Now I dislike consulting work and only do it if the project is irresistable, but during my corporate days I worked with many consultants, from the big names down to tiny but actually competent companies.
Business secret: This is how the big names all make their money. You've found a fool, and a fool and his money are easily parted. If you play your cards right, you've got guaranteed contracts for years to come, because this "expert" will create more and more problems and all you need to do is position yourself right so you are the one who gets hired to fix them. The easiest argument is that you already know the system.
It's pathetic and borderline illegal, but it's how half the consulting industry works. That idiot is the pig that'll lead you to truffels. Just follow him and don't get in his way.
The solution then is to 'globalize' it? Where is it going to be 'globalized' to? Which country could it exist in where it would have immunity to any laws and act with impunity in regards to them?
It needs to be trans-national, and we already have organisations like that - the UN itself is an example.
Uh, I can see reasons. Actually, I see little except reasons, because quite obviously, ICANN is utterly insane and horrible, and the insanity it displays is clearly american in spirit - the same "we know everything, go fuck yourself, our way or the highway" attitude that the USA displays to the rest of the world.
Good luck finding such a language. Both words are from ancient greek. I did a quick bit of research and it turns out that for a long time they were much closer in meaning than today, and it's only been since Kepler that they have their modern meanings.
I think you are trying to rationalize the results away because you don't want to admit that officially now 40% of americans are blabbering imbeciles.
There's no other way to put it. And that's the brilliance of the paper. They don't ask if anyone "believes" in astrology or any such thing. They ask a question that has an objective true or false value.
I have no idea when I stumbled on E for the first time, but I loved it immediately and still do, to this day. Even though my tries of actually using it were short-lived and it's been 7 or 8 years since I last had a Linux desktop (and my Debian servers don't need a GUI).
Still, E has always pushed the boundaries and that alone makes it a project worth to exist. I wish them all the best even though I'll probably never run E again. Still all the best.
Your boss is either misleading you intentionally, or he should not be in a management position.
You are not a contractor, you are an employee. If your boss doesn't understand the difference, he doesn't deserve even the lowest management position. If he does, he's a horrible boss because he's trying to trick his own people.
For a german, that is trivial to pronounce and no native german will have the slightest difficulty.
Welsh names, on the other hand... "Gwrhyr Gwastawd Icithoedd" - yeah, right. Did your cat jump on the keyboard? No, that's actually some real welsh name.
Then again, I assume native welsh speakers now think "uh, what's the deal? That's easy, it's pronounced..."
In a private environment: Yes, for daily use. The admin account or whatever that you need once a month to install a new software, etc. would be in the users hands in this case.
There are magic words that you can use when dealing with vendors and service providers who are unhelpful.
One of them is "lawyer". However, like all magic, there are certain rules to the ritual to make it work well. In this case, it's not black candles and a goat, but the word being in the letterhead on the official letter paper of an actual lawyer.
An actual letter from an actual lawyer not to the customer service but to the legal department will get a dramatically different treatment. So have your friend or neighbour who happens to be a lawyer write one as a favour in exchange for you having fixed his WiFi last month or whatever.
Oh please do you REALLY think that is the cause of Windows infections?
Your reply was misplaced by the comment system, it seems, because it doesn't seem to refer to anything I actually said.
The social engineering angle is how you get users to execute crap they got sent by mail. The (old) idea under discussion here is a system that would make that execution impossible, even if you get the user to click the link.
That said, the user is not the weakest link. That's a cop-out by IT people who don't want to look beyond technical solutions into cognitive sciences, for example. There's been a bit of research into these areas in the past 10 or so years, but the conferences on the topic are still very small and mostly academic.
There's quite a lot you can do to prevent or at least make these kinds of attacks more difficult. But most of it is outside the techie comfort zone, and it means actually having to talk to users and understand them instead of labeling them "lusers" and stuff.
I would like to see the filesystem of an OS partitioned into several levels: read-only disk drives where stuff never changes unless an update occurs (kernel, device drivers, configuration files), read-write disks where log files are update by the minute, hour or day, and local/user partition which is updated by the user.
You mean the way that almost every installation guide for every Unix system ever recommends you do it, and almost nobody ever does?
Which is why a good security model for a company will not give users the ability to flip that switch.
Which also means that if you don't want the IT department to spend 90% of their time fielding "I need to do X, can you enable it for me?" calls, you need to spend considerable time, effort, expert knowledge, user interviews and other things that equate to money, on creating a good policy.
And since most companies shun security expenses and would rather knowingly risk a $1 mio. break-in then spend $10k to prevent it, well, here we are.
All good security is layered. This is one part of a complete security model, the part that prevents the hacker from uploading and using his own tools.
