You clearly didn't read my post, nor have you looked it up. You should know from our previous discussions that if you don't read my post, I don't read yours.
Yup, as I suspected (my "ESP" must be on HIGH setting, eh?) - you're just another "Script Kiddie" trying to play "expert" with me...
Do "Script Kiddies" generally know what "Turing-complete" means?
If you insist, I'll list the languages I have actual experience in. Just because I know MVS assembly doesn't mean I prefer low-level drudgery to high-level application development. Indeed, working at a higher level can improve security -- I actually cannot write a buffer overflow in the languages I use most often.
Before you say it: can improve security. If you're writing raw SQL by concatenating strings in the middle of an HTML template, you're Doing It Wrong. You can write COBOL in any language, just as you can write LISP in any language. I measure languages by how easy they make it to write secure, stable, maintainable code.
IF you were ANY GOOD? You'd have KNOWN
This isn't a logical fallacy, but it's something seriously limiting your personal growth. You assume that merely because someone disagrees with you, they're wrong and stupid.
Sure, sure... I only stated facts
Fact: I went from no knowledge about Chrome extension development to a working adblocker in only a few hours.
Fact: I am currently fluent in five separate programming languages, and decent at an additional eight. These aren't just Algol-derivatives -- it's everything from assembly to Lisp and Erlang.
Stating facts doesn't make the act less egotistical, which is why I didn't mention either of these except right now. I'm mentioning them now, not to show you how great I am, but to show you what bragging looks like. It looks just like your list of publications which you drop at every turn.
it's just as good as WIRED is
Ah, but now we're back to only your word for that. Kind of circular, isn't it? You're so knowledgeable because you were published in WELT, and WELT is so great because you say so?
Well, I don't toss names in Ad-hominem attacks as you do out of frustration
Actually, yeah, you do. You did in this very post:
probably while you were still in diapers I also strongly suspect
Not your worst, and I won't speculate as to your motive, but there you go.
As for things NOT "GOING MY WAY"? Well, this appears to the contrary once more in my favor
Are you going to claim you have a perfect life? If not, answer the question -- note that I qualified it with when.
It seems you don't realize what they are, even though I've explained them to you at least once.
You're violating a basic tenet of it
Swing and a miss. Ad-hom is far from a logical axiom. It's not even always fallacious. When it is, it's a specific case of non-sequitur.
you cannot produce proof of your successes in the art & science of computing
There is a difference between "cannot" and "don't care." While we're on the topic of logical fallacies, half of what you say is an Argument from Authority.
Most people don't quote others by adding a "-by" and a timestamp. In fact, I've never seen anyone but you do it.
Ok, now onto your contradicting your OWN words
You are really going to have to explain how these contradict.
All exploits eventually touch the local system, of course.
What about this contradicts the definitions I gave?
They do, and they ALL really "boil down" to being LOCAL in order to work, period.
Another failure at basic logic.
They all boil down to being local in order to work. However, that does not mean a local exploit "boils down" to being a remote exploit.
Basic composition fallacy on your part: All tigers are cats. That doesn't mean all cats are tigers.
You have not yet provided a shred of evidence or argument that local exploits are as bad as remote exploits. Please state whether you believe local exploits are just as bad as remote exploits.
You're hilarious at this point... one contradiction after another!
You just made a composition fallacy. Not even that -- composition fallacies are slightly more sophisticated than the mistake you made. Calling me self-contradictory after that is downright projection. I hereby dub you the NephilimFree of computer security.
No American hospital ever has to worry about whether an insurance company (or uninsured patient) will pay for a procedure or not.
Mostly because the truly uninsured, those who are actually incapable of paying, are paid for by the public anyway. If you truly want to keep healthcare a private industry, stop funding emergency rooms and start turning people away at the door because they don't have an insurance card.
If you don't like that, maybe you could look at the actual economics here: Proper medical care results in fewer emergency-room visits. If the public is going to pay for someone's healthcare anyway, it costs less in public money, not more, if you can keep it from becoming an emergency.
Because they have a Dr. for a prefix and a MD for a suffix to their name they act like they are the smartest person in the world.
They've been through medical school, so yeah, I'd say they are some of the smartest people in the world. I'm not saying they have the right to be assholes, but it seems like elitism is justified here.
They often hide the fact that they are jerks under the catch phrase "lives are at stake". Which is a medical term for "Think of the children" which also means "I want to do it the way I want to".
Except that "lives are at stake" is likely to actually be true. Do you have a specific example of where "the way I want to" is actually arbitrary?
Forcing them to be polite while seems like just a silly step is actually quite powerful.
I don't think it's likely to accomplish what you're suggesting. At best, it'd get them to grudgingly start saying please and thank you -- and would you really rather have a sarcastic "please" than none at all?
the work being done is done for the doctors benefit at the expense of someone elses time. Vs. Just shooting out orders that says you are here for me and just me.
Versus, say, you're all there for me, the patient.
At work we have a policy if a doctor is calling and is cursing and yelling at us without giving us any useful information we can tell them to call back after they have calmed down then we can help you.
That part is key. Also, "cursing and yelling" is something you might actually complain about, compared to "not saying please."
So, erm, do you have anything to say of your own, or are you just a sock puppet for APK?
That entire run-on paragraph was pretty much a straight reiteration of what APK feels are his best arguments. Since about two or three posts in, neither he nor you, if you are indeed a separate person, have added anything to the discussion other than re-iterating your arguments and calling me stupid for not getting them.
I think that at this point you can cease attempting to troll this anonymous coward akp because he has literally destroyed every argument you have tried on him
Bahahaha... you didn't even change your style much, APK. Same style of quoting me, only without the bold and the signature.
But of course:
It's obvious what you admitted in that your remote exploits you said were that only are indeed local ones.
Erm, what?
Here, maybe I can say something unambiguous even to your quote-mining, for once:
A remote exploit is an exploit which can be triggered remotely, without having access to an OS-level user account on the system being attacked.
A local exploit is an exploit which can give an OS-level user account the ability to do more than they should.
Based on the above definitions, if a hypothetical system had only local exploits, but no remote exploits, then no one could exploit the system unless they already had some sort of access.
And based on that, remote exploits are generally more severe than local exploits.
What about this is untrue, or inconsistent with my position throughout, or has been "destroyed"?
If you want to make a good interface for your application you should be writing it separately for each platform.
I strongly disagree.
Yes, you should be adapting it to each platform. Yes, I can see where Apple purists would be annoyed that people don't, and they're downright gleeful that people are forced to properly support iPhone.
No, you should not have to rewrite every single UI component when porting between two very similar platforms.
Core logic should be written in a way that it can be used on multiple platforms, which usually means C or C++.
Or higher-level languages like Java, Python, Ruby, etc. For most apps, C, or even C++, is a terrible choice. That was my point.
And that's where this seems precisely the opposite of the way it should be. The UI gets written in high-level languages like Objective-C and Java, for even higher-level toolkits -- in most business-y apps, you want the UI to be fast, responsive, and asynchronous, so the user isn't kept waiting. In games, you want the UI to be even faster, as that includes all your 3D stuff. In either case, it's very rare that you want your model to be very low-level.
No, I was talking about the iPhone. It's not just Objective-C or GTFO. From this page (haven't seen the agreement itself, it's surprisingly difficult to get if I don't want to actually become an iPhone developer):
Applications must be originally written in Objective-C, C, C++, or JavaScript as executed by the iPhone OS WebKit engine...
So it's Objective-C, C, C++, JavaScript on WebKit, or GTFO.
