so it's official, the FOSS drivers are better than the proprietary drivers?
Probably not
Not so fast. The answer depends on your definition of `better.' If by `better' one means `survives vendor indifference' (Catalyst wasn't cutting it, for some reason,) then yes, the FOSS driver is indeed better.
That is, in fact, what appears to have happened here; the hardware had to work, so they found a way. The driver they came up with is considerably better than no driver at all.
This whole thing is rather telling. Linux is doing rather well in embedded systems. So well that drivers are now being ported from Linux to Windows. The best embedded GPU drivers (powervr, mali, tegra) are Linux, or at least not Windows. The software for certain advanced features available from ARM vendors (codecs, hardware crypto, etc.) have Linux as their reference implementation. This is all due to the success of Linux on Android, a plethora of set-tops, music players, cameras and other embedded systems.
There is a functional language called Scheme. It is a minimal LISP with some advanced features and noted for having a very small specification. The current version is (deep breath) R6RS. Don't panic; that just means Revised(6) Report (on the algorithmic language) Scheme. The previous version was R5RS and the next is R7RS. Yes, you could drop all the consonants and have the same result, but that doesn't occur to academics.
The gist of the story is that R6RS isn't being adopted by implementations (scheme has many divergent implementations) and that R7RS is being worked on with a higher rate of adoption in mind.
And yes, if you have spent much time around Slashdot and taken an interest in the technical topics (as opposed to the political controversies) you are expected to know enough of this to follow the summary. Not that it was written all that well...
Do the wings bend (in the vertical axis I suppose) more than normal?
Yes, 787 wings appear to flex more than conventional airliner wings. It reminds me of a composite sailplane. Here is a nice video of the plane and its wings flexing.
they can be bent almost till they touch at the top before breaking
Wings are just metal or composites, not magic. They are rather strong, however. Here is somewhat dramatic video of the 787 wing tested to failure.
transparent hulls... entertainment like theme park rides
Most passengers are work-a-day schlubs that want to sleep or work and pay as little as possible for the trip. The extra cost and drama probably won't be welcome beyond certain niches.
This reminds me of the Windows 7 Fault Tolerant Heap. When the OS detects frequent crashes of a program it may 'shim' the memory management operations (malloc/free) to prevent future crashes. This can, for instance, prevent a crash when a program references recently free'd memory; the OS will deliberately leak that memory and the program keeps on spinning. Double frees can also be automatically mitigated. The heuristics involved will actually analyze the results of these efforts and back out the 'shims' if necessary.
The cert won't help. A 'cert' implies some form of public-key cryptography, where one must have a private key to be authenticated. Anyone may have the cert and its public key; it is public material and dissemination compromises nothing. The question is how does one secure the private key.
One can imagine an HSM embedded in a portable device. This could isolate key material such that recovery, if possible, would require time, physical possession and destruction of the device.
Someone is actually attempting to provide this in the form of a microSD card. Ultimately the best solution would have the HSM circuit embedded in the SOC. Given the liberal nature of ARM SOC manufacturing, where designers mix in modules as they wish, it seems entirely feasible.
Still, sites often can only authenticate a password, so the password must be stored. Would encrypting the password(s) offer any benefit? I think it might, given a correct design. If the encryption key were stored only in RAM then a power cycle of the device would protect the credentials. I could briefly lend the device to someone and they would have no access to services for which I had stored passwords. A neglected (how many old phones do you have lurking around, dear reader?) or lost device would eventually discharge to the same effect.
After we get every surface painted white the climatologists will discover that reflecting energy back into the sky somehow leads to reduced cloud cover causing a net increase in global temperature. Mark my words. Or not. I'll just link back here when it happens.
don't count on finding low cost channels for content from the studios to last forever
Don't count of the value of the studio's assets to remain high forever. When cable appeared the legacy networks found themselves competing with new content that emerged exclusively on the new medium. Today the old networks are just slots in the basic cable lineup.
