Bad guess. I first started programming in 1969. Back then, the way to avoid buffer overflows was to put your buffer at the end of the program so there was nothing to be overwritten. Not really practical today, of course, but the basic idea of protecting your code from overflows if you can still applies.
I doubt you'd find any in code I've written, for two reasons. First, I've been stuck in tech support so long that little if any of my code would still be in uses and second, most of it was reading records of known length from files. I did, however, learn the right way to handle variable-length input many years ago.
My M$ bashing wasn't meant to imply that they're the only ones doing it, just that almost every time I hear of a buffer exploit, it's NanoLimp related. I'm not a Linux bigot, nor anti-Redmond fanatic, I'm just realistic about their blind spots, and buffer sizes seem to be one of them.
You don't allocate a buffer of fixed length unless you're lazy. You find out how long the input is, allocate a buffer big enough to fit then move the input to the buffer. When you're done you deallocate the buffer. Simple, safe and easy. I guess Micro$oft coders never learned how to practice safe hex.
I wasn't thinking of Larry making the movie on his own, just investing in it so as to give him a bigger voice in how it's made. He's a smart man, and I can't picture him trying to control the whole movie, just keep Wollyweird from going off into left field.
Yes, it would be a great film, but it will never happen. The film makes a strong point, and one the film people don't want made: when you get right down to it, most people really aren't going to behave themselves if they think they can get away with it.
One thing that can keep Hollywood from mucking up the movie is for the author to be one of the people financing the film, and Larry's got enough cash to do exactly that.
The Pak would see nothing unusual about the Ringworld being wracked by endless clan warfare, as that's what they were accustomed to. As far as they were concerned, that's the way life was.
In general, a firewall can only stop what it's been told to stop. This may include "all misformed packets," or "all ports except specific ones." However, just because a port has a standard usage doesn't mean it's only used for just that. An applet can send out a request over port 80 and download a trojan over (let's say) port 110 and your firewall will probably think the incoming packets are just email. Yes, having AI in your firewall may help to some extent, but that means analyzing every connection and slowing down throughput until the AI's satisfied. Even if you don't mind the lag, it's still not 100% certain because the malware can easily mimic the correct handshaking for that protocol. About the best you can get is to make it hard enough to get through that skript kiddies won't know how and those that do won't feel it's worth the effort.
The article doesn't blame NanoLimp because the writer has no idea that they're to blame. Most people don't know that it's even possible for an OS to be implemented with security in mind, so they don't expect it. If you can't raise the quality, lower the expectations.
That's Dan. I've seen the several pages of differential equations he came up with to describe them. He was also Dr. Dan Forrester in Lucifer's Hammer, and the man between the Horders and the Wasters in Inferno.
Yes, they deserve our respect, but they get their reward in the money we pay for their work. If you want to get them some public kudos, why not submit an article asking for their names?
My nominee is the late Daniel J. Alderson, of JPL. Everything he wrote was Open Source, because that's the way JPL works. Until fairly recently, they were still using the system he wrote to maneuver spaceprobes, although it waasn't his program that caused the crash on Mars. His software navigated Project Voyager out of the Solar System and into intersteller space. It maneuvered Voyager I behind Titan, giving us the first measurment of its atmosphere.
When he lost his sight to diabetes, I acted as his caregiver and "seeing eye person." I helped him write software tools and subroutines for general use in Project Voyager. I watched him move bytes around absolute memory addresses in FORTRAN 77, although the language was supposed to prevent this. He was, as Jerry Pournelle once wrote, "the sane genius." He died in 1988, but he's still one of the greats in my book and in that of everybody who knew him.
You can barely pick up an FM station 40 miles away with a regular radio receiver. How far away do you think you could pick it up with a radio-telescope sensative enough to pick up quasars?
They might well. But assuming they use something we can't detect gets us nowhere. We might as well hope they're using radio/TV because if they aren't there's nothing we can do about it.
He also tries to prove his case about crypto with a false dichotomy. He shows that it's impractical to break a 128-bit encryption by trial and error because there are so many keys possible and claim that this proves they can't be broken. Of course, as we all know, there are other methods, and trial and error is almost always the least effective of them.
