The way the BBC is currently set up is that the board of governors is accountable to *Parliament*, not the government. I don't think the proposal is going to change this.
The main way the government can put pressure on the BBC is by making threatening noises about the licence fee... now that too is decided by Parliament of course, but most MPs on the government benches are likely to support the government.
Why have people started calling it eXtreme Programming? This seems about as lame as referring to Micro$oft. Have a look at the Extreme Programming website. Nowhere is the cheesy capitalization used, unless you count some graphic design on the book's cover.
No, the purpose of a computer lab is not always to learn about computers. Perhaps the students are to use the computers to help in the study of some other subject, like maths or geography. It would be a bit daft if we taught children that the main purpose of computers is to do computer stuff.
Cooperative Linux already provides a way to run Linux under a kind of hardware emulation. If you wanted to run other operating systems then QEMU would be useful, but if you just want a way to run Linux on your Windows desktop then a good answer already exists.
If you arranged for each user to have his own copy of this PHP script, and for the web server to run it setuid to that user (a la mod_cgiwrap or whatever it's called), then it would be just as secure as normal access to the machine. Nobody could do anything through the web interface they couldn't do at a command line.
Dang, in fact, if Linux distributions come with sshd turned on, why don't they have some basic web interface where you authenticate with your username and password and can run a command? That would be most handy in cases when you don't have an ssh client available.
The standard rule applies: once the evil software gets root, you're screwed. If some piece of malware installed itself and ran with administrator privileges, you can't trust that machine to be clean ever again. You can only hope that the malware is unsophisticated enough to let you remove it, which is what Microsoft's tool and others do.
Instead of trying to clean up infected systems after the fact, it would be better for Microsoft to put some real effort into making Windows a system where you can get things done without having to execute code with administrator privileges all the time. You should be able to download some crappy shareware game and *by default* it runs with reduced privileges and no access to files outside its own directory. If you want an application to have access to some other files, you can drag them to its window.
Unfortunately it's much easier just to run everthing with full rights all the time (or at least full rights of the invoking user, so even if it can't trash the machine it can trash your own files), and lazily stick with a culture of using executables for everything (eg self-unpacking zipfiles).
It's a difficult problem to fix, but Microsoft could make some big improvements if they really wanted to.
The doctrine of 'technical effect' is a bizarre example of how a patent office, left to its own devices, will reinterpret the law in increasingly creative ways to expand its own powers.
As the thread http://www.aful.org/wws/arc/patents/2000-06/msg000 65.html explains, first of all the EPO made a ruling that although programs for computers are explicitly excluded under the European Patent Convention, this did not apply when the computer program could be shown to have a 'technical effect'. This 'technical effect' is nowhere mentioned in the EPC's exclusion; it is an invention by the patent office to have some reason to grant patents on software.
So for a few years you could get software patents in Europe if you could include some reasoning in your application to say that your program has a 'technical effect' when loaded onto a computer. Since the idea of technical effect is so vague, this allows through any software patent.
Then a few years later the EPO decided that they might as well drop the pretence, and made another ruling which assumes that all computer programs have a 'technical effect'. So the explicit exclusion in the EPC is being ignored.
Now, patents granted under this dubious reasoning are not very enforceable. National courts tend to interpret the law as it is written, and not the EPO's creative interpretation. However, if the directive is passed then the already-granted software patents in Europe (which are just as silly as those in the US, see the FFII horror gallery) will become legal.
The European law on patentability of software does not need 'clarifying', it is already quite explicit. We need to make the patent office follow the law as it stands.
I can't say whether the DVD-CCA is going to win this lawsuit. That depends on the exact wording of their contract with Kaleidescape. But on the general principle of requiring the disc to be physically present to play it, I think they have a point.
There are two ways of looking at the rights you get when you buy a DVD. You have bought an object, or you have licensed some content. You see both of these invoked on Slashdot. Firstly: 'I bought the DVD and paid for it, I have every right to play it on my Linux system if I wish. Copyright law only restricts copying, not usage.' The second way of thinking appears in arguments like: 'I paid for the music, if I want to make a spare copy for backups or to listen to in the car, why should I have to buy the same CD again?'.
These two views are to some extent opposed to each other. It's really just a personal gut feeling, but I think that the first model - you bought the disc and now you own it but copyright restricts making copies - is fairer and more civilized. I don't fancy living in a world where content is 'licensed' rather than bought. It could be old-fashioned but I'd prefer DVDs to be treated more like books. You don't license a book, you own it - but of course you need it to be physically there in order to read it.
