Your last statement implies that they are double dipping, but I'm not sure they are. Say I have a packet from a customer of AT&T to a customer of Qualcom (both are Teer 1 I believe). AT&T will charge its customer once and Qualcom might even charge its, but that's only one dip each. (I'm not sure if transit arrangements typically charge for downstream traffic so I'm not sure Qualcom would be charing for it.)
All the techies like me out there should realize that these are fuzzy terms. 'Peering', 'transit' and 'customer' are merely common contract arrangements and are not technical definitions. In theory any pair of networks could have a contract for exchanging traffic that says basically anything they want.
From googling around and various research papers (it seems to be a hot area in economics since it follows different market rules) there seem to be two sets of definitions that can be associated with peering or transit. So when reading an article pay attention to which definition they are using.
Specifically, while almost every one includes "peers don't pay while transit is paid for by the smaller guy", some articles include "peers only route packets to customers" but others don't. Although be careful, because occasionally the term "peering" is even expanded to include all forms of traffic exchange including transit.
No it is not since I did not replace the terms at random. I did replace Creationism with another equally scientifically discredited "theory". Not some random view.
Your argument is invalid even if true because it is position independent(*). Take anything anyone has said about anything and you can make their argument sound silly by replacing the nouns just as you have. This is a form of begging the question (because it relies on an implicit analogy who's validity depends on the conclusion), with a touch of ad-hominem and a dab of snobbery (by assuming that alternative conclusions can only be reached by ignorance).
There is a simple example where it is easier to see. Consider the joke "intellectually honest, grasping basic science, and a flat earth believer; you can be any two but not all three".
While it sounds like a witty and compelling recrimination of flat earth believers, it can be used against anyone by inserting "round earth believer", "religious", "atheist" or whatever.
(*) Positions independence implies truth independence since some positions are true and others false in a non-trivial consistent logic. Unfortunately I haven't been able to find the formal name for this fallacy.
USB keys taking over is possible, but given that the production cost of a DVD is about $0.70 per DVD, the price of producing a USB key will have to fall significantly before this will work.
No. It should be like the GPL does it (*): They can charge you for the work, but they can't prevent you from giving or selling the work to someone else.
(*) Not exactly the GPL b/c that includes lots of other things that are not needed (e.g. virility, access to binary requires access to source, etc).
who should be responsible for the costs of distributing the law to the citizens?
Copyright doesn't help with paying for the cost of distribution. There are plenty of public domain works that are very widely published and distributed (e.g. some translations of the Bible such as the KJV are public domain but are still very widely distributed).
What copyright helps with is paying for the cost of creation. It has everything to do with the intellectual effort to create the work and nothing to do with the physical effort to print and distribute the work.
Now maybe the ICC has a reasonable claim that copyright helps them support the work of developing and maintaining/improving the standard, but the cost of printing the books and shipping them absolutely does not require copyright.
I am not defending the cop's actions, but when making an argument it is in your interest to get your facts right and in this regard you have made a tragic error.
You have confused the concepts of being detained and being arrested. They are very different beasts. This distinction is at least as old as Terry Stops (i.e. 1968), but IANAL so it might be much older. Even a traffic stop or a cop just asking someone questions to figure out what is going on in some cases might be considered being detained. So saying someone was detained really isn't saying much.
Again I am not defending the cop's actions, but if you want people to take your position seriously you have to present a legally and factually correct argument.
You're a tool in every sense of the word. It's 'enablers' like you that try to justify every wrongful action
And it's ad hominem attacks like that that give the internet a bad name.
Mod parent down because:
at least half of it is just name calling and
it misrepresents the GP's point because the GP was countering the GGP's claim that we have hit rock bottom. As the GP has pointed out we still have a lot longer that we can go.
One problem: the show never aired. (IIUC it was an entire show not just a segment.)
The RFID people are worried about the graphic portrayal of just how insecure the system is that would be shown in such an episode. They are not worried about people knowing in the abstract that there are insecurities.