Still sucks, but it's at least theoretically possible to develop a cross-platform C or C++ app, assuming the other platforms allow them.
Which still sucks sucks -- basically, your UI gets to be rewritten entirely for each platform, and your "business logic" has to be written with the "native toolkit", in one of the lowest-level languages you could use, which is the exact fucking opposite of how it should be.
Reason No. 1: Flash's sub-pixel resolution and anti-aliasing: Seriously?
From TFA:
The spec does allow floating point numbers, but the numbers between the integers tend to be ignored or rounded off in a slightly different way by different browsers.
The solution, then, would be to improve the way browsers handle this. Besides, why are you doing pixel-based layouts anyway?
For reason number two, TFA says:
Some browsers are fast and some are slow. Some operations are quick on one browser and sluggish on another.
That's being worked out, and again, there's choice. With Flash, some things are quick on one OS/driver combination, and slow on another.
To make matters more complicated, not every browser implements every feature in exactly the same way, a problem that shouldn't be surprising to JavaScript developers. There are good efforts to simplify this with intermediate libraries like Processing.js, but even these can't handle every combination.
Not for long. Flash is something which attempts to be cross-platform, as in, works on Windows, Linux, OS X, Android, etc. Browsers are a hell of a lot more similar than OSes. If Flash can do it, JavaScript libraries should have a much easier time of it.
The author flat-out admits this:
Flash isn't immune to the complexity brought to us by the proliferation of operating systems and browsers, but it has been dealing with them for much longer. When the Flash plug-in doesn't crash, the results are slicker, smoother, and more consistent.
And of course, sometimes, the Flash plug-in crashes. And anywhere but Windows, the results are certainly not slicker or smoother. And nobody's mentioned SVG.
Point #3 I'll give them, but TFA also mentions:
Adobe is hedging its bets and building HTML5 support into Dreamweaver so that you can continue to use Adobe's tools and enjoy the flexibility.
And I wouldn't doubt there will be other tools just as good or better.
Point #4 -- totally agree. I'm always annoyed when I see Flash-ified headers, just to get the fonts right.
Reason No. 5: Flash is write once, play everywhere: More like write once, play anywhere that runs Flash.
Whereas HTML is write once, play everywhere that has a decent web browser -- for which you have multiple options.
Reason No. 6: The Flash commercial ecosystem: Ok. I don't know if this is an actual benefit, or if you lose more support through being semi-closed than you gain by having some commercial support.
In fact, I'd call it a detriment -- why would I go for a proprietary photo viewer over an open one? It's not like my website is just a photo viewer, is it?
Reason No. 7: Flash's game engines: I don't get it. Why is he talking about "Born to Run"?
#7 is a joke. He's just saying if JavaScript wants to be taken seriously, someone should make a JavaScript game "engine" and call it an engine, instead of a library.
There is one popular computing platform that requires all programs to be written in Objective-C.
Does it? I thought Apple allowed a few other languages, like plain C/C++...
So if I want to develop an application for both of these platforms, in what language should I express the business logic of the application so that it can be automatically translated into Objective-C and into a CLR-friendly language?
Unfortunately, the answer would probably be XML. Lots and lots of XML. Just make sure it's not Turing-complete...
A saner answer (but one I like less) is to develop something which compiles Objective-C to CLR. Maybe it'd work at a higher level (compile Objective-C to C#), or maybe at a lower level (translate Objective-C bytecode to CLR), but either way, that's your only option, because the iStuff is the only platform which actually bans source language. If they found out you did it the other way around (starting in C# and compiling to Objective-C bytecode), they'd kill your app.
Yes, as per usual from you? NO PROOF when it's requested...
You requested proof of a position I didn't hold, which is that there is an explicit, written rule that says exactly what you were suggesting. You also haven't addressed what I pointed out, which is that you're exploiting a weakness in a system obviously put in place to enforce something.
Are opinions on how crazy something sounds only valid if they come from a PHD? Appeal to authority.
Again, I use quotes as a form of emphasis is all, get used to it. Many others do as well...
Can you provide an example?
Using language incorrectly, and saying it's just your "style", doesn't make it correct.
Right, but, how many write as I do
How many have tried?
which you complain endlessly on, to the point of calling me names...
I was calling your style a name, and that's an important distinction. Even so, are you saying you're proud to write like an autistic 12-year-old boy?
LMAO - ah yes, the LAST RESORT OF THE DEFEATED TROLL, along with name tossing, now in your "grammar & spellcheck + writing style critique", lol... care to show us your PHD in English...
Another appeal to authority, along with a non-sequitur. You haven't even demonstrated that I'm a troll.
or that this is the "english grammar, spellcheck, and writing style section" of this forums?
I may actually be offtopic. First valid point you've made this post.
Is that the "best you've got"?
You know, it's more than a style thing, it's downright dishonest. A casual reader might be inclined to think you're quoting me -- that I somehow said somewhere that this was the best I've got.
I mean, hey - Your technical know how has been shatttered & destroyed by myself (and others too
If by "others" you mean "one other AC who may have been you," sure.
In fact, you've done similar things in the past, though I can't remember exactly when or where. I distinctly remember you posting something without signing it, and admitting later that it was you, just trying to see if a different writing style and lack of a signature provoked a different response.
While I was maybe a bit kinder towards the new person, my position on the technical issues didn't really change.
It was a similar situation, too -- an AC who posted on a thread that was buried and deep, the kind that is very rarely touched by anyone except me and the one other person I'm still talking to -- which makes it all the more likely that it's you. Yet I haven't assumed, I only asked the question.
Also interesting that this other AC hasn't been back at all, even to clear your name, not that it would really help.
Please... ask your "precious moderators" if that is an IP I use, ok?
Moderators can't see IPs.
YOUR TROLLING PERFORMANCE IS DOWN LATELY!
And now you seek to establish that not only have I trolled you here, but that I habitually troll people. Care to show any evidence of that?
Of course, this was never about truth to you. It was about winning:
I gotta say this too: "too, Too, TOO EASY", just too easy for me to do, as per usual, vs. yourself!
It really is that important that you win, that you be right, and that you show that I'm wrong about something, to the point where you blind yourself to the areas we agree.
Regarding the subject: That is true enough. However, a logical fallacy can only affect the argument in which it's employed, or any argument that uses it as a premise.
Let me give you an example of how an ad-hominem would work: "You don't know anything about security, THEREFORE what you said is wrong." You've strongly implied these, but I don't think you've outright said one yet.
I challenge you to find me committing this fallacy. You'd have to find somewhere I say "You're wrong because <insult>." It's not just me calling you <name>, it's me saying you're wrong because you're a <name>.
Now you're just a moron.
I don't think you're going to be able to successfully "double-talk" your way out of that!
That's not followed by any sort of "therefore."
It's interesting that you seem to have this idea of "double-talk" -- as if my attempts to be precise about language and terminology are trying to "get out" of something.
Put another way: If you and I met face to face, and you started insulting my clothes, laughing here and there for good measure, I wouldn't want to hang around you. You might insist that I know it's true, and that I should listen to you, you're a fashion designer, whatever, but if you start off with "That shirt looks like dog shit," I wouldn't be inclined to listen...
Well, then you had best "thicken your skin", because sometimes? Folks have opinions...
If you occasionally joked about my clothes, fine. (I use clothing as an example -- most of them, I really don't care.) If you merely had an opinion, like, "That shirt really doesn't look good on you," that'd be considered rude by most, but I'd probably be thankful for the advice. If you instead said "That shirt is dog shit," I'd be annoyed, but it's not like I'd run home crying.
