Forgot your password?

Comment: Re:Laziness (Score 1) 143

by dkf (#47548465) Attached to: Popular Android Apps Full of Bugs: Researchers Blame Recycling of Code

Amazingly, security libraries are often in this category. Is there a really good writeup ANYWHERE about SSL, certificates and signing practices? And IPSec with all its intricacies?

Funnily enough, on Stack Overflow! Not all of the security-related questions are overflowing with shitty misinformation. (SO might not be great, but it's better than the squillion shitty places for question answering that preceded it.)

Comment: Re:National Boundaries (Score 1) 183

Nor do these arrogants "USA and other countries" (merrily forgetting there is something else in the world than Europe and the USA plus its satellites) who think there is no second chance ever, and no right to ensure one's personal data are correct, and no rigth to privacy either -- to mention only some of the personal-data-related rights that are given to me by my own European country (note that, as some have said, other European countries may have these rights in a less formal way, as a result of case law) and that I can successfully use to deter French spammers while I still have to suffer US ones. :/

You do not have the right because the government says so, but rather because you are a human being. Though that is a principle that is explicitly stated in the US constitution, it applies everywhere. However, it is a right that is made explicit in the EU and where the conditions under which the right may be infringed are perhaps more clearly stated (and better enforced) than elsewhere. There is a danger in explicitly stating rights, in that some stupid people might think you have no other rights — not true! — but leaving them all implicit has other risks in that it becomes hard to say for sure when they've been unreasonably infringed and to get other people to help you out defending them.

Comment: Re:Group Policy (Score 1) 91

by dkf (#47537717) Attached to: New SSL Server Rules Go Into Effect Nov. 1

Cheaper and easier to convince the PHB to buy a certificate signed by a public CA, than install your own CA certificate on every browser in your company.

Then your organization's IT department needs to learn about Group Policy and its counterparts on other common personal computing platforms.

Yeah, but getting all that to work when dealing with the reality of BYOD in many organisations (universities have a particular problem with this) is massively more complicated and expensive than ponying up for an externally-signed certificate. Heck, even getting an externally-signed local CA certificate is cheaper. Group policy (and equivalent) works relatively well for desktops and other wholly-owned devices, but ceases to be nearly so useful once you have to deal with anything external, and that's more and more common.

Get with the programme.

Comment: Re:it depends on what "skilled worker" means. (Score 3, Insightful) 401

by dkf (#47397905) Attached to: No Shortage In Tech Workers, Advocacy Groups Say

To put things in perspective - the old owners had plants in 5 different states. Each of the other plants consistently lost money. Our plant consistently MADE MONEY, despite mismanagement. Quarter after quarter, the accountants posted profits from our plant. In effect, we carried four other money losing plants for years. The owners could never bring themselves to unload the money losers, instead taking the profits we earned to shore up the other plants. They followed that policy until bankruptcy put them out of the game completely.

Were any of those plants making key inputs for yours? If they were, and it wasn't practical to consolidate that function, then closing them down would have crippled you. Which individual plants make money is one thing, but where there's internal transfer of items between units of the business, the value attached to those items is fairly nominal in practice; it's the overall business that really makes the profit or the loss.

Or maybe they're just incompetent fucks. That could be true too. Hard to say without the full facts, but the fact that bankruptcy hit is strongly indicative.

Comment: Re:So what are good languages to get into? (Score 1) 197

by dkf (#47395117) Attached to: IEEE Spectrum Ranks the Top Programming Languages

A masters in computer science program means taking about 10 three credit courses to get the degree. That means learning potentially 10 different languages. Which 10 would you choose? Which of those 10 are a must to learn, which would be merely advantageous to know?

Take at least one OO language (Java's fussy and bureaucratic, but its a pretty good example of the breed and is likely to be useful after you get your masters), at least one functional language (probably Haskell these days), at least one declarative language (Prolog or SQL), and don't just learn programming languages. You also need to learn about data, about data structures, about algorithms and their analysis, about parsing and compilation, and about concurrency; these are all independent of any programming language.

But computing is well served by not just learning about computing. If you have time, learn about math, stats and logic too, and learn how to communicate your ideas effectively; you'll never get far if you can't communicate with other people well.

Comment: Re:Transcendence (Score 1) 564

And by booboo I naturally mean something along the lines of

if(target->ThreatRating == ThreatRating::American) { target->Kill(); } // booboo

I'd guess something like:
        if(target->ThreatRating = ThreatRating::Trrist) { target->Kill(); }

Let that be a lesson to you: Trrist must evaluate to 0, for humanity's sake!

Comment: Re:The frustrations of AI. (Score 1) 564

If hardware isn't the problem, then it must be an algorithmic one. So, why can't an algorithm be discovered that is a breakthrough?

The problem is that it requires a true breakthrough, and there's no way to predict when that will happen. It also doesn't help that we don't really know what intelligence really is; all we've got is lots of things it isn't. I suspect that when someone cracks it, there'll be lots of people going "Is that all?! Anyone could have got that." and they'd be right, except that nobody did and it involves something both trivial and non-obvious. It might also require a lot of parallel processing, which we're still learning how to do well.

As we don't have any handy breakthroughs right now, we should instead study how brains really work and how to make computers do useful things (including stuff like "understanding" speech, "understanding" written natural language, drive cars safely, etc.) Those might or might not make the breakthrough easier, but they'll have other benefits along the way so they're still right to do.

Comment: Re:Where are they going to fab the chips? (Score 1) 340

by dkf (#47290043) Attached to: Russia Wants To Replace US Computer Chips With Local Processors

No, but I don't know of any Chinese companies producing steppers or any other of the multi-million dollar tools required to fab a processor.

That's what you might call a market incentive. Capitalism sees national security and arms export controls as damage and routes around it.

Comment: Re:Bad summary is bad (Score 1) 199

by dkf (#47287399) Attached to: Overeager Compilers Can Open Security Holes In Your Code

Actually it's about non-standard-conforming "security" hacks causing unexpected results. If the result of an operation is undefined, the compiler can insert code to summon Cthulhu if it wants to.

If your compiler is doing that, you should choose a different compiler. Summoning elder gods just because signed arithmetic might wrap around is not a good cost/benefit tradeoff!

Surprise your boss. Get to work on time.