A system which requires that the DVD be present in order to play it seems fair to me. It's an arbitrary restriction but one which is simple to understand and hard for the copyright holder to exploit monopolistically (for example, it makes it hard for them to segment the market and charge different prices to different people). It preserves the idea that you can mostly do what you want with goods you own, including reselling them.
Now the DVD-CCA cannot eat their cake and have it still. If physical possession of the disc is what matters then there is no justification for region coding or other such nastiness. But I never said I agree with their position in general, just that requiring the disc to be present (and so in only one place at a time) might not be such a bad idea in itself.
The article points out a few places where today's systems apparently have more work to do. But (perhaps in understandable platform-myopia) it doesn't realize that none of these things are that new, nor that CPU-intensive.
Didn't the Next Cube, say, have a slick and fast graphical interface with processors far slower than today's? Maybe with less whizzing and zooming, but those effects aren't fundamentally difficult (if they were, the slow part of loading a new application would be rendering its window on screen, not grinding the disk). Anti-aliased fonts rendered on-demand from outlines, another supposedly CPU-intensive display technique, were quite fast enough on an 8MHz machine back in 1989 (I used them). Real-time checking of misspelled words as you type? Eight-bit machines had this, for goodness' sake.
I suppose that virus scanning does slow down a system, but not by a factor of more than 2x, so it doesn't account for where all the performance has gone.
Okay, you can't buy a PC without Windows, at least not from one of the big-name vendors. So if you wanted to run Linux you would need to wipe the hard disk and reinstall from scratch.
But isn't that what most big companies do anyway? Even if you run Windows, you never want the stock installation that Dell put on there. You reinstall the machine with the corporate standard version of Windows (if your IT people have any clue, this will be fully automated).
So I don't see that inability to get Linux preinstalled is a big deal. The main reason to buy a machine which comes with Linux is as a guarantee that all the components have Linux drivers - but you can check that separately.
My goodness, a patent lawyer who isn't in favour of extending patentability to software. Until now, I had assumed that patent lawyers all pretended that the purpose of the law was to grant favours ('legal certainty') to patent holders, and pretended not to see the difference between computer programs and physical objects.
(I think it is unfortunate that the reputation of the patent system as a whole is being tarnished by the abuses in extending it to software. There are abuses in other fields too, but not to nearly the same extent.)
How many of your colleagues share your views? As far as I can tell the associations of patent lawyers in various countries are in favour of extending patentability to software. Could they be persuaded otherwise by their members?
I think it is fair to say that the C standard library has a terrible track record on security - at least, it has some abominations like gets() that are impossible to use safely, and string handling like sprintf() that is almost as bad. The standard library is part of the ANSI C standard so it is almost fair to say that C itself has a bad security record.
The core language, together with a more sensible library that was written with a bit more paranoia (for example, not assuming unlimited size buffers, and preferably not using 0-terminated strings, which themselves can cause gotchas), would make it easier to write secure code.
Similarly, well-written C++ using the C++ standard library (string, vector, ostreams, helpful memory management like auto_ptr, and so on) is unlikely to suffer buffer overruns, format string vulnerabilities or many other classes of security holes. Badly written C++ has all the same problems as badly written C.
No language is inherently insecure, but it can make it hard to do the right thing or too easy to do the wrong thing.
BTW - do you ever think about integer overflow when writing in C or C++? Sometimes there are overflow exploits. It would be most handy if the C++ standard library had a 'safe integer' class that would throw an exception or do something sensible when a value gets out of range, rather than wrapping around. Yes, you can explicitly check the result of each integer computation, but does the language make it easy?
Part of being a child is being told what to do. Probably as a consequence of this, children tend to be quite illiberal. Their model of the world seems to be based on authority figures who decide what 'should' and 'should not' happen. Media aimed at children or teenagers seems to reinforce this - a children's news programme will tend to lead with a story like 'Activity X is bad because Y. Should it be banned?'. This is the main angle on many opinion polls of younger people; should something or other be forbidden. It's not until adulthood, and getting more freedom for yourself, you realize how important it is to protect the freedom of others.
I'm interested to know what you mean. Why does GNU make not have support for the right way to use it (namely, a single Makefile with correct depedencies)? Which features would you like the maintainers to add?
