Comment Re:Ivy League Schools (Score 1) 106
Bill Burr says it best
Bill Burr says it best
The Ivy League was basically a formal gentleman's agreement (you know, back from the good old days where they banned women and blacks from campus and had strict quotas on Jews) that they would mutually agree to be terrible at sports in order to maintain high academic standards.
Everyone who attends an Ivy League school to play sports is someone who would have been a serious consideration for admission without their athletic ability.
Of course they're going to be terrible at sports. They don't have any black people on their team!
Dude, you're the worst sort of person to argue with. You've demonstrated poor reading comprehension and a willingness to hand-wave away the distinction between similar words if you don't think they are relevant to you or serve your position. You seriously make me wonder why I even bother trying to express myself precisely
I never used the word explosion. I used the word detonation. I contrasted it with the deflagration that occurs in internal combustion engines like we see in cars.
A detonation occurs when the shock wave expanding out of the reaction zone compresses the unburnt fuel ahead of the wave, and the compressive heating raises the temperature in the unburnt fuel above it's autoignition temperature.
10 m/s is well below the threshold. Try 2000 m/s.
Detonation produces a more efficient combustion than deflagration, gives higher yields, and generates more kinetic force relative to the thermal energy released. It's a whole different kettle of fish.
To prevent double-use like this, a company should say that you don't get paid until they've fixed the bug and issued a patch for it in their software, all without the exploit ever being spotted in the wild.
One problem with this is that there's already a documented history of companies rejecting bug reports and not paying the bounty, and then some time later include a fix for it in their periodic updates. It's basically the same process that causes a company's "app store" to reject a submitted tool to do a particular job, and then a few months later releasing their own app that does the same thing.
I know a good number of people who've been bitten by the latter, from both MS and Apple. In the case of a bug, it's a lot harder to document that this has happened, but various software guys I know express a strong suspicion that it has been done to them.
It's widely believed that corporations don't have ethics at all, only costs and income, which would easily explain this sort of fraudulent "offers" of rewards with no intent to pay. We've heard here often from lots of people who think that this is right and proper, and that corporations should only be motivated by the bottom line.
When combined with the growing penchant for treating someone who reports a security bug as a criminal "security hacker" and prosecuting people who report bugs in software products, this should reasonably make a sensible developer reluctant to take rewards programs seriously. Given an offer which could get you thanks and some money, or could land you in jail for your efforts, and no way to know beforehand which the company will do, why would you even consider letting them know your name?
(Actually, my name has appeared in numerous companies' lists of honored contributors thanks to my bug reports and patches. But I haven't sent in security-related bug reports to many companies, only to the ones I have reasons to believe I can trust.)
I assume that picture was meant to be a German V-1 flying bomb? Those were pulse jet engines, but not pulse detonation engines. They used the expanding gas of repeated combustion reactions, they didn't cause fuel to detonate.
I was apparently mistaken about there not having ever been a PDE powered flight
From France to London in the mid 1940s - get a grip before trying to lecture others who are not entirely keyboard jockeys.
Do you have any more information? I can't find any references to a successful PDE powered flight outside of the work being done by the Air Force Research Laboratory and Innovative Scientific Solutions, Inc.
Sorry, I'm not an engineer. I've worked in a fireworks factory and made my own model rockets, but I'm not a professional.
And no, I was thinking something like Galinstan, and not for propulsion, but for a power station.
As far as the difference between deflagration and detonation, you may find this helpful:
http://en.wikipedia.org/wiki/D...
Why do I say it's hoped that they will replace scramjets? Because aerospace and military engineers are spending millions of dollars working on trying to engineer them as a replacement for scramjets and hoping they succeed:
http://en.wikipedia.org/wiki/P...
I was apparently mistaken about there not having ever been a PDE powered flight... looks like researchers flew one for 10 seconds at an altitude of 100 feet with engines that create detonations at a frequency of 80 Hz.
I imagine a power station that could harness the power of nitroglycerin. Nitro is cheap as hell to make and releases incredible power... I'd love to try and build a plant that's buried deep in bracing rock and uses a very dense inert metallic alloy as a hydraulic fluid to harness the incredible power of cheap organic explosives.
