What a crock of crap. As an IIS Admin I will not sit here and act like IIS is perfect (it is a royal pain in the arse actually), but this is just clueless reporting(?).
Not to mention that if MS were to abandon IIS, there would suddenly be huge numbers of web sites running on abandoned software. At the moment, there is a ton of trust in MS among corporate types. Such a move would go a long way to destroying the basis for the MS monopoly, and they certainly know it.
You're comletely missing the point of everyone who claims that the 100:1 compression of random data is bullshit. n:1, n>1, compression of random data is bullshit. Yes, there are compression algorithms for all sorts of non-random data, but that's not what's at issue here.
I think their steganography breaking system just stinks. I've been party to stego'd image passing years ago, so I *know* they exist(ed) on usenet:-). On the other hand, the message was usually encrypted, too, so that might be tripping them up.
One of us doesn't know what a heap overflow is, and I suspect it's not me. "Heap overflow" just means buffer overflow. If my memory is laid out like:
...AAAAAAAAAAAxxBBBBBBBBBB...
Where the A's are some buffer A, the B's are some buffer B, and the x's are unused due to alignment issues. A buffer overflow occurs when I start writing in A, but keep going through the x's and into B's space. This only happens in languages without automatic bounds checking, and when porogrammers don't check the bounds themselves. If you go reread my previous post, you'll see that this is exactly what I was talking about preventing.
Partly, yes. I only use C when I need to, for a variety of reasons, including this. But even still, there's no excuse, because I write something close to memory-safe code in C. With a fairly small set of utility functions and macros, you can get rid of the buffer-overflow potential of using the standard C library. From there, you just need to very consistently ensure that the functions you write make the callee responsible for checking for buffer ranges, etc., and not the caller. This is much easier to do than to make sure that the caller check this, because there tends to be more calling points (unless you call the function only once:).
This is in stark contrast to the ordinary C style, which is to assume that everything is big enough, and to tell the function consumer to be careful to ensure that that's true. From experience, we know that that's not a reasonable expectation. So, while switching to a more resonable language would solve this problem, even for people who insist on sticking with C, this is purely a result of reckless practice.
The non-profit security team w00w00.org started off 2002 by uncovering a serious flaw in AOL's Instant Messenger protocol.
The problem is in the implementation, not in the protocol. If it were in the protocol, that would make all clients at risk. As it is, only the official Windows client is vulnerable, because it implements game requests without checking for buffer overflow. I really don't understand why people still write code this way -- buffer overflows are so easy to prevent.
Somewhat (but only somewhat) offtopic: why on earth doesn't./ at leas browse through the links they post? It's not like they don't have the manpower. If they'd even looked at the article, they'd have caught this...
Read the article, Einstein. It's about used coffee grounds. Of course, they just use them as a carbon source, which is kind of a silly idea, because they're wonderful for compost, so if you're going to go to the trouble of recycling them, they'd make better fertilizer...
Seriously. If your boss's boss is out to get you, and isn't going anywhere, leave. Perhaps he has a reason to want you gone, good or bad, perhaps not. Ask a friendly co-worker if s/he thinks your boss's boss has something against you, and if so be gone. I don't know how many times I've had a co-worker who I liked sit on his hands saying he was looking for a new job, but wasn't doing much about it; they just sit and watch their good reccomendation turn into a lukewarm one into a poor one into being fired. While you're at it, think about if you could've done anything to have prevented the situation, whether it was reasonable or not, and if so, try to prevent a repeat at your next job. Leave while you're ahead, for godsakes!
[Oh, actually I do know how many times that's happened: 5 times in the 8 years I've been working. Kinda depressing. I don't even know how many times that's happened to a co-worker I didn't give a crap about.]
Damn it, a university is not a trade school! Only a small amount of the time in classes (maybe 1/3?) is spent in the nominal field of study - the rest of the time is spent getting a broad general education.
This is a really important point (that CS and business people seem to be the worst about understanding). And for CS especially, it's important. Someone who's great in CS, and is a great programmer is fairly useful. Someone with the above as well as knowledge in another domain is much more useful. With a few exceptions (compiler writers, OS implementors, academics), most programmers are working on a project for a specific domain. Knowledge of that domain is often vital for doing a good job.
What? I get moderated as a troll? No wonder slashdot is so impossible to read at high moderation settings these days. For those of you who weren't around iRC in the early and mid 90s, that rhyme was nostalgic, hence the smiley. I don't see *how* nostalgia could possibly be construed as anything but on-topic for a discussion of the oldest irc server going kaput.
Ob IRC: Seriously, though, where *do* folks on the west coast hook up nowadays?
