That's a nice idea, but it won't work everywhere.

In x86, for instance, the majority of instructions affect global flag registers. You can have two instructions that operate on entirely different memory locations and GP registers, but when you swap them the flags will end up set differently.

You'll find very few instruction pairs that you can do this to without some ability to perform local analysis of the code.

You're right, I'm not sure why I said ASP. The difference in quality between AVC Baseline and High is still pretty immense though -- lack of proper B-frames is pretty significant just by itself

As someone who loves technology, I'd have loved to see us come to some understanding with MPEG LA to just license their stuff for all HTML5 use. VP8 is going to result in either a lot more bandwidth usage (at YouTube levels, quite an impressive lot more) or a lot less quality.

As someone who loves freedom and creativity, I'm happy that we have anything and I'm thankful for Google doing whatever undisclosed thing they did to release VP8 from patent shackles. I do disagree very much with their methods of stirring up so much support with flat out lies -- if they hadn't gone through with licensing it, there'd have been a lot of wasted work and potentially even people in legal trouble for using the format. It was very shady.

One worry I have is that the internet will become a bit like American broadcast TV. We're still sending the hugely inefficient MPEG2 over the air. A sort of "moving standard" agreement with MPEG LA would be pretty awesome -- do we want to still be using VP9 as anything but a legacy-supported format in ten years? twenty? The moment we want to jump on a new codec, or say we just continue to develop VP9 into VP10, It's all but guaranteed some of the next-gen techniques will already have been patented.

I've developed Windows drivers before and can say that while yes, it is just plain C or a subset of C++, the APIs are entirely new and come with various curveballs user-mode devs will not have ever dealt with like keeping track of what IRQ level you're at.

A simple driver is... well, fairly simple. Once you try to do anything interesting though, there's a lot to learn before you can be useful. I'm curious if Linux is any different.

VP8 is not in the same league as AVC. Technologically it is largely a subset of AVC with quality somewhere between ASP and AVC. It is royalty-free now, but it wasn't always. When Google announced VP8 as a grand royalty-free codec, it was actually very obviously encumbered by patents that Google had no rights to and unfortunately thus offered literally no benefits.

It was only a year ago that Google and MPEG LA settled the issue, with Google getting a full license to those patents and the ability to sub-license to anyone they want.

What you have is Google very targetedly marketing VP8 to web devs as a Free/Open/Next-Gen to have them jump on a bandwagon to "splinter the internet". It was only thanks to Google's mammoth weight being able to negotiate with MPEG LA that all the traction it gained wasn't for naught.

It's really hard to believe Cisco did not know about this. They were either cooperating (even if just by turning a blind eye) or incredibly incompetent. As you say, it will indeed be very difficult for them to gain anyone's trust.

It would probably take them all but 5 minutes to have one of their Chinese employees dump the firmware and compare the checksums to known vanilla sources. I can't believe a large company wouldn't have this as part of their regular process.

Check out Beyerdynamic's Pro line. They look good and are built like a tank. The Beyerdynamic DT770 Pro are around $150-200, comfortable for long use, have an excellent sound signature, good isolation, and can pump out an enormous, gorgeously detailed bass if your music asks them for it.

I assume they'll not be making this extra content Open Source, and perhaps have official servers which any old compiler will not be able to connect to.

The greater benefit here is that there will be a very public log of what it takes to make an AAA title. A super in-depth tutorial for all those devs who might want to license it.

Encouraged is a funny word, seeing as there's no other choice... but that's beside the point.

Having to dig out multiple libraries to make any non-trivial project is a pain. Having to worry about TinyXML's lack of standards compliance and proneness to buffer overruns (in an older version at least, not sure if it's still there), gsoap's godawful API, wrapping libpng's setjmp/longjmp error handling in exceptions, wrapping libcurl with RAII objects, or XYZ's exception safety, etc.

There's something nice to be said about having a very cohesive set of libraries by default. Same level of quality, same familiar style, same level of documentation, same integration with the rest of the library and language. C++ getting these things would not force you to use them, it would simply let devs bootstrap their apps a lot quicker, and far more robustly.

