I have to second this recommendation. I'm sitting in front of the only system on which I've ever seen Linux crash completely. I'm talking about seeing kernel oops and kernel panic messages regularly. Memtest86 showed that one of my SIMMs was half bad. Until I started using RAM about the 256MB mark, everything worked.
Nothing like a bit of bitchin about/. editors to brighten an otherwise dull day!
No. This is a special case. This story is extremely important. It mentions Eric Raymond, Linux, and even/. Besides, CmdrTaco actually read Joel's article. He took to heart what Joel said about the difference in writing styles between man pages and Windows help files.
I can send you the config offline if you want to peek.
I doubt I can add anything. I've become intimately familiar with the problems with nVidia's driver recently. Supposedly, 4.3.0 has support for the newer nVidia cards without nVidia's driver. I need to get it loaded to be sure.
I'm reluctant to even ask, but what kind of video card do you have? One of the problems with Debian's stable release is that it has an old version of X on it. The server code is lacking a lot of driver updates that appeared recently.
With solar like this, I'm not sure why nuclear would need to be brought into the picture.
A quick web search led me to the information that Galena, AK is at about 64.73N. While that is below the Arctic Circle by a couple of degrees, it is not the greatest place on the planet to be planning to heat with solar power.
If anything, it will produce a less annoying advertising message. Something I'm sure we all would not mind seeing.
Yes. To the extent that the approach reduces the amount of advertising sent to people who didn't want it in the first place, this is unambiguously good. However, to the extent that the messages are better crafted to catch my attention and make it difficult for me to immediately discard it, this is not necessarily an improvement.
There are products that I want and that I will buy. Some of them are things for which no advertising is required. On every trip to the supermarket, I'm going to come home with milk and bread. Where advertising is welcome is with products I would happily buy once I know they are available. The next book by one of my favorite authors would be an excellent example. There are also some things I will never pay money for. The grey area between those extremes is exactly what advertising is trying to shift. And I know that I should not spend my money on everything that catches my attention. That is partly because my money is limited, but equally important is the fact that my time to enjoy those purchases is also limited. Spending that time reaching decisions about products whose appeal to me is marginal is a poor use of my time. I benefit more by spending it enjoying things that I value more.
For what it is worth, this tells me something about how Spider Robinson writes. It may be the best explanation for why he is a successful writer and I am not. If he uses a computer as a typewriter, that implies that he writes linearly. There is not only nothing wrong with that, it may be crucial to making his prose flow the way it does. I say that as a long time fan of his books.
On the other hand, when I'm writing, I tend to hop around. I go back and change a few words, or return to the previous paragraph and add a sentence fairly often. I had previously attributed this to the fact that I am a neophyle and I was an early adopter of computers. The number of words that I have written on one computer or another is into eight figures at this point. But taking it in light of the comment above, I'm inclined to believe that my thinking process simply doesn't lend itself as well to the typewriter as it does to editors that allow me to skip around.
There's a pair of books that make interesting reading together. One is Paul Graham's On Lisp. Whatever you may think of his statements against other languages, he knows Lisp and he does an excellent job of explaining how to use it well. I didn't understand how to use Lisp macros effectively until I read it, or why to use them.
Shortly after reading it, I read Modern C++ Design by Andrei Alexandrescu. Reading that, I started to understand some of the power of generic programming. If you understand when these two books are explaining two very different implementations of the same things, then you have grasped the essence of some very powerful techniques.
Frankly, generic programming is one place where Java is still definitely lagging. Fortunately, there is currently an effort to fix that.
Lisp's greatest strength is also its greatest weakness. The language eschews nearly all syntax. All structure within a program that would be expressed syntactically in other languages consists of levels of parentheses and order of arguments to various functions, macros and special forms. There is great power in this. It means that what you add to the language fits in seemlessly. That is the point of Graham's title for his book. Read the first chapter for his explanation.
Unfortunately, this very scarcity of imposed syntax puts a burden on the programmer to format for clarity and to learn to read in a language where some of the familiar signposts simply are not present. That task is certainly possible, but it puts many people off.
Just 360 -- less than 2 per cent -- of BSD Unix servers were successfully breached in August.
This statement clearly states that less than 2 percent of the BSD servers on the net were attacked. Yet that is not what the numbers show. The numbers state that less than 2 percent of the attacks were against BSD servers. That is a very different thing indeed.