Streaming is a true a la carte platform, far more liberal than cable/satellite. Anyone can knock together a Roku channel, contract with a CDN and deliver broadcast quality content to the world. No cable company need be dealt with. No big content gate-keeper gets a cut. That is an irresistible temptation to entrepreneurs.
Eventually new and popular content will emerge that is exclusive to streaming. Competitors for staple cable channels will appear. Note that you can get live Al Jazeera on a Roku, but not CNN et al. The old cable staples will never truly make the transition. They'll have to be bought by those who do.
Streaming is absolutely fucking excellent. The ultimate potential of streaming is way better than anything the traditional cable/satellite model offers, and it simply doesn't need Sony/Time Warner/Disney to succeed. As the big content owners of the world realize that consumers are happy with what has independently emerged on streaming media they'll have to compete with it. That is when the prices will be rationalized and the big content libraries get commoditized.
In the immediate future the big content owners will play their games and try to squeeze the new medium for all it's worth. All they're really doing is creating opportunities for competitors. Streaming dominance with endemic competition is an inevitability. It will be the premier platform inside of ten years and all else will be legacy prizes lined up for the auction block.
I am sure. China just clarified our budget priorities for us yesterday. Last week China helped with our diplomatic prerogatives.
In the next few days we may have a budget deal. Where do you think Treasury will be looking for the next few hundred billion of financing? Or rather, how many hours will it take for Geithner to arrive in Beijing (for the third time) after the limit gets bumped?
We're not going to be engaging anyone in any aerospace competitions. Not merely because we can't afford it, but also because they would rather we not.
Parent is correct. When you get past the junk science and put credible people under the spotlight Yucca Mountain is understood to be a safe long term solution. I watched the congressional testimony. The DOE had to have it beat out of them, because affirming the safety of Yucca kicks a leg out from under the Administration's policy. NRC scientists affirmed the same thing. There are no technical reasons why we should not open Yucca Mountain. The only actual reason for the shutdown that anyone could cite was the purely political view than Yucca is somehow "unworkable" for reasons known only to Chu.
Even worse was the NRC testimony. I don't believe this level of acrimony has existed at the NRC since TMI-2 melted down. NRC staff members publicly condemned the NRC Chairman Jaczko for politicizing the matter, withholding information from the board, manipulating scientific results and manipulating the process. 'Science based' government my ass. Jaczko is still withholding the completed results of the NRC's scientific assessment of Yucca mountain safety.
From the the NYT story
The [NRC] inspector general’s report said that Mr. Jaczko’s decision to halt the Yucca review was based on politics, however, not on a consideration of the acceptability of the site for long-term storage.
Criticism of the Administration, the DOE and Jaczko by the House committee was nearly bipartisan. Basically we have anti-energy anti-nuke activists playing political games inside the NRC and the DOE, and everyone knows it.
This nonsense needs to stop. We really need to get this waste secured at Yucca before some earthquake/tsunami/tornado/flood/hurricane/meteor/terrorist/busted-water-pump causes widespread nuclear contamination.
There are even more problems than you think. Investors won't touch debt issued without the authority of Congress. It isn't enough to usurp the prerogative of Congress and ignore the debt limit. Investors, with actual money, must then be found. Investors that can be convinced these `rouge' Treasury notes enjoy the full faith and credit of..... whom? Some congressman yelling about `illegal debt' and calling for impeachment?
Good luck with that!
setting some new, dangerous precedents
This debt crisis has been a long time coming. Voices have warned about the consequences of chronic deficit spending for decades. There aren't any easy answers left no matter what billstewart et al. wish to believe. They can blame it on corporations, Bush, Republicans, capitalism, white people, Christians, the `rich,' Bilderbergs, assault rifles or whatever else they've been taught to hate. It doesn't matter any more because the jig, as they say, is up.
What we're left with is one of four possibilities. One, we'll do the politically difficult thing and balance the budget, or get fairly close. Two, kick the can a few more years and have our creditors balance it for us. Three, try and fail at the first and then eventually suffer the second anyways, like Greece. Four, print ourselves into a currency crisis, in which case you're back to number two.
