The "extremely low temperatures" for good room-temperature conductors to become superconductors is lower than you can achieve by using cryogenic liquids at atmospheric pressure, or even by achievable lower pressures. Liquid He boils at ~4K at 1 atm. Liquid H2 boils around 20K.
Aluminum becomes superconducting at about 1.19 K at zero magnetic field. Cu, if it superconducts at all (I vaguely recall someone reaching this point, but I'm not sure), has a critical temperature in the millikelvin range or lower.
To clarify: 1) liquid helium is *colder* than liquid hydrogen. 2) don't worry about good conductors becoming superconducting without a low-temperature physicist involved.
Now you can get back to discussing other topics you don't understand.
My favorite part was controlling the attack robots from a single "mother ship" where the main reactor was conveniently placed right next to the front door. Obviously designed that way, of course, so that it could be blown up by a novice pilot just learning the controls of his ship.
It could be that laproscopic surgery is basically done over a video link anyway, as opposed to lancing a boil, which is typically done using the naked eye. Since the laproscopic surgeon is just looking at a video monitor and manipulating the surgical apparatus through mechanical linkages, the leap to telesurgery is much smaller. It doesn't really matter if the mechanical linkages and video feed end on another continent or not.
IANACPA. However, I do know that losses don't have to be "money going out the door." It could be money that went out the door last year to buy a company, and now the excess you paid over the target company's tangible assets (goodwill) is being amortized away. It could be depreciation of assets, including inventory becoming "worthless" (i.e. accounting principles forbid fantasizing about selling something more than a certain age. In software, that probably is fantasy, but in real industry, that could be a two-year-old widget, which you might be able to sell for 5% original retail, still more than 0.)
All of these are important accounting principles, basically forcing a consistent, conservative approach to valuing assets, instead of allowing everyone to make up their own favorable way to account for what they own.
However, none of these involve cash leaving the company in this quarter. You are confusing "cash flow" with "profit/loss".
Still, I agree with the basic sentiment that profits are better than losses, and I'm still skeptical that RH will have any profitable business in the future.
This headline's use of "production environment" is somewhat misleading. The story refers to this technology being used to fabricate a single replacement part for a machine used on a production line. Out of a non-standard but acceptable substitute material.
To me, "production environment" would be using the machine, full-time, producing parts that end up in customer's hands. That may be happening, for some parts, somewhere, but it isn't what the story is talking about.
And for the rest of you, this isn't Star Trek replicator technology. Get a grip.
Don't bother waiting for anti-matter to be used for energy production. The techniques for producing anti-matter are exceedingly inefficient. A staggering amount of power is used to produce piddling amounts of antimatter in particle accelerators.
Furthermore, even perfectly efficient generation of antimatter would use as much energy to produce the antimatter as is recovered by its annihilation. (I.e., energy is conserved.) Just use the energy you were going to use to make antimatter, and use it for whatever you were going to use the antimatter for. Simply omit the antimatter step.
Look, who has time to reproduce well-established results? You don't get published (i.e., get ahead in science) for "I did the same thing that he did six months ago, and the results pretty much agreed." You have to do something new enough to be worth publishing. Which means once you read something in a quality journal, you cross it off your list of things to do. If you were working on a very similar project, you say "We got scooped, let's move on" or you figure out some way in which your experiment improves on the result, or that your results look different, in which case you start a controversy.
If one has to reproduce every experiment one reads about to make sure it actually was done right, then one would never get anything done.
As far as knowing whether the experiment is "true" or not, I can guess pretty easily that this guy was ignoring some ordinary effect which disturbed his apparatus. Who knows what it is? In a peer-reviewed journal, somebody experienced in GR experimentation would look at the paper, and ask the pointed questions "discuss the vibration isolation of your experimental apparatus...include results for intermediate distances" he or she felt were necessary to answer before the article would be published in the journal.
But without peer review, nobody can require him to pin down essential details of the work. So the paper is useless. You can't even figure out what he probably did wrong.
The point of a journal like Physical Review is that I can look back over the last 20 years to determine what work has been done, and have confidence that it maybe wasn't complete crap, without having to actually repeat all of the experiments.
Numerical Recipes is problematic.