The C++ standard library is probably the highest quality standard library of any language I've seen.

It is documented down to an very low level. I can't count the number of time I've been using some .NET library only to find out that it has some undocumented requirement, quirk, or wildly unexpected time complexity. You never get things like that in the C++ standard library -- assuming you've read the documentation thoroughly, you should never be surprised.

The standard library takes full advantage of the language, and it's as lean as ever with the "don't pay for what you don't use" mantra generally remaining in full effect.

A downside? I may be able to develop something that uses a tenth the RAM and half the CPU in C++, but despite the strengths mentioned above, it's going to take me at least twice as long and I'm going to need to juggle a number of inconsistent 3rd party libraries -- no doubt some of them being plain C so I'll need to make some RAII wrappers, etc. -- it remains incredibly low-level.

Boost picks up some of the slack, but C++ really needs more of the things commonly used today. Things like HTTP, XML, web services, SQL, configuration, and cryptography should be built in, but they're only just now looking at a simple sockets library. This is a huge weakness. C++ is used in a lot of low-level situations so I don't know if these should be part of the standard library proper, but at the minimum an additional "framework" standard that implements high-level stuff for the more common unconstrained users would be immensely useful.

The language itself is very strong, and C++14 cements even more useful things into it. The only things I wish they'd add is LINQ and async functionality similar to C#.

If Theo had a more constructive outlook, this would go a lot different and we'd all benefit.

Instead of screaming vitriol at someone's app architecture inadvertently defeating his platform-specific feature, he should be asking why they felt the need to go with that architecture (hint: it was a perfectly reasonable need), and perhaps if he can do something to make integrating his security feature easier for that type of architecture.

Like you say, freelists are an extremely common design choice when performance is critical. This security feature could be hugely beneficial to many apps that use them (like, say, Apache HTTPd). Instead you've got the too-common case of an unbending programmer mad at someone for having needs other than his own.

People who don't use goto for error handling in C more often than not either have incorrect error handling or way too much error-prone duplication of resource cleanup code. It makes sense to very strictly warn newbies away from goto, much in the same sense that you warn them from multithreading. You don't want them used as a universal hammer for every nail in the code. At some point though, people need to jump off the bandwagon and learn to respect, not fear, these things that actually have some very compelling uses.

Unless a programmer is working for a very large company, there's a good chance they're in pretty direct contact with their users.

Throwing someone into contact with users doesn't help someone become good at UX. Just look at the multitude of Open Source projects -- most of them interact directly with users and still end up with pretty atrocious UX that is designed based on the programmer's workflow and how easy it is to implement.

Every time I hear this from a developer, I cringe. Good UX is a choice. You can train in it, but until you really alter your mindset towards user interaction and embrace it, your projects will suffer. It's so easy, too:

malloc's core functionality is to allocate memory. Any security additions are platform-specific and irrelevant.

A lot of large performance-sensitive projects implement custom allocators in the form of arenas and freelists. Lots of platforms have a fast malloc implementation these days, but none of them will be as fast as this for the simple reason that the program knows more about its memory usage patterns than any general-purpose allocator ever could.

Not to say I can't understand Theo's point of view -- if he wants maximum security, then a program which bypasses one of his layers in the name of performance might not be the best for him.

On the flip side, the standards have no notion of such security layers and I feel it is perfectly reasonable for a team to not throw away performance in the interests of some platform-specific behavior. This was a bug, pure and simple. There's nothing wrong with using custom allocators. To say that "OpenSSL is not developed by a responsible team" is simply nonsense.

People who buy TRD are generally going for either aesthetics (the TRD exhaust for GT86 is rather unique looking), warranty/insurance, or loans. Increase my payment by $10/mo for the TRD catback? Warrantied and insured without question? Awesome, go for it!

People looking for perf will always go third party. You'll never see a TRD intake that gives large gains because it needs to work with the stock ECU. Go third party and you can get a giant intake that requires MAF scaling or a catless header etc. -- so many more options that TRD simply won't offer.