The best one by far is "The Wizard Book"... Structure and interpretation of Computer Programs, or affectionately abbreviated most anywhere as SICP. It's the textbook for MIT's intro to CS class and is available for free on the web; just google for it. If you find it a bit tough to follow, then go to ocw.mit.edu, and you can get all the accompanying lectures and lecture notes from the class to go along with the book... with those it's a breeze to pick up.
The book covers all of the major programming concepts in a very straightforward manner (although I do wish they spent some more time on type theory) and is not too difficult a read at all.
For the record, I do pay for software, Windows included. I just think their distribution channel is outmoded, and it keeps me from using it more, in favor of easier to use and more trustworthy (if imperfect) models. Perhaps Windows Marketplace will address this, but it is woefully underfunded and unsupported at the moment. Microsoft, of all places has the ability to "catch up" and do package management and distribution better than any of it's competitors, yet it is hardly making even a feeble attempt.
The "big idea" for gentoo is configuration. I can easily configure a system to run as a server, workstation, embedded system, hardware-specific configuration, etc.. even if the configuration needed to do so require source level changes. I need only make a few adjustments to a config file, and the system will build itself accordingly.
The system is not restricted to source-only distribution. There are binaries in the tree, and many more would be welcome, but the demand for binaries just isn't all that great, so they don't get added as frequently (generally only for the packages that take long enough to compile that it annoys people.)
mmmm. Just the thought of Debian, Slackware, Fedora or Ubuntu adopting portage makes me very happy. Imagine all the binaries and stability of the tree that would bring.
It's not like that anymore. Pop in the live CD, double click the icon that says "Install Gentoo". Then sit back and surf the web until it tells you it's ok to reboot into your new gentoo systems. You can still get the old advantages of a stage install by following up with an "emerge -e system || emerge -e world", but it's not the educational experience it used to be.
And I too really liked the old educational experience.. I learned *A LOT* and am much more efficient at problem solving my system because of it. I also am very appreciative of the fact that there is a better way now:)
No, the repositories are not bug free. What they are is a cryptographically secure chain from the publisher to the repository, and from the repository to my machine. I can be reasonably assured that the software I install from the repository:
1) Is the software unmodified from it's original source, except for possible patches introduced at the repository level. The only people mucking with this package are the source and the repository maintainers.
2) That the software will install and uninstall in a manner compatible with my configuration.
3) That the software has been tested, at least to some degree, on my platform configuration.
#2 is covered by Microsoft's logo program, so they have part of this covered. #1 is a constant thorn in their side, as they can't even curb Windows OS counterfeiting because there is no secure distribution chain. #3 is less of a problem for windows, being as Windows comes in a very restricted set of configurations.
The biggest issues for MS is point #1, and convenience. Even using portage, with all the applicable jokes as to how long it takes to compile, it is still orders of magnitudes more convenient to install (non-stock) software with portage than with Windows. I see Microsoft doing very little to address this issue.
As for the argument that they would be considered a monopoly, etc. That's their problem. I am an end user and will make my purchasing decisions based primarily on price, functionality and convenience. Whatever excuse they have for being higher priced, less functional and more inconvenient does not matter to me at all in my purchase. The fact remains that I am rarely if ever going to go out of my way to purchase hard media from a non-secure chain when I can get a superior installation securely with the click of a mouse using the competitor's product.
The reason not to use it is that it is a Posix environment hacked onto a non-posix host, when there is a posix host which is more widely tested available for free.
I use cygwin, when I need a kludge to get something done on a Windows client, and yes, it's great software, but it's still a Posix emulation system, and adds a whole ugly layer of complexity. If I found myself relying on cygwin for a dev environment, I would quickly wonder why I don't just get a real host that can do this stuff natively.
And what command (or applet/button, etc..) do I use to install SFU on this Windows machine? AFAIK there is no secure install chain for such things on the windows platform. The only install channel Windows has is Windows update, which is very poorly stocked with any useful software... it tends to be Microsoft's stuff only, and then only the barest essentials + IE + Media Player. Which makes Windows barely a step up in functionality from my gaming console.
If you expect me to just go out on the interweb and install any old binary package I find on a website, then you are friggin nuts. That's the kind of thing people did back in the 90's and is antiquated, insecure, and a PITA to boot. Nobody with half a brain does that these days. All software that goes on my machines is either developed by me, or comes down, cryptographically signed from my distro deployment channels (portage in my case) and is tested and verified within acceptable limits as running on my system, with an integrated bug tracking system I can use to look up or report any bugs for that package on my platform.
