Maybe so, but most people will not be able to pay for your wife's translation. Or maybe your wife would be willing to translate my web pages? At 4 o'clock in the morning?
Since expressions change, and since there is slang, and since language is in some respects an art, your wife's job will be safe for the moment. But for texts that do not need to be exact, a computer would do fine. First of all, we need language to be understood - the necessity of for instance interpunction or good speling or fluent sentences etc comes second
But we are building a huge tower of babel at this moment (it's called the world, and it is indeed far from a tower literally speaking). Some additional translations won't hurt.
It will take some time until everybody speaks English sufficiently.
No, you are referring to the startup time of the VM. Once started, the memory pages will have settled and the response gets better and better. The same thing happens when you use the menu's the first time. Once the classes have loaded, the program has fine responsiveness. Actually, you can preload classes with Java, but not too many developers use that particular feature (it will add to the startup time anyway).
IMHO, the Java VM should be loaded at startup, and a single VM should be used to launch multiple applications. When used like that (together with an efficent GUI startup process) much of the gripe against Java applications should be gone. Obviously the firewalling between programs should be maintained. Alas, this is not currently so.
To come back to freenet: it doesn't incorporate a GUI in normal use (using the web interface is not the same as launching a Swing application) and for networking speed: the speed of the connection will be the bottle neck, not the Java application.
It must be said that the current implementation will scare away programmers that are looking towards efficency. For most programs you should n't though. Look at the architecture before trying to get something more efficient by changing languages.
ps. for an ample showcase of efficiency, try Eclipse from IBM. Check the features first before posting though.
I wondered when somebody would mention the technical advantages of DVD+R and DVD+RW. There are good reasons why Philips and partners have taken a different route.
Mount rainier support could - when implemented correctly (grumble grumble, stupid writer programs cannot get _anything_ right) revolutionize the PC world. Finaly a large size format that you can burn easily and take to friends, modify and take back.
Maybe the DVD-R is slightly more compatible and more cheap, but are we going to make the VHS mistake all over again? With the next protocol already?
This is incorrect. For networking related stuff, Java is efficient. It will use some more memory, and it will use (a bit more) CPU power but there are many reasons to go with java for such a project:
- easier language to pick up / understand (this is a collective effort) - little to no chance of buffer overruns, making the node much safer against attacks) - runs on Linux, Apple, Sun, Windows, FreeBSD without - any - porting - java was more or less created with projects like these in mind, so most functionality will be readily available in the default libraries
Nowadays CPU and memory are commodities that can easily be come by. I see it taking about 32 MB right now, but that is out of a single 512 MB pool that can be upgraded to 1 GB for virtually free. My processor usage is max 25%, but note that the freenet guys set the priority to low themselves.
Java means a shift to better programming, with better runtime information and safer programs. This will take CPU and memory, but this is an offer you should consider very well.
This same discussion went on between assembler and C programmers. Look at it now. I think the progress of object oriented, garbage collecting, more secure platforms are as important as that paradigm shift.
In the meantime, get a day job and work on your project in your off hours. That's all the funding I've needed so far.:-)
And make sure you don't go to far concerning those off-hours or you will lose your job (working late on my project:).
I am myself programming some nice Java to be GPL'ed packages (the Eclipse IDE makes this real fun to do) . They will aid me in getting a better resume.
If your projects grows, you might want to add additional workforce. In this case you need enough exposure to attract developers. Once you've got enough exposure, you might sell services and product around your package. Products that use GPL'ed code don't have to be GPL'ed themselves. And you are the expert.
If you can not get enough exposure: well, bad luck. Obviously nobody is waiting for your product, or is interested enough to help. Keep it as a pet project, or for enhancing your resume, but don't expect any money to roll in.
I agree with the poster that the money you need for infrastructure is mostly zip (if you use other GPL'ed products obviously). Stay away from Microsoft, or you _will_ need funding.
Dunno. My ISP either drops the spam in another POP3 address, throws it away or changes the subject line.
Now once in a while I check my spam POP3 address for positive emails. Say once a month. 99 % of that spam is easily identified, once and a while there is indeed a mailinglist on it though.
Easily remedied this way.
Warper
BTW I don't want mail from "unknown" IP adresses delivered one hour late. Especially not work related mail.
Phew, it wasn't on the product, but it was on the web page, including logo and 480 Mbit/sec specification. My High-Speed USB memory stick provided a good enough indication anyway. Shame about the slowness of the flash-ROM on it.
