While reading that book sinopsis I didn't find anything really impossible until it says:
"These experiences ranged from being able to “receive” the contents of an email message without using any electronic device to resuming a conversation with an off-world being that he had not been able to speak with, while awake, for 13 years."
I mean... it's still not impossible(tm) but really, how the hell does this help an otherwise "science"-based book?
From what I understand this is somewhat what many sandbox-based software does. For instance, it seems to me that if you installed Chrome on many servers and then, upon a request, deployed the code and used a Chrome sandbox to run and return the data the end result would be the same.
The challenges are still the same: how to deploy the code fast enough and how to route the request to the correct sandbox.
I'm not a geneticist but although they both started with the same genetic material there are mutations occurring ever since. Diseases and such can also cause additional differences in their DNA. The major source of DNA mutations you hear about is at the moment of "conception" but even a couple mutations after that would make you more "unique".
Of course, in the middle of a trillion DNA sequences, picking up those very few and small changes will be expensive. Most paternity and "identification" DNA tests rely on a few number of specific markers, which btw is why you usually hear things like 98%-99% accuracy and never 100%.
Those researchers can't exactly get funding to cure a single patient that's literally unique with a syndrome that most likely never happened or will happen again.
However, if you say she might have the key for the cure of cancer and to stop aging they sure will get funded fast. If by some miracle they find a possible cure in the process, there's a chance that she might get that cure where otherwise the chance is a fat zero.
Actually you make a good point there. Perhaps one possible solution for the much needed patent reform is based on scientific achievement. For example, it could be required that for a patent to be deemed useful you would need at least 2 research papers published on big peer-reviewed publications. The papers could even be funded by the patenter but between the submital and approval of the patent it had to be peer-reviewed and considered useful.
As a nice side effect, by funding a research paper directly or inspiring others for that research, patents would actually be stimulating innovation instead of just big-ass-companies' pockets.
Google drives so many clicks that newspapers should be paying Google, not the other way around. However, since they are taking this road, if I were Google I would stop indexing them and then start charging for those that leave. If you want back in, pay per click so you'll learn your lesson.
I totally agree with you although I don't think you need to sell something to change the "moral" here.
For instance, if Google advertising their own products on their own services makes for an anti-trust case, then perhaps TV channels should also be forced to advertise the competion's schedule? No one forces you to use/watch either services and some channels are paid, so I fail to see the distinction here.
It heavily depends on what your product is, but you've at least these possible models:
1) Fully open source with lack or light documentation. This makes your product essentially free but users pay for support and/or the docs. I can't remember any specific example of a project selling the docs but I'm sure someone will.
2) Dual License model. A very popular example is ExtJS which is GPL (v3 iirc), however, if you wish to keep some code secret (including server parts) you might need a commercial license. And of course there are support plans available, as well as SVN/GIT access to the latest (devel) version.
3) Dual License with a Enterprise version. Essentially what MySql does where they offered an open source version but if you wanted fine tunned performance, support for enterprise hardware and support then you need the Enterprise version.
4) Dual License with long term support. Some projects like Liferay or Red Hat Enterprise use free versions as beta versions - after a while they release a long term supported version for enterprises and backport the important security and bug fixes. Maybe you already know but some companies are very slow to adopt new tech and ever slower to keep up, if they can keep a 4 year old version of the software that does the job well and still get support and bug fixes, you're best pals.
5) Early access model. Another possibility is to offer early access to new versions. For instance, the Xming project (a X11 server for Windows) offers donators access to new versions much earlier. You can even create a "pool" mode where you release the new version once X dollars are donated.
Depending on your target audience and the possibility of some of the adjustments required by those suggestions you might find a suitable model or cook some solution with ideas from several.
Sounds to me that this problem is simple to solve, even with a naive solution. Take for example a simple key agreement algorithm like Diffie-Hellman which (for the unfamiliar with the subject) allows 2 parties to reach a secret key (called K) with a simple set of math and shared parameters (which the hackers can get but can't really use them for their advantage/finding K).