Why shouldn't President Obama simply instruct the secretary of the Treasury to zero out every program he finds personally objectionable?
Because the constitution assigns priority to certain obligations of the Federal government. Sentence one; "provide for the common defense." Article 1, Section 6; pay the congressmen. Others include maintaining the "validity of the public debt," which amounts to redeeming Treasury notes as they come due.
After that? Obama will pick his favorites and pillory Congress for the ensuing disaster. The dependents will protest and burn stuff, like they have in France, the UK, Greece and other Western debtor nations. Then the voters will decide.
Congress has exclusive power to incur debts. Treasury acknowledged this two days ago. At most the US is obligated to service interest on existing debt, such that the 'validity of the public debt... shall not be questioned.' At no point does the constitution require the Congress to incur new debt (i.e. raise the debt limit) for any reason, and Obama has no power to do so.
Some things that are actually not in the constitution: Social Security. Medicaid. Medicare. Food stamps. WIC. Section 8 housing. Individual Mandate. Agriculture subsidies. Unemployment compensation. Fanny Mae. Freddy Mac. Farmer Mac.
S3 Graphics, Ltd is an American company specializing in graphics chipsets.
There goes a successful purveyor of mobile GPU technology off to Taiwan... I wonder if this is what Andy Grove meant when he claimed that abandoning today's commodity manufacturing can lock you out of tomorrow's emerging industry.
So there is $45 million that Microsoft figures Samsung must owe at $15 a pop. At that pace Microsoft expects about $289 million a year.
I suspect, and hope, that Samsung will figure they can risk a fraction of that to fight the legal battle for a few years. Perhaps invalidate a mass of patents ah la Oracle/Google.
A South Korean company blocking the import of Chinese made products of a US company on the basis of US patents. Amusing. Also, it's not going to happen. At least not this election cycle.
The common thread among these systems (PHP, (Open)SUSE, etc.) is the use of crypt_blowfish, a flawed implementation of the blowfish hash function. Constructing passwords that collide is easy due to a sign extension bug. A SUSE user can observe the use of blowfish in/etc/default/passwd, where the default value of CRYPT_FILES is 'blowfish'.
To be clear, the problem is a flawed implementation; the blowfish hash algorithm itself remains sound.
The PHP crypt() function supports several common hash algorithms including blowfish. The PHP 'documentation' implies that DES is default. Anyone care to speculate on the likelyhood of widespread blowfish use by public sites?
I really think MS could get away with no implementing it.
One good hit, the WebGL equivalent of Farmville, will change everything. Don't underestimate this; WebGL is cool and the potential great. If WebGL is successful it will help to break the domination of DirectX among the desktop graphics hardware vendors and cause developers to look beyond the Microsoft romper room.
OpenGL ES 1.x/2.0 is already dominant on mobile platforms (iOS and Android, specifically) and WebGL is based on the same edition. There is a real opportunity for convergence around a solid, open, non-Microsoft GPU framework.
WebGL security is a non-issue really. If the HTML5's 2D canvas + built-in video streaming isn't already good enough to obviate flash it will be soon. Together, those two are sufficient for most graphical applications and much easier to secure than the 3D pipeline. The 3D pipeline will never be secured well enough for general purpose use on the web, so WebGL will ultimately have to require operator authorization, among other things, to prevent it from becoming a popular attack vector.
It will require a couple of incidents before Google, Mozilla, et al. concede this and lock down WebGL, taking it off the table as a viable attack vector. Eventually they will. Bank on it.
So are you saying that Google Voice isn't Voice, or that it doesn't work on the Internet Protocol?
There is a great deal of ambiguity in these discussions. The parent is stating the Google Voice, when used via a mobile device through the Google Voice app, is not VoIP. This is a correct statement. When you place a call to a non-Google Voice number (land line, cell number, etc.) from your mobile device using the Google Voice feature you are actually calling a generic number. Google places another call to the to desired number and the two calls are connected. Thus, your device is using conventional cell phone communication, and burning whatever 'minutes' are involved.