But if you repeatedly say shit like that, snide little remarks all the time, then yeah, I'd be gone. There's having a thick skin, and then there's choosing to hang out with people who aren't assholes.
Also, interesting double-standard. You start with "open sores", and when I say "Don't be a dick," you suddenly get defensive and shout "Name-caller!" Thicken your own skin.
You know, you "busted my balls" for using the term "Open Sores", but they CAN be that...
Nope, it's still a pretty damned insulting analogy. Let me put it this way:
"Does this dress make me look fat?" "*gulp* It's... maybe we should try another one."
vs:
"Does this dress make me look fat?" "No, your ASS makes you look fat!"
Sometimes it's not what you say, but how you say it.
Where? I mean, fine & dandy YOU merely SAY that, but I'd like to see where I did so...
"Open sores" maybe? Sure, it's calling a thing a name, and not a person... But there's also this:
it doesn't sound as if you've had any professional experiences in "pen testing" based on your replies here.
No overt names being called, but both of those were unnecessary. I admit I may have exaggerated a bit -- I get frustrated by people who simply repeat the same arguments I've refuted multiple times, hoping that maybe this time I'll "get it".
Again: People who use terms like "M$" tend to get downmodded.
Whoosh, that's rather lame... after all, Microsoft IS A BUSINESS, and is ALL ABOUT making "$"... one of the wealthiest corporations on the planet, so I'd actually take THAT as a compliment!
I suppose it's about more than just the term. I can point you to posts like that, but the usual implication attached to it is that Microsoft is all about money, that they're otherwise evil and incompetent.
Beside the point, though. You're asserting that there's some massive mod bias, even conspiracy, that'll have you modded troll every time. Th
It's not, you "know my style" by now (I quote you, in bolds with quote marks etc. et al, & I 'sign off' on my posts, always...
I don't know you well enough to take you at your word for that.
YOU FINALLY NOW ADMIT THIS:
Only, you didn't (or rather, lol, WOULDN'T) admit it to me in our other exchanges here!
What is it you think I claimed?
You now, finally, admit that even a "remote classified exploit", such as let's say, a bogus DIV tag in a malscripted webpage with an invisible frame and bad code or a bad binary sent your way in it, can f' you up
Yeah, I never said a remote exploit couldn't happen. I also never said someone who'd used a remote exploit to gain local access couldn't cause havoc with a local exploit. Getting me to "admit" something obvious that I was never arguing against is not a victory for you.
Also, that's your strawman limit. Sorry, ignoring the rest of your post.
If I don't, repeating the same bullshit for the third time in a row won't change my mind. It'll just show where we actually disagree. (Hint: It is possible for two people to understand an issue and disagree.)
Do you write code (if so, I'd like to see an example as proof of it, and I don't mean scripts (equivalents to batch files)??
I do code. You'll have to define what you mean by "scripts" -- even Bash is Turing-complete.
I also have nothing to f to you, especially if you're too lazy to Google me.
That is MUCH EASIER TO SPOT, in an app with its SOURCE OPENED
Easier to spot, and also easier to fix. When it's as easy to spot as you suggest, it's not going to survive long, particularly in a well-known open source application.
what on EARTH makes you think doing a LOCAL DOS is any more difficult OR DIFFERENT than a remotely done one?
It requires a local account. I can't believe you still don't understand this, especially since the website you linked to seems to have a pretty thorough understanding.
Say it with me: "Local" does not mean "LAN". It means LOCAL MACHINE.
I can still "suck up" connections from say, a webserver, and render it essentially inoperative & unable to field ANYONE's requests, from within a local network, same as I can remotely!
*facepalm*
Yes, remote exploits also work locally. That doesn't imply local exploits work remotely, which is what you're trying to illustrate.
Secondly, I don't use Wi-Fi
Not using an exploitable feature makes you secure! Who knew?
Most people use Wi-Fi, so this is relevant. Or does your guide tell people "Don't use Wi-Fi if you want Windows to be secure"?
You just described how easy it was to fix an exploit. I was describing how difficult it is to exploit something in the first place, whether or not it can be easily resolved. Those are completely orthogonal.
The point was that IF you have a workaround for a known exploit (such as AERO's)? You can secure yourself with said workaround... how hard is THAT to understand for you?
Ok, this is going to take some translation:
Me: It's hard to exploit X. You: You can secure yourself against exploit Y. Me: What? That had nothing to do with what I said. You: How hard is it to understand? You can secure yourself against exploit Y. Me:...
Hmm, no, let me try again. Maybe this is what happened:
Me: It's hard to exploit IDE-CD. You: Oh yeah? Well you can secure yourself against the AERO exploit, so the AERO exploit isn't worse than IDE-CD.
If I have to do that much work to understand you, you fail at communication. But sure, I'll bite: Even if I configure IDE-CD in its least secure mode, there are still two things which have to happen:
First, you have to get a local user account. IDE-CD isn't visible from the network, and webpages have no access to it, JavaScript or not.
Second, you have to get some blank media in the CD.
Third, you have to somehow burn something malicious onto said media.
And you have to do all that without the user noticing.
Oh, but it gets better. IDE-CD doesn't come that way out of the box -- the distros I've used restrict it to a "cdrom" group, which is also allowed to burn stuff. And it only works on a subset of hardware -- specifically, those with an IDE CD burner. I'm not even sure this particular driver is used on every system which has a CD burner plugged into IDE anyway.
Now, contrast this to Aero -- it can be exploited from within a browser, even with Javascript etc disabled, so it's easier to exploit when vulnerable. It's enabled by default, and it's a significant loss of functionality to disable it -- thu
What, you don't think moderating for content is a good idea?
Put another way: If you and I met face to face, and you started insulting my clothes, laughing here and there for good measure, I wouldn't want to hang around you. You might insist that I know it's true, and that I should listen to you, you're a fashion designer, whatever, but if you start off with "That shirt looks like dog shit," I wouldn't be inclined to listen, and I would be inclined to tell people you're a dick.
That's how moderation works. That's why we have things like "troll" and "flamebait". Having technical content doesn't automatically mean you're not a troll.
Sure is, and I will be nice until it's time, to NOT be nice (such as when others start calling me names, and up until now, you didn't but, as usual?
As usual, you started that. Also, saying "You're being a dick" is not namecalling. It's a slightly ruder way of saying "you're being obnoxious", which is not even a personal insult. This, however, is: If you got out more, you might realize that people say "Don't be a dick" to each other often enough, without taking it personally.
Doesn't matter to me IF I get "downmodded"... especially for reasons like you are noting, lol, that I have basically "upset the ANTI-MICROSOFT, FireFox, + LINUX fanboys & zealots" around here.
Again: People who use terms like "M$" tend to get downmodded. People who create posts which are 50% inflammatory bullshit, 10% interesting, and the other 40% just a boring repeat of those 10% get downmodded on pretty much any topic.
As far as trying to tell me that others here actually favor Microsoft?
I didn't say that. Learn to read. Hint: It's right there above.
Extra hint: The mods are pretty good, most of the time, at moderating based on content -- on how you say what you're saying, and whether or not it's actually interesting, insightful, etc -- whether or not they personally agree with what you're saying.
I've seen people say things very pro-Microsoft and anti-Linux, which were modded +5 insightful, and I agreed with the mod. You write like an autistic 12-year-old boy, so even when I agree with you, I'd also downmod you.
Yet you seem to assume that every single moderation is "I agree" or "I don't agree". Nope, this isn't Digg.
Bypassing the written and unwritten (but obvious) rules of a community because you don't agree with how you're being moderated.
