Him: I was in an accident that wasn't my fault and my insurance rates skyrocketed!
Me: Didn't the other driver have insurance?
Him: There was no other driver. My car was totalled when it slid off a dirt road and hit a tree.
Me: Was the road icy? Did another driver make you swerve, but you didn't hit him? Or maybe you swerved to avoid an animal or child?
Him: No, the road was perfectly dry and there was no one else around for miles.
Me: Well, whose fault was the accident if it wasn't yours?
Him: The road grader, for making the road so slippery.
While I have to agree with you based on population, Tempe is relatively centrally located and has a more "clean and modern" feel to it compared to Phoenix. There are many more people that work, shop, go to school, and play in Tempe than those that live there. Think of it as more of a spread out downtown area rather than a city on its own and you will see the significance.
My degree is in computer systems engineering which was a pretty good balance of hardware and software. The purpose of a bachelor's degree is to get a general education and give you the basics to be able to succeed in a field. It is not to teach you a trade. In my opinion, the broader your knowledge the better.
I had plenty of practice with programming, but when my friends in CS were taking yet another C++ class, I was designing and building an embedded system from circuit board to software to fly in a soda can sized "satellite" (yes, I received class credit).
And don't neglect applying for internships. I did one internship writing test and database software for a wafer fab, and another internship doing experiments for chip designers and writing lab reports. When I graduated at the peak (trough?) of the recession, most of my CS friends were continuing on with grad school because they couldn't find a decent job. I had 3 jobs to choose from: writing driver software for DSPs, entering an engineering rotation program, or writing embedded software for apache helicopters.
Don't underestimate the power of a broad education coupled with practical experience.
Is video encoding the kind of task that even can benefit from this? Does the encoding of each segment happen independant of what happened before?
It's not completely independent, but the amount of overlap needed is very small. I don't know the exact number for a DVD, but it is on the order of 1-5 seconds. You just have to think in terms of parallelizing 10-15 minute segments instead of frame by frame.
remove half the lines... and it better still work!
My first internship I had to do just that. Some test software at a wafer fab had been hacked together over 20 years by a tech who self-taught herself BASIC and didn't know anything about arrays or subroutines.
The software tested one batch of wafers and printed out a line of results to a dot matrix printer. Based on the results, the wafers would go back in to "cook" for a while longer and another lot would be tested and printed out on a different dot matrix printer. The process was to switch between the two lots, testing and cooking, until the devices met specifications.
The funny part was the code was in 2 identical halves except for a '2' appended to each variable in the second half to test the second lot. They wanted to switch to a single laser printer and couldn't because there was no memory between tests and you can't print out a single line at a time to a laser printer.
I added a gui and network interface code, and still had less than half the lines of code as the original.
My interview for my first real job (well, internship) went a lot like that. I felt stupid because I didn't know half of the things he was talking about, but at least I was honest. I must have done okay because I got the job. Turns out they were internal only apps and some decades-old commercial software they were still using on the manufacturing floor.
However, as the unofficial tech support person for my extended family, I know where the making crap up stuff comes from. My family all knows I have only run Linux at home in many years, and only use Windows as a smart terminal to log into the Sun machines at work. They still ask me questions about WinXP, which I have never used. I answer them honestly with an "I don't know", but they won't accept that for an answer. They press me until I make my best guess, which is usually close enough for them.
In my opinion the real problem is people are unable to see when their spreadsheet has grown to such a point that a professional database programmer is needed, because it was manageable as a spreadsheet in its early iterations.
More than once I have had a relative ask me for advice about a spreadsheet that has become unmanageable. They lay down a set of requirements that obviously call for a custom database app written by a programmer. I tell them to hire someone to write it. A contractor or even an intern will do in most cases. They say they can't afford it, but also tell me they are wasting 10 hours a week just managing their current spreadsheet. They want a professional solution, but don't have enough respect for the work the professional does to hire one.
Doc, I know you said I need brain surgery, but I can't afford it. When the tumor was small the headaches went away when I took an aspirin. Can't you just recommend a better kind of aspirin I can take?
My wife has been using Open/Staroffice and Linux for about 7 years, exclusively for about 4, and she couldn't answer any of your questions correctly because she is a user and not an administrator. Of course, the job she would be interviewing for would reflect that.