Google Voice is also a VoIP product when used from desktop systems. You can place calls from within Gmail to other Google Voice users, POTS numbers, etc.
Google Voice currently provides 'free' US domestic calls. From the desktop (via VoIP) the calls really are free. From your mobile device you consume minutes to place the call to the generic number, but Google charges you nothing. Google subsidies their expense of placing domestic calls on your behalf from revenue they collect for international calling. This situation may not last forever; Google is still evaluating the viability of free domestic calling.
Some or all of the above is badly incomplete, incorrect, misleading or otherwise faulty. This stuff is complicated and the sources of information are wildly ambiguous, deliberately in some cases.
It's 3D in the sense that it has more depth than the previous version. The original Castle Wolfenstien (1981) had very little depth relative to later incarnations, such as Wolfenstein 3D. The 3D aspect of the new Intel transistors improve power consumption by reducing current leakage. The new transistor may therefore have much smaller feature size. Likewise, Wolfenstien 3D improves game play by reducing the players perspective of the map and increasing anticipation.
You will notice that both the original Castle Wolfenstien and Wolfenstien 3D are actually rendered on a 2D planar surface, despite the use of the '3D' moniker in one of the titles. Intel is guilty of the same thing, but in reverse; so called 'planar' transistors are etched onto a flat surface, but they actually have depth, just like Wolfenstien doesn't, whereas part of the new transistors stick up from the surface and must, therefore, be characterized in a third dimension.
I'm pretty sure that the use of non-words like "ideation"
That word disgusted me as well. I was certain that it had to be a marketing speak neologism. It isn't. Ideation is a legitimate word, resurrected from disuse by these heinous trolls.
You guys really are a terrorized nation, aren't you?
No. This is politics. The same 'national security' argument escaped these people when it came to Abu Ghraib photos, gitmo photos, civilian casualty photos, etc. They wanted everything exposed on the front page immediately and without exception. Any hesitation was an impeachable criminal act.
I'm watching Jon Stewart make bin Laden head shot jokes every night. Who are the cowboys now? It will be funny when these freshly minted chicken-hawks eventually see exactly what they're flaunting; a head blown apart with assault rifle rounds.
On that day there will be no memory of their joy at the AP.
WebGL is a Javascript expression of OpenGL ES 2.0, the same OpenGL edition that appears on Apple's iOS and recent versions of Android. OpenGL ES 2.0 is essentially OpenGL 2.0 with the fixed function pipeline removed. This reduces the size of the API substantially.
Some may remember the little ARM11 based computer that appeared last week supports OpenGL ES 2.0. OpenGL ES 2.0 is also the choice of Wayland developers. There seems to be a big convergence happening around this particular edition of OpenGL due to embedded GPUs
WebGL is manifested as a context of a HTML5 canvas element. Javascript has been extended with new data types to provide aligned, dense arrays for loading vertex attributes into the GL. WebGL allows vertex and fragment shader code to be loaded into the GL.
The end result is very high performance graphics driven by Javascript hosted in a browser. WebGL integrates with the browser in some convenient ways; texture data is loaded from Javascript image objects and CSS can apply 3D transforms, for example.
WebGL has been supported in experimental form by Webkit and Mozilla since late 2010. Opera also supports WebGL. Microsoft is no where to be found.
Operating systems compromise security for the sake of GPUs. Obviously, exposing graphics subsystems to inevitably malicious code will get machines compromised. I think Google, Mozilla, et al. should adopt the 'no-script' paradigm for this stuff and require the operator to explicitly enable WebGL content case by case. The graphics subsystem will never prioritize security over performance so securing these code paths well enough for public exposure will never happen.
It would be nice if they gave this some thought before millions of people get owned and WebGL gets a huge black eye......
Slashdot Mirror
so it's official, the FOSS drivers are better than the proprietary drivers?
Probably not
Not so fast. The answer depends on your definition of `better.' If by `better' one means `survives vendor indifference' (Catalyst wasn't cutting it, for some reason,) then yes, the FOSS driver is indeed better.
That is, in fact, what appears to have happened here; the hardware had to work, so they found a way. The driver they came up with is considerably better than no driver at all.