They come with a price: YOU are EASILY TRACKED
So are you, so long as you sign your posts. The only difference is that you can't even provide rudimentary assurance that you're the same person I was talking to yesterday.
I am the ONLY thing here that is FREE (Truly Free).
Do you realize how crazy that sounds? You're not the only AC, dude.
"elitist registered user account"
Quotation marks. So who are you quoting?
I can also collect up credits on my upwards mods this way too, by signing off on my posts - that way, nobody can say it was or wasn't me that was modded up
Sure I can, mostly because there's nothing stopping anyone else from signing their posts "APK".
I have been doing this for YEARS here, bypassing the 10 posts per 24 hour limit unfairly imposed on us registered users, so show me a "rules" that says I cannot do this...
Translation: "I don't understand how plurals work in the English language, and I think that getting away with something for years means it's OK."
I have asked others before to show me such a rule, EXPLICITLY WRITTEN,
It's filed under "Don't be a dick." Or did you think the limit was there for no reason?
Put another way: If you come across a weakly-secured WEP network, and you crack it, do you say "Show me a rule, EXPLICITLY WRITTEN, that I can't leech your Internet"?
As you point out, posting anonymously makes you immune from karma, friends/foes and bad reputations, which means, as you say, you're harder to track. There's a reason for making people easier to track -- it helps prevent abuse.
you don't possess the intellect
Throwing unwarranted insults tends to get you downmodded, but apparently you don't possess the intellect or social skills to understand that.
Sorry, what? I get less than 40 ms ping to Google most of the time, and that's from places which are not actually Google. Latency within a LAN is not going to be significant when we're talking about running GCC.
the dependency on local network availability,
I can't code either when the power is out. And again, this is Google -- network availability is not going to be a problem.
the fact you'll probably need to share a development cluster with way too many other projects.
Idle speculation.
I'm not aware of any modern operating system that prevents the user from using it.
You seem to have a very narrow definition of "using it", by which I'd have to assume you'd also say the same thing about iPhone OS. But I still have to ask, when was the last time a program you wrote needed to run in Ring 0, or even as root?
A modern O/S will provide a degree of isolation from the hardware, I agree. But we were talking about sandboxing which provides an additional layer of abstraction,
A quantitative, not qualitative difference.
and blocks access to the OS as well.
Just as the OS "blocks" access to the interrupts.
with the platform itself blocking access to the underlying hardware and O/S
Do note the emphasised portion.
I did. Unless you're developing kernel modules, you're working with precisely the same sort of restriction -- you're blocked from the underlying hardware and from lower layers, like OS internals. Again, we are talking about a quantitative difference -- you're bitching because it's more layers, and you feel some need to be "closer" to the hardware, not because what an OS does is fundamentally different.
What, were you expecting to toggle code in via the front panel?
I'm not sure I understand where all this attitude is coming from... did you just get out the wrong side of bed, this morning?
Probably did, but it doesn't make this less valid.
That is: If you don't plan to toggle code in via the front panel, exactly what part of "developing code for a platform, while working on that same platform" makes any sense whatsoever? Were you suggesting that it's easier to develop for Linux while running Windows?
It may seem that I'm being sarcastic here. I'm not. I actually have no idea what "developing code for a platform, while working on that same platform" has to do with anything, even when combined with the "blocking access" part. It seems to me that if "blocking access" was an issue, that'd be orthogonal to whether you're developing for platform X while working on platform X.
I don't think they're actually doing this for serious development work, not yet....
Thank you. That was my entire point. They're not doing this yet....
Nope, you're still saying something different.
I don't think they're doing this, but it seems entirely possible that they could be doing this by now.
there are apt to be problems in this area because it's not a use case the designers originally had in mind.
I also didn't say anything of the sort -- I'm not convinced that it's a good idea, but that doesn't mean I automatically think it won't work, or that there will be problems, or even that it's a bad idea. I'm just not convinced that it's a good idea.
You're asserting they're not doing this, and it's a bad idea. You might be right, but I'm asking you to justify it.
I realize I was probably trolling by calling emacs "legacy", because neither emacs nor vi(m) can ever truly become "legacy" any more than Unix itself. But there are, sadly, plenty of COBOL programs which are actively maintained.
Well, I'm assuming that no one wants to run GCC through a web front end, for starters.
And why not?
This is Google. They're known to write code in all sorts of languages.
They're also known to run it on massive clusters of computers. I remember a quote saying something like "There are no interesting problems left which can be solved with a single computer."
Given that your code is probably going to run on a cluster, why wouldn't you write it on a cluster?
Now, I'd personally rather have a more powerful workstation on which I can run several VMs, simulating a cluster, and then deploy to a real cluster when I'm ready, but that doesn't mean it's the only way to do it.
Which isn't to say they don't have a really good web-based IDE in house, of course. But I'd hate to have to work that way myself.
I'd again have to ask, why is that?
Developing code for a platform, while working on that same platform, with the platform itself blocking access to the underlying hardware and O/S? Sounds clumsy, and an utter pain when it comes to testing...
Sounds exactly like any modern OS.
Oh, and the first part you said makes no sense. Developing code for a platform while working on that same platform? If you're using gcc, you're doing exactly the same thing -- writing Linux programs while running Linux. What, were you expecting to toggle code in via the front panel?
Now, if you mean the development of the platform itself? Sure, that's annoying, in the same way that kernel development is annoying.
a second box and remote compile everything.
And why's that a problem, especially when we're talking about Google, at which that "second box" could easily be a cluster? A second box for you sits mostly idle until you've got something to compile. Share the cluster with all their developers, and it gets significantly more efficient.
From what I gather, the ChromeOS interface wasn't designed with systems developers in mind.
Definitely not, but I think that's a UI thing. I don't think a browser-based UI would necessarily lose, it's more Chrome's entirely tab-centric UI I don't like.
Now I don't think they're actually doing this for serious development work, not yet. I'm not convinced it's a good idea. But I don't for a second think it's impossible, and I'm not even sure it'd be that bad.
Oh, I get it -- it would be insanely slow to load. If nothing else, think of it locally generating all that base64-ness, which the browser then has to decode again before displaying.
But at the same time, in my experience, Flash is still significantly more CPU-intensive than the browser playing the same content, and native players are several times faster still. HTML5 could be optimized to be faster, and there are, what, four competing implementations?
So this will probably be slower to load, but also will probably run much faster, given how slow the Flash player itself is. (Unless it's a fundamental design problem with the flash format and specifications, and a fast Flash player is actually impossible...)
Maybe I'm just not looking, but how many Christians would like to see those laws include a death penalty for rejecting your religion?
You have to build up to that.
I'm well aware. As are the upper-middle-class American Muslims I've spoken to who would ilke to see Sharia happen here. They acknowledge that it's their goal, and they also acknowledge that it'll take awhile to build up to that.
I hear Fox News is working on the problem already.
So maybe the difference is that the Muslims are honest about it... Still, I wonder how many of them consciously realize that they're moving in that direction. How many people today, even at Fox, would go out killing gays just because it's legal?
I know I've seen a clip with a Fox anchor in a shouting match with someone from the Westboro Baptist Church. Apparently, Fox doesn't think gays should marry, but they draw the line at saying God hates them.
Slashdot Mirror
I second that, but I think it needs more. How about Crudely Overused XML?
That's an ad hominem attack
You clearly didn't read my post, nor have you looked it up. You should know from our previous discussions that if you don't read my post, I don't read yours.
Yup, as I suspected (my "ESP" must be on HIGH setting, eh?) - you're just another "Script Kiddie" trying to play "expert" with me...
