On the other hand, maybe Debian really can improve on the FreeBSD experience; apt rocks, and the Debian project does perhaps a better job than anyone of combining the disparate parts of the GNU/Linux ecosystem into a coherent operating system.
I am not a big fan of the BSD userland, and I typically install "prefixed Gentoo" on my Macs. (Basically, it brings in a GNU user land, a fresh compiler chain, etc. It works well, but the repositories are very basic. It can help set up a Unixy programming environment, not a feature complete Unixy desktop system)
kFreeBSD Debian can potentially make Apt a real option on Macs. Fink sucks. Debian's repositories are much better.
So long as your definition of security is one that is non-quantitative, sure.
My statement can be quantified straightforwardly, thought it depends on the details of a specific application and the security systems it uses. Specifically, the algorithmic properties of said security systems (the cost) and an analysis of the risk the systems reduce or introduce (the gain).
Security, much like finance, is about risk, and using effective methods to manage your exposure to risk. Ineffective methods don't reduce your exposure to risk. That's why they are ineffective.
XML's syntax is isomorphic to Scheme's. Throw in a lambda tag and you have a functional programming language. Once a developer is capable of realizing that much, they can form a picture of how hard writing an XML parser will be. (Easy) I could probably make a simple, fully-compliant, slow parser in a day or two, with a functional programming language like Haskell or Scheme (though I'm out of practice in Scheme). It would take me longer to do it in a procedural or object oriented language. It's hard to say how long, and it would depend on the language. Perl, for example, is rich enough to simulate many functional programming constructs directly. Java... not so much. Which basically means I'd have to write a parser, in Scheme say, and write a parser renderer in that same language to generate a state transition table suitable for Java. Or use Yacc (yet another functional programming language... I mean, "yet another compiler compiler") or the Java equivalent. Jacc?
Any other approach for Java or C and the like is madness. I suppose you can do some neat things with function pointers, but they aren't even closures, let alone first class functions. That means you will have to carry "irrelevant details" around when defining your grammar in terms of function pointers. All that noise does is obscure the fact that you're defining a grammar. A state transition table will potentially make a giant blob of ugly code, but at least all the ugliness is contained in a single table (leaving a clean interface and plenty of room for your business logic elsewhere) and at least all the ugliness is machine generated, from an easily understood grammar.
Programming is really easy when you know some graduate level mathematics and mathematical logic... heh.
I used to read that site, until they started deleting my comments. Then they randomly snail-mailed me an advertisement from Microsoft. (wtf?)
Data normalization is always a good thing, for a programmer. And it exposes the possibility of purely monadic programming. (Essentially, this amounts to programming on generic containers for a type.) But they DUR DON'T GET IT. They would rather be using crap like the 'factory pattern' and its friends (which is basically an abuse of an object system, hence hard to figure out wtf is important about the programming construct when seeing it "live" -- a portion of code can implement or be a part of many patterns simultaneously) instead of writing a functor (essentially a function from a set of functions to a set of functions.)
Fuck their lame little clique. They're worse than Python developers. I had been reading since 2004, too.
On the other hand, I am not against the idea of having multiple common public key crypto systems in the wild, as long as they are each provably "hard" to solve. Doubling or quadrupling the time it takes to brute force a key is no trivial matter. On the last hand, I can do that much by adding a few more bits to my private key.
Adding checksumming adds another place for errors to occur though -- if data is written correctly but the checksum is-miscalculated, either before it is stored or when the data is being verified -- you'll end up throwing out perfectly good data.
Throwing out good, re-computable data is a lot less bad than writing bad un-re-computable data. At worst, you have to recompute it. Admittedly, this can be a serious problem, but it can potentially be mitigated by algorithm analysis and statistics to determine an upper bound on the size of the effect of error introduced as a function of "time" or "steps". For example, when I was working as a research analyst doing data mining, a single bit flip (or more generally, an erroneous "row") would not strongly affect the results of machine training. Certainly not enough to make us want to run the program for another week to fix it.
Correct; however, quite a few of the "higher end" (ie $50 and up, thereabout) PSUs have power conditioning. They call it active (or passive) PFC - power filter control. Any decent PSU you buy today (eg. Antec earthwatts) is going to have it.
I doubt that any consumer computer case is going to have active power conditioning. The right way to do that is to have a tone generator play 60Hz into a big old power amplifier, using dirty power to create relatively clean sine waves. If your needs are very pressing, you can use multiple stages. Anything less is at best a crude approximation.