So no, Awk and Bash are not available on my Windows boxes without severe hacking. When Windows gives me start->cntrlpanel->add/remove->install Awk, or an equivalent, then I'll accept your point.
Right now, Windows has development tools *if I go get them and insecurely modify my system*, the way my XBox runs Linux *If I go pay someone to chip it for me*... it doesn't.
Abstaining allows the group pulling the sleaze tactics, like releasing bills 30 minutes before vote, MORE power. The legal system is deny by default, and extremely heavily biased towards killing bills. A congressman, when presented with a bill and insufficient time for they and their staff to research it and it's repercussions should smell something fishy and kill the bill, as a default action, in favor of the status quo. The congressman should be open about this policy, which should deter bills from being released in this manner in the first place.
Now, if the congressman, given a reasonably short bill, and ample time to peruse the bill, simply doesn't do his job of researching it, then he should abstain. But to vote in favor of a bill that you and your staff have not researched is incompetence at best and fraudulent at worst. To allow relying on incompetence and dishonesty of congressman in the whole to continue to be a valid strategy for making law by abstaining or voting affirmative when such tricks are pulled is asinine.
Any honest congressman, when asked to vote on a bill they have not read for any reason, should vote no. Unfortunately, there are no honest congressmen.
My comment has nothing to do with your solution, but...
As a fellow programmer, I have to put in a plug for using your time at home to learn other languages you don't use at work. Picking a new language and then forcing yourself to do a project in it will seriously make you a better programmer in your primary language, and will make your life much easier at work. When you dive into a language that is substantially different than your original you learn completely new ways to approach problems, many of which you can add to your mental toolbox back in your original language.
Now, as an ASP developer, going home and learning PHP would be a bit of a waste of time as they are pretty much the same, and you wouldn't get much from your pain. But going home and building something in C#, prolog, ruby, python, scheme, haskell, etc... would work miracles in expanding your brain because they are so very different. You may still do all your primary development in ASP, but you will find that you are 10 times the programmer in ASP having learned a couple of completely different ways of approaching programming.
In theory, such a change should not happen. Automatic updates of security patches should occur regardless of WGA status. MS does not want non-genuine machines to end up in bot-networks.
If this happens in practice, I believe it is unintended.
Perhaps it's not a unified packaging system, but rather, a unified repository of meta packages with build transforms to DEB, RPM, Portage, etc packages. The software authors release to this repository, similar to the unified virus database all the antivirus vendors use. The distros pull from the repository and transform it into their native packaging system, making binary builds, changing paths, or whatever. The meta-package would describe what kinds of transforms might be illegal, etc. End distros could filter certain packages as unstable if they cause problems on their particular system, but in general, once software is released into the repository it gets pulled automatically into all the distros.
It's not generally an issue of "can it be done?" It's often an issue of doing it cleanly and conveniently. For instance, on my Gentoo box, I can do a source install, which leaves the/usr,/usr/local, and sometimes/var trees in a state that is not cleanly managed by portage. Installing to my home directory is not always appropriate.. the "right" way to do it is to use an overlay, which is generally way more work and takes more specialized knowledge on my part than I am willing to expend.
Re:Static analysis is the sh-t
on
PMD Applied
·
· Score: 1
I agree that there will always be classes of bugs that cannot be solved by language design. The halting problem is the classic example of this. However, if the static analysis tool can determine that the code you wrote is not in a subset of possible code you probably meant to write, then it seems perfectly reasonable that you can construct a syntax in which only programs lying in the subset of programs you mean to write are expressible, or at least a syntax that maps them closely enough that a static analyzer won't be able to determine the bugs. For instance, adding 2 strings together is generally not meaningful, so the compiler in most languages statically checks for this possibility using a type system. Such static analysis could conceivably done by an external tool, but I think we would agree that said tool only masks a deficiency in the compiler.
In the most trivial realization of what I am saying, you could simply merge the syntactic analyzer with the compiler, in which case you have augmented the compiler. I think it is possible to go much further in constraining the syntax of the language itself though. Extremely strongly typed languages like ML and Haskell do this for instance.
Basically, in the end, I think that if there is near universal consensus on what is a "bad thing to do" in such and such a language, and such a thing can decidably be picked up by a static analyzer, then it points to a deficiency in the language, and by not patching it up, forces the users of the language to use external tools to catch the issue instead of a better compiler.
