The EFF no longer maintains the list. The original list was simply those printers that produced documents where the EFF could not see any yellow tracking dots. The EFF has put this note on that list:
(Added 2017) REMINDER: It appears likely that all recent commercial color laser printers print some kind of forensic tracking codes, not necessarily using yellow dots. THIS IS TRUE WHETHER OR NOT THOSE CODES ARE VISIBLE TO THE EYE AND WHETHER OR NOT THE PRINTER MODELS ARE LISTED HERE. THIS ALSO INCLUDES THE PRINTERS THAT ARE LISTED HERE AS NOT PRODUCING YELLOW DOTS.
This list is no longer being updated.
Simply put, the EFF believes all printers have forensic tracking codes.
Agreed, they are not to be trusted. They should just not be collecting data in the first place. How about a simple one-stop shopping applet that displays all the data Microsoft wants to collect, with a little checkbox beside each category, disabled by default.
While we're at it, how about reverting to selectable updates too.
This makes a lot of sense. The frightening part, it might work. They argue for for federal rules, then when anything is proposed in those rules like real hard net neutrality, they argue the FCC just repealed ones like that so obviously rules like that aren't helpful. I can see them muddying the water with this so much that it actually works.
So, what, you're contending that AT&T paid millions upon millions of dollars to fight the FCC's net neutrality regulations because they were the good guys and wanted to encourage the same rules only legislated by congress?
Are you high? If you're Canadian, I need to warn you, weed won't be legal until June or so.
Sure I have. Back at you. There are a lot of "fair trade" cooperatives that technically comply with fair trade rules. All it requires is for the person who sells the product to get a certain percentage of profit. The same immensely rich Nova Scotia Annapolis Valley farm owners I spoke of in my post have several such cooperatives. They benefit from being able to label their products fair trade, then charge a premium from unsuspecting buyers, and further profit while their flown-in no benefits seasonal pickers make a pittance. I have zero confidence in fair trade cooperatives when I see wealthy landowners here laughing because they qualify under fair trade rules.
But let's say you do buy fair trade coffee, and even if you think it makes a difference, what about your bananas and mangoes and laptop batteries and automobile trim and USB cables? At a certain point you have to realize that all those oppressed workers are sentient people, and at some point you have to credit them with having the ability to stand up for their rights. I would argue that artificially partially reducing the harshness of those workers' environment by pressuring their employers from the outside only accomplishes as little change as those employers can absolutely get away with and simply turns a boiling situation into one that is merely simmering. If you are the kind of person who exploits workers for profit, the moral outrage of end customers is not likely to affect you much. No, it's better to leave the heat source on, so to speak, and let the pressure boil over from within so they will stand up for themselves.
I used to think, being a Canadian, that it was just the Quebec francophones with the hyperactive inferiority complex which manifested like that. In Quebec they are anal about signage to the point of there being ordinances outlining the maximum size of English print on your store front in order to preserve their language (which I won't actually insult France enough to call French and will just call "Quebecois"). They were so adamant about it they had to use a special constitutional opt-out Canadian provinces have called the notwithstanding clause to make it legal notwithstanding a person's right to freedom of expression.
Now I realize this is just endemic to all French everywhere.
It's unfortunate this has been modded down into obscurity, because it's true.
When you go to the supermarket, do you find out the working conditions of your banana picker? Do people make sure the apple pickers have benefits? I'm from Nova Scotia's Annapolis valley where a lot of the apples in Eastern North America are grown and I will tell you that none of the greedy rich farm owners here pay more than a pittance for the pickers.
The responsibility for worker conditions lies squarely with the workers and the government of the country they live. Worker conditions aren't changed from the outside. People's conditions are changed when they stand up for themselves. The Magna Carta didn't happen when the French decided not to buy English exports. The 5 day 40 hour work week didn't happen when consumers stopped buying manufactured goods. They happen when people demand it.
Indeed. As a proof of concept, about ten years ago I hooked up a pair of VHF radios to my computer's sound card and used the built in voice rec in Windows to set up a bunch of commands. Music, video, etc. I had at one time envisioned coming home.and putting on a little wireless mic (stage production kind of thing) and being able to control things. The proof of concept was a resounding success - I was able to train it to understand me perfectly. In the end I just found it less useful than doing things myself.
This is one of the reasons why I won't use the current tech. There is zero reason why it has to call home every time I use it to send my voice to their servers for interpretation. If I was, ten years ago, able to have it recognize my voice perfectly well (with surprisingly little training) through the poor audio of a cheap radio, then there is even less reason why it's required today. Setting this precedent is dangerous. I'll be willing to bet the first androids we get will be centrally controlled. Why make their processing self contained when they can use the excuse that they need the processing power only available in their servers to control them.
