instead of concentrating on replacing malloc, they could concentrate on replacing another part, namely designing buffer-types that contain buffer-size and are automatically bound-checked. So heartbleed has something to do with their in-house memory management, in that they lost the opportunity to bake automatic bound checking into their custom memory manager.
One of the few quite brilliant things DJB did was write stralloc to avoid C string issues. I wish more people would use something similar in their code.
Instead of having your utility company cut your power in the summer when its hot out like they do some places, Nest users' thermostats pre-cool their homes in the morning to reduce energy use during peak hours as determined by the power company. This is a win-win you sign up for, not a spying act.
If you don't want Nest to know about your energy usage, just disable its wifi connection. It still works fine without it.
Its right in the byline at the top of the article so it seems well-covered for those who click-through already. Also, I hate podcasts, so I'm glad they didn't link to that instead.
The big story up here in Canada last year was the IRS going after dual-citizens who'd not filed their incomes with the US... because apparently they had to even though they didn't owe any taxes down there.
The IRS does lots of interesting things from one year to the next.
Pretty much what I was thinking... I show up in court and say "your honour, five years ago, when there was a 10 year statute of limitations, I destroyed the records that would prove me innocent."
Companies aren't allowed to discriminate based on gender either, but this isn't the company being discriminatory, its the company rewarding discrimination, which is personally wrong, but probably outside the legal frameworks that exist.
I hate to disagree with you, but this has nothing to do with Open Source, it has to do with software engineering.
This same bug could have been introduced in closed-source software just as easily. The problem is making sure that software is securely reviewed before its disseminated, much like the OpenBSD people have been touting all these years, instead of just throwing things together however they work.
The only part F/OSS played in this is that we *found* the bug and can identify exactly when and how it occurred. All the bad parts of this situation are not unique to F/OSS.
Why should anyone who misbehaves in a public way be taken aside in a private way? The misbehaviour affects many people, not just Linus. Linus isn't speaking only on his own behalf, but on behalf of everyone who wants to debug the Linux kernel and not have systemd take their system down with it.
Linus' reaction *should* be public. This is Linux, not Windows. We operate out in the open.
Why are/you/ confusing anger and discipline. First off, do you believe that discipline must preclude anger? Must they always be orthogonal? Do you believe that enforcing discipline cannot have any semblance of anger? Why not? I can't imagine a good reason.
Sometimes the very best way to fix a behaviour is to get mad at someone for it. A lot of people simply do not understand gentle prods and reminders.
If that were the goal, we could use djb's/service structure instead.
Launching processes in parallel is easy. Launching them in parallel with an eye to dependencies is not much harder (can be done in a few lines of shell script).
systemd is a huge new operating environment for boot with an understanding of the hardware layer and message passing and all sorts of other neat and complex things. I dislike it entirely.
Exactly. DJB writes software to do a specific thing, and it does. If it doesn't, he admits fault. If it doesn't do some third thing you want but he didn't, he leaves that as your own problem. cf. netqmail vs. qmail.
That said, I'd much rather depend on/service and tcpserver for *any* network process than systemd. Why? I know they work *every damn time*.
systemd is a great idea done in a horrific way. No, I don't have something better to give people who need the specific things systemd solves for them, but I sure as hell hate having to use it (and don't whenever possible).
Why not? You might not think its necessary, but why not do it? I'm sick of politeness for politeness' sake. People who act like idiots in public and cause other people problems and refuse to do anything to fix it deserve to be called out.
You know what happens if you do something wrong in real life? You go to court. You know what courts are? Public. There's a reason we do it that way. The public should know if things are being handled properly or not. Keeping it all private is how dishonest people act. Public is where these reprimands belong.
Slashdot Mirror
The biggest problem has always been the global routing tables. Routing IPv6 is going to get ugly soon too, but we'll see how that turns out.
One of the few quite brilliant things DJB did was write stralloc to avoid C string issues. I wish more people would use something similar in their code.
Everyone with a Nest is probably already aware of their Energy Partners https://nest.com/ca/energy-par... program.
Instead of having your utility company cut your power in the summer when its hot out like they do some places, Nest users' thermostats pre-cool their homes in the morning to reduce energy use during peak hours as determined by the power company. This is a win-win you sign up for, not a spying act.
If you don't want Nest to know about your energy usage, just disable its wifi connection. It still works fine without it.
Its right in the byline at the top of the article so it seems well-covered for those who click-through already. Also, I hate podcasts, so I'm glad they didn't link to that instead.
What else would the public be familiar with computers doing in the late 50's that would help them have context for this decision?