With a simple key agreement and some fast cryptographic algorithm (maybe AES) all conversations could be secure no matter what the network security was. It can even be implemented on top of current protocols AFAIK. And if people suggest that the CPU power might be too great then I just would like to remember that nowadays almost every phone has a browser (even if it's a WAP browser) and that HTTPS already uses key agreement and encryption.
I also view this (suggestion of) improvement as raising the bar in protecting the public's privacy because with this protocol in place it would be very difficult/expensive for authorities to break and eavesdrop on people conversations. With a warrant however, the network providers (cell carriers and other phone services) could put in place a way for authorities to get the key to decrypt the conversation taking place.
I for one can't wait to see a green lock next to my in-call HUD.
They do have a "Report Phishing" option though. Sad thing is that most people don't know what phishing is or even realize they've been victims of it until it's too late, at which point they rarely go back to gmail to report the phishing attempt.
How come most of the northern part of Africa and Middle East are as red as China? As far as I know those countries aren't that rich or industrialized to have more pollution than most of EUA and Europe... Could it be they're counting sand as air particle pollution agents?
The Windows Forms (the original Microsoft UI toolkit which Mono folks call M(anaged)WF) is very platform specific. That doesn't mean it won't work on other platforms. A good set of features is available on Mono and you can run a lot of MWF applications on Linux/OSX without code changes. That's not to say it will ever be perfect without some tuning or picking a better (cross platform) toolkit like GTK# which will work almost everywhere Mono supports (e.g. it even runs on Nokia devices!).
The CLR and ECMA are standards so this means anyone can implement C# and the CLR freely. The libraries are not standards which means MS could (theoretically) sue claiming intellectual property or something like that. However, MS and Novel have agreements on this (they even contribute code to each other on.Net iirc) and it's unlikely that Microsoft would profit anything from this thus unlikely they'll want to sue/block it anytime soon.
I'm not too familiar with Wine but my guess is that since Wine is a purely reverse engineer effort they're right in the gray area without any sort of protection from law or otherwise. But since Microsoft has everything running for them (they release new APIs much faster than Wine can keep up) they simply don't bother with it.
Mono does have a solution. There is a flag you can turn on so make it happen. It's just not on by default because it affects performance for obvious reasons (attempting to find a match). But of course my point is a simple as, if you code it right you don't need to!
Jesus. All I said is, people sometimes do stupid things like hardcoding paths into the application..Net provides API to get directory separators and such, but if people don't use them it can't simply make it work by magic.
The more common problem is hardcoded file names being case sensitive in most *unix file systems. Surely your precious Java can't fix that can it? If not why don't you apply for a job at Sun and show them how trivial it is to fix everything for every one.
Of that example is very trivial. Not everyone is a programmer so I didn't want to go into details but you need to consider there is more to it than simply replacing C: with/.
The CLR is a standard as well as the C# language. Which means that except for a very few set of very core libraries/classes (like String) the majority of APIs aren't standardized.
Yes, Mono tries to keep up, but not everything is like you lay it down. For instance, the C# 3.0 and 4.0 standard was implemented before the respective releases from Microsoft. As soon as the standard is out Mono starts implementing it and tries to keep up with any changes the beta releases do. Usually it's up to date by the time the final release is out.
As for newer APIs someone needs to implement the changes/new ones. Some APIs aren't ever implemented for the lack of interest. But the point is, if you want to be cross platform with C#, you can. ASP.Net, Linux, Windows, OS X and even stuff like iPhone and Android.
Mono can run way more apps than Wine, specially if you include ASP.Net sites.
Of course, most programmers do stupid mistakes that make it impossible to run in another environment than Windows. The most common one is handling paths like "C:\..." in which case there's nothing Mono can do.
The sources for the main libraries are available from Microsoft and they even include installers so you can see them while debugging an application. I said kinda because the Microsoft license isn't exactly compatible with everything else out there and it isn't exactly built around a community you can simply commit a patch.
Don't talk about you know nothing about. Wine is an effort to reverse engineer something that is ill documented, not a standard and huge moving target. It might never worked or work well in every scenario though.
Mono on the other hand is based on the standards which makes it much easier to implement, make it compatible and test. Not every API is ported though, but I can tell you from experience you can create well performing apps that run cross platform with Mono and.Net without a single source code changes (or binary for that matter). Even ASP.Net runs out the box.