Ok, and sure, have spares on hand. Great advice for a resource like that. But, well, come on guys, let's do the math: The set of all Slashdot readers. The set of all Slashdot readers who are actual (and not just claimed during the years in some post or another to try and lend legitimacy to one of their arguments) Kernel contributors. The set of all Slashdot readers who are actual kernel contributors who didn't know LKML was down. The set of all Slashdot readers who are actual kernel contributors who didn't know LKML was down and need Slashdot to copy the feed on how the progress is going.
= A number so low as to be statistical noise. Therefore, this story can only be a Nelson "Ha Ha" article.
PyCAM and PiTiVi are two off the top of my head. PyCAM is CPU bound and Python doesn't do its calculations any favours. It's sluggish at the best of times and almost impossible to produce versions that work cross platform. PiTiVi isn't terrible as basically it's just a front end for GStreamer, and as that it's a good use of Python. But it's not cross platform, which defeats half the purpose.
Interestingly, looking at the PiTiVi web site, on the contributing page:
GStreamer Editing Services, the C library on which Pitivi depends to do all the serious work. If you want to work on the backend, this is the way to go.
Which just about sums up Python. Great for quick and dirty little tools, good for a front end, but bad in that most serious front ends require a widget kit that will be problematic for cross-platform, and if you want to do serious work, go to C.
And as you seem to live under a rock: Java is no longer interpreted, since u.. o... 1995 or so?
Not sure what native compiler you're thinking of. Maybe I do live under a rock. GCJ is gone - GNU is trying to sweep it under the carpet as the bad idea it was, since it never really worked well (read at all). Ok, doing some research I see that there is some product called Escelsior Jet that claims to be a compiler. However, from its web site:
First, the AOT compiler turns your jar and class files into a conventional binary executable. That executable is fully interoperable with our JVM, which includes a JIT compiler to handle any classes that were not precompiled.
So it's not clear if any general purpose Java app can be rendered into 100% native code. It looks like it will do all the pure Java, but how many normally used Java classes this includes is another question. I have never ever heard of Excelsior Jet before, and neither has Wikipedia. It's mentioned in a couple Stack Exchange questions, likely posts from employees at Excelsior Jet in my assessment.
If it is JIT you are speaking of, JIT is not native. JIT is a marketing term for various usually caching optimizations intended to make interpreting bytecode less slow. JIT means different things to different interpreters, but it always involves run-time conversion of bytecode to machine code, which is what interpreting is, and despite what marketing people say, is universally slower than AOT conversion to purely native code.
I guess you have a different idea what "system progaming" is than most people. System programming is not done in C since decades. You probably mean the remains of embedded programming where people are forced to use extremely small micro controllers for extremely simple tasks. The biggest "system programming" project that still is mostly done in C (instead of C++) is probably the linux kernel.
This is just wrong. Windows kernel, plus many device drivers. BSD kernel plus most device drivers (except in MacOS which uses a subset of C++ for device drivers). Linux kernel, as you mention, plus almost all device drivers. Every other Unix kernel and all their device drivers. Virtually the whole OS for most real time OSes. That right there is 99.99% of computing devices on the planet. C is very large on the military scene right now. Most Western navy's combat management systems are more or less entirely C, or use such a stripped down subset of C++ that you might as well call it C anyway (see below). Some colleagues of mine on the aircraft side of things played around with realtime java a bit for avionics, but it didn't really go anywhere.
Some will use C++ for drivers, though in many operating systems that's problematic because of the runtime, so they use it stripped down again. Mayb
Attitudes like this are why people need a computer 600,000 times faster with 262144 times the memory in order to load something just to check their e-mail. I don't use Rust. I use Go when I must. It's not a bad language as new languages go - Syncthing, a project I've contributed to, uses Go and it's not terrible.
In a way you're correct. I'd agree that only about 10% of software really needs the performance and versatility of C. Most others can get away with C++, for better organization, or some other natively compiled code. Go if you like. Or Pascal if you want something old school but still strongly type checked. I actually use Pascal quite a bit myself, simply because of the free Lazarus environment. Even interpreted stuff has its place, but far less than it is used for. Just as only about 10% of software needs the power and versatility of C, only about 10% of software is appropriate for an interpreted environment. The problem is, kids coming out of school high on what some unfortunate profs (who often don't have to work in the real world) have been feeding them then start all these projects in Python and Java that have no place being written in an interpreted language. Python is good for small front ends. But then someone will want to get fancy and use PyGTK or some other frankenlibrary or else what started as a little front end simply grows beyond what is really appropriate and it becomes non-portable and a nightmare fast.