It seems to me that the computer was still an unknown entity to most people at the time.
Because nobody's going to pass the law that makes politicians liable for their actions.
Exactly -- also, this is why statutes of limitations exist; eventually its the states' fault for not noticing.
The big story up here in Canada last year was the IRS going after dual-citizens who'd not filed their incomes with the US ... because apparently they had to even though they didn't owe any taxes down there.
The IRS does lots of interesting things from one year to the next.
http://www.cbc.ca/news/canada/...
Pretty much what I was thinking ... I show up in court and say "your honour, five years ago, when there was a 10 year statute of limitations, I destroyed the records that would prove me innocent."
Companies aren't allowed to discriminate based on gender either, but this isn't the company being discriminatory, its the company rewarding discrimination, which is personally wrong, but probably outside the legal frameworks that exist.
I hate to disagree with you, but this has nothing to do with Open Source, it has to do with software engineering.
This same bug could have been introduced in closed-source software just as easily. The problem is making sure that software is securely reviewed before its disseminated, much like the OpenBSD people have been touting all these years, instead of just throwing things together however they work.
The only part F/OSS played in this is that we *found* the bug and can identify exactly when and how it occurred. All the bad parts of this situation are not unique to F/OSS.
You do realize every intelligent person in the room tuned out at "Unfortunately" right?
That sentence is so boring I had to try three times just to read it completely. Bullet points? Oh god, kill me now.
Unless you expect your employees to vomit a little each time you talk to them, tone down the PC BS and speak straight to the issue.
I also rapidly ignore PR sounding statements. I roll my eyes and move on.
I want criticisms to sound intelligent, not polite.
I hate companies who believe what you just said. It just piles up until you have a big useless drone army who's so polite nothing can ever get fixed.
Why should anyone who misbehaves in a public way be taken aside in a private way? The misbehaviour affects many people, not just Linus. Linus isn't speaking only on his own behalf, but on behalf of everyone who wants to debug the Linux kernel and not have systemd take their system down with it.
Linus' reaction *should* be public. This is Linux, not Windows. We operate out in the open.
Why are /you/ confusing anger and discipline. First off, do you believe that discipline must preclude anger? Must they always be orthogonal? Do you believe that enforcing discipline cannot have any semblance of anger? Why not? I can't imagine a good reason.
Sometimes the very best way to fix a behaviour is to get mad at someone for it. A lot of people simply do not understand gentle prods and reminders.
If that were the goal, we could use djb's /service structure instead.
Launching processes in parallel is easy.
Launching them in parallel with an eye to dependencies is not much harder (can be done in a few lines of shell script).
systemd is a huge new operating environment for boot with an understanding of the hardware layer and message passing and all sorts of other neat and complex things. I dislike it entirely.
Exactly. DJB writes software to do a specific thing, and it does. If it doesn't, he admits fault. If it doesn't do some third thing you want but he didn't, he leaves that as your own problem. cf. netqmail vs. qmail.
That said, I'd much rather depend on /service and tcpserver for *any* network process than systemd. Why? I know they work *every damn time*.
Before systemd, I had a predictable system with a predictable boot sequence that I didn't have to test in a thousand different permutations.
I didn't have to depend on third-party software to handle things that used to be the responsibility of the software I was running.
I didn't have to learn a configuration file format just to launch a script at boot.
Hell, even DJB's /service system is *incredibly* simple compared to systemd with most of the power of the latter.
Where are all these people who *do* like systemd? I haven't met them.
I don't mean tolerate it, or understand its necessity. I mean actually like it the way it is right now.
He needs to fix his *own* software, systemd, so it stops screwing up the boot process in debug mode.
His patches to the kernel won't be accepted until he takes responsibility for problems caused by systemd.
systemd is a great idea done in a horrific way. No, I don't have something better to give people who need the specific things systemd solves for them, but I sure as hell hate having to use it (and don't whenever possible).
You don't understand the word "until" ??
Good. Then you know where you stand.
You'd rather not know and just "hope" your manager liked your work?
I like being told when I've screwed up or succeeded explicitly. If you can't handle honesty, ask yourself why not.
Why not? You might not think its necessary, but why not do it? I'm sick of politeness for politeness' sake. People who act like idiots in public and cause other people problems and refuse to do anything to fix it deserve to be called out.
You know what happens if you do something wrong in real life? You go to court. You know what courts are? Public. There's a reason we do it that way. The public should know if things are being handled properly or not. Keeping it all private is how dishonest people act. Public is where these reprimands belong.