How far do we have to go in fact? I ask this as someone who has glanced at papers in the area but never really studied it.
Is it possible to produce a "Calculus of Security" that would allow you to formally prove a system secure, or is there a proof that that is impossible (like the Halting problem or Godel's theorem in other fields, for example)
The thing that always annoys me is that so many of the exploits are buffer overruns. Surely any reasonably written piece of code would be secure from buffer overruns. Is there any reason at all why this is hard? I am not talking about retrofitting it - clearly that is hard because just finding them all is potentially hard - but for new code is it the least bit hard.
I can't help feeling that the reason we are seeing so many failures in certain products is that there is a lack of standards and code reviews in the organizations writing them. I would particularly like to hear reasons why that assessment is too harsh.
Who was it who said the oldest profession is soldiering - which in turn created the second oldest profession.
Surely automatic updates increase the need for sysadmins, not reduce them. Somebody has to fix the breakages introduced by the updates.
Used to be companies would upgrade system software rarely. The goal was to keep a stable environment. These days on Windows we update at least once a week. That is fundamentally destabilizing - its a wonder one can get any work done at all.
I remember that some early breakers in to mainframes were charged with stealing (some very small amount of) electricity because there was no law covering the offense explicitly.
The engines have to overcome the drag and apply some acceleration. They don't have to overcome the force of gravity. If they did that you would not need the blimp.
Actually that might be the way to do it. For the orbital balloon to not leak its going to have to be heavy and therefore won't get you very high - in other words there is a time*altitude product limitation here. So going straight up then detaching the blimp and firing off the ion engines and having them provide the lift may work.
Also I expect that rather than ion engines what will be used is microwave engines. You feed the gas through a microwave oven to get your Isp up.
Or, pehaps you just untie the knot at the back of the blimp and let it go....
>> How are you gonna go to a rave and take 10 people with you in that thing
Well, when the mini minor was the student transport du jour, seeing how many people you could get in one was part of the fun.
The other team sport was seeing how far you could carry one.
Yes and the filing date was 1993. I remember speed up boards from the 80s and the concept of using a phased lock loop to derive a higher frequency from a lower goes back at least as far as the 80s - I would be surprised if it was not at least a decade older than that. It should be possible to find it in a number of text books or application notes from the period.
So it seems likely this will very quickly go down in flames due to prior art.
One thing it does show you is the value of a well stocked computer museum! Such a museum would probably be able to show boards embodying prior art for this one.
The fact is that the RIAA members had a near monopoly on the means of distribution until the last few (perhaps as few as 2) years. What is really going on is musicians are taking back control of distribution. Just about every established band in my town has a cd. You can buy them at shows, or from web sites like CD BABY, or even from independent record stores run by people who care about music and musicians rather than just shoveling product.
This is good for musicians but more importantly its important for listeners because as a result a lot of styles, both historical and regional, can once again be heard.
But the RIAA is in trouble because their business model is no longer valid - that business model was to extract monopoly rents (to use the economists jargon) from the distribution system.
Given that their technology based initiatives will be useless against organized piracy who already operate outside the law one can only assume their real objective is to regain monopoly control of the distribution channel. To do that they would have to mandate equipment that could only play media licensed by their members, and I don't think anything passed so far is that draconian.
The same problem killed off science. Scientists insisted on publishing scientific results and as a result there was no IP value in their work anymore.
Just think, if scientists had kept their work proprietary, we'd have warp drive by now!
I think the artists would have to assign their rights, assuming they weren't doing it themselves. That does not mean a venue might not coerce such an assignment and given some of the managements out there, that happening would be no surprize.
Most bands these days sell CD's at concerts. In some venues for local bands it (and tee-shirts) can be the only or main money they get to see from a night's work. So losing some of that money to the venue would be bad.
The best will sign the CDs for you too - I've seen Marcia Ball, for example, stand in light rain for over an hour (yours truly doing his best with an umbrella to keep her dry) making sure every fan who wanted got an autograph.
If the band is going to front and sign, with a color laser printer and a camera and you could personalize the artwork! That would make it really cool.
BTW, taking the feed from the board is a bad idea. Because a number of instruments use backline amplification, the result is a poor balance. One really should run a separate recording mix.
Perhaps you could tell us how much you can make waiting tables!
Perhaps we are in the wrong line of business. At least as an old hand I should always be able to earn a living maintaining old COBOL programs. Waiting tables, though, would definitely be more fun and possibly less demeaning too.
To seriously answer your question. For the first 2-5 years out of college look for jobs that broaden your experience in preference to jobs that pay well.