I actually have nothing against any language. I have serious problems when they are used inappropriately, though, and I have even more serious problems when what has been the best swiss army knife programmers have ever had for the better part of half a century is slagged in favour of some du jour. C never lost its place, and won't for the foreseeable future. For system programming it's not just unparalleled, it's often just simply indispensable. Computers are not people, they are electrical devices with bits and bytes, and sometimes you just need a language that embraces that rather than tries to hide it like its some dirty secret.
Oh Lord, seriously? This again? C is more dangerous than Java the way that a KA-Bar is more dangerous than a butter knife. If you take a real programming language, hamstring it, put a bib on it, and pull its teeth so it can process nothing more than strained baby food, sure, it won't be dangerous but then again it won't do much useful either.
Write a device driver in Java or Python. Or a kernel. C will always have a place in net-connected computers. You just don't hand a loaded gun to a child and expect he'll produce something useful without blowing his foot off. C is for grown-ups and when you get big and strong and if you eat all your spinach maybe when you grow up you'll do system programming too. Until then, feel free to play around with interpreted languages that pen you in a coral so you don't do anything stupid and feel free to pretend that JIT really does mean it's compiled and just as fast as native code.
Google is thought to be losing money on every unit...[but]... Google has plenty of options to make money through... the data it collects...
Yes, Google has plenty of options. Selling it to the government is a great one. Julian Assange made a credible argument that Google is likely essentially a government department or so much in the back pocket of the US government that it might as well be. While I don't find Mr. Assange to be the most wholy credible person alive, the arguments were cogent and well reasoned.
Why are all these devices sending all that voice data to Google servers for "analysis"? It is not reasonable to believe that even the massive data centers that Google has can dedicate more CPU time to processing the audio from each of these millions of devices than can be cheaply incorporated into each individual device itself. The centralization of voice analysis can only have one purpose. Yes, that's just what I want to have in my bedroom.
It is frightening how many of these things are blithely being put into millions of homes.
By the definition of copyright law in the US this can't possibly infringe in the first place. It sounds exactly like Trump's speeches and tweets, and by law as works of the federal government those are in the public domain.
We don't know that it's dust. We don't know that it's not an alien megastructure. All we know is that the absorption is not inconsistent with dust and that occam's razor suggests that the simplest explanation is generally the best. However, what we don't know about exosystems far exceeds what we do know. Which seems to mean that the simplest explanation (certainly the most prudent) is to say we don't yet know enough to make more than wild conjecture (and at this point even dust is wild conjecture).
Google says that they've tested and verified Spectre against Intel, AMD, and ARM processors, and the attack affects desktops, laptops, cloud servers, and smartphones. The attack is also believed to affect almost all CPUs released in recent years.
Meltdown uses out-of-order execution and a side channel attack that is unique to Intel. Spectre uses speculative execution and is more generalized, with tested proof-of-concept attack code on AMD and ARM.
I just read the papers and it's actually a fascinating, and deceptively simple method. Out-of-order execution and execution prefetching causes a CPU to pre-execute instructions that are later on in the chain. If my program performs a divide-by-zero, which will cause an error when it happens, instruction pre-fetching and out of order execution has already in whole or part executed the instructions that happen after the error. So, you write your program to do this:
Something legal Fork Child: Divide by Zero Read of illegal memory
Parent: Wait for child to crash Read the prefetch cache to see what the out-of-order execution put in the cache when it read the illegal memory
In case that's not clear, a program forks. The child process induces an error, but after the error it has an instruction which would not normally be allowed, such as reading a portion of memory it wouldn't normally be able to. Out of order execution will already have begun performing the instruction, and because it doesn't have as rigorous controls on it, it actually reads the memory into the cache. This wouldn't be an issue, except there are ways to determine what a prefetch instruction resulted in. So the parent process waits for the child to crash and then it uses those instructions to determine the results of the prefetch which means you have just bypassed memory protection.
"According to Google, everything and everyone is affected. This includes all major chipset vendors (Intel, AMD, ARM), all major operating systems (Windows, Linux, macOS, Android, ChromeOS), cloud providers (Amazon, Google, Microsoft), and application makers."
It looks like the attack uses side effects of out-of-order execution that probably will affect every processor. There is not a practical demonstration on AMD yet, but it is likely affected. Interestingly, it looks like it can break out of a VM jail as well.
