Is there anything similar for SquirrelFish? In particular, anything on running the same interpreter in several threads, and tips on when and how to schedule garbage collection?
To generalize: Is it that you can't program, or you can't deal with programmers that can't program. I fit in the latter category. If you've ever worked on a project that was written by programmer that had no idea... you'd understand the mother of all nightmares. Every little change, can potentially change the variable contents which causes the logic to cause code to work resulting in a crash completely unrelated to your change. Just not necessarily due to buffer overflows.
TFA specifically mentions that you need to mark up your code with sieves:
A sieve is defined as a block of code contained within a sieve {} marker and any functions that are marked with sieve.
Inside a sieve, all side-effects are delayed until the end of the sieve.
Side effects are defined as modifications of data that are declared outside the sieve
The compiler can use this information to decide what parts of the code can safely be parallelized. Adding the "sieve" keyword can change the semantics of the code, adding it correctly is your responsibility. Not sure I find the particular concept appealing for programming -- just trying to straighten out the claim of the article.
Assembler? Luxury! We had to program an SDK-85 (made by Sintel, perhaps?) on a hex keypad in machine code, which we assembled in 2 passes by hand on a piece of paper!
The sad thing is it really happened, and I still remember leaving NOPs to make debugging changes easier...
... would have WELCOMED our new Earthling masters.
Re:y^x(mod p)
on
Javascrypt
·
· Score: 2, Insightful
Diffie-Hellman is indeed an algorithm for producing a shared secret without authentication. And indeed, anything without authentication is exposed to a man-in-the-middle attack. That's why SSL doesn't use Diffie-Hellman for authentication, only for (help with) producing a shared secret key.
In SSL, the client verifies the site by means of a certificate that the site provides; this cert has nothing to do with Diffie-Hellman. The site could use SSL to verify the client identity, but this option isn't used when selling stuff to the general public, as the site has no identity it would wish to bind to the client. (Well, a client cert binding the client to a credit card might be considered useful, but until the CC companies mandate it -- and they won't -- the shopping site has no need to check it.)
Having a cert protects you from man-in-the-middle.
The problems with authentication are due to problems on the client side with binding the site's cert to the site's identity. The typical client (a web browser) does the only things it can: It verifies that it trusts the signatory on the cert (so it trusts that the information about the site's identity, as presented on the cert, is correct), and that the cert belongs to the URL displaying the page. Then it leaves it to the user to decide whether to trust the site. Of course, many sites use some third party to handle payments, leaving the poor user the question of whether to trust buystuff.com when buying from ariels.com. And some sites manage to use a cert from the wrong domain, so the browser pops up a warning. And, of course, it's not at all clear to the user how to validate the identity from a cert.
But SSL, as used on shopping sites, does give protection from a man-in-the-middle.
They made that one thing that produced energy around 2000 years ago, and it has held the human mind captive ever since. What did they call that damn thing??? Oh yea... the arc of the covenant (aka the worlds first battery). Put the top on and close the circuit.... bam... sparks and heat everywhere.
This is barely standard (at the very least, it assumes an implementation running on an ASCII machine). Why not use the standard? putchar('\a'); will produce an `alert' character on stdout.
Even that's not enough to ensure you'll get to hear the alert immediately. At the very least, fflush(stdout); immediately. Or write to stderr. </nit>
There are 2 issues with drive letters (and both are done wrong in Windows+NTFS/FAT):
Hard for the user to find things. Frankly, I find keeping "C:", "D:", "N:" and "T:" apart rather difficult. Especially when many of the letters in between are also taken up.
Hard for the admin to set things up. Try moving a tree from one partition to another (or from one machine to another). Its "physical" location may change, but it's still the same thing!
The Unices have this rather better. Admins mount filesystems on various points of a tree. If/usr/local moves from one filesystem to another, the mount table has to change -- but the location of the files remains/usr/local. If \here\A moves to \\machine2\B, the best you can do is to curse yourself for not having used a drive letter in the first place. And there are pretty good reasons to want to avoid drive letters in favour of real names...