Do "Script Kiddies" generally know what "Turing-complete" means?
If you insist, I'll list the languages I have actual experience in. Just because I know MVS assembly doesn't mean I prefer low-level drudgery to high-level application development. Indeed, working at a higher level can improve security -- I actually cannot write a buffer overflow in the languages I use most often.
Before you say it: can improve security. If you're writing raw SQL by concatenating strings in the middle of an HTML template, you're Doing It Wrong. You can write COBOL in any language, just as you can write LISP in any language. I measure languages by how easy they make it to write secure, stable, maintainable code.
IF you were ANY GOOD? You'd have KNOWN
This isn't a logical fallacy, but it's something seriously limiting your personal growth. You assume that merely because someone disagrees with you, they're wrong and stupid.
Sure, sure... I only stated facts
Fact: I went from no knowledge about Chrome extension development to a working adblocker in only a few hours.
Fact: I am currently fluent in five separate programming languages, and decent at an additional eight. These aren't just Algol-derivatives -- it's everything from assembly to Lisp and Erlang.
Stating facts doesn't make the act less egotistical, which is why I didn't mention either of these except right now. I'm mentioning them now, not to show you how great I am, but to show you what bragging looks like. It looks just like your list of publications which you drop at every turn.
it's just as good as WIRED is
Ah, but now we're back to only your word for that. Kind of circular, isn't it? You're so knowledgeable because you were published in WELT, and WELT is so great because you say so?
Well, I don't toss names in Ad-hominem attacks as you do out of frustration
Actually, yeah, you do. You did in this very post:
probably while you were still in diapers I also strongly suspect
Not your worst, and I won't speculate as to your motive, but there you go.
As for things NOT "GOING MY WAY"? Well, this appears to the contrary once more in my favor
Are you going to claim you have a perfect life? If not, answer the question -- note that I qualified it with when.
It seems you don't realize what they are, even though I've explained them to you at least once.
You're violating a basic tenet of it
Swing and a miss. Ad-hom is far from a logical axiom. It's not even always fallacious. When it is, it's a specific case of non-sequitur.
you cannot produce proof of your successes in the art & science of computing
There is a difference between "cannot" and "don't care." While we're on the topic of logical fallacies, half of what you say is an Argument from Authority.
And, you don't quote others?
Most people don't quote others by adding a "-by" and a timestamp. In fact, I've never seen anyone but you do it.
Ok, now onto your contradicting your OWN words
You are really going to have to explain how these contradict.
All exploits eventually touch the local system, of course.
What about this contradicts the definitions I gave?
They do, and they ALL really "boil down" to being LOCAL in order to work, period.
Another failure at basic logic.
They all boil down to being local in order to work. However, that does not mean a local exploit "boils down" to being a remote exploit.
Basic composition fallacy on your part: All tigers are cats. That doesn't mean all cats are tigers.
You have not yet provided a shred of evidence or argument that local exploits are as bad as remote exploits. Please state whether you believe local exploits are just as bad as remote exploits.
You're hilarious at this point... one contradiction after another!
You just made a composition fallacy. Not even that -- composition fallacies are slightly more sophisticated than the mistake you made. Calling me self-contradictory after that is downright projection. I hereby dub you the NephilimFree of computer security.
No American hospital ever has to worry about whether an insurance company (or uninsured patient) will pay for a procedure or not.
Mostly because the truly uninsured, those who are actually incapable of paying, are paid for by the public anyway. If you truly want to keep healthcare a private industry, stop funding emergency rooms and start turning people away at the door because they don't have an insurance card.
If you don't like that, maybe you could look at the actual economics here: Proper medical care results in fewer emergency-room visits. If the public is going to pay for someone's healthcare anyway, it costs less in public money, not more, if you can keep it from becoming an emergency.
Because they have a Dr. for a prefix and a MD for a suffix to their name they act like they are the smartest person in the world.
They've been through medical school, so yeah, I'd say they are some of the smartest people in the world. I'm not saying they have the right to be assholes, but it seems like elitism is justified here.
They often hide the fact that they are jerks under the catch phrase "lives are at stake". Which is a medical term for "Think of the children" which also means "I want to do it the way I want to".
Except that "lives are at stake" is likely to actually be true. Do you have a specific example of where "the way I want to" is actually arbitrary?
Forcing them to be polite while seems like just a silly step is actually quite powerful.
I don't think it's likely to accomplish what you're suggesting. At best, it'd get them to grudgingly start saying please and thank you -- and would you really rather have a sarcastic "please" than none at all?
the work being done is done for the doctors benefit at the expense of someone elses time. Vs. Just shooting out orders that says you are here for me and just me.
Versus, say, you're all there for me, the patient.
At work we have a policy if a doctor is calling and is cursing and yelling at us without giving us any useful information we can tell them to call back after they have calmed down then we can help you.
That part is key. Also, "cursing and yelling" is something you might actually complain about, compared to "not saying please."
So, erm, do you have anything to say of your own, or are you just a sock puppet for APK?
That entire run-on paragraph was pretty much a straight reiteration of what APK feels are his best arguments. Since about two or three posts in, neither he nor you, if you are indeed a separate person, have added anything to the discussion other than re-iterating your arguments and calling me stupid for not getting them.
I think that at this point you can cease attempting to troll this anonymous coward akp because he has literally destroyed every argument you have tried on him
Bahahaha... you didn't even change your style much, APK. Same style of quoting me, only without the bold and the signature.
But of course:
It's obvious what you admitted in that your remote exploits you said were that only are indeed local ones.
Erm, what?
Here, maybe I can say something unambiguous even to your quote-mining, for once:
A remote exploit is an exploit which can be triggered remotely, without having access to an OS-level user account on the system being attacked.
A local exploit is an exploit which can give an OS-level user account the ability to do more than they should.
Based on the above definitions, if a hypothetical system had only local exploits, but no remote exploits, then no one could exploit the system unless they already had some sort of access.
And based on that, remote exploits are generally more severe than local exploits.
What about this is untrue, or inconsistent with my position throughout, or has been "destroyed"?
If you want to make a good interface for your application you should be writing it separately for each platform.
I strongly disagree.
Yes, you should be adapting it to each platform. Yes, I can see where Apple purists would be annoyed that people don't, and they're downright gleeful that people are forced to properly support iPhone.
No, you should not have to rewrite every single UI component when porting between two very similar platforms.
Core logic should be written in a way that it can be used on multiple platforms, which usually means C or C++.
Or higher-level languages like Java, Python, Ruby, etc. For most apps, C, or even C++, is a terrible choice. That was my point.
And that's where this seems precisely the opposite of the way it should be. The UI gets written in high-level languages like Objective-C and Java, for even higher-level toolkits -- in most business-y apps, you want the UI to be fast, responsive, and asynchronous, so the user isn't kept waiting. In games, you want the UI to be even faster, as that includes all your 3D stuff. In either case, it's very rare that you want your model to be very low-level.
No, I was talking about the iPhone. It's not just Objective-C or GTFO. From this page (haven't seen the agreement itself, it's surprisingly difficult to get if I don't want to actually become an iPhone developer):
Applications must be originally written in Objective-C, C, C++, or JavaScript as executed by the iPhone OS WebKit engine...
So it's Objective-C, C, C++, JavaScript on WebKit, or GTFO.
Still sucks, but it's at least theoretically possible to develop a cross-platform C or C++ app, assuming the other platforms allow them.
Which still sucks sucks -- basically, your UI gets to be rewritten entirely for each platform, and your "business logic" has to be written with the "native toolkit", in one of the lowest-level languages you could use, which is the exact fucking opposite of how it should be.
