Now all the black-hats out there will have a powerful new tool in their arsenal! You mean, a sudoer can, like, type "sudo/bin/bash" and then do all sorts of things as root? Pretty irresponsible of him to go telling the world a secret like THAT!
How, exactly, is a "whitelist-only, default deny" policy going to stop email claiming to be from EBay? Oh, that's right--it won't. Not if you use EBay, that is. In other words, his suggestion helps phishers, if anything, by ensuring that the people receiving the emails are only those that really use EBay, or PayPal, or Citibank.
Wow, for such a small subthread this is sure turning into a FAQ! I know what article 19 says. Now go read what article 29 says.
Re:When the UN adopts the first amendment...
on
U.N. To Govern Internet?
·
· Score: 2, Insightful
See the Universal Declaration of Human Rights, in particular articles 18 - 21... So. You were saying?
Now read article 29: "These rights and freedoms may in no case be exercised contrary to the purposes and principles of the United Nations." In particular, if I exercise my free speech to call for the dissolution of the UN, say, then I've violated article 29, and am not covered by that "right".
Re:When the UN adopts the first amendment...
on
U.N. To Govern Internet?
·
· Score: 4, Insightful
No. The UN pays lip service to the freedom of speech, but clearly states in the charter (have you read it?) that these "rights" are subject to abridgement or revocation by the UN itself. A right isn't a right if it can be taken away. That's why the US founding documents speak of inalienable rights, endowed by the creator. In other words, rights that transcend the power of government.
My point is that Gödels theorem doesn't prevent a program from generating all proofs as the above seems to imply.
You're quibbling. As I indicated in followups, a general-purpose theorem prover doesn't exist due to Gödel's theorem. Specific-purpose provers have nothing to do with Gödel's theorem.
The thing is, nowhere did I say the machine could *decide* any given proposition. I agree this is impossible and I even think I argued why it is impossible.
OK, back to the top: exactly what was your disagreement with me again?
What I said (or at least tried to say) is that for any P which is provable, there exists T so that the machine will emit P after T operations.
That's true, but completely uninteresting. You just said that although we can't solve the halting problem, given any program that halts there is a time T such that it does indeed halt by time T.
Certainly not. It is trivial to build a machine that, provably, prints out all theorems of any theory given by a set of axioms...
That's not what I said. I'm talking about a machine that can prove any given theorem in bounded time or, if it is false, can prove the converse in bounded time. That machine can't by built, because if it were built it could solve the halting problem.
People commonly cite the halting problem as evidence that theorem-provers can't work. But as I said originally, a program to solve the four-color theorem doesn't have anything to do with the halting problem: for starters, it only proves four-color theorems.
In fact a four-color-theorem-prover is essentially what you've described: it generates only true statements, but also performs a search for the desired true statement (namely, the four-color theorem). In practice the search space is narrowed considerably by the designers of the program.
You've made one error, though: this "trivial" machine you've described cannot "prove anything". You might think it can, but observe that it can't solve the halting problem. If I want to check a theorem, I start up your machine, and then wait. If it hasn't printed the theorem after one billion years, I still don't know whether the theorem is true or false. Similarly, if I want to solve the halting problem, I can run the program in question and see if it halts--but if it doesn't halt after a billion years, I'm still left wondering.
More rigorously, given any time T, there is a theorem that will be emitted at time t > T. To see this, we construct the theorem as follows: Let machine M(t) print one true statement at time t, and assume that given any true statemen P, M(t)=P for some time t. Then the statement "M(1) and M(2) and... and M(T)" will be printed at some time t > T. Therefore, your machine can't prove any given theorem in bounded time.
You see, in simplest terms Gödel's theorem boils down to this: "The only general way to know whether a given program will halt is to run it and see."
I think you misunderstand the point of Gödels theorem.
Nope.
This theorem doesn't say, that there can't exist a machine that generates all possible proofs.
That's correct. But Gödel's theorem applies if you build a machine that can prove anything: namely, proving that the machine actually works is exactly equivalent to the halting problem.
If you can't independently examine and verify your "proof" then how can it be considered proof of anything?