I can only sell my software to a particular known configuration, because Linux doesn't have its act together enough to be able to install software that hasn't been "repackaged" by somebody working for the distrobution.
Commercial software on Linux is a whole other ball of wax, but it's not as huge a problem as most people make it out to be. I have 4 commercial software packages as counterexamples that have all been installed on almost everything from Mandrake to LinuxFromScratch.
Download setup.exe, install, run... it would make the transition to a Linux desktop much easier if (desktop) Linux software could be installed as easily.
You're absolutely right. Way too many users are confused by modern package managers eliminating the "download setup.exe" step. Seriously, how much easier can it get? If it's not that easy for you, you either are doing non-newbie things or are using the wrong distribution or both.
only way to get a patched version of Firefox was to download one of the nightly builds
I wouldn't say the "only" way, but I agree that it is probably the easiest way.
Want up-to-the-minute security updates without bleeding edge development code and large downloads? Apply the patch yourself to your stable source and recompile. Most open source security vulnerabilities are easy to fix and are reported together with a small patch in the same post or a matter of minutes later.
You don't have to be a programmer to compile your own open source application, and it's not that much more difficult than finding and installing nightly builds. You're obviously not completely satisfied with the "security updates bundled with development binaries" approach, so why not take full advantage of the flexibility open source offers you?
Okay, so I'm somewhat biased because I work for a military contractor, but that also gives me an insider's perspective.
The reasoning behind recent research hasn't been to kill the enemy more efficiently, but has been how to win necessary wars with the least friendly and enemy casualties possible. Ideologies have changed a lot since WWII. We no longer go to war against a country. We go to war against dictators and pockets of terrorists while trying to defend everyone else in the country. It requires a different mindset and different technology. We already have effective weapons of mass destruction, but mass destruction is not how we want to win anymore.
Name any modern shooter video game and I will bet it has some kind of cue to differentiate between friendlies and known enemies, like a reticle that turns green or red. Now imagine the same sort of thing in the hands of our real life armed forces, and you will get some idea of just one of the (albeit lofty) goals of projects like FCS.
You missed my point. I know that the raw kernel doesn't support binary compatibility. What I was saying is that people interested in providing binary drivers to linux do so by creating their own binary compatibility layer which is compiled and linked with their binary distribution during installation. Since source level compatibility is a lot more stable than binary compatibility, the half and half approach has worked quite well for driver developers. My main point is that the binary compatibility argument is moot because I have at least 4 counterexamples of binary drivers which are successfully integrated into my system. Just because it isn't the same as windows, doesn't mean it is not equally as effective.
The problem with Linux is that because there is no binary driver interface and driver model common to all dists
That is a myth. I currently have at least four such interfaces installed on my Linux machines at home. Who wrote them? Who better than the device driver programmers themselves? They know exactly what they need and what they don't. The drivers have all been stable within the 2.4 and 2.6 kernel series on any distro and most only required minor changes between 2.4 and 2.6.
Personally I think that the reason more companies don't release linux device drivers for their products is that the community is doing a pretty good job without them. The drivers are out there and available for the most part. What is lacking is the automatic detection, downloading, and installation of the correct driver. If you don't think Windows has the same problem, you have never upgraded someone to Windows XP whose hardware all came with Windows 98 drivers on CD. They only get away with it because of the ubiquity of a certain version of their OS and the fact that most people just use the OS that was pre-installed on their computer.
I thought you were in my high school history class for a minute there. My teacher suspected that some students were receiving the answers from the class before. Just before Christmas break, word got around to our entire class (not just the usual cheaters) that the answers to the matching test spelled "MERRY CHRISTMAS" down the side. The teacher said as a Christmas gift he made an easy test and anyone who finished early could leave for lunch early. I did the first few problems just to be sure. "M", check. "E", check. Wait, whats a B doing where the R shoud be? About that time around half the class is walking out with smug looks on their faces and the other half is just as smug because they actually did problem 3.