Unless/until the show leaks and then gets Streisanded, the RFID people will have won.
NPC problems often exhibit "phase transitions" or pockets of the problem space that are easily solvable one way or the other. When the hard problems never occur in practice, keeping the code simple is the best way to go.
Once someone shows me a real-world, dpkg problem that would take unacceptably long to solve with the current dpkg solver (maybe one already exists), then we can talk about adding an optimized version. Until then, exponential dpkg problems should remain the province of jokes (as my post was originally intended).
JIT is a compiler interleaved with runtime. However JIT is not the only way to do things. JIT has a cost both in language implementation programming effort and runtime performance. If your compiler runs fast in addition to producing fast code, JIT is just a waste of time.
Consider Ikarus Scheme which is only 6 times slower than C. It doesn't use a JIT and it compiles the entire file before using it (i.e. the benchmarks thus include compilation time for Ikarus but not GCC since Ikarus doesn't have a command-line way to compile files before running them). The implementer of Ikarus purposely choose to go that route so he could concentrate on things that have larger impact on performance and as a result puts most other implementations to shame.
Ikarus is living proof that what the GP suggests isn't all that crazy.
Here's a link to back you up indicating that C++ is 1.2 times faster than C.
(Disclaimer: Yes, it's a benchmark. Yes, benchmarks are useless. Yes, this isn't even a very good benchmark. See link. But if used properly it can give ballpark performance ranges.)
That is a common myth but unless you call a factor of 2.0 immense, it it wrong. The truth is that the cost is immense only in the most naive implementations (*cough* ruby *cough). For example, while the compiler has to insert type checks whenever you do something like "+", with a well designed implementation that uses pointer tagging that should cost at most one bitwise-and and one branch-if-zero (with modern CPU pipelines that should cost a fraction of a cycle since the branch should predict fail and in the fail case there is no data dependency). In addition a well designed system will be analyzing the code and eliminate/commonize those checks whenever possible. Finally for really high performance some implementations allow you to run in unsafe mode where those checks are turned off (not applicable to untrusted JavaScript code in a browser but in other applications may be useful).
We could spend all day debating the details of this but in reality it all comes down to the numbers so lets talk numbers. Looking at the programming language shootout, I see Python Psyco, Scheme Ikarus, and Lisp SBCL as implementations of dynamically typed languages. Their performance relative to Intel C are 6.2, 5.9 and 2.0.
Bottom line, will dynamically typed languages always be slower than statically typed languages? Yes, but in good implementations it should only be a small (2-6) factor.
(Note, that Ikarus doesn't even do any heavy code analysis or optimization. It's just a good straight implementation of the language. I note this in case some cry foul that SBCL uses programmer supplied type hints and Psyco uses JIT specialization.)
It'll still be in the physical court records, and probably in the "internal" computerized documents.
Yes, but the more complete and usable records are around (e.g. the internet archive making a copy of the court web site), the greater the likely hood that they will survive to the historian to use.
Which Natural Law were you referring to? Because with at least a few of those drunkenness (public or otherwise) is considered immoral. Or maybe you really meant Utilitarianism (e.g. if it doesn't hurt others then it is a net positive and is then a moral good).
With the high quality video you can also better see what is wrong. Mostly the fake Emily lacks the same sharpness and definition that you can see with the real Emily.
Don't get me wrong, if it's for background actors or video games, the quality would be great. But what I want to see is someone trying this with a face that has lots of details (e.g. old man) and that has a significantly different face than the actor (e.g. old man face on a young woman actor) and with the actor turning their head and making lots of facial expressions. Then we'll see how good it is.
(This different face part may not apply since the company seems to focus on exact wireframe duplication of the performance.)