See http://math.jpl.nasa.gov/nr/ parts of which are probably unfair, as it is mostly about the first edition, and some of it looks like "pilot error", but overall this doesn't generate confidence.
Their code generally sucks (loops in the wrong order, lots of variables with names like ii, h, jj, excess allocation,...) and is often buggy.
The authors (admittedly) are not experts in the field of numerical computation.
The book best serves as a travel guide to a reasonably large subset of the field of numerical computations. When you actually arrive at the destination, you recognize that the guide got some parts wrong, but you feel more comfortable having read it.
Try the Guide to Available Mathematical Software
http://gams.nist.gov/ or netlib http://netlib.org/ instead.
No, I'm sorry. The concept of peer review is that peer review happens *before* publication. That way, when you read a serious journal, you know that at least a couple scientists familiar with the specialty read the paper, and any objections they had were dealt with to their satisfaction. Essentially, it's probably good enough to serve as the basis for further work.
It might still be wrong, in the end, when further work finds some hidden or subtle error, or that the experts in the fields were still confused at the time, but for now, its worth considering to be tenatively true.
Without peer review, you have to rely on your own gut feeling to tell whether something published is totally bogus, questionable, or likely to contain basic errors. In your own subfield, you might trust your gut, as well as your impression of the authors based on their previous work or on your having met them. Outside your field, it becomes much harder to tell.
The problem with "publishing is enabling peer review" is that any review that happens afterward doesn't get attached, so you can't find out from the original document what other people thought about it. This is even a problem in peer-reviewed journals; lots of theoretical papers have typos or errors, and some of them even get published in later comments or errata, but who has the time to look for errata for every journal article that you look up?
Re: "directed right at us"
on
Optical SETI
·
· Score: 1
The way this would work is that the sender would flash his laser at any reasonably nearby star. There aren't *that* many close by. Then, just make sure diffraction spreads the beam to a width of a few AU. It's not so unlikely a hit. Plus, he'll flash us a few times just for good measure, maybe over a period of years.
No, what I am saying is that we ought to defend against threats according to their real likelihood, and the real costs of the defense.
We assembled an extremely (multi-trillion dollar) expensive nuclear deterrent against the real threat posed by the Soviets (domination in Europe through intimidation of the US) who had thousands of missiles. That's proportionate. Spending hundreds of billions of dollars on something that has to run 24-7 around the world to protect against something that is just not likely to happen is not. That's even before considering the technical obstacles (e.g. anti-simulation decoys) that could make mid-course BMD fail in realistic cases anyway.
If someone suggested we give billions of dollars to Tinkerbell to sprinkle pixie dust on the continental US to protect us from rogue states, they would be laughed at. So far, the proposed defenses don't amount to much more. It will take years of testing to prove otherwise.
Are you seriously suggesting that the former USSR would sell ICBM's to the highest bidder? With targeting information? It's hard to believe the US wouldn't be able to identify the hardware by satellite imagery, and link it to the source. How could they be sure they weren't going to end up in the hands of Chechens, or some such? And why wouldn't they also sell sophisticated decoys to defeat BMD?
I think Bin Laden is happy with things pretty much at the current level. Low enough that he can still raise funds and get protection from sympathetic Muslims, high enough to remain a hero to anti-Americans everywhere. Killing thousands of innocents on American territory would be beyond what the regional governments would tolerate. Killing hundreds while attacking infidel incursions into Muslim regions is more acceptable.
Ballistic missile defense against ICBMs is just a 21st century Maginot line. How many ballistic missles have been launched in anger against US territory? Zero. How many people have been killed by truck bombs or small-boat bombs against American targets abroad? Hundreds.
The use of small terrorist cells to strike soft American targets abroad serves the purpose of rogue states much better than a clearly visible missile attack. Can the US retaliate for the bombing of the Cole? Only if we can figure out who did it. In the meantime, our influence is reduced in the Middle East because any U.S. military or diplomatic staff is reduced for security reasons.
If Iraq launched a ballistic missile against the US with a weapon of mass destruction, we'd have a clear-cut casus belli, and could immediately embark on the military destruction of Saddam's regime. Fund a few wackos to sail a bomb-laden raft to the USS Cole? The US suffers a huge black eye and is reduced to complaining to the Yemenis that they aren't letting us investigate properly.