I mean, just because the industry has been kind it doesn't mean that it will be kind forever. What is happening to you will be happening to more and more people if you won't start reacting. And reacting alone is not a good idea, so you've got to organize.
Now, you've probably have a well paid job, and your conditions will not be like 19xx with x
Besides that, I don't think you can actually work the hours you specify and deliver a good product.
Good luck, glad I have my 36 hour working week (note: with not that great a salary, but you'll have to choose),
Real change needs to happen from within, and can only happen when the people are willing to work for it. No amount of relief is going to make a difference in the long run against superstition and bigotry.
And if they are not submitted to high loans from 1st world banks, export restrictions (import restrictions for you), dictators that are helped by these countries in return for natural resources etc. etc. etc.
With "all" the aid given by 1st world countries, most money still flows the wrong way. Just asuming that if people want to work for it, their world will be a better place is horribly wrong.
There are a lot of people that want to improve their situation but can't. Thank god you're not one of them, and if you've any heart, provide some help to people that want to create a better life.
Warper
True capitalism is a myth.
Correct. However, with the latest refresh rates you will probably see even more fingers.
The.22 is more important for scrolling and gaming. Though I think that they will initially used mostly for presentations. Powerpoint does not need 1600 x 1200 imho.
Warper @ 100 Hz
This is very much a mathematical problem. There are actually systems that prove that a system does what it should do. These are even being build into automated systems nowadays.
Unfortunately not every mathematical proposition can be proved. It also takes a lot of time to do the actual proving. And last but not least: if the end state is wrong (human error again, for instan ce), you still have a problem. You might even break working code:).
Another problem is that the computer does not know what the developer wants it to do. So if it is programmed to do something wrong, it can never tell that it's wrong.
The imperfect solutions are to use the latest techniques (e.g. process based rights), to create a good design first, to not forget a good security design within that design (IE anyone?), and not to focus on performance before good programming practices (like, use bounds checking, buffer overrun anyone?).
Does it come with a printer? It would be really usefull as a backup stash of paper. I love using the printer paper stash when I am out of paper at the office...
And wiping your ass with the MSN site might be fun for just once (ouch).
Yep, that should do it. You left your web content thingy on in explorer. This is the same as leaving preview pane on in OE or Outlook. Start up -> crash. Try to delete -> crash.
Use a command prompt or use the classic view (recommended) to solve this problem. The current problem with Microsoft is the way it is integrating things in Windows. IE in OE and Explorer must be the single stupidest thing they did in times. Note that others are following suit though.
What they _should_ have done was creating an HTML viewer that is not script, and forms enabled. Now with the modular xhtml modules, that should be fairly simple to do. Then they could just use the module with the limited functionality (read: the one that is less likely to crash).
Actually, they tried to build a Smartcard OS once themselves, and failed. But no worries, they still have the mobile phone, pda, touchscreen and - last but not least - the gaming industry to play around with.
---
boolean sig = false;
a full programming environment? No, not that but it does contain a JVM (java virtual machine). A stripped JVM, but a JVM still.
The ID is definately the most important, as are the data structures on the card. However the ability to update applications withouth a real thread to security is what Javacard is all about. See the GlobalPlatform specification for the techinical information (you're a slashdotter, you'll find it).
You would not want it to store large amounts of data, it can't. It can be used as a paying device though. And the digital ID part itself obviously.
This card is not aimed at businesses but at citizens wanting access to online and offline services. --- boolean sig = false;
Therefore they might use OCSP. However, this requires an always on connection.
You don't have to crack paladium if the signed code is unsafe. With the latest virtual machines most code has bounds checking enabled (like Java) so buffer overruns will be more difficult to find.
It is actually possible to make palladium very safe in my opinion. Which opens a whole new playing field, with a lot of good and bad patches.
They could just build in a hidden serial number (encrypted with a public or symetric key). If it gets distributed they could look up the number and disable the account. The game would run fine, so hackers probably would not target it (though removal could be very simple).
Though Paladium is an interesting idea (I work in IT security) that needs to be evaluated, I don't think that it addresses some major issues:
* buffer overflows: even if you program really really tight with programming languages like C++ you will leave some holes. Check the number of security issues involved with buffer overflows and you will know.
* application security: in the current state any game can overwrite your complete hdd. Does it need full access? To the drive? To the internet? Should it be able to completely take over your computer (keyboard, mouse, video processor etc?)
* a security design that works: internet explorer with system rights, numerous holes and friendly email trigger system for instance is not high on my "best security designs" list
Neither of these points are addressed with Paladium I think.
