There's no reason C/C++ development has to take longer than Java/Python/Ruby (except for some trivial exercises you will never see outside of academia).
I will never understand why people feel the need to be so assertive about things of which they have only limited understanding. A good programmer should keep an open mind about systems they are unfamiliar with. A wise man admits he knows nothing, and so forth.
All programming languages have their own niche, their own environment in which they perform optimally. Remove the language from it's comfort zone, and things rapidly go down hill. This applies as much to C++ as it does to Python or Ruby. Knowing the limitations of the tools one uses is the mark of an experienced programmer - indeed, the mark of any experienced craftsman. You cannot be a good programmer without knowing where the limits of the tools you use lie.
Example: what percentage of web applications are primarily coded in C++? Clearly very few, only performance intensive services such as Google use the language. This is because the design goals of the majority of web applications lie outside C++'s particular niche.
No offense, but if you are getting faster Java code than C/C++ code then you are a terrible C/C++ programmer.
Java certainly has its strengths, but it can't compare to C/C++ performance-wise. Not when the code is written by an experienced programmer.
There's less difference than you might think. Take a look at this computer language shootout benchmark. The only significant bottleneck Java has is its startup time.
Typically, professional programmers have a limited time to develop software in, and languages that produce results faster leave room for implementing better algorithms, which can have a marked effect on the performance of a system. That said, there are limits; if you want cutting edge graphics, native code (at least for the engine itself) is pretty much a necessity. For most other systems, where performance is not the priority, native languages are less useful.
Mm. The problem comes with where to draw the line. The Z3 was programmable and Turing complete, whilst the ABC was a lot more limited in scope and function.
Theoretically, you're right. Theoretically, bees can't fly, either; that doesn't meant it's true. The EU has definitely brought down a lot of trade barriers within its member states, but there still are huge numbers of non-tariff barriers that prevent trade and "protect" national markets.
Urban myths about bee's flight aside, I think you're being a little too cynical. I realise that's never a particular wise thing to underestimate bureaucracy and national interests, but I don't believe the barriers to entry are as large as you think they are. That said, I did use the word "theoretically" deliberately, precisely because reality does not always match up to the ideal that laws and treaties imagine.
I also agree that the EU has some way to go before it becomes as economically united as the US. But the Euro has been consistantly stronger than the Dollar for some time now, and the US budget deficit is somewhat larger than the EU's. Whilst the governments of the EU are certainly bureaucratic, by dividing the power among smaller countries they seem to be more efficient than the US government in several areas, such as healthcare.
On regards to China, whilst it's growing, it's average wage is still a fraction of that of the US's or the EU's and it's markets hampered by its government. That's not to say it won't become an economic superpower - it's vast population makes that quite probable - but comparing what China might be, to what the EU is now, seems somewhat odd.
No, but it is a unified market. That's the main attraction of the EU; there's no trade barriers between countries. Cultural and language issues aside, it's theoretically as easy for an Englishman to sell goods in Poland, as it is for a New Yorker to sell goods in Texas.
The US has the largest economy for any single country, and the highest average earning. But the EU is the largest market and joint economy.
But does that make the kind of wholesale theft that went on on Pirate Bay okay? If they can enable so much theft from me (and so many others) with supposedly the full support of everyone commenting, what if someone decided to directly steal from you in some way? Would you be forgiving if someone drained your bank account or used up your credit cards? At what point would you cry foul? I'd really like to know.
You're setting up a straw man argument. Theft and copyright infringement are two patently different actions. If $100 was stolen from my bank account, then the direct loss to me would be $100. If $100 of my software was illegally copied, then all I can say for certain is that the direct loss is between $0 and $100.
This would only work if all of the properties for a Javascript object were readily available at compile time, which is not necessarily the case. The first problem is that there's no foolproof way to know which properties listed will be added at run time. One could have add a property to an object dependant on the value of a randomly generated number, for instance.