Even better, you have real symbolic links (not "shortcuts"!). The users can create their own pointers to useful places (even create a new directory structure). Admins can fix filesystems for backwards-compatibility. It's very simple -- so it's possible to configure in new ways.
How much performance increase are we talking here? Faster startup times? Better response times? Perceived better response?
There's no reason to work hard without knowing what the benefits are. For that matter, say I do all this and it doesn't seem to work any faster. How do I know if I did something wrong, or if there is nothing to measure?
So we solve the problem of spam by not letting me use my email client, and instead forcing me to use a text "editor" box on your website. Actually, I rather like my email client (that's why I use it).
I'll do my best not to contact such a webified address. Then again, with any luck spam will begin filling in silly text boxes on web pages instead of email, and I'll be able to have spam-free email again!
The sci.math thread is archived at http://groups.google.com/groups?&threadm=3D749A9C. 1B651415%40hotmail.com . Comments appear luke-warm.
Note that the paper was submitted to the "High Energy Physics" archive, not the "Mathematics" archive. The abstract has some physics jargon, too. What this means for the proof I cannot say.
Again: Sure merchants trust the bank: they walk in with a stack of properly signed cheques, and they expect the bank to give them money in exchange for them. They trust the credit card companies: they bring them a pile of slips of paper and expect to get money in exchange for them.
The issue of keeping your own records is entirely secondary: if you didn't trust the credit card company to give you your money, you wouldn't accept credit cards, and you wouldn't give goods in exchange for signatures on slips of paper.
Cryptography and probability help you solve "trust" issues of the first kind (e.g. you can get a signed certificate from Peppercorn giving you the outcome of the coin toss; if only 450000 out of 1000000 coin tosses are in your favour, you will have proof that they're cheating you). They do nothing to convince you that my company, Corny Paper Unlimited Ltd., will give you your money.
Yes, it kind of makes you think they have competition from other hoaxers; some who are still getting kicks from psyching out the simple minded.
Please. The only rational explanation is that the hoaxers aren't hoaxers, but rather liars. They're taking credit for formations made by aliens. An all-to-human trait.
Re:Praise, either way...
on
Wolframania
·
· Score: 2, Informative
The classification of the sporadic finite simple groups was published in peer-reviewed journals. I believe it is estimated to be around 10,000 pages. Nobody reviewed the whole thing in one fell swoop, of course.
But each portion was reviewed. For instance, Walter Feit and John Thompson proved a first step as Solvability of Groups of Odd Order, Pacific Journal of Mathematics 13 (1963), 775-1029. I do not know if (or what) problems were raised regarding publication of such a long paper.
SICP is it. It's more than just "a book about Scheme"! It talks about:
Scheme
Programming:
Recursion and iteration
Continuation
Debugging!
Types and type hierarchies
Infinite data types!
...
Time complexity
Abstract models of computing
Functional programming
Object-oriented programming
Logic programming
Memoization
Interpreters
Compilers
Language design
...
Just the "Table of Contents" should be enough to set any red-blooded programmer on "DROOL".
Scheme has trivial syntax. This lets the authors explore semantics in amazing detail. Scheme's semantics are explained using progressively finer (and more accurate) "models". Eventually these models are implemented, in the form of interpreters and compilers for interesting subsets of Scheme. Meanwhile, various data types are presented. Unlike the vast majority of programming textbooks, arrays and array-based types are given little space. Meanwhile, lists, trees and various (potentially) "infinite" data structures are examined.
Models are also given for other types of programming, including a machine code, a logic programming language, and the pure functional style. Functional programming is used extensively (assignments are deliberately rare) but not fanatically.
An amazing introduction to the subject (even if you already know it).
However, it's not likely to happen as long as Open Source is pushed by zealots (*cough* RMS *cough) who have nothing to say about MS (or M$) apart from some rant about how they suck, preferably in 1337 5p34k.
