There may not be an official way, but if your possible systems are all from a limited set and you're really only having to differentiate between Windows and UEFI or DOS and Windows (the other poster pointed out that there's an official way of having both DOS and Windows entry points), then it should be possible to find a system call that just provides information on both systems and has a return value that lets you tell them apart. You do this early and then jump to the relevant entry point.
Even more fun, there was recently a DARPA-funded program that recently worked out that there's a useful subset of both ARM and x86 that is entirely NOPs in the other. I don't remember if it's Turing complete, but it is definitely enough to write a little header that will branch to either the x86 entry point if run on x86 or the ARM entry point if run on ARM.
Better: make them do community service talking to banks and so on, on behalf of victims of identity fraud, fixing the fallout. Even 10 hours a week for the next year or two of doing that would be a very strong disincentive for other companies.
I wonder if someone at Google read my post and prodded their system. In the few hours since I posted, they have now updated it so that there are roads. Unfortunately, they now place the road running through my kitchen (and my nextdoor neighbours' kitchens on both sides), rather than in front of my house. Their satellite data shows a building site, so it looks as if it's 18-24 months old.
In the UK, the government (largely in response to pressure from OSM contributors) released the ordinance survey data (the official UK maps) under a license that made it useable by the OSM project. For some reason, none of the commercial mapping projects seem to be using this data. In Cambridge, the university has maintained its own maps, including detail that isn't easily accessible to members of the general public (locations inside colleges and so on). A few years ago, they realised that they were spending a lot of money to get less good quality maps than most commercial offerings, so they uploaded all of their data to OSM and now just keep that up to date and provide an OSM renderer that looks like their old maps system (and renders some university-specific details that the default OSM renderer doesn't). This means that the OSM data here is very good (for example, it knows about cycle paths, road closures, and so on).
At this point there is probably more value in creating reactors that can use the waste from other reactors, if they want to reduce foreign dependencies?
What a good idea! And the country that does the most fuel reprocessing for other nations is... France.
Plastic is made from hydrogen, carbon, and oxygen. All of these are abundant elements. When you get them in the polymers found in crude oil, the energy cost of separating them out into ones that don't need much energy to turn into plastic is fairly low. When you start with plan oils and have to polymerise or crack them to get the right lengths, the energy costs can be higher.
Creating plastic is a problem of energy, not of raw materials. We don't use oil for them because it's the only option, we use it because it's the cheapest (especially when most of your energy comes from oil).
people,including poor, who live in areas where a connection is easily obtainable cheaply are forced to pay higher for faster connections to subsidize those who choose to live in remote hard to connect areas
Just as people in cities pay to subsidise the electricity and telephone connections of people in rural areas. Because we benefit quite a lot from having people paid low wages to produce food for us.
consolidate position of now regulated established monopoly suppliers, by raising barriers to new competitors.
This does absolutely nothing to new competition. The only company affected by this is the company that already has a near monopoly on the telephone network, which was built using public funds, and has been heavily regulated since it was privatised. New competitors are free to do whatever they want (modulo other regulations).
Yup. Before she moved, my mother was getting 1.5Mb/s on a good day from her ADSL line in Devon. The ISP didn't advertise anything below 8Mb/s, but they did give her a discount when they verified that she couldn't get close to the advertised speed. It was too slow to stream even standard definition content via iPlayer (only just - you got about 30 seconds of video and a second or two of buffering).
Why? You almost certainly won't use the same UI on the iPhone and laptop versions, so why should you need to use the same UI? They already have a mechanism for getting a tie-in watch app when you buy an iPhone / iPad app, this just extends that further. Both macOS App Store users will be delighted. Meanwhile, there are a bunch of apps already in the iOS app store that are only useful if you have the corresponding Mac app installed.
The same evil government regulation has made calling between nations in Europe cost next to fuck all whereas it used to cost a small fortune. Boo, government.