This whole thing is rather telling. Linux is doing rather well in embedded systems. So well that drivers are now being ported from Linux to Windows. The best embedded GPU drivers (powervr, mali, tegra) are Linux, or at least not Windows. The software for certain advanced features available from ARM vendors (codecs, hardware crypto, etc.) have Linux as their reference implementation. This is all due to the success of Linux on Android, a plethora of set-tops, music players, cameras and other embedded systems.
There is a functional language called Scheme. It is a minimal LISP with some advanced features and noted for having a very small specification. The current version is (deep breath) R6RS. Don't panic; that just means Revised(6) Report (on the algorithmic language) Scheme. The previous version was R5RS and the next is R7RS. Yes, you could drop all the consonants and have the same result, but that doesn't occur to academics.
The gist of the story is that R6RS isn't being adopted by implementations (scheme has many divergent implementations) and that R7RS is being worked on with a higher rate of adoption in mind.
And yes, if you have spent much time around Slashdot and taken an interest in the technical topics (as opposed to the political controversies) you are expected to know enough of this to follow the summary. Not that it was written all that well...
Do the wings bend (in the vertical axis I suppose) more than normal?
Yes, 787 wings appear to flex more than conventional airliner wings. It reminds me of a composite sailplane. Here is a nice video of the plane and its wings flexing.
they can be bent almost till they touch at the top before breaking
Wings are just metal or composites, not magic. They are rather strong, however. Here is somewhat dramatic video of the 787 wing tested to failure.
transparent hulls ... entertainment like theme park rides
Most passengers are work-a-day schlubs that want to sleep or work and pay as little as possible for the trip. The extra cost and drama probably won't be welcome beyond certain niches.
spend more on pizza
Eating has a big constituency.
The SPI for fusion energy is indeed 50 years. It is sometimes misstated as 20 due to confusion with flying cars.
This reminds me of the Windows 7 Fault Tolerant Heap. When the OS detects frequent crashes of a program it may 'shim' the memory management operations (malloc/free) to prevent future crashes. This can, for instance, prevent a crash when a program references recently free'd memory; the OS will deliberately leak that memory and the program keeps on spinning. Double frees can also be automatically mitigated. The heuristics involved will actually analyze the results of these efforts and back out the 'shims' if necessary.
not intended for use in a nuclear installation
what stops me pinching the cert
The cert won't help. A 'cert' implies some form of public-key cryptography, where one must have a private key to be authenticated. Anyone may have the cert and its public key; it is public material and dissemination compromises nothing. The question is how does one secure the private key.
One can imagine an HSM embedded in a portable device. This could isolate key material such that recovery, if possible, would require time, physical possession and destruction of the device.
Someone is actually attempting to provide this in the form of a microSD card. Ultimately the best solution would have the HSM circuit embedded in the SOC. Given the liberal nature of ARM SOC manufacturing, where designers mix in modules as they wish, it seems entirely feasible.
Still, sites often can only authenticate a password, so the password must be stored. Would encrypting the password(s) offer any benefit? I think it might, given a correct design. If the encryption key were stored only in RAM then a power cycle of the device would protect the credentials. I could briefly lend the device to someone and they would have no access to services for which I had stored passwords. A neglected (how many old phones do you have lurking around, dear reader?) or lost device would eventually discharge to the same effect.
After we get every surface painted white the climatologists will discover that reflecting energy back into the sky somehow leads to reduced cloud cover causing a net increase in global temperature. Mark my words. Or not. I'll just link back here when it happens.
Bruce Schneier doesn't use Photoshop. He only has to think about an image and it will comply with his wishes.
don't count on finding low cost channels for content from the studios to last forever
Don't count of the value of the studio's assets to remain high forever. When cable appeared the legacy networks found themselves competing with new content that emerged exclusively on the new medium. Today the old networks are just slots in the basic cable lineup.