I used ACDSee a few years ago and it seemed pretty quick. Perhaps it has bloated since then. Are there good image viewers on Windows? (Preferably free as in speech, but I'll settle for beer.)
I suggest people look at which is a faster way to parse ordinary XML files; you can get enough speedup from that without needing to use a binary format.
If choosing a binary format there are two kinds. One is motivated by saving space and would serialize the XML stream in a different way. To take a very noddy example, you could choose to encode as byte 00 and as byte 01. Parsing such a file would be faster than parsing textual XML but essentially the same limitations apply: need to scan sequentially to reach a particular element, need to either build up a big tree in memory or use some awkward token-based interface.
You suggest some indexes in the file 'so you can just fseek()'. This would be rather hairy to do for XML in general and I don't think any one file format would fit all. But if you have a particular XML DTD or schema in mind and you know your application's requirements (eg, 'I need to quickly count the elements and do constant-time lookup of the Nth element') then you could do something... though I don't know of any tool to help with generating and using this kind of indexed format, and hand-rolling code for it could be tedious.
Of course, a 'fast' binary format with the extra indexes would be bigger than a simple encoding of the data, and perhaps bigger than plain.xml.gz, so you might not want to use it for downloading. (Unless the format has special properties so that a partially downloaded file can be opened and processed without waiting for the rest...)
Rambling a bit: I would like to see a file compressor / encoder based on BNF grammars (maybe even yacc input files). Every legal file of a given grammar can be produced by applying rules of that grammar. If at a certain stage there are four possible rules to apply then this choice can be encoded in two bits. If one rule is more likely than others then Huffman or aritmetic coding could be used. I haven't thought through exactly how this could work... probably parse the file into a syntax tree and then output that from the top down.
Slashdot Mirror
In Soviet Russia, children play with toys!
The way the BBC is currently set up is that the board of governors is accountable to *Parliament*, not the government. I don't think the proposal is going to change this.
The main way the government can put pressure on the BBC is by making threatening noises about the licence fee... now that too is decided by Parliament of course, but most MPs on the government benches are likely to support the government.
I don't understand why Debian doesn't use a regular six month release cycle like OpenBSD, GNOME, tetex and other 'distribution' type projects.
Why have people started calling it eXtreme Programming? This seems about as lame as referring to Micro$oft. Have a look at the Extreme Programming website. Nowhere is the cheesy capitalization used, unless you count some graphic design on the book's cover.
In which OS do you get a greater feeling of freedom?
If you don't have freedom then what is the purpose of productivity?
No, the purpose of a computer lab is not always to learn about computers. Perhaps the students are to use the computers to help in the study of some other subject, like maths or geography. It would be a bit daft if we taught children that the main purpose of computers is to do computer stuff.
Before anybody asks: yes, it does run Linux.
Cooperative Linux already provides a way to run Linux under a kind of hardware emulation. If you wanted to run other operating systems then QEMU would be useful, but if you just want a way to run Linux on your Windows desktop then a good answer already exists.
If you arranged for each user to have his own copy of this PHP script, and for the web server to run it setuid to that user (a la mod_cgiwrap or whatever it's called), then it would be just as secure as normal access to the machine. Nobody could do anything through the web interface they couldn't do at a command line.
Dang, in fact, if Linux distributions come with sshd turned on, why don't they have some basic web interface where you authenticate with your username and password and can run a command? That would be most handy in cases when you don't have an ssh client available.
The standard rule applies: once the evil software gets root, you're screwed. If some piece of malware installed itself and ran with administrator privileges, you can't trust that machine to be clean ever again. You can only hope that the malware is unsophisticated enough to let you remove it, which is what Microsoft's tool and others do.
Instead of trying to clean up infected systems after the fact, it would be better for Microsoft to put some real effort into making Windows a system where you can get things done without having to execute code with administrator privileges all the time. You should be able to download some crappy shareware game and *by default* it runs with reduced privileges and no access to files outside its own directory. If you want an application to have access to some other files, you can drag them to its window.
Unfortunately it's much easier just to run everthing with full rights all the time (or at least full rights of the invoking user, so even if it can't trash the machine it can trash your own files), and lazily stick with a culture of using executables for everything (eg self-unpacking zipfiles).
It's a difficult problem to fix, but Microsoft could make some big improvements if they really wanted to.