The second problem is that objects in Javascript are also associative arrays (analogous to the Map interface in Java). This means that you cannot guarentee to know the names of all possible properties. One could take the name of the property from user input, for instance.
You could artificially restrict Javascript; get the programmer to obey certain restrictions to ensure Javascript could be correctly parsed into Java. But you couldn't guarentee an accurate conversion if you allowed Javascript's full feature range.
Many of the current copyright laws are there due to the lobbying by large publishers. Copyright laws in the US were originally 14 years, with an optional 14 year renewal. 28 years was considered enough incentive for authors to produce more works before falling into the public domain.
All extensions to this have largely been the result of lobbying by wealthy publishing corporations. In this, you are correct that the laws are there for a reason: the reason is to make publishing companies more money. Some people consider the goal of buying a CEO a new private jet to be less important than enriching the public domain, and thus, consider today's copyright laws to be excessive.
There IS loss when copyrights are infringed upon. Every person who gets a copy from their friend is one less sale to the record company/television studio/etc.
Again, you're incorrect. In standard economic theory, a person will buy an object if the price of the object is less than or equal to the perceived value.
For instance, if I happen across a DVD of a box-office flop on sale for $5, I might consider buy it because it is inexpensive. If I ran across that same DVD for $20, or even $10, I would not buy it because I would consider it not worth the money. Therefore, the peceived value of the DVD is $5.
Thus, piracy will only result in a lost sale if the price of the item is greater than the perceived value. And piracy itself will only occur if the cost of downloading (in terms of bandwidth, time and risk of being sued) is less than or equal to the perceived value.
You appear to be assuming that the perceived value of any copyrighted materal, for every consumer, is exactly equal to or greater than the price. This is clearly not the case, otherwise everyone would spend all of their non-essential income on buying DVDs and so forth. Since people spend their money on objects that are not copyrighted material (for instance, I'm investing in a holiday), this assumption is clearly false.
Actually, the grandparent poster has a point. Javascript is a dynamically typed language that makes liberal use of high level functions in more complex scripts. Due to Javascript's fluid nature, it would be difficult for a largely static language like Java to match it exactly. For instance, a class in Javascript is merely a function that dynamically constructs an object. One could roughly map a Java class to a Javascript function, but it would be difficult to the inverse. Java's rigid structure would be disadvantageous in this case.
Of course, one could just map the Javascript directly to a class file, and I believe Rhino does just that. However, that's not quite what the gransparent said, and even Rhino doesn't allow a flawless mapping from a Javascript class to a Java one (at least to the best of my knowledge). Classes in Java are just too static to entirely accomodate the more fluid Javascript object builder functions.
Firefox, Opera and Internet Explorer don't appear to. That's about 98% of the browser market there. I suspect Safari doesn't have the certificates, either.
Browsers come with a limited number of root certificates. If they encounter a SSL connection not signed by one of these certificates, a dialog box pops up warning the user and asking if they wish to continue. Clearly, you don't want the browser implying that you're untrustworthy to your users, so you have to go out and get a certificate signed by Verisign or some similar company.
Large websites clearly don't have a problem with this. What's several hundred dollars to a company of any significant size? But then CPU comes into play. SSL is an expensive operation compared to straight HTTP. With small numbers of visitors, this isn't a problem. With large numbers, the costs start to increase.
SSL just isn't worth the hassle or the cost for most websites. Screwing the NSA is all well and good, but when it affect's the bottom line, most people forget about it.
This is what they do. They spam their marketing materials on one forum after another, glossing over finer points like the lack of Unicode and threading support, along with quite a number of tools professionals need in their development, and then use their meat or sock puppet accounts to downmod messages they don't want to reach their target marketing audience.
What on earth are you talking about? Sure, Rails isn't appropriate for some projects, but it certainly is appropriate for others. Rails isn't missing any critical feature that makes it useless for web development in general, and it makes good on its promise of rapid development. Rails performs well in its (sizable) niche; take it outside that niche and of course you'll have problems, but that doesn't imply that it's useless for all applications.
