Forgot your password?

Comment: Re:I would think (Score 1) 248

by lgw (#46800995) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

Except that's BS. There are probably a million "front end" webservers in use by cloud-scale products today, between Google, Amazon, Microsoft, and Facebook. None of them are at 100% CPU. Web servers just don't run that kind of load. There's simply no system performance cost here. Bit of power and cooling maybe, but trivial in the scheme of things.

Comment: Re:I would think (Score 1) 248

by lgw (#46800973) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

The people fixing it aren't the people who made the mistakes, is the thing. This is the clean up crew, and entirely the wrong people to mock. And if you've any doubt at all about whether these guys are ocking the people who did make the mistake, well, this is Theo de Raanter we're talking about here, yes, mocking happened sure as the Sun rose.

User Journal

Journal: This should be one of those "I told you so" moments... 1

Journal by Timex

...but I won't say it, even though I'd be justified in doing so.

I was just looking through the beta for Slashdot (which I don't like, by the way) and saw a "Hall of Fame" page. I looked at it and this was one of the most popular stories of all time. It was posted when Obama was elected the first time.

Comment: Re:Yeah? (Score 1) 351

by lgw (#46791633) Attached to: Mercedes Pooh-Poohs Tesla, Says It Has "Limited Potential"

I disagree: the Model S was the right car to do first. All electric cars before it were simply crap. Worthless, horrible rides that only a hippie would drive. Yech. The Tesla is fine for many uses, and the main thing is: it's overpriced in a market where it's normal to be overpriced; it's overweight in a market where it's fine to be overweight (the S class was 3 tons not that long ago). It's a nice car, nicer than a Camry, where instead of the refinement of a luxury car for the price difference, you get the novelty of an electric car. And at that price range, you probably also have a gas car (or if not, you can rent one as needed).

Electric car tech simply isn't ready yet for low-margin vehicles. High margin cars, where intangible value is a big part of price, they work fine. It makes perfect sense to me to start there, and gradually come downmarket as they get the hang of it.

Also, most US families have 2+ cars, so one short range car isn't a problem I don't, so I'm skipping the Model S for now, but I'd love a similar car with a 50 HP gas generator under the hood. It doesn't need to provide enough power to run on, just enough to recharge given a few hours in the parking lot. None of this fancy, sure-to-break, parallel hybrid nonsense, but the great "fixie" Tesla drivetrain with a purely separate generator so I can recharge using gasoline as needed.

Comment: Re:Metaphor (Score 1) 234

by lgw (#46791571) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

Any language except C has classes that prevent buffer overruns. Heck, I did assembly programming for 5 years, and the natural way to move data around avoided buffer overruns (mainframe assembly). The tools are right there, people just don't pick them up.

It's not about the language, and it's certainly not about "don't screw up", it's about a coding style that's not amenable to the mistake, and that's practical is most any language except C, really.

(Really, C and Managed aren't the only choices out there.)

Comment: Re:So what? (Score 0, Flamebait) 339

by HBI (#46790193) Attached to: VA Supreme Court: Michael Mann Needn't Turn Over All His Email

Because he knows that the data is cherry picked and manipulated. Everyone knows that, otherwise there would be no hockey stick. The defamation suit would fail. So concealing the maximum amount of information benefits his very weak case.

He'll probably lose the defamation case, in any event. Regardless of what data ultimately is clawed away from him.

Comment: Re:Why do these people always have something to hi (Score 3, Insightful) 339

by lgw (#46790023) Attached to: VA Supreme Court: Michael Mann Needn't Turn Over All His Email

This is the problem at the heart of climate science. The key details for models are not published, and (despite being largely paid for by our money), not even available apparently under FOIA to "avoid competitive harm".

That sounds very much like commercial software development and very little like reproducible science, or even open source! WTF, guys? You wonder why so much of the public has a hard time taking climate science seriously? This shit is why.

Good science defeats skeptics through openness. "Look, here's the experiment, do it yourself if you don't trust me." Heck, even experiments on vastly expensive particle accelerators eventually become reproducible through cleverness or technological advance at other universities.

Openness, and beyond openness: the willingness to explain clearly, in detail, and in layman's terms led to the FAQ, which takes seriously and answers seriously every common popular question and dispute about evolution, and likely led to the shift from old-school creationism to ID (which at least is progress). This is severely lacking in climate science.

Comment: Re:Commodore Amiga 3000T (Score 1) 672

by lgw (#46789675) Attached to: Ask Slashdot: What Tech Products Were Built To Last?

Comment: Re:No Good Solution. (Score 1) 176

by lgw (#46789091) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

Therefore the best solution is to public release so everyone has the information at the same time. Let them compete for the patch; Awful software publisher will be the one caught with bugs. Good one will be patch and secure while everyone else suffer their bad choice.

Over time the best software will prevail and only idiots will still be using Microsoft products... that the theory. In practice there is corruption and bad software will linger for decades.

It's not about how fast you patch, it's about how fast you can get patches to your customers. And for the OpenSSL flaw, there were devices where the patch process is "throw it away and buy a new one".

Anyhow, Microsoft is far and away the worlds leading expert at distributing security patches - no one really has more experience or such a well-tuned corporate ecosystem. MS pushed a critical security patch out to WU, and every major corporation knows just what to do, and understand the urgency, and has a well-travelled path for it. The more modern players are good at patching consumer endpoints, but haven't really addressed corporate customers.

"I'm not afraid of dying, I just don't want to be there when it happens." -- Woody Allen