For those of you too ignorant to remember, the Maginot line was a massive fortification France erected along the Franco-German border before WWII. It did hold up for a pretty long time against the eventual German attack. Unfortunately, that defensive effort took place while the main German force swept to Paris through the Low Countries, simply bypassing the Line.
Especially developed tests did confirm that a source of random errors is an error in execution of the 'SELECT' with 'ORDER BY' (sorting by) statement by the Microsoft SQL Server in version 6.5....Microsoft did confirm a presence of this software flaw. This flaw has been filed by Microsoft as flaw No. SRX000403600845.
one more flaw has been detected in the SQL Server 7.0. This flaw has been recognized by the Microsoft and filed as flaw No. SRX000727603512. Principal modifications introduced by the Microsoft in SQL Server 7.0 which are relating to the data security and data protection in a Database, and presence of the said flaw, are considered as creating a direct threat to data security and data protection in the SQL Server 7.0 Databases.
.....end of quotes.....
Also note use of modifications, plural, in considering the security threat, not just the bug reported.
The way I read the memo to Blair, it seems that the Russians didn't want to upgrade to 7.0 because, even if that query bug had been fixed, too much had changed in the security features of SQL Server (including the bug they reported) to be confident that they wouldn't be inadvertantly opening a new security hole. I don't know enough about SQL Server to say.
Notice that MS spokesperson is very careful to say that "Only under circumstances (where) the site (had) no password could anybody get to it." Which to me says only that the password protection prevents the underlying flaw from being "usefully" exploited, not that the flaw is the lack of password itself, as many posters have accused.
Your use of the term "system" indicates to me that you have an incomplete definition, that makes your whole point dangerous.
One of the key principles of engineering is that a complex system can be produced by combining well-defined elements of lesser complexity. By restricting the design process to a higher level of abstraction, one can successfully design systems that, as a whole, are beyond human comprehension. That design process depends on the accurate modelling of the component pieces. If one of those components doesn't perform according to spec, then the system can fail, even though the design is sound.
One designer's system is the next designer's component. Consider one component telling the other component to do something, according to spec, and the second component fails to do it. That's not "the system" (i.e. the overall design concept) failing. That's the "component" failing. There's a world of difference between the two.
To the database programmer, MS SQL server is part of the system. A SQL query is "telling the system what to do." If the result of the query is incorrect, the system *didn't* do what it was told, no matter how much you may gainsay it.
Your argument absolves everyone from responsibility. "I told the system to calculate 2+2, and it told me 5. I guess + doesn't mean what I thought it means. Stupid me."
I don't care if it was tongue-in-cheek, your remark suggested a lackadaisacal attitude to engineering principles. I hope you think it is funny next time you fly in an airplane---after all, if it crashes, it must have been told to do so, right?
From what I can gather from the memo written by the Russians, it is indeed an intermittent bug; the same query run against the same data returns results of differing completeness.
I think your argument about SQL server being used "SO much" is misleading. I believe it is no accident that this incident happened at the Kurchatov Institute, where you have very smart people addressing a serious problem essentially without time-to-market pressures. The priority at the Institute is geared almost completely toward the integrity of their operation, not toward "get this web site running ASAP." In a typical dot-com or non-critical business application, no one is paying close enough attention to notice these 1 in a 1000 bugs, or they are overwhelmed by the 1 in 10 bugs in their own code. How many MS SQL Server users are comparing their results to a parallel paper-and-pencil legacy system?
I find it far more likely that there are bugs in SQL server than in the KI code. The KI people obviously put forth serious effort to isolate the problem and to diagnose it. And they aren't stupid.
As for the sin() example, what I was hinting at is that sin() call embedded into a more complicated calculation. At some level, I have to have confidence the sin() call is actually calculating the sin(). Otherwise, the effort to validate everything down to 10 significant figures in, say, a few thousand iterations of a simulation is simply beyond human capacity. Many times, a computer is being used simply because it would take lifetimes of calculation for a human to know what the answer should be. There is no way to thoroughly audit that. You can run a few sanity checks, and rigorously check your own code, but you really are depending on your vendor.
So when Intel's FMUL routine produces an incorrect result, that's not a bug?