SETI isn't looking for messages people are sending us, it's looking for evidence that somebody out there is communicating by radio. As an example, other civilizations within about fifty light-years or so would be able to pick up TV signals from us, and radio could be detected for almost twice the distance. None of these are intended as extra-terrestrial communications, but they'd be evidence that we're here.
The grandparent nailed it - people in this community can't deal with a reality like "AbiWord doesn't have a grammar checker and Word does" so they just sit there, claim the feature is unecessary and make stupid jokes about Clippy.
I read it differently. To me, it was more like, "a grammr checker shouldn't be the one thing you decide on." It pointed out that it's a minor feature compared to many others and that Word's isn't very good anyway.
In any event, I agree that a grammar checker is often a crutch for people that never bothered to learn proper grammar and that they're usually too inflexable. Even a poor one can be usefull, as long as you're willing and able to override it when needed, but you have to know what you're doing.
quantum mechanics is repeatable, if you go about it the right way. Predictions in quantum mechanics are expressed as probabilities, so you need to repeat the proceedure many times to see if the various results are observed in the predicted percentages.
But the job goes elsewhere because someone else can do it cheaper.
Yes. I did tech support until my company decided that they could get cheaper support in India. And they were right: they got lower cost, lower quality support from people in India. They threw away about twenty years cumulative experience and institutional memory because people in India with no experience were willing to work for less. And now, if they're lucky, they're getting what they're willing to pay for: support that's making them a laughing-stock instead of the high reputation for quality support they had before.
There's a fallacy to outsourcing that economists are either ignorant of or ignore. Let's say you pay $X/hr for your support staff. Then, you outsource it. The outsource takes Y% for their costs and profit from whatever you pay them. You're not going to pay more than $X to them, so at best, the people they hire are getting Y% less than your own staff was. If your own staff was worth what you paid them, the outsource people, being willing to work for less are probably only worth what they're getting. That means that you end up paying just as much money for support and getting less for it. If you pay less to the outsource people, the problem just gets worse. Whenever you outsource, quality goes down faster than costs do.
Before anybody points it out to me, I know that sending the stuff to third-world countries where costs are less can get you good people for less than you'd pay here. The point is that no matter how you do it, outsourcing still means you pay the outsourcing company. If you really want to take advantage of third-world prices, run your own operation there and cut out the middle-man.
What I was thinking of was collecting the light from several small scopes and combine it electronically into one image of a single object. Don't know if it'd do any good, but it sounds like it might.
They already do exactly that with radio telescopes. Generally, it's harder to do it with visual light, because of the difficulty in combining several photographs. However, they do sometimes use photo-multiplier tubes and detectors. I wonder if it's possible to connect these to a video camera instead of film, send the signal back to a central point and combine the images that way. Anybody out there know anything about this?
Bad guess. I first started programming in 1969. Back then, the way to avoid buffer overflows was to put your buffer at the end of the program so there was nothing to be overwritten. Not really practical today, of course, but the basic idea of protecting your code from overflows if you can still applies.
My M$ bashing wasn't meant to imply that they're the only ones doing it, just that almost every time I hear of a buffer exploit, it's NanoLimp related. I'm not a Linux bigot, nor anti-Redmond fanatic, I'm just realistic about their blind spots, and buffer sizes seem to be one of them.
You don't allocate a buffer of fixed length unless you're lazy. You find out how long the input is, allocate a buffer big enough to fit then move the input to the buffer. When you're done you deallocate the buffer. Simple, safe and easy. I guess Micro$oft coders never learned how to practice safe hex.
I wasn't thinking of Larry making the movie on his own, just investing in it so as to give him a bigger voice in how it's made. He's a smart man, and I can't picture him trying to control the whole movie, just keep Wollyweird from going off into left field.
Yes, it would be a great film, but it will never happen. The film makes a strong point, and one the film people don't want made: when you get right down to it, most people really aren't going to behave themselves if they think they can get away with it.
One thing that can keep Hollywood from mucking up the movie is for the author to be one of the people financing the film, and Larry's got enough cash to do exactly that.
The Pak would see nothing unusual about the Ringworld being wracked by endless clan warfare, as that's what they were accustomed to. As far as they were concerned, that's the way life was.