Re:Static analysis is the sh-t
on
PMD Applied
·
· Score: 1
A language need only be as flexible as its problem domain requires. Many make systems are not even Turing complete (I think GNU Make is) but that doesn't make them non-useful! Java abstracts away pointers and forces you into an OO-only paradigm, but that lack of flexibility shelters you from a large class of bugs while retaining enough flexibility to solve a great range of problems. (Please don't confuse this statement as a personal endorsement of Java:)
Without even getting into non-mutable semantics, we know a few techniques that are widely recognized and used to reduce the very errors linters check for such as strong static typing, garbage collection, RAII and stack frame oriented destruction, message passing, etc... It is my premise that if the linter can catch any bugs at all in your semantics, than it is very likely you are programming using constructs that are too low level for your problem domain in the first place. If the linter only picks up false positives, then you are using the right level of abstraction, but you also have no use for the linter.
Re:Static analysis is the sh-t
on
PMD Applied
·
· Score: 1
how are you going to have a language that tells you not to call a sleeping function when the IRQ level is too high?
You aren't. But I doubt a static analyzer is going to catch that either.
How are you going to have a language that will prevent you from writing 'close(fd);' twice in a row?
By abstracting away the mutation. You can do this with C++ RAII, or Monadically, or any number of other ways.
We will always need device drivers. C and ASM are great for that, no question about it. On the other hand, when programming higher level components, why do we insist on using a set of semantics designed for programming directly to hardware? My point being that if your language requires such low level flexibility then your static analyzer won't be doing you much good because it will be screaming about false positives, and if your static analyzer can catch problems, then you are programming in a language that is tied to closely to the hardware, since your semantics allow for constructs that do not make sense in your higher level domain.
Re:Static analysis is the sh-t
on
PMD Applied
·
· Score: 2, Insightful
As someone else said, they do. Rigorously. And with some of the best next-gen lint like tools there are.
As an aside though, I question the sanity of such tools. Why does the language allow you to use constructs that an automated tool could tell you were screwy?!? Shouldn't such practices the tool catches be compiler errors, or at least glaring warnings? It seems to me that the underlying problems lie in the language specifications and the tools are only there as a band-aid.
Connections do not scale exponentially with the number of neurons in natural systems, only in traditional perceptron networks. In natural brains you have distance and crowding between neurons in real space limiting the number of connections and the realistic distance between neurons. So in very small networks you have exponential scaling, but that rapidly saturates and changes to linear scaling (albeit the linear scaling factor is not small... without looking it up I believe it's on the order of 1000-5000.)
Slashdot Mirror
The best one by far is "The Wizard Book"... Structure and interpretation of Computer Programs, or affectionately abbreviated most anywhere as SICP. It's the textbook for MIT's intro to CS class and is available for free on the web; just google for it. If you find it a bit tough to follow, then go to ocw.mit.edu, and you can get all the accompanying lectures and lecture notes from the class to go along with the book... with those it's a breeze to pick up.
The book covers all of the major programming concepts in a very straightforward manner (although I do wish they spent some more time on type theory) and is not too difficult a read at all.
For the record, I do pay for software, Windows included. I just think their distribution channel is outmoded, and it keeps me from using it more, in favor of easier to use and more trustworthy (if imperfect) models. Perhaps Windows Marketplace will address this, but it is woefully underfunded and unsupported at the moment. Microsoft, of all places has the ability to "catch up" and do package management and distribution better than any of it's competitors, yet it is hardly making even a feeble attempt.
Nuff said.
The "big idea" for gentoo is configuration. I can easily configure a system to run as a server, workstation, embedded system, hardware-specific configuration, etc.. even if the configuration needed to do so require source level changes. I need only make a few adjustments to a config file, and the system will build itself accordingly.
The system is not restricted to source-only distribution. There are binaries in the tree, and many more would be welcome, but the demand for binaries just isn't all that great, so they don't get added as frequently (generally only for the packages that take long enough to compile that it annoys people.)
mmmm. Just the thought of Debian, Slackware, Fedora or Ubuntu adopting portage makes me very happy. Imagine all the binaries and stability of the tree that would bring.
It's not like that anymore. Pop in the live CD, double click the icon that says "Install Gentoo". Then sit back and surf the web until it tells you it's ok to reboot into your new gentoo systems. You can still get the old advantages of a stage install by following up with an "emerge -e system || emerge -e world", but it's not the educational experience it used to be.
:)
And I too really liked the old educational experience.. I learned *A LOT* and am much more efficient at problem solving my system because of it. I also am very appreciative of the fact that there is a better way now
Hear hear! We want a darcs /etc!
My God I hate doing etc-updates. That's still my only major complaint with Gentoo.
core2 is unstable gcc though, and I am VERY wary of using an unstable gcc :(
No, the repositories are not bug free. What they are is a cryptographically secure chain from the publisher to the repository, and from the repository to my machine. I can be reasonably assured that the software I install from the repository:
1) Is the software unmodified from it's original source, except for possible patches introduced at the repository level. The only people mucking with this package are the source and the repository maintainers.
