1978, aged 8, our school had a commodore pet 3032. i typed in a simple program in BASIC, 10 for i = 1 to 40, 20 print tab(i), i 30 next i, 40 goto 10 and watched the numbers 1 to 40 scroll across the screen. i figured "huh that was obvious, i can do that" and 25 years later i was reverse-engineering NT 4.0 Domains network traffic (often literally one bit at a time) by the same kind of logical inference of observing results and deducing knowledge.

by 2006 i learned that there is something called "Advaita Vedanta" which is crudely known in the west as "espistemology". Advaita Vedanta basically classifies knowledge (there are several types: inference is just one of them), and knowing *that* allows you to have the confidence in your abilities. up until i heard about Advaita Vedanta i was "hacking blind and instinctively", basically. now i know that reverse-engineering is basically an extreme form of knowledge inference. which is kinda cool.

yeah, me! were you around in 1995-1996 by any chance? in CB1 Cafe in cambridge UK i was the person who discovered that you could put zombies into the underground phase-tunnel vehicles, then sneak behind enemy lines (the underground vehicle could see "up" into one square at a time). i would go looking for artillery because artillery by default had a reaaally nasty habit of auto-firing at close-range enemies on a huuge delay. so, what would happen was: first zombie went up, artillery would turn and begin loading, zombie would go to nearest artillery craft and suicide, blowing up several. all artillery would fire, blowing up even more. second zombie up, artillery lock-and-load, zombie makes a beeline for.... you get the idea.

anyway the idea was good enough that it ended up on the hints-and-tips page. turns out that the people who we played were some of the people who worked at activision :)

huh. this sounds very similar to the theoretical virus designs i came up with many years ago. yes, you heard right: turn it round. instead of the programs on the computer being randomised so that they are resistant to malware attacks, randomise the *malware* so that it is resistant to *anti-virus* detection. the model is basically the flu or common cold virus.

here's where it gets interesting: comparing the use of randomisation in malware vs randomisation in defense against malware, it's probably going to start being used in malware before it gets used in defending against malware. why? because malware attackers have nothing to lose. unfortunately, they are likely to keep their compilers secret. even *more* unfortunately, successful creation of anti-malware randomising compilers means that the malware attackers can use them as well.

but, that is just a risk that has to be taken, and make sure a decent job is done of it.

ah, i wrote a diesel truck simulator in 1993 for Pi Technology: there is actually much more to it than that. with a bigger engine with higher torque it is possible to have the vehicle drive more often in its peak torque range where it has either better acceleration or better fuel economy or both.

with a smaller engine the effect you mention - that people put their foot to the floor - means that the engine has to rev its nuts off and thus operates waaay outside of its efficiency band.

you need to watch that program. have you watched the program yet? what did the program get across to you, and can you put it better than i can?

before making *any* judgement you *need* to watch the program on 5th gear which covers exactly this question in some detail. basically the test was designed originally for people driving sensibly, and it was designed i think well over 20 possibly even 30 years ago. so it has a very *very* gentle acceleration and deceleration curve. gentle acceleration because that is not only fuel-efficient but also the cars of that time simply could not accelerate that much, and gentle braking because again that is more fuel-efficient but also because if you had drum brakes they would overheat.

people no longer drive sensibly: they are more aggressive with other drivers (not keeping a safe distance), they put their foot down hard on the accelerator and they put their foot down hard on the brake. also as the cars are more reliable they tend to not maintain them properly: until i watched another program on 5th gear about how badly old oil affects fuel economy and the lifetime of the engine i had absolutely no intention of changing oil regularly in the decade-year-old cars i buy.

so, in effect, people should stop complaining and start driving in more fuel-efficient ways... *regardless* of how aggressive the person behind them gets when they set off from the lights at the same acceleration rate as a 40 tonne cargo lorry. that's the other person's problem.

i love descent, and i love that it's now software libre. i hope the guy who maintains d2x has stopped being an idiot by including patched versions of standard libraries such as libsdl without providing an option to replace them and forcing the patched versions to overwrite pre-installed software, but yes - awesome.

the thing about descent was that it was the first game with 6 degrees of freedom. i actually bought a special joystick that was capable of dealing with it (one designed for flight simulators) and after 2 to 3 weeks of practicing i was competent at side-motion circular slides firing at a target at the centre. the first 2 weeks were spent mostly getting motion sickness and having the nose of the craft bashed against a corner :)

it was also fun to watch spectators swaying from watching the screen! but, again, after a couple of weeks you got used to it, both as a player and as a spectator.

yeah - to those people who set up LAN parties: i hear ya :) i did the same. i think the lowest spec i got away with was a 486 SX 25 with 12mb of RAM, setting the screen to 320x240 and it was just about tolerable. i had to use 10-Base-T with terminators for goodness sake - what the heck i was doing with 5 networked computers in my house back in 1996 with just a 28kbaud modem i _really_ don't know!

so yes, absolutely: descent (the software libre version *or* a commercial version) gets my vote... *as long as* it has a community portal similar to that of Dark Reign, with a chat room so that people can meet other players, set up a match and play. that is bizarrely what's missing from bzflag: although bzflag has an in-game chat it doesn't hatve out-game community chat, very odd.