The doctrine of 'technical effect' is a bizarre example of how a patent office, left to its own devices, will reinterpret the law in increasingly creative ways to expand its own powers.
0 65.html explains, first of all the EPO made a ruling that although programs for computers are explicitly excluded under the European Patent Convention, this did not apply when the computer program could be shown to have a 'technical effect'. This 'technical effect' is nowhere mentioned in the EPC's exclusion; it is an invention by the patent office to have some reason to grant patents on software.
As the thread http://www.aful.org/wws/arc/patents/2000-06/msg00
So for a few years you could get software patents in Europe if you could include some reasoning in your application to say that your program has a 'technical effect' when loaded onto a computer. Since the idea of technical effect is so vague, this allows through any software patent.
Then a few years later the EPO decided that they might as well drop the pretence, and made another ruling which assumes that all computer programs have a 'technical effect'. So the explicit exclusion in the EPC is being ignored.
Now, patents granted under this dubious reasoning are not very enforceable. National courts tend to interpret the law as it is written, and not the EPO's creative interpretation. However, if the directive is passed then the already-granted software patents in Europe (which are just as silly as those in the US, see the FFII horror gallery) will become legal.
The European law on patentability of software does not need 'clarifying', it is already quite explicit. We need to make the patent office follow the law as it stands.
I can't say whether the DVD-CCA is going to win this lawsuit. That depends on the exact wording of their contract with Kaleidescape. But on the general principle of requiring the disc to be physically present to play it, I think they have a point.
There are two ways of looking at the rights you get when you buy a DVD. You have bought an object, or you have licensed some content. You see both of these invoked on Slashdot. Firstly: 'I bought the DVD and paid for it, I have every right to play it on my Linux system if I wish. Copyright law only restricts copying, not usage.' The second way of thinking appears in arguments like: 'I paid for the music, if I want to make a spare copy for backups or to listen to in the car, why should I have to buy the same CD again?'.
These two views are to some extent opposed to each other. It's really just a personal gut feeling, but I think that the first model - you bought the disc and now you own it but copyright restricts making copies - is fairer and more civilized. I don't fancy living in a world where content is 'licensed' rather than bought. It could be old-fashioned but I'd prefer DVDs to be treated more like books. You don't license a book, you own it - but of course you need it to be physically there in order to read it.
A system which requires that the DVD be present in order to play it seems fair to me. It's an arbitrary restriction but one which is simple to understand and hard for the copyright holder to exploit monopolistically (for example, it makes it hard for them to segment the market and charge different prices to different people). It preserves the idea that you can mostly do what you want with goods you own, including reselling them.
Now the DVD-CCA cannot eat their cake and have it still. If physical possession of the disc is what matters then there is no justification for region coding or other such nastiness. But I never said I agree with their position in general, just that requiring the disc to be present (and so in only one place at a time) might not be such a bad idea in itself.
The article points out a few places where today's systems apparently have more work to do. But (perhaps in understandable platform-myopia) it doesn't realize that none of these things are that new, nor that CPU-intensive.
Didn't the Next Cube, say, have a slick and fast graphical interface with processors far slower than today's? Maybe with less whizzing and zooming, but those effects aren't fundamentally difficult (if they were, the slow part of loading a new application would be rendering its window on screen, not grinding the disk). Anti-aliased fonts rendered on-demand from outlines, another supposedly CPU-intensive display technique, were quite fast enough on an 8MHz machine back in 1989 (I used them). Real-time checking of misspelled words as you type? Eight-bit machines had this, for goodness' sake.
I suppose that virus scanning does slow down a system, but not by a factor of more than 2x, so it doesn't account for where all the performance has gone.
The iPod uses an ARM processor. Has anyone ported the Newton OS to it?
Okay, you can't buy a PC without Windows, at least not from one of the big-name vendors. So if you wanted to run Linux you would need to wipe the hard disk and reinstall from scratch.
But isn't that what most big companies do anyway? Even if you run Windows, you never want the stock installation that Dell put on there. You reinstall the machine with the corporate standard version of Windows (if your IT people have any clue, this will be fully automated).
So I don't see that inability to get Linux preinstalled is a big deal. The main reason to buy a machine which comes with Linux is as a guarantee that all the components have Linux drivers - but you can check that separately.