I'm not sure that the government gets this one. My phone company abolished roaming charges within the EU before they were legally required to and now calling France costs the same as calling the UK. It took so long to get these regulations passed that the market was pretty much there already: the phone companies were seeing all of their international call revenue lost to things like Skype.
You realise that taxi monopolies are pretty rare? It's oddities like the New York medallion system that create them. In most of the EU, there are multiple competing taxi companies, but the rates that they can charge are fixed (and their meters are audited periodically) so they have to compete on service.
I haven't used Apple Maps for a while, but when they launched here it turned out that they'd bought maps from TomTom, who bought them from a company that they acquired in 1992 - and those maps hadn't been updated since. It was an interesting historical snapshot, and mostly buildings hadn't changed (a load of them have been here for the best part of 800 years, so only a few were obviously wrong), but a lot of pubs had changed names since then and so it was quite confusing.
That said, last time I was near the Google Maps HQ, I had a look at Google Maps and OpenStreetMap and found that the OSM data was better. I mostly use OSMAnd for mapping - it's open source and stores offline vector maps and does offline routing (for car, pedestrian, and bicycle). I find the Google maps difficult to read - roads are only two colours, irrespective of type, and not the standard colours for a road atlas. About the only feature that Google Maps has that I'd like is live traffic data.
I've just looked at Google Maps, and they do now have my house! I've been living here for over a year and it was built about a year before that. They don't, however, have the houses on the other three sides of the square (or, in fact, the roads for two sides). They also don't have the road that runs around the back of ours, or any of the 23 houses on those roads, or either of the blocks of flats. Oh, and the roads that they do have are in the wrong place and include a large road where there's now a block of flats, two small roads over a park, and one through someone's house. Now, compare that to OSM: They have all of the roads, house numbers for all of the houses and one of the blocks of flats, the footpath that cuts through one row of houses to the row begin, the park in the middle of the square, and the footpaths across the park. The other block is in a part that is marked as under construction, so I at least know that the map might be wrong (Google doesn't even appear to have any indication of construction work). We moved from around the corner and the Google Maps data there is weirdly wrong. It's as if they tried to draw a map by asking drunk people where things are: there are no gaps between buildings that have a driveway between them, there's a take-away at the wrong end of a row, and so on.
Some of the buildings on Google Maps are extruded, but not consistently and they don't appear to have any correlation with the heights of the buildings (three story house: flat, 1-story shop next to it: extruded).
I remember Word 2.0 for Windows as a pretty solid piece of software. It ran happily on a 386 with 4MB of RAM and about the only feature that it lacked that modern Word has is the ability to underline words with spelling errors automatically in the background. I moved to ClarisWorks on that machine, because it did most of what I wanted and the whole office suite was smaller than Word, but I missed a few things in Word when I did.
It's also worth remembering what they're compared to. Classic MacOS had a more consistent UI than Windows (and didn't get the buttons on dialog boxes back to front), but it crashed a lot. Possibly even more often than our old friend General Protection Fault visited Windows 3.1. RiscOS was probably the nicest system from that era, but most apps were hand-coded ARM assembly and that didn't really scale to more complex programs.
Here's another: macOS 10.13, if you have an external display and scaling enabled, one core sits at 100% all of the time in the window server. Lots of people have reported it, but I don't believe it's fixed yet. It basically means that you can't use an external display (e.g. a projector) while on battery, and if you do anything computationally intensive then expect it to be slower.
On the plus side, this bug meant that I didn't update to 10.13 and so missed out on the root login bug...
I don't know if it's exploited in the wild, but a couple of months ago there was a vulnerability in XPC. This is the framework that all sandboxed iOS / macOS applications use for communicating between privileged and unprivileged components, so is useable by any sandboxed app. Any malicious app that you had installed until that update would have been able to compromise the kernel.
There have also been a couple of GPU driver bugs that I know of that allow kernel privilege escalation.
The iOS sandboxing support is pretty solid overall, but it does rely on the kernel not having security vulnerabilities.
Modern phone operating systems aren't really small either. Windows 2000 ran happily on computers far less powerful than my phone (and with a lot less storage space) - and my phone was very cheap 4 years ago.