That's easy. Speaking as a PhD mathematician, there's nothing disturbing at all about these computer proofs. They're examples in which a computer was programmed to generate a perfectly standard proof, except that it's extremely long.
Checking the proof is not hard: it suffices to verify that the program emits only correct inferences. That's nothing more than a standard human-generated proof. In addition, a verifier can be coded by someone other than the original author, to check the validity of the inferences generated by the first program. The checker's algorithm can also be verified using a standard human proof, and would be used to confirm that a bug didn't result in an incorrect proof.
Note that Gödel's incompleteness theorem has nothing to do with these programs: they don't generate all possible proofs. They only generate one specific type of proof per program. Each program is easy to verify.
You could call the software correctness proofs "meta-proofs", but that's just being coy. They're perfectly legitimate proofs, and they are sufficient to prove the correctness of proofs generated by the program.
Now we can make "real" triggers in the DB layer, but guess what? The logic is exactly the same.
Um, no, there's an important difference. Triggers are intended to ensure data integrity, not to implement application logic per se. When you denormalize a relation, and introduce redundant data, you also introduce the certainty that the redundant data will end up out of sync sooner or later. Triggers are there to correct that problem.
If you put the same logic in your app, you guarantee that someone, somewhere, will update one datum without properly updating the redundant copy. Hilarity ensues.
Three in four students said flag burning is illegal. It's not. About half the students said the government can restrict any indecent material on the Internet. It can't.
That's all true as far as current law goes, but it's a gross misunderstanding to suggest that the first amendment is about protecting pr0n. The framers made, and enforced, laws against obscenity and indecency. It's only recently that 1st amendment case law started to focus on protecting deviancy.
The primary purpose of the first amendment is to protect political dissent and religious freedom. The protection was made broader than "political" speech only to prevent politicians from enacting censorship under the guise of decency laws.
Ironically, political dissent is condemned by left- and right-wingers, as either "fascist" or "unpatriotic", and public expression of religious views brings down a torrent of ridicule. The only "first amendment rights" people get passionate about are exactly the ones that weren't even intended by the framers: frivolous and indecent expression that serves no decent purpose at all.
The consensus on human CO2 emissions causing climate change is about as solid as you can get - despite what the oil-lobby, uninformed trolls and assorted net.kooks would have you believe.
Unfortunately, science doesn't work that way. It isn't about majority rule; it's about repeatable results that others can verify. See Aliens Cause Global Warming for an excellent analysis.
Spammers simply aren't diligent when it comes to maintaining their list, they don't remove bounced emails... I don't know what this guy did but he is thoroughly mistaken.
He isn't mistaken. He simply discovered that spammers don't retry. If you shut off your computer for two days out of three, legitimate mail will sit in the queue until the server gets through. Spammer software tries once to send, and moves on if it fails. Voila! On your "on" days, your signal/noise ratio is tripled.
He will discover that around 4-5 days, legitimate mail starts bouncing back to the senders. Two days is probably the limit of safety.
If he decides to tinker with his MTA instead of power-cycling his server, and if he takes a programming course, he will re-invent greylisting.
Google needs to not just police fraudulent clicks, but their own counting system. My dad tried their system to promote a fledgling e-commerce site for his wife's business. In two weeks, they reported about 400 clicks. Thing is, his web host reported only about 300 hits on his home page.
There's a decent chance that Google was right and your Dad was wrong. A click-through link sends the browser first to Google (where the hit is counted), and then refers the browser to your Dad's URL.
What can happen is that your Dad's web page is cached somewhere--on the user's computer, a cache provided by the ISP, etc. Google's links defeat caches by including unique strings, precisely to ensure that every click is counted. Your Dad's URLs, on the other hand, look the same every time. As a result, the user's click is logged by Google, but then the page is loaded from a cached copy, without ever touching your Dad's server.
This scenario is extremely common, because users tend to visit sites more than once. If someone didn't bookmark your Dad's page, he probably used a Google search to find it again.
--Len.
Disclaimer: I have no interest, financial or otherwise, in any company that earns revenue from click-through ads.