If the submitter wishes to learn C# (and I think he should) I even go as far as suggesting he does it on Mono/Linux. Not because I think Linux is great but because it will help you understand the implications of cross platform development which in some little cases the.Net platform did a poor job although it's a primary objective of the whole framework.
Oh, and btw the.Net source code for the core APIs is kinda open source so you can read it too.
That's true if you're the casual finder, but not if you live of security research.
I do know it isn't as simple as looking at the code and sometimes you don't even do that, the point was that finding a bug on something as widely tested and used and a browser isn't as simple as proof-reading a book.
Finding a bug in a book is a matter of reading, proof reading and testing every example on the book to see if it works well. You could say it's an exact science because you can simply define a couple rules and follow them until you find a small mistake.
Finding a bug on a software isn't that simple. For starters there are millions of lines of code and unlike books a single line can affect millions of other line's logic paths/assumptions/etc. There is no single method you can apply to find a bug and that's why security research is so hard.
No matter how good a security researcher you are, you can never be 100% sure before hand that you can find a bug. Add that to the fact that the rules usually are something like "Critical Bugs only" and you've very few chances of success.
If you're not being paid a steady check to work on something like Mozilla or Chrome, chances are that 500$ isn't enough to make you learn their code, test and find something that you might never even find.
If you work on something you usually like to get paid. It's considered insulting to pay just 500$ for a bug simply because you can get a much higher paycheck if you sell it on the black market. So, if you're into security research to make money, 500$ is an insult to people's time.
Personally I've always believed that from a Darwinist point of view the only logical explanation is that the Egg comes first. From the summary of the story they're making it sound like, it it lays eggs then it's a chicken, which is not always the case. The truth is that genetically you usually have mutations before being born, so any creature that laid an egg (or even without eggs, e.g. mammal) gave birth to to a mutant freak that so happened to be a chicken.
Slashdot Mirror
While reading that book sinopsis I didn't find anything really impossible until it says:
"These experiences ranged from being able to “receive” the contents of an email message without using any electronic device to resuming a conversation with an off-world being that he had not been able to speak with, while awake, for 13 years."
I mean... it's still not impossible(tm) but really, how the hell does this help an otherwise "science"-based book?
rotf
From what I understand this is somewhat what many sandbox-based software does. For instance, it seems to me that if you installed Chrome on many servers and then, upon a request, deployed the code and used a Chrome sandbox to run and return the data the end result would be the same.
The challenges are still the same: how to deploy the code fast enough and how to route the request to the correct sandbox.
Today I was looking for an iPhone port, I wish they did it if possible. It would be very cool indeed.
I'm not a geneticist but although they both started with the same genetic material there are mutations occurring ever since. Diseases and such can also cause additional differences in their DNA. The major source of DNA mutations you hear about is at the moment of "conception" but even a couple mutations after that would make you more "unique".
Of course, in the middle of a trillion DNA sequences, picking up those very few and small changes will be expensive. Most paternity and "identification" DNA tests rely on a few number of specific markers, which btw is why you usually hear things like 98%-99% accuracy and never 100%.
Those researchers can't exactly get funding to cure a single patient that's literally unique with a syndrome that most likely never happened or will happen again.
However, if you say she might have the key for the cure of cancer and to stop aging they sure will get funded fast. If by some miracle they find a possible cure in the process, there's a chance that she might get that cure where otherwise the chance is a fat zero.
I get that an error or bad pixel matching might have misdetected the island but... who named Sandy Island?
Actually you make a good point there. Perhaps one possible solution for the much needed patent reform is based on scientific achievement. For example, it could be required that for a patent to be deemed useful you would need at least 2 research papers published on big peer-reviewed publications. The papers could even be funded by the patenter but between the submital and approval of the patent it had to be peer-reviewed and considered useful.
As a nice side effect, by funding a research paper directly or inspiring others for that research, patents would actually be stimulating innovation instead of just big-ass-companies' pockets.
Google drives so many clicks that newspapers should be paying Google, not the other way around. However, since they are taking this road, if I were Google I would stop indexing them and then start charging for those that leave. If you want back in, pay per click so you'll learn your lesson.