As such, there are a number of pieces of information that are needed to make this article useful:
How many servers were there running each OS on the net?
What consistutes a successful, verifiable attack? Does a DDoS that cuts you off from the net count? Then the OS of the compromised machines counts for more than the OS of the tarket.
What percentage of attacks go unreported? If that is high enough, the stats are meaningless. Self-reporting will generally bias results.
Is the count actually by the number of servers, or is it by domain?
With the advent of spam most people I know abandonned their first email address years ago. I have one for each service I use (including slashdot).
Of course, in the end that may not be enough. I actually vary my style depending on whether I am posting under my own name or as an AC here. I assume that there will be archives of everything posted in public. Even if it isn't possible to determine the identity of an anonymous poster today, it is only going to get easier.
I know more than a few people who would like to take back things they said on Usenet back in the day when we were used to articles expiring and disappearing. Now they live on for ages in archives, some of them public, more private.
If you ever doubted that Microsoft or any other big organization may be reading (and storing) a large percentage of what is said about them online, consider the traditional method of finding Kibo. Mention him in a newsgroup and wait for him to answer. At least one interviewer found him that way. He's one individual.
I checked the documentation for the "nv" driver. Support for the GeForce4 cards was added early in 2002, IIRC. However, it was only released in the latest version. I'm running Debian, and I was waiting until someone considered 4.3 to be stable enough to release a.deb for it. I can live without the acceleration. I'm not really a gamer and the games I do enjoy are mostly strategy.
Secondly, are you saying that the ATI driver supports nVidia cards? If that's the case, I'll have to check it out.
We should probably take this discussion to e-mail. You can reach me at "dsplat at rochester dot rr dot com".
Did you find a good, stable solution? I've got a system with an nVidia card and I've been having stability problems with it. I know there are some other issues that are the downstream results of crashing and trashing a couple of filesystems. I'm planning to reload it, and if there is a good way to correct this nVidia driver issue, I'd like to know about it.
Somehow I doubt she'd want the part. But I couldn't help noticing the similarities between Servalan and Grayza. I wonder if Rebecca Rigg would be up for another villainess role.
I know you intended that as humor, but the serious answer is "no".
Requirements never capture every detail. There are a number of reasons. The most obvious of them are: people writing requirements often do not have specialized programming knowledge; requirements often refer to the analog real world rather than the digital world of the code; there are some things that are implementation specific; details are discovered after the requirements are written.
Using an automated system like this would be exactly like using a compiler to generate machine code with two nasty differences. C++ (or any other high-level programming language) looks like a formalized symbolic language for what the program should do. English and other languages for human communication do not. It would be too easy to assume vocabulary that the translator didn't have. Second, there is no specification for the mapping of the requirements to the code other than the examples. There is no way of easily stating what some statement in the requirements will equate to.
Imagine some worst case situations. The code adds constraints that are specific to the implementation platform, such as bounds checking for the representation of the data. For example, had this been done 30 years ago, imagine that all of the code examples represented the year as a 2 digit number. Consider the possibility that several of the implementations don't implement some statement in the requirements. Even when the implementation is complete and correct, this could happen. Just have two statements in the requirements one of which is a stricter version of the other. The stricter one is implemented and the less strict one is not. The translator may not be able to tell which one was implemented. And it may treat one of them as a null statement.
Don't even ask me how you would debug the stuff. I don't have any idea.
The Museum of Science and Industry is a must see if you are already in Chicago. The Field Museum is also excellent and well worth the time. However, before you decide on the best science museum, you have to see the Museum of Science in Boston.
Innovation is scary - it means they have to adapt and change instead of sitting back and raking in the profits.
If you haven't already, read The Innovator's Dilemma by Clayton Christensen. He provides the theory and the numbers to back up your statement. Existing companies who are top dog don't develop technologies that could threaten the products that are their bread and butter, as a rule. There are exceptions, best characterized by skunkworks projects. They separate a small group from the overhead of the parent company and put them on a mission.
The point is that the current top of the heap aren't the ones from whom many of the innovations will come. It's the underdogs and new players trying to create a niche for themselves who are the engines of innovation.
