Understood and sorry. But you must realize that people spout off nearly identical statements on Slashdot all the time whenever cryptography is mention... and they actually are ignorant. How can you blame me for playing it safe?:)
cryptographically, so no spoofing it unless you are really good at factoring large primes
Give me any prime number, I don't care how big it is. I will instantly factor it with nothing more than my brain! Which is, of course, why I can defeat crypto systems just be looking at them! Amazing, isn't it?
(I love it when people who don't really know cryptography start spouting off canned lines with the keywords factor (verb) and prime.)
Imagine, for a moment, if extremely over-paid executives from companies facing collapse were to drastically cut their salaries and invest that money back into their business. For example, why do US Airways execs need to make millions of dollars a year when they are trying to file for bankrupcy? It seems pretty straight forward to cut costs where costs can be cut.
Shut the fuck up. Seriously. Every time there is an article on/. about X11 eye candy, a troop of future-shock losers come forward and start complaining about how we "don't need this" or how it's "totally useless" and other nonsense. It's called "progress" and we should talk about how we can apply this technology in interesting ways (like Apple has done with Aqua) instead of bitching about how it shouldn't even be created in the first place.
While this article discusses something limited in scope (thanks for the spin, Slashfaux), this is becoming more and more common. But who is to blame? We (secularists and freethinkers) are.
We refuse to affiliate or support organisations which champion our cause. We refuse to be sufficiently vocal about matters of importance to us. We refuse, at the very least, to put our money where our mouths are.
Let me tell you, with absolute certainty, that the religious fundamentalists are more than happy to do all these things.
So, when are we going to step up and demand an end to this nonsense?
View the source on any Slashdot web page and observe the gigantic, sloppy cluster-fuck that is their output. Do not blame Gecko for this nightmare of deeply nested tables, font tags, missing close tags, and other crap. (What's funny is that Slashdot gives an HTTP 403 to validator.w3.org.) When Slashdot makes their code sane, then we can blame the browser. It's amazing to me that any user agent can parse this and make sense of it.
The only comfort the astronauts have is that we will do everything in our power to get them home if something goes wrong.
And if we can't get them home, they carry 150mg doses of KCn to make things easier in the end. No doubt, astronauts fully understand what they are getting into: a personal sacrifice in the name of science.
Windows is also in fact an extremely modular OS and
your comments about modules being tightly coupled togeather is pure
speclative BS (And completely wrong).
The reality is either one of us can only speculate all day about
whether or not Windows is all that modular. Based on reports from
both family and friends who have worked on Microsoft products, I would
disagree with you. This is besides the point. My original post was
written in the general case.
On the matter of tightly coupled systems being difficult to test,
yes, that does make unit testing more difficult. For
example, say I am building a Java web application. If I have code in
the back-end which depends on objects provided by my servlet container,
that means I have to have a servlet container available in order to
test the component. I cannot simply stand it up in a completely
isolated environment and test it. So, not only are there practical
issues that make unit testing difficult, I am also trying to quantify
the behavior of a much larger system (and one I specifically do not
want to test).
The problem with unit testing (or ONLY doing unit
testing) is that it does not test system interactions. A very large
number of IE flaws that allow things like installing tool bars or
other trojans were interactive flaws that involved multiple
systems. Each system worked independantly as expected, but hook them
up and the true behavior of the complex system become much harder to
test.
Unit testing will find buffer overflows and such, but not worm
holes through complex system interactions.
If I define the model by which pieces of my system interact, I
should know how those pieces cannot (are forbidden to)
interact. My unit tests, therefore, should include tests I expect to
fail, not just tests I expect to succeed. I should test functionality
in both the context in which it is permissible (verify it works) and
in contexts where it should be hidden (verify my security model
works). So yes, unit testing can be applied to test system
interactions as well which can help reduce security holes. As for
trojans and the like, I agree. Unit testing is not the end-all-be-all
of security analysis, but it can take a fairly large chunk
out of it.