Furthermore, signing/encrypting code is a nice way to show your trust in software, but how are you going to establish that trust? I mean, MS can not hold it's own with certain signed dll's that are "scripting enabled". Maybe they should ask for Open Source code, so they can check that no problems like the three mentioned above can occur?
Currently if you send MS your sw, I do not think they test ANYTHING, they just sign. If someone malicious is sending them some proprietary code, they will probably sign it without thinking.
All in all, Paladium is MS way to solve their own problems. And those of the entertainment and software industry in one strike. They think.
Maarten
ps. will laugh my ass off when an offline machine needs to safely run code with Paladium
pps. and when patches will go out late because they need to be signed first (and probably then tested)
Yeah. Thats correct. For a good plain text explanation look it up on the Netscape site. FTP is hell for firewalls (I wrote one). With active FTP you need active filtering on the client side, with passive ftp you need to open a whole range of high ports. If you have a cheap router (on the client side) your NAT connection limit may be reached too.
As an addititional note: normally you can set which ports the passive ftp clients may connect to in the ftp server configuration. Then you only need to open these specific (>1024) ports.
And to top it off: I would use HTTP. Only one connection needed, more (and probably easier to understand) configuration options, better for firewalls, resume also available (mozilla, getright, wget etc), binary stream so not too much overhead, authentication options, encryption....well that should be enough for now.
Warper
ps. pro ftp: filesystem: segmented downloading, searching archives, linking into filesystems, getting file information etc. etc. etc.
Yeah. Thats correct. For a good plain text explanation look it up on the Netscape site. FTP is hell for firewalls (I wrote one). With active FTP you need active filtering on the client side, with passive ftp you need to open a whole range of high ports. If you have a cheap router (on the client side) your NAT connection limit may be reached too.
As an addititional note: normally you can set which ports the passive ftp clients may connect to in the ftp server configuration. Then you only need to open these specific (>1024) ports.
And to top it off: I would use HTTP. Only one connection needed, more (and probably easier to understand) configuration options, better for firewalls, resume also available (mozilla, getright, wget etc), binary stream so not too much overhead, authentication options, encryption....well that should be enough for now.
Warper
ps. pro ftp: filesystem: segmented downloading, searching archives, linking into filesystems, getting file information etc. etc. etc.
Maybe so, but most people will not be able to pay for your wife's translation. Or maybe your wife would be willing to translate my web pages? At 4 o'clock in the morning?
Since expressions change, and since there is slang, and since language is in some respects an art, your wife's job will be safe for the moment. But for texts that do not need to be exact, a computer would do fine. First of all, we need language to be understood - the necessity of for instance interpunction or good speling or fluent sentences etc comes second
But we are building a huge tower of babel at this moment (it's called the world, and it is indeed far from a tower literally speaking). Some additional translations won't hurt.
It will take some time until everybody speaks English sufficiently.
No, you are referring to the startup time of the VM. Once started, the memory pages will have settled and the response gets better and better. The same thing happens when you use the menu's the first time. Once the classes have loaded, the program has fine responsiveness. Actually, you can preload classes with Java, but not too many developers use that particular feature (it will add to the startup time anyway).
IMHO, the Java VM should be loaded at startup, and a single VM should be used to launch multiple applications. When used like that (together with an efficent GUI startup process) much of the gripe against Java applications should be gone. Obviously the firewalling between programs should be maintained. Alas, this is not currently so.
To come back to freenet: it doesn't incorporate a GUI in normal use (using the web interface is not the same as launching a Swing application) and for networking speed: the speed of the connection will be the bottle neck, not the Java application.
It must be said that the current implementation will scare away programmers that are looking towards efficency. For most programs you should n't though. Look at the architecture before trying to get something more efficient by changing languages.
ps. for an ample showcase of efficiency, try Eclipse from IBM. Check the features first before posting though.
Thank you!
I wondered when somebody would mention the technical advantages of DVD+R and DVD+RW. There are good reasons why Philips and partners have taken a different route.
Mount rainier support could - when implemented correctly (grumble grumble, stupid writer programs cannot get _anything_ right) revolutionize the PC world. Finaly a large size format that you can burn easily and take to friends, modify and take back.
Maybe the DVD-R is slightly more compatible and more cheap, but are we going to make the VHS mistake all over again? With the next protocol already?
Cmon guys, vote for the better one of the two!