The most important question should be "how will this look on my resume".
The market should turn back up and its unlikely you won't move and get a big salary jump sometime in the next 3 years. So as long as you don't run into cash flow problems, investing in your future now should pay off nicely in a few years.
BTW, its always easier to get a job when you have a job than when you are unemployed!
This is indeed the historical record - there was a language called just "B" which was based on BCPL and then C.
So the next language after C++ should be --P.
I believe BCPL stands for Basic CPL. CPL was Combined (sometimes Christopher's in honour of Christopher Strachey) Programming Language.
In which case a subset implementation of the next language after C++ could be B--P.
Suppose you determined the shape of the earth simply by triangulation along the surface of the earth. You can tell its a sphere (approximately) without ever taking advantage of the fact that it is embedded in a higher dimension space.
The same thing is possible with the Universe, except you need a much longer tape measure - when you hit that rewind button you have to be real careful of the whip in the tail.
A large part of astronomy is coming up with ways to measure the distances of objects. For real close objects (a few tens of light-years) you can use change in relative position as the earth goes round the sun. An early technique was Cepheid variable stars, whose rate of oscillation is closely tied to luminosity. A more recent one is luminosity of type A supernovae.
As you push the distances out you have to use a shorter range technique to calibrate the measurement for a longer range technique. For example, parallax was used to calibrate Cepheid variables. As a result the whole process is rather hairy and results are always being improved.
It was not long ago that measured the age of the universe was less than the known age of earth itself, a result that even Cosmologists had difficulty with.
The only time this would be useful is if you were listening to something on commercial radio and it was interesting enough that you just had to know what it was.
So are they going to buy commercial radio stations and make them start playing interesting music? If so I like this business model - give people something for free and try to do a good enough job that they want to give you money.
That was a scary moment. I misread that the first time as "pay the fines to a carpeting company" and I was taken aback by this mental image of my city carpeted from end to end with carpet selected by Bill Gates!
Actually, they do get to pay competing companys. Once a criminal case has been concluded it makes it much easier for competing companys to win civil cases for damages.
If that happens, you don't want to work for such a set of lamers. You should say "thankyou very much for your time" and get out. Asking such a question is fundamentally unethical and you can be sure any such employer is going to fail to meet other legally mandated requirements, possibly as bad as failing to remit withheld income tax or to provide a safe non-toxic workplace.
Now, having you sit down and write some code during the interview is perfectly acceptable and is going to tell an interviewer far more about you. I've done that lots of times.
Its a good reason to contribute some of (your own, of course)code to open source. This has been a well recognized way of advertising your skills since at least the early 1970s.
Actually, if it was an Osborne it was probably Supercalc. Supercalc came bundled. Certainly he could have been running a purchased copy of Visicalc but most of we Osborne users thought Supercalc was superior. It was, after all, the spreadsheet we had learned on.
Speaking of which, how hard is it to build ones own laptop. Last time looked( ~ 6 years ago), it was not a real option. Just googled and found nothing interesting. As you say, most of us build our own desktop machines and while I doubt that saves any money anymore, I still think you end up with better quality. Same should be true for a laptop. Pointers appreciated.
So instead of getting hit by an asteroid, we get hit by a bunch of mine tailings!
At first I was inclined to dismiss this idea of using mining equipment to deflect asteroids as unrealistic. Asteroids in close earth orbits are probably not going to be good targets for mining from a purely economic point of view so it seemed unlikely the equipment would be available.
But it could well be that exactly the technology you need for asteroid mining is what you need for deflecting asteroids.
The key to deflecting an asteroid is momentum transfer. Letting off an atom bomb on the surface is not a particularly effective way to do this because so much of the energy comes out as high energy particles (including photons) that don't transfer a lot of momentum.
For rocket engines, you want the specific impulse to be as high as possible so as to increase payload to fuel ratios, but in this case, specific impulse is only important if you are having to transport your reaction mass to the asteroid. If you can use the mass of the asteroid for reaction mass, it becomes effective to eject more mass slower, so a nuclear generator powered drag line becomes attractive. Just what you also want to move mass of an asteroid that you want to mine off the surface into an orbit where it can be retrieved. You just cut out any processing steps you might have done on-asteroid so that the optimal size of the accelerating drag line is likely to be larger than for actual mining.
Of course that is just a countable infinity. Then there is uncountable infinity.
The integers are a countable infinity.
The real numbers are an uncountable infinity.
So not all infinities are the same size!
Remember how Kirk would flip open his communicator one handed, say "one to beam up" and be transported back to the ship.