Interesting! This guy's project basically connects a dimmer switch each to red, green and blue LED strings. The colors sorta mix, sorta producing colored light, but as you can see in his pictures there are major fringing effects (multicolored bands of light). The howto on this page, suggested by another poster, gives a much cleaner result.
The link above uses a microcontroller and pulse-width modulation to vary each color's intensity, producing a much more even color effect.
Now, of course, I want to redo the apartment with them. Eternal lighting with no more power consumption than a couple of flashlights...yum...
If they did, they'd discover that the article is actually an excerpt of a larger article. THAT FA was written by a nutritionist/fitness guy, with a semi-nude picture of himself and his sixpack at the end of the article.
If you try to find HIS source, good luck! There are no links to credible sources on that page.
In other words, nothing to see here. This is not a credible source; it's an anti-war rant.
...not to mention the fact that the last thing you'd install on a pacbot is a pump action shotgun, which would require a little robotic arm to work the pump. If the story were remotely plausible, it would have selected a sensible semi-automatic shotgun, not a pump.
Why not insert a small RFID chip into an officers hand for the gun to read? could be used in combination with biometrics, where any positive reading activates the gun...
I say, great! Let's inject cops with RFID tags! That way, bad guys don't have to post a lookout at all--they can just leave a cop-sensor near the bank entrance.
...if only to see a pic of the guy who causes such a ruckus.
Otherwise, the interview is extremely tame. He alludes to the "corporate ways of Linux vendors", but doesn't give vent to any interesting rants.
De Raadt raises one interesting question, though, when he says, "in other cases we have had to resort to activism. An example of this was Qlogic...for a few years we did ship this code without being aware of the issue. But after a few mails to Art at Qlogic, and a threat to remove their code from our upcoming release, they decided to let us include the firmware in our operating systems."
The question is: how is this "activism"? He states that they used Qlogic SCSI firmware inadvertantly, and when asked to stop, threatened to comply with the request. That's "activism"?
Slashdot Mirror
Now all the black-hats out there will have a powerful new tool in their arsenal! You mean, a sudoer can, like, type "sudo /bin/bash" and then do all sorts of things as root? Pretty irresponsible of him to go telling the world a secret like THAT!
How, exactly, is a "whitelist-only, default deny" policy going to stop email claiming to be from EBay? Oh, that's right--it won't. Not if you use EBay, that is. In other words, his suggestion helps phishers, if anything, by ensuring that the people receiving the emails are only those that really use EBay, or PayPal, or Citibank.
When will Meng,
- Universal Master of Obvious Flawed Ideas
(TM), ever cease to amaze us all?You forgot to log in.
Article 19.
Wow, for such a small subthread this is sure turning into a FAQ! I know what article 19 says. Now go read what article 29 says.
See the Universal Declaration of Human Rights, in particular articles 18 - 21... So. You were saying?
Now read article 29: "These rights and freedoms may in no case be exercised contrary to the purposes and principles of the United Nations." In particular, if I exercise my free speech to call for the dissolution of the UN, say, then I've violated article 29, and am not covered by that "right".
No. The UN pays lip service to the freedom of speech, but clearly states in the charter (have you read it?) that these "rights" are subject to abridgement or revocation by the UN itself. A right isn't a right if it can be taken away. That's why the US founding documents speak of inalienable rights, endowed by the creator. In other words, rights that transcend the power of government.
...then maybe. Not before.
That a business that already has 10,000 windows boxes deployed is reluctant to perform 10,000 Linux migrations? Why, that's amazing!
maybe your interpretation of it meant it was correct but according to my interpretation it wasn't correct
Apology accepted, AC.
You're quibbling. As I indicated in followups, a general-purpose theorem prover doesn't exist due to Gödel's theorem. Specific-purpose provers have nothing to do with Gödel's theorem.
The thing is, nowhere did I say the machine could *decide* any given proposition. I agree this is impossible and I even think I argued why it is impossible.
OK, back to the top: exactly what was your disagreement with me again?
What I said (or at least tried to say) is that for any P which is provable, there exists T so that the machine will emit P after T operations.
That's true, but completely uninteresting. You just said that although we can't solve the halting problem, given any program that halts there is a time T such that it does indeed halt by time T.