Uh, that's what makes it cool... they have a giant 12VDC, Kilo- (or Mega-) Ampere power supply somewhere, and lots of 12VDC cables going around... That significantly reduced the cost of cooling a computer.
That's true, but Google obviously isn't going to go for that. Why have a million power supplies wasting power, when you can have all your boards running off of a single high quality power supply UPS unit?
LSE isn't going to run setup.exe (sorry./setup.so), they're going to have to do some large-scale integration work and customization to make it work with their system...?
Huh? Trading platforms are trivial applications. Send data down the wire. Commit it. Get data back. Typically, these systems have multiple servers per stock offered at the exchange, each of them acting as a market maker/auctioneer to each others (trivial, a 10KB binary can do it, VERY QUICKLY). Each of the machines buffer trading history until it can be sent to the clearing house.
There's little need to "customize" Linux. Linux already deals with the networking part just fine.
The issue is writing the software using an easily maintainable, testable, and rigorously provable language. Credit Suisse is using Haskell for this purpose, very successfully. The only real difficulty is implementing the exchange rules regarding sorting the stock orders. That's going to be a real issue in any language. Sorting large sets is always expensive (but can be done in parallel).
There was no security breach. He made a system to automate requesting publicly available information. It is little different than hiring a bunch of people to call the government every three seconds on average, making a FOIA request. (This happens to be legal)
Except it is a lot cheaper to make a computer do it.
+5 Insightful really? To legally intercept and record conversations of suspected criminals in the USA you need a judge to issue a fucking warrant. I am not a lawyer but I don't think I need to be to make that statement. (Oh and please don't try and quote Patriot Act shit on this, it will just make me laugh)
No, you DON'T need a warrant to record private conversations of suspected criminals (or anybody), unless you are a government official acting in a capacity of law enforcement.
Private citizens can record whatever the hell they want, unless there are specific laws against it. Some states require every party to consent to recording conversations. Many do not.
I'm not sure how many juries you've been on, but when I was on a jury 2 weeks ago for a criminal case the judge made it explicitly clear several times that we could only find the defendant guilty if evidence showed, beyond a reasonable doubt, that he intended to commit the crime (theft). In fact, intent is part of the definition of theft, which needs to be met in order to find someone guilty
That's true of theft, and any other crime where "mens rea" is a criminal element. There are crimes of strict liability as well, and "mens rea" (a guilty mind) does not enter into guilt or innocence. (It can enter into sentencing)
Parallels doesn't come with Windows. And it can run any x86 operating system. It's not "for Windows" any more than VMWare is. (On the other hand, both have "extensions" for hooking Windows into OS X. For copy/paste, for example)
Yeah, except none of that is going to happen. Put conservation of energy and conservation of momentum together, and you will see why. We already saw the Bel-Air's engine cram itself up inside the Bel-Air's cabin, at least enough to sever a person's legs. The Malibu clearly engaged the Bel-Air's engine mechanically, or else the "driver" wouldn't have had his legs cut off.
Cars always do better head on than in offset crashes. Each side's crumple zone has to deal with half as much force.
Cuisine indicates the wealth of past civilizations. Consider Chinese food. It has complex procedures requiring a wide variety of ingredients. Only a wealthy civilization -- with abundant natural resources -- can afford to create this kind of cuisine.
Is that why the Chinese will eat anything with four legs, except tables? And anything that flies, except airplanes? I don't think you know much about China. They will eat anything sanitary, because there historically has NOT been a sufficient and consistent food supply.
Yes, this leads to a culture of delicious culinary experimentation. I have done some pretty adventurous eating (several live bug eating contests, for example). I can't say that bugs are "good" or "bad", though the exoskeletons get stuck in your teeth. Cockroaches taste how feces smells. I would not want to have to figure out how to make a cockroach taste good. Luckily, the Chinese already did, hundreds of years ago, because of famine.
Slashdot Mirror
A fully compliant XML parser is only a few hundred lines of Haskell code. A fast XML parser is a little longer.
See http://hackage.haskell.org/packages/archive/HaXml/1.19.7/doc/html/src/Text-XML-HaXml-XmlContent-Parser.html for an XML parser implementation.
On the other hand, maybe Debian really can improve on the FreeBSD experience; apt rocks, and the Debian project does perhaps a better job than anyone of combining the disparate parts of the GNU/Linux ecosystem into a coherent operating system.