I don't believe it is the role of local government to...
It is the role of local, actually any, government to do precisely whatever it is the people who selected that government wants them to do with their money. If that means compete with business, then it's compete with business. The people have the right to decide exactly what services their government provides. I, for one, think network connectivity is basically essential in today's society, therefore why not make it a service like water or electricity.
Where the interference came from is not from the local government, but from the private business who decided it was their role to try and tell the people what their government should or shouldn't do. When the first local and state governments were deciding whether to adopt electricity as a public utility, I wonder if Tesla and Edison were paying lobbyists to try and shoot the idea down so they could keep their monopoly.
Sure, before SIP was System Integrity Protection is was Session Initiation Protocol. But before it was Session Initiation Protocol it was Single Inline Package. Before that it was something different. I'm sure in an acronym dictionary you'll find a few dozen others.
You are not the arbiter of what an acronym means. I'm not registering my acronyms with you before I use them, as much as you seem to want the job. And we're not impressed that you know what Session Initiation Protocol is. If you really knew what it was, you'd be able to deduce from the context of the post that the story wasn't about it. Session Initiation Protocol was hopeless broken the day it was penned, it being broken or breaking something else somewhere is old news. Not even Slashdot would post about something that old.
This is a classic scheme of moving the question in order to obtain the desired conclusion. In this case, the real question they are trying to lead people to assume the answer to is "is the open source model to blame for security breaches". By essentially stating as a fact that it is, and then making the question "should we throw money at it to fix the problem", they are trying to get people to assume the first question.
No, the open source model is not the cause of security woes. Microsoft, with one of the most well funded set of developers on the planet, is the source of more and worse security flaws than anything else. It is true that Microsoft security flaws tend to be exploited differently, and not with single breaches that cause the loss of huge amounts of data. Microsoft security flaws are instead exploited with millions-strong botnets and massive infestations of ransomeware. The reason why Microsoft flaws don't cause massive single breaches is, of course, because their internet infrastructure software was so resoundingly awful that it was soundly rejected by everyone. This is because those that implement internet infrastructure are of generally above-average intelligence. I shudder to imagine if Microsoft had a significant presence in the current internet infrastructure.
I'm honestly now not sure if JJ or Lucas is worse. George Lucas, for all his (myriad) faults was at least original. JJ took the original trilogy and just put it in a blender and hit frappe. What came out was Star Wars for millennials.
Empire vs Rebels Empire/First Order vs Resistance
Force sensitive struggles to find himself on a journey to fulfill his birthright accompanied by cute droid. Force sensitive struggles to find herself on a journey to fulfill her birthright accompanied by cute droid.
Evil shadowy overlord who in the past persuaded angsty rebellious jedi to betray the Jedi and destroy them, turning angsty rebellious jedi into evil sidekick. Evil shadowy overlord who persuaded angsty rebellious jedi to betray the Jedi and destroy them, turning angsty rebellious jedi into evil sidekick.
Have to destroy death star in final battle to save rebel base. Have to destroy death planet in final battle to save rebel base.
Yawn.
Sure, the more control Lucas got, the worse his films got. Hands down awful. But at least the stupidity was his. I have to give him that. What was JJ's excuse?
For long-term survival, Mozilla absolutely needs Firefox to be as fast or faster than Chrome
This is wrong. And it's not just a wrong state to be in but it's indicative (indicting really) of the completely skewed thought chain leading up to that conclusion.
First of all, when is the last time your browser's rendering efficiency was the rate limiting step to how fast a page displayed for you? Browser speed for 99.9% of the user base is a metric that is only even relevant insomuch as it is published as a benchmark. It's relevant because my number is better than their number, so download my browser.
You are looking at the front runner and playing catch up rather than innovating. Your whole benchmark for success is "am I faster than Chrome", "have I implemented the same security features as Chrome", "is my UI like Chrome". Those aren't the questions you need to ask. You need to ask "am I fast enough for my user base", "am I secure", "do I have the UI that my users want", "what features will be a net improvement", and "what is the goodwill cost of implementing this". That last one is a doozer. Mozilla has zero goodwill, and it's not coming back. You cannot win back lost goodwill by zooming in and focusing on the ass of the competitor ahead of you. That's the competitor the audience is watching too.