Has RMS ever used 1337 5p34k? Have you ever seen RMS refer to Micro$oft?? For that matter, has anyone ever seen RMS praise "Open Source"???
Acceptance of Open Source and/or Free Software is not likely to happen as long as their basic concepts and speakers remain so poorly heard.
Slashdot Mirror
Please place all "Perl is dying" trolls below this note.
I'm looking at embedding an ECMAScript implementation into a project. SpiderMonkey has pretty complete API documentation at http://developer.mozilla.org/en/docs/SpiderMonkey.
Is there anything similar for SquirrelFish? In particular, anything on running the same interpreter in several threads, and tips on when and how to schedule garbage collection?
To generalize:
Is it that you can't program, or you can't deal with programmers that can't program. I fit in the latter category. If you've ever worked on a project that was written by programmer that had no idea... you'd understand the mother of all nightmares. Every little change, can potentially change the variable contents which causes the logic to cause code to work resulting in a crash completely unrelated to your change.
Just not necessarily due to buffer overflows.
- A sieve is defined as a block of code
- Inside a sieve, all side-effects are delayed
- Side effects are defined as modifications
The compiler can use this information to decide what parts of the code can safely be parallelized. Adding the "sieve" keyword can change the semantics of the code, adding it correctly is your responsibility.contained within a sieve {} marker and
any functions that are marked with sieve.
until the end of the sieve.
of data that are declared outside the
sieve
Not sure I find the particular concept appealing for programming -- just trying to straighten out the claim of the article.
Assembler? Luxury! We had to program an SDK-85 (made by Sintel, perhaps?) on a hex keypad in machine code, which we assembled in 2 passes by hand on a piece of paper!
The sad thing is it really happened, and I still remember leaving NOPs to make debugging changes easier...
- There are 6 points to an asterisk, but only one centre.
- Between any 2 points on an asterisk there lies one centre.
Discuss?... would have WELCOMED our new Earthling masters.
Diffie-Hellman is indeed an algorithm for producing a shared secret without authentication. And indeed, anything without authentication is exposed to a man-in-the-middle attack. That's why SSL doesn't use Diffie-Hellman for authentication, only for (help with) producing a shared secret key.
In SSL, the client verifies the site by means of a certificate that the site provides; this cert has nothing to do with Diffie-Hellman. The site could use SSL to verify the client identity, but this option isn't used when selling stuff to the general public, as the site has no identity it would wish to bind to the client. (Well, a client cert binding the client to a credit card might be considered useful, but until the CC companies mandate it -- and they won't -- the shopping site has no need to check it.)
Having a cert protects you from man-in-the-middle.
The problems with authentication are due to problems on the client side with binding the site's cert to the site's identity. The typical client (a web browser) does the only things it can: It verifies that it trusts the signatory on the cert (so it trusts that the information about the site's identity, as presented on the cert, is correct), and that the cert belongs to the URL displaying the page. Then it leaves it to the user to decide whether to trust the site. Of course, many sites use some third party to handle payments, leaving the poor user the question of whether to trust buystuff.com when buying from ariels.com. And some sites manage to use a cert from the wrong domain, so the browser pops up a warning. And, of course, it's not at all clear to the user how to validate the identity from a cert.
But SSL, as used on shopping sites, does give protection from a man-in-the-middle.
Sorry, wrong movie. That was Raiders of the Lost Ark; we're talking Cold Fusion here...
This is barely standard (at the very least, it assumes an implementation running on an ASCII machine). Why not use the standard? putchar('\a'); will produce an `alert' character on stdout.
Even that's not enough to ensure you'll get to hear the alert immediately. At the very least, fflush(stdout); immediately. Or write to stderr.
</nit>
Why is a "News for Nerds" site only covering this now?
/. been over the past weeks?
