Okay. Let's see. I want to deliver rich applications over the web (with all the good properties of universal accessibility and no user administration) that do heavy client-side processing. I have to write in a programming language that virtually all browsers will run.
For that, javascript is the right tool because it's the only tool. It doesn't matter how ill-suited it is for the task at hand, it's all I got.
When you have to get that nail punched in, every tool looks like a hammer.
Javascript is too dynamically typed. In my experience, testers constantly find bugs caused by [...], misspelled variable names, or other basic things that a compiler could have detected.
It's not impossible to do static analysis of code written in interpreted, dynamically typed languages. (There's such a thing for python.)
Or rather, it's not more impossible---see Rice's theorem---than it is for compiled, statically typed languages.
It's just that (apparently) nobody knows or uses a good static javascript analysis tool. Maybe because it doesn't exist; I don't know.
The shipping companies don't lose money because they're insured, and the insurers don't lose money because they up the premiums, yet the premium increases don't come out of the shipping companies' pockets?
Sir, I think you have described a perpetuum monetare, a perpetual money machine. While Madoff would be proud, the second law of thermoeconomics says it can't exist.
Think of it this way: if a set of goods is on one set of hands instead of another, the other set of hands is (duh) not having those goods. It lost the equivalent to the amount of money those hands value the goods at. It can spread the loss around (some to itself, some to the insurance company, some to their customers, for instance), but there is a loss.
Otherwise, contemplate the world where I steal everything from everybody, own all the land, and won't trade with anyone; you can all shuffle dollar bills back and forth between insurance companies and the insured, but that won't get you your cars, computers or factories back.
Um... questioning authority is kinda the hallmark of science.
I understand what you're saying, but...
Well, challenging authority with evidence is the hallmark of science. In the past, the authority (i.e. power) was typically part of a religious institution. These days (this is how I interpret your parent post) people use opinion to challenge the authority of the scientific process (as distinct from the authority of individual scientists).
I think well-practised science has authority (over factual matters). Religion does not. But well-practised science challenges itself with evidence.
(The words you give aren't exactly incorrect, they're just a weird choice of forms)
For the benefit of those of us who haven't studied latin but are interested in languages, what are the forms you've given? What are the forms OP has given? If those answers don't make it readily apparent, why are OP's choices weird?
I'd bet half of the people who mock windows users for downloading and installing untrusted software would download this, type in their root password, and let it install.
Why wouldn't they compile it with --prefix=~/local/ instead? That way, you know where you install all your shi^Wsoftware...
then show this code to whomever it will help actually fix those holes but try not to release it to the public at large
I'm sorry to bring up an argument that everyone has already heard (or work out on their own), but I think it warrants a saying (yet again):
How about also releasing information about workarounds to the countless systems administrators who are in a position to deploy that workaround? (Good luck on doing that while not releasing information to the general public)
My son's system got hacked that way [backwards "..."] "Here download this program, run it, ignore any warnings, choose 'allow' for every UAC prompt, and then it will give me remote control of your system so I can 'fix' it for you." [...] I was busy in the other room [...] Teenagers, seesh, looking for the quick fix, but adults are just as dumb and fall for the same thing as there are so many helpful strangers on the Internet
The problem, as I see it (and it's only a guess, but hear me out), is one of conditioning.
Windows (I've used 95, 98, XP) tends to warn about pretty harmless stuff. "Are you sure? Only click yes if you want me to do what you just asked me to." Or "Warning: [weird undecipherable sentence about cryptography that will take those who know about crypto a good 15 minutes of research to answer the right way with a modest success rate]. Yes or no?" And clicking "Yes" always works. "Warning: running this program might have side effects (as opposed to just spending its cycles making your CPU hotter). Run it?"
A lot of repeated trials of this ought to condition users to take warnings with a grain (well, bucket) of salt. Add on top of this all the experiences where they copy-paste the error message into google, find a forum post which fixes their problem, or ask someone on IRC and they provide the solution, and people will learn to trust strangers on the internet (because said trust is most often warranted).
Ask yourself how you solve technical problems with your boxes. Do you research everything yourself? Or do you use google/IRC/...?