Just hack your case! It's yours, right? You own it, right? So make it better fit your needs. Fuck a couple LEDs or buttons in the front, or, if you have an extra drive bay, use that. Just wire your shit to the front. I've been doing this for 10 years now, and I've been nothing but happy. It's convenient, *and* then I've got a customized case. Everything's all good.
Oh, whither IRC? Not only whither, but where? The last time I tried to get on efnet (almost exactly a year ago), I had to send out an email asking friends/aquaintances what server to use. My ordered-by-west-coast-goodness server list from back in the day (according to my comment in it, the last time I updated it was late '94) was completely inoperable. Damn!
I can really understand the exhaustion w/ efnet. I quit using it because we had to go to such lengths just to defend our chanels from "hackers". And for godsakes, a couple of 'em were formal democracies in organization! It's sort of like a world wherein a total lack of a life (*cough* scriptkiddies *cough*) can cause a small tactical nuclear weapon to materizlize in someone's lap -- it just doesn't leave much room for communities.
Oh, and by the way:
y'all suckers and motherfuckers
tryin to cop my nick
tryin to dis my skilz
bout to get a gun up in yo grilz
bitch!
-NoC 2001, 2o6/CStM/VpN/DTi/uC/and-all-that-shit
:-)
I'm pretty sure I was the first one rockin my handle on iRC -- I been rockin it since '90 and I'm gonna keep on rockin into the new millenium so best to watch your back, son.
Since you seem to like learning languages (a very good trait), I'd suggest you learn at least some Lisp. Becoming proficient with Lisp macros made me a better Perl programmer than any single other thing I've done. (Though one could get the same benefit by becoming proficient with higher-level messages in SmallTalk).
Few programmers want to learn a new language, especially one that is not C or C++. Working with a niche language is
tar pit. You become a specialist who can't find your next job because your experience is creating a resume that won't
make it past headhunters' keyword filters.
Do you say this from experience, or are you pulling this out of your ass? I've found that the fact that I know Lisp, Scheme, SmallTalk, and PostScript, along with the C++ or Java I'm being hired to do, is a good thing. All things being equal, wouldn't you rather hire the programmer with more diverse experiences? Well, even if you wouldn't, there are plenty of employers who see that as a positive thing.
However, you can certainly build support for these into the language. Transform your code (by hand or programatically) to CPS and voilà, instant continuations (well, they only work once, unless you're using purely functional code).
I have personally gotten a Lisp implementation to perform within 10-15 percent of C code on computationally
intensive code. I could perhaps have gotten even closer if it had been important to me. Or I could have chosen to use C
functions for the "inner loops" (which is in fact simpler than doing the same from Python). I sometimes do the latter
when I need to squeeze the last few bits out (or when I already have optimized C solutions for known algorithms
available).
When you already have optimized C solutions, then using C for the inner loops is a good idea (obviously). However, when you're trying to squeeze every last cycle out of the machine, C is as lousy a choice as Lisp. You can give the compiler a bunch of hints, but you can probably hand-optimize its assembler output to be yet faster. In which case you want to write in as high-level a language as you can, giving the compiler all the hints you can, and hand-transform the result.
I almost never have a need to do this in Lisp or C.
evolution dictates that any lifeform that does not take full advantage of its enviroment will not survive to procreate
Evolution dictates nothing of the sort. All that happens is the fittest of any set of organisms is more likely to survive.
There is no guarantee of optimality
Evolution guarantees nothing. And fitness in the sense used by evolutionists is generally misunderstood. In addition to being fitness for a specific environment at a specific time (which of course includes any later-deceased competitors), it also includes dumb luck. If the the most wonderfully fit group of organisms on an island happen to get killed when the volcano goes off, they weren't that well fit for their environment after all.
RMS has expressed on the Guile ML that he wants to replace Emacs Lisp with Guile (a robust version of Scheme) with
some sort of backward-compat mode for old elisp code. Don't know when that's gonna happen, though.:(
Just after Emacs/XEmacs re-merging, and just before the last Linux system is replaced by the HURD.
I should point out that the U.S. military already has
such a network (I'm not even going to ask why the Feds can't piggy-back on it),
so GOVNET would be for critically-important government agencies like the
Department of Agriculture to communicate.
Uh, you answered your own question. You want agencies as critical as the DoA piggy-backing on the DoD's secure net?
pi.c is one of those classics that's just to beautiful to describe. It's actually one of the easier winners to figure out (so I guess it's not *too* obfuscated), but it's so wonderful you can't help but to adore it. Can you figure out how it works? Here's a hint: carefully increase the size of the circle. You'll get a more accurate approximation of pi. Incredible.
Okay, $5000+, plus $40,000 for Sony, except you're forgetting one very important thing: this is academic research. For research, never let published prices discourage you. The vast majority of corporations are not only willing, but want to accomidate academics. After all, they used to be students, too, and when you're done, you'll know their system and will presumably be off to work in the real world. If you just ask, it's amazing what you can get.