It created huge pressure for half-baked features to ship before they're ready
I'm not sure I even know how to respond to that. Incredulity doesn't begin to describe my reaction. Did you honestly not see the travesty of less than half baked changes that happened for the first, oh, let's say ten "rapid" releases. There were a lot of things that had to change inside the browser, and also inside the development model before Mozilla went to a rapid release system. If you had to go to that system, make the changes that allow that to work and do those changes first. Really, you should have had a skeleton crew on a LTS for the browser while the main team either completely refactored or started fresh. The browser was not ready for what Mozilla did when it was done. It wasn't readily technically. The codebase was not clean enough. The project management was not in place for it. Changes that needed a major release to accomplish were haphazardly implemented in whatever little chunks happened to be ready at the time, and they were often not compatible one release to the next. The user experience broke on back to back to back releases. First rule of fight club, you don't break prod. Stop arguing that it was a good thing to do.
Slashdot Mirror
The EFF no longer maintains the list. The original list was simply those printers that produced documents where the EFF could not see any yellow tracking dots. The EFF has put this note on that list:
Simply put, the EFF believes all printers have forensic tracking codes.
Agreed, they are not to be trusted. They should just not be collecting data in the first place. How about a simple one-stop shopping applet that displays all the data Microsoft wants to collect, with a little checkbox beside each category, disabled by default.
While we're at it, how about reverting to selectable updates too.
This makes a lot of sense. The frightening part, it might work. They argue for for federal rules, then when anything is proposed in those rules like real hard net neutrality, they argue the FCC just repealed ones like that so obviously rules like that aren't helpful. I can see them muddying the water with this so much that it actually works.
So, what, you're contending that AT&T paid millions upon millions of dollars to fight the FCC's net neutrality regulations because they were the good guys and wanted to encourage the same rules only legislated by congress?
Are you high? If you're Canadian, I need to warn you, weed won't be legal until June or so.
Sure I have. Back at you. There are a lot of "fair trade" cooperatives that technically comply with fair trade rules. All it requires is for the person who sells the product to get a certain percentage of profit. The same immensely rich Nova Scotia Annapolis Valley farm owners I spoke of in my post have several such cooperatives. They benefit from being able to label their products fair trade, then charge a premium from unsuspecting buyers, and further profit while their flown-in no benefits seasonal pickers make a pittance. I have zero confidence in fair trade cooperatives when I see wealthy landowners here laughing because they qualify under fair trade rules.
But let's say you do buy fair trade coffee, and even if you think it makes a difference, what about your bananas and mangoes and laptop batteries and automobile trim and USB cables? At a certain point you have to realize that all those oppressed workers are sentient people, and at some point you have to credit them with having the ability to stand up for their rights. I would argue that artificially partially reducing the harshness of those workers' environment by pressuring their employers from the outside only accomplishes as little change as those employers can absolutely get away with and simply turns a boiling situation into one that is merely simmering. If you are the kind of person who exploits workers for profit, the moral outrage of end customers is not likely to affect you much. No, it's better to leave the heat source on, so to speak, and let the pressure boil over from within so they will stand up for themselves.
French translations that must, by law, be twice the size of the original English.
I used to think, being a Canadian, that it was just the Quebec francophones with the hyperactive inferiority complex which manifested like that. In Quebec they are anal about signage to the point of there being ordinances outlining the maximum size of English print on your store front in order to preserve their language (which I won't actually insult France enough to call French and will just call "Quebecois"). They were so adamant about it they had to use a special constitutional opt-out Canadian provinces have called the notwithstanding clause to make it legal notwithstanding a person's right to freedom of expression.
Now I realize this is just endemic to all French everywhere.
It's unfortunate this has been modded down into obscurity, because it's true.
When you go to the supermarket, do you find out the working conditions of your banana picker? Do people make sure the apple pickers have benefits? I'm from Nova Scotia's Annapolis valley where a lot of the apples in Eastern North America are grown and I will tell you that none of the greedy rich farm owners here pay more than a pittance for the pickers.
The responsibility for worker conditions lies squarely with the workers and the government of the country they live. Worker conditions aren't changed from the outside. People's conditions are changed when they stand up for themselves. The Magna Carta didn't happen when the French decided not to buy English exports. The 5 day 40 hour work week didn't happen when consumers stopped buying manufactured goods. They happen when people demand it.
Indeed. As a proof of concept, about ten years ago I hooked up a pair of VHF radios to my computer's sound card and used the built in voice rec in Windows to set up a bunch of commands. Music, video, etc. I had at one time envisioned coming home.and putting on a little wireless mic (stage production kind of thing) and being able to control things. The proof of concept was a resounding success - I was able to train it to understand me perfectly. In the end I just found it less useful than doing things myself.