In Junior High we had to memorize the preamble to the United States constitution and I was having trouble. I had looked a little bit at one of my Dad's old shorthand books, and so I painstakingly wrote out key phrases in shorthand so it would just look like doodles sticking out of the edge of my book. Well it turned out at the test that I couldn't remember how to read the shorthand notes I had written, but that I knew it perfectly because of the long time I had spent trying to do it the "easy" way.
when they say "illegal," they don't mean 'criminal,' they mean 'against our own policies.'
Am I the only one here who has ever had a tense conversation with his wife because the computer "performed an illegal operation and must be shut down?" I'm glad my ISP didn't find out about that one.
There are other means to judge the skills of programmers in addition to reading their code:
How well do they use the development tools available to them? For example, when debugging a segmentation fault do they employ endless cycles of inserting print statements, rebuilding, and rerunning or do they use a debugger? How many times has a coworker asked me to help them debug a core dump when the first thing they did was to rm that "pesky" core file?
How well do they use the revision control system? My biggest pet peeve is programmers who comment out a section of code and then check it in to revision control. This just shows a lack of confidence in your decision to remove the code and a lack of understanding of revision control. Also, does the code work after every commit or at the very least compile?
It isn't just a question of what to label the kernels, it is mostly about how they are developed. Maintaining software is a constant cycle of adding features, which unavoidably introduce bugs (creating instability), which are then fixed (adding stability). Since open source software is used as it is developed, the timing of each part of that cycle can make a big difference to the user.
Right now each kernel developer is going through that cycle at their own rate. At any given time, some developers are in the unstable half of the cycle and some are in the stable half, resulting in reduced stability overall. Linus is just trying to synchronize everyone to the same phase in a much faster cycle than 2.4-2.5-2.6 was in order to try to get the best of both worlds.
I swear not every kernel is suitable with every distro.
Exactly why Linus thought the lack of a 2.7 kernel series would work out. Every distro applies their chosen set of patches to the vanilla kernel, uses their own specific configuration, and does their own testing. Gentoo x86 users can choose from about 10 different kernels, all with the same version number. I'm sure he was thinking that if he didn't do a stable kernel, that the distros would.
Rolling your own stable kernel isn't that hard to do, especially with the resources of a distro. In fact, since one man's stable is another man's unstable, it is probably the only way to make sure that it is stable for you, which is what's important.
I maintain 3 kernels for myself: a stable, medium, and unstable. The stable kernel is a 2.4.20 with only security patches applied. (2.4.21 broke some commercial software that I use occasionally). My unstable is the latest 2.6 release. The medium is a couple of 2.6 releases back, with only security patches applied. My wife uses medium all the time. I use medium when doing something important and unstable otherwise. Once I have used an unstable kernel long enough without problems, it becomes my new medium kernel and the cycle continues.
Interestingly, the last three 2.6 releases have failed to become my medium kernel because of instabilities. Perhaps enough people are having similar experiences to prompt the rethink in process? I personally think the proposal would be an excellent compromise, and would actually fit better with how other open source projects are run.
it doesn't make sense to optimize the keyboard for least-used things does it?
I know exactly what you mean. Everyone knows that the most productive keys for inserting text at the beginning or end of a line are 'I' and 'A' respectively. It completely frustrates me that only vi gets it right:-)
My point is that you can't optimize the keyboard for every user because every user has different needs and experience. I can edit faster with vi than I can with any other editor. I wish every program used vi key bindings, but most people find it completely non-intuitive and useless, and I can accept that. There is a woman at work that uses the mouse for everything and only right clicks if she has no other option. For most people the accelerator keys would be faster, but she is so fast at the menus it makes you dizzy.
The best option is to make it useful for as many people as possible and make it easy to change for the rest.
I'll second the recommendation for cinelerra, which I use for wedding videos I do on the side, and for some reason didn't show up on the linked sourceforge search. I have even used my laptop to make my own little 2-node renderfarm.
Still, the topic of NLEs on videographer forums is almost as virulent as vi vs. emacs arguments in tech circles. They all do pretty much the same thing, but there is usually one that fits best with any given person's style. Without knowing your style, it is difficult to make a recommendation.
For example I would highly recommend cinelerra to someone posting on slashdot who already uses Linux on a regular basis, but wouldn't recommend it to someone posting on creativecow who thinks redhat is what a cardinals baseball player wears.