A fair number of people using open source are doing it because we are control freaks, in a useful sense. We want our software to do things that are, at best, a niche market. The advantage of open source in these cases is that we can take existing tools that do 90% of what we need and add the missing 10%. In my case, I do a lot of custom hacks with Emacs Lisp. I get the full editing capabilities of an extremely powerful text editor with a built-in extension language. Yes, I could write some of this stuff in other languages, and in fact, I have rewritten some of the non-interactive stuff in Perl for speed. But a lot of this code exists solely because it extends the capabilities of a text editor that already provides me with most of what I need.
For example, if it's not a networking application, then I'll usually grep for system calls like connect() or bind().. a dead giveaway that somebody has tried to slip some kind of a backdoor into the code. If I find something like that, I rm -rf it and forget it. You can also search for calls like gets(), strtok(), fopen(), and other well-known security risks and fix them if you feel like it.
I have two questions. What percentage of the packages you use did you download the source for and grep through? And how many of them did you find trojans in?
If you have not checked your trusted base (kernel, compiler, linker, libraries and whatever tools you use to look at the code), then you can never be completely sure. See Ken Thompson's article, Reflections on Trusting Trust for an excellent explanation of why.
I think that it's actually unfair to compare this EDS project to these, because none of the cases you cite had to deal with what is essentially integrating data from literally thousands of legacy databases -- one for every participating university, as well as the government's internal databases.
I completely agree with you that the comparison is unfair. That was the intention of the remainder of my comment. However, I wish I could moderate in a discussion I've posted to because I would moderate your reply up. You not only brought up a very important point that I had completely overlooked, you explained it quite well. Thanks.
Most people couldn't tell you the differences between varieties of wines; even people who can taste the differences without any trouble. That doesn't stop people from buying wine. And it doesn't stop people who've never learned French, but who love wine, from picking up a fair amount of French wine jargon.
One of the reasons for the complaint is that a lot of people want computing appliances. And there are a lot more who don't really, but believe they do. Another reason is that tech, by definition, is rapidly changing. We add new jargon for new things. I have no idea what the latest bus technology for consumer computer products will be called 10 years from now. Nobody has a name for it yet. But I'll need to know that name 10 years from now.
Slashdot Mirror
I have to second this recommendation. I'm sitting in front of the only system on which I've ever seen Linux crash completely. I'm talking about seeing kernel oops and kernel panic messages regularly. Memtest86 showed that one of my SIMMs was half bad. Until I started using RAM about the 256MB mark, everything worked.
Nothing like a bit of bitchin about /. editors to brighten an otherwise dull day!
/. Besides, CmdrTaco actually read Joel's article. He took to heart what Joel said about the difference in writing styles between man pages and Windows help files.
No. This is a special case. This story is extremely important. It mentions Eric Raymond, Linux, and even
I can see how Kermit might be used on a universal remote control, but I haven't quite figured out what it is used for on a standard mini-fridge.
I can send you the config offline if you want to peek.
I doubt I can add anything. I've become intimately familiar with the problems with nVidia's driver recently. Supposedly, 4.3.0 has support for the newer nVidia cards without nVidia's driver. I need to get it loaded to be sure.
my dual monitor is limping along 800x600
I'm reluctant to even ask, but what kind of video card do you have? One of the problems with Debian's stable release is that it has an old version of X on it. The server code is lacking a lot of driver updates that appeared recently.
The post office will stap the date that the envelope was snet on the envelope.
Can you prove that the envelope was sealed when it was mailed?
With solar like this, I'm not sure why nuclear would need to be brought into the picture.
A quick web search led me to the information that Galena, AK is at about 64.73N. While that is below the Arctic Circle by a couple of degrees, it is not the greatest place on the planet to be planning to heat with solar power.
If anything, it will produce a less annoying advertising message. Something I'm sure we all would not mind seeing.
Yes. To the extent that the approach reduces the amount of advertising sent to people who didn't want it in the first place, this is unambiguously good. However, to the extent that the messages are better crafted to catch my attention and make it difficult for me to immediately discard it, this is not necessarily an improvement.
There are products that I want and that I will buy. Some of them are things for which no advertising is required. On every trip to the supermarket, I'm going to come home with milk and bread. Where advertising is welcome is with products I would happily buy once I know they are available. The next book by one of my favorite authors would be an excellent example. There are also some things I will never pay money for. The grey area between those extremes is exactly what advertising is trying to shift. And I know that I should not spend my money on everything that catches my attention. That is partly because my money is limited, but equally important is the fact that my time to enjoy those purchases is also limited. Spending that time reaching decisions about products whose appeal to me is marginal is a poor use of my time. I benefit more by spending it enjoying things that I value more.
