FREE Apache SSL Guide from Thawte
Are you worried about your web server security?
Click here to get a FREE Thawte Apache SSL Guide
and find the answers to all your Apache SSL security needs.
http://ad.doubleclick.net/blah
jaavaaguru has posted a comment in reply to your comment.
Re:In the UK
*snip*
Spamassin passed it, but it won't pass the Slashdot lameness filter? That's kinda ironic, surely?
In the UK it is extremely common to have people with only dialup access at home, and a better connection at work.
Until very recently this was the case for me, I'd happily schedule the download of ISO's overnight at work, burn them onto cd-rom and take them home with me. (My own cd-roms, and only legal things like Debian ISO's I hasten to add).
Sure things are change now with a much higher availability of broadband, but I know more people on dialup than not..
I haven't seen this book, but I'm gonna look out for it now.
I really did enjoy reading Feynman's accounts of the time which are included in Surely You're Joking, Mr Feynman, his mentions focussed on the safety aspects of designing the storage facilities for the euranium.
Truly, BitterSweets(tm)" are the perfect gift for you OR for someone you love, especially if that special someone is one who doesn't want to hurt your feelings but just doesn't feel that way about you but still wants to be friends so they can torment you with stories about their crushes on someone who doesn't appreciate them like you do, can't love them like you can, and actually takes pleasure in corralling a herd of fawning "just friends" behind themselves as they indulge in one self-destructive relationship after another, with no hope of ever finding true love, despite an army of souls eager to lavish it upon them.
Re:how about three words for today
on
A Word a Day
·
· Score: 0, Offtopic
I believe you were being precipitous in your assesment.
Unfortunately yours is not the first post; instead it is the penultimate post.
Still thank you for playing; please try again..
Moreover, NP-Hard problems get really impossible for higher instances
I'm assuming the people who say Tetris is NP-hard are assuming a truely random distribution of falling pieces..?
The amount of games I've lost because I didn't get a single 'long straight' piece is unbeliably hard. I know the computer is cheating me from my tetris's (tetri?)!
Not that I'm bitter.. or anything;)
Re:Benefactor of mankind--thank you!
on
Tetris AI System
·
· Score: 1
Sheesh - computers one, two, three, and four are all in a beowulf cluster.
Your server was pretty much what inspired mine - I even remember posting a few small patches to your mailing list!
Personally I just don't get Python- though it's a fine language - so I struggled making anything over than trivial changes to your code.
I've gone from Edna, to bad Perl, to C, then C++ and now into good Perl.
Threading and memory management were what drove me to c++, but finding std c++ libraries were not threadsafe, and the desire to interface with databases drove me back to perl.
Even if there are no buffer overflows possible it's not proof that the software is secure; lots of things need to be checked, PATHs, permissions on files, race conditions, symlink attacks, etc.
Thats why, as you say, proper programming is the way to security. A good developer should always test return codes, never use unbounded copies, etc.
I think it's time to give up on C for most Internet application development
This is part of the reason that version 2 of my MP3 streaming server is being written in Perl.
Most of the work of the server is in file manipulation, and plugin coding - and the server will be mostly network/IO bound anyway. The speed lost due to the interpretted nature will be gained by safety.
OK I'm using Perl for more reasons that just that; but the lack of buffer overflows was part of the reason for the switch.
Anyone know what language Subversion is written in?
Creating IDL definitions, and wrappers for libraries is large in terms of LOC even if it's short in complexity - just to give one example. (I once worked on an CORBA based distributed reporting project)
Other projects written in Java or C++ with lots of comments, and interfaces would be doable - it really depends upon the implementation language the level of the coding, and the individual developer.
Now, even the best coders only do ~100 lines of code per day...
That's not true; some coders may write 500, some may write 50, and others may write only five.
I'm not even that sure it is worth measuring the lines of code written as a performance indicator either; I've had days at work where I've written only one line of code - but it was the line to solve a random threading deadlock; and so it was the correct line to write.
Perhaps they might want to consider Mandrake's automatic security level scripts. That's the only contributions I can see Mandrake making to Debian that they would want.
There's been discussion about that very recently - I'm hoping to do just that sometime soon.
Slashdot Mirror
Ahh another local person.
Nope it wasn't a HTML email:
From: slashdot@slashdot.orgTo: stevey
FREE Apache SSL Guide from Thawte
Are you worried about your web server security?
Click here to get a FREE Thawte Apache SSL Guide
and find the answers to all your Apache SSL security needs.
http://ad.doubleclick.net/blah
jaavaaguru has posted a comment in reply to your comment.
Re:In the UK
*snip*
Spamassin passed it, but it won't pass the Slashdot lameness filter? That's kinda ironic, surely?
I've just acquired a laptop from work, and it's a right pain in the neck for working with.
There's no '|' key on the machine so I had to remap one from elsewhere on the keyboard.
Also there's some funny 'function' key in the left hand side - just where I want the control to be.