Of course, you also need other parts. For example, runtime-patching is a reality, so unless you have additional protections in place to prevent it, there are plenty of ways that a hacker can still execute arbitrary code including entire programs.
But the primary protection this offers is to finally solve the exe-cloaked-as-jpeg-or-zip-in-a-scam-email-that-users-click-to-open problem that Mickeysoft should've solved 10 years ago by simply fucking removing that idiocity from Outlook one day after it went live and people realized how trivial it is to abuse.
Basically, the primary beneft of this will be that it prevents unintentional execution of code. It doesn't stop a dedicated attacker who already has root access, at least not by itself.
Because their productivity will higher with a computer, even a restricted one, than pen-and-paper. And if you are talking typical office workers, you would be surprised how few applications they actually need. Most of the office workers in the world spend 99% of their time in
an office suite
a mail program
a browser
a single-digit number of job-specific applications (e.g. the accounting software)
and maybe a single-digit number of company-specific applications (e.g. the time registration app or the intra-company chat software, etc.)
And it is a PITA to administrate if you have a system that changes, as lots of systems do. For your regular service server, much less a desktop system, where new releases require new libraries, system updates are regular and new application required every now and then, it is almost impossible to actually do it.
On a locked-down system that needs to do one thing, but do that thing reliably and securely, it's a fantastic security measure that will eliminate about half of your security headaches right there.
It's the same idea as SELinux, just on a different level, and it shares many of the disadvantages, namely that it makes policy management into a full-time job.
because, you know, when you write a complex program, you already break things down that way, just like you write, into classes, methods, callbacks, macros or whatever. So you already have the black boxes, they're just function names instead of pretty pictures, but it's the same thing.
Visualisation is a net benefit if it does something that a text doesn't do. It has many places. For example, the somewhat-famous pie chart that shows how many scientists agree on climate change has a much more powerful emotional impact than the number (97%).
So when visualisation gives you a better understanding of the relations - as it can do for database design, for example - then it's useful.
But when you go making black boxes, you are hiding the exact details that you would benefit from visualising.
There are two places where I know that visual design tools are used; the first is QT Designer
I think we should make a difference between visual coding and using a visual designer to make your graphical user interface.
Of course the later makes sense. If your output is visual, working with a visual tool is so obvious a choice. But that's not what we're talking about here, in this we're talking about making a program by drawing connections between boxes.
Why would you expect to be able to display every nuance of your 10,000 lines of code in one sheet?
I don't. You are taking it too literally. It's a way of saying "this complexity does not lend itself to visualisation".
Have you ever tried to actually visualize a data model that is from a real-world application, where you soon find that you need to draw hundreds of arrows all across the model? The technique that works well and gives you a really nice view for, say, a simple blog application or whatever the current tutorial app beyond "hello world" is, breaks down horrible when you're dealing with real-world complexity.
Also, the Interface Builder for the NeXT machine was more-or-less graphical, IIRC only 2-D. It made for very fast prototyping of a new user interface, and the 'functional' code could be put in later. (I saw a former schoolteacher, who had never used a computer until a few months before, demonstrate creating a basic calculator in Interface Builder in under 15 minutes. It worked, first time.)
That's impressive for a newbie, but it's not even on the order of magnitude of complexity as a real application. And it probably didn't have input validation and a bunch of other items that new programmers always forget.
I've got a couple programs with several ten-thousand lines of code. If you want to visualize them, you will need a very, very large sheet. And it wouldn't be more transparent.
Since the late 1970s, I've remarked that software is the only engineering discipline that still depends on prose designs.
It's also the only engineering discipline with no physical representation. So maybe, just maybe, it's a case of "the rules don't apply because it's different" ?
You might think of text as antiquated and primitive, but that only seems to be so because you have 20, 30 or whatever your age is, years of daily training in language.
Language is a tool that has 20, 30 or 50,000 years of development. Compared to 20 or 30 years of trying to come up with a way of visual programming, our attempts to find something better are pathetic and rightfully short-lived.
You're not the first to ask this question. But so far, all the answers anyone has provided turned out to fall so short of the target that they were very quickly dumped and forgotten.
The other reason is that computing is largely a superset of math, and math is basically symbol manipulation.
Slashdot Mirror
If you're a consultant, you've just struck gold.
Now I dislike consulting work and only do it if the project is irresistable, but during my corporate days I worked with many consultants, from the big names down to tiny but actually competent companies.
Business secret: This is how the big names all make their money. You've found a fool, and a fool and his money are easily parted. If you play your cards right, you've got guaranteed contracts for years to come, because this "expert" will create more and more problems and all you need to do is position yourself right so you are the one who gets hired to fix them. The easiest argument is that you already know the system.