Certainly not. It is trivial to build a machine that, provably, prints out all theorems of any theory given by a set of axioms...
That's not what I said. I'm talking about a machine that can prove any given theorem in bounded time or, if it is false, can prove the converse in bounded time. That machine can't by built, because if it were built it could solve the halting problem.
People commonly cite the halting problem as evidence that theorem-provers can't work. But as I said originally, a program to solve the four-color theorem doesn't have anything to do with the halting problem: for starters, it only proves four-color theorems.
In fact a four-color-theorem-prover is essentially what you've described: it generates only true statements, but also performs a search for the desired true statement (namely, the four-color theorem). In practice the search space is narrowed considerably by the designers of the program.
You've made one error, though: this "trivial" machine you've described cannot "prove anything". You might think it can, but observe that it can't solve the halting problem. If I want to check a theorem, I start up your machine, and then wait. If it hasn't printed the theorem after one billion years, I still don't know whether the theorem is true or false. Similarly, if I want to solve the halting problem, I can run the program in question and see if it halts--but if it doesn't halt after a billion years, I'm still left wondering.
More rigorously, given any time T, there is a theorem that will be emitted at time t > T. To see this, we construct the theorem as follows: Let machine M(t) print one true statement at time t, and assume that given any true statemen P, M(t)=P for some time t. Then the statement "M(1) and M(2) and ... and M(T)" will be printed at some time t > T. Therefore, your machine can't prove any given theorem in bounded time.
You see, in simplest terms Gödel's theorem boils down to this: "The only general way to know whether a given program will halt is to run it and see."
I think you misunderstand the point of Gödels theorem.
Nope.
This theorem doesn't say, that there can't exist a machine that generates all possible proofs.
That's correct. But Gödel's theorem applies if you build a machine that can prove anything: namely, proving that the machine actually works is exactly equivalent to the halting problem.
If you can't independently examine and verify your "proof" then how can it be considered proof of anything?
That's easy. Speaking as a PhD mathematician, there's nothing disturbing at all about these computer proofs. They're examples in which a computer was programmed to generate a perfectly standard proof, except that it's extremely long.
Checking the proof is not hard: it suffices to verify that the program emits only correct inferences. That's nothing more than a standard human-generated proof. In addition, a verifier can be coded by someone other than the original author, to check the validity of the inferences generated by the first program. The checker's algorithm can also be verified using a standard human proof, and would be used to confirm that a bug didn't result in an incorrect proof.
Note that Gödel's incompleteness theorem has nothing to do with these programs: they don't generate all possible proofs. They only generate one specific type of proof per program. Each program is easy to verify.
You could call the software correctness proofs "meta-proofs", but that's just being coy. They're perfectly legitimate proofs, and they are sufficient to prove the correctness of proofs generated by the program.
Um, no, there's an important difference. Triggers are intended to ensure data integrity, not to implement application logic per se. When you denormalize a relation, and introduce redundant data, you also introduce the certainty that the redundant data will end up out of sync sooner or later. Triggers are there to correct that problem.
If you put the same logic in your app, you guarantee that someone, somewhere, will update one datum without properly updating the redundant copy. Hilarity ensues.
Of course, I say any smart business because I know some dumb ones will.
You mean, dumb companies like Cisco? Cisco employees right up through senior VP level use IM constantly.
Since when is science a democracy / popularity contest? Science is about repeatable observations.
Anyway, everyone knows that Aliens cause global warming
From TFA:
Three in four students said flag burning is illegal. It's not. About half the students said the government can restrict any indecent material on the Internet. It can't.
That's all true as far as current law goes, but it's a gross misunderstanding to suggest that the first amendment is about protecting pr0n. The framers made, and enforced, laws against obscenity and indecency. It's only recently that 1st amendment case law started to focus on protecting deviancy.
The primary purpose of the first amendment is to protect political dissent and religious freedom. The protection was made broader than "political" speech only to prevent politicians from enacting censorship under the guise of decency laws.