Still xmodmap is a wonderful tool - it's just a shame I can't relable the keys neatly to show what they're mapped to.
Still it's old, quite rugged, and runs Debian happily - so I guess it's not all bad news!
I'm in Edinburgh, which has just had some of it's exchanges upgraded.
(OT: The email I got contained an advert - is this a new thing? First I remember seeing it)
I'd actually argue that the other way around.
In the UK it is extremely common to have people with only dialup access at home, and a better connection at work.
Until very recently this was the case for me, I'd happily schedule the download of ISO's overnight at work, burn them onto cd-rom and take them home with me. (My own cd-roms, and only legal things like Debian ISO's I hasten to add).
Sure things are change now with a much higher availability of broadband, but I know more people on dialup than not..
Could they even land without the big support team down on earth?
Nope .. because when you search google for my name I come top.
More than that what could I want? I had no say in the name, but if it was good enough for my parents to choose it's good enough for me to wear.
I haven't seen this book, but I'm gonna look out for it now.
I really did enjoy reading Feynman's accounts of the time which are included in Surely You're Joking, Mr Feynman, his mentions focussed on the safety aspects of designing the storage facilities for the euranium.
Really daring guys wear rings in other places ...
Reading a bit further up it says that if a process is used via 'fork/exec' it communicates at sufficiently arms-length.
I would read that as meaning that you could stick the two side by side, as long as you made it clear that the .jar was a seperate free program.
This is covered in the GPL FAQ, specifically this answer seems appropriate.
Truly, BitterSweets(tm)" are the perfect gift for you OR for someone you love, especially if that special someone is one who doesn't want to hurt your feelings but just doesn't feel that way about you but still wants to be friends so they can torment you with stories about their crushes on someone who doesn't appreciate them like you do, can't love them like you can, and actually takes pleasure in corralling a herd of fawning "just friends" behind themselves as they indulge in one self-destructive relationship after another, with no hope of ever finding true love, despite an army of souls eager to lavish it upon them.
I believe you were being precipitous in your assesment. Unfortunately yours is not the first post; instead it is the penultimate post. Still thank you for playing; please try again ..
I'm assuming the people who say Tetris is NP-hard are assuming a truely random distribution of falling pieces..?
The amount of games I've lost because I didn't get a single 'long straight' piece is unbeliably hard. I know the computer is cheating me from my tetris's (tetri?)!
Not that I'm bitter .. or anything ;)
Sheesh - computers one, two, three, and four are all in a beowulf cluster.
Nah .. not trolling - just struck me as a fine way to encourage a few people to make donations.
(Much like the blackmail license which was posted here before; people donate money and when it reaches a certain figure the code becomes open)
Well we could try encouraging him to start a blackmail approach.
"The Linux Kernel 2.6.x development will not start until 16 new fonts are available for Linux."
With all the backing from Big Blue, etc, somebody might give in ...
I know these people won't be there, but there is the Debian Jr Project which is aiming to target children..
That's what I meant; check all applicable return codes...
Your server was pretty much what inspired mine - I even remember posting a few small patches to your mailing list!
Personally I just don't get Python- though it's a fine language - so I struggled making anything over than trivial changes to your code.
I've gone from Edna, to bad Perl, to C, then C++ and now into good Perl.
Threading and memory management were what drove me to c++, but finding std c++ libraries were not threadsafe, and the desire to interface with databases drove me back to perl.
Indeed that's possible - I even remember the last local root hole via the sperl binary.
Even if there are no buffer overflows possible it's not proof that the software is secure; lots of things need to be checked, PATHs, permissions on files, race conditions, symlink attacks, etc.
Thats why, as you say, proper programming is the way to security. A good developer should always test return codes, never use unbounded copies, etc.
This is part of the reason that version 2 of my MP3 streaming server is being written in Perl.
Most of the work of the server is in file manipulation, and plugin coding - and the server will be mostly network/IO bound anyway. The speed lost due to the interpretted nature will be gained by safety.
OK I'm using Perl for more reasons that just that; but the lack of buffer overflows was part of the reason for the switch.
Anyone know what language Subversion is written in?C
I'd recommend Terry Goodkind (worth a look just for the "imposing" photo!).
His 'Sword of Truth' series is entertaining, albeit a little predictable in places.
So far the books are:
Creating IDL definitions, and wrappers for libraries is large in terms of LOC even if it's short in complexity - just to give one example. (I once worked on an CORBA based distributed reporting project)
Other projects written in Java or C++ with lots of comments, and interfaces would be doable - it really depends upon the implementation language the level of the coding, and the individual developer.
That's not true; some coders may write 500, some may write 50, and others may write only five.
I'm not even that sure it is worth measuring the lines of code written as a performance indicator either; I've had days at work where I've written only one line of code - but it was the line to solve a random threading deadlock; and so it was the correct line to write.
There's been discussion about that very recently - I'm hoping to do just that sometime soon.