Am I missing something here or are you ignoring how diesel engines work? To me at least it looks like a series of small explosions.
You're missing something. Diesel engines are internal combustion engines.
It's probably best to accept that some people won't accept your proposed terminology and move on to discuss more than just semantics.
That's why I posted...
Fuel. You've been bitching about the use of the word "power" when you're the one who's using it wrong. The word you want is fuel.
Thermoelectrics generate power in the presence of heat.
Internal combustion engines deliver power when shit explodes inside them.
Gasoline is a fuel, not a power source.
If you built a car engine that delivered power by causing fuel to explode, you'd change the world. Car engines work through deflagration, not detonation. Detonation releases way, way more power. It's hoped that it will be the replacement for scramjet engines... envision a jet being driven by a series of explosions. No one has admitted to successfully making one, though. I've spent years doodling different ideas about how you might make one if we had the materials necessary, but it's like building a space elevator... fun to think about, but you'd need materials far stronger than anything we have available.
Car engines run on boring old combustion. The difference in scale between combustion and detonation is not dissimilar to the difference between a compost heap and a bonfire.
point granted, the "powered by" slope is a slippery one. but saying the car is powered by thermoelectrics is like saying it's powered by suspensions.
If it was pointed out to you that thermoelectrics operate anywhere there is a heat differential, and that you could technically "fuel" your car by pouring liquid nitrogen into the tank and have the thermoelectrics exploit the heat differential between the liquid nitrogen and the ambient temperature to generate work over time, aka power, would that be enough for you to concede that thermoelectrics are indeed what is generating the power?
A second and more important fact is that the bug was not discovered by eyeballs on source code. The techniques used seem to be the same applied to proprietary closed source code. "âoeWe developed a product called Safeguard, which automatically tests things like encryption and authentication,â Chartier said. âoeWe started testing the product on our own infrastructure, which uses Open SSL. And thatâ(TM)s how we found the bug.â"
So you're say that when I, as a (professional
Maybe I'm overly arrogant, but I disagree with this. I think that whatever a chunk of code does, the credit (or blame
By similar reasoning, we might argue that the "many eyes" never actually discover any bugs at all, because the real work is done by the brain behind the eyes, not the eyes themselves. And with computer bugs, the human brain almost never figures out the bugs; it merely writes code that does appropriate testing, providing the brain with information that it could never have figured out by itself.
This is sorta the inverse of the old saw that guns don't kill people; it's saying that the human that pulled the trigger should get no blame for a killing, because it was the bullet (or maybe the trigger mechanism) that actually did the job.
Happy workers are good workers, but proud employees are bad employees.
No, just no. No one with any sort of a clue ever argued these issues cannot happen with Free Software.
No, they haven't made that claim in so many words. But they've sure as hell implied it for years now. That's the whole line of thought that Raymond's statement (quoted in TFS) is based on.
Huh? The quote is "given enough eyeballs, all bugs are shallow." That's a clear admission that open software, like all other software, contains bugs; that's why you want the many eyeballs. Any claim otherwise is a symptom of not understanding plain English. Eric's whole point was that the bugs in open software will be found and fixed faster than the bugs in other software, due to the population of interested people who will study it, looking for the bugs. Nothing in that quote implies (to anyone with reasonable understanding of English and basic logic) that open software doesn't have bugs. I expect Eric would just chuckle at the very idea of software without bugs.
(Actually, someone near him should ask him. Tell us whether he chuckles, or snickers, or just gets a sad look on his face. Or maybe he'll say "Well, there is a conjecture that bug-free software exists, but in has never been observed in the field by reliable observers."
A much more useful conclusion from this story (if you're serious about computer security) is that this bug has been found and fixed in OpenSSL, but with its proprietary competitors, we have no way of knowing what horrible exploits they may be hiding. And you'd be a dummy to think they don't have exploits; every chunk of security-related software has exploits. The meaningful question is whether they can be found and fixed by the people using the software. If not, you'd be a fool to use that software.
Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.