Perhaps you'd be interested in working with the GCC team to get your patch integrated, so that it gets maintained, works with newer compiler versions, etc.
I'm certain that major cleanups will be required before it could be accepted, but the experts may be able to help you do things in a more elegant,
powerful way. And if every gcc version had something like this, free software would be less buggy.
Right, but the military (the authors of the Orange Book) are operating from similar assumptions as Hollywood: the operator of the machine is considered an untrustworthy person whose behavior must be carefully controlled. In this context, he or she must be prevented from bypassing operating system checks. Military multi-level security is also a form of DRM, and seeks to restrict even the most "trusted" users. And this may be entirely appropriate in many circumstances.
The question is whether the purchaser of a machine is entitled to the equivalent of root or administrator privilege on the machine he or she owns, or whether the true administrator of the machine will live in Redmond or Washingon DC or
Hollywood.
This technology is intended to support the TCPA
1.0 specification for "trusted computing".
What "trusted computing" is supposed to mean is that if a file has a label on it saying "don't copy me", then it is in principle impossible for the user to copy the file (other than in the ways permitted by the digital "rights" management label).
Once you understand this, you'll see that the purpose is quite clear: of course boxes equipped with this BIOS will refuse to boot Linux. That's the whole point; they will be intended only to boot operating systems that strictly support DRM.
Each machine will have unique "integrity tokens"
which can be used as digital signatures, so that
everything you do on the machine (create a document, contact a web site) can be traced.
Since you'll have to pay for your downloads on
a credit card, this can all be cross-correlated.
The integrity tokens will be digitally signed by
the manufacturer, so that any action taken on
the net by the owner of one of these beauties
can, at least, be traced to the original purchaser of the machine. Secret, DMCA-protected protocols will assure that only "trusted computers" can
connect to their web sites.
Now, of course, initial implementations of this concept are likely to have flaws that can be exploited by crackers (example: find some way to write a program that replaces the "trusted" OS
with a BSD or Linux kernel; reprogram the flash
chip to disable checks), but I fear that they will get it right eventually.
At some point, then, the net will bifurcate: there will be a world of glorified DVD players calling themselves computers interacting with restricted network sites, and a world of general-purpose computers interacting with sites that follow standard protocols. Attempts to outlaw the "free world" will not succeed because it will do too much damage, but those who participate in the "free world" will be viewed with suspicion, called pirates, etc. ISPs might be pressured into refusing to connect with "untrusted" machines.
After five years or so, though, I expect the whole thing to fall apart, because countries that don't go along with this brain damage will acquire a technological lead, as the US enters an era where computer science is treated the way that the USSR treated science: dangerous state secrets not to be shared.
Almost all comments ignore the main problem with debuggers: they let you verify that a program works correctly for a given input, but tell you nothing about what happens for other inputs you haven't tried. Did you miss something? Are there buffer overflows or security holes? Coverage tools can help, but then you've got to come up
with directed tests to reach all of the code,
or prove that it can't be reached.
Engler and gang have gotten quiet lately, I wonder if they are trying to start a company.
There are other approaches, used in hardware verification, that can mix directed testing with
symbolic methods (from a state that is reached
in a simulation, can I reach some "bad" state?
If so, generate a test vector that takes me there).
While waiting for these tools to be developed,
get a four-year old. Let him/her play with your
GUI. If it's a Gnome or KDE app, it will probably
crash in under ten minutes, because the kid will do things that would never occur to the developer or tester.
Incorrect, Verdana can be distributed, though only in the form Microsoft originally packaged them in.
See
this Sourceforge project, however, for an easy
way to get these fonts installed as an RPM.
Or install the Debian msttcorefonts package.
Yeah, and I'll bet he gives his credit card to waiters in restaurants all the time. The only time I've ever had someone try to use a credit card number stolen from me, it was a busboy at a local Cambodian restaurant (they caught the guy too).
What is an "Americanized river"? Thanks to the Clean Water Act, rivers in the US are a lot cleaner than rivers in Europe or Asia (though GW Bush would like to gut such protections, he hasn't yet succeeded).
Even today, a large fraction spam that appears to come from China, that arrives in Americans' email boxes,
really comes from the US. It's US spammers bouncing it off of open relays in China.
Under Lessig's bill these US spammers can still be prosecuted.
Don't waste time on TFA, author misses the point
on
Moore's Law Disputed
·
· Score: 2
The author messes up by paying too much attention to the constant: that is, whether the doubling time is 18 months, 2 years, or some other number.
He also worries too much about whether it's an exact exponential or not. It's not. So what? The most amazing thing is that a doubling time exists, meaning that we have exponential growth.