The odd thing with Windows Phone was that they underestimated the value of the ecosystem. My partner had a Nokia 1020, which had a nice UI and a great camera. She'd have kept using it if not for the fact that it didn't support newer versions of TLS and so increasingly couldn't connect to online services (for example, it couldn't connect to my mail server, because I disabled all vulnerable protocol versions and it didn't give a useful error message so it took ages to figure out that this was the reason).
For all of the time that she owned it, there were basically no useful third-party apps. Actually, there was a musicpd client (unlike iOS), but that's about it. Now she has an Android phone, which she generally likes less, but when she needs an app for something it probably exists (and most of the time it even exists in F-Droid).
The competent among us know how to produce GREAT software
Care to share your secret? What do you do when working on large (10 million or more lines of code) codebases that ensures that there are no security-related bugs?
The first is to use lossy compression. This trades space for both audio quality and processing overhead.
The second is to use lossless compression. This trades space for processing overhead.
The third is to use no compression. This uses more space, but has no quality or processing overhead.
Given the sizes of modern disks, the last one seems like a good option, except that it's never quite that clear cut. The CPU overhead of decoding something like FLAC is pretty much negligible these days: even on a mobile device, the difference in power consumption between decoding FLAC and an idle but powered core is likely to be difficult to measure. However, the cost of pulling data from disk / flash and storing it in the buffer cache is a little bit less trivial. If you can keep the data compressed on disk, you use less power to move it to RAM. Even better, you're typically DMAing from cache these days, so you also use less power to move the data from RAM to cache, decode a block, and then DMA only the decoded data.
TL;DR: There is basically no disadvantage in using lossless compression unless it is very computationally expensive on modern systems, and there are several advantages.
It's a shame musicpd doesn't get more attention. It's been around for ages and there are a bunch of clients (Mac, Windows, *NIX, Android, though strangely not iOS, and some web-based ones). I have it installed on my media centre box and also on a RPi in another room (which accesses the same music library over NFS). I can control the music from pretty much any computer in my house.
The clients are generally written for each platform, so don't suffer from the bloat of something like Electron. You can run it locally too, and quit the UI entirely without stopping music playing.
Connectivity is not the problem. I can reach millions of web servers, that doesn't make the browser more complex.
It does. A modern browser splits itself into multiple processes and runs most of them with very little privilege precisely because of this. Out of those millions of web servers, the probability of at least one of them trying to attack the browser is approximately one. Browser writers know this and so have multiple layers of defence. They know that in the (roughly) 30 million lines of code in a typical browser, at least some of them will contain security vulnerabilities and so they try very hard to ensure that when (not if) a renderer process is compromised, there isn't much that the attacker can do with it. This doesn't always work: for example, someone compromising your gmail tab with a malicious image that exploits a libpng arbitrary code execution vulnerability can still log into the Play Store and replace your Internet banking app with a trojaned version.
If web browsers didn't need to exist in such a hostile environment, they'd be a lot simpler. Unfortunately, most IoT devices exist in a similarly hostile environment, yet don't add the complexity required to deal with it. Many of them use simple cores that don't even support process-style isolation of components.
The second problem is the lack of knowledge in consumers. Given two pieces of software that fill the same function, do you have any mechanism to say which one is likely to be more secure? Creating good metrics for evaluating software security is an open research question in cybersecurity. When we don't even have research that can do the comparisons usefully, expecting consumers to make informed decisions with no information seems a bit of a stretch.
Partly. Software engineering is a very young discipline and we still don't really know how to make good software. We know a few things that are pretty much guaranteed to make terrible software, but the closest thing to a process that produces bug-free software is that used by the seL4 team, which is estimated to cost around 30 times as much as a conventional process with a very good set of automated tests.
Slashdot Mirror
2011? The first machine I owned that managed to brick itself in a failed BIOS update was a Gigabyte motherboard with a 200MHz Cyrix Pentium clone.