This is one of the reasons why I won't use the current tech. There is zero reason why it has to call home every time I use it to send my voice to their servers for interpretation. If I was, ten years ago, able to have it recognize my voice perfectly well (with surprisingly little training) through the poor audio of a cheap radio, then there is even less reason why it's required today. Setting this precedent is dangerous. I'll be willing to bet the first androids we get will be centrally controlled. Why make their processing self contained when they can use the excuse that they need the processing power only available in their servers to control them.
Ok, and sure, have spares on hand. Great advice for a resource like that. But, well, come on guys, let's do the math:
The set of all Slashdot readers.
The set of all Slashdot readers who are actual (and not just claimed during the years in some post or another to try and lend legitimacy to one of their arguments) Kernel contributors.
The set of all Slashdot readers who are actual kernel contributors who didn't know LKML was down.
The set of all Slashdot readers who are actual kernel contributors who didn't know LKML was down and need Slashdot to copy the feed on how the progress is going.
= A number so low as to be statistical noise. Therefore, this story can only be a Nelson "Ha Ha" article.
I LOVE IT!
p.s. HA HA
PyCAM and PiTiVi are two off the top of my head. PyCAM is CPU bound and Python doesn't do its calculations any favours. It's sluggish at the best of times and almost impossible to produce versions that work cross platform. PiTiVi isn't terrible as basically it's just a front end for GStreamer, and as that it's a good use of Python. But it's not cross platform, which defeats half the purpose.
Interestingly, looking at the PiTiVi web site, on the contributing page:
Which just about sums up Python. Great for quick and dirty little tools, good for a front end, but bad in that most serious front ends require a widget kit that will be problematic for cross-platform, and if you want to do serious work, go to C.
Not sure what native compiler you're thinking of. Maybe I do live under a rock. GCJ is gone - GNU is trying to sweep it under the carpet as the bad idea it was, since it never really worked well (read at all). Ok, doing some research I see that there is some product called Escelsior Jet that claims to be a compiler. However, from its web site:
So it's not clear if any general purpose Java app can be rendered into 100% native code. It looks like it will do all the pure Java, but how many normally used Java classes this includes is another question. I have never ever heard of Excelsior Jet before, and neither has Wikipedia. It's mentioned in a couple Stack Exchange questions, likely posts from employees at Excelsior Jet in my assessment.
If it is JIT you are speaking of, JIT is not native. JIT is a marketing term for various usually caching optimizations intended to make interpreting bytecode less slow. JIT means different things to different interpreters, but it always involves run-time conversion of bytecode to machine code, which is what interpreting is, and despite what marketing people say, is universally slower than AOT conversion to purely native code.
This is just wrong. Windows kernel, plus many device drivers. BSD kernel plus most device drivers (except in MacOS which uses a subset of C++ for device drivers). Linux kernel, as you mention, plus almost all device drivers. Every other Unix kernel and all their device drivers. Virtually the whole OS for most real time OSes. That right there is 99.99% of computing devices on the planet. C is very large on the military scene right now. Most Western navy's combat management systems are more or less entirely C, or use such a stripped down subset of C++ that you might as well call it C anyway (see below). Some colleagues of mine on the aircraft side of things played around with realtime java a bit for avionics, but it didn't really go anywhere.
Some will use C++ for drivers, though in many operating systems that's problematic because of the runtime, so they use it stripped down again. Mayb
Attitudes like this are why people need a computer 600,000 times faster with 262144 times the memory in order to load something just to check their e-mail. I don't use Rust. I use Go when I must. It's not a bad language as new languages go - Syncthing, a project I've contributed to, uses Go and it's not terrible.
In a way you're correct. I'd agree that only about 10% of software really needs the performance and versatility of C. Most others can get away with C++, for better organization, or some other natively compiled code. Go if you like. Or Pascal if you want something old school but still strongly type checked. I actually use Pascal quite a bit myself, simply because of the free Lazarus environment. Even interpreted stuff has its place, but far less than it is used for. Just as only about 10% of software needs the power and versatility of C, only about 10% of software is appropriate for an interpreted environment. The problem is, kids coming out of school high on what some unfortunate profs (who often don't have to work in the real world) have been feeding them then start all these projects in Python and Java that have no place being written in an interpreted language. Python is good for small front ends. But then someone will want to get fancy and use PyGTK or some other frankenlibrary or else what started as a little front end simply grows beyond what is really appropriate and it becomes non-portable and a nightmare fast.