Moore's Law should be read as saying that various measures of transistor density on chips grows as O(exp(t)); this has held for 40 years.
Of course, no exponential growth can continue forever.
Much of the recent history of the electronics industry has consisted of treating Moore's Law like a human law, that is, it is the marching order for the entire industry. Everyone from the fabs to the electronic design software houses to the microprocessor manufacturers to the systems houses plans in terms of generations of exponentially increasing density. Even the computer science notion "all problems can be solved by adding an extra level of indirection" implicitly assume that since the processors are getting faster all the time, we can make the code slower if we get more function out of it.
Keeping this exponential scaling process going is a massive undertaking; those interested in the problems at the cutting edge might want to look at
the International Technology Roadmap for Semiconductors.
In any case, Moore's law is doomed in the long term. I think it's got another decade or so of life, though, as the researchers have a pretty good handle on the next couple of generations of scaling.
But under the H1-B program, the foreign worker has very limited power. He is basically an indentured servant. If he pisses off the company he gets kicked out of the country. Negotiations when all the power is on one side turn into take-it-or-leave-it offers.
I find the AFL-CIO proposal one-sided because it doesn't address the abusive conditions that some (not all) H1-B program workers are forced to put up with.
Now, if you want the prevailing wage in the US to descend to the same level as the prevailing wage in China, just let us know.
For the specific case of algorithms that can be expressed strictly in terms of bounded loops where the loop bounds can all be determined at compile time, so that there are no run-time tests needed to determine if some computation must be performed or not, functional programming styles can be near-optimal. Analysis techniques can radically restructure such programs, completely reorganizing the loop nesting.
There have been a variety of stream-oriented or single-assignment languages to make such things possible: Silage and DFL, Lucid, Lustre, Sisal,
and others. You can get very good code from such languages, but they aren't very general.
You agree that the author must benchmark gcc 2.95.x instead of or in addition to gcc 3.2.1 to be taken seriously? WHY? He'll get slightly slower numbers with gcc 2.95.x, but so?
-ffast-math is not suitable for numerical computation in most cases (applications with big matrices, like weather forcasting, physics simulations and the like). It's OK in most cases for digital signal processing applications. But for the application area the author is considering, it's bogus to tell him to use -ffast-math.
In many areas there is only one available ISP for high-speed net access (DSL or cable). What happens when this ISP gets on a popular RBL? Do you sell your house and move?
But there are alternative ISPs selling DSL service in your area, you say. Not for long, thanks to people like Michael Powell at the FCC (who want to take away the rules requiring your phone company to provide access to competitors).
We'd have to eradicate Microsoft before the KDE, Gnome, and Mono projects finish cloning all of their convenient but insecure features (autorun when someone puts a disk in your CD drive, macros in your documents, Visual Basic scripts in attachments, click and run everything). Trade press folks saying
that Linux on the desktop will never succeed until the apps work exactly the same way, when many of the security holes are simply logical consequences of the features as designed.
Note that in the last two reasons you give -- use as a proxy to hide identity, and use in a DDOS attack, it is in the interest of the attacker to hide the fact that there has been a successful attack, and to allow the owner to continue to use his/her machine normally. If the owner notices that something is wrong and re-installs the OS, the black hat loses the box. So, naturally the home user thinks he has no security problems. The attacker might even have patched a few security holes, so no other attacker can take it over.
If your Windows PC has a fast (DSL or cable) connection, it may well be one of thousands of machines owned by some jerk who wants to use it to launch DDoS attacks. Its owner may never notice
any difference: it appears to operate normally, only sometimes the web seems a bit slower than expected.
The attacker has an interest in having the machine
appear to be "normal".
Of course, the GPL will mean that as soon as you sell a copy, the recipient can go into competition with you (unless you want to go semi-proprietary and include non-open-source components).
1. Mandrake pays supports many full time developers who work on open source software such as KDE, PHP-nuke; the linux kernel, CUPS.
Yes, but Red Hat supports far more full time developers, including those working on the most vital parts of the system (the C library, the compiler, the kernel). They're doing well enough that they may be able to pick up a few of the Mandrake people. Red Hat is less interested in KDE than the Mandrake folks (this is an understatement), but there are good business reasons for that.
2. New mandrake distributions are always available for download immediately (usually before the box sets).
Same with Red Hat (and Red Hat also makes its betas available).
3. The mandrake-linux distribution is all free and opensource software.
Again, same with Red Hat (at least in the case of their standard distribution).
Now that's not to say that I don't have issues with Red Hat from time to time. But the fact remains that Mandrake hasn't figured out how to run a business, while Red Hat has.