So you're not using Rails because it can pluralize "person" correctly? You'd prefer it to pluralize words incorrectly?
For those unfamiliar with Rails, the it pluralizes the name of an activerecord class to get the name of the associated table. So if your class was named "Person", it would, by default, link it to the database table called "people". This is only default behaviour and, unsurprisingly, this can be overridden. It's a feature of the Rails framework, and nothing to do with Ruby.
A horrible user interface for whom? I understand you're talking about Joe User here, but it's worth remembering that the Linux desktop does have it's advantages for certain technologically-minded demographs. For me, Linux surpassed Windows some years ago; and not just in functionality, but in desktop usability as well.
Scala seems more actively developed than Nice, which is inching its way to 1.0 extremely slowly. Scala also seems to support more features, and appears quite a bit more complex (which can be a good thing). The Haskell of JVM-based languages, as it were;)
Sometime I really have to get around to writing some code in Scala, but currently I'm finding my attention diverted by dynamically typed language. Alas, my spare time to investigate new computer languages is quite reduced these days.
As for speed, I should clarify my statement. Scala is slightly slower than Nice, it would appear, but not by any particularly large amount, at least according to the Computer Language Shootout. Compare this to Groovy, which is one or two orders of magnitude slower than both Nice and Ruby - ouch!
Still, I should talk - compared to Java, my current language of choice, Python, seems quite sluggish in places.
I believe Scala has been mentioned in an earlier thread, which is why I didn't draw attention to it in my post. Scala has a lot of interesting features that Nice doesn't have, but Nice still some advantages to it's name.
Nice is a little faster, more lightweight, and deviates less from Java than Scala, making it a hell of a lot easier to get to grips with. Like Scala, Nice supports closures, is statically typed, and integrates perfectly with Java (as do most JVM-based languages). It's been a while since I touched Scala, but IIRC Scala doesn't have the same null-safety Nice has, and I'm fairly sure Scala can't add methods to existing classes, whereas Nice can. Feel free to correct me on the latter point.
Nice is another JVM-based language that could do with a mention. It puts more emphasis on programming correctness than Groovy, including features such as pre-conditions and post-conditions and safety from NullPointerExceptions. According to the Computer Language shootout, it compares favourably to Java in terms of speed and efficiency, whilst Groovy somehow manages to be several hundred times slower in places.
That was my point. Since Kubuntu is developed as an alternative, it's not going to add bloat to vanilla Ubuntu, as the grandparent post originall asserted.
If the 1Mb line were used continually at full capacity, you might get something approaching that cost. However, I'd contend that even amongst the most avid torrent users, downloading 300GB per month is somewhat excessive.
As I mentioned in my original post, the most simple way to approach the problem is to charge per GB over a particular limit. For instance, every GB over the set limit might cost an extra £0.56, or $1.00. Thus, the heavier the use, the more the user has to pay. No need to oversell at all.
If everybody that whines gets the attention they want, Ubuntu will become as bloated as any other general purpose distro.
I'm curious to know your reasoning. No-one's talking about adding KDE packages to Ubuntu by default, so I'm afraid I can't understand why you think that developing KDE as an alternative to Gnome would add bloat to the distro.
Oh boo-fucking-hoo. Cry me a river. Maybe because Gnome *IS* the default standard for Ubuntu, and KDE is an offshoot?
Whilst I agree with you in principle, it's worth remembering that a lot of Ubuntu is desktop independant. The top layer (ubuntu-desktop, kubuntu-desktop, xubuntu-desktop, etc.) is modular and easily changed.
Because Ubuntu is so modular, there's little reason not to bring different desktops under the Ubuntu umbrella, assuming that one can find the volunteers to do so.