In general, a firewall can only stop what it's been told to stop. This may include "all misformed packets," or "all ports except specific ones." However, just because a port has a standard usage doesn't mean it's only used for just that. An applet can send out a request over port 80 and download a trojan over (let's say) port 110 and your firewall will probably think the incoming packets are just email. Yes, having AI in your firewall may help to some extent, but that means analyzing every connection and slowing down throughput until the AI's satisfied. Even if you don't mind the lag, it's still not 100% certain because the malware can easily mimic the correct handshaking for that protocol. About the best you can get is to make it hard enough to get through that skript kiddies won't know how and those that do won't feel it's worth the effort.
The article doesn't blame NanoLimp because the writer has no idea that they're to blame. Most people don't know that it's even possible for an OS to be implemented with security in mind, so they don't expect it. If you can't raise the quality, lower the expectations.
That's Dan. I've seen the several pages of differential equations he came up with to describe them. He was also Dr. Dan Forrester in Lucifer's Hammer, and the man between the Horders and the Wasters in Inferno.
Yes, they deserve our respect, but they get their reward in the money we pay for their work. If you want to get them some public kudos, why not submit an article asking for their names?
When he lost his sight to diabetes, I acted as his caregiver and "seeing eye person." I helped him write software tools and subroutines for general use in Project Voyager. I watched him move bytes around absolute memory addresses in FORTRAN 77, although the language was supposed to prevent this. He was, as Jerry Pournelle once wrote, "the sane genius." He died in 1988, but he's still one of the greats in my book and in that of everybody who knew him.
Put the mail on Ford's briefcase before trying to get the fish.
You can barely pick up an FM station 40 miles away with a regular radio receiver. How far away do you think you could pick it up with a radio-telescope sensative enough to pick up quasars?
They might well. But assuming they use something we can't detect gets us nowhere. We might as well hope they're using radio/TV because if they aren't there's nothing we can do about it.
He also tries to prove his case about crypto with a false dichotomy. He shows that it's impractical to break a 128-bit encryption by trial and error because there are so many keys possible and claim that this proves they can't be broken. Of course, as we all know, there are other methods, and trial and error is almost always the least effective of them.
SETI isn't looking for messages people are sending us, it's looking for evidence that somebody out there is communicating by radio. As an example, other civilizations within about fifty light-years or so would be able to pick up TV signals from us, and radio could be detected for almost twice the distance. None of these are intended as extra-terrestrial communications, but they'd be evidence that we're here.
I read it differently. To me, it was more like, "a grammr checker shouldn't be the one thing you decide on." It pointed out that it's a minor feature compared to many others and that Word's isn't very good anyway.
In any event, I agree that a grammar checker is often a crutch for people that never bothered to learn proper grammar and that they're usually too inflexable. Even a poor one can be usefull, as long as you're willing and able to override it when needed, but you have to know what you're doing.
AbiWord already understands the Rich Text Format (.rtf) as do most word processers today.
quantum mechanics is repeatable, if you go about it the right way. Predictions in quantum mechanics are expressed as probabilities, so you need to repeat the proceedure many times to see if the various results are observed in the predicted percentages.
Yes. I did tech support until my company decided that they could get cheaper support in India. And they were right: they got lower cost, lower quality support from people in India. They threw away about twenty years cumulative experience and institutional memory because people in India with no experience were willing to work for less. And now, if they're lucky, they're getting what they're willing to pay for: support that's making them a laughing-stock instead of the high reputation for quality support they had before.
Before anybody points it out to me, I know that sending the stuff to third-world countries where costs are less can get you good people for less than you'd pay here. The point is that no matter how you do it, outsourcing still means you pay the outsourcing company. If you really want to take advantage of third-world prices, run your own operation there and cut out the middle-man.
What I was thinking of was collecting the light from several small scopes and combine it electronically into one image of a single object. Don't know if it'd do any good, but it sounds like it might.
Well, as the gas gets thinner, the sonic frequencies go up leaving less in the bass range. There just might be something to your idea.
They already do exactly that with radio telescopes. Generally, it's harder to do it with visual light, because of the difficulty in combining several photographs. However, they do sometimes use photo-multiplier tubes and detectors. I wonder if it's possible to connect these to a video camera instead of film, send the signal back to a central point and combine the images that way. Anybody out there know anything about this?