Mandrake can be a business, or they can be a nonprofit, but they can't very well be both. It's poor strategy now to toss money their way, since that money is going to wind up going to creditors when they shut the thing down, not to new development.
As for Mandrake's alleged great popularity, I think that it's a bit overrated. Online polls
give a distorted view: I'm not accusing people of stuffing ballot boxes, but it has been known to happen.
In some ways Mandrake
seems surprisingly invisible. For instance, in the GCC development list, we see loads of feedback from users of Debian, SuSE, and Red Hat, as well as BSD folk of various stripes, but essentially ZERO from Mandrake users. Now, perhaps this means that Mandrake is getting all the non-geeks who never try to do their own C or C++ programs, but you'd think we'd get some.
Similarly, CAD companies providing Linux tools get requests to support Red Hat or SuSE, and hear sometimes from Debian folk, but Mandrake? Never.
Don't forget that the folks at Ma Bell saw little use for the transistor, so they licensed it cheap to Sony and other Japanese companies, who proceeded to get rich selling transistor radios. Anyone making a list in, say, 1955, might well have left the 1947 invention of the transistor off.
Also, some of Forbes' choices are strange: tetraethyl lead? This did not "change the way we live".
Yes, you are free to block anyone you want at your own site. However, if you operate a service that maintains a list of "known spammers", and people incorrectly listed show you that they are incorrectly listed, and you still won't remove them,
you're setting yourself up for libel/slander charges: making statements that are false, with reckless disregard for the truth, that cause financial damage to others.
Now, I'm sure that services with very precise descriptions are safe: for example, a list of open relays with a procedure to get off the list after you show that you no longer have an open relay.
This is nothing new; many Photoshop-style transformations are easy to do with traditional
photographic print methods (dodge and burn, editing out objects you don't want to be there, blurring,
cropping, etc).
DRM is not only about preserving rights of content creators, because it enables the creation of additional rights for content creators that did not previously exist. Copyright law does not give a content creator the right to control private use of a work, only copying or the distribution of derivative works. But DRM lets the creator control use.
Slashdot Mirror
Perhaps you'd be interested in working with the GCC team to get your patch integrated, so that it gets maintained, works with newer compiler versions, etc.
I'm certain that major cleanups will be required before it could be accepted, but the experts may be able to help you do things in a more elegant, powerful way. And if every gcc version had something like this, free software would be less buggy.
Right, but the military (the authors of the Orange Book) are operating from similar assumptions as Hollywood: the operator of the machine is considered an untrustworthy person whose behavior must be carefully controlled. In this context, he or she must be prevented from bypassing operating system checks. Military multi-level security is also a form of DRM, and seeks to restrict even the most "trusted" users. And this may be entirely appropriate in many circumstances.
The question is whether the purchaser of a machine is entitled to the equivalent of root or administrator privilege on the machine he or she owns, or whether the true administrator of the machine will live in Redmond or Washingon DC or Hollywood.
This technology is intended to support the TCPA 1.0 specification for "trusted computing". What "trusted computing" is supposed to mean is that if a file has a label on it saying "don't copy me", then it is in principle impossible for the user to copy the file (other than in the ways permitted by the digital "rights" management label).
Once you understand this, you'll see that the purpose is quite clear: of course boxes equipped with this BIOS will refuse to boot Linux. That's the whole point; they will be intended only to boot operating systems that strictly support DRM. Each machine will have unique "integrity tokens" which can be used as digital signatures, so that everything you do on the machine (create a document, contact a web site) can be traced. Since you'll have to pay for your downloads on a credit card, this can all be cross-correlated. The integrity tokens will be digitally signed by the manufacturer, so that any action taken on the net by the owner of one of these beauties can, at least, be traced to the original purchaser of the machine. Secret, DMCA-protected protocols will assure that only "trusted computers" can connect to their web sites.
Now, of course, initial implementations of this concept are likely to have flaws that can be exploited by crackers (example: find some way to write a program that replaces the "trusted" OS with a BSD or Linux kernel; reprogram the flash chip to disable checks), but I fear that they will get it right eventually.
At some point, then, the net will bifurcate: there will be a world of glorified DVD players calling themselves computers interacting with restricted network sites, and a world of general-purpose computers interacting with sites that follow standard protocols. Attempts to outlaw the "free world" will not succeed because it will do too much damage, but those who participate in the "free world" will be viewed with suspicion, called pirates, etc. ISPs might be pressured into refusing to connect with "untrusted" machines.
After five years or so, though, I expect the whole thing to fall apart, because countries that don't go along with this brain damage will acquire a technological lead, as the US enters an era where computer science is treated the way that the USSR treated science: dangerous state secrets not to be shared.