I actually have nothing against any language. I have serious problems when they are used inappropriately, though, and I have even more serious problems when what has been the best swiss army knife programmers have ever had for the better part of half a century is slagged in favour of some du jour. C never lost its place, and won't for the foreseeable future. For system programming it's not just unparalleled, it's often just simply indispensable. Computers are not people, they are electrical devices with bits and bytes, and sometimes you just need a language that embraces that rather than tries to hide it like its some dirty secret.
Oh Lord, seriously? This again? C is more dangerous than Java the way that a KA-Bar is more dangerous than a butter knife. If you take a real programming language, hamstring it, put a bib on it, and pull its teeth so it can process nothing more than strained baby food, sure, it won't be dangerous but then again it won't do much useful either.
Write a device driver in Java or Python. Or a kernel. C will always have a place in net-connected computers. You just don't hand a loaded gun to a child and expect he'll produce something useful without blowing his foot off. C is for grown-ups and when you get big and strong and if you eat all your spinach maybe when you grow up you'll do system programming too. Until then, feel free to play around with interpreted languages that pen you in a coral so you don't do anything stupid and feel free to pretend that JIT really does mean it's compiled and just as fast as native code.
Yes, Google has plenty of options. Selling it to the government is a great one. Julian Assange made a credible argument that Google is likely essentially a government department or so much in the back pocket of the US government that it might as well be. While I don't find Mr. Assange to be the most wholy credible person alive, the arguments were cogent and well reasoned.
Why are all these devices sending all that voice data to Google servers for "analysis"? It is not reasonable to believe that even the massive data centers that Google has can dedicate more CPU time to processing the audio from each of these millions of devices than can be cheaply incorporated into each individual device itself. The centralization of voice analysis can only have one purpose. Yes, that's just what I want to have in my bedroom.
It is frightening how many of these things are blithely being put into millions of homes.
By the definition of copyright law in the US this can't possibly infringe in the first place. It sounds exactly like Trump's speeches and tweets, and by law as works of the federal government those are in the public domain.
We don't know that it's dust. We don't know that it's not an alien megastructure. All we know is that the absorption is not inconsistent with dust and that occam's razor suggests that the simplest explanation is generally the best. However, what we don't know about exosystems far exceeds what we do know. Which seems to mean that the simplest explanation (certainly the most prudent) is to say we don't yet know enough to make more than wild conjecture (and at this point even dust is wild conjecture).
Please read the article. From it:
Meltdown uses out-of-order execution and a side channel attack that is unique to Intel. Spectre uses speculative execution and is more generalized, with tested proof-of-concept attack code on AMD and ARM.
I just read the papers and it's actually a fascinating, and deceptively simple method. Out-of-order execution and execution prefetching causes a CPU to pre-execute instructions that are later on in the chain. If my program performs a divide-by-zero, which will cause an error when it happens, instruction pre-fetching and out of order execution has already in whole or part executed the instructions that happen after the error. So, you write your program to do this:
Something legal
Fork
Child:
Divide by Zero
Read of illegal memory
Parent:
Wait for child to crash
Read the prefetch cache to see what the out-of-order execution put in the cache when it read the illegal memory
In case that's not clear, a program forks. The child process induces an error, but after the error it has an instruction which would not normally be allowed, such as reading a portion of memory it wouldn't normally be able to. Out of order execution will already have begun performing the instruction, and because it doesn't have as rigorous controls on it, it actually reads the memory into the cache. This wouldn't be an issue, except there are ways to determine what a prefetch instruction resulted in. So the parent process waits for the child to crash and then it uses those instructions to determine the results of the prefetch which means you have just bypassed memory protection.
"According to Google, everything and everyone is affected. This includes all major chipset vendors (Intel, AMD, ARM), all major operating systems (Windows, Linux, macOS, Android, ChromeOS), cloud providers (Amazon, Google, Microsoft), and application makers."
It looks like the attack uses side effects of out-of-order execution that probably will affect every processor. There is not a practical demonstration on AMD yet, but it is likely affected. Interestingly, it looks like it can break out of a VM jail as well.
It is the role of local, actually any, government to do precisely whatever it is the people who selected that government wants them to do with their money. If that means compete with business, then it's compete with business. The people have the right to decide exactly what services their government provides. I, for one, think network connectivity is basically essential in today's society, therefore why not make it a service like water or electricity.
Where the interference came from is not from the local government, but from the private business who decided it was their role to try and tell the people what their government should or shouldn't do. When the first local and state governments were deciding whether to adopt electricity as a public utility, I wonder if Tesla and Edison were paying lobbyists to try and shoot the idea down so they could keep their monopoly.
