Some software can be proven secure. Look at sel4. It's just that software engineers take shortcuts. If you design an aircraft wing you have to prove that it can take the load with math and physics. When we write software we assume it's good enough because we "tested it thoroughly". I guess it's time to start treating software engineering like real engineerings. Hold them accountable and teach them how to prove things secure before they are allowed to use technology. I feel like most software engineering are simply stumbling around in the dark when it comes to security.
Yep. Processes have memory. Memory is divided into pages. Some pages are shared by multiple processes. Initially some pages are marked read only. If the child writes to the page you get a page fault. The fault causes the kernel to make a copy of the page and maps the copy into to the original virtual address space.
Multiple processes may share that original readonly page, so if exploit the bug and write to it then you actually are writing to a page shared by multiple processes.
Yes, but xml actually served a need. Bank controlled blockchains don't serve a need. Banks establish trust by being a fucking Bank. Bitcoin needs a proof of work function to establish trust. A blockchain with a backdoor still depends on the original trust of the bank. If you can trust a bank why do you need a blockchain. If you can't trust a bank then the backdoor they build into the blockchain isn't going to make me trust it anymore.
This is wrong. The little guy does a patent search and loses . Due diligence is made impossible by this. If you have an idea and invest millions then you find out you're fucked that's enough to break the entrepreneurial spirit of many people.
Level 3 autonomous cars are inherently dangerous. Jim McBride was right when he said, "We're not going to ask the driver to instantaneously intervene—that's not a fair proposition."
We should focus on the standard which level 4 autonomous cars will be judged. Pick the right one and they will be safe and pick the wrong one and we will see them crash.
It should be illegal to ship an Internet connected device that doesn't...
1. Support secure boot, so that a system won't run not unauthorized software unless a user explicitly overrides it.
2. Support an authentication method where the device keys can't be copied off the device after the device software has been modified. A modified device shouldn't be granted access to network services without explicit user consent. Can you imagine a modified echo ordering tons of crap to unsuspecting victims?
Using a blockchain is like hammering in a nail with a rake.
If you want an audit log, all you really need is a replicated log. Just look at paxos for the proof of correctress and the limitations. For example how many unreliable actors you can have in your system
California has had regular decade long drought. It's not an affect of global warming despite what most of my fellow Californian think. Mother nature isn't homeostatic. Also when the levees break in these coastal towns they think it's so unusual, but the water was there to begin with. If see level rise is inevitable we will fight back. This mass migration thing are bullshit. There are plenty of places under sea level and humans have built massive structures to live there. California has deverted tons of water and is bringing desalination plants back online to keep the status quo. We humans are increasingly stubborn when faced with weather change. I see no reason why we won't be successful with climate change.
Mylar will degrade when subjected to heat, humidity and in some cases biological contamination. I wouldn't want to store launch codes on a floppy that has been stored in just any condition. I think the federal government can pay to have new ones manufacturered.
I would bet that DuPont is still making these for them.
Only the creepy ones that move, but don't appear to do anything useful. I prefer my robots the have function, like actually been able to navigate some spaxe on its own. This is a toy that literally has a monthly subscription. I'm a little disappointed because an article about robots and space is really just slashvertisment.
AOT makes sense for certain application. Also AOT doesn't mean AOT only. If you want to use it with a tracing JIT I see no reason why these technologies are incompatible.
The problem I have with Java is that with some java programs it takes less time for an equivalent C program to compile and run than an that java program to do all of its dynamic linking and finally run. You don't have to do AOT, but all those string compares during loading really slows things down. Each symbol has to be looked up and compared.
With native libraries often times shared libraries are already in memory. The libraries are simply mapped into a processes address space. In java land each time you load a library it takes up its own space and that overhead is not shared by multiple processes. It seems silly that these processes can't share their compilation efforts.
We have a ways to go with runtimes. The first step is oracle admitting they are the problem.
Windows 10 Enterprise is the only edition that supports LTSB. Basically, Microsoft wants everyone to pay an additional licensing cost and throw out their original Windows 10 license for the privilege of not being part of their continuous deployment. I believe agile can work for operating systems, but Windows 10 home/pro/IoT/Mobile editions are guinea pigs while Microsoft figures out how to do it. You will get burned until Microsoft adapts to this new methodology of development, deployment and testing.
Let me play devils advocate for a second. The federal government will always have jurisdiction over the DNS servers in the US. If US dns servers are forced to use a new authority, there's nothing IANA can do about it. The FCC would have no problem finding the means of enforcing it. Also many other countries I think would follow our lead if the DNS system became bifurcation. Either way our government will find ways to gain regulatory power.
A 10 year old hacker knows you don't need Russia to shield you. The Swiss do a good enough job at that and if you're not going through at least 10 different countries when anonymizing your traffic, even if you're in russia, you'll end up waking up with a bag over your head wishing you took anonymity a little more seriously. The trick is to always have one more country people can blame for your hacking, each a little more hostile than the next. I believe the majority people who are hacking the US are in the US. Why not? They have nothing to lose by physically being here and plenty to gain.
The sale price on most retail sites is usually more expensive than the price on Amazon. I usually do a quick search for prices prior to each purchase even if I ultimately buy from Amazon. I rarely will use a site that doesn't use one of the major pay services(paypal, google, Amazon) for fear of releasing CC info to yet another irresponsible retailer.
Slashdot Mirror
Ever hear the story the tortoise and the hare? In this version the hare blows up. It's really not that hard to be humble.
There was only a slight increase in cancer in rats. It's hilarious watching those rats flip out as they go over the roller coaster.