This is incorrect. For networking related stuff, Java is efficient. It will use some more memory, and it will use (a bit more) CPU power but there are many reasons to go with java for such a project:
- easier language to pick up / understand (this is a collective effort)
- little to no chance of buffer overruns, making the node much safer against attacks)
- runs on Linux, Apple, Sun, Windows, FreeBSD without - any - porting
- java was more or less created with projects like these in mind, so most functionality will be readily available in the default libraries
Nowadays CPU and memory are commodities that can easily be come by. I see it taking about 32 MB right now, but that is out of a single 512 MB pool that can be upgraded to 1 GB for virtually free. My processor usage is max 25%, but note that the freenet guys set the priority to low themselves.
Java means a shift to better programming, with better runtime information and safer programs. This will take CPU and memory, but this is an offer you should consider very well.
This same discussion went on between assembler and C programmers. Look at it now. I think the progress of object oriented, garbage collecting, more secure platforms are as important as that paradigm shift.
Warper
Well, they do not have to be convicted right away. Maybe somebody will ask what the hell they were doing there first.
I am myself programming some nice Java to be GPL'ed packages (the Eclipse IDE makes this real fun to do) . They will aid me in getting a better resume.
If your projects grows, you might want to add additional workforce. In this case you need enough exposure to attract developers. Once you've got enough exposure, you might sell services and product around your package. Products that use GPL'ed code don't have to be GPL'ed themselves. And you are the expert.
If you can not get enough exposure: well, bad luck. Obviously nobody is waiting for your product, or is interested enough to help. Keep it as a pet project, or for enhancing your resume, but don't expect any money to roll in.
I agree with the poster that the money you need for infrastructure is mostly zip (if you use other GPL'ed products obviously). Stay away from Microsoft, or you _will_ need funding.
Stage to what? If people don't want you there, STAY AT HOME!!! Can't you take a hint?
Ignoring world domination for the moment? How are you trying to accomplish that? I wish you could.
Warper
If you think of the percentage of people who actually speak up if something bad actually happens to them then that is a serious number.
:)
This even does not take into acount the number of people this happened to and who did not guess that the laptop was the crulpit.
Of course, if the shock is big enough it will be hard to speak up too, but I hope someone else will then do this for them
V293LCB5b3UgaGF2ZSBkZWNyeXB0ZWQgbXkgc2lnLgo=
Dunno. My ISP either drops the spam in another POP3 address, throws it away or changes the subject line. Now once in a while I check my spam POP3 address for positive emails. Say once a month. 99 % of that spam is easily identified, once and a while there is indeed a mailinglist on it though. Easily remedied this way. Warper BTW I don't want mail from "unknown" IP adresses delivered one hour late. Especially not work related mail.
Warper
See the usb.org site for the pictures.
Warper (taking a look at his new USB 2 HUB...)
I mean, just because the industry has been kind it doesn't mean that it will be kind forever. What is happening to you will be happening to more and more people if you won't start reacting. And reacting alone is not a good idea, so you've got to organize.
Now, you've probably have a well paid job, and your conditions will not be like 19xx with x Besides that, I don't think you can actually work the hours you specify and deliver a good product.
Good luck, glad I have my 36 hour working week (note: with not that great a salary, but you'll have to choose),
Warper
And you think that by slashdotting your ISP this connection will be improved?
Warper
Correct. However, with the latest refresh rates you will probably see even more fingers. The .22 is more important for scrolling and gaming. Though I think that they will initially used mostly for presentations. Powerpoint does not need 1600 x 1200 imho.
Warper @ 100 Hz
Hi,
:).
This is very much a mathematical problem. There are actually systems that prove that a system does what it should do. These are even being build into automated systems nowadays.
Unfortunately not every mathematical proposition can be proved. It also takes a lot of time to do the actual proving. And last but not least: if the end state is wrong (human error again, for instan ce), you still have a problem. You might even break working code
Another problem is that the computer does not know what the developer wants it to do. So if it is programmed to do something wrong, it can never tell that it's wrong.
The imperfect solutions are to use the latest techniques (e.g. process based rights), to create a good design first, to not forget a good security design within that design (IE anyone?), and not to focus on performance before good programming practices (like, use bounds checking, buffer overrun anyone?).
Warper.
Pointers are as bad as the goto statement...
Does it come with a printer? It would be really usefull as a backup stash of paper. I love using the printer paper stash when I am out of paper at the office...
And wiping your ass with the MSN site might be fun for just once (ouch).
Yep, that should do it. You left your web content thingy on in explorer. This is the same as leaving preview pane on in OE or Outlook. Start up -> crash. Try to delete -> crash.