Funny, the C programmer asked to multiply two numbers. The programmer of the C compiler told the computer to emit instructions that multiply two numbers. But somehow, the numbers don't get multiplied correctly. We can just say "some Intel designer gave the instructions to the processor, and the processor is just doing exactly that." That is a pretty useless position to take. I don't want a computer to do what some designer mistakenly told it to do. I want it to do what the documentation says it should do, and I want it to do what I have told it to do. And when it doesn't, someone is at fault. That's a bug.
No, the scenario is that a complicated query did *not* return correct results from the database, under certain conditions which are probably still not determined. That is, the bug was not in the SQL, but in the result returned by the database to the SQL query. No amount of auditing of the SQL code would have caught the problem. The code at fault was in Microsoft's domain.
If I ask for sin(0.5) and get 0.479425549 am I really expected to determine that there is a bug in the sin() routine? Or can I reasonably expect that whoever wrote the sin() routine actually should have done their own f*cking job, and properly curse them out when I find that it should have been 0.479425539?
Re: Nature embargoes news until article appears
on
Pillars Underwater
·
· Score: 1
There is a very good reason for the so-called "clowns" in the news media to not discuss things until they have appeared in Nature.
http://www.nature.com/nature/submit/gta/index.ht ml #5.1
"5.1 Prepublicity. Once submitted, contributions must not be discussed with the media (including other scientific journals) until the publication date; advertising the contents of any contribution to the media may lead to rejection. The only exception is in the week before publication, during which contributions may be discussed with the media if it is clearly indicated that their contents should under no circumstances be publicised until Nature's press embargo has elapsed (1900 h local London time on the day before the publication date)."
This is typical of many major scientific journals. (E.g., medical journals) In this day of the Web, the relevance of these kinds of embargoes is debatable, but there are important reasons for them. Mainly, Nature wants to ensure that its contents are properly peer-reviewed before being released. If everyone discusses non-reviewed results in the open media before the review process can be finished, the research will tend to run ahead of the reviewers. In my experience, this is a major problem with the rising of "pre-print" servers, which show results before peer review. As far as I can tell, the results are something like doing scientific research on Slashdot. The results rarely end up being properly peer reviewed, and when they do, nobody reads the journal articles, because they've "already seen" the results on the pre-print servers, regardless of what changes had to be made to satisfy the reviewers.
A minor reason not to discuss things until the article appears is if Nature rejects the article.
Anyhow, the news media have probably talked to these scientists for the past week, to get the story as straight as they can before their own deadline. Of course, since the mainstream media (and, perhaps as importantly, their editors) aren't generally well-trained in science, they often garble things, and often will play up unrealistic future visions to impress readers. Just like slashdot.
This is somewhat questionable info. Consider especially the "arabmedia.com" provenance. According to what I would think is a more trustworthy site,
http://fas.org/nuke/hew/Israel/index.html
"Reports that Zalman Shapiro, the American owner of the nuclear fuel processing company NUMEC, supplied enriched uranium to Israel in the 1960s seems to have been authoritatively refuted by Hersh."
The cite apparently refers to:
AUTHOR: Hersh, Seymour M.
TITLE: The Samson option: Israel's nuclear arsenal and American foreign policy / Seymour M. Hersh. -- 1st ed.
ISBN/ISSN: 0394570065
IMPRINT: New York, Random House, c1991
PHYS DESC: 354 p., 24 cm.
The point of Drake's paper (which the parent post has [snip]ped) is really how the Arab states can approach disarmament, and not really a serious study of Israeli nuclear development, which she gets only from secondary sources.
His point is that even though the risks of, say, deep-sea oil drilling, are very real and are often deadly, because they are so tangible, great expense is incurred (in most Western countries) to avoid them. (E.g. oil rigs designed to withstand a 100-year storm, robust lifeboats, drills, and procedures)
He is contrasting it to IT professionals who face risks from RSI that could disable them sufficiently to end their career, but because RSI is such a varied, nebulous medical phenomenon that is dependent almost entirely on self-reported symptoms to diagnose, hardly anything is done by employers to prevent these risks.
Slashdot Mirror
Listen up.
The "extremely low temperatures" for good room-temperature conductors to become superconductors is lower than you can achieve by using cryogenic liquids at atmospheric pressure, or even by achievable lower pressures. Liquid He boils at ~4K at 1 atm. Liquid H2 boils around 20K.
