Indeed you are correct. See my above reply to 'gronofer'.
I mis-understood the original article. I worked on a related but separate system. I apologise for misleading you, even though it was unintentional.
The details of where you voted, when you voted and the type of your vote are attached to your ID. But, WHO you actually voted for remains completely anonymous... So don't fret.:)
My system was used (among other things) to determine if/when/how a given person attempted to vote more than once.
The funny thing is a significant proportion of these offenders turn out to be elderly people who simply 'forgot' that they had already voted. Seriously.
First of all, I wrote the previous post at work and, in the chaos of my office I think I misread the original post.
I worked on the software that tracks when and where a person votes.
ie: You walk into a polling station, present your ID and then get given a ballot form. The system records the time, location and TYPE of vote against your ID and synchronises that to a central database in near real-time. It does NOT record WHO you voted for. I'm sorry that I gave that impression. My bad.
I am not familiar with the software used to determine the outcome of votes. But, and this is speculation on my part, I can't imagine that it would be overly complex.
I'm honestly not sure why one wouldn't want to release the code. If nothing else, it might be nice to have a 'reference implementation' for a democratic vote tallying process. I assume a reasonable reason might be that it has not been audited for public consumption. Even a simple audit requires time and money. Both of which are in short supply at the AEC.
The previous poster was me... For some reason it came through anonymously. Sorry about that.
But, while I'm at it, I'd like to clarify that there are separate systems at play for 1) tracking votes and 2) tracking vote results.
These are separate problems and you do not want the same system doing this. Why? Because there's something uncomfortable about a system that tracks who you are, where you are and how you voted.:)
A couple of problems with this statement:
-.Net is not a programming language. Your comparison is just silly.
- In case you meant to refer to C#, no part of this development process is "point-and-click". In this regard, it is no different to C++ (I develop in both).
- It is not interpreted. Nor has it ever been.
- I think you'll find that the simple programs of "a few dozen lines" that you mention would likely be smaller (3 of lines) in C# than C++. But, again, this is a silly comparison and shouldn't be used in any reasonable comparison. If things like this are a problem, you are just using the wrong libraries; in most cases it has little to do with the language directly.
Hmmm... Yeah. That used to be true.
It's a lot better now, though.
My current bank (well, credit union. But they are aesthetically the same to me.) doesn't charge me any* fees on my normal accounts and offers ~5% interest on my online-only savings account**.
Though, I keep my savings and credit accounts with separate institutions because I'm paranoid...
--
*At my usage levels, which are pretty normal-use.
**Transferring between both accounts is free.
Not just profits of 'Billions of Dollars', but RECORD profits year after year... During a financial crisis no less.
People aren't upset about the banks making a profit (that's what they're there for). They're upset because the banks continue to make huge profits and then hike fee/rates/etc all the while complaining that "It's getting more expensive to operate in this industry".
I'm neither agreeing nor disagreeing with you. But it's important to realise that this issue occurs with all other filesystems too, including ext2/3.
If the machine has suddenly lost power, then clearly something 'catastrophic' has occured. This is clearly outside the influence of the developers. Yes, they can insert measures to minimize losses and ext4 already does this -> The journaling will give you an intact older revision of the data.
What else would you suggest be done? I'm not trying to start a flame war. I'm genuinely curious.
It's one thing to say that the user is expecting X but if a product is used outside of recommended guidelines, then X can not be guaranteed.
Here's a half-arsed analogy: If I crash my motorcycle because I fell asleep, is that the fault of the manufacturer? Realistically, no.
The answer here is, if your data is soooo important that you can't risk anything going wrong, do the following:
1) Turn caching off. ie: Write directly to the disk. This will kill performance. But at least you can be as sure as possible that the data is written. Alternatively you can manually narrow the cache dump window to something closer to ext3's defaults.
2) Buy a UPS. If the interuption of power is killing your data, just buy an Uninteruptable Power Supply. These things are cheap and, if your data is really that important, you have no excuse not to have one.
As I understand it, the issue is that the default time between cache dumps to disk is 4 seconds. This is much longer than ext2/3. So, if you yank the power cable during this time, on the next reboot ext4 will have no record of the event ever having occured and will use the previously journaled data instead.
If this is actually the case, then I don't really consider this a bug. It's just a larger cacheing window.
Someone please correct me if I'm wrong.
If some asshat broke into one of my servers then told me how, I'd send his ass to jail too.
No you wouldn't. You'd call him an asshat and walk away. You clearly aren't interested in the ACTUAL security of your network, or else you'd have listened to him. Not threaten him.
If he contacted me and said "I would like to break into your server then I'll tell you how", I'd pay him to do it under controlled circumstances.