Streaming is a true a la carte platform, far more liberal than cable/satellite. Anyone can knock together a Roku channel, contract with a CDN and deliver broadcast quality content to the world. No cable company need be dealt with. No big content gate-keeper gets a cut. That is an irresistible temptation to entrepreneurs.
Eventually new and popular content will emerge that is exclusive to streaming. Competitors for staple cable channels will appear. Note that you can get live Al Jazeera on a Roku, but not CNN et al. The old cable staples will never truly make the transition. They'll have to be bought by those who do.
Streaming is absolutely fucking excellent. The ultimate potential of streaming is way better than anything the traditional cable/satellite model offers, and it simply doesn't need Sony/Time Warner/Disney to succeed. As the big content owners of the world realize that consumers are happy with what has independently emerged on streaming media they'll have to compete with it. That is when the prices will be rationalized and the big content libraries get commoditized.
In the immediate future the big content owners will play their games and try to squeeze the new medium for all it's worth. All they're really doing is creating opportunities for competitors. Streaming dominance with endemic competition is an inevitability. It will be the premier platform inside of ten years and all else will be legacy prizes lined up for the auction block.
I would not be so sure.
I am sure. China just clarified our budget priorities for us yesterday. Last week China helped with our diplomatic prerogatives.
In the next few days we may have a budget deal. Where do you think Treasury will be looking for the next few hundred billion of financing? Or rather, how many hours will it take for Geithner to arrive in Beijing (for the third time) after the limit gets bumped?
We're not going to be engaging anyone in any aerospace competitions. Not merely because we can't afford it, but also because they would rather we not.
Parent is correct. When you get past the junk science and put credible people under the spotlight Yucca Mountain is understood to be a safe long term solution. I watched the congressional testimony. The DOE had to have it beat out of them, because affirming the safety of Yucca kicks a leg out from under the Administration's policy. NRC scientists affirmed the same thing. There are no technical reasons why we should not open Yucca Mountain. The only actual reason for the shutdown that anyone could cite was the purely political view than Yucca is somehow "unworkable" for reasons known only to Chu.
Even worse was the NRC testimony. I don't believe this level of acrimony has existed at the NRC since TMI-2 melted down. NRC staff members publicly condemned the NRC Chairman Jaczko for politicizing the matter, withholding information from the board, manipulating scientific results and manipulating the process. 'Science based' government my ass. Jaczko is still withholding the completed results of the NRC's scientific assessment of Yucca mountain safety.
From the the NYT story
The [NRC] inspector general’s report said that Mr. Jaczko’s decision to halt the Yucca review was based on politics, however, not on a consideration of the acceptability of the site for long-term storage.
Criticism of the Administration, the DOE and Jaczko by the House committee was nearly bipartisan. Basically we have anti-energy anti-nuke activists playing political games inside the NRC and the DOE, and everyone knows it.
This nonsense needs to stop. We really need to get this waste secured at Yucca before some earthquake/tsunami/tornado/flood/hurricane/meteor/terrorist/busted-water-pump causes widespread nuclear contamination.
Yep, but here's the problem.
There are even more problems than you think. Investors won't touch debt issued without the authority of Congress. It isn't enough to usurp the prerogative of Congress and ignore the debt limit. Investors, with actual money, must then be found. Investors that can be convinced these `rouge' Treasury notes enjoy the full faith and credit of..... whom? Some congressman yelling about `illegal debt' and calling for impeachment?
Good luck with that!
setting some new, dangerous precedents
This debt crisis has been a long time coming. Voices have warned about the consequences of chronic deficit spending for decades. There aren't any easy answers left no matter what billstewart et al. wish to believe. They can blame it on corporations, Bush, Republicans, capitalism, white people, Christians, the `rich,' Bilderbergs, assault rifles or whatever else they've been taught to hate. It doesn't matter any more because the jig, as they say, is up.
What we're left with is one of four possibilities. One, we'll do the politically difficult thing and balance the budget, or get fairly close. Two, kick the can a few more years and have our creditors balance it for us. Three, try and fail at the first and then eventually suffer the second anyways, like Greece. Four, print ourselves into a currency crisis, in which case you're back to number two.