As you say the compression does eliminate the repetitions in the plain text that the attack I mentioned depends upon. For example if you turn off compression with "--gzip=my-gzip.sh" and my-gzip.sh contains just "cat", then the text will clearly repeat every 8KB while in default mode with compression I found no direct repetitions. (This surprises me since the compressed file is the same 8 bytes repeating so I would have thought there were only 8 alignments where each rsyncrypto block could start so there should have still been repetitions.)
However, not being a cryptographer myself, it is not clear to me whether even with compression there might be a more complicated pattern that remains after compression that is still detectable in the cipher text. For example, if an attacker watches a lot of rsync changes, over time he should be able to figure out where the rsyncrypto block boundaries are. With this information one knows that the first cipher block of each rsyncrypto block is encrypted with the same IV. This then reduces to the problem of cracking multiple small texts with the same IV. With CBC mode, I'm not sure how safe sharing IVs is considered. (*ducks* for the drug puns)
I hope this comes off in a good natured way. It would be nice if there was some academic paper out there analyzing the security of the system that rsyncrypto uses. But in that absence I'm just trying to think of all the ways an attacker could break it, before trusting my data to it.
By diff based attack I was referring to the fact that an attacker can know which parts of a file changed by diffing the old and the new encrypted files. This is a very minor leak and is to some extent(*) a necessary leak because the point of rsyncrypto is that you can take a diff. I only mentioned it to avoid confusion between the attack I mentioned and the diff-based one (but I seem to have generated more confusion as a result).
(*) One way to avoid this problem is to use a full/incremental backup solution (store encrypted full and incremental backups) in which case you only leak "how much" a file changes rather than "where" a file changed, but that isn't rsyncrypto's objective.
Slashdot Mirror
Your last statement implies that they are double dipping, but I'm not sure they are. Say I have a packet from a customer of AT&T to a customer of Qualcom (both are Teer 1 I believe). AT&T will charge its customer once and Qualcom might even charge its, but that's only one dip each. (I'm not sure if transit arrangements typically charge for downstream traffic so I'm not sure Qualcom would be charing for it.)
All the techies like me out there should realize that these are fuzzy terms. 'Peering', 'transit' and 'customer' are merely common contract arrangements and are not technical definitions. In theory any pair of networks could have a contract for exchanging traffic that says basically anything they want.
From googling around and various research papers (it seems to be a hot area in economics since it follows different market rules) there seem to be two sets of definitions that can be associated with peering or transit. So when reading an article pay attention to which definition they are using.
Specifically, while almost every one includes "peers don't pay while transit is paid for by the smaller guy", some articles include "peers only route packets to customers" but others don't. Although be careful, because occasionally the term "peering" is even expanded to include all forms of traffic exchange including transit.
http://en.wikipedia.org/wiki/Argument_from_ignorance
So, um did I at least win more than the original challenge offered?
The Earth has proven definitively not to be flat.
I live in 4D space and from here it is flat you insensitive clod.
No it is not since I did not replace the terms at random. I did replace Creationism with another equally scientifically discredited "theory". Not some random view.
Which as I said is begging the question.
Your argument is invalid even if true because it is position independent(*). Take anything anyone has said about anything and you can make their argument sound silly by replacing the nouns just as you have. This is a form of begging the question (because it relies on an implicit analogy who's validity depends on the conclusion), with a touch of ad-hominem and a dab of snobbery (by assuming that alternative conclusions can only be reached by ignorance).
There is a simple example where it is easier to see. Consider the joke "intellectually honest, grasping basic science, and a flat earth believer; you can be any two but not all three".
While it sounds like a witty and compelling recrimination of flat earth believers, it can be used against anyone by inserting "round earth believer", "religious", "atheist" or whatever.
(*) Positions independence implies truth independence since some positions are true and others false in a non-trivial consistent logic. Unfortunately I haven't been able to find the formal name for this fallacy.
USB keys taking over is possible, but given that the production cost of a DVD is about $0.70 per DVD, the price of producing a USB key will have to fall significantly before this will work.
online access should be free.