It's pathetic and borderline illegal, but it's how half the consulting industry works. That idiot is the pig that'll lead you to truffels. Just follow him and don't get in his way.
Microsoft may soon integrate/allow Android applications into both Windows and Windows Phone."
So why buy a windows phone to run Android apps then?
The solution then is to 'globalize' it? Where is it going to be 'globalized' to? Which country could it exist in where it would have immunity to any laws and act with impunity in regards to them?
It needs to be trans-national, and we already have organisations like that - the UN itself is an example.
Uh, I can see reasons. Actually, I see little except reasons, because quite obviously, ICANN is utterly insane and horrible, and the insanity it displays is clearly american in spirit - the same "we know everything, go fuck yourself, our way or the highway" attitude that the USA displays to the rest of the world.
Again, good luck.
German: Astrologie / Astronomie
French: astrologie / astronomie
Spanish: astrologie / astronomÃa
not feeling in the mood to test more. The spanish one is the only with more than a one-letter difference.
No, that's bullshit.
Creationism also wouldn't exist without animals and plants, but it still isn't a "kind-of-biology".
Good luck finding such a language. Both words are from ancient greek. I did a quick bit of research and it turns out that for a long time they were much closer in meaning than today, and it's only been since Kepler that they have their modern meanings.
I think you are trying to rationalize the results away because you don't want to admit that officially now 40% of americans are blabbering imbeciles.
There's no other way to put it. And that's the brilliance of the paper. They don't ask if anyone "believes" in astrology or any such thing. They ask a question that has an objective true or false value.
Oh yes!
I have no idea when I stumbled on E for the first time, but I loved it immediately and still do, to this day. Even though my tries of actually using it were short-lived and it's been 7 or 8 years since I last had a Linux desktop (and my Debian servers don't need a GUI).
Still, E has always pushed the boundaries and that alone makes it a project worth to exist. I wish them all the best even though I'll probably never run E again. Still all the best.
Your boss is either misleading you intentionally, or he should not be in a management position.
You are not a contractor, you are an employee. If your boss doesn't understand the difference, he doesn't deserve even the lowest management position. If he does, he's a horrible boss because he's trying to trick his own people.
For a german, that is trivial to pronounce and no native german will have the slightest difficulty.
Welsh names, on the other hand... "Gwrhyr Gwastawd Icithoedd" - yeah, right. Did your cat jump on the keyboard? No, that's actually some real welsh name.
Then again, I assume native welsh speakers now think "uh, what's the deal? That's easy, it's pronounced ..."
It depends on the context.
In a corporate environment: Yes, definitely.
In a private environment: Yes, for daily use. The admin account or whatever that you need once a month to install a new software, etc. would be in the users hands in this case.
There are magic words that you can use when dealing with vendors and service providers who are unhelpful.
One of them is "lawyer". However, like all magic, there are certain rules to the ritual to make it work well. In this case, it's not black candles and a goat, but the word being in the letterhead on the official letter paper of an actual lawyer.
An actual letter from an actual lawyer not to the customer service but to the legal department will get a dramatically different treatment. So have your friend or neighbour who happens to be a lawyer write one as a favour in exchange for you having fixed his WiFi last month or whatever.
These editors do require more than just placing blocks on the screen.
Errr... yes? I wrote about connections between boxes in the very comment you replied to? *puzzled look*
Oh please do you REALLY think that is the cause of Windows infections?
Your reply was misplaced by the comment system, it seems, because it doesn't seem to refer to anything I actually said.
The social engineering angle is how you get users to execute crap they got sent by mail. The (old) idea under discussion here is a system that would make that execution impossible, even if you get the user to click the link.
That said, the user is not the weakest link. That's a cop-out by IT people who don't want to look beyond technical solutions into cognitive sciences, for example. There's been a bit of research into these areas in the past 10 or so years, but the conferences on the topic are still very small and mostly academic.
There's quite a lot you can do to prevent or at least make these kinds of attacks more difficult. But most of it is outside the techie comfort zone, and it means actually having to talk to users and understand them instead of labeling them "lusers" and stuff.
I would like to see the filesystem of an OS partitioned into several levels: read-only disk drives where stuff never changes unless an update occurs (kernel, device drivers, configuration files), read-write disks where log files are update by the minute, hour or day, and local/user partition which is updated by the user.
You mean the way that almost every installation guide for every Unix system ever recommends you do it, and almost nobody ever does?
Which is why a good security model for a company will not give users the ability to flip that switch.