There may not be an official way, but if your possible systems are all from a limited set and you're really only having to differentiate between Windows and UEFI or DOS and Windows (the other poster pointed out that there's an official way of having both DOS and Windows entry points), then it should be possible to find a system call that just provides information on both systems and has a return value that lets you tell them apart. You do this early and then jump to the relevant entry point.
Even more fun, there was recently a DARPA-funded program that recently worked out that there's a useful subset of both ARM and x86 that is entirely NOPs in the other. I don't remember if it's Turing complete, but it is definitely enough to write a little header that will branch to either the x86 entry point if run on x86 or the ARM entry point if run on ARM.
Better: make them do community service talking to banks and so on, on behalf of victims of identity fraud, fixing the fallout. Even 10 hours a week for the next year or two of doing that would be a very strong disincentive for other companies.
I wonder if someone at Google read my post and prodded their system. In the few hours since I posted, they have now updated it so that there are roads. Unfortunately, they now place the road running through my kitchen (and my nextdoor neighbours' kitchens on both sides), rather than in front of my house. Their satellite data shows a building site, so it looks as if it's 18-24 months old.
In the UK, the government (largely in response to pressure from OSM contributors) released the ordinance survey data (the official UK maps) under a license that made it useable by the OSM project. For some reason, none of the commercial mapping projects seem to be using this data. In Cambridge, the university has maintained its own maps, including detail that isn't easily accessible to members of the general public (locations inside colleges and so on). A few years ago, they realised that they were spending a lot of money to get less good quality maps than most commercial offerings, so they uploaded all of their data to OSM and now just keep that up to date and provide an OSM renderer that looks like their old maps system (and renders some university-specific details that the default OSM renderer doesn't). This means that the OSM data here is very good (for example, it knows about cycle paths, road closures, and so on).
The Statue of Liberty was a gift to the USA from France.
Amusing gift. After the creators had built two of them in Paris, the mayor told them that they weren't allowed any more.
The Eiffel Tower was a gift to France from the USA.
No. Just... no.
At this point there is probably more value in creating reactors that can use the waste from other reactors, if they want to reduce foreign dependencies?
What a good idea! And the country that does the most fuel reprocessing for other nations is... France.
Plastic is made from hydrogen, carbon, and oxygen. All of these are abundant elements. When you get them in the polymers found in crude oil, the energy cost of separating them out into ones that don't need much energy to turn into plastic is fairly low. When you start with plan oils and have to polymerise or crack them to get the right lengths, the energy costs can be higher.
Creating plastic is a problem of energy, not of raw materials. We don't use oil for them because it's the only option, we use it because it's the cheapest (especially when most of your energy comes from oil).
people,including poor, who live in areas where a connection is easily obtainable cheaply are forced to pay higher for faster connections to subsidize those who choose to live in remote hard to connect areas
Just as people in cities pay to subsidise the electricity and telephone connections of people in rural areas. Because we benefit quite a lot from having people paid low wages to produce food for us.
consolidate position of now regulated established monopoly suppliers, by raising barriers to new competitors.
This does absolutely nothing to new competition. The only company affected by this is the company that already has a near monopoly on the telephone network, which was built using public funds, and has been heavily regulated since it was privatised. New competitors are free to do whatever they want (modulo other regulations).
Yup. Before she moved, my mother was getting 1.5Mb/s on a good day from her ADSL line in Devon. The ISP didn't advertise anything below 8Mb/s, but they did give her a discount when they verified that she couldn't get close to the advertised speed. It was too slow to stream even standard definition content via iPlayer (only just - you got about 30 seconds of video and a second or two of buffering).
Why? You almost certainly won't use the same UI on the iPhone and laptop versions, so why should you need to use the same UI? They already have a mechanism for getting a tie-in watch app when you buy an iPhone / iPad app, this just extends that further. Both macOS App Store users will be delighted. Meanwhile, there are a bunch of apps already in the iOS app store that are only useful if you have the corresponding Mac app installed.
The same evil government regulation has made calling between nations in Europe cost next to fuck all whereas it used to cost a small fortune. Boo, government.