Aluminum becomes superconducting at about 1.19 K at zero magnetic field. Cu, if it superconducts at all (I vaguely recall someone reaching this point, but I'm not sure), has a critical temperature in the millikelvin range or lower.
To clarify: 1) liquid helium is *colder* than liquid hydrogen. 2) don't worry about good conductors becoming superconducting without a low-temperature physicist involved.
Now you can get back to discussing other topics you don't understand.
Oh, yeah, I forgot about my other favorite part, the test of his Jedi powers by a psychic test where every other hidden item was "ship."
My favorite part was controlling the attack robots from a single "mother ship" where the main reactor was conveniently placed right next to the front door. Obviously designed that way, of course, so that it could be blown up by a novice pilot just learning the controls of his ship.
It could be that laproscopic surgery is basically done over a video link anyway, as opposed to lancing a boil, which is typically done using the naked eye. Since the laproscopic surgeon is just looking at a video monitor and manipulating the surgical apparatus through mechanical linkages, the leap to telesurgery is much smaller. It doesn't really matter if the mechanical linkages and video feed end on another continent or not.
IANACPA. However, I do know that losses don't have to be "money going out the door." It could be money that went out the door last year to buy a company, and now the excess you paid over the target company's tangible assets (goodwill) is being amortized away. It could be depreciation of assets, including inventory becoming "worthless" (i.e. accounting principles forbid fantasizing about selling something more than a certain age. In software, that probably is fantasy, but in real industry, that could be a two-year-old widget, which you might be able to sell for 5% original retail, still more than 0.)
All of these are important accounting principles, basically forcing a consistent, conservative approach to valuing assets, instead of allowing everyone to make up their own favorable way to account for what they own.
However, none of these involve cash leaving the company in this quarter. You are confusing "cash flow" with "profit/loss".
Still, I agree with the basic sentiment that profits are better than losses, and I'm still skeptical that RH will have any profitable business in the future.
This headline's use of "production environment" is somewhat misleading. The story refers to this technology being used to fabricate a single replacement part for a machine used on a production line. Out of a non-standard but acceptable substitute material.
To me, "production environment" would be using the machine, full-time, producing parts that end up in customer's hands. That may be happening, for some parts, somewhere, but it isn't what the story is talking about.
And for the rest of you, this isn't Star Trek replicator technology. Get a grip.
Don't bother waiting for anti-matter to be used for energy production. The techniques for producing anti-matter are exceedingly inefficient. A staggering amount of power is used to produce piddling amounts of antimatter in particle accelerators.
Furthermore, even perfectly efficient generation of antimatter would use as much energy to produce the antimatter as is recovered by its annihilation. (I.e., energy is conserved.) Just use the energy you were going to use to make antimatter, and use it for whatever you were going to use the antimatter for. Simply omit the antimatter step.
Look, who has time to reproduce well-established results? You don't get published (i.e., get ahead in science) for "I did the same thing that he did six months ago, and the results pretty much agreed." You have to do something new enough to be worth publishing. Which means once you read something in a quality journal, you cross it off your list of things to do. If you were working on a very similar project, you say "We got scooped, let's move on" or you figure out some way in which your experiment improves on the result, or that your results look different, in which case you start a controversy.
If one has to reproduce every experiment one reads about to make sure it actually was done right, then one would never get anything done.
As far as knowing whether the experiment is "true" or not, I can guess pretty easily that this guy was ignoring some ordinary effect which disturbed his apparatus. Who knows what it is? In a peer-reviewed journal, somebody experienced in GR experimentation would look at the paper, and ask the pointed questions "discuss the vibration isolation of your experimental apparatus...include results for intermediate distances" he or she felt were necessary to answer before the article would be published in the journal.
But without peer review, nobody can require him to pin down essential details of the work. So the paper is useless. You can't even figure out what he probably did wrong.
The point of a journal like Physical Review is that I can look back over the last 20 years to determine what work has been done, and have confidence that it maybe wasn't complete crap, without having to actually repeat all of the experiments.
Numerical Recipes is problematic.
...) and is often buggy.
See http://math.jpl.nasa.gov/nr/ parts of which are probably unfair, as it is mostly about the first edition, and some of it looks like "pilot error", but overall this doesn't generate confidence.