Take it for what it is worth...
For what it is worth, this tells me something about how Spider Robinson writes. It may be the best explanation for why he is a successful writer and I am not. If he uses a computer as a typewriter, that implies that he writes linearly. There is not only nothing wrong with that, it may be crucial to making his prose flow the way it does. I say that as a long time fan of his books.
On the other hand, when I'm writing, I tend to hop around. I go back and change a few words, or return to the previous paragraph and add a sentence fairly often. I had previously attributed this to the fact that I am a neophyle and I was an early adopter of computers. The number of words that I have written on one computer or another is into eight figures at this point. But taking it in light of the comment above, I'm inclined to believe that my thinking process simply doesn't lend itself as well to the typewriter as it does to editors that allow me to skip around.
There's a pair of books that make interesting reading together. One is Paul Graham's On Lisp. Whatever you may think of his statements against other languages, he knows Lisp and he does an excellent job of explaining how to use it well. I didn't understand how to use Lisp macros effectively until I read it, or why to use them.
Shortly after reading it, I read Modern C++ Design by Andrei Alexandrescu. Reading that, I started to understand some of the power of generic programming. If you understand when these two books are explaining two very different implementations of the same things, then you have grasped the essence of some very powerful techniques.
Frankly, generic programming is one place where Java is still definitely lagging. Fortunately, there is currently an effort to fix that.
Lisp's greatest strength is also its greatest weakness. The language eschews nearly all syntax. All structure within a program that would be expressed syntactically in other languages consists of levels of parentheses and order of arguments to various functions, macros and special forms. There is great power in this. It means that what you add to the language fits in seemlessly. That is the point of Graham's title for his book. Read the first chapter for his explanation.
Unfortunately, this very scarcity of imposed syntax puts a burden on the programmer to format for clarity and to learn to read in a language where some of the familiar signposts simply are not present. That task is certainly possible, but it puts many people off.
I sorry about that. The imprecision was in my wording, not in my math. I meant to say "successfully attacked".
This statement clearly states that less than 2 percent of the BSD servers on the net were attacked. Yet that is not what the numbers show. The numbers state that less than 2 percent of the attacks were against BSD servers. That is a very different thing indeed.
As such, there are a number of pieces of information that are needed to make this article useful:
Of course, in the end that may not be enough. I actually vary my style depending on whether I am posting under my own name or as an AC here. I assume that there will be archives of everything posted in public. Even if it isn't possible to determine the identity of an anonymous poster today, it is only going to get easier.
I know more than a few people who would like to take back things they said on Usenet back in the day when we were used to articles expiring and disappearing. Now they live on for ages in archives, some of them public, more private.
If you ever doubted that Microsoft or any other big organization may be reading (and storing) a large percentage of what is said about them online, consider the traditional method of finding Kibo. Mention him in a newsgroup and wait for him to answer. At least one interviewer found him that way. He's one individual.
I checked the documentation for the "nv" driver. Support for the GeForce4 cards was added early in 2002, IIRC. However, it was only released in the latest version. I'm running Debian, and I was waiting until someone considered 4.3 to be stable enough to release a .deb for it. I can live without the acceleration. I'm not really a gamer and the games I do enjoy are mostly strategy.
Secondly, are you saying that the ATI driver supports nVidia cards? If that's the case, I'll have to check it out.
We should probably take this discussion to e-mail. You can reach me at "dsplat at rochester dot rr dot com".
i once had an nvidia driver lockup
Did you find a good, stable solution? I've got a system with an nVidia card and I've been having stability problems with it. I know there are some other issues that are the downstream results of crashing and trashing a couple of filesystems. I'm planning to reload it, and if there is a good way to correct this nVidia driver issue, I'd like to know about it.
Space Island One must have had a tiny budget but still worked well.
So, I'm not the only person who watched that. I'm still convinced that those little robots were just Red Dwarf's scutters with a new paint job.
Somehow I doubt she'd want the part. But I couldn't help noticing the similarities between Servalan and Grayza. I wonder if Rebecca Rigg would be up for another villainess role.