The fuss over Kubuntu is making a mountain out of a molehill, but it does have some valid roots. Late last year, Mark Shuttleworth announced that he wanted Kubuntu to become a first class distribution the equal of Ubuntu. Given this statement, a few developers are voicing complaints about the lack of attention Kubuntu's getting. These sorts of complaints are usual in any open source project, though, so it's nothing to get worked up about.
Like it or not, Ubuntu is branching out from Gnome. Apparently, Shuttleworth already uses Kubuntu as his desktop of choice.
Bandwidth isn't free, and while you always have the chance to move to a different ISP if you don't agree with traffic shaping, ultimately there won't be any ISPs left who either a) traffic shape or b) have gone bankrupt.
I'm sorry, but this is just moronic. The only ISPs that will go bankrupt are those selling more bandwidth than they actually have. The problem is overselling, not Bittorrent, and traffic-shaping an attempt to ductape the gaping holes in the ISPs accounts.
If you can afford 100GB of bandwidth per month, and promise your customers 1000GB, then obviously you're taking a risk. If your customers take you up on your offer, well that's your own damn fault. The ISPs have no-one to blame but themselves for this mess.
Further, traffic shaping is very difficult to do when the users don't want you to do it. Once a data stream is encrypted, one can only hazard guesses at it's content from the amount of data being transmitted. Short of banning encrypted streams from your network, there isn't an easy solution to recognising Bittorrent traffic over other data.
But the solution to this is simple. Don't oversell. Charge people by the MB if needs be, but don't promise more than you can give if there's a good chance you'll be taken up on your offer.
Ah, but what you've missed is that many humans seem not to have this capability for analytical thought you would like to teach. I'm not sure whether its been beaten out of kids by their brainless parents, or whether they were born that way, but a large proportion of the current adult population really can't think analytically at all.
This was touched upon by Richard Dawkins in The Root of All Evil?. Essentially, he argued that children were genetically programmed to accept the word of their elders as truth. In order to survive, a child has to steer clear of dangerous objects - if a child were to attempt a scientific test on whether falling off a cliff were indeed fatal, they probably wouldn't live very long.
This is, I feel, the problem with religion. It takes advantage of a child's natural trust in the adults around them, and teaches them not to question certain ideas. This teaching is kept up throughout the child's life, until their minds accept the belief as blind fact. An extreme example of this is Creationism, where belief trumps any amount of evidence to the contrary.
Did you even read the article? This is a new class of vulnerability. The risk is from the AJAX features in the browser. It allows malicious code on site A to cause things to happen on site B, as long as the user has a session established (in another window or tab) with site B. This attack works even if site A uses sessions, passwords, and SSL.
XMLHttpRequest can only send HTTP requests to the same domain from which it was invoked. Likewise, cookies can only be read from the domain from which they were invoked, and, surprise surprise, Javascript is limited to the domain from which it was invoked as well. A security vulnerability of the likes you describe would need a browser vulnerability in two separate systems. No such vulnerability is known to exist in any of the major browsers. In addition, I contend that browser vulnerabilities are not a website maintainer's responsibility.
Slashdot Mirror
I will never understand why people feel the need to be so assertive about things of which they have only limited understanding. A good programmer should keep an open mind about systems they are unfamiliar with. A wise man admits he knows nothing, and so forth.
All programming languages have their own niche, their own environment in which they perform optimally. Remove the language from it's comfort zone, and things rapidly go down hill. This applies as much to C++ as it does to Python or Ruby. Knowing the limitations of the tools one uses is the mark of an experienced programmer - indeed, the mark of any experienced craftsman. You cannot be a good programmer without knowing where the limits of the tools you use lie.
Example: what percentage of web applications are primarily coded in C++? Clearly very few, only performance intensive services such as Google use the language. This is because the design goals of the majority of web applications lie outside C++'s particular niche.
There's less difference than you might think. Take a look at this computer language shootout benchmark. The only significant bottleneck Java has is its startup time.