Re:Strengths and differences of this vs SELinux
on
Data Execution Protection
·
· Score: 3, Interesting
This is a good introduction to the main solutions to software exploits in Linux and the different kinds of protection they provide and why.
Most people recommend a combined approach including mandatory access control, chroot jails for services on the internet, stack smash protection, address space layout randomization, non-executable memory pages, firewalls, virus and spyware scanning, intrusion detection, regular vulnerability patching, and user education (did I leave anything out?). No one will tell you that you are safe after implementing just one of these solutions, but the more you do implement, the more secure your system will be.
All of the above have been available on Linux for some time, but are not implemented by default in any popular distribution that I am aware of, which is a shame because I believe it is only a matter of time before someone writes a really nasty worm for Linux. Most Linux users I know seem to believe they are safe with only regular patching and a firewall.
Gentoo is the best distro I have found for implementing these security measures and tries to build them in as an option wherever possible. Gentoo has great documentation on security and is all about custom configuration and compiling. Since some of the above solutions require special compiler technologies, Gentoo is a perfect fit.
Each of those solutions take a certain amount of effort to implement and will break certain existing applications in different ways. Basically, Microsoft is taking the next step and implementing the least disruptive and easiest solution that will provide some protection for all software running on the system. They should probably also compile their own software with stack smash protection and make address space layout randomization available as a next step.
Actually, systems like SELinux are specifically designed to limit the abilities of even the root user according to the situation, making a "root exploit" much less effective in most circumstances unless it is an exploit in the kernel itself, which is a lot more rare than an exploit in a daemon.
My daughter was born last June 3 months premature, spent 3 months in the hospital, and then 4 months on a home heart/apnea monitor because complications with her hydrocephalus cause bradycardia (low heart rate).
I think wireless transmission to the hospital would be a bad idea for the following reasons:
If you are bad enough off to need a monitor you need someone at your home trained in CPR and the interpretation of the monitor alarms anyway in order to respond fast enough.
Those things go crazy with false alarms. Our daughter had about 300 alarms a month, only a couple of which were actually cause for concern, and none of which required medical intervention. Every time our daughter breathed a little shallow when she was eating, wiggled a little too much, or got a little upset when her diaper was changed, the alarm went off. A human must look at the person to verify if the alarm is valid, even in the hospital. It was pretty fun to have the battery get low after a 4 hour plane flight and set off the ear-piercing alarm in the terminal.
Now a real innovation would be making these the size of a cell phone instead of that VCR we were hauling around.
Slashdot Mirror
Him: I was in an accident that wasn't my fault and my insurance rates skyrocketed!
Me: Didn't the other driver have insurance?
Him: There was no other driver. My car was totalled when it slid off a dirt road and hit a tree.
Me: Was the road icy? Did another driver make you swerve, but you didn't hit him? Or maybe you swerved to avoid an animal or child?
Him: No, the road was perfectly dry and there was no one else around for miles.
Me: Well, whose fault was the accident if it wasn't yours?
Him: The road grader, for making the road so slippery.
While I have to agree with you based on population, Tempe is relatively centrally located and has a more "clean and modern" feel to it compared to Phoenix. There are many more people that work, shop, go to school, and play in Tempe than those that live there. Think of it as more of a spread out downtown area rather than a city on its own and you will see the significance.
I had plenty of practice with programming, but when my friends in CS were taking yet another C++ class, I was designing and building an embedded system from circuit board to software to fly in a soda can sized "satellite" (yes, I received class credit).
And don't neglect applying for internships. I did one internship writing test and database software for a wafer fab, and another internship doing experiments for chip designers and writing lab reports. When I graduated at the peak (trough?) of the recession, most of my CS friends were continuing on with grad school because they couldn't find a decent job. I had 3 jobs to choose from: writing driver software for DSPs, entering an engineering rotation program, or writing embedded software for apache helicopters.
Don't underestimate the power of a broad education coupled with practical experience.
My first internship I had to do just that. Some test software at a wafer fab had been hacked together over 20 years by a tech who self-taught herself BASIC and didn't know anything about arrays or subroutines.