Why shouldn't President Obama simply instruct the secretary of the Treasury to zero out every program he finds personally objectionable?
Because the constitution assigns priority to certain obligations of the Federal government. Sentence one; "provide for the common defense." Article 1, Section 6; pay the congressmen. Others include maintaining the "validity of the public debt," which amounts to redeeming Treasury notes as they come due.
After that? Obama will pick his favorites and pillory Congress for the ensuing disaster. The dependents will protest and burn stuff, like they have in France, the UK, Greece and other Western debtor nations. Then the voters will decide.
But the Debt Limit Law isn't in the Constitution
Congress has exclusive power to incur debts. Treasury acknowledged this two days ago. At most the US is obligated to service interest on existing debt, such that the 'validity of the public debt ... shall not be questioned.' At no point does the constitution require the Congress to incur new debt (i.e. raise the debt limit) for any reason, and Obama has no power to do so.
Some things that are actually not in the constitution: Social Security. Medicaid. Medicare. Food stamps. WIC. Section 8 housing. Individual Mandate. Agriculture subsidies. Unemployment compensation. Fanny Mae. Freddy Mac. Farmer Mac.
According to Wikipedia:
S3 Graphics, Ltd is an American company specializing in graphics chipsets.
There goes a successful purveyor of mobile GPU technology off to Taiwan... I wonder if this is what Andy Grove meant when he claimed that abandoning today's commodity manufacturing can lock you out of tomorrow's emerging industry.
I'll bet Samsung wouldn't mind owning Tegra.
Put some lawyers out of work.
Samsung Galaxy S II Astonishes With 3 Million Units Sold in 55 Days
So there is $45 million that Microsoft figures Samsung must owe at $15 a pop. At that pace Microsoft expects about $289 million a year.
I suspect, and hope, that Samsung will figure they can risk a fraction of that to fight the legal battle for a few years. Perhaps invalidate a mass of patents ah la Oracle/Google.
A South Korean company blocking the import of Chinese made products of a US company on the basis of US patents. Amusing. Also, it's not going to happen. At least not this election cycle.
The common thread among these systems (PHP, (Open)SUSE, etc.) is the use of crypt_blowfish, a flawed implementation of the blowfish hash function. Constructing passwords that collide is easy due to a sign extension bug. A SUSE user can observe the use of blowfish in /etc/default/passwd, where the default value of CRYPT_FILES is 'blowfish'.
To be clear, the problem is a flawed implementation; the blowfish hash algorithm itself remains sound.
The PHP crypt() function supports several common hash algorithms including blowfish. The PHP 'documentation' implies that DES is default. Anyone care to speculate on the likelyhood of widespread blowfish use by public sites?
I really think MS could get away with no implementing it.
One good hit, the WebGL equivalent of Farmville, will change everything. Don't underestimate this; WebGL is cool and the potential great. If WebGL is successful it will help to break the domination of DirectX among the desktop graphics hardware vendors and cause developers to look beyond the Microsoft romper room.
OpenGL ES 1.x/2.0 is already dominant on mobile platforms (iOS and Android, specifically) and WebGL is based on the same edition. There is a real opportunity for convergence around a solid, open, non-Microsoft GPU framework.
WebGL security is a non-issue really. If the HTML5's 2D canvas + built-in video streaming isn't already good enough to obviate flash it will be soon. Together, those two are sufficient for most graphical applications and much easier to secure than the 3D pipeline. The 3D pipeline will never be secured well enough for general purpose use on the web, so WebGL will ultimately have to require operator authorization, among other things, to prevent it from becoming a popular attack vector.
It will require a couple of incidents before Google, Mozilla, et al. concede this and lock down WebGL, taking it off the table as a viable attack vector. Eventually they will. Bank on it.
So are you saying that Google Voice isn't Voice, or that it doesn't work on the Internet Protocol?