Their code generally sucks (loops in the wrong order, lots of variables with names like ii, h, jj, excess allocation,
The authors (admittedly) are not experts in the field of numerical computation.
The book best serves as a travel guide to a reasonably large subset of the field of numerical computations. When you actually arrive at the destination, you recognize that the guide got some parts wrong, but you feel more comfortable having read it.
Try the Guide to Available Mathematical Software
http://gams.nist.gov/ or netlib http://netlib.org/ instead.
Publishing a paper is enabling peer-review.
No, I'm sorry. The concept of peer review is that peer review happens *before* publication. That way, when you read a serious journal, you know that at least a couple scientists familiar with the specialty read the paper, and any objections they had were dealt with to their satisfaction. Essentially, it's probably good enough to serve as the basis for further work.
It might still be wrong, in the end, when further work finds some hidden or subtle error, or that the experts in the fields were still confused at the time, but for now, its worth considering to be tenatively true.
Without peer review, you have to rely on your own gut feeling to tell whether something published is totally bogus, questionable, or likely to contain basic errors. In your own subfield, you might trust your gut, as well as your impression of the authors based on their previous work or on your having met them. Outside your field, it becomes much harder to tell.
The problem with "publishing is enabling peer review" is that any review that happens afterward doesn't get attached, so you can't find out from the original document what other people thought about it. This is even a problem in peer-reviewed journals; lots of theoretical papers have typos or errors, and some of them even get published in later comments or errata, but who has the time to look for errata for every journal article that you look up?
The way this would work is that the sender would flash his laser at any reasonably nearby star. There aren't *that* many close by. Then, just make sure diffraction spreads the beam to a width of a few AU. It's not so unlikely a hit. Plus, he'll flash us a few times just for good measure, maybe over a period of years.
No, what I am saying is that we ought to defend against threats according to their real likelihood, and the real costs of the defense.
We assembled an extremely (multi-trillion dollar) expensive nuclear deterrent against the real threat posed by the Soviets (domination in Europe through intimidation of the US) who had thousands of missiles. That's proportionate. Spending hundreds of billions of dollars on something that has to run 24-7 around the world to protect against something that is just not likely to happen is not. That's even before considering the technical obstacles (e.g. anti-simulation decoys) that could make mid-course BMD fail in realistic cases anyway.
If someone suggested we give billions of dollars to Tinkerbell to sprinkle pixie dust on the continental US to protect us from rogue states, they would be laughed at. So far, the proposed defenses don't amount to much more. It will take years of testing to prove otherwise.
Are you seriously suggesting that the former USSR would sell ICBM's to the highest bidder? With targeting information? It's hard to believe the US wouldn't be able to identify the hardware by satellite imagery, and link it to the source. How could they be sure they weren't going to end up in the hands of Chechens, or some such? And why wouldn't they also sell sophisticated decoys to defeat BMD?
I think Bin Laden is happy with things pretty much at the current level. Low enough that he can still raise funds and get protection from sympathetic Muslims, high enough to remain a hero to anti-Americans everywhere. Killing thousands of innocents on American territory would be beyond what the regional governments would tolerate. Killing hundreds while attacking infidel incursions into Muslim regions is more acceptable.
Yeah, I figured the numbers looked weird, but I think that is what most posters were referring too.
Ballistic missile defense against ICBMs is just a 21st century Maginot line. How many ballistic missles have been launched in anger against US territory? Zero. How many people have been killed by truck bombs or small-boat bombs against American targets abroad? Hundreds.
The use of small terrorist cells to strike soft American targets abroad serves the purpose of rogue states much better than a clearly visible missile attack. Can the US retaliate for the bombing of the Cole? Only if we can figure out who did it. In the meantime, our influence is reduced in the Middle East because any U.S. military or diplomatic staff is reduced for security reasons.
If Iraq launched a ballistic missile against the US with a weapon of mass destruction, we'd have a clear-cut casus belli, and could immediately embark on the military destruction of Saddam's regime. Fund a few wackos to sail a bomb-laden raft to the USS Cole? The US suffers a huge black eye and is reduced to complaining to the Yemenis that they aren't letting us investigate properly.