Use a command prompt or use the classic view (recommended) to solve this problem. The current problem with Microsoft is the way it is integrating things in Windows. IE in OE and Explorer must be the single stupidest thing they did in times. Note that others are following suit though.
What they _should_ have done was creating an HTML viewer that is not script, and forms enabled. Now with the modular xhtml modules, that should be fairly simple to do. Then they could just use the module with the limited functionality (read: the one that is less likely to crash).
MB
Actually, they tried to build a Smartcard OS once themselves, and failed. But no worries, they still have the mobile phone, pda, touchscreen and - last but not least - the gaming industry to play around with. --- boolean sig = false;
a full programming environment? No, not that but it does contain a JVM (java virtual machine). A stripped JVM, but a JVM still.
The ID is definately the most important, as are the data structures on the card. However the ability to update applications withouth a real thread to security is what Javacard is all about. See the GlobalPlatform specification for the techinical information (you're a slashdotter, you'll find it).
You would not want it to store large amounts of data, it can't. It can be used as a paying device though. And the digital ID part itself obviously.
This card is not aimed at businesses but at citizens wanting access to online and offline services.
---
boolean sig = false;
Therefore they might use OCSP. However, this requires an always on connection.
You don't have to crack paladium if the signed code is unsafe. With the latest virtual machines most code has bounds checking enabled (like Java) so buffer overruns will be more difficult to find.
It is actually possible to make palladium very safe in my opinion. Which opens a whole new playing field, with a lot of good and bad patches.
Have you seen my sig?
They could just build in a hidden serial number (encrypted with a public or symetric key). If it gets distributed they could look up the number and disable the account. The game would run fine, so hackers probably would not target it (though removal could be very simple).
Just a thought.
Maarten
Though Paladium is an interesting idea (I work in IT security) that needs to be evaluated, I don't think that it addresses some major issues:
* buffer overflows: even if you program really really tight with programming languages like C++ you will leave some holes. Check the number of security issues involved with buffer overflows and you will know.
* application security: in the current state any game can overwrite your complete hdd. Does it need full access? To the drive? To the internet? Should it be able to completely take over your computer (keyboard, mouse, video processor etc?)
* a security design that works: internet explorer with system rights, numerous holes and friendly email trigger system for instance is not high on my "best security designs" list
Neither of these points are addressed with Paladium I think.
Furthermore, signing/encrypting code is a nice way to show your trust in software, but how are you going to establish that trust? I mean, MS can not hold it's own with certain signed dll's that are "scripting enabled". Maybe they should ask for Open Source code, so they can check that no problems like the three mentioned above can occur?
Currently if you send MS your sw, I do not think they test ANYTHING, they just sign. If someone malicious is sending them some proprietary code, they will probably sign it without thinking.
All in all, Paladium is MS way to solve their own problems. And those of the entertainment and software industry in one strike. They think.
Maarten
ps. will laugh my ass off when an offline machine needs to safely run code with Paladium
pps. and when patches will go out late because they need to be signed first (and probably then tested)
Yeah. Thats correct. For a good plain text explanation look it up on the Netscape site. FTP is hell for firewalls (I wrote one). With active FTP you need active filtering on the client side, with passive ftp you need to open a whole range of high ports. If you have a cheap router (on the client side) your NAT connection limit may be reached too.
As an addititional note: normally you can set which ports the passive ftp clients may connect to in the ftp server configuration. Then you only need to open these specific (>1024) ports.
And to top it off: I would use HTTP. Only one connection needed, more (and probably easier to understand) configuration options, better for firewalls, resume also available (mozilla, getright, wget etc), binary stream so not too much overhead, authentication options, encryption....well that should be enough for now.
Warper
ps. pro ftp: filesystem: segmented downloading, searching archives, linking into filesystems, getting file information etc. etc. etc.
Yeah. Thats correct. For a good plain text explanation look it up on the Netscape site. FTP is hell for firewalls (I wrote one). With active FTP you need active filtering on the client side, with passive ftp you need to open a whole range of high ports. If you have a cheap router (on the client side) your NAT connection limit may be reached too. As an addititional note: normally you can set which ports the passive ftp clients may connect to in the ftp server configuration. Then you only need to open these specific (>1024) ports. And to top it off: I would use HTTP. Only one connection needed, more (and probably easier to understand) configuration options, better for firewalls, resume also available (mozilla, getright, wget etc), binary stream so not too much overhead, authentication options, encryption....well that should be enough for now. Warper ps. pro ftp: filesystem: segmented downloading, searching archives, linking into filesystems, getting file information etc. etc. etc.