Well there's something they will never invent - a folding cell phone with a reliable hinge.
A missing rule
on
Debugging
·
· Score: 5, Insightful
One rule he's missed is very important:
Before making a measurement (like printing the value of a variable or changing something about the code) work out what answer you expect to see. Note well - do this before you look at the result.
When you see something different, either its a symptom of the bug, or a symptom of you not yet understanding the system. Resolving this will either improve your understanding or turn up the problem.
Slashdot Mirror
Is it possible to produce a "Calculus of Security" that would allow you to formally prove a system secure, or is there a proof that that is impossible (like the Halting problem or Godel's theorem in other fields, for example)
The thing that always annoys me is that so many of the exploits are buffer overruns. Surely any reasonably written piece of code would be secure from buffer overruns. Is there any reason at all why this is hard? I am not talking about retrofitting it - clearly that is hard because just finding them all is potentially hard - but for new code is it the least bit hard.
I can't help feeling that the reason we are seeing so many failures in certain products is that there is a lack of standards and code reviews in the organizations writing them. I would particularly like to hear reasons why that assessment is too harsh.
Surely automatic updates increase the need for sysadmins, not reduce them. Somebody has to fix the breakages introduced by the updates.
Used to be companies would upgrade system software rarely. The goal was to keep a stable environment. These days on Windows we update at least once a week. That is fundamentally destabilizing - its a wonder one can get any work done at all.
I remember that some early breakers in to mainframes were charged with stealing (some very small amount of) electricity because there was no law covering the offense explicitly.
Actually that might be the way to do it. For the orbital balloon to not leak its going to have to be heavy and therefore won't get you very high - in other words there is a time*altitude product limitation here. So going straight up then detaching the blimp and firing off the ion engines and having them provide the lift may work.
Also I expect that rather than ion engines what will be used is microwave engines. You feed the gas through a microwave oven to get your Isp up.
Or, pehaps you just untie the knot at the back of the blimp and let it go ....
>> How are you gonna go to a rave and take 10 people with you in that thing Well, when the mini minor was the student transport du jour, seeing how many people you could get in one was part of the fun. The other team sport was seeing how far you could carry one.
So it seems likely this will very quickly go down in flames due to prior art.
One thing it does show you is the value of a well stocked computer museum! Such a museum would probably be able to show boards embodying prior art for this one.
The fact is that the RIAA members had a near monopoly on the means of distribution until the last few (perhaps as few as 2) years. What is really going on is musicians are taking back control of distribution. Just about every established band in my town has a cd. You can buy them at shows, or from web sites like CD BABY, or even from independent record stores run by people who care about music and musicians rather than just shoveling product.
This is good for musicians but more importantly its important for listeners because as a result a lot of styles, both historical and regional, can once again be heard.
But the RIAA is in trouble because their business model is no longer valid - that business model was to extract monopoly rents (to use the economists jargon) from the distribution system.
Given that their technology based initiatives will be useless against organized piracy who already operate outside the law one can only assume their real objective is to regain monopoly control of the distribution channel. To do that they would have to mandate equipment that could only play media licensed by their members, and I don't think anything passed so far is that draconian.
The same problem killed off science. Scientists insisted on publishing scientific results and as a result there was no IP value in their work anymore. Just think, if scientists had kept their work proprietary, we'd have warp drive by now!
Most bands these days sell CD's at concerts. In some venues for local bands it (and tee-shirts) can be the only or main money they get to see from a night's work. So losing some of that money to the venue would be bad.
The best will sign the CDs for you too - I've seen Marcia Ball, for example, stand in light rain for over an hour (yours truly doing his best with an umbrella to keep her dry) making sure every fan who wanted got an autograph.
If the band is going to front and sign, with a color laser printer and a camera and you could personalize the artwork! That would make it really cool.
BTW, taking the feed from the board is a bad idea. Because a number of instruments use backline amplification, the result is a poor balance. One really should run a separate recording mix.
Perhaps we are in the wrong line of business. At least as an old hand I should always be able to earn a living maintaining old COBOL programs. Waiting tables, though, would definitely be more fun and possibly less demeaning too.
To seriously answer your question. For the first 2-5 years out of college look for jobs that broaden your experience in preference to jobs that pay well.
The most important question should be "how will this look on my resume".
The market should turn back up and its unlikely you won't move and get a big salary jump sometime in the next 3 years. So as long as you don't run into cash flow problems, investing in your future now should pay off nicely in a few years.
BTW, its always easier to get a job when you have a job than when you are unemployed!