I don't know exactly how the situation looked through the eyes of said teenagers. Did it really explicitly say "let me take control of your computer"? By your own statement, you were away when it happened. Did you go back and look afterwards?
Most of the things you find on the net is the good stuff. Windows conditions users into not taking warnings as a serious sign of (potential) danger. Is doing what your environment tells you is the right thing called "looking for the quick fix" these days?
I agree (you kinda' make my point), except on one point:
If I had to reprogram my brain switching between English and almost-English
How many different-but-very-similar programming languages do you know? How big a problem do you have switching between them? At a very boring syntactical level, C, C++, java, javascript, php and perl (and probably a few others I can't remember right now) are very similar ("if (condition) { [...]; }"). They're also semantically somewhat similar, yet you manage to write in the language you intend to.
Wouldn't the same thing be true for english and ${english-like programming language}?
5.3 You shall not use, nor allow any other(s) to use, the service to:
(a) store, send, knowingly receive, upload, download or distribute any material that is unsolicited, defamatory, offensive, abusive, obscene, pornographic or menacing, or in breach of copyright, confidence, privacy or any other rights;
The way I read the legalese, you're not allowed to download (via POP3) and not delete (that is, store) spam. I'm not sure whether the "knowingly" only applies to the things between the same commas it itself is between or whether it also applies to the "download" part, but if it's the latter, how the f...
Are they deliberately phrasing the contract such that everyone is violating the contract (unless they don't use email)?
(Probably not, it's just my tin foil hat that's malfunctioning again.)
Now what I don't understand is that they don't seed the tracked with some false IPs
Under the assumption that the party sending out the letters is doing the due diligence thing, they'd connect to the IP claiming to seed and ask it for a chunk of the torrented bit sequence. If the client doesn't get one, there's no infringement going no.
Now, we can discuss whether the due diligence assumption is realistic, of course, but if I were them and I was genuine about preventing piracy (as opposed to going scaremongering), that's what I'd do. (fwiw...)
So instead of trusting an ISP, you have to trust... an ISP?
If the VPN provider is lax and/or manages to dodge the laws and regulations you want to avoid, won't they also be great hosts for your spam/DoS endeavour? Won't the VPN provider be blocked at the sites where the spam/DoS hits? How will it affect latency and bandwidth? Can the internet sustain a substantial number of users doing weird triangular routing (increasing the packet path length)?
I'm not trying to say it's ironclad that VPN'ing won't work. But I think there are some questions one should answer before declaring this to be the long-(or just mid-)term solution for the future.
Oh they do! They care about the law so badly they're willing to break it to enforce it, when said enforcement is aligned with their motives---either directly as profit profit, or as part of a strategic profit-enhancing terrorism campaign.
Yes, terrorism---they want you to feel terror (fear) that you might get caught and put through the courtroom meat grinder.
That's fine, except slashdot.org:80 doesn't think "jqncugir8o486" looks like a valid HTTP request. I've also had problems on other sites, and with torrenting linux ISOs, world of warcraft, streaming media, SMTP, IRC, instant messaging and many other applications.
I could of course force the other end to decrypt my stuff, but that involves controlling computers I don't own, which means if that's how we play I should expect others to take control of my computers. No. Bad. Very bad. (It's probably also illegal.)
We can only encrypt our communication when we're talking to people who want to decrypt what we send them. Given that this costs CPU cycles (electricity, money), we shouldn't expect profit-driven organizations to do this much; given how complex IT security is and how we want HTTPS to protect our slashdot password, we might come off as paranoid ("why are you making a big deal out of it? It's just another internet forum, why would anyone steal your account, and why do you care so much?"). That makes it a hard sell.
Saying "encrypt everything" is fine, and I think that's what we ought to be doing. But how do we get to there from here?
If the language is english, suddenly you can bypass all those expensive, crotchety programmers.
And the thing is, even if the syntax is word-heavy rather than symbol-heavy, it's still not easier to learn!
Why not? Because you still need to understand the weird, contorted formal grammar of a programming language. How do you say widget.visible = true in English? "Set widget's visible to true"? "Set the visible of the widget to the value true"? "Set visible of window to true"?
Furthermore, you also need to know what you can and can't talk about. How do you come up with "Import the sha1sum function from the cryptography package" on your own? You need to read the standard library documentation (or at least the index) to know that this is a sensible thing to say.