I totally agree with you although I don't think you need to sell something to change the "moral" here.
For instance, if Google advertising their own products on their own services makes for an anti-trust case, then perhaps TV channels should also be forced to advertise the competion's schedule? No one forces you to use/watch either services and some channels are paid, so I fail to see the distinction here.
It heavily depends on what your product is, but you've at least these possible models:
1) Fully open source with lack or light documentation. This makes your product essentially free but users pay for support and/or the docs. I can't remember any specific example of a project selling the docs but I'm sure someone will.
2) Dual License model. A very popular example is ExtJS which is GPL (v3 iirc), however, if you wish to keep some code secret (including server parts) you might need a commercial license. And of course there are support plans available, as well as SVN/GIT access to the latest (devel) version.
3) Dual License with a Enterprise version. Essentially what MySql does where they offered an open source version but if you wanted fine tunned performance, support for enterprise hardware and support then you need the Enterprise version.
4) Dual License with long term support. Some projects like Liferay or Red Hat Enterprise use free versions as beta versions - after a while they release a long term supported version for enterprises and backport the important security and bug fixes. Maybe you already know but some companies are very slow to adopt new tech and ever slower to keep up, if they can keep a 4 year old version of the software that does the job well and still get support and bug fixes, you're best pals.
5) Early access model. Another possibility is to offer early access to new versions. For instance, the Xming project (a X11 server for Windows) offers donators access to new versions much earlier. You can even create a "pool" mode where you release the new version once X dollars are donated.
Depending on your target audience and the possibility of some of the adjustments required by those suggestions you might find a suitable model or cook some solution with ideas from several.
From someone in a similar spot, I wish you luck!
Sounds to me that this problem is simple to solve, even with a naive solution. Take for example a simple key agreement algorithm like Diffie-Hellman which (for the unfamiliar with the subject) allows 2 parties to reach a secret key (called K) with a simple set of math and shared parameters (which the hackers can get but can't really use them for their advantage/finding K).
With a simple key agreement and some fast cryptographic algorithm (maybe AES) all conversations could be secure no matter what the network security was. It can even be implemented on top of current protocols AFAIK. And if people suggest that the CPU power might be too great then I just would like to remember that nowadays almost every phone has a browser (even if it's a WAP browser) and that HTTPS already uses key agreement and encryption.
I also view this (suggestion of) improvement as raising the bar in protecting the public's privacy because with this protocol in place it would be very difficult/expensive for authorities to break and eavesdrop on people conversations. With a warrant however, the network providers (cell carriers and other phone services) could put in place a way for authorities to get the key to decrypt the conversation taking place.
I for one can't wait to see a green lock next to my in-call HUD.
They do have a "Report Phishing" option though. Sad thing is that most people don't know what phishing is or even realize they've been victims of it until it's too late, at which point they rarely go back to gmail to report the phishing attempt.
How come most of the northern part of Africa and Middle East are as red as China? As far as I know those countries aren't that rich or industrialized to have more pollution than most of EUA and Europe... Could it be they're counting sand as air particle pollution agents?
The Windows Forms (the original Microsoft UI toolkit which Mono folks call M(anaged)WF) is very platform specific. That doesn't mean it won't work on other platforms. A good set of features is available on Mono and you can run a lot of MWF applications on Linux/OSX without code changes. That's not to say it will ever be perfect without some tuning or picking a better (cross platform) toolkit like GTK# which will work almost everywhere Mono supports (e.g. it even runs on Nokia devices!).
The CLR and ECMA are standards so this means anyone can implement C# and the CLR freely. The libraries are not standards which means MS could (theoretically) sue claiming intellectual property or something like that. However, MS and Novel have agreements on this (they even contribute code to each other on .Net iirc) and it's unlikely that Microsoft would profit anything from this thus unlikely they'll want to sue/block it anytime soon.
I'm not too familiar with Wine but my guess is that since Wine is a purely reverse engineer effort they're right in the gray area without any sort of protection from law or otherwise. But since Microsoft has everything running for them (they release new APIs much faster than Wine can keep up) they simply don't bother with it.