Where has
The Unices have this rather better. Admins mount filesystems on various points of a tree. If /usr/local moves from one filesystem to another, the mount table has to change -- but the location of the files remains /usr/local. If \here\A moves to \\machine2\B, the best you can do is to curse yourself for not having used a drive letter in the first place. And there are pretty good reasons to want to avoid drive letters in favour of real names...
Even better, you have real symbolic links (not "shortcuts"!). The users can create their own pointers to useful places (even create a new directory structure). Admins can fix filesystems for backwards-compatibility. It's very simple -- so it's possible to configure in new ways.
Just in time for IPv6, too!
Switches are a performance measure, not a security measure. Trickery with ARP lets you sniff off a switch; see e.g. Ettercap.
True, there are detection measures available that might work for you. But sending valuable plaintext passwords is not a good idea.
Some broadband providers also put all local client traffic on the wire (e.g. cable broadband), connecting all homes in the vicinity to a hub.
How much performance increase are we talking here? Faster startup times? Better response times? Perceived better response?
There's no reason to work hard without knowing what the benefits are. For that matter, say I do all this and it doesn't seem to work any faster. How do I know if I did something wrong, or if there is nothing to measure?
Well, the first thing you have to do is pick between Extended Memory or Expanded Memory. For conciseness, we term both types "Expended Memory".
So we solve the problem of spam by not letting me use my email client, and instead forcing me to use a text "editor" box on your website. Actually, I rather like my email client (that's why I use it).
I'll do my best not to contact such a webified address. Then again, with any luck spam will begin filling in silly text boxes on web pages instead of email, and I'll be able to have spam-free email again!
The sci.math thread is archived at http://groups.google.com/groups?&threadm=3D749A9C. 1B651415%40hotmail.com . Comments appear luke-warm.
Note that the paper was submitted to the "High Energy Physics" archive, not the "Mathematics" archive. The abstract has some physics jargon, too. What this means for the proof I cannot say.
Again: Sure merchants trust the bank: they walk in with a stack of properly signed cheques, and they expect the bank to give them money in exchange for them. They trust the credit card companies: they bring them a pile of slips of paper and expect to get money in exchange for them.
The issue of keeping your own records is entirely secondary: if you didn't trust the credit card company to give you your money, you wouldn't accept credit cards, and you wouldn't give goods in exchange for signatures on slips of paper.
Cryptography and probability help you solve "trust" issues of the first kind (e.g. you can get a signed certificate from Peppercorn giving you the outcome of the coin toss; if only 450000 out of 1000000 coin tosses are in your favour, you will have proof that they're cheating you). They do nothing to convince you that my company, Corny Paper Unlimited Ltd., will give you your money.
They don't necessarily want to trust so many people. They just have to trust (some) people, or nobody will buy stuff from them.
(substituting your favourite 4-letter abbreviation for "VRSN") or
also works as expected.
But each portion was reviewed. For instance, Walter Feit and John Thompson proved a first step as Solvability of Groups of Odd Order, Pacific Journal of Mathematics 13 (1963), 775-1029. I do not know if (or what) problems were raised regarding publication of such a long paper.
Just the "Table of Contents" should be enough to set any red-blooded programmer on "DROOL".
Scheme has trivial syntax. This lets the authors explore semantics in amazing detail. Scheme's semantics are explained using progressively finer (and more accurate) "models". Eventually these models are implemented, in the form of interpreters and compilers for interesting subsets of Scheme. Meanwhile, various data types are presented. Unlike the vast majority of programming textbooks, arrays and array-based types are given little space. Meanwhile, lists, trees and various (potentially) "infinite" data structures are examined.
Models are also given for other types of programming, including a machine code, a logic programming language, and the pure functional style. Functional programming is used extensively (assignments are deliberately rare) but not fanatically.
An amazing introduction to the subject (even if you already know it).
Has RMS ever used 1337 5p34k? Have you ever seen RMS refer to Micro$oft?? For that matter, has anyone ever seen RMS praise "Open Source"???
Acceptance of Open Source and/or Free Software is not likely to happen as long as their basic concepts and speakers remain so poorly heard.