Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Comment Re:w007 (Score 1) 43

never mind Wayland exists because the damned kids maintaining Xorg got tired of the cruft.

Xorg maintainers were not known for quality software engineering, in fact, it was the opposite.

I haven't looked into Wayland enough to know if it is good or bad, but there is no reason to believe these guys just because they maintained Xorg.

Comment Re:How does space elevator save energy? (Score 1) 156

You don't need energy in the elevator. Simply have two elevators and a pulley wheel at the top. Lifting something then is just a matter of capturing some space junk or asteroid of suitable mass and lowering it in the other elevator.

Holy crap you have just invented a perpetual motion machine! That'll show the doubters.

Comment Re:Levels of Security (Score 1) 118

This wouldn't entirely preclude layering violations, but it would certainly make them more difficult. That would improve security, but whether it improved the techniques?

Here I was referring to the fact that dependency injection and callbacks and closures often make code hard to read. Java code with threads and closures with mutable variables can be inscrutable sometimes....increasing the amount of time it takes to add features (or find bugs) by an order of magnitude or two. (Of course you can use dependency injection and callbacks and still have readable code, but a lot of times that doesn't happen).

3) you wrote, "Most modern (predominantly research) security architectures" who is doing this research, and where can I find it?

Wow. Pretty much everyone in OS software who cares?

IBM and Microsoft are players, OpenBSD is, for some types of things. Apple is; Linux people (though I think it was a DARPA project run by IBM?) were the first to implement ASLR; I think Apple was the first to ASLR absolutely everything? And to do page level executable signature verification in the paging path? Though I think they mostly did it for DRM reasons, rather than to be helpful to users. I think compiler stack probes came from the LLVM folks?

I know about ASLR and page level executable signature verification lol (and I hate page level encryption in iOS but that's another story. Incidentally, on iOS you can still easily trojan an executable by adding a shared library with a c++ static initializer to the mach "load command" section. It will get run on startup. You will need to resign, but that's usually not a problem).

Here I was asking about who is aligning page boundaries with the end of their arrays? Or is that already in GCC now? Also, who is using container in a mailbox? Because I don't think Outlook has changed this still.....

The problem I really have with his work is that it's largely academically oriented, rather than practical.

Fair enough. I haven't really looked at DJBDNS much so I can't really disagree with you.

Comment Re:Elevator will happen when materials are proven (Score 1) 156

The fact that A, B and C which were previously considered to be impossible eventually were made possible does not mean that D which is currently considered impossible will eventually be made possible.

The obvious example is FTL travel/time travel.

Also, the "it's just an engineering problem" misses the point that you can't separate engineering from economics and politics. We know that we could all be flying in supersonic passenger planes now, because we built Concorde. But there are no supersonic passenger planes in service. It was never just about engineering a supersonic passenger plane.

Comment Re:Levels of Security (Score 1) 118

I'm not going to write an entire paper here on Slashdot.

You already kind of did lol. This is good stuff though. I have some follow-up questions if you don't mind:

1) How are you aware of (and able to control) lower-level things like the page size, or which functions go into which groups of pages?
2) Why is it called "container-in-a-mailbox?"
3) you wrote, "Most modern (predominantly research) security architectures" who is doing this research, and where can I find it?

As part of this, you define an interface contract: you are permitted to call down to the interfaces below yourself, and you are permitted to call across, within the same layer to auxiliary functions, but under no circumstances are you permitted to call upward.

That would ruin (or improve) a lot of modern OO techniques.

The reason I like DJB's work is because he seems to carefully think about what problems may arise every time he writes a line of code. He may not always succeed, but if you don't have that way of thinking, you will automatically fail at "identifying architectural layers for your libraries in order to abstract complexity of each layer from the layer below it," and will have bugs no matter what rules you follow.

Comment Re:Liberal misinformation (Score 1) 594

No no, I read the poll, it's irrelevant. For any political tactic, it is likely that one party will use it more than the other. Whether Republicans complain more about it recently than Democrats or 50 years, it could be flipped the other way. (Incidentally, I find it fascinating that the only media source trusted across the board was the WSJ. Not sure what to think about that.)

The biggest thing that annoys me about you is that you seem only able to see faults in the 'other' party, not in your own. That is a sign of immaturity. Wise people look hardest for faults in their own position.

Comment Re:Levels of Security (Score 1) 118

btw, I'm pretty sure you have an interesting point here when you said this:

Functional decomposition is a really poor way of abstracting complexity, when it's being used in isolation, and does not include mandatory boundary layer order and direction of operations over said boundary.

but I'm not entirely sure what you meant. Could you clarify? What other option is there besides functional decomposition?

Comment Re:15 years old? (Score 1) 410

We are no more going to replace coal with nuclear than we are going to replace it with solar.

Maybe not, but at least it's a position that is reasonable from a scientific perspective. Replacing coal with nuclear is a solution we can use right now, at relatively little cost. Solar and wind, on the other hand, are not viable solutions with current technology.

Of course, then we still have the problem of getting rid of gas cars. That's a tougher problem, but becomes more viable every day.

A rock store eventually closed down; they were taking too much for granite.