In fact, modularizing actually makes the situation
worse, since it presents many more opportunities for module
combinations.
Your statement just about leaves me speechless. How can you tell
me I am coming up with bullshit and yet write something like this? I
am not going to go into depth about why modularity in software
architecture is good (that is a topic for freshman) but I will tell
you that your statement is flat out wrong. Try reading
up on the subject some time, okay?
The real world is a hell of a lot more complex than you
seem to be thinking it is having not done any of it.
And you base this statement on...? My point was that well designed
software architectures can be broken down into very small pieces that
are easy to unit test and that unit testing can be applied across an
architecture. I find you've hardly done any work in refuting my
claim.
And finally, never mind that Open Source does virtually
no testing of any kind. FF is STILL full of invalid memory access bugs
when http data is garbage that simple unit testing would have
found...
I don't know how you manage to extrapolate a flaw of a Mozilla
browser sub-project to encompass all open source development. This is
somewhat ironic considering some of the big name unit test frameworks come from the
open source community.
Instead of trying to test huge code bases, why not write decoupled systems and test small pieces of code? Oh wait, that requires effort.
I've worked on a number of projects (that borderline on huge) which have a thorough set of unit tests. Each test sets up pre and post conditions and checks the output against what we expect. (Duh!) It's not difficult, it just requires planning and careful attention to detail.
If you've ever built Perl from source, you'll notice that the entire code base gets tested during the process.
I have to say that it's not about theory or speculation, it's just about hankering down and doing it.
Testing, fundamentally is not that hard. I think the real problem is developers often trying to find excuses to either put it off or worse yet, not do it at all. Added to the problem are badly designed architectures where most components have tight dependencies with others. This prohibits running them in isolation and hence limits testability. Naturally, it's always more complicated than this (budges on time and money) but the root of the problem is lack of motivation or ignorance to the benefits of having easily and hence well tested code.
You completely blew it when you called PostgreSQL a "toy database". Hate to burst your bubble, but PostgreSQL is only barely shy of the features Oracle (the database, not the complete suite) provides.
I cannot identify your operating system. I'm not quite sure what "Start" is, but it looks fairly primative and that could be causing you some issues. Why don't you just get on the bandwagon and start using Linux or MacOS XI?
Why hack? Because it's there. Chill the fuck out, bitch. There's nothing wrong with someone having a hobby of trying to make hardware do things other than what it was designed to do. People like you back in the 80s would have been like: "why the hell would you take a perfectly functional piece of IBM business hardware and make it run games and graphics demos." Shut the fuck up and go back to your own narrow-minded shithole of a universe and let creativity thrive without your empty criticism. (Who the hell modded this guy up anyway?)
I never ceases to amaze me how so many people frown upon protecting the world we live in, the air we breath, the water we drink, and the food we eat. "Liberal agenda" my ass. This is about our survival as a species. You would hope that the people expressing deep concern over matters of the environment would receive thanks and praise for the efforts. Nevertheless, there is no shortage of greedy, wholeheartedly selfish people out there out to ensure their own personal and short-term gain, the consequences be damned. but then, I suppose I'm just some unamerican hippie...
Iraq has oil, therefore we invest in invading and occupying.
North Korea does not, therefore we save money by pursuing diplomacy.
I don't understand how any of those goddamn Right-wing nut-jobs out there can possibly not see how much bullshit there is in the Bush Administration's policy. We go after the non-threat while the threat is sitting there bragging at us all the while about how they are actively developing WMD.
I am so sick of these stupid fuckers making big mistakes for which we will all have to pay dearly.