Remember that BBC luvvies tend to be classically trained. You can find practically any character you want in Shakespeare.
Along with some decent examples of dialogue.
I know you intended that as humor, but the serious answer is "no".
Requirements never capture every detail. There are a number of reasons. The most obvious of them are: people writing requirements often do not have specialized programming knowledge; requirements often refer to the analog real world rather than the digital world of the code; there are some things that are implementation specific; details are discovered after the requirements are written.
Using an automated system like this would be exactly like using a compiler to generate machine code with two nasty differences. C++ (or any other high-level programming language) looks like a formalized symbolic language for what the program should do. English and other languages for human communication do not. It would be too easy to assume vocabulary that the translator didn't have. Second, there is no specification for the mapping of the requirements to the code other than the examples. There is no way of easily stating what some statement in the requirements will equate to.
Imagine some worst case situations. The code adds constraints that are specific to the implementation platform, such as bounds checking for the representation of the data. For example, had this been done 30 years ago, imagine that all of the code examples represented the year as a 2 digit number. Consider the possibility that several of the implementations don't implement some statement in the requirements. Even when the implementation is complete and correct, this could happen. Just have two statements in the requirements one of which is a stricter version of the other. The stricter one is implemented and the less strict one is not. The translator may not be able to tell which one was implemented. And it may treat one of them as a null statement.
Don't even ask me how you would debug the stuff. I don't have any idea.
The Museum of Science and Industry is a must see if you are already in Chicago. The Field Museum is also excellent and well worth the time. However, before you decide on the best science museum, you have to see the Museum of Science in Boston.
If you haven't already, read The Innovator's Dilemma by Clayton Christensen. He provides the theory and the numbers to back up your statement. Existing companies who are top dog don't develop technologies that could threaten the products that are their bread and butter, as a rule. There are exceptions, best characterized by skunkworks projects. They separate a small group from the overhead of the parent company and put them on a mission.
The point is that the current top of the heap aren't the ones from whom many of the innovations will come. It's the underdogs and new players trying to create a niche for themselves who are the engines of innovation.
A fair number of people using open source are doing it because we are control freaks, in a useful sense. We want our software to do things that are, at best, a niche market. The advantage of open source in these cases is that we can take existing tools that do 90% of what we need and add the missing 10%. In my case, I do a lot of custom hacks with Emacs Lisp. I get the full editing capabilities of an extremely powerful text editor with a built-in extension language. Yes, I could write some of this stuff in other languages, and in fact, I have rewritten some of the non-interactive stuff in Perl for speed. But a lot of this code exists solely because it extends the capabilities of a text editor that already provides me with most of what I need.
For example, if it's not a networking application, then I'll usually grep for system calls like connect() or bind() .. a dead giveaway that somebody has tried to slip some kind of a backdoor into the code. If I find something like that, I rm -rf it and forget it. You can also search for calls like gets(), strtok(), fopen(), and other well-known security risks and fix them if you feel like it.
I have two questions. What percentage of the packages you use did you download the source for and grep through? And how many of them did you find trojans in?
If you have not checked your trusted base (kernel, compiler, linker, libraries and whatever tools you use to look at the code), then you can never be completely sure. See Ken Thompson's article, Reflections on Trusting Trust for an excellent explanation of why.
I think that it's actually unfair to compare this EDS project to these, because none of the cases you cite had to deal with what is essentially integrating data from literally thousands of legacy databases -- one for every participating university, as well as the government's internal databases.
I completely agree with you that the comparison is unfair. That was the intention of the remainder of my comment. However, I wish I could moderate in a discussion I've posted to because I would moderate your reply up. You not only brought up a very important point that I had completely overlooked, you explained it quite well. Thanks.
Most people couldn't tell you the differences between varieties of wines; even people who can taste the differences without any trouble. That doesn't stop people from buying wine. And it doesn't stop people who've never learned French, but who love wine, from picking up a fair amount of French wine jargon.
One of the reasons for the complaint is that a lot of people want computing appliances. And there are a lot more who don't really, but believe they do. Another reason is that tech, by definition, is rapidly changing. We add new jargon for new things. I have no idea what the latest bus technology for consumer computer products will be called 10 years from now. Nobody has a name for it yet. But I'll need to know that name 10 years from now.