I am not a big fan of the BSD userland, and I typically install "prefixed Gentoo" on my Macs. (Basically, it brings in a GNU user land, a fresh compiler chain, etc. It works well, but the repositories are very basic. It can help set up a Unixy programming environment, not a feature complete Unixy desktop system)
kFreeBSD Debian can potentially make Apt a real option on Macs. Fink sucks. Debian's repositories are much better.
So long as your definition of security is one that is non-quantitative, sure.
My statement can be quantified straightforwardly, thought it depends on the details of a specific application and the security systems it uses. Specifically, the algorithmic properties of said security systems (the cost) and an analysis of the risk the systems reduce or introduce (the gain).
Security, much like finance, is about risk, and using effective methods to manage your exposure to risk. Ineffective methods don't reduce your exposure to risk. That's why they are ineffective.
XML's syntax is isomorphic to Scheme's. Throw in a lambda tag and you have a functional programming language. Once a developer is capable of realizing that much, they can form a picture of how hard writing an XML parser will be. (Easy) I could probably make a simple, fully-compliant, slow parser in a day or two, with a functional programming language like Haskell or Scheme (though I'm out of practice in Scheme). It would take me longer to do it in a procedural or object oriented language. It's hard to say how long, and it would depend on the language. Perl, for example, is rich enough to simulate many functional programming constructs directly. Java... not so much. Which basically means I'd have to write a parser, in Scheme say, and write a parser renderer in that same language to generate a state transition table suitable for Java. Or use Yacc (yet another functional programming language... I mean, "yet another compiler compiler") or the Java equivalent. Jacc?
Any other approach for Java or C and the like is madness. I suppose you can do some neat things with function pointers, but they aren't even closures, let alone first class functions. That means you will have to carry "irrelevant details" around when defining your grammar in terms of function pointers. All that noise does is obscure the fact that you're defining a grammar. A state transition table will potentially make a giant blob of ugly code, but at least all the ugliness is contained in a single table (leaving a clean interface and plenty of room for your business logic elsewhere) and at least all the ugliness is machine generated, from an easily understood grammar.
Programming is really easy when you know some graduate level mathematics and mathematical logic... heh.
I used to read that site, until they started deleting my comments. Then they randomly snail-mailed me an advertisement from Microsoft. (wtf?)
Data normalization is always a good thing, for a programmer. And it exposes the possibility of purely monadic programming. (Essentially, this amounts to programming on generic containers for a type.) But they DUR DON'T GET IT. They would rather be using crap like the 'factory pattern' and its friends (which is basically an abuse of an object system, hence hard to figure out wtf is important about the programming construct when seeing it "live" -- a portion of code can implement or be a part of many patterns simultaneously) instead of writing a functor (essentially a function from a set of functions to a set of functions.)
Fuck their lame little clique. They're worse than Python developers. I had been reading since 2004, too.
Performance losses with no real gain in security.
On the other hand, I am not against the idea of having multiple common public key crypto systems in the wild, as long as they are each provably "hard" to solve. Doubling or quadrupling the time it takes to brute force a key is no trivial matter. On the last hand, I can do that much by adding a few more bits to my private key.
Adding checksumming adds another place for errors to occur though -- if data is written correctly but the checksum is-miscalculated, either before it is stored or when the data is being verified -- you'll end up throwing out perfectly good data.
Throwing out good, re-computable data is a lot less bad than writing bad un-re-computable data. At worst, you have to recompute it. Admittedly, this can be a serious problem, but it can potentially be mitigated by algorithm analysis and statistics to determine an upper bound on the size of the effect of error introduced as a function of "time" or "steps". For example, when I was working as a research analyst doing data mining, a single bit flip (or more generally, an erroneous "row") would not strongly affect the results of machine training. Certainly not enough to make us want to run the program for another week to fix it.
I wouldn't mind having to edit some files if it produced a 10GHz system.
Correct; however, quite a few of the "higher end" (ie $50 and up, thereabout) PSUs have power conditioning. They call it active (or passive) PFC - power filter control. Any decent PSU you buy today (eg. Antec earthwatts) is going to have it.
I doubt that any consumer computer case is going to have active power conditioning. The right way to do that is to have a tone generator play 60Hz into a big old power amplifier, using dirty power to create relatively clean sine waves. If your needs are very pressing, you can use multiple stages. Anything less is at best a crude approximation.
Uh, that's what makes it cool... they have a giant 12VDC, Kilo- (or Mega-) Ampere power supply somewhere, and lots of 12VDC cables going around... That significantly reduced the cost of cooling a computer.