Reason No. 1: Flash's sub-pixel resolution and anti-aliasing: Seriously?
From TFA:
The spec does allow floating point numbers, but the numbers between the integers tend to be ignored or rounded off in a slightly different way by different browsers.
The solution, then, would be to improve the way browsers handle this. Besides, why are you doing pixel-based layouts anyway?
For reason number two, TFA says:
Some browsers are fast and some are slow. Some operations are quick on one browser and sluggish on another.
That's being worked out, and again, there's choice. With Flash, some things are quick on one OS/driver combination, and slow on another.
To make matters more complicated, not every browser implements every feature in exactly the same way, a problem that shouldn't be surprising to JavaScript developers. There are good efforts to simplify this with intermediate libraries like Processing.js, but even these can't handle every combination.
Not for long. Flash is something which attempts to be cross-platform, as in, works on Windows, Linux, OS X, Android, etc. Browsers are a hell of a lot more similar than OSes. If Flash can do it, JavaScript libraries should have a much easier time of it.
The author flat-out admits this:
Flash isn't immune to the complexity brought to us by the proliferation of operating systems and browsers, but it has been dealing with them for much longer. When the Flash plug-in doesn't crash, the results are slicker, smoother, and more consistent.
And of course, sometimes, the Flash plug-in crashes. And anywhere but Windows, the results are certainly not slicker or smoother. And nobody's mentioned SVG.
Point #3 I'll give them, but TFA also mentions:
Adobe is hedging its bets and building HTML5 support into Dreamweaver so that you can continue to use Adobe's tools and enjoy the flexibility.
And I wouldn't doubt there will be other tools just as good or better.
Point #4 -- totally agree. I'm always annoyed when I see Flash-ified headers, just to get the fonts right.
Reason No. 5: Flash is write once, play everywhere: More like write once, play anywhere that runs Flash.
Whereas HTML is write once, play everywhere that has a decent web browser -- for which you have multiple options.
Reason No. 6: The Flash commercial ecosystem: Ok. I don't know if this is an actual benefit, or if you lose more support through being semi-closed than you gain by having some commercial support.
In fact, I'd call it a detriment -- why would I go for a proprietary photo viewer over an open one? It's not like my website is just a photo viewer, is it?
Reason No. 7: Flash's game engines: I don't get it. Why is he talking about "Born to Run"?
#7 is a joke. He's just saying if JavaScript wants to be taken seriously, someone should make a JavaScript game "engine" and call it an engine, instead of a library.
There is one popular computing platform that requires all programs to be written in Objective-C.
Does it? I thought Apple allowed a few other languages, like plain C/C++...
So if I want to develop an application for both of these platforms, in what language should I express the business logic of the application so that it can be automatically translated into Objective-C and into a CLR-friendly language?
Unfortunately, the answer would probably be XML. Lots and lots of XML. Just make sure it's not Turing-complete...
A saner answer (but one I like less) is to develop something which compiles Objective-C to CLR. Maybe it'd work at a higher level (compile Objective-C to C#), or maybe at a lower level (translate Objective-C bytecode to CLR), but either way, that's your only option, because the iStuff is the only platform which actually bans source language. If they found out you did it the other way around (starting in C# and compiling to Objective-C bytecode), they'd kill your app.
That or just build a web app.
Yes, as per usual from you? NO PROOF when it's requested...
You requested proof of a position I didn't hold, which is that there is an explicit, written rule that says exactly what you were suggesting. You also haven't addressed what I pointed out, which is that you're exploiting a weakness in a system obviously put in place to enforce something.
LOL, ok - but not 1/100th as easily as you are,
Still not terribly difficult.
Uhm, care to show me your PHD in psychology,
Are opinions on how crazy something sounds only valid if they come from a PHD? Appeal to authority.
Again, I use quotes as a form of emphasis is all, get used to it. Many others do as well...
Can you provide an example?
Using language incorrectly, and saying it's just your "style", doesn't make it correct.
Right, but, how many write as I do
How many have tried?
which you complain endlessly on, to the point of calling me names...
I was calling your style a name, and that's an important distinction. Even so, are you saying you're proud to write like an autistic 12-year-old boy?
LMAO - ah yes, the LAST RESORT OF THE DEFEATED TROLL, along with name tossing, now in your "grammar & spellcheck + writing style critique", lol... care to show us your PHD in English...
Another appeal to authority, along with a non-sequitur. You haven't even demonstrated that I'm a troll.
or that this is the "english grammar, spellcheck, and writing style section" of this forums?
I may actually be offtopic. First valid point you've made this post.
Is that the "best you've got"?
You know, it's more than a style thing, it's downright dishonest. A casual reader might be inclined to think you're quoting me -- that I somehow said somewhere that this was the best I've got.
I mean, hey - Your technical know how has been shatttered & destroyed by myself (and others too
If by "others" you mean "one other AC who may have been you," sure.
In fact, you've done similar things in the past, though I can't remember exactly when or where. I distinctly remember you posting something without signing it, and admitting later that it was you, just trying to see if a different writing style and lack of a signature provoked a different response.
While I was maybe a bit kinder towards the new person, my position on the technical issues didn't really change.
It was a similar situation, too -- an AC who posted on a thread that was buried and deep, the kind that is very rarely touched by anyone except me and the one other person I'm still talking to -- which makes it all the more likely that it's you. Yet I haven't assumed, I only asked the question.
Also interesting that this other AC hasn't been back at all, even to clear your name, not that it would really help.
Please... ask your "precious moderators" if that is an IP I use, ok?
Moderators can't see IPs.
YOUR TROLLING PERFORMANCE IS DOWN LATELY!
And now you seek to establish that not only have I trolled you here, but that I habitually troll people. Care to show any evidence of that?
Of course, this was never about truth to you. It was about winning:
I gotta say this too: "too, Too, TOO EASY", just too easy for me to do, as per usual, vs. yourself!
It really is that important that you win, that you be right, and that you show that I'm wrong about something, to the point where you blind yourself to the areas we agree.
Regarding the subject: That is true enough. However, a logical fallacy can only affect the argument in which it's employed, or any argument that uses it as a premise.
Let me give you an example of how an ad-hominem would work: "You don't know anything about security, THEREFORE what you said is wrong." You've strongly implied these, but I don't think you've outright said one yet.
I challenge you to find me committing this fallacy. You'd have to find somewhere I say "You're wrong because <insult>." It's not just me calling you <name>, it's me saying you're wrong because you're a <name>.
Now you're just a moron.
I don't think you're going to be able to successfully "double-talk" your way out of that!
That's not followed by any sort of "therefore."
It's interesting that you seem to have this idea of "double-talk" -- as if my attempts to be precise about language and terminology are trying to "get out" of something.
Put another way: If you and I met face to face, and you started insulting my clothes, laughing here and there for good measure, I wouldn't want to hang around you. You might insist that I know it's true, and that I should listen to you, you're a fashion designer, whatever, but if you start off with "That shirt looks like dog shit," I wouldn't be inclined to listen...
Well, then you had best "thicken your skin", because sometimes? Folks have opinions...
If you occasionally joked about my clothes, fine. (I use clothing as an example -- most of them, I really don't care.) If you merely had an opinion, like, "That shirt really doesn't look good on you," that'd be considered rude by most, but I'd probably be thankful for the advice. If you instead said "That shirt is dog shit," I'd be annoyed, but it's not like I'd run home crying.
But if you repeatedly say shit like that, snide little remarks all the time, then yeah, I'd be gone. There's having a thick skin, and then there's choosing to hang out with people who aren't assholes.