For those of you too ignorant to remember, the Maginot line was a massive fortification France erected along the Franco-German border before WWII. It did hold up for a pretty long time against the eventual German attack. Unfortunately, that defensive effort took place while the main German force swept to Paris through the Low Countries, simply bypassing the Line.
"but one would assume either someone wants more money to beef up defense or someone is looking for a new scare tactic for the next election."
Or, maybe, they might just want to practice before the real thing happens.
from http://www.cdi.org/nuclear/nukesoftware.txt
Especially developed tests did confirm that a source of random errors is an error in execution of the 'SELECT' with 'ORDER BY' (sorting by) statement by the Microsoft SQL Server in version 6.5....Microsoft did confirm a presence of this software flaw. This flaw has been filed by Microsoft as flaw No. SRX000403600845.
one more flaw has been detected in the SQL Server 7.0. This flaw has been recognized by the Microsoft and filed as flaw No. SRX000727603512. Principal modifications introduced by the Microsoft in SQL Server 7.0 which are relating to the data security and data protection in a Database, and presence of the said flaw, are considered as creating a direct threat to data security and data protection in the SQL Server 7.0 Databases.
.....end of quotes.....
Also note use of modifications, plural, in considering the security threat, not just the bug reported.
The way I read the memo to Blair, it seems that the Russians didn't want to upgrade to 7.0 because, even if that query bug had been fixed, too much had changed in the security features of SQL Server (including the bug they reported) to be confident that they wouldn't be inadvertantly opening a new security hole. I don't know enough about SQL Server to say.
Notice that MS spokesperson is very careful to say that "Only under circumstances (where) the site (had) no password could anybody get to it." Which to me says only that the password protection prevents the underlying flaw from being "usefully" exploited, not that the flaw is the lack of password itself, as many posters have accused.
Your use of the term "system" indicates to me that you have an incomplete definition, that makes your whole point dangerous.
One of the key principles of engineering is that a complex system can be produced by combining well-defined elements of lesser complexity. By restricting the design process to a higher level of abstraction, one can successfully design systems that, as a whole, are beyond human comprehension. That design process depends on the accurate modelling of the component pieces. If one of those components doesn't perform according to spec, then the system can fail, even though the design is sound.
One designer's system is the next designer's component. Consider one component telling the other component to do something, according to spec, and the second component fails to do it. That's not "the system" (i.e. the overall design concept) failing. That's the "component" failing. There's a world of difference between the two.
To the database programmer, MS SQL server is part of the system. A SQL query is "telling the system what to do." If the result of the query is incorrect, the system *didn't* do what it was told, no matter how much you may gainsay it.
Your argument absolves everyone from responsibility. "I told the system to calculate 2+2, and it told me 5. I guess + doesn't mean what I thought it means. Stupid me."
I don't care if it was tongue-in-cheek, your remark suggested a lackadaisacal attitude to engineering principles. I hope you think it is funny next time you fly in an airplane---after all, if it crashes, it must have been told to do so, right?
From what I can gather from the memo written by the Russians, it is indeed an intermittent bug; the same query run against the same data returns results of differing completeness.
I think your argument about SQL server being used "SO much" is misleading. I believe it is no accident that this incident happened at the Kurchatov Institute, where you have very smart people addressing a serious problem essentially without time-to-market pressures. The priority at the Institute is geared almost completely toward the integrity of their operation, not toward "get this web site running ASAP." In a typical dot-com or non-critical business application, no one is paying close enough attention to notice these 1 in a 1000 bugs, or they are overwhelmed by the 1 in 10 bugs in their own code. How many MS SQL Server users are comparing their results to a parallel paper-and-pencil legacy system?
I find it far more likely that there are bugs in SQL server than in the KI code. The KI people obviously put forth serious effort to isolate the problem and to diagnose it. And they aren't stupid.
As for the sin() example, what I was hinting at is that sin() call embedded into a more complicated calculation. At some level, I have to have confidence the sin() call is actually calculating the sin(). Otherwise, the effort to validate everything down to 10 significant figures in, say, a few thousand iterations of a simulation is simply beyond human capacity. Many times, a computer is being used simply because it would take lifetimes of calculation for a human to know what the answer should be. There is no way to thoroughly audit that. You can run a few sanity checks, and rigorously check your own code, but you really are depending on your vendor.