Do not attempt to assume ownership of anything employees do with this 20%. A big part of the motivation to do anything useful in this department within the domain of self-improvement is ownership over what you create. If I come up with an idea that is useful to others that I can learn a lot from doing, and the company comes in and says: "we reserve all rights to whatever you create", I am not going to bother doing anything. In fact, the only restriction should be that the works are open source somehow. That way, the employee retains ownership, the company can freely use the work in their own projects, and the organization can claim they are contributing back to the community, and the original employee project will get expanded and built upon (which helps push the state-of-the-art). Everybody wins.
Slashdot Mirror
So, is it like this thing?
Understood and sorry. But you must realize that people spout off nearly identical statements on Slashdot all the time whenever cryptography is mention... and they actually are ignorant. How can you blame me for playing it safe? :)
Give me any prime number, I don't care how big it is. I will instantly factor it with nothing more than my brain! Which is, of course, why I can defeat crypto systems just be looking at them! Amazing, isn't it?
(I love it when people who don't really know cryptography start spouting off canned lines with the keywords factor (verb) and prime.)
USA fucks YOU!
See this article for more information. :-)
Imagine, for a moment, if extremely over-paid executives from companies facing collapse were to drastically cut their salaries and invest that money back into their business. For example, why do US Airways execs need to make millions of dollars a year when they are trying to file for bankrupcy? It seems pretty straight forward to cut costs where costs can be cut.
My first thought was that Apple couldn't solve a [memory] leak with Tiger, but they were going to release it anyway.
Shut the fuck up. Seriously. Every time there is an article on /. about X11 eye candy, a troop of future-shock losers come forward and start complaining about how we "don't need this" or how it's "totally useless" and other nonsense. It's called "progress" and we should talk about how we can apply this technology in interesting ways (like Apple has done with Aqua) instead of bitching about how it shouldn't even be created in the first place.
While this article discusses something limited in scope (thanks for the spin, Slashfaux), this is becoming more and more common. But who is to blame? We (secularists and freethinkers) are.
We refuse to affiliate or support organisations which champion our cause. We refuse to be sufficiently vocal about matters of importance to us. We refuse, at the very least, to put our money where our mouths are.
Let me tell you, with absolute certainty, that the religious fundamentalists are more than happy to do all these things.
So, when are we going to step up and demand an end to this nonsense?
View the source on any Slashdot web page and observe the gigantic, sloppy cluster-fuck that is their output. Do not blame Gecko for this nightmare of deeply nested tables, font tags, missing close tags, and other crap. (What's funny is that Slashdot gives an HTTP 403 to validator.w3.org.) When Slashdot makes their code sane, then we can blame the browser. It's amazing to me that any user agent can parse this and make sense of it.
And if we can't get them home, they carry 150mg doses of KCn to make things easier in the end. No doubt, astronauts fully understand what they are getting into: a personal sacrifice in the name of science.
The reality is either one of us can only speculate all day about whether or not Windows is all that modular. Based on reports from both family and friends who have worked on Microsoft products, I would disagree with you. This is besides the point. My original post was written in the general case.
On the matter of tightly coupled systems being difficult to test, yes, that does make unit testing more difficult. For example, say I am building a Java web application. If I have code in the back-end which depends on objects provided by my servlet container, that means I have to have a servlet container available in order to test the component. I cannot simply stand it up in a completely isolated environment and test it. So, not only are there practical issues that make unit testing difficult, I am also trying to quantify the behavior of a much larger system (and one I specifically do not want to test).
If I define the model by which pieces of my system interact, I should know how those pieces cannot (are forbidden to) interact. My unit tests, therefore, should include tests I expect to fail, not just tests I expect to succeed. I should test functionality in both the context in which it is permissible (verify it works) and in contexts where it should be hidden (verify my security model works). So yes, unit testing can be applied to test system interactions as well which can help reduce security holes. As for trojans and the like, I agree. Unit testing is not the end-all-be-all of security analysis, but it can take a fairly large chunk out of it.
Your statement just about leaves me speechless. How can you tell me I am coming up with bullshit and yet write something like this? I am not going to go into depth about why modularity in software architecture is good (that is a topic for freshman) but I will tell you that your statement is flat out wrong. Try reading up on the subject some time, okay?