Mono does have a solution. There is a flag you can turn on so make it happen. It's just not on by default because it affects performance for obvious reasons (attempting to find a match). But of course my point is a simple as, if you code it right you don't need to!
Jesus. All I said is, people sometimes do stupid things like hardcoding paths into the application. .Net provides API to get directory separators and such, but if people don't use them it can't simply make it work by magic.
The more common problem is hardcoded file names being case sensitive in most *unix file systems. Surely your precious Java can't fix that can it? If not why don't you apply for a job at Sun and show them how trivial it is to fix everything for every one.
Of that example is very trivial. Not everyone is a programmer so I didn't want to go into details but you need to consider there is more to it than simply replacing C: with /.
The CLR is a standard as well as the C# language. Which means that except for a very few set of very core libraries/classes (like String) the majority of APIs aren't standardized.
Yes, Mono tries to keep up, but not everything is like you lay it down. For instance, the C# 3.0 and 4.0 standard was implemented before the respective releases from Microsoft. As soon as the standard is out Mono starts implementing it and tries to keep up with any changes the beta releases do. Usually it's up to date by the time the final release is out.
As for newer APIs someone needs to implement the changes/new ones. Some APIs aren't ever implemented for the lack of interest. But the point is, if you want to be cross platform with C#, you can. ASP.Net, Linux, Windows, OS X and even stuff like iPhone and Android.
Mono can run way more apps than Wine, specially if you include ASP.Net sites.
Of course, most programmers do stupid mistakes that make it impossible to run in another environment than Windows. The most common one is handling paths like "C:\..." in which case there's nothing Mono can do.
The sources for the main libraries are available from Microsoft and they even include installers so you can see them while debugging an application. I said kinda because the Microsoft license isn't exactly compatible with everything else out there and it isn't exactly built around a community you can simply commit a patch.
Don't talk about you know nothing about. Wine is an effort to reverse engineer something that is ill documented, not a standard and huge moving target. It might never worked or work well in every scenario though.
Mono on the other hand is based on the standards which makes it much easier to implement, make it compatible and test. Not every API is ported though, but I can tell you from experience you can create well performing apps that run cross platform with Mono and .Net without a single source code changes (or binary for that matter). Even ASP.Net runs out the box.
If the submitter wishes to learn C# (and I think he should) I even go as far as suggesting he does it on Mono/Linux. Not because I think Linux is great but because it will help you understand the implications of cross platform development which in some little cases the .Net platform did a poor job although it's a primary objective of the whole framework.
Oh, and btw the .Net source code for the core APIs is kinda open source so you can read it too.
That's true if you're the casual finder, but not if you live of security research.
I do know it isn't as simple as looking at the code and sometimes you don't even do that, the point was that finding a bug on something as widely tested and used and a browser isn't as simple as proof-reading a book.
Finding a bug in a book is a matter of reading, proof reading and testing every example on the book to see if it works well. You could say it's an exact science because you can simply define a couple rules and follow them until you find a small mistake.
Finding a bug on a software isn't that simple. For starters there are millions of lines of code and unlike books a single line can affect millions of other line's logic paths/assumptions/etc. There is no single method you can apply to find a bug and that's why security research is so hard.
No matter how good a security researcher you are, you can never be 100% sure before hand that you can find a bug. Add that to the fact that the rules usually are something like "Critical Bugs only" and you've very few chances of success.
If you're not being paid a steady check to work on something like Mozilla or Chrome, chances are that 500$ isn't enough to make you learn their code, test and find something that you might never even find.
If you work on something you usually like to get paid. It's considered insulting to pay just 500$ for a bug simply because you can get a much higher paycheck if you sell it on the black market. So, if you're into security research to make money, 500$ is an insult to people's time.
Personally I've always believed that from a Darwinist point of view the only logical explanation is that the Egg comes first. From the summary of the story they're making it sound like, it it lays eggs then it's a chicken, which is not always the case. The truth is that genetically you usually have mutations before being born, so any creature that laid an egg (or even without eggs, e.g. mammal) gave birth to to a mutant freak that so happened to be a chicken.