Almost all comments ignore the main problem with debuggers: they let you verify that a program works correctly for a given input, but tell you nothing about what happens for other inputs you haven't tried. Did you miss something? Are there buffer overflows or security holes? Coverage tools can help, but then you've got to come up with directed tests to reach all of the code, or prove that it can't be reached.
Complete formal verification for large programs is a pipe dream, but there is a lot that can be discoverd through static analysis. Consider Dawson Engler's Meta-Level Compilation project, which automatically found hundreds of errors in the Linux kernel, for an example of what is possible.
Engler and gang have gotten quiet lately, I wonder if they are trying to start a company.
There are other approaches, used in hardware verification, that can mix directed testing with symbolic methods (from a state that is reached in a simulation, can I reach some "bad" state? If so, generate a test vector that takes me there).
While waiting for these tools to be developed, get a four-year old. Let him/her play with your GUI. If it's a Gnome or KDE app, it will probably crash in under ten minutes, because the kid will do things that would never occur to the developer or tester.
Incorrect, Verdana can be distributed, though only in the form Microsoft originally packaged them in. See this Sourceforge project, however, for an easy way to get these fonts installed as an RPM. Or install the Debian msttcorefonts package.
Yeah, and I'll bet he gives his credit card to waiters in restaurants all the time. The only time I've ever had someone try to use a credit card number stolen from me, it was a busboy at a local Cambodian restaurant (they caught the guy too).
What is an "Americanized river"? Thanks to the Clean Water Act, rivers in the US are a lot cleaner than rivers in Europe or Asia (though GW Bush would like to gut such protections, he hasn't yet succeeded).
Even today, a large fraction spam that appears to come from China, that arrives in Americans' email boxes, really comes from the US. It's US spammers bouncing it off of open relays in China.
Under Lessig's bill these US spammers can still be prosecuted.
The author messes up by paying too much attention to the constant: that is, whether the doubling time is 18 months, 2 years, or some other number. He also worries too much about whether it's an exact exponential or not. It's not. So what? The most amazing thing is that a doubling time exists, meaning that we have exponential growth.
Moore's Law should be read as saying that various measures of transistor density on chips grows as O(exp(t)); this has held for 40 years. Of course, no exponential growth can continue forever.
Much of the recent history of the electronics industry has consisted of treating Moore's Law like a human law, that is, it is the marching order for the entire industry. Everyone from the fabs to the electronic design software houses to the microprocessor manufacturers to the systems houses plans in terms of generations of exponentially increasing density. Even the computer science notion "all problems can be solved by adding an extra level of indirection" implicitly assume that since the processors are getting faster all the time, we can make the code slower if we get more function out of it.
Keeping this exponential scaling process going is a massive undertaking; those interested in the problems at the cutting edge might want to look at the International Technology Roadmap for Semiconductors.
In any case, Moore's law is doomed in the long term. I think it's got another decade or so of life, though, as the researchers have a pretty good handle on the next couple of generations of scaling.
But under the H1-B program, the foreign worker has very limited power. He is basically an indentured servant. If he pisses off the company he gets kicked out of the country. Negotiations when all the power is on one side turn into take-it-or-leave-it offers.
I find the AFL-CIO proposal one-sided because it doesn't address the abusive conditions that some (not all) H1-B program workers are forced to put up with.
Now, if you want the prevailing wage in the US to descend to the same level as the prevailing wage in China, just let us know.
For the specific case of algorithms that can be expressed strictly in terms of bounded loops where the loop bounds can all be determined at compile time, so that there are no run-time tests needed to determine if some computation must be performed or not, functional programming styles can be near-optimal. Analysis techniques can radically restructure such programs, completely reorganizing the loop nesting.
There have been a variety of stream-oriented or single-assignment languages to make such things possible: Silage and DFL, Lucid, Lustre, Sisal, and others. You can get very good code from such languages, but they aren't very general.
The author did a previous article comparing Intel and gcc C++ in detail. On average, Intel was about 15% better, not 2x.
There are some tests where Intel is 2x better. That's useful data that will help the g++ folks improve.
In any case, if you don't like g++, I'm sure that the authors will be happy to give you a full refund.
You agree that the author must benchmark gcc 2.95.x instead of or in addition to gcc 3.2.1 to be taken seriously? WHY? He'll get slightly slower numbers with gcc 2.95.x, but so?
-ffast-math is not suitable for numerical computation in most cases (applications with big matrices, like weather forcasting, physics simulations and the like). It's OK in most cases for digital signal processing applications. But for the application area the author is considering, it's bogus to tell him to use -ffast-math.