No. It should be like the GPL does it (*): They can charge you for the work, but they can't prevent you from giving or selling the work to someone else.
(*) Not exactly the GPL b/c that includes lots of other things that are not needed (e.g. virility, access to binary requires access to source, etc).
who should be responsible for the costs of distributing the law to the citizens?
Copyright doesn't help with paying for the cost of distribution. There are plenty of public domain works that are very widely published and distributed (e.g. some translations of the Bible such as the KJV are public domain but are still very widely distributed).
What copyright helps with is paying for the cost of creation. It has everything to do with the intellectual effort to create the work and nothing to do with the physical effort to print and distribute the work.
Now maybe the ICC has a reasonable claim that copyright helps them support the work of developing and maintaining/improving the standard, but the cost of printing the books and shipping them absolutely does not require copyright.
Well anything would be faster than where they where as the fourth slowest language on the shootout. (Ok, not anything: Ruby, PHP, and Tcl.)
I am not defending the cop's actions, but when making an argument it is in your interest to get your facts right and in this regard you have made a tragic error.
You have confused the concepts of being detained and being arrested. They are very different beasts. This distinction is at least as old as Terry Stops (i.e. 1968), but IANAL so it might be much older. Even a traffic stop or a cop just asking someone questions to figure out what is going on in some cases might be considered being detained. So saying someone was detained really isn't saying much.
Again I am not defending the cop's actions, but if you want people to take your position seriously you have to present a legally and factually correct argument.
You're a tool in every sense of the word. It's 'enablers' like you that try to justify every wrongful action
And it's ad hominem attacks like that that give the internet a bad name.
Mod parent down because:
One problem: the show never aired. (IIUC it was an entire show not just a segment.)
The RFID people are worried about the graphic portrayal of just how insecure the system is that would be shown in such an episode. They are not worried about people knowing in the abstract that there are insecurities.
Unless/until the show leaks and then gets Streisanded, the RFID people will have won.
But if no one ever shouts "Look, hole" even when at sea, no one ever man's the pumps or patches the holes.
First rule of optimization: Don't.
NPC problems often exhibit "phase transitions" or pockets of the problem space that are easily solvable one way or the other. When the hard problems never occur in practice, keeping the code simple is the best way to go.
Once someone shows me a real-world, dpkg problem that would take unacceptably long to solve with the current dpkg solver (maybe one already exists), then we can talk about adding an optimized version. Until then, exponential dpkg problems should remain the province of jokes (as my post was originally intended).
Since Sudoku is NP complete, doesn't this mean Dpkg is NP complete?!
Oh, the humanity! I'm just waiting for an evil set of dependencies to crop up that makes it go exponential.
JIT is a compiler interleaved with runtime. However JIT is not the only way to do things. JIT has a cost both in language implementation programming effort and runtime performance. If your compiler runs fast in addition to producing fast code, JIT is just a waste of time.
Consider Ikarus Scheme which is only 6 times slower than C. It doesn't use a JIT and it compiles the entire file before using it (i.e. the benchmarks thus include compilation time for Ikarus but not GCC since Ikarus doesn't have a command-line way to compile files before running them). The implementer of Ikarus purposely choose to go that route so he could concentrate on things that have larger impact on performance and as a result puts most other implementations to shame.
Ikarus is living proof that what the GP suggests isn't all that crazy.
Javascript has no hope of being comparable to C speedwise in ordinary use
Funny, since another dynamically dynamic language SBCL Lisp, gets within a factor of 2.0 of C.
Being the same speed? Never.
Being close enough that programmer performance matters more than program performance? Easy.
Here's a link to back you up indicating that C++ is 1.2 times faster than C.
(Disclaimer: Yes, it's a benchmark. Yes, benchmarks are useless. Yes, this isn't even a very good benchmark. See link. But if used properly it can give ballpark performance ranges.)