also, it would be awesome to see planetary-surface action as well, not just in mines (no matter how large). i always felt a little claustrophobic and the attack vectors would be very different in free space... interesting to think about the possibilities here, hmmm :)

we need an extra poll option: there needs to be a man walking in front of the vehicle holding a red flag:
http://en.wikipedia.org/wiki/L...

no not pam_ssh. not "ask for a 2nd passphrase at a 2nd prompt which is entered into the ssh system to unlock the ssh key" - have ABSOLUTELY NO login credentials AT ALL, and LITERALLY use the success/fail of the ssh passphrase (or gpg passphrase) unlocking *AS* the login. no /etc/shadow, no password field in /etc/passwd - nothing BUT unlock the gpg or ssh key.

so what's the difference between the NSA's plan and Hydra's plan in Captain America Winter Soldier? absolutely nothing as far as i can tell. can anyone tell me if i am mistaken?

depinit. written by richard lightman because he too did not trust the overcomplexity of sysv initscripts and wanted parallelism, it was adopted by linux from scratch and seriously considered for adoption in gentoo at the time. richard is extremely reclusive and his web site is now offline: you can get a copy of depinit however using archive.org.

using depinit in 2006 i had a boot to X11 on a 1ghz pentium in 17 seconds, and a shutdown time of under three. depinit has two types of services: one is the "legacy" service (supporting old style /etc/init.d/backgrounddaemon) and the other relied on stdin and stdout redirection. in depinit you can not only chain services together for their dependencies but also chain their *stdin and stout* _and_ stderr together.

that has some very interesting implications. for example: rather than have some stupid system which monitors /var/log/apache2/logfile for security alerts or /var/log/auth.log for sshd attacks, what you do is run sshd or apache2 as a *foreground* service outputting log messages to stderr, chained to a "security analysis" service which then chains to a log file service.

the "security analysis" service could then *immediately* check the output looking for unauthorised logins and *immediately* ban repeat offenders by blocking their IP address, rather than having to either poll the files (with associated delays and/or CPU untilisation) or have some insane complex monitoring of inodes which _still_ has associated delays.

also depinit catches *all* signals - not just a few - and allows services to be activated based on those signals. richard also had a break-in on one system, and they deployed the usual fork-and-continue trick, so he wrote some code which allowed the service-stopping code to up the agressiveness on hunting down and killing child processes. this also turned out to be very useful in cases where services went a bit awry.

basically the list of innovations that richard added to depinit is very very long, in what is actually an extremely small amount of code. i simply haven't the space to list them all, and no, richard was not a fan of network-manager either.

btw you might also want to look at the replacement for /bin/login that richard wrote. it was f****g awesome. basically what he did was use gpg key passphrases as the login credentials.... and ran gpg-agent automatically as part of the *login*. i have never even seen a PAM module which does this trick. it would be awesome to do the same trick for ssh as well.

it's fascinating what someone can get up to when they have the programming skill and the logical reasoning abilities to analyse existing systems that everyone else takes for granted, work out that those sytems are actually not up to scratch and can write their *own* replacements. it's just such a pity that nobody seems to have noticed what he achieved.

there is actually something which is far more useful to be able to do, more than any amount of books read, which is only really possible effectively and efficiently now that internet searches are possible (and quick, and accurate), and that is meta-learning. in its crudest most disparaging form one might mistakenly call this cut-and-paste programming but it is actually nothing of the sort.

basically what you do is treat everything as a black box, and use the principles of the 6 different types of knowledge (listed on the wikipedia page for Advaita Vedanta, which is mentioned specifically because the western word Epistemology is woefully inadequate) to basically reverse-engineer the subject matter and in effect teach yourself *on the go* by way of analysing the results achieved, even though you are starting out from quite literally zero knowledge.

it does however take a hell of a lot of balls to do this *whilst being paid* and most employers simply will not believe you when you tell them that this is something that you can do... and be *more effective* at applying this technique than people who have been explicitly trained or quotes have experience quotes in the field.

to be fair to those people who genuinely do have experience, often such people *may* have encountered the circumstances before, such that they *may* have the answer much quicker than you-who-has-no-experience-at-all, *but*, the critical critical thing that you need to tell prospective employers is: what happens when something falls *outside* of the experience of the person who quotes has experience quotes? whom then would the employer rather have (if they had to choose one or the other rather than both people) - the person who will get there in the end, regardless of what they are asked to do, or would they rather have the person who can get there *most* of the time but who does not have the skills or intelligence to work out the all-important remaining last 10% of the job, without which the contract will remain unfulfilled and the company will go bust because of it?

in short: no amount of reading will substitute for learning how to learn and applying that skill *every single moment of your life*. when i hear people say i am too old to learn it makes me cringe, and i feel sad for them - i cannot say anything so i have to remain silent - but i feel sad for them because i know that inside they have given up. the only time to give up learning is when you are actually dead, and not before!!!