-funroll-loops is another matter.
In many areas there is only one available ISP for high-speed net access (DSL or cable). What happens when this ISP gets on a popular RBL? Do you sell your house and move?
But there are alternative ISPs selling DSL service in your area, you say. Not for long, thanks to people like Michael Powell at the FCC (who want to take away the rules requiring your phone company to provide access to competitors).
Too late, we're already infected.
We'd have to eradicate Microsoft before the KDE, Gnome, and Mono projects finish cloning all of their convenient but insecure features (autorun when someone puts a disk in your CD drive, macros in your documents, Visual Basic scripts in attachments, click and run everything). Trade press folks saying that Linux on the desktop will never succeed until the apps work exactly the same way, when many of the security holes are simply logical consequences of the features as designed.
Note that in the last two reasons you give -- use as a proxy to hide identity, and use in a DDOS attack, it is in the interest of the attacker to hide the fact that there has been a successful attack, and to allow the owner to continue to use his/her machine normally. If the owner notices that something is wrong and re-installs the OS, the black hat loses the box. So, naturally the home user thinks he has no security problems. The attacker might even have patched a few security holes, so no other attacker can take it over.
If your Windows PC has a fast (DSL or cable) connection, it may well be one of thousands of machines owned by some jerk who wants to use it to launch DDoS attacks. Its owner may never notice any difference: it appears to operate normally, only sometimes the web seems a bit slower than expected. The attacker has an interest in having the machine appear to be "normal".
If you propose to include your magic word in slashdot programs, the spammers will soon write scripts to find such magic words and spam you anyway.
Don't underestimate the intelligence of the enemy. For example, does not currently parse base64-encoded MIME attachments, so suddenly spammers are all base64-encoding their spam.
Of course, the GPL will mean that as soon as you sell a copy, the recipient can go into competition with you (unless you want to go semi-proprietary and include non-open-source components).
Yes, but Red Hat supports far more full time developers, including those working on the most vital parts of the system (the C library, the compiler, the kernel). They're doing well enough that they may be able to pick up a few of the Mandrake people. Red Hat is less interested in KDE than the Mandrake folks (this is an understatement), but there are good business reasons for that.
2. New mandrake distributions are always available for download immediately (usually before the box sets).
Same with Red Hat (and Red Hat also makes its betas available).
3. The mandrake-linux distribution is all free and opensource software.
Again, same with Red Hat (at least in the case of their standard distribution).
Now that's not to say that I don't have issues with Red Hat from time to time. But the fact remains that Mandrake hasn't figured out how to run a business, while Red Hat has.
Mandrake can be a business, or they can be a nonprofit, but they can't very well be both. It's poor strategy now to toss money their way, since that money is going to wind up going to creditors when they shut the thing down, not to new development.
As for Mandrake's alleged great popularity, I think that it's a bit overrated. Online polls give a distorted view: I'm not accusing people of stuffing ballot boxes, but it has been known to happen.
In some ways Mandrake seems surprisingly invisible. For instance, in the GCC development list, we see loads of feedback from users of Debian, SuSE, and Red Hat, as well as BSD folk of various stripes, but essentially ZERO from Mandrake users. Now, perhaps this means that Mandrake is getting all the non-geeks who never try to do their own C or C++ programs, but you'd think we'd get some. Similarly, CAD companies providing Linux tools get requests to support Red Hat or SuSE, and hear sometimes from Debian folk, but Mandrake? Never.
Don't forget that the folks at Ma Bell saw little use for the transistor, so they licensed it cheap to Sony and other Japanese companies, who proceeded to get rich selling transistor radios. Anyone making a list in, say, 1955, might well have left the 1947 invention of the transistor off.
Also, some of Forbes' choices are strange: tetraethyl lead? This did not "change the way we live".
Yes, you are free to block anyone you want at your own site. However, if you operate a service that maintains a list of "known spammers", and people incorrectly listed show you that they are incorrectly listed, and you still won't remove them, you're setting yourself up for libel/slander charges: making statements that are false, with reckless disregard for the truth, that cause financial damage to others.
Now, I'm sure that services with very precise descriptions are safe: for example, a list of open relays with a procedure to get off the list after you show that you no longer have an open relay.
This is nothing new; many Photoshop-style transformations are easy to do with traditional photographic print methods (dodge and burn, editing out objects you don't want to be there, blurring, cropping, etc).
DRM is not only about preserving rights of content creators, because it enables the creation of additional rights for content creators that did not previously exist. Copyright law does not give a content creator the right to control private use of a work, only copying or the distribution of derivative works. But DRM lets the creator control use.