Sure, before SIP was System Integrity Protection is was Session Initiation Protocol. But before it was Session Initiation Protocol it was Single Inline Package. Before that it was something different. I'm sure in an acronym dictionary you'll find a few dozen others.
You are not the arbiter of what an acronym means. I'm not registering my acronyms with you before I use them, as much as you seem to want the job. And we're not impressed that you know what Session Initiation Protocol is. If you really knew what it was, you'd be able to deduce from the context of the post that the story wasn't about it. Session Initiation Protocol was hopeless broken the day it was penned, it being broken or breaking something else somewhere is old news. Not even Slashdot would post about something that old.
Oh brother. And tomorrow will be the first January 2nd it fell in in value since 2015.
This is a classic scheme of moving the question in order to obtain the desired conclusion. In this case, the real question they are trying to lead people to assume the answer to is "is the open source model to blame for security breaches". By essentially stating as a fact that it is, and then making the question "should we throw money at it to fix the problem", they are trying to get people to assume the first question.
No, the open source model is not the cause of security woes. Microsoft, with one of the most well funded set of developers on the planet, is the source of more and worse security flaws than anything else. It is true that Microsoft security flaws tend to be exploited differently, and not with single breaches that cause the loss of huge amounts of data. Microsoft security flaws are instead exploited with millions-strong botnets and massive infestations of ransomeware. The reason why Microsoft flaws don't cause massive single breaches is, of course, because their internet infrastructure software was so resoundingly awful that it was soundly rejected by everyone. This is because those that implement internet infrastructure are of generally above-average intelligence. I shudder to imagine if Microsoft had a significant presence in the current internet infrastructure.
I'm honestly now not sure if JJ or Lucas is worse. George Lucas, for all his (myriad) faults was at least original. JJ took the original trilogy and just put it in a blender and hit frappe. What came out was Star Wars for millennials.
Empire vs Rebels
Empire/First Order vs Resistance
Force sensitive struggles to find himself on a journey to fulfill his birthright accompanied by cute droid.
Force sensitive struggles to find herself on a journey to fulfill her birthright accompanied by cute droid.
Evil shadowy overlord who in the past persuaded angsty rebellious jedi to betray the Jedi and destroy them, turning angsty rebellious jedi into evil sidekick.
Evil shadowy overlord who persuaded angsty rebellious jedi to betray the Jedi and destroy them, turning angsty rebellious jedi into evil sidekick.
Have to destroy death star in final battle to save rebel base.
Have to destroy death planet in final battle to save rebel base.
Yawn.
Sure, the more control Lucas got, the worse his films got. Hands down awful. But at least the stupidity was his. I have to give him that. What was JJ's excuse?
This is wrong. And it's not just a wrong state to be in but it's indicative (indicting really) of the completely skewed thought chain leading up to that conclusion.
First of all, when is the last time your browser's rendering efficiency was the rate limiting step to how fast a page displayed for you? Browser speed for 99.9% of the user base is a metric that is only even relevant insomuch as it is published as a benchmark. It's relevant because my number is better than their number, so download my browser.
You are looking at the front runner and playing catch up rather than innovating. Your whole benchmark for success is "am I faster than Chrome", "have I implemented the same security features as Chrome", "is my UI like Chrome". Those aren't the questions you need to ask. You need to ask "am I fast enough for my user base", "am I secure", "do I have the UI that my users want", "what features will be a net improvement", and "what is the goodwill cost of implementing this". That last one is a doozer. Mozilla has zero goodwill, and it's not coming back. You cannot win back lost goodwill by zooming in and focusing on the ass of the competitor ahead of you. That's the competitor the audience is watching too.
I'm not sure I even know how to respond to that. Incredulity doesn't begin to describe my reaction. Did you honestly not see the travesty of less than half baked changes that happened for the first, oh, let's say ten "rapid" releases. There were a lot of things that had to change inside the browser, and also inside the development model before Mozilla went to a rapid release system. If you had to go to that system, make the changes that allow that to work and do those changes first. Really, you should have had a skeleton crew on a LTS for the browser while the main team either completely refactored or started fresh. The browser was not ready for what Mozilla did when it was done. It wasn't readily technically. The codebase was not clean enough. The project management was not in place for it. Changes that needed a major release to accomplish were haphazardly implemented in whatever little chunks happened to be ready at the time, and they were often not compatible one release to the next. The user experience broke on back to back to back releases. First rule of fight club, you don't break prod. Stop arguing that it was a good thing to do.