Ironically, political dissent is condemned by left- and right-wingers, as either "fascist" or "unpatriotic", and public expression of religious views brings down a torrent of ridicule. The only "first amendment rights" people get passionate about are exactly the ones that weren't even intended by the framers: frivolous and indecent expression that serves no decent purpose at all.
The consensus on human CO2 emissions causing climate change is about as solid as you can get - despite what the oil-lobby, uninformed trolls and assorted net.kooks would have you believe.
Unfortunately, science doesn't work that way. It isn't about majority rule; it's about repeatable results that others can verify. See Aliens Cause Global Warming for an excellent analysis.
Len.
Spammers simply aren't diligent when it comes to maintaining their list, they don't remove bounced emails... I don't know what this guy did but he is thoroughly mistaken.
He isn't mistaken. He simply discovered that spammers don't retry. If you shut off your computer for two days out of three, legitimate mail will sit in the queue until the server gets through. Spammer software tries once to send, and moves on if it fails. Voila! On your "on" days, your signal/noise ratio is tripled.
He will discover that around 4-5 days, legitimate mail starts bouncing back to the senders. Two days is probably the limit of safety.
If he decides to tinker with his MTA instead of power-cycling his server, and if he takes a programming course, he will re-invent greylisting.
--Len.
Google needs to not just police fraudulent clicks, but their own counting system. My dad tried their system to promote a fledgling e-commerce site for his wife's business. In two weeks, they reported about 400 clicks. Thing is, his web host reported only about 300 hits on his home page.
There's a decent chance that Google was right and your Dad was wrong. A click-through link sends the browser first to Google (where the hit is counted), and then refers the browser to your Dad's URL.
What can happen is that your Dad's web page is cached somewhere--on the user's computer, a cache provided by the ISP, etc. Google's links defeat caches by including unique strings, precisely to ensure that every click is counted. Your Dad's URLs, on the other hand, look the same every time. As a result, the user's click is logged by Google, but then the page is loaded from a cached copy, without ever touching your Dad's server.
This scenario is extremely common, because users tend to visit sites more than once. If someone didn't bookmark your Dad's page, he probably used a Google search to find it again.
--Len.
Disclaimer: I have no interest, financial or otherwise, in any company that earns revenue from click-through ads.
Interesting! This guy's project basically connects a dimmer switch each to red, green and blue LED strings. The colors sorta mix, sorta producing colored light, but as you can see in his pictures there are major fringing effects (multicolored bands of light). The howto on this page, suggested by another poster, gives a much cleaner result.
The link above uses a microcontroller and pulse-width modulation to vary each color's intensity, producing a much more even color effect.
Now, of course, I want to redo the apartment with them. Eternal lighting with no more power consumption than a couple of flashlights...yum...
If they did, they'd discover that the article is actually an excerpt of a larger article. THAT FA was written by a nutritionist/fitness guy, with a semi-nude picture of himself and his sixpack at the end of the article.
If you try to find HIS source, good luck! There are no links to credible sources on that page.
In other words, nothing to see here. This is not a credible source; it's an anti-war rant.
...not to mention the fact that the last thing you'd install on a pacbot is a pump action shotgun, which would require a little robotic arm to work the pump. If the story were remotely plausible, it would have selected a sensible semi-automatic shotgun, not a pump.
Len.
Why not insert a small RFID chip into an officers hand for the gun to read? could be used in combination with biometrics, where any positive reading activates the gun...
I say, great! Let's inject cops with RFID tags! That way, bad guys don't have to post a lookout at all--they can just leave a cop-sensor near the bank entrance.
...if only to see a pic of the guy who causes such a ruckus.
Otherwise, the interview is extremely tame. He alludes to the "corporate ways of Linux vendors", but doesn't give vent to any interesting rants.
De Raadt raises one interesting question, though, when he says, "in other cases we have had to resort to activism. An example of this was Qlogic...for a few years we did ship this code without being aware of the issue. But after a few mails to Art at Qlogic, and a threat to remove their code from our upcoming release, they decided to let us include the firmware in our operating systems."
The question is: how is this "activism"? He states that they used Qlogic SCSI firmware inadvertantly, and when asked to stop, threatened to comply with the request. That's "activism"?