One thing that using a word-heavy syntax might do is make it easier for new programmers to understand the meaning of what they're writing. Does = test for equality or does it assign? Which one was == again? It's easier to understand "if myvariable equals 10 then [...]" than "if myvariable == 10:..." if you don't have a good memory for symbolic syntax. However, that's the easy part and the part you learn as one of the earliest things.
Being word-heavy is good for some things. I don't know that everyone agrees which things those are, nor that everyone agrees on the value of being good at those things. In fact, I think people disagree on those:)
Becoming good at programming, and writing good applications, is something that you can achieve if you put in enough effort.
Back when I just learned C, I had the "joy" of looking at undecipherable stack traces (with no symbols) every time my programs would segfault. At my current skill level, they probably would have been easy to figure out, but they weren't back then. Yet, I stuck to it and stubbornly printf-debugged my programs, eventually learning the patterns and principles that make for good C programs.
If you want to become a programmer, or a good programmer, or a better programmer, effort does pay off. Big time.
79% accurate. That's pretty useless. I've got a pair of dice that can do just as badly.
You may be interested in purchasing this chip I have here. It has a very nice fdiv routine. Since we're so good friends, I'll give you a 100.00001353% discount.
Slashdot Mirror
Use the right tool for the right job.
Okay. Let's see. I want to deliver rich applications over the web (with all the good properties of universal accessibility and no user administration) that do heavy client-side processing. I have to write in a programming language that virtually all browsers will run.
For that, javascript is the right tool because it's the only tool. It doesn't matter how ill-suited it is for the task at hand, it's all I got.
When you have to get that nail punched in, every tool looks like a hammer.
Javascript is too dynamically typed. In my experience, testers constantly find bugs caused by [...], misspelled variable names, or other basic things that a compiler could have detected.
It's not impossible to do static analysis of code written in interpreted, dynamically typed languages. (There's such a thing for python.)
Or rather, it's not more impossible---see Rice's theorem---than it is for compiled, statically typed languages.
It's just that (apparently) nobody knows or uses a good static javascript analysis tool. Maybe because it doesn't exist; I don't know.
In fact there are almost infinite uses for a computer.
Consider that computers are (in some sense) universal turing machines, and the set of all turing machines is countably infinite.
Computers don't have "almost infinite uses", they have exactly (countably) infinite uses.
</pedant>
I like this one: http://store.xkcd.com/xkcd/#Science
Because god damn bitches, that science thing works!
Wait, so...
The shipping companies don't lose money because they're insured, and the insurers don't lose money because they up the premiums, yet the premium increases don't come out of the shipping companies' pockets?
Sir, I think you have described a perpetuum monetare, a perpetual money machine. While Madoff would be proud, the second law of thermoeconomics says it can't exist.
Think of it this way: if a set of goods is on one set of hands instead of another, the other set of hands is (duh) not having those goods. It lost the equivalent to the amount of money those hands value the goods at. It can spread the loss around (some to itself, some to the insurance company, some to their customers, for instance), but there is a loss.
Otherwise, contemplate the world where I steal everything from everybody, own all the land, and won't trade with anyone; you can all shuffle dollar bills back and forth between insurance companies and the insured, but that won't get you your cars, computers or factories back.
Um... questioning authority is kinda the hallmark of science.
I understand what you're saying, but...
Well, challenging authority with evidence is the hallmark of science. In the past, the authority (i.e. power) was typically part of a religious institution. These days (this is how I interpret your parent post) people use opinion to challenge the authority of the scientific process (as distinct from the authority of individual scientists).
I think well-practised science has authority (over factual matters). Religion does not. But well-practised science challenges itself with evidence.
I think we can agree on something :)
(The words you give aren't exactly incorrect, they're just a weird choice of forms)
For the benefit of those of us who haven't studied latin but are interested in languages, what are the forms you've given? What are the forms OP has given? If those answers don't make it readily apparent, why are OP's choices weird?
I'd bet half of the people who mock windows users for downloading and installing untrusted software would download this, type in their root password, and let it install.