Which also means that if you don't want the IT department to spend 90% of their time fielding "I need to do X, can you enable it for me?" calls, you need to spend considerable time, effort, expert knowledge, user interviews and other things that equate to money, on creating a good policy.
And since most companies shun security expenses and would rather knowingly risk a $1 mio. break-in then spend $10k to prevent it, well, here we are.
All good security is layered. This is one part of a complete security model, the part that prevents the hacker from uploading and using his own tools.
Of course, you also need other parts. For example, runtime-patching is a reality, so unless you have additional protections in place to prevent it, there are plenty of ways that a hacker can still execute arbitrary code including entire programs.
But the primary protection this offers is to finally solve the exe-cloaked-as-jpeg-or-zip-in-a-scam-email-that-users-click-to-open problem that Mickeysoft should've solved 10 years ago by simply fucking removing that idiocity from Outlook one day after it went live and people realized how trivial it is to abuse.
Basically, the primary beneft of this will be that it prevents unintentional execution of code. It doesn't stop a dedicated attacker who already has root access, at least not by itself.
Because their productivity will higher with a computer, even a restricted one, than pen-and-paper. And if you are talking typical office workers, you would be surprised how few applications they actually need. Most of the office workers in the world spend 99% of their time in
The idea is one of the oldest in IT security.
And it works really, really well.
And it is a PITA to administrate if you have a system that changes, as lots of systems do. For your regular service server, much less a desktop system, where new releases require new libraries, system updates are regular and new application required every now and then, it is almost impossible to actually do it.
On a locked-down system that needs to do one thing, but do that thing reliably and securely, it's a fantastic security measure that will eliminate about half of your security headaches right there.
It's the same idea as SELinux, just on a different level, and it shares many of the disadvantages, namely that it makes policy management into a full-time job.
if you represent a class/function/method/etc as a "black box", you can break a complex program down into levels.
Sure you can.
But then you are not gaining anything, because what you have is a graphical version of
because, you know, when you write a complex program, you already break things down that way, just like you write, into classes, methods, callbacks, macros or whatever. So you already have the black boxes, they're just function names instead of pretty pictures, but it's the same thing.
Visualisation is a net benefit if it does something that a text doesn't do. It has many places. For example, the somewhat-famous pie chart that shows how many scientists agree on climate change has a much more powerful emotional impact than the number (97%).
So when visualisation gives you a better understanding of the relations - as it can do for database design, for example - then it's useful.
But when you go making black boxes, you are hiding the exact details that you would benefit from visualising.
There are two places where I know that visual design tools are used; the first is QT Designer
I think we should make a difference between visual coding and using a visual designer to make your graphical user interface.
Of course the later makes sense. If your output is visual, working with a visual tool is so obvious a choice. But that's not what we're talking about here, in this we're talking about making a program by drawing connections between boxes.
Why would you expect to be able to display every nuance of your 10,000 lines of code in one sheet?
I don't. You are taking it too literally. It's a way of saying "this complexity does not lend itself to visualisation".
Have you ever tried to actually visualize a data model that is from a real-world application, where you soon find that you need to draw hundreds of arrows all across the model? The technique that works well and gives you a really nice view for, say, a simple blog application or whatever the current tutorial app beyond "hello world" is, breaks down horrible when you're dealing with real-world complexity.
Also, the Interface Builder for the NeXT machine was more-or-less graphical, IIRC only 2-D. It made for very fast prototyping of a new user interface, and the 'functional' code could be put in later. (I saw a former schoolteacher, who had never used a computer until a few months before, demonstrate creating a basic calculator in Interface Builder in under 15 minutes. It worked, first time.)
That's impressive for a newbie, but it's not even on the order of magnitude of complexity as a real application. And it probably didn't have input validation and a bunch of other items that new programmers always forget.
I've got a couple programs with several ten-thousand lines of code. If you want to visualize them, you will need a very, very large sheet. And it wouldn't be more transparent.
Since the late 1970s, I've remarked that software is the only engineering discipline that still depends on prose designs.
It's also the only engineering discipline with no physical representation. So maybe, just maybe, it's a case of "the rules don't apply because it's different" ?
Because it works.
You might think of text as antiquated and primitive, but that only seems to be so because you have 20, 30 or whatever your age is, years of daily training in language.
Language is a tool that has 20, 30 or 50,000 years of development. Compared to 20 or 30 years of trying to come up with a way of visual programming, our attempts to find something better are pathetic and rightfully short-lived.
You're not the first to ask this question. But so far, all the answers anyone has provided turned out to fall so short of the target that they were very quickly dumped and forgotten.
The other reason is that computing is largely a superset of math, and math is basically symbol manipulation.