Never really understood leap seconds. I mean timezones are rounded to the nearest hour (mostly) and cover a large width of the earth's surface. IMHO we should simplify the global standard, and maybe consider shifting timezones by 15 minute increments when that starts to become a problem.
Because the change in debt causes booms and busts. If the level of debt compared to GDP was constant, we'd be fine. But debt growth leads to euphoric expectations, which leads to more debt growth. The economy becomes dependant on the rate of growth of debt. A mere slow down in lending can lead to a recession.
Why do you believe a bank manager deserves your interest payments? What amazing service does he offer to compensate for the rent you are paying him? I'd much rather have the disposable income to invest in more productive ventures.
The level of private debt is an important factor in explaining why the GDP is expanding so slowly now.
FTFY.
Creating debt allows us to spend money we don't have. That boosts the economy, and our collective income. Slow down the creation of debt, and the economy shrinks. Try to pay that debt down and we'll enter a deflationary depression.
Wan't to fix the economy? We have to deal with our mountain of debt, without trying to pay it all back. We need to take the power to create debt away from the banks, and use the government's power to create money instead. Change the rules on lending to limit asset price speculation. Give everyone cash with only one string attached; if you have debts, you must pay them down.
You could build a system where you allow chip and sign, while making this MITM attack is impossible. All it requires is end-to-end hashing and signature of the whole conversation. We already have protocols like that baked into things like https.
Tracking when changes were made, and why, is the job of your source control system. Describing what the code does, is mostly the job of the code; variable names, function names and an occasional brief comment. Describing the expected inputs and outputs of the code is the job of unit testing. Describing the intent of the code, well that's a bit harder to get the right balance. Of course there's lots of overlap, and some huge grey areas.
When reading someone else's code to track down a bug, or add a new feature. I can understand what the code is doing by reading it or debugging it. I can discover who and when from source control. Perhaps cross referencing to extra information in a bug tracker. The hardest bit is discovering what the true intent of the code is supposed to be. That's where comments are the most useful.
Moore's law doesn't really describe a consistent and straight forward "technology doubling". CPU frequency, power consumption and single core performance have almost flat-lined. And that's without considering the bandwidth and latency delays you face when attempting to scale problems to multiple cores.
There are a few data driven places where you can generate a reasonable written report without involving a human. Sporting game summaries, financial market analysis..... There may be other data sources that can be mined and turned into "news", or perhaps used by journalists to increase their productivity.
So don't compare only 2 DNA strings at once, or you can compromise and get good imperfect results. Every time you discover a matching sequence, you can leverage the information you have gained from earlier comparisons. DASH: Searching Compressed DNA (disclosure; A friend's PHD thesis).
A friend of mine is building a C65 clone. It started as a hobby, using an FPGA to implement the CPU, RAM, sound & video chips. But a whole bunch of 8-bit enthusiasts have joined together to start building everything from cases to IO boards for connecting original peripherals.
Builds in Go 1.5 will be slower by a factor of about two. The automatic translation of the compiler and linker from C to Go resulted in unidiomatic Go code that performs poorly compared to well-written Go. Analysis tools and refactoring helped to improve the code, but much remains to be done. Further profiling and optimization will continue in Go 1.6 and future releases. For more details, see these slides and associated video.
Not quite. kmscon uses the same key binding format as X because it re-uses the same code.
I tried using it once, I replaced one of my consoles with kmscon and the only difference I saw was a subtle change in text colours. The fonts and other terminal behaviour seemed identical.
But it only seemed to work for me with the open source driver for nvidia cards. And that has other limitations.
To fix this would require moving the HID key value translations into the kernel keyboard driver, rather than having it (mostly) in user space in all three instances (X, Weyland, console).
And prisons in the US are overflowing due to mandatory sentencing of drug related crimes... So tell me again how "on such a massive scale they simply can't do anything about it" is going to work...
And my implied point is that the "editors" didn't bother to link to the previous story for context. Without that acknowledgement, I might assume that this is just a dupe with no new "news".
newgrp is a setuid binary. During the startup of that process, if the vulnerable environment variable is set, dyld will open the requested file. Since stdin=0 / stdout=1 / stderr=2 should be the only open files, the next available file descriptor would be 3. So open() should give dyld that file descriptor.
newgrp will then drop it's privileges and run your shell, perhaps by calling exec() without forking another process. Since the file wasn't specified to close on exec, the shell will inherit the open file descriptor.
If we pass "echo "[something]" >&3" to stdin of newgrp, the echo will be executed in the new shell. Even though that shell is running as the logged in user, fd=3 was opened by root. So the result can be appended to any file you want.
Slashdot Mirror
Never really understood leap seconds. I mean timezones are rounded to the nearest hour (mostly) and cover a large width of the earth's surface. IMHO we should simplify the global standard, and maybe consider shifting timezones by 15 minute increments when that starts to become a problem.
Because the change in debt causes booms and busts. If the level of debt compared to GDP was constant, we'd be fine. But debt growth leads to euphoric expectations, which leads to more debt growth. The economy becomes dependant on the rate of growth of debt. A mere slow down in lending can lead to a recession.