I'm not sure that the government gets this one. My phone company abolished roaming charges within the EU before they were legally required to and now calling France costs the same as calling the UK. It took so long to get these regulations passed that the market was pretty much there already: the phone companies were seeing all of their international call revenue lost to things like Skype.
You realise that taxi monopolies are pretty rare? It's oddities like the New York medallion system that create them. In most of the EU, there are multiple competing taxi companies, but the rates that they can charge are fixed (and their meters are audited periodically) so they have to compete on service.
I haven't used Apple Maps for a while, but when they launched here it turned out that they'd bought maps from TomTom, who bought them from a company that they acquired in 1992 - and those maps hadn't been updated since. It was an interesting historical snapshot, and mostly buildings hadn't changed (a load of them have been here for the best part of 800 years, so only a few were obviously wrong), but a lot of pubs had changed names since then and so it was quite confusing.
That said, last time I was near the Google Maps HQ, I had a look at Google Maps and OpenStreetMap and found that the OSM data was better. I mostly use OSMAnd for mapping - it's open source and stores offline vector maps and does offline routing (for car, pedestrian, and bicycle). I find the Google maps difficult to read - roads are only two colours, irrespective of type, and not the standard colours for a road atlas. About the only feature that Google Maps has that I'd like is live traffic data.
I've just looked at Google Maps, and they do now have my house! I've been living here for over a year and it was built about a year before that. They don't, however, have the houses on the other three sides of the square (or, in fact, the roads for two sides). They also don't have the road that runs around the back of ours, or any of the 23 houses on those roads, or either of the blocks of flats. Oh, and the roads that they do have are in the wrong place and include a large road where there's now a block of flats, two small roads over a park, and one through someone's house. Now, compare that to OSM: They have all of the roads, house numbers for all of the houses and one of the blocks of flats, the footpath that cuts through one row of houses to the row begin, the park in the middle of the square, and the footpaths across the park. The other block is in a part that is marked as under construction, so I at least know that the map might be wrong (Google doesn't even appear to have any indication of construction work). We moved from around the corner and the Google Maps data there is weirdly wrong. It's as if they tried to draw a map by asking drunk people where things are: there are no gaps between buildings that have a driveway between them, there's a take-away at the wrong end of a row, and so on.
Some of the buildings on Google Maps are extruded, but not consistently and they don't appear to have any correlation with the heights of the buildings (three story house: flat, 1-story shop next to it: extruded).
They ship a bunch of FreeBSD code, so maybe they'll also adopt our unofficial motto: Everything is fine!
I remember Word 2.0 for Windows as a pretty solid piece of software. It ran happily on a 386 with 4MB of RAM and about the only feature that it lacked that modern Word has is the ability to underline words with spelling errors automatically in the background. I moved to ClarisWorks on that machine, because it did most of what I wanted and the whole office suite was smaller than Word, but I missed a few things in Word when I did.
It's also worth remembering what they're compared to. Classic MacOS had a more consistent UI than Windows (and didn't get the buttons on dialog boxes back to front), but it crashed a lot. Possibly even more often than our old friend General Protection Fault visited Windows 3.1. RiscOS was probably the nicest system from that era, but most apps were hand-coded ARM assembly and that didn't really scale to more complex programs.
Here's another: macOS 10.13, if you have an external display and scaling enabled, one core sits at 100% all of the time in the window server. Lots of people have reported it, but I don't believe it's fixed yet. It basically means that you can't use an external display (e.g. a projector) while on battery, and if you do anything computationally intensive then expect it to be slower.
On the plus side, this bug meant that I didn't update to 10.13 and so missed out on the root login bug...
I don't know if it's exploited in the wild, but a couple of months ago there was a vulnerability in XPC. This is the framework that all sandboxed iOS / macOS applications use for communicating between privileged and unprivileged components, so is useable by any sandboxed app. Any malicious app that you had installed until that update would have been able to compromise the kernel.