That's true, but Google obviously isn't going to go for that. Why have a million power supplies wasting power, when you can have all your boards running off of a single high quality power supply UPS unit?
Well, you're inviting me to record your conversation. So I'm pretty sure I will be okay. I'm game.
I said trivial, not cheap. I explained that they typically use multiple servers per stock offering, not including the redundant backups.
LSE isn't going to run setup.exe (sorry ./setup.so), they're going to have to do some large-scale integration work and customization to make it work with their system...?
Huh? Trading platforms are trivial applications. Send data down the wire. Commit it. Get data back. Typically, these systems have multiple servers per stock offered at the exchange, each of them acting as a market maker/auctioneer to each others (trivial, a 10KB binary can do it, VERY QUICKLY). Each of the machines buffer trading history until it can be sent to the clearing house.
There's little need to "customize" Linux. Linux already deals with the networking part just fine.
The issue is writing the software using an easily maintainable, testable, and rigorously provable language. Credit Suisse is using Haskell for this purpose, very successfully. The only real difficulty is implementing the exchange rules regarding sorting the stock orders. That's going to be a real issue in any language. Sorting large sets is always expensive (but can be done in parallel).
Ahmen!! Exactly. Isn't this one of the things we pay them to do? Find strange behaviors and check them out.
I thought we paid them to investigate crimes, not "strange behaviors". Investigating strange behaviors is one thing psychologists are good for.
There was no security breach. He made a system to automate requesting publicly available information. It is little different than hiring a bunch of people to call the government every three seconds on average, making a FOIA request. (This happens to be legal)
Except it is a lot cheaper to make a computer do it.
+5 Insightful really? To legally intercept and record conversations of suspected criminals in the USA you need a judge to issue a fucking warrant. I am not a lawyer but I don't think I need to be to make that statement. (Oh and please don't try and quote Patriot Act shit on this, it will just make me laugh)
No, you DON'T need a warrant to record private conversations of suspected criminals (or anybody), unless you are a government official acting in a capacity of law enforcement.
Private citizens can record whatever the hell they want, unless there are specific laws against it. Some states require every party to consent to recording conversations. Many do not.
I'm not sure how many juries you've been on, but when I was on a jury 2 weeks ago for a criminal case the judge made it explicitly clear several times that we could only find the defendant guilty if evidence showed, beyond a reasonable doubt, that he intended to commit the crime (theft). In fact, intent is part of the definition of theft, which needs to be met in order to find someone guilty
That's true of theft, and any other crime where "mens rea" is a criminal element. There are crimes of strict liability as well, and "mens rea" (a guilty mind) does not enter into guilt or innocence. (It can enter into sentencing)
Sounds more like Sliders meets... Sliders.
Parallels doesn't come with Windows. And it can run any x86 operating system. It's not "for Windows" any more than VMWare is. (On the other hand, both have "extensions" for hooking Windows into OS X. For copy/paste, for example)
Most civilized areas have at least two options.
That's not enough "options" when the "options" don't compete on price or features.
Ugh, my 25 year old roommate still shops at Hot Topic. And she leaves clothing tags on the kitchen floor. I have to move out of here soon.
Yeah, except none of that is going to happen. Put conservation of energy and conservation of momentum together, and you will see why. We already saw the Bel-Air's engine cram itself up inside the Bel-Air's cabin, at least enough to sever a person's legs. The Malibu clearly engaged the Bel-Air's engine mechanically, or else the "driver" wouldn't have had his legs cut off.
Cars always do better head on than in offset crashes. Each side's crumple zone has to deal with half as much force.
Have you just not heard of trichinosis? It's common in Middle East. Swine wallow in mud to stay cool. That's a recipe for humans getting parasites.
Cuisine indicates the wealth of past civilizations. Consider Chinese food. It has complex procedures requiring a wide variety of ingredients. Only a wealthy civilization -- with abundant natural resources -- can afford to create this kind of cuisine.
Is that why the Chinese will eat anything with four legs, except tables? And anything that flies, except airplanes? I don't think you know much about China. They will eat anything sanitary, because there historically has NOT been a sufficient and consistent food supply.
Yes, this leads to a culture of delicious culinary experimentation. I have done some pretty adventurous eating (several live bug eating contests, for example). I can't say that bugs are "good" or "bad", though the exoskeletons get stuck in your teeth. Cockroaches taste how feces smells. I would not want to have to figure out how to make a cockroach taste good. Luckily, the Chinese already did, hundreds of years ago, because of famine.