2) That the software will install and uninstall in a manner compatible with my configuration.
3) That the software has been tested, at least to some degree, on my platform configuration.
#2 is covered by Microsoft's logo program, so they have part of this covered. #1 is a constant thorn in their side, as they can't even curb Windows OS counterfeiting because there is no secure distribution chain. #3 is less of a problem for windows, being as Windows comes in a very restricted set of configurations.
The biggest issues for MS is point #1, and convenience. Even using portage, with all the applicable jokes as to how long it takes to compile, it is still orders of magnitudes more convenient to install (non-stock) software with portage than with Windows. I see Microsoft doing very little to address this issue.
As for the argument that they would be considered a monopoly, etc. That's their problem. I am an end user and will make my purchasing decisions based primarily on price, functionality and convenience. Whatever excuse they have for being higher priced, less functional and more inconvenient does not matter to me at all in my purchase. The fact remains that I am rarely if ever going to go out of my way to purchase hard media from a non-secure chain when I can get a superior installation securely with the click of a mouse using the competitor's product.
The reason not to use it is that it is a Posix environment hacked onto a non-posix host, when there is a posix host which is more widely tested available for free.
I use cygwin, when I need a kludge to get something done on a Windows client, and yes, it's great software, but it's still a Posix emulation system, and adds a whole ugly layer of complexity. If I found myself relying on cygwin for a dev environment, I would quickly wonder why I don't just get a real host that can do this stuff natively.
And what command (or applet/button, etc..) do I use to install SFU on this Windows machine? AFAIK there is no secure install chain for such things on the windows platform. The only install channel Windows has is Windows update, which is very poorly stocked with any useful software... it tends to be Microsoft's stuff only, and then only the barest essentials + IE + Media Player. Which makes Windows barely a step up in functionality from my gaming console.
If you expect me to just go out on the interweb and install any old binary package I find on a website, then you are friggin nuts. That's the kind of thing people did back in the 90's and is antiquated, insecure, and a PITA to boot. Nobody with half a brain does that these days. All software that goes on my machines is either developed by me, or comes down, cryptographically signed from my distro deployment channels (portage in my case) and is tested and verified within acceptable limits as running on my system, with an integrated bug tracking system I can use to look up or report any bugs for that package on my platform.
So no, Awk and Bash are not available on my Windows boxes without severe hacking. When Windows gives me start->cntrlpanel->add/remove->install Awk, or an equivalent, then I'll accept your point.
Right now, Windows has development tools *if I go get them and insecurely modify my system*, the way my XBox runs Linux *If I go pay someone to chip it for me*... it doesn't.
To paraphrase: Boost on Windows was really easy! I used a Linux emulator and it installed in seconds!
Not a convincing argument. Just sayin'.
Abstaining allows the group pulling the sleaze tactics, like releasing bills 30 minutes before vote, MORE power. The legal system is deny by default, and extremely heavily biased towards killing bills. A congressman, when presented with a bill and insufficient time for they and their staff to research it and it's repercussions should smell something fishy and kill the bill, as a default action, in favor of the status quo. The congressman should be open about this policy, which should deter bills from being released in this manner in the first place.
Now, if the congressman, given a reasonably short bill, and ample time to peruse the bill, simply doesn't do his job of researching it, then he should abstain. But to vote in favor of a bill that you and your staff have not researched is incompetence at best and fraudulent at worst. To allow relying on incompetence and dishonesty of congressman in the whole to continue to be a valid strategy for making law by abstaining or voting affirmative when such tricks are pulled is asinine.
Simple solution:
Any honest congressman, when asked to vote on a bill they have not read for any reason, should vote no. Unfortunately, there are no honest congressmen.
Actually you would NOT have loved testing ATI. Oh, you may think you would, having never done so, but trust me, there is no love there.
/successfully (mostly) running an ATI x1600 under gentoo.
//no love here.
My comment has nothing to do with your solution, but...
As a fellow programmer, I have to put in a plug for using your time at home to learn other languages you don't use at work. Picking a new language and then forcing yourself to do a project in it will seriously make you a better programmer in your primary language, and will make your life much easier at work. When you dive into a language that is substantially different than your original you learn completely new ways to approach problems, many of which you can add to your mental toolbox back in your original language.
Now, as an ASP developer, going home and learning PHP would be a bit of a waste of time as they are pretty much the same, and you wouldn't get much from your pain. But going home and building something in C#, prolog, ruby, python, scheme, haskell, etc... would work miracles in expanding your brain because they are so very different. You may still do all your primary development in ASP, but you will find that you are 10 times the programmer in ASP having learned a couple of completely different ways of approaching programming.