My goodness, a patent lawyer who isn't in favour of extending patentability to software. Until now, I had assumed that patent lawyers all pretended that the purpose of the law was to grant favours ('legal certainty') to patent holders, and pretended not to see the difference between computer programs and physical objects.
(I think it is unfortunate that the reputation of the patent system as a whole is being tarnished by the abuses in extending it to software. There are abuses in other fields too, but not to nearly the same extent.)
How many of your colleagues share your views? As far as I can tell the associations of patent lawyers in various countries are in favour of extending patentability to software. Could they be persuaded otherwise by their members?
I think it is fair to say that the C standard library has a terrible track record on security - at least, it has some abominations like gets() that are impossible to use safely, and string handling like sprintf() that is almost as bad. The standard library is part of the ANSI C standard so it is almost fair to say that C itself has a bad security record.
The core language, together with a more sensible library that was written with a bit more paranoia (for example, not assuming unlimited size buffers, and preferably not using 0-terminated strings, which themselves can cause gotchas), would make it easier to write secure code.
Similarly, well-written C++ using the C++ standard library (string, vector, ostreams, helpful memory management like auto_ptr, and so on) is unlikely to suffer buffer overruns, format string vulnerabilities or many other classes of security holes. Badly written C++ has all the same problems as badly written C.
No language is inherently insecure, but it can make it hard to do the right thing or too easy to do the wrong thing.
BTW - do you ever think about integer overflow when writing in C or C++? Sometimes there are overflow exploits. It would be most handy if the C++ standard library had a 'safe integer' class that would throw an exception or do something sensible when a value gets out of range, rather than wrapping around. Yes, you can explicitly check the result of each integer computation, but does the language make it easy?
Part of being a child is being told what to do. Probably as a consequence of this, children tend to be quite illiberal. Their model of the world seems to be based on authority figures who decide what 'should' and 'should not' happen. Media aimed at children or teenagers seems to reinforce this - a children's news programme will tend to lead with a story like 'Activity X is bad because Y. Should it be banned?'. This is the main angle on many opinion polls of younger people; should something or other be forbidden. It's not until adulthood, and getting more freedom for yourself, you realize how important it is to protect the freedom of others.
I'm interested to know what you mean. Why does GNU make not have support for the right way to use it (namely, a single Makefile with correct depedencies)? Which features would you like the maintainers to add?
Since when were 'TXT' and 'HTM' the names of document formats?
Please, this isn't MS-DOS, and even if it were there's no need to resort to such barbarisms. You mean plain text, and HTML.
I used ACDSee a few years ago and it seemed pretty quick. Perhaps it has bloated since then. Are there good image viewers on Windows? (Preferably free as in speech, but I'll settle for beer.)
Bloody Slashdot 'plain text' mode; why does it not understand that a less-than sign is an entirely legal character in plain text?
I meant to say: http://flexml.sourceforge.net/, and you could encode <foo> as byte 0 and </foo> as byte 1.
I suggest people look at which is a faster way to parse ordinary XML files; you can get enough speedup from that without needing to use a binary format.
.xml.gz, so you might not want to use it for downloading. (Unless the format has special properties so that a partially downloaded file can be opened and processed without waiting for the rest...)
If choosing a binary format there are two kinds. One is motivated by saving space and would serialize the XML stream in a different way. To take a very noddy example, you could choose to encode as byte 00 and as byte 01. Parsing such a file would be faster than parsing textual XML but essentially the same limitations apply: need to scan sequentially to reach a particular element, need to either build up a big tree in memory or use some awkward token-based interface.
You suggest some indexes in the file 'so you can just fseek()'. This would be rather hairy to do for XML in general and I don't think any one file format would fit all. But if you have a particular XML DTD or schema in mind and you know your application's requirements (eg, 'I need to quickly count the elements and do constant-time lookup of the Nth element') then you could do something... though I don't know of any tool to help with generating and using this kind of indexed format, and hand-rolling code for it could be tedious.
Of course, a 'fast' binary format with the extra indexes would be bigger than a simple encoding of the data, and perhaps bigger than plain
Rambling a bit: I would like to see a file compressor / encoder based on BNF grammars (maybe even yacc input files). Every legal file of a given grammar can be produced by applying rules of that grammar. If at a certain stage there are four possible rules to apply then this choice can be encoded in two bits. If one rule is more likely than others then Huffman or aritmetic coding could be used. I haven't thought through exactly how this could work... probably parse the file into a syntax tree and then output that from the top down.