Why do you believe a bank manager deserves your interest payments? What amazing service does he offer to compensate for the rent you are paying him? I'd much rather have the disposable income to invest in more productive ventures.
The level of private debt is an important factor in explaining why the GDP is expanding so slowly now.
FTFY.
Creating debt allows us to spend money we don't have. That boosts the economy, and our collective income. Slow down the creation of debt, and the economy shrinks. Try to pay that debt down and we'll enter a deflationary depression.
Wan't to fix the economy? We have to deal with our mountain of debt, without trying to pay it all back. We need to take the power to create debt away from the banks, and use the government's power to create money instead. Change the rules on lending to limit asset price speculation. Give everyone cash with only one string attached; if you have debts, you must pay them down.
You could build a system where you allow chip and sign, while making this MITM attack is impossible. All it requires is end-to-end hashing and signature of the whole conversation. We already have protocols like that baked into things like https.
Tracking when changes were made, and why, is the job of your source control system. Describing what the code does, is mostly the job of the code; variable names, function names and an occasional brief comment. Describing the expected inputs and outputs of the code is the job of unit testing. Describing the intent of the code, well that's a bit harder to get the right balance. Of course there's lots of overlap, and some huge grey areas.
When reading someone else's code to track down a bug, or add a new feature. I can understand what the code is doing by reading it or debugging it. I can discover who and when from source control. Perhaps cross referencing to extra information in a bug tracker. The hardest bit is discovering what the true intent of the code is supposed to be. That's where comments are the most useful.
Moore's law doesn't really describe a consistent and straight forward "technology doubling". CPU frequency, power consumption and single core performance have almost flat-lined. And that's without considering the bandwidth and latency delays you face when attempting to scale problems to multiple cores.
There are a few data driven places where you can generate a reasonable written report without involving a human. Sporting game summaries, financial market analysis..... There may be other data sources that can be mined and turned into "news", or perhaps used by journalists to increase their productivity.
Working with a big MS Word document ...
I think I've spotted your problem.
The US also had amendment 18. The constitution is not immutable.
So don't compare only 2 DNA strings at once, or you can compromise and get good imperfect results. Every time you discover a matching sequence, you can leverage the information you have gained from earlier comparisons. DASH: Searching Compressed DNA (disclosure; A friend's PHD thesis).
A friend of mine is building a C65 clone. It started as a hobby, using an FPGA to implement the CPU, RAM, sound & video chips. But a whole bunch of 8-bit enthusiasts have joined together to start building everything from cases to IO boards for connecting original peripherals.
Sure it's not carbon capture, but it is renewable.
Builds in Go 1.5 will be slower by a factor of about two. The automatic translation of the compiler and linker from C to Go resulted in unidiomatic Go code that performs poorly compared to well-written Go. Analysis tools and refactoring helped to improve the code, but much remains to be done. Further profiling and optimization will continue in Go 1.6 and future releases. For more details, see these slides and associated video.
And replacing it with something slower.
Not quite. kmscon uses the same key binding format as X because it re-uses the same code.
I tried using it once, I replaced one of my consoles with kmscon and the only difference I saw was a subtle change in text colours. The fonts and other terminal behaviour seemed identical.
But it only seemed to work for me with the open source driver for nvidia cards. And that has other limitations.
To fix this would require moving the HID key value translations into the kernel keyboard driver, rather than having it (mostly) in user space in all three instances (X, Weyland, console).
Or just remove in-kernel VT consoles completely, and replace them with a user-space implementation.
git bundle create <file> <git-rev-list-args>
And victimizing a small number of copyright infringers will be better? But we're getting way off track...
And prisons in the US are overflowing due to mandatory sentencing of drug related crimes... So tell me again how "on such a massive scale they simply can't do anything about it" is going to work...
... start copyright infringement on such a massive scale they simply can't do anything about it.
Because that plan worked so well for fighting the war on drugs?
No shell access needed.
Well, you do need the ability to set an environment variable, fork and exec a setuid binary. But you don't need to run /bin/sh.
And my implied point is that the "editors" didn't bother to link to the previous story for context. Without that acknowledgement, I might assume that this is just a dupe with no new "news".
A Tweet-Sized Exploit Can Get Root On OS X 10.10
And people feel much better about the temperature if you give them a thermostat that does nothing...
newgrp is a setuid binary. During the startup of that process, if the vulnerable environment variable is set, dyld will open the requested file. Since stdin=0 / stdout=1 / stderr=2 should be the only open files, the next available file descriptor would be 3. So open() should give dyld that file descriptor.
newgrp will then drop it's privileges and run your shell, perhaps by calling exec() without forking another process. Since the file wasn't specified to close on exec, the shell will inherit the open file descriptor.
If we pass "echo "[something]" >&3" to stdin of newgrp, the echo will be executed in the new shell. Even though that shell is running as the logged in user, fd=3 was opened by root. So the result can be appended to any file you want.
I understand why the Euro don't want to deal with Varoufakis, he actually knows what he's talking about. But it sounds like Greek to them.