The overhead of dynamic types is quite immense
That is a common myth but unless you call a factor of 2.0 immense, it it wrong. The truth is that the cost is immense only in the most naive implementations (*cough* ruby *cough). For example, while the compiler has to insert type checks whenever you do something like "+", with a well designed implementation that uses pointer tagging that should cost at most one bitwise-and and one branch-if-zero (with modern CPU pipelines that should cost a fraction of a cycle since the branch should predict fail and in the fail case there is no data dependency). In addition a well designed system will be analyzing the code and eliminate/commonize those checks whenever possible. Finally for really high performance some implementations allow you to run in unsafe mode where those checks are turned off (not applicable to untrusted JavaScript code in a browser but in other applications may be useful).
We could spend all day debating the details of this but in reality it all comes down to the numbers so lets talk numbers. Looking at the programming language shootout, I see Python Psyco, Scheme Ikarus, and Lisp SBCL as implementations of dynamically typed languages. Their performance relative to Intel C are 6.2, 5.9 and 2.0.
Bottom line, will dynamically typed languages always be slower than statically typed languages? Yes, but in good implementations it should only be a small (2-6) factor.
(Note, that Ikarus doesn't even do any heavy code analysis or optimization. It's just a good straight implementation of the language. I note this in case some cry foul that SBCL uses programmer supplied type hints and Psyco uses JIT specialization.)
It'll still be in the physical court records, and probably in the "internal" computerized documents.
Yes, but the more complete and usable records are around (e.g. the internet archive making a copy of the court web site), the greater the likely hood that they will survive to the historian to use.
I was raised on the idea of natural law
Which Natural Law were you referring to? Because with at least a few of those drunkenness (public or otherwise) is considered immoral. Or maybe you really meant Utilitarianism (e.g. if it doesn't hurt others then it is a net positive and is then a moral good).
With the high quality video you can also better see what is wrong. Mostly the fake Emily lacks the same sharpness and definition that you can see with the real Emily.
Don't get me wrong, if it's for background actors or video games, the quality would be great. But what I want to see is someone trying this with a face that has lots of details (e.g. old man) and that has a significantly different face than the actor (e.g. old man face on a young woman actor) and with the actor turning their head and making lots of facial expressions. Then we'll see how good it is.
(This different face part may not apply since the company seems to focus on exact wireframe duplication of the performance.)
As you say the compression does eliminate the repetitions in the plain text that the attack I mentioned depends upon. For example if you turn off compression with "--gzip=my-gzip.sh" and my-gzip.sh contains just "cat", then the text will clearly repeat every 8KB while in default mode with compression I found no direct repetitions. (This surprises me since the compressed file is the same 8 bytes repeating so I would have thought there were only 8 alignments where each rsyncrypto block could start so there should have still been repetitions.)
However, not being a cryptographer myself, it is not clear to me whether even with compression there might be a more complicated pattern that remains after compression that is still detectable in the cipher text. For example, if an attacker watches a lot of rsync changes, over time he should be able to figure out where the rsyncrypto block boundaries are. With this information one knows that the first cipher block of each rsyncrypto block is encrypted with the same IV. This then reduces to the problem of cracking multiple small texts with the same IV. With CBC mode, I'm not sure how safe sharing IVs is considered. (*ducks* for the drug puns)
I hope this comes off in a good natured way. It would be nice if there was some academic paper out there analyzing the security of the system that rsyncrypto uses. But in that absence I'm just trying to think of all the ways an attacker could break it, before trusting my data to it.
By diff based attack I was referring to the fact that an attacker can know which parts of a file changed by diffing the old and the new encrypted files. This is a very minor leak and is to some extent(*) a necessary leak because the point of rsyncrypto is that you can take a diff. I only mentioned it to avoid confusion between the attack I mentioned and the diff-based one (but I seem to have generated more confusion as a result).
(*) One way to avoid this problem is to use a full/incremental backup solution (store encrypted full and incremental backups) in which case you only leak "how much" a file changes rather than "where" a file changed, but that isn't rsyncrypto's objective.