And you base this statement on...? My point was that well designed software architectures can be broken down into very small pieces that are easy to unit test and that unit testing can be applied across an architecture. I find you've hardly done any work in refuting my claim.
I don't know how you manage to extrapolate a flaw of a Mozilla browser sub-project to encompass all open source development. This is somewhat ironic considering some of the big name unit test frameworks come from the open source community.
Instead of trying to test huge code bases, why not write decoupled systems and test small pieces of code? Oh wait, that requires effort.
I've worked on a number of projects (that borderline on huge) which have a thorough set of unit tests. Each test sets up pre and post conditions and checks the output against what we expect. (Duh!) It's not difficult, it just requires planning and careful attention to detail.
If you've ever built Perl from source, you'll notice that the entire code base gets tested during the process.
I have to say that it's not about theory or speculation, it's just about hankering down and doing it.
Testing, fundamentally is not that hard. I think the real problem is developers often trying to find excuses to either put it off or worse yet, not do it at all. Added to the problem are badly designed architectures where most components have tight dependencies with others. This prohibits running them in isolation and hence limits testability. Naturally, it's always more complicated than this (budges on time and money) but the root of the problem is lack of motivation or ignorance to the benefits of having easily and hence well tested code.
You completely blew it when you called PostgreSQL a "toy database". Hate to burst your bubble, but PostgreSQL is only barely shy of the features Oracle (the database, not the complete suite) provides.
I cannot identify your operating system. I'm not quite sure what "Start" is, but it looks fairly primative and that could be causing you some issues. Why don't you just get on the bandwagon and start using Linux or MacOS XI?
Why hack? Because it's there. Chill the fuck out, bitch. There's nothing wrong with someone having a hobby of trying to make hardware do things other than what it was designed to do. People like you back in the 80s would have been like: "why the hell would you take a perfectly functional piece of IBM business hardware and make it run games and graphics demos." Shut the fuck up and go back to your own narrow-minded shithole of a universe and let creativity thrive without your empty criticism. (Who the hell modded this guy up anyway?)
And we wonder way cancer is so rampant.
The animals have a sixth sense.
I see dead people.
I never ceases to amaze me how so many people frown upon protecting the world we live in, the air we breath, the water we drink, and the food we eat. "Liberal agenda" my ass. This is about our survival as a species. You would hope that the people expressing deep concern over matters of the environment would receive thanks and praise for the efforts. Nevertheless, there is no shortage of greedy, wholeheartedly selfish people out there out to ensure their own personal and short-term gain, the consequences be damned. but then, I suppose I'm just some unamerican hippie...
"Whore" sounds like a pretty good option to me.
Why isn't Slashdot on that list?
Iraq has oil, therefore we invest in invading and occupying.
North Korea does not, therefore we save money by pursuing diplomacy.
I don't understand how any of those goddamn Right-wing nut-jobs out there can possibly not see how much bullshit there is in the Bush Administration's policy. We go after the non-threat while the threat is sitting there bragging at us all the while about how they are actively developing WMD.
I am so sick of these stupid fuckers making big mistakes for which we will all have to pay dearly.
"A liger is just about my favorite animal, bred for it's skills in magic. Flippin' idiot."
Do not attempt to assume ownership of anything employees do with this 20%. A big part of the motivation to do anything useful in this department within the domain of self-improvement is ownership over what you create. If I come up with an idea that is useful to others that I can learn a lot from doing, and the company comes in and says: "we reserve all rights to whatever you create", I am not going to bother doing anything. In fact, the only restriction should be that the works are open source somehow. That way, the employee retains ownership, the company can freely use the work in their own projects, and the organization can claim they are contributing back to the community, and the original employee project will get expanded and built upon (which helps push the state-of-the-art). Everybody wins.