There have also been a couple of GPU driver bugs that I know of that allow kernel privilege escalation.
The iOS sandboxing support is pretty solid overall, but it does rely on the kernel not having security vulnerabilities.
The odd thing with Windows Phone was that they underestimated the value of the ecosystem. My partner had a Nokia 1020, which had a nice UI and a great camera. She'd have kept using it if not for the fact that it didn't support newer versions of TLS and so increasingly couldn't connect to online services (for example, it couldn't connect to my mail server, because I disabled all vulnerable protocol versions and it didn't give a useful error message so it took ages to figure out that this was the reason).
For all of the time that she owned it, there were basically no useful third-party apps. Actually, there was a musicpd client (unlike iOS), but that's about it. Now she has an Android phone, which she generally likes less, but when she needs an app for something it probably exists (and most of the time it even exists in F-Droid).
The competent among us know how to produce GREAT software
Care to share your secret? What do you do when working on large (10 million or more lines of code) codebases that ensures that there are no security-related bugs?
And, apparently, this abomination is really just a badly written musicpd client with integration with some remote cloudy crap. Slow news day?
The first is to use lossy compression. This trades space for both audio quality and processing overhead.
The second is to use lossless compression. This trades space for processing overhead.
The third is to use no compression. This uses more space, but has no quality or processing overhead.
Given the sizes of modern disks, the last one seems like a good option, except that it's never quite that clear cut. The CPU overhead of decoding something like FLAC is pretty much negligible these days: even on a mobile device, the difference in power consumption between decoding FLAC and an idle but powered core is likely to be difficult to measure. However, the cost of pulling data from disk / flash and storing it in the buffer cache is a little bit less trivial. If you can keep the data compressed on disk, you use less power to move it to RAM. Even better, you're typically DMAing from cache these days, so you also use less power to move the data from RAM to cache, decode a block, and then DMA only the decoded data.
TL;DR: There is basically no disadvantage in using lossless compression unless it is very computationally expensive on modern systems, and there are several advantages.
It's a shame musicpd doesn't get more attention. It's been around for ages and there are a bunch of clients (Mac, Windows, *NIX, Android, though strangely not iOS, and some web-based ones). I have it installed on my media centre box and also on a RPi in another room (which accesses the same music library over NFS). I can control the music from pretty much any computer in my house.
The clients are generally written for each platform, so don't suffer from the bloat of something like Electron. You can run it locally too, and quit the UI entirely without stopping music playing.
Connectivity is not the problem. I can reach millions of web servers, that doesn't make the browser more complex.
It does. A modern browser splits itself into multiple processes and runs most of them with very little privilege precisely because of this. Out of those millions of web servers, the probability of at least one of them trying to attack the browser is approximately one. Browser writers know this and so have multiple layers of defence. They know that in the (roughly) 30 million lines of code in a typical browser, at least some of them will contain security vulnerabilities and so they try very hard to ensure that when (not if) a renderer process is compromised, there isn't much that the attacker can do with it. This doesn't always work: for example, someone compromising your gmail tab with a malicious image that exploits a libpng arbitrary code execution vulnerability can still log into the Play Store and replace your Internet banking app with a trojaned version.
If web browsers didn't need to exist in such a hostile environment, they'd be a lot simpler. Unfortunately, most IoT devices exist in a similarly hostile environment, yet don't add the complexity required to deal with it. Many of them use simple cores that don't even support process-style isolation of components.
The second problem is the lack of knowledge in consumers. Given two pieces of software that fill the same function, do you have any mechanism to say which one is likely to be more secure? Creating good metrics for evaluating software security is an open research question in cybersecurity. When we don't even have research that can do the comparisons usefully, expecting consumers to make informed decisions with no information seems a bit of a stretch.
Partly. Software engineering is a very young discipline and we still don't really know how to make good software. We know a few things that are pretty much guaranteed to make terrible software, but the closest thing to a process that produces bug-free software is that used by the seL4 team, which is estimated to cost around 30 times as much as a conventional process with a very good set of automated tests.