Also, interesting double-standard. You start with "open sores", and when I say "Don't be a dick," you suddenly get defensive and shout "Name-caller!" Thicken your own skin.
You know, you "busted my balls" for using the term "Open Sores", but they CAN be that...
Nope, it's still a pretty damned insulting analogy. Let me put it this way:
"Does this dress make me look fat?"
"*gulp* It's... maybe we should try another one."
vs:
"Does this dress make me look fat?"
"No, your ASS makes you look fat!"
Sometimes it's not what you say, but how you say it.
Where? I mean, fine & dandy YOU merely SAY that, but I'd like to see where I did so...
"Open sores" maybe? Sure, it's calling a thing a name, and not a person... But there's also this:
it doesn't sound as if you've had any professional experiences in "pen testing" based on your replies here.
No overt names being called, but both of those were unnecessary. I admit I may have exaggerated a bit -- I get frustrated by people who simply repeat the same arguments I've refuted multiple times, hoping that maybe this time I'll "get it".
Again: People who use terms like "M$" tend to get downmodded.
Whoosh, that's rather lame... after all, Microsoft IS A BUSINESS, and is ALL ABOUT making "$"... one of the wealthiest corporations on the planet, so I'd actually take THAT as a compliment!
I suppose it's about more than just the term. I can point you to posts like that, but the usual implication attached to it is that Microsoft is all about money, that they're otherwise evil and incompetent.
Beside the point, though. You're asserting that there's some massive mod bias, even conspiracy, that'll have you modded troll every time. Th
It's not, you "know my style" by now (I quote you, in bolds with quote marks etc. et al, & I 'sign off' on my posts, always...
I don't know you well enough to take you at your word for that.
YOU FINALLY NOW ADMIT THIS:
Only, you didn't (or rather, lol, WOULDN'T) admit it to me in our other exchanges here!
What is it you think I claimed?
You now, finally, admit that even a "remote classified exploit", such as let's say, a bogus DIV tag in a malscripted webpage with an invisible frame and bad code or a bad binary sent your way in it, can f' you up
Yeah, I never said a remote exploit couldn't happen. I also never said someone who'd used a remote exploit to gain local access couldn't cause havoc with a local exploit. Getting me to "admit" something obvious that I was never arguing against is not a victory for you.
Also, that's your strawman limit. Sorry, ignoring the rest of your post.
You really don't "get it", do you?
If I don't, repeating the same bullshit for the third time in a row won't change my mind. It'll just show where we actually disagree. (Hint: It is possible for two people to understand an issue and disagree.)
Do you write code (if so, I'd like to see an example as proof of it, and I don't mean scripts (equivalents to batch files)??
I do code. You'll have to define what you mean by "scripts" -- even Bash is Turing-complete.
I also have nothing to f to you, especially if you're too lazy to Google me.
That is MUCH EASIER TO SPOT, in an app with its SOURCE OPENED
Easier to spot, and also easier to fix. When it's as easy to spot as you suggest, it's not going to survive long, particularly in a well-known open source application.
what on EARTH makes you think doing a LOCAL DOS is any more difficult OR DIFFERENT than a remotely done one?
It requires a local account. I can't believe you still don't understand this, especially since the website you linked to seems to have a pretty thorough understanding.
Say it with me: "Local" does not mean "LAN". It means LOCAL MACHINE.
I can still "suck up" connections from say, a webserver, and render it essentially inoperative & unable to field ANYONE's requests, from within a local network, same as I can remotely!
*facepalm*
Yes, remote exploits also work locally. That doesn't imply local exploits work remotely, which is what you're trying to illustrate.
Secondly, I don't use Wi-Fi
Not using an exploitable feature makes you secure! Who knew?
Most people use Wi-Fi, so this is relevant. Or does your guide tell people "Don't use Wi-Fi if you want Windows to be secure"?
You just described how easy it was to fix an exploit. I was describing how difficult it is to exploit something in the first place, whether or not it can be easily resolved. Those are completely orthogonal.
The point was that IF you have a workaround for a known exploit (such as AERO's)? You can secure yourself with said workaround... how hard is THAT to understand for you?
Ok, this is going to take some translation:
Me: It's hard to exploit X. ...
You: You can secure yourself against exploit Y.
Me: What? That had nothing to do with what I said.
You: How hard is it to understand? You can secure yourself against exploit Y.
Me:
Hmm, no, let me try again. Maybe this is what happened:
Me: It's hard to exploit IDE-CD.
You: Oh yeah? Well you can secure yourself against the AERO exploit, so the AERO exploit isn't worse than IDE-CD.
If I have to do that much work to understand you, you fail at communication. But sure, I'll bite: Even if I configure IDE-CD in its least secure mode, there are still two things which have to happen:
First, you have to get a local user account. IDE-CD isn't visible from the network, and webpages have no access to it, JavaScript or not.
Second, you have to get some blank media in the CD.
Third, you have to somehow burn something malicious onto said media.
And you have to do all that without the user noticing.
Oh, but it gets better. IDE-CD doesn't come that way out of the box -- the distros I've used restrict it to a "cdrom" group, which is also allowed to burn stuff. And it only works on a subset of hardware -- specifically, those with an IDE CD burner. I'm not even sure this particular driver is used on every system which has a CD burner plugged into IDE anyway.
Now, contrast this to Aero -- it can be exploited from within a browser, even with Javascript etc disabled, so it's easier to exploit when vulnerable. It's enabled by default, and it's a significant loss of functionality to disable it -- thu
LOL, what a piss poor reason for modding me down.
What, you don't think moderating for content is a good idea?
Put another way: If you and I met face to face, and you started insulting my clothes, laughing here and there for good measure, I wouldn't want to hang around you. You might insist that I know it's true, and that I should listen to you, you're a fashion designer, whatever, but if you start off with "That shirt looks like dog shit," I wouldn't be inclined to listen, and I would be inclined to tell people you're a dick.
That's how moderation works. That's why we have things like "troll" and "flamebait". Having technical content doesn't automatically mean you're not a troll.
Sure is, and I will be nice until it's time, to NOT be nice (such as when others start calling me names, and up until now, you didn't but, as usual?
As usual, you started that. Also, saying "You're being a dick" is not namecalling. It's a slightly ruder way of saying "you're being obnoxious", which is not even a personal insult. This, however, is: If you got out more, you might realize that people say "Don't be a dick" to each other often enough, without taking it personally.
Doesn't matter to me IF I get "downmodded"... especially for reasons like you are noting, lol, that I have basically "upset the ANTI-MICROSOFT, FireFox, + LINUX fanboys & zealots" around here.
Again: People who use terms like "M$" tend to get downmodded. People who create posts which are 50% inflammatory bullshit, 10% interesting, and the other 40% just a boring repeat of those 10% get downmodded on pretty much any topic.
As far as trying to tell me that others here actually favor Microsoft?
I didn't say that. Learn to read. Hint: It's right there above.
Extra hint: The mods are pretty good, most of the time, at moderating based on content -- on how you say what you're saying, and whether or not it's actually interesting, insightful, etc -- whether or not they personally agree with what you're saying.
I've seen people say things very pro-Microsoft and anti-Linux, which were modded +5 insightful, and I agreed with the mod. You write like an autistic 12-year-old boy, so even when I agree with you, I'd also downmod you.
Yet you seem to assume that every single moderation is "I agree" or "I don't agree". Nope, this isn't Digg.
What 'trollish behavior' is this on my part?
Bypassing the written and unwritten (but obvious) rules of a community because you don't agree with how you're being moderated.