So when Intel's FMUL routine produces an incorrect result, that's not a bug?
Funny, the C programmer asked to multiply two numbers. The programmer of the C compiler told the computer to emit instructions that multiply two numbers. But somehow, the numbers don't get multiplied correctly. We can just say "some Intel designer gave the instructions to the processor, and the processor is just doing exactly that." That is a pretty useless position to take. I don't want a computer to do what some designer mistakenly told it to do. I want it to do what the documentation says it should do, and I want it to do what I have told it to do. And when it doesn't, someone is at fault. That's a bug.
And you are a troll.
No, the scenario is that a complicated query did *not* return correct results from the database, under certain conditions which are probably still not determined. That is, the bug was not in the SQL, but in the result returned by the database to the SQL query. No amount of auditing of the SQL code would have caught the problem. The code at fault was in Microsoft's domain.
If I ask for sin(0.5) and get 0.479425549 am I really expected to determine that there is a bug in the sin() routine? Or can I reasonably expect that whoever wrote the sin() routine actually should have done their own f*cking job, and properly curse them out when I find that it should have been 0.479425539?
There is a very good reason for the so-called "clowns" in the news media to not discuss things until they have appeared in Nature.
t ml #5.1
http://www.nature.com/nature/submit/gta/index.h
"5.1 Prepublicity. Once submitted, contributions must not be discussed with the media (including other scientific journals) until the publication date; advertising the contents of any contribution to the media may lead to rejection. The only exception is in the week before publication, during which contributions may be discussed with the media if it is clearly indicated that their contents should under no circumstances be publicised until Nature's press embargo has elapsed (1900 h local London time on the day before the publication date)."
This is typical of many major scientific journals. (E.g., medical journals) In this day of the Web, the relevance of these kinds of embargoes is debatable, but there are important reasons for them. Mainly, Nature wants to ensure that its contents are properly peer-reviewed before being released. If everyone discusses non-reviewed results in the open media before the review process can be finished, the research will tend to run ahead of the reviewers. In my experience, this is a major problem with the rising of "pre-print" servers, which show results before peer review. As far as I can tell, the results are something like doing scientific research on Slashdot. The results rarely end up being properly peer reviewed, and when they do, nobody reads the journal articles, because they've "already seen" the results on the pre-print servers, regardless of what changes had to be made to satisfy the reviewers.
A minor reason not to discuss things until the article appears is if Nature rejects the article.
Anyhow, the news media have probably talked to these scientists for the past week, to get the story as straight as they can before their own deadline. Of course, since the mainstream media (and, perhaps as importantly, their editors) aren't generally well-trained in science, they often garble things, and often will play up unrealistic future visions to impress readers. Just like slashdot.
This is somewhat questionable info. Consider especially the "arabmedia.com" provenance. According to what I would think is a more trustworthy site,
http://fas.org/nuke/hew/Israel/index.html
"Reports that Zalman Shapiro, the American owner of the nuclear fuel processing company NUMEC, supplied enriched uranium to Israel in the 1960s seems to have been authoritatively refuted by Hersh."
The cite apparently refers to:
AUTHOR: Hersh, Seymour M.
TITLE: The Samson option: Israel's nuclear arsenal and American foreign policy / Seymour M. Hersh. -- 1st ed.
ISBN/ISSN: 0394570065
IMPRINT: New York, Random House, c1991
PHYS DESC: 354 p., 24 cm.
The point of Drake's paper (which the parent post has [snip]ped) is really how the Arab states can approach disarmament, and not really a serious study of Israeli nuclear development, which she gets only from secondary sources.
The whole paper can be found at her web site.
The Linux Kernel (or UNIX in general) is just a bootloader for Emacs.
Isn't it?
His point is that even though the risks of, say, deep-sea oil drilling, are very real and are often deadly, because they are so tangible, great expense is incurred (in most Western countries) to avoid them. (E.g. oil rigs designed to withstand a 100-year storm, robust lifeboats, drills, and procedures)
He is contrasting it to IT professionals who face risks from RSI that could disable them sufficiently to end their career, but because RSI is such a varied, nebulous medical phenomenon that is dependent almost entirely on self-reported symptoms to diagnose, hardly anything is done by employers to prevent these risks.
He may wish he had phrased it a bit more clearly.