to <
- change every > character to >
That is guaranteed to give you safe text you can put inside a <p> or other element. If you want to paste user-generated input in other places, such as <div style="$user_text">, then you would have to worry about closing quotation marks and other crap. But this too is easy if you know what characters are legitimate:
$user_text =~
Straightforward and watertight - this also checks the length to avoid any possible buffer overrun in dodgy browsers. You could use one of Perl's Unicode character classes instead. There is no need to worry about 101 different ways to make a double quote - there are probably that many glyphs which _look_ like a " character in popular fonts, but only one of them is the " character. Write code with a whitelist of safe characters, rather than trying to catch 'bad' ones, and you'll be safe.
1. What is 'supply'?
2. What is 'demand'?
3. What is 'the gap between supply and demand'?
4. How can we measure whether it is 'growing', and is this indeed the case?
5. How do you know that 'supply increases steadily over time'?
6. Is there 'an acceleration of the rate of increase of the oil price'? How is the rate of increase measured and over what timescale?
7. What is a 'bifurcation point' and why does it matter?
Agreed. Surely $90/barrel oil prices will provide enough incentive for consumers to buy fuel-efficient vehicles. Let the market sort it out. If there are externalities such as global warming which aren't fairly reflected in the price, then tax gasoline or require the purchase of carbon credits to cap CO2 emissions at an agreed safe level.
But of course such a move would be politically unpopular, so we get this instead, which looks like it affects only the car industry and not 'American families' etc.
Clearly, the #1 test for any new web authoring service or information repository is whether it will be capable of archiving priceless webcomic knowledge for future generations.
In our universe, yes. But in a parallel universe there is certainly a Star Trek episode where Kirk goes back in time and makes a handmade cannon.
That's my mistake - not reading the spec but visiting any number of half-baked E-Z TEACH YOURSELF CSS 4 DUMMIES websites. I'll print it out and go through it some weekend.
Yes, this must be the number 1 CSS question: how do I lay out my page with two columns, or otherwise reproduce the same layout I can trivially get by using elements? The only answers I've seen have been complicated and frilly (like most CSS tutorials) but, being a CSS neophyte, I was hoping for an idiot-proof guide 'instead of _this_ do _this_'. Or is it just not possible to use CSS to get the same control over layout that you have with nested tables?
Since Slashdot jumped the shark a few years back. Most of the opinion pieces from Dvorak etc. are poorly informed wishful thinking or trolling. Should Disney buy Apple?
I think C was designed mainly to make it easy to write a C compiler (the history of C++ is similar, although it has certainly gone off the rails a bit since the early days).
(a) a written offer is kind of pointless, when you can download busybox source code off the net free of charge (and we can assume that anyone with this router has an Internet connection...)
(b) again, you can study the busybox source code whenever you want, whether you have bought this router or not.
I support the GPL and of course it should be enforceable but I wonder what makes this particular router a target for spending time and money on a lawsuit. Surely there are more pressing threats to freedom that the SFLC could be busying themselves with. Or do they just sue as a matter of principle?
Your roommate was able to get the code off the net anyway. He didn't need a letter from Verizon offering to send him the code on CD for a handling charge of ten dollars. So what real benefit would users get from this lawsuit?
Agreed, but most of that doesn't help the users (who could download busybox sources from the net anyway). I'm just wondering what the point is to this legal action - if there is some wrong to be righted, or if they're just enforcing compliance because they can. I doubt that Verizon or the hardware manufacturer have made any enhancements to busybox.
Do the users have admin rights on the router to install a new version of busybox? If not, sending them the source code seems like a pointless formality, like a map to a country you are forbidden from visiting.