That would never happen. And I'll tell you why (I wont even charge you).
The fact is, until he attempts it he wont know know if he can do it or not. Why would he go through the trouble of getting your attention if he's just going to look like an asshat upon failure?
However, if he just up and did it one day, it would cost me tens of thousands of dollars in cleanup.
I see two flaws in this argument.
1. You don't know that any damage was ever going to occur. Hell, it's not even likely that you'd be aware of the intrusion in the first place. This is not 'breaking and entering'. There's unlikely to be a broken window for you to claim on your insurance.
2. Given that you've made it abundantly clear that you'd 'send his ass to jail' and it's unlikely you'd detect his trespass (or else you would have blocked it), why would he ever want to tell you? You've basically enacted the 'don't ask, don't tell' tactic. That's not security. That's ignorance. You may as well put your hands on your ears and chant 'la-la-la'.
I don't think it was your intention to post something so closed-minded on a public forum. But you're now low-hanging fruit and I'm hungry.
I don't see this as a bad thing...
Around here (Canberra, Australia) plumbers, painters etc (tradesmen) get paid substantially more than us lowly C++ programmers.... I'm loooking forward to the pay rise, flexible hours and cash-in-hand work.:)
Damn... And I thought I was hopelessly nerdy. I must look positively herculean next to these guys.
I remember spending the better part of an afternoon last summer trying to solve my girlfriend's father's 20 year old rubiks cube. I was really close to solving it when it litterally fell apart in my hands. Turns out one of the (now grown up) kids had once tried to forcibly solve it with a screwdriver. Now, whenever you it get into a certain configuration (ie: a near-finished state) it loses all structural integrity. I could have cried... I WAS SO CLOSE!!!
I was crazy to spend so long on a three diementional rubik's cube. But, I don't know which is crazier... That someone made a four diementional version, or that people have already solved it.... And don't get me started on the five diementional one...
Slashdot Mirror
Indeed you are correct. See my above reply to 'gronofer'. I mis-understood the original article. I worked on a related but separate system. I apologise for misleading you, even though it was unintentional.
The details of where you voted, when you voted and the type of your vote are attached to your ID. But, WHO you actually voted for remains completely anonymous... So don't fret. :)
My system was used (among other things) to determine if/when/how a given person attempted to vote more than once. The funny thing is a significant proportion of these offenders turn out to be elderly people who simply 'forgot' that they had already voted. Seriously.
First of all, I wrote the previous post at work and, in the chaos of my office I think I misread the original post.
I worked on the software that tracks when and where a person votes.
ie: You walk into a polling station, present your ID and then get given a ballot form. The system records the time, location and TYPE of vote against your ID and synchronises that to a central database in near real-time. It does NOT record WHO you voted for. I'm sorry that I gave that impression. My bad.
I am not familiar with the software used to determine the outcome of votes. But, and this is speculation on my part, I can't imagine that it would be overly complex.
I'm honestly not sure why one wouldn't want to release the code. If nothing else, it might be nice to have a 'reference implementation' for a democratic vote tallying process. I assume a reasonable reason might be that it has not been audited for public consumption. Even a simple audit requires time and money. Both of which are in short supply at the AEC.
You are correct. The AEC develops most(all?) of its software in-house. I have helped develop software for them in the past.
The previous poster was me... For some reason it came through anonymously. Sorry about that. But, while I'm at it, I'd like to clarify that there are separate systems at play for 1) tracking votes and 2) tracking vote results. These are separate problems and you do not want the same system doing this. Why? Because there's something uncomfortable about a system that tracks who you are, where you are and how you voted. :)
A couple of problems with this statement: .Net is not a programming language. Your comparison is just silly.
-
- In case you meant to refer to C#, no part of this development process is "point-and-click". In this regard, it is no different to C++ (I develop in both).
- It is not interpreted. Nor has it ever been.
- I think you'll find that the simple programs of "a few dozen lines" that you mention would likely be smaller (3 of lines) in C# than C++. But, again, this is a silly comparison and shouldn't be used in any reasonable comparison. If things like this are a problem, you are just using the wrong libraries; in most cases it has little to do with the language directly.
Oh wow! This looks so much better than I thought it would. Well done! ... Now, to grab that torrent.
Hmmm... Yeah. That used to be true.
It's a lot better now, though.
My current bank (well, credit union. But they are aesthetically the same to me.) doesn't charge me any* fees on my normal accounts and offers ~5% interest on my online-only savings account**.
Though, I keep my savings and credit accounts with separate institutions because I'm paranoid...
--
*At my usage levels, which are pretty normal-use.