In theory, such a change should not happen. Automatic updates of security patches should occur regardless of WGA status. MS does not want non-genuine machines to end up in bot-networks.
If this happens in practice, I believe it is unintended.
In no case does WGA block security updates. Only things like Media Player and IE upgrades are affected.
Portage isn't obscure you insensitive clod!! ;)
Perhaps it's not a unified packaging system, but rather, a unified repository of meta packages with build transforms to DEB, RPM, Portage, etc packages. The software authors release to this repository, similar to the unified virus database all the antivirus vendors use. The distros pull from the repository and transform it into their native packaging system, making binary builds, changing paths, or whatever. The meta-package would describe what kinds of transforms might be illegal, etc. End distros could filter certain packages as unstable if they cause problems on their particular system, but in general, once software is released into the repository it gets pulled automatically into all the distros.
One can dream...
It's not generally an issue of "can it be done?" It's often an issue of doing it cleanly and conveniently. For instance, on my Gentoo box, I can do a source install, which leaves the /usr, /usr/local, and sometimes /var trees in a state that is not cleanly managed by portage. Installing to my home directory is not always appropriate.. the "right" way to do it is to use an overlay, which is generally way more work and takes more specialized knowledge on my part than I am willing to expend.
I agree that there will always be classes of bugs that cannot be solved by language design. The halting problem is the classic example of this. However, if the static analysis tool can determine that the code you wrote is not in a subset of possible code you probably meant to write, then it seems perfectly reasonable that you can construct a syntax in which only programs lying in the subset of programs you mean to write are expressible, or at least a syntax that maps them closely enough that a static analyzer won't be able to determine the bugs. For instance, adding 2 strings together is generally not meaningful, so the compiler in most languages statically checks for this possibility using a type system. Such static analysis could conceivably done by an external tool, but I think we would agree that said tool only masks a deficiency in the compiler.
In the most trivial realization of what I am saying, you could simply merge the syntactic analyzer with the compiler, in which case you have augmented the compiler. I think it is possible to go much further in constraining the syntax of the language itself though. Extremely strongly typed languages like ML and Haskell do this for instance.
Basically, in the end, I think that if there is near universal consensus on what is a "bad thing to do" in such and such a language, and such a thing can decidably be picked up by a static analyzer, then it points to a deficiency in the language, and by not patching it up, forces the users of the language to use external tools to catch the issue instead of a better compiler.
A language need only be as flexible as its problem domain requires. Many make systems are not even Turing complete (I think GNU Make is) but that doesn't make them non-useful! Java abstracts away pointers and forces you into an OO-only paradigm, but that lack of flexibility shelters you from a large class of bugs while retaining enough flexibility to solve a great range of problems. (Please don't confuse this statement as a personal endorsement of Java :)
Without even getting into non-mutable semantics, we know a few techniques that are widely recognized and used to reduce the very errors linters check for such as strong static typing, garbage collection, RAII and stack frame oriented destruction, message passing, etc... It is my premise that if the linter can catch any bugs at all in your semantics, than it is very likely you are programming using constructs that are too low level for your problem domain in the first place. If the linter only picks up false positives, then you are using the right level of abstraction, but you also have no use for the linter.
You aren't. But I doubt a static analyzer is going to catch that either.
By abstracting away the mutation. You can do this with C++ RAII, or Monadically, or any number of other ways.
We will always need device drivers. C and ASM are great for that, no question about it. On the other hand, when programming higher level components, why do we insist on using a set of semantics designed for programming directly to hardware? My point being that if your language requires such low level flexibility then your static analyzer won't be doing you much good because it will be screaming about false positives, and if your static analyzer can catch problems, then you are programming in a language that is tied to closely to the hardware, since your semantics allow for constructs that do not make sense in your higher level domain.
As someone else said, they do. Rigorously. And with some of the best next-gen lint like tools there are.
As an aside though, I question the sanity of such tools. Why does the language allow you to use constructs that an automated tool could tell you were screwy?!? Shouldn't such practices the tool catches be compiler errors, or at least glaring warnings? It seems to me that the underlying problems lie in the language specifications and the tools are only there as a band-aid.
Connections do not scale exponentially with the number of neurons in natural systems, only in traditional perceptron networks. In natural brains you have distance and crowding between neurons in real space limiting the number of connections and the realistic distance between neurons. So in very small networks you have exponential scaling, but that rapidly saturates and changes to linear scaling (albeit the linear scaling factor is not small... without looking it up I believe it's on the order of 1000-5000.)