The software tested one batch of wafers and printed out a line of results to a dot matrix printer. Based on the results, the wafers would go back in to "cook" for a while longer and another lot would be tested and printed out on a different dot matrix printer. The process was to switch between the two lots, testing and cooking, until the devices met specifications.
The funny part was the code was in 2 identical halves except for a '2' appended to each variable in the second half to test the second lot. They wanted to switch to a single laser printer and couldn't because there was no memory between tests and you can't print out a single line at a time to a laser printer.
I added a gui and network interface code, and still had less than half the lines of code as the original.
However, as the unofficial tech support person for my extended family, I know where the making crap up stuff comes from. My family all knows I have only run Linux at home in many years, and only use Windows as a smart terminal to log into the Sun machines at work. They still ask me questions about WinXP, which I have never used. I answer them honestly with an "I don't know", but they won't accept that for an answer. They press me until I make my best guess, which is usually close enough for them.
More than once I have had a relative ask me for advice about a spreadsheet that has become unmanageable. They lay down a set of requirements that obviously call for a custom database app written by a programmer. I tell them to hire someone to write it. A contractor or even an intern will do in most cases. They say they can't afford it, but also tell me they are wasting 10 hours a week just managing their current spreadsheet. They want a professional solution, but don't have enough respect for the work the professional does to hire one.
Doc, I know you said I need brain surgery, but I can't afford it. When the tumor was small the headaches went away when I took an aspirin. Can't you just recommend a better kind of aspirin I can take?
My wife has been using Open/Staroffice and Linux for about 7 years, exclusively for about 4, and she couldn't answer any of your questions correctly because she is a user and not an administrator. Of course, the job she would be interviewing for would reflect that.
Want up-to-the-minute security updates without bleeding edge development code and large downloads? Apply the patch yourself to your stable source and recompile. Most open source security vulnerabilities are easy to fix and are reported together with a small patch in the same post or a matter of minutes later.
You don't have to be a programmer to compile your own open source application, and it's not that much more difficult than finding and installing nightly builds. You're obviously not completely satisfied with the "security updates bundled with development binaries" approach, so why not take full advantage of the flexibility open source offers you?
The reasoning behind recent research hasn't been to kill the enemy more efficiently, but has been how to win necessary wars with the least friendly and enemy casualties possible. Ideologies have changed a lot since WWII. We no longer go to war against a country. We go to war against dictators and pockets of terrorists while trying to defend everyone else in the country. It requires a different mindset and different technology. We already have effective weapons of mass destruction, but mass destruction is not how we want to win anymore.
Name any modern shooter video game and I will bet it has some kind of cue to differentiate between friendlies and known enemies, like a reticle that turns green or red. Now imagine the same sort of thing in the hands of our real life armed forces, and you will get some idea of just one of the (albeit lofty) goals of projects like FCS.
You missed my point. I know that the raw kernel doesn't support binary compatibility. What I was saying is that people interested in providing binary drivers to linux do so by creating their own binary compatibility layer which is compiled and linked with their binary distribution during installation. Since source level compatibility is a lot more stable than binary compatibility, the half and half approach has worked quite well for driver developers. My main point is that the binary compatibility argument is moot because I have at least 4 counterexamples of binary drivers which are successfully integrated into my system. Just because it isn't the same as windows, doesn't mean it is not equally as effective.
Personally I think that the reason more companies don't release linux device drivers for their products is that the community is doing a pretty good job without them. The drivers are out there and available for the most part. What is lacking is the automatic detection, downloading, and installation of the correct driver. If you don't think Windows has the same problem, you have never upgraded someone to Windows XP whose hardware all came with Windows 98 drivers on CD. They only get away with it because of the ubiquity of a certain version of their OS and the fact that most people just use the OS that was pre-installed on their computer.
In Junior High we had to memorize the preamble to the United States constitution and I was having trouble. I had looked a little bit at one of my Dad's old shorthand books, and so I painstakingly wrote out key phrases in shorthand so it would just look like doodles sticking out of the edge of my book. Well it turned out at the test that I couldn't remember how to read the shorthand notes I had written, but that I knew it perfectly because of the long time I had spent trying to do it the "easy" way.