There is a great deal of ambiguity in these discussions. The parent is stating the Google Voice, when used via a mobile device through the Google Voice app, is not VoIP. This is a correct statement. When you place a call to a non-Google Voice number (land line, cell number, etc.) from your mobile device using the Google Voice feature you are actually calling a generic number. Google places another call to the to desired number and the two calls are connected. Thus, your device is using conventional cell phone communication, and burning whatever 'minutes' are involved.
Google Voice is also a VoIP product when used from desktop systems. You can place calls from within Gmail to other Google Voice users, POTS numbers, etc.
Google Voice currently provides 'free' US domestic calls. From the desktop (via VoIP) the calls really are free. From your mobile device you consume minutes to place the call to the generic number, but Google charges you nothing. Google subsidies their expense of placing domestic calls on your behalf from revenue they collect for international calling. This situation may not last forever; Google is still evaluating the viability of free domestic calling.
Some or all of the above is badly incomplete, incorrect, misleading or otherwise faulty. This stuff is complicated and the sources of information are wildly ambiguous, deliberately in some cases.
It's 3D in the sense that it has more depth than the previous version. The original Castle Wolfenstien (1981) had very little depth relative to later incarnations, such as Wolfenstein 3D. The 3D aspect of the new Intel transistors improve power consumption by reducing current leakage. The new transistor may therefore have much smaller feature size. Likewise, Wolfenstien 3D improves game play by reducing the players perspective of the map and increasing anticipation.
You will notice that both the original Castle Wolfenstien and Wolfenstien 3D are actually rendered on a 2D planar surface, despite the use of the '3D' moniker in one of the titles. Intel is guilty of the same thing, but in reverse; so called 'planar' transistors are etched onto a flat surface, but they actually have depth, just like Wolfenstien doesn't, whereas part of the new transistors stick up from the surface and must, therefore, be characterized in a third dimension.
BadAnalogyGuy use to handle this sort of thing...
I'm pretty sure that the use of non-words like "ideation"
That word disgusted me as well. I was certain that it had to be a marketing speak neologism. It isn't. Ideation is a legitimate word, resurrected from disuse by these heinous trolls.
Websters (1913): ideation
You guys really are a terrorized nation, aren't you?
No. This is politics. The same 'national security' argument escaped these people when it came to Abu Ghraib photos, gitmo photos, civilian casualty photos, etc. They wanted everything exposed on the front page immediately and without exception. Any hesitation was an impeachable criminal act.
I'm watching Jon Stewart make bin Laden head shot jokes every night. Who are the cowboys now? It will be funny when these freshly minted chicken-hawks eventually see exactly what they're flaunting; a head blown apart with assault rifle rounds.
On that day there will be no memory of their joy at the AP.
WebGL is a Javascript expression of OpenGL ES 2.0, the same OpenGL edition that appears on Apple's iOS and recent versions of Android. OpenGL ES 2.0 is essentially OpenGL 2.0 with the fixed function pipeline removed. This reduces the size of the API substantially.
Some may remember the little ARM11 based computer that appeared last week supports OpenGL ES 2.0. OpenGL ES 2.0 is also the choice of Wayland developers. There seems to be a big convergence happening around this particular edition of OpenGL due to embedded GPUs
WebGL is manifested as a context of a HTML5 canvas element. Javascript has been extended with new data types to provide aligned, dense arrays for loading vertex attributes into the GL. WebGL allows vertex and fragment shader code to be loaded into the GL.
The end result is very high performance graphics driven by Javascript hosted in a browser. WebGL integrates with the browser in some convenient ways; texture data is loaded from Javascript image objects and CSS can apply 3D transforms, for example.
WebGL has been supported in experimental form by Webkit and Mozilla since late 2010. Opera also supports WebGL. Microsoft is no where to be found.
Operating systems compromise security for the sake of GPUs. Obviously, exposing graphics subsystems to inevitably malicious code will get machines compromised. I think Google, Mozilla, et al. should adopt the 'no-script' paradigm for this stuff and require the operator to explicitly enable WebGL content case by case. The graphics subsystem will never prioritize security over performance so securing these code paths well enough for public exposure will never happen.
It would be nice if they gave this some thought before millions of people get owned and WebGL gets a huge black eye......