They come with a price: YOU are EASILY TRACKED
So are you, so long as you sign your posts. The only difference is that you can't even provide rudimentary assurance that you're the same person I was talking to yesterday.
I am the ONLY thing here that is FREE (Truly Free).
Do you realize how crazy that sounds? You're not the only AC, dude.
"elitist registered user account"
Quotation marks. So who are you quoting?
I can also collect up credits on my upwards mods this way too, by signing off on my posts - that way, nobody can say it was or wasn't me that was modded up
Sure I can, mostly because there's nothing stopping anyone else from signing their posts "APK".
I have been doing this for YEARS here, bypassing the 10 posts per 24 hour limit unfairly imposed on us registered users, so show me a "rules" that says I cannot do this...
Translation: "I don't understand how plurals work in the English language, and I think that getting away with something for years means it's OK."
I have asked others before to show me such a rule, EXPLICITLY WRITTEN,
It's filed under "Don't be a dick." Or did you think the limit was there for no reason?
Put another way: If you come across a weakly-secured WEP network, and you crack it, do you say "Show me a rule, EXPLICITLY WRITTEN, that I can't leech your Internet"?
As you point out, posting anonymously makes you immune from karma, friends/foes and bad reputations, which means, as you say, you're harder to track. There's a reason for making people easier to track -- it helps prevent abuse.
you don't possess the intellect
Throwing unwarranted insults tends to get you downmodded, but apparently you don't possess the intellect or social skills to understand that.
added latency
Sorry, what? I get less than 40 ms ping to Google most of the time, and that's from places which are not actually Google. Latency within a LAN is not going to be significant when we're talking about running GCC.
the dependency on local network availability,
I can't code either when the power is out. And again, this is Google -- network availability is not going to be a problem.
the fact you'll probably need to share a development cluster with way too many other projects.
Idle speculation.
I'm not aware of any modern operating system that prevents the user from using it.
You seem to have a very narrow definition of "using it", by which I'd have to assume you'd also say the same thing about iPhone OS. But I still have to ask, when was the last time a program you wrote needed to run in Ring 0, or even as root?
A modern O/S will provide a degree of isolation from the hardware, I agree. But we were talking about sandboxing which provides an additional layer of abstraction,
A quantitative, not qualitative difference.
and blocks access to the OS as well.
Just as the OS "blocks" access to the interrupts.
with the platform itself blocking access to the underlying hardware and O/S
Do note the emphasised portion.
I did. Unless you're developing kernel modules, you're working with precisely the same sort of restriction -- you're blocked from the underlying hardware and from lower layers, like OS internals. Again, we are talking about a quantitative difference -- you're bitching because it's more layers, and you feel some need to be "closer" to the hardware, not because what an OS does is fundamentally different.
What, were you expecting to toggle code in via the front panel?
I'm not sure I understand where all this attitude is coming from... did you just get out the wrong side of bed, this morning?
Probably did, but it doesn't make this less valid.
That is: If you don't plan to toggle code in via the front panel, exactly what part of "developing code for a platform, while working on that same platform" makes any sense whatsoever? Were you suggesting that it's easier to develop for Linux while running Windows?
It may seem that I'm being sarcastic here. I'm not. I actually have no idea what "developing code for a platform, while working on that same platform" has to do with anything, even when combined with the "blocking access" part. It seems to me that if "blocking access" was an issue, that'd be orthogonal to whether you're developing for platform X while working on platform X.
I don't think they're actually doing this for serious development work, not yet....
Thank you. That was my entire point. They're not doing this yet....
Nope, you're still saying something different.
I don't think they're doing this, but it seems entirely possible that they could be doing this by now.
there are apt to be problems in this area because it's not a use case the designers originally had in mind.
I also didn't say anything of the sort -- I'm not convinced that it's a good idea, but that doesn't mean I automatically think it won't work, or that there will be problems, or even that it's a bad idea. I'm just not convinced that it's a good idea.
You're asserting they're not doing this, and it's a bad idea. You might be right, but I'm asking you to justify it.
That it has updates doesn't make it a modern app.
I realize I was probably trolling by calling emacs "legacy", because neither emacs nor vi(m) can ever truly become "legacy" any more than Unix itself. But there are, sadly, plenty of COBOL programs which are actively maintained.
Well, I'm assuming that no one wants to run GCC through a web front end, for starters.
And why not?
This is Google. They're known to write code in all sorts of languages.
They're also known to run it on massive clusters of computers. I remember a quote saying something like "There are no interesting problems left which can be solved with a single computer."
Given that your code is probably going to run on a cluster, why wouldn't you write it on a cluster?
Now, I'd personally rather have a more powerful workstation on which I can run several VMs, simulating a cluster, and then deploy to a real cluster when I'm ready, but that doesn't mean it's the only way to do it.
Which isn't to say they don't have a really good web-based IDE in house, of course. But I'd hate to have to work that way myself.
I'd again have to ask, why is that?
Developing code for a platform, while working on that same platform, with the platform itself blocking access to the underlying hardware and O/S? Sounds clumsy, and an utter pain when it comes to testing...
Sounds exactly like any modern OS.
Oh, and the first part you said makes no sense. Developing code for a platform while working on that same platform? If you're using gcc, you're doing exactly the same thing -- writing Linux programs while running Linux. What, were you expecting to toggle code in via the front panel?
Now, if you mean the development of the platform itself? Sure, that's annoying, in the same way that kernel development is annoying.
a second box and remote compile everything.
And why's that a problem, especially when we're talking about Google, at which that "second box" could easily be a cluster? A second box for you sits mostly idle until you've got something to compile. Share the cluster with all their developers, and it gets significantly more efficient.
From what I gather, the ChromeOS interface wasn't designed with systems developers in mind.
Definitely not, but I think that's a UI thing. I don't think a browser-based UI would necessarily lose, it's more Chrome's entirely tab-centric UI I don't like.
Now I don't think they're actually doing this for serious development work, not yet. I'm not convinced it's a good idea. But I don't for a second think it's impossible, and I'm not even sure it'd be that bad.
Oh, I get it -- it would be insanely slow to load. If nothing else, think of it locally generating all that base64-ness, which the browser then has to decode again before displaying.
But at the same time, in my experience, Flash is still significantly more CPU-intensive than the browser playing the same content, and native players are several times faster still. HTML5 could be optimized to be faster, and there are, what, four competing implementations?
So this will probably be slower to load, but also will probably run much faster, given how slow the Flash player itself is. (Unless it's a fundamental design problem with the flash format and specifications, and a fast Flash player is actually impossible...)
Maybe I'm just not looking, but how many Christians would like to see those laws include a death penalty for rejecting your religion?
You have to build up to that.
I'm well aware. As are the upper-middle-class American Muslims I've spoken to who would ilke to see Sharia happen here. They acknowledge that it's their goal, and they also acknowledge that it'll take awhile to build up to that.
I hear Fox News is working on the problem already.
So maybe the difference is that the Muslims are honest about it... Still, I wonder how many of them consciously realize that they're moving in that direction. How many people today, even at Fox, would go out killing gays just because it's legal?
I know I've seen a clip with a Fox anchor in a shouting match with someone from the Westboro Baptist Church. Apparently, Fox doesn't think gays should marry, but they draw the line at saying God hates them.
most of them will need to do a fair bit of non-webapp work.
I don't think you can know that. Which apps are you assuming can't be done in a browser?
On the bright side, this may well result in a lot more of the underlying O/S being exposed for general use.
I doubt it. What they have done is provided a way to run native code in a local sandbox, and desktop Chrome should be getting the same thing.