**Transferring between both accounts is free.
Not just profits of 'Billions of Dollars', but RECORD profits year after year... During a financial crisis no less.
People aren't upset about the banks making a profit (that's what they're there for). They're upset because the banks continue to make huge profits and then hike fee/rates/etc all the while complaining that "It's getting more expensive to operate in this industry".
Boo hoo!
I'm neither agreeing nor disagreeing with you. But it's important to realise that this issue occurs with all other filesystems too, including ext2/3.
If the machine has suddenly lost power, then clearly something 'catastrophic' has occured. This is clearly outside the influence of the developers. Yes, they can insert measures to minimize losses and ext4 already does this -> The journaling will give you an intact older revision of the data.
What else would you suggest be done? I'm not trying to start a flame war. I'm genuinely curious. It's one thing to say that the user is expecting X but if a product is used outside of recommended guidelines, then X can not be guaranteed.
Here's a half-arsed analogy: If I crash my motorcycle because I fell asleep, is that the fault of the manufacturer? Realistically, no.
The answer here is, if your data is soooo important that you can't risk anything going wrong, do the following:
1) Turn caching off. ie: Write directly to the disk. This will kill performance. But at least you can be as sure as possible that the data is written. Alternatively you can manually narrow the cache dump window to something closer to ext3's defaults.
2) Buy a UPS. If the interuption of power is killing your data, just buy an Uninteruptable Power Supply. These things are cheap and, if your data is really that important, you have no excuse not to have one.
As I understand it, the issue is that the default time between cache dumps to disk is 4 seconds. This is much longer than ext2/3. So, if you yank the power cable during this time, on the next reboot ext4 will have no record of the event ever having occured and will use the previously journaled data instead. If this is actually the case, then I don't really consider this a bug. It's just a larger cacheing window. Someone please correct me if I'm wrong.
Which leads to people pirating the very games they've already paid for... Nice move EA.
To be honest... I would have marked *myself* down for that one. It was a cheap shot.
On either scale yo' mama's still cheap. Even in the back seat of yo' Bugatti.
... It had to be said.
As a software developer I feel confident in saying this:
If your software "doesn't have bugs", it either doesn't do much or you just aren't looking hard enough.
(I'm not pointing any fingers...)
I agree with your point. But, where I'm from, it's the armed men who are doing the mugging.
If some asshat broke into one of my servers then told me how, I'd send his ass to jail too.
No you wouldn't. You'd call him an asshat and walk away. You clearly aren't interested in the ACTUAL security of your network, or else you'd have listened to him. Not threaten him.
If he contacted me and said "I would like to break into your server then I'll tell you how", I'd pay him to do it under controlled circumstances.
That would never happen. And I'll tell you why (I wont even charge you). The fact is, until he attempts it he wont know know if he can do it or not. Why would he go through the trouble of getting your attention if he's just going to look like an asshat upon failure?
However, if he just up and did it one day, it would cost me tens of thousands of dollars in cleanup.
I see two flaws in this argument.
... It's asshats all the way down.
1. You don't know that any damage was ever going to occur. Hell, it's not even likely that you'd be aware of the intrusion in the first place. This is not 'breaking and entering'. There's unlikely to be a broken window for you to claim on your insurance.
2. Given that you've made it abundantly clear that you'd 'send his ass to jail' and it's unlikely you'd detect his trespass (or else you would have blocked it), why would he ever want to tell you? You've basically enacted the 'don't ask, don't tell' tactic. That's not security. That's ignorance. You may as well put your hands on your ears and chant 'la-la-la'.
I don't think it was your intention to post something so closed-minded on a public forum. But you're now low-hanging fruit and I'm hungry.
I don't see this as a bad thing... Around here (Canberra, Australia) plumbers, painters etc (tradesmen) get paid substantially more than us lowly C++ programmers. ... I'm loooking forward to the pay rise, flexible hours and cash-in-hand work. :)
Neeeeeeeeeeeeeeerd!!!!
... And don't get me started on the five diementional one...
Damn... And I thought I was hopelessly nerdy.
I must look positively herculean next to these guys.
I remember spending the better part of an afternoon last summer trying to solve my girlfriend's father's 20 year old rubiks cube.
I was really close to solving it when it litterally fell apart in my hands. Turns out one of the (now grown up) kids had once tried to forcibly solve it with a screwdriver. Now, whenever you it get into a certain configuration (ie: a near-finished state) it loses all structural integrity.
I could have cried... I WAS SO CLOSE!!!
I was crazy to spend so long on a three diementional rubik's cube.
But, I don't know which is crazier... That someone made a four diementional version, or that people have already solved it.
Oh pleeeeease. Now you're not even trying. :)