Ada (95, not the original) also has first class polymorphism, which C++ does not (unless you fake it with smalloc, and a smart pointer)
This is indeed the historical record - there was a language called just "B" which was based on BCPL and then C. So the next language after C++ should be --P. I believe BCPL stands for Basic CPL. CPL was Combined (sometimes Christopher's in honour of Christopher Strachey) Programming Language. In which case a subset implementation of the next language after C++ could be B--P.
The same thing is possible with the Universe, except you need a much longer tape measure - when you hit that rewind button you have to be real careful of the whip in the tail.
A large part of astronomy is coming up with ways to measure the distances of objects. For real close objects (a few tens of light-years) you can use change in relative position as the earth goes round the sun. An early technique was Cepheid variable stars, whose rate of oscillation is closely tied to luminosity. A more recent one is luminosity of type A supernovae.
As you push the distances out you have to use a shorter range technique to calibrate the measurement for a longer range technique. For example, parallax was used to calibrate Cepheid variables. As a result the whole process is rather hairy and results are always being improved.
It was not long ago that measured the age of the universe was less than the known age of earth itself, a result that even Cosmologists had difficulty with.
Existing electric motors are from 80% efficient on up. So if you put 1 Watt in you get 0.8 watts out.
So comparing against an inefficient current motor if the motor used 80% less electricty it would require only 0.2 Watts in to get 0.8 watts out.
That is, you would get 4 times as much energy out as you put in.
So are they going to buy commercial radio stations and make them start playing interesting music? If so I like this business model - give people something for free and try to do a good enough job that they want to give you money.
That was a scary moment. I misread that the first time as "pay the fines to a carpeting company" and I was taken aback by this mental image of my city carpeted from end to end with carpet selected by Bill Gates! Actually, they do get to pay competing companys. Once a criminal case has been concluded it makes it much easier for competing companys to win civil cases for damages.
No - it goes "Slow down dear your driving is making me want to throw up".
Now, having you sit down and write some code during the interview is perfectly acceptable and is going to tell an interviewer far more about you. I've done that lots of times.
Its a good reason to contribute some of (your own, of course)code to open source. This has been a well recognized way of advertising your skills since at least the early 1970s.
Actually, if it was an Osborne it was probably Supercalc. Supercalc came bundled. Certainly he could have been running a purchased copy of Visicalc but most of we Osborne users thought Supercalc was superior. It was, after all, the spreadsheet we had learned on.
Speaking of which, how hard is it to build ones own laptop. Last time looked( ~ 6 years ago), it was not a real option. Just googled and found nothing interesting. As you say, most of us build our own desktop machines and while I doubt that saves any money anymore, I still think you end up with better quality. Same should be true for a laptop. Pointers appreciated.
So instead of getting hit by an asteroid, we get hit by a bunch of mine tailings! At first I was inclined to dismiss this idea of using mining equipment to deflect asteroids as unrealistic. Asteroids in close earth orbits are probably not going to be good targets for mining from a purely economic point of view so it seemed unlikely the equipment would be available. But it could well be that exactly the technology you need for asteroid mining is what you need for deflecting asteroids. The key to deflecting an asteroid is momentum transfer. Letting off an atom bomb on the surface is not a particularly effective way to do this because so much of the energy comes out as high energy particles (including photons) that don't transfer a lot of momentum. For rocket engines, you want the specific impulse to be as high as possible so as to increase payload to fuel ratios, but in this case, specific impulse is only important if you are having to transport your reaction mass to the asteroid. If you can use the mass of the asteroid for reaction mass, it becomes effective to eject more mass slower, so a nuclear generator powered drag line becomes attractive. Just what you also want to move mass of an asteroid that you want to mine off the surface into an orbit where it can be retrieved. You just cut out any processing steps you might have done on-asteroid so that the optimal size of the accelerating drag line is likely to be larger than for actual mining.
Of course that is just a countable infinity. Then there is uncountable infinity. The integers are a countable infinity. The real numbers are an uncountable infinity. So not all infinities are the same size!
In London the story used to be that he thought he was getting Tower Bridge.
Remember how Kirk would flip open his communicator one handed, say "one to beam up" and be transported back to the ship. Well there's something they will never invent - a folding cell phone with a reliable hinge.
One rule he's missed is very important: Before making a measurement (like printing the value of a variable or changing something about the code) work out what answer you expect to see. Note well - do this before you look at the result. When you see something different, either its a symptom of the bug, or a symptom of you not yet understanding the system. Resolving this will either improve your understanding or turn up the problem.