I agree with you that it's his attitude and the offensive "well, not everyone needs to be a computer programmer" comment that's the problem.
His actions on the other hand, I have no problem with. He's trying to come up with a better system for himself: encoding meaning in the color of words. He pointed out himself that this same meaning could be given to things like typeface, volume, etc. It would be a problem if he came up with inaccessableForth, which gave him a slight productivity gain, then started advocating its use at the exclusion of people perfectly capable of computer science, just not his language. It would be possibly justifiable if he (and everyone using his system) got an order of magnitude productivity increase, IMO.
Oh Lord, the sense of entitlement people have drives me nuts. You thought up something you really want: first, you can check to see if someone already implemented something similar and gave it away or is selling it. If not, you can look for others interested in the same thing, and try to collaborate with them. Finally, you can pay someone to spend their time writing it for you (*cough* *cough*).
If you were content to do everything from within Emacs (writing letters, e-mail, web-browsing, using the shell can all be done), this wouldn't be too difficult. If you wanted it to be global across all applications, it'd be more work.
Slashdot Mirror
Not to mention that if MS were to abandon IIS, there would suddenly be huge numbers of web sites running on abandoned software. At the moment, there is a ton of trust in MS among corporate types. Such a move would go a long way to destroying the basis for the MS monopoly, and they certainly know it.
You're comletely missing the point of everyone who claims that the 100:1 compression of random data is bullshit. n:1, n>1, compression of random data is bullshit. Yes, there are compression algorithms for all sorts of non-random data, but that's not what's at issue here.
I think their steganography breaking system just stinks. I've been party to stego'd image passing years ago, so I *know* they exist(ed) on usenet :-). On the other hand, the message was usually encrypted, too, so that might be tripping them up.
One of us doesn't know what a heap overflow is, and I suspect it's not me. "Heap overflow" just means buffer overflow. If my memory is laid out like:
...AAAAAAAAAAAxxBBBBBBBBBB...
Where the A's are some buffer A, the B's are some buffer B, and the x's are unused due to alignment issues. A buffer overflow occurs when I start writing in A, but keep going through the x's and into B's space. This only happens in languages without automatic bounds checking, and when porogrammers don't check the bounds themselves. If you go reread my previous post, you'll see that this is exactly what I was talking about preventing.
Partly, yes. I only use C when I need to, for a variety of reasons, including this. But even still, there's no excuse, because I write something close to memory-safe code in C. With a fairly small set of utility functions and macros, you can get rid of the buffer-overflow potential of using the standard C library. From there, you just need to very consistently ensure that the functions you write make the callee responsible for checking for buffer ranges, etc., and not the caller. This is much easier to do than to make sure that the caller check this, because there tends to be more calling points (unless you call the function only once :).
This is in stark contrast to the ordinary C style, which is to assume that everything is big enough, and to tell the function consumer to be careful to ensure that that's true. From experience, we know that that's not a reasonable expectation. So, while switching to a more resonable language would solve this problem, even for people who insist on sticking with C, this is purely a result of reckless practice.
The problem is in the implementation, not in the protocol. If it were in the protocol, that would make all clients at risk. As it is, only the official Windows client is vulnerable, because it implements game requests without checking for buffer overflow. I really don't understand why people still write code this way -- buffer overflows are so easy to prevent.
Somewhat (but only somewhat) offtopic: why on earth doesn't ./ at leas browse through the links they post? It's not like they don't have the manpower. If they'd even looked at the article, they'd have caught this...
"Damn I've got a lot of VC ... lessee, where can I throw it", perhaps?
Read the article, Einstein. It's about used coffee grounds. Of course, they just use them as a carbon source, which is kind of a silly idea, because they're wonderful for compost, so if you're going to go to the trouble of recycling them, they'd make better fertilizer...
Seriously. If your boss's boss is out to get you, and isn't going anywhere, leave. Perhaps he has a reason to want you gone, good or bad, perhaps not. Ask a friendly co-worker if s/he thinks your boss's boss has something against you, and if so be gone. I don't know how many times I've had a co-worker who I liked sit on his hands saying he was looking for a new job, but wasn't doing much about it; they just sit and watch their good reccomendation turn into a lukewarm one into a poor one into being fired. While you're at it, think about if you could've done anything to have prevented the situation, whether it was reasonable or not, and if so, try to prevent a repeat at your next job. Leave while you're ahead, for godsakes!
[Oh, actually I do know how many times that's happened: 5 times in the 8 years I've been working. Kinda depressing. I don't even know how many times that's happened to a co-worker I didn't give a crap about.]
