I think what the NSA is doing is plain wrong, and by participating I'm helping demonstrate the lie. I already signed up. Lastly, I trust Stanford more than the NSA.
That's just not true. There isn't a generally accepted interpretation of the math. About the most accepted is probably the Copenhagen interpretation, which basically says the math works, and that's the most we can expect. But it's FAR from generally accepted, and the other theories are all fairly quirky.
But time spent writing lines of code is time spent wtiting out math, since programming languages are different ways of expressing math. This isn't reductio absurdum. And most game creation is spent on the art because almost all the programming is in the game engine, and most of the work has already been done, and is worked on by another team. There is kittle programming involved in most modern titles. But the doesn't mean the time spent programming thre engine can be ignored - the game engine forms a critical part of the game: without it the art cannot exist.
Actually, a great measure would be time (and dollars spent gives almost identical results).
If you look at the engines, they have been worked on for years, even decades. Whereas the art, not so much - a few years in some titles. And all software is math, even the a=b variety. Computers are limited turing machines and therefore all programming languages are math expressed differently. Most is very badic math, but it's math. Whether highly complex and novel programming techniques should be patentable is a completely different question. I tend to think they should. But current software patents are mostly completely obvious.
I see what you're saying, and agree. My point is simply an os or sandbox that can be bypassed is broken. There are implementations that work very well. E.g. as400 aka iSeries, which have never, to my knowledge, been penetrated (excepting social engineering, password guessing, etc.)
Being unable to provide a tiff library without buffer overrun errors and the like is ridiculous.
All these things have existing solutions. These exploits usually get triggered by buffer overruns. Don't put buffers on the stack. Stack smashing etc. require the ability to manipulate the stack. Having a separate call stack and local variable stack solves many of these exploits.
Seriously, I'm sure the iSeries was never penetrated. Windows and other popular OSes could be much more robust.
Tldr.
But your idea that a tiff could take over a well designed sandbox is ridiculous. There isn't any reason a tiff library should be able to modify executable code. All the sandbox needs to do for this exploit (and most others) is mark all executable pages as read only.
It certainly *is* feasible. The problem is mostly embedded executable code. Not interpreted code, but machine code. Bad scripts are a minor irritation in comparison. A process is already *supposed* to be a sandbox. It would help tremendously if executable pages weren't mutable. There are alternatives for things like JIT. And yes, these things aren't free. But they're well understood and have been used for decades in security sensitive applications. These days that category should include desktop computing. Otherwise you end up with zombies all across the internet ready to strike and corporations with holes wide enough to fly an airbus through.
It's possible that you are right today. But with so much power seized, tomorrow is looking increasingly grim. Who seriously doubts that these powers will be abused in the future?
There could be people lesking stuff to China and Russia without leaking anything to the public.
Whereas Snowden put his life in danger to bring you this info.
This is all out war on journalism. Freedom of the press is a key protection. This is a power grab by the government. I should say yet another in a long line of power grabs.
We want our constitution back.
Looks like you're comparing cold blooded death sentencing by a head of state and representative of the people vs hot blooded self defense by a beat cop to me...
What are you trying to accomplish? Arbitrage is good. It ensures prices are good regardless of venue. It aids in price discovery. Having better prices means less risk. It increases efficiency, which is globally better. You are arguing for a system with massive built in risk, and unimaginable inefficiency. And to gain what?
Slashdot Mirror
I think what the NSA is doing is plain wrong, and by participating I'm helping demonstrate the lie. I already signed up. Lastly, I trust Stanford more than the NSA.
You're making up your own definition of money as you go along
You only need the keys to use the funds. Of course they'll be "spending" the bitcoins.
That's just not true. There isn't a generally accepted interpretation of the math. About the most accepted is probably the Copenhagen interpretation, which basically says the math works, and that's the most we can expect. But it's FAR from generally accepted, and the other theories are all fairly quirky.
Analogy, I do not think you know what it means.
But time spent writing lines of code is time spent wtiting out math, since programming languages are different ways of expressing math. This isn't reductio absurdum. And most game creation is spent on the art because almost all the programming is in the game engine, and most of the work has already been done, and is worked on by another team. There is kittle programming involved in most modern titles. But the doesn't mean the time spent programming thre engine can be ignored - the game engine forms a critical part of the game: without it the art cannot exist.
Actually, a great measure would be time (and dollars spent gives almost identical results). If you look at the engines, they have been worked on for years, even decades. Whereas the art, not so much - a few years in some titles. And all software is math, even the a=b variety. Computers are limited turing machines and therefore all programming languages are math expressed differently. Most is very badic math, but it's math. Whether highly complex and novel programming techniques should be patentable is a completely different question. I tend to think they should. But current software patents are mostly completely obvious.
Some of the issues you aren't partisan: both parties are against us.
I see what you're saying, and agree. My point is simply an os or sandbox that can be bypassed is broken. There are implementations that work very well. E.g. as400 aka iSeries, which have never, to my knowledge, been penetrated (excepting social engineering, password guessing, etc.) Being unable to provide a tiff library without buffer overrun errors and the like is ridiculous.
All these things have existing solutions. These exploits usually get triggered by buffer overruns. Don't put buffers on the stack. Stack smashing etc. require the ability to manipulate the stack. Having a separate call stack and local variable stack solves many of these exploits. Seriously, I'm sure the iSeries was never penetrated. Windows and other popular OSes could be much more robust.
So your point is not that sandboxes can't work but this one is crappy?
Tldr. But your idea that a tiff could take over a well designed sandbox is ridiculous. There isn't any reason a tiff library should be able to modify executable code. All the sandbox needs to do for this exploit (and most others) is mark all executable pages as read only.
It certainly *is* feasible. The problem is mostly embedded executable code. Not interpreted code, but machine code. Bad scripts are a minor irritation in comparison. A process is already *supposed* to be a sandbox. It would help tremendously if executable pages weren't mutable. There are alternatives for things like JIT. And yes, these things aren't free. But they're well understood and have been used for decades in security sensitive applications. These days that category should include desktop computing. Otherwise you end up with zombies all across the internet ready to strike and corporations with holes wide enough to fly an airbus through.
The iSeries solved all these issues decades ago. I don't believe it has ever been hacked, even after IBM offered a prize of a million dollars.
Get them up earlier anyway.
If "to correct" means to make something correct, does hypercorrect mean make it more correct?
It's possible that you are right today. But with so much power seized, tomorrow is looking increasingly grim. Who seriously doubts that these powers will be abused in the future?
There could be people lesking stuff to China and Russia without leaking anything to the public. Whereas Snowden put his life in danger to bring you this info.
They are a special case in many of the same ways that internet suppliers are a special case...
This is all out war on journalism. Freedom of the press is a key protection. This is a power grab by the government. I should say yet another in a long line of power grabs. We want our constitution back.
Looks like you're comparing cold blooded death sentencing by a head of state and representative of the people vs hot blooded self defense by a beat cop to me...
But it's just completely false.
You said there are two rules. There aren't.
So it ok so long as you can do it? It's a free market. Anyone can trade these strategies. That includes you.
What are you trying to accomplish? Arbitrage is good. It ensures prices are good regardless of venue. It aids in price discovery. Having better prices means less risk. It increases efficiency, which is globally better. You are arguing for a system with massive built in risk, and unimaginable inefficiency. And to gain what?