Why wouldn't they compile it with --prefix=~/local/ instead? That way, you know where you install all your shi^Wsoftware...
then show this code to whomever it will help actually fix those holes but try not to release it to the public at large
I'm sorry to bring up an argument that everyone has already heard (or work out on their own), but I think it warrants a saying (yet again):
How about also releasing information about workarounds to the countless systems administrators who are in a position to deploy that workaround? (Good luck on doing that while not releasing information to the general public)
My son's system got hacked that way [backwards "..."] "Here download this program, run it, ignore any warnings, choose 'allow' for every UAC prompt, and then it will give me remote control of your system so I can 'fix' it for you." [...] I was busy in the other room [...] Teenagers, seesh, looking for the quick fix, but adults are just as dumb and fall for the same thing as there are so many helpful strangers on the Internet
The problem, as I see it (and it's only a guess, but hear me out), is one of conditioning.
Windows (I've used 95, 98, XP) tends to warn about pretty harmless stuff. "Are you sure? Only click yes if you want me to do what you just asked me to." Or "Warning: [weird undecipherable sentence about cryptography that will take those who know about crypto a good 15 minutes of research to answer the right way with a modest success rate]. Yes or no?" And clicking "Yes" always works. "Warning: running this program might have side effects (as opposed to just spending its cycles making your CPU hotter). Run it?"
A lot of repeated trials of this ought to condition users to take warnings with a grain (well, bucket) of salt. Add on top of this all the experiences where they copy-paste the error message into google, find a forum post which fixes their problem, or ask someone on IRC and they provide the solution, and people will learn to trust strangers on the internet (because said trust is most often warranted).
Ask yourself how you solve technical problems with your boxes. Do you research everything yourself? Or do you use google/IRC/...?
I don't know exactly how the situation looked through the eyes of said teenagers. Did it really explicitly say "let me take control of your computer"? By your own statement, you were away when it happened. Did you go back and look afterwards?
Most of the things you find on the net is the good stuff. Windows conditions users into not taking warnings as a serious sign of (potential) danger. Is doing what your environment tells you is the right thing called "looking for the quick fix" these days?
Right!
That's why you store a LaTeX document in git.
Oh, and get some nerdier friends ;-)
Yep, I'm a bit perturbed over this. All this politically correct crap is getting people killed.
As opposed to the solutions that would actually work. They'd get other people killed.
(But I see what you mean, and agree...)
s/assent/ascent
syntax error: line 1, column 16: missing /
I agree (you kinda' make my point), except on one point:
If I had to reprogram my brain switching between English and almost-English
How many different-but-very-similar programming languages do you know? How big a problem do you have switching between them? At a very boring syntactical level, C, C++, java, javascript, php and perl (and probably a few others I can't remember right now) are very similar ("if (condition) { [...]; }"). They're also semantically somewhat similar, yet you manage to write in the language you intend to.
Wouldn't the same thing be true for english and ${english-like programming language}?
5.3 You shall not use, nor allow any other(s) to use, the service to:
(a) store, send, knowingly receive, upload, download or distribute any material that is unsolicited, defamatory, offensive, abusive, obscene, pornographic or menacing, or in breach of copyright, confidence, privacy or any other rights;
Hmm...
Your post^W^H contract advocates a
( ) technical (X) legislative (X) market-based ( ) vigilante
approach to fighting spam. [...]
The way I read the legalese, you're not allowed to download (via POP3) and not delete (that is, store) spam. I'm not sure whether the "knowingly" only applies to the things between the same commas it itself is between or whether it also applies to the "download" part, but if it's the latter, how the f...
Are they deliberately phrasing the contract such that everyone is violating the contract (unless they don't use email)?
(Probably not, it's just my tin foil hat that's malfunctioning again.)
Now what I don't understand is that they don't seed the tracked with some false IPs
Under the assumption that the party sending out the letters is doing the due diligence thing, they'd connect to the IP claiming to seed and ask it for a chunk of the torrented bit sequence. If the client doesn't get one, there's no infringement going no.
Now, we can discuss whether the due diligence assumption is realistic, of course, but if I were them and I was genuine about preventing piracy (as opposed to going scaremongering), that's what I'd do. (fwiw...)
Or that's my $0.02
(Pardon the pun) you are right on the money! ;-)
So instead of trusting an ISP, you have to trust... an ISP?