Some software can be proven secure. Look at sel4. It's just that software engineers take shortcuts. If you design an aircraft wing you have to prove that it can take the load with math and physics. When we write software we assume it's good enough because we "tested it thoroughly". I guess it's time to start treating software engineering like real engineerings. Hold them accountable and teach them how to prove things secure before they are allowed to use technology. I feel like most software engineering are simply stumbling around in the dark when it comes to security.
Because we have a 24 hour news cycle and insufficient real news to fill it.
Yep. Processes have memory. Memory is divided into pages. Some pages are shared by multiple processes. Initially some pages are marked read only. If the child writes to the page you get a page fault. The fault causes the kernel to make a copy of the page and maps the copy into to the original virtual address space.
Multiple processes may share that original readonly page, so if exploit the bug and write to it then you actually are writing to a page shared by multiple processes.
Yes, but xml actually served a need. Bank controlled blockchains don't serve a need. Banks establish trust by being a fucking Bank. Bitcoin needs a proof of work function to establish trust. A blockchain with a backdoor still depends on the original trust of the bank. If you can trust a bank why do you need a blockchain. If you can't trust a bank then the backdoor they build into the blockchain isn't going to make me trust it anymore.
This is wrong. The little guy does a patent search and loses . Due diligence is made impossible by this. If you have an idea and invest millions then you find out you're fucked that's enough to break the entrepreneurial spirit of many people.
Level 3 autonomous cars are inherently dangerous. Jim McBride was right when he said, "We're not going to ask the driver to instantaneously intervene—that's not a fair proposition."
We should focus on the standard which level 4 autonomous cars will be judged. Pick the right one and they will be safe and pick the wrong one and we will see them crash.
It should be illegal to ship an Internet connected device that doesn't...
1. Support secure boot, so that a system won't run not unauthorized software unless a user explicitly overrides it.
2. Support an authentication method where the device keys can't be copied off the device after the device software has been modified. A modified device shouldn't be granted access to network services without explicit user consent. Can you imagine a modified echo ordering tons of crap to unsuspecting victims?
This protects consumers.
Using a blockchain is like hammering in a nail with a rake.
If you want an audit log, all you really need is a replicated log. Just look at paxos for the proof of correctress and the limitations. For example how many unreliable actors you can have in your system
California has had regular decade long drought. It's not an affect of global warming despite what most of my fellow Californian think. Mother nature isn't homeostatic. Also when the levees break in these coastal towns they think it's so unusual, but the water was there to begin with. If see level rise is inevitable we will fight back. This mass migration thing are bullshit. There are plenty of places under sea level and humans have built massive structures to live there. California has deverted tons of water and is bringing desalination plants back online to keep the status quo. We humans are increasingly stubborn when faced with weather change. I see no reason why we won't be successful with climate change.
Mylar will degrade when subjected to heat, humidity and in some cases biological contamination. I wouldn't want to store launch codes on a floppy that has been stored in just any condition. I think the federal government can pay to have new ones manufacturered.
I would bet that DuPont is still making these for them.
Only the creepy ones that move, but don't appear to do anything useful. I prefer my robots the have function, like actually been able to navigate some spaxe on its own. This is a toy that literally has a monthly subscription. I'm a little disappointed because an article about robots and space is really just slashvertisment.
AOT makes sense for certain application. Also AOT doesn't mean AOT only. If you want to use it with a tracing JIT I see no reason why these technologies are incompatible.
The problem I have with Java is that with some java programs it takes less time for an equivalent C program to compile and run than an that java program to do all of its dynamic linking and finally run. You don't have to do AOT, but all those string compares during loading really slows things down. Each symbol has to be looked up and compared.
With native libraries often times shared libraries are already in memory. The libraries are simply mapped into a processes address space. In java land each time you load a library it takes up its own space and that overhead is not shared by multiple processes. It seems silly that these processes can't share their compilation efforts.
We have a ways to go with runtimes. The first step is oracle admitting they are the problem.
Windows 10 Enterprise is the only edition that supports LTSB. Basically, Microsoft wants everyone to pay an additional licensing cost and throw out their original Windows 10 license for the privilege of not being part of their continuous deployment. I believe agile can work for operating systems, but Windows 10 home/pro/IoT/Mobile editions are guinea pigs while Microsoft figures out how to do it. You will get burned until Microsoft adapts to this new methodology of development, deployment and testing.
You have some incredibly power hungry routers.
Let me play devils advocate for a second. The federal government will always have jurisdiction over the DNS servers in the US. If US dns servers are forced to use a new authority, there's nothing IANA can do about it. The FCC would have no problem finding the means of enforcing it. Also many other countries I think would follow our lead if the DNS system became bifurcation. Either way our government will find ways to gain regulatory power.
A 10 year old hacker knows you don't need Russia to shield you. The Swiss do a good enough job at that and if you're not going through at least 10 different countries when anonymizing your traffic, even if you're in russia, you'll end up waking up with a bag over your head wishing you took anonymity a little more seriously. The trick is to always have one more country people can blame for your hacking, each a little more hostile than the next. I believe the majority people who are hacking the US are in the US. Why not? They have nothing to lose by physically being here and plenty to gain.
The sale price on most retail sites is usually more expensive than the price on Amazon. I usually do a quick search for prices prior to each purchase even if I ultimately buy from Amazon. I rarely will use a site that doesn't use one of the major pay services(paypal, google, Amazon) for fear of releasing CC info to yet another irresponsible retailer.
I'm finding a correlation between warm weather in California and these articles. That's better statistics than is in this journal.
So why aren't they teaching game modding in high school?
There are many assembly languages. It's not fair to group them together as one language.
Give it time.
The only editor I can't load with 8GB of RAM is Microsoft Office.
No, but it makes a decent OS.