This is a really important point (that CS and business people seem to be the worst about understanding). And for CS especially, it's important. Someone who's great in CS, and is a great programmer is fairly useful. Someone with the above as well as knowledge in another domain is much more useful. With a few exceptions (compiler writers, OS implementors, academics), most programmers are working on a project for a specific domain. Knowledge of that domain is often vital for doing a good job.
What? I get moderated as a troll? No wonder slashdot is so impossible to read at high moderation settings these days. For those of you who weren't around iRC in the early and mid 90s, that rhyme was nostalgic, hence the smiley. I don't see *how* nostalgia could possibly be construed as anything but on-topic for a discussion of the oldest irc server going kaput.
Ob IRC: Seriously, though, where *do* folks on the west coast hook up nowadays?
Just hack your case! It's yours, right? You own it, right? So make it better fit your needs. Fuck a couple LEDs or buttons in the front, or, if you have an extra drive bay, use that. Just wire your shit to the front. I've been doing this for 10 years now, and I've been nothing but happy. It's convenient, *and* then I've got a customized case. Everything's all good.
I can really understand the exhaustion w/ efnet. I quit using it because we had to go to such lengths just to defend our chanels from "hackers". And for godsakes, a couple of 'em were formal democracies in organization! It's sort of like a world wherein a total lack of a life (*cough* scriptkiddies *cough*) can cause a small tactical nuclear weapon to materizlize in someone's lap -- it just doesn't leave much room for communities.
Oh, and by the way:
y'all suckers and motherfuckers
tryin to cop my nick
tryin to dis my skilz
bout to get a gun up in yo grilz
bitch!
-NoC 2001, 2o6/CStM/VpN/DTi/uC/and-all-that-shit
:-)
I'm pretty sure I was the first one rockin my handle on iRC -- I been rockin it since '90 and I'm gonna keep on rockin into the new millenium so best to watch your back, son.
Since you seem to like learning languages (a very good trait), I'd suggest you learn at least some Lisp. Becoming proficient with Lisp macros made me a better Perl programmer than any single other thing I've done. (Though one could get the same benefit by becoming proficient with higher-level messages in SmallTalk).
Do you say this from experience, or are you pulling this out of your ass? I've found that the fact that I know Lisp, Scheme, SmallTalk, and PostScript, along with the C++ or Java I'm being hired to do, is a good thing. All things being equal, wouldn't you rather hire the programmer with more diverse experiences? Well, even if you wouldn't, there are plenty of employers who see that as a positive thing.
However, you can certainly build support for these into the language. Transform your code (by hand or programatically) to CPS and voilà, instant continuations (well, they only work once, unless you're using purely functional code).
I almost never have a need to do this in Lisp or C.
Perhaps this is part of the reason no one renames LAMBDA as FUNCTION:
:my-package)
(in-package
(defmacro function (&rest stuff)
(cons 'cl:lambda stuff))
;;; Aw, crap, now what do I call function?
(defmacro sharp-quote (&rest stuff) ; maybe?
(cons 'cl:function stuff))
:-)
Uh, you answered your own question. You want agencies as critical as the DoA piggy-backing on the DoD's secure net?
pi.c is one of those classics that's just to beautiful to describe. It's actually one of the easier winners to figure out (so I guess it's not *too* obfuscated), but it's so wonderful you can't help but to adore it. Can you figure out how it works? Here's a hint: carefully increase the size of the circle. You'll get a more accurate approximation of pi. Incredible.
Okay, $5000+, plus $40,000 for Sony, except you're forgetting one very important thing: this is academic research. For research, never let published prices discourage you. The vast majority of corporations are not only willing, but want to accomidate academics. After all, they used to be students, too, and when you're done, you'll know their system and will presumably be off to work in the real world. If you just ask, it's amazing what you can get.
His actions on the other hand, I have no problem with. He's trying to come up with a better system for himself: encoding meaning in the color of words. He pointed out himself that this same meaning could be given to things like typeface, volume, etc. It would be a problem if he came up with inaccessableForth, which gave him a slight productivity gain, then started advocating its use at the exclusion of people perfectly capable of computer science, just not his language. It would be possibly justifiable if he (and everyone using his system) got an order of magnitude productivity increase, IMO.
Oh Lord, the sense of entitlement people have drives me nuts. You thought up something you really want: first, you can check to see if someone already implemented something similar and gave it away or is selling it. If not, you can look for others interested in the same thing, and try to collaborate with them. Finally, you can pay someone to spend their time writing it for you (*cough* *cough*).
If you were content to do everything from within Emacs (writing letters, e-mail, web-browsing, using the shell can all be done), this wouldn't be too difficult. If you wanted it to be global across all applications, it'd be more work.