If the VPN provider is lax and/or manages to dodge the laws and regulations you want to avoid, won't they also be great hosts for your spam/DoS endeavour? Won't the VPN provider be blocked at the sites where the spam/DoS hits? How will it affect latency and bandwidth? Can the internet sustain a substantial number of users doing weird triangular routing (increasing the packet path length)?
I'm not trying to say it's ironclad that VPN'ing won't work. But I think there are some questions one should answer before declaring this to be the long-(or just mid-)term solution for the future.
[RIAA/ISPs/gov doesn't care about the law]
Oh they do! They care about the law so badly they're willing to break it to enforce it, when said enforcement is aligned with their motives---either directly as profit profit, or as part of a strategic profit-enhancing terrorism campaign.
Yes, terrorism---they want you to feel terror (fear) that you might get caught and put through the courtroom meat grinder.
Encrypt everything.
That's fine, except slashdot.org:80 doesn't think "jqncugir8o486" looks like a valid HTTP request. I've also had problems on other sites, and with torrenting linux ISOs, world of warcraft, streaming media, SMTP, IRC, instant messaging and many other applications.
I could of course force the other end to decrypt my stuff, but that involves controlling computers I don't own, which means if that's how we play I should expect others to take control of my computers. No. Bad. Very bad. (It's probably also illegal.)
We can only encrypt our communication when we're talking to people who want to decrypt what we send them. Given that this costs CPU cycles (electricity, money), we shouldn't expect profit-driven organizations to do this much; given how complex IT security is and how we want HTTPS to protect our slashdot password, we might come off as paranoid ("why are you making a big deal out of it? It's just another internet forum, why would anyone steal your account, and why do you care so much?"). That makes it a hard sell.
Saying "encrypt everything" is fine, and I think that's what we ought to be doing. But how do we get to there from here?
If the language is english, suddenly you can bypass all those expensive, crotchety programmers.
And the thing is, even if the syntax is word-heavy rather than symbol-heavy, it's still not easier to learn!
Why not? Because you still need to understand the weird, contorted formal grammar of a programming language. How do you say widget.visible = true in English? "Set widget's visible to true"? "Set the visible of the widget to the value true"? "Set visible of window to true"?
Furthermore, you also need to know what you can and can't talk about. How do you come up with "Import the sha1sum function from the cryptography package" on your own? You need to read the standard library documentation (or at least the index) to know that this is a sensible thing to say.
One thing that using a word-heavy syntax might do is make it easier for new programmers to understand the meaning of what they're writing. Does = test for equality or does it assign? Which one was == again? It's easier to understand "if myvariable equals 10 then [...]" than "if myvariable == 10: ..." if you don't have a good memory for symbolic syntax. However, that's the easy part and the part you learn as one of the earliest things.
Being word-heavy is good for some things. I don't know that everyone agrees which things those are, nor that everyone agrees on the value of being good at those things. In fact, I think people disagree on those :)
and it takes both skill and talent to pull off a well-written application
In light of the recent article about achievements in games, http://games.slashdot.org/article.pl?sid=09/11/26/0628247, and the broader implications of those ideas, I'd like to point out:
Becoming good at programming, and writing good applications, is something that you can achieve if you put in enough effort.
Back when I just learned C, I had the "joy" of looking at undecipherable stack traces (with no symbols) every time my programs would segfault. At my current skill level, they probably would have been easy to figure out, but they weren't back then. Yet, I stuck to it and stubbornly printf-debugged my programs, eventually learning the patterns and principles that make for good C programs.
If you want to become a programmer, or a good programmer, or a better programmer, effort does pay off. Big time.
I knew this universe was violent!
Blame god. He goes and kills a kitten every night after he visits me to tuck me in.
Err... I mean... Forget I said anything. Yes, it's violent here. Ahem.
79% accurate. That's pretty useless. I've got a pair of dice that can do just as badly.
You may be interested in purchasing this chip I have here. It has a very nice fdiv routine. Since we're so good friends, I'll give you a 100.00001353% discount.
What if the Dolphin button talks back?
What if the Dolphin button takes an interest in the kid's life?
[Dr. Emacs] What happened when people understand that all the dolphin buttons in the world are not going to make a difference?