Typically, professional programmers have a limited time to develop software in, and languages that produce results faster leave room for implementing better algorithms, which can have a marked effect on the performance of a system. That said, there are limits; if you want cutting edge graphics, native code (at least for the engine itself) is pretty much a necessity. For most other systems, where performance is not the priority, native languages are less useful.
Mm. The problem comes with where to draw the line. The Z3 was programmable and Turing complete, whilst the ABC was a lot more limited in scope and function.
Urban myths about bee's flight aside, I think you're being a little too cynical. I realise that's never a particular wise thing to underestimate bureaucracy and national interests, but I don't believe the barriers to entry are as large as you think they are. That said, I did use the word "theoretically" deliberately, precisely because reality does not always match up to the ideal that laws and treaties imagine.
I also agree that the EU has some way to go before it becomes as economically united as the US. But the Euro has been consistantly stronger than the Dollar for some time now, and the US budget deficit is somewhat larger than the EU's. Whilst the governments of the EU are certainly bureaucratic, by dividing the power among smaller countries they seem to be more efficient than the US government in several areas, such as healthcare.
On regards to China, whilst it's growing, it's average wage is still a fraction of that of the US's or the EU's and it's markets hampered by its government. That's not to say it won't become an economic superpower - it's vast population makes that quite probable - but comparing what China might be, to what the EU is now, seems somewhat odd.
The German Z3 was probably the first, followed by the English Colossus. ENIAC came along somewhat later.
No, but it is a unified market. That's the main attraction of the EU; there's no trade barriers between countries. Cultural and language issues aside, it's theoretically as easy for an Englishman to sell goods in Poland, as it is for a New Yorker to sell goods in Texas.
The US has the largest economy for any single country, and the highest average earning. But the EU is the largest market and joint economy.
You're setting up a straw man argument. Theft and copyright infringement are two patently different actions. If $100 was stolen from my bank account, then the direct loss to me would be $100. If $100 of my software was illegally copied, then all I can say for certain is that the direct loss is between $0 and $100.
This would only work if all of the properties for a Javascript object were readily available at compile time, which is not necessarily the case. The first problem is that there's no foolproof way to know which properties listed will be added at run time. One could have add a property to an object dependant on the value of a randomly generated number, for instance.
The second problem is that objects in Javascript are also associative arrays (analogous to the Map interface in Java). This means that you cannot guarentee to know the names of all possible properties. One could take the name of the property from user input, for instance.
You could artificially restrict Javascript; get the programmer to obey certain restrictions to ensure Javascript could be correctly parsed into Java. But you couldn't guarentee an accurate conversion if you allowed Javascript's full feature range.
The parent poster said no such thing.
Many of the current copyright laws are there due to the lobbying by large publishers. Copyright laws in the US were originally 14 years, with an optional 14 year renewal. 28 years was considered enough incentive for authors to produce more works before falling into the public domain.
All extensions to this have largely been the result of lobbying by wealthy publishing corporations. In this, you are correct that the laws are there for a reason: the reason is to make publishing companies more money. Some people consider the goal of buying a CEO a new private jet to be less important than enriching the public domain, and thus, consider today's copyright laws to be excessive.
Again, you're incorrect. In standard economic theory, a person will buy an object if the price of the object is less than or equal to the perceived value.
For instance, if I happen across a DVD of a box-office flop on sale for $5, I might consider buy it because it is inexpensive. If I ran across that same DVD for $20, or even $10, I would not buy it because I would consider it not worth the money. Therefore, the peceived value of the DVD is $5.
Thus, piracy will only result in a lost sale if the price of the item is greater than the perceived value. And piracy itself will only occur if the cost of downloading (in terms of bandwidth, time and risk of being sued) is less than or equal to the perceived value.
You appear to be assuming that the perceived value of any copyrighted materal, for every consumer, is exactly equal to or greater than the price. This is clearly not the case, otherwise everyone would spend all of their non-essential income on buying DVDs and so forth. Since people spend their money on objects that are not copyrighted material (for instance, I'm investing in a holiday), this assumption is clearly false.