Right now each kernel developer is going through that cycle at their own rate. At any given time, some developers are in the unstable half of the cycle and some are in the stable half, resulting in reduced stability overall. Linus is just trying to synchronize everyone to the same phase in a much faster cycle than 2.4-2.5-2.6 was in order to try to get the best of both worlds.
Rolling your own stable kernel isn't that hard to do, especially with the resources of a distro. In fact, since one man's stable is another man's unstable, it is probably the only way to make sure that it is stable for you, which is what's important.
I maintain 3 kernels for myself: a stable, medium, and unstable. The stable kernel is a 2.4.20 with only security patches applied. (2.4.21 broke some commercial software that I use occasionally). My unstable is the latest 2.6 release. The medium is a couple of 2.6 releases back, with only security patches applied. My wife uses medium all the time. I use medium when doing something important and unstable otherwise. Once I have used an unstable kernel long enough without problems, it becomes my new medium kernel and the cycle continues.
Interestingly, the last three 2.6 releases have failed to become my medium kernel because of instabilities. Perhaps enough people are having similar experiences to prompt the rethink in process? I personally think the proposal would be an excellent compromise, and would actually fit better with how other open source projects are run.
My point is that you can't optimize the keyboard for every user because every user has different needs and experience. I can edit faster with vi than I can with any other editor. I wish every program used vi key bindings, but most people find it completely non-intuitive and useless, and I can accept that. There is a woman at work that uses the mouse for everything and only right clicks if she has no other option. For most people the accelerator keys would be faster, but she is so fast at the menus it makes you dizzy.
The best option is to make it useful for as many people as possible and make it easy to change for the rest.
Still, the topic of NLEs on videographer forums is almost as virulent as vi vs. emacs arguments in tech circles. They all do pretty much the same thing, but there is usually one that fits best with any given person's style. Without knowing your style, it is difficult to make a recommendation.
For example I would highly recommend cinelerra to someone posting on slashdot who already uses Linux on a regular basis, but wouldn't recommend it to someone posting on creativecow who thinks redhat is what a cardinals baseball player wears.
Most people recommend a combined approach including mandatory access control, chroot jails for services on the internet, stack smash protection, address space layout randomization, non-executable memory pages, firewalls, virus and spyware scanning, intrusion detection, regular vulnerability patching, and user education (did I leave anything out?). No one will tell you that you are safe after implementing just one of these solutions, but the more you do implement, the more secure your system will be.
All of the above have been available on Linux for some time, but are not implemented by default in any popular distribution that I am aware of, which is a shame because I believe it is only a matter of time before someone writes a really nasty worm for Linux. Most Linux users I know seem to believe they are safe with only regular patching and a firewall.
Gentoo is the best distro I have found for implementing these security measures and tries to build them in as an option wherever possible. Gentoo has great documentation on security and is all about custom configuration and compiling. Since some of the above solutions require special compiler technologies, Gentoo is a perfect fit.
Each of those solutions take a certain amount of effort to implement and will break certain existing applications in different ways. Basically, Microsoft is taking the next step and implementing the least disruptive and easiest solution that will provide some protection for all software running on the system. They should probably also compile their own software with stack smash protection and make address space layout randomization available as a next step.
Actually, systems like SELinux are specifically designed to limit the abilities of even the root user according to the situation, making a "root exploit" much less effective in most circumstances unless it is an exploit in the kernel itself, which is a lot more rare than an exploit in a daemon.
I think wireless transmission to the hospital would be a bad idea for the following reasons:
- If you are bad enough off to need a monitor you need someone at your home trained in CPR and the interpretation of the monitor alarms anyway in order to respond fast enough.
- Those things go crazy with false alarms. Our daughter had about 300 alarms a month, only a couple of which were actually cause for concern, and none of which required medical intervention. Every time our daughter breathed a little shallow when she was eating, wiggled a little too much, or got a little upset when her diaper was changed, the alarm went off. A human must look at the person to verify if the alarm is valid, even in the hospital. It was pretty fun to have the battery get low after a 4 hour plane flight and set off the ear-piercing alarm in the terminal.
Now a real innovation would be making these the size of a cell phone instead of that VCR we were hauling around.