Actually, the grandparent poster has a point. Javascript is a dynamically typed language that makes liberal use of high level functions in more complex scripts. Due to Javascript's fluid nature, it would be difficult for a largely static language like Java to match it exactly. For instance, a class in Javascript is merely a function that dynamically constructs an object. One could roughly map a Java class to a Javascript function, but it would be difficult to the inverse. Java's rigid structure would be disadvantageous in this case.
Of course, one could just map the Javascript directly to a class file, and I believe Rhino does just that. However, that's not quite what the gransparent said, and even Rhino doesn't allow a flawless mapping from a Javascript class to a Java one (at least to the best of my knowledge). Classes in Java are just too static to entirely accomodate the more fluid Javascript object builder functions.
Firefox, Opera and Internet Explorer don't appear to. That's about 98% of the browser market there. I suspect Safari doesn't have the certificates, either.
There's a simple reason; it costs money.
Browsers come with a limited number of root certificates. If they encounter a SSL connection not signed by one of these certificates, a dialog box pops up warning the user and asking if they wish to continue. Clearly, you don't want the browser implying that you're untrustworthy to your users, so you have to go out and get a certificate signed by Verisign or some similar company.
Large websites clearly don't have a problem with this. What's several hundred dollars to a company of any significant size? But then CPU comes into play. SSL is an expensive operation compared to straight HTTP. With small numbers of visitors, this isn't a problem. With large numbers, the costs start to increase.
SSL just isn't worth the hassle or the cost for most websites. Screwing the NSA is all well and good, but when it affect's the bottom line, most people forget about it.
What on earth are you talking about? Sure, Rails isn't appropriate for some projects, but it certainly is appropriate for others. Rails isn't missing any critical feature that makes it useless for web development in general, and it makes good on its promise of rapid development. Rails performs well in its (sizable) niche; take it outside that niche and of course you'll have problems, but that doesn't imply that it's useless for all applications.
Sure, Ruby doesn't handle complex database structures well, but that isn't a problem with the pluralization functions ;)
So you're not using Rails because it can pluralize "person" correctly? You'd prefer it to pluralize words incorrectly?
For those unfamiliar with Rails, the it pluralizes the name of an activerecord class to get the name of the associated table. So if your class was named "Person", it would, by default, link it to the database table called "people". This is only default behaviour and, unsurprisingly, this can be overridden. It's a feature of the Rails framework, and nothing to do with Ruby.
A horrible user interface for whom? I understand you're talking about Joe User here, but it's worth remembering that the Linux desktop does have it's advantages for certain technologically-minded demographs. For me, Linux surpassed Windows some years ago; and not just in functionality, but in desktop usability as well.
Scala seems more actively developed than Nice, which is inching its way to 1.0 extremely slowly. Scala also seems to support more features, and appears quite a bit more complex (which can be a good thing). The Haskell of JVM-based languages, as it were ;)
Sometime I really have to get around to writing some code in Scala, but currently I'm finding my attention diverted by dynamically typed language. Alas, my spare time to investigate new computer languages is quite reduced these days.
As for speed, I should clarify my statement. Scala is slightly slower than Nice, it would appear, but not by any particularly large amount, at least according to the Computer Language Shootout. Compare this to Groovy, which is one or two orders of magnitude slower than both Nice and Ruby - ouch!
Still, I should talk - compared to Java, my current language of choice, Python, seems quite sluggish in places.
I believe Scala has been mentioned in an earlier thread, which is why I didn't draw attention to it in my post. Scala has a lot of interesting features that Nice doesn't have, but Nice still some advantages to it's name.
Nice is a little faster, more lightweight, and deviates less from Java than Scala, making it a hell of a lot easier to get to grips with. Like Scala, Nice supports closures, is statically typed, and integrates perfectly with Java (as do most JVM-based languages). It's been a while since I touched Scala, but IIRC Scala doesn't have the same null-safety Nice has, and I'm fairly sure Scala can't add methods to existing classes, whereas Nice can. Feel free to correct me on the latter point.
Nice is another JVM-based language that could do with a mention. It puts more emphasis on programming correctness than Groovy, including features such as pre-conditions and post-conditions and safety from NullPointerExceptions. According to the Computer Language shootout, it compares favourably to Java in terms of speed and efficiency, whilst Groovy somehow manages to be several hundred times slower in places.
That was my point. Since Kubuntu is developed as an alternative, it's not going to add bloat to vanilla Ubuntu, as the grandparent post originall asserted.
If the 1Mb line were used continually at full capacity, you might get something approaching that cost. However, I'd contend that even amongst the most avid torrent users, downloading 300GB per month is somewhat excessive.
As I mentioned in my original post, the most simple way to approach the problem is to charge per GB over a particular limit. For instance, every GB over the set limit might cost an extra £0.56, or $1.00. Thus, the heavier the use, the more the user has to pay. No need to oversell at all.
I'm curious to know your reasoning. No-one's talking about adding KDE packages to Ubuntu by default, so I'm afraid I can't understand why you think that developing KDE as an alternative to Gnome would add bloat to the distro.
Whilst I agree with you in principle, it's worth remembering that a lot of Ubuntu is desktop independant. The top layer (ubuntu-desktop, kubuntu-desktop, xubuntu-desktop, etc.) is modular and easily changed.
Because Ubuntu is so modular, there's little reason not to bring different desktops under the Ubuntu umbrella, assuming that one can find the volunteers to do so.
The fuss over Kubuntu is making a mountain out of a molehill, but it does have some valid roots. Late last year, Mark Shuttleworth announced that he wanted Kubuntu to become a first class distribution the equal of Ubuntu. Given this statement, a few developers are voicing complaints about the lack of attention Kubuntu's getting. These sorts of complaints are usual in any open source project, though, so it's nothing to get worked up about.
Like it or not, Ubuntu is branching out from Gnome. Apparently, Shuttleworth already uses Kubuntu as his desktop of choice.
I'm sorry, but this is just moronic. The only ISPs that will go bankrupt are those selling more bandwidth than they actually have. The problem is overselling, not Bittorrent, and traffic-shaping an attempt to ductape the gaping holes in the ISPs accounts.
If you can afford 100GB of bandwidth per month, and promise your customers 1000GB, then obviously you're taking a risk. If your customers take you up on your offer, well that's your own damn fault. The ISPs have no-one to blame but themselves for this mess.
Further, traffic shaping is very difficult to do when the users don't want you to do it. Once a data stream is encrypted, one can only hazard guesses at it's content from the amount of data being transmitted. Short of banning encrypted streams from your network, there isn't an easy solution to recognising Bittorrent traffic over other data.
But the solution to this is simple. Don't oversell. Charge people by the MB if needs be, but don't promise more than you can give if there's a good chance you'll be taken up on your offer.
This was touched upon by Richard Dawkins in The Root of All Evil?. Essentially, he argued that children were genetically programmed to accept the word of their elders as truth. In order to survive, a child has to steer clear of dangerous objects - if a child were to attempt a scientific test on whether falling off a cliff were indeed fatal, they probably wouldn't live very long.
This is, I feel, the problem with religion. It takes advantage of a child's natural trust in the adults around them, and teaches them not to question certain ideas. This teaching is kept up throughout the child's life, until their minds accept the belief as blind fact. An extreme example of this is Creationism, where belief trumps any amount of evidence to the contrary.
XMLHttpRequest can only send HTTP requests to the same domain from which it was invoked. Likewise, cookies can only be read from the domain from which they were invoked, and, surprise surprise, Javascript is limited to the domain from which it was invoked as well. A security vulnerability of the likes you describe would need a browser vulnerability in two separate systems. No such vulnerability is known to exist in any of the major browsers. In addition, I contend that browser vulnerabilities are not a website maintainer's responsibility.