Link to Original Source
Link to Original Source
You really need to read ITS#5361 as well.
As a related example, I was recently (last summer) confronted by a patchset from [a prominent network router manufacturer] for OpenLDAP, which they wanted to contribute back to the Project. Upon reviewing the patchset, I found they were using an OpenLDAP release from 2001, and this is the code they've been embedding in the firmware of many of their router products from then till now. Many of the patches they sent me were in fact patches I had written for the Project, which they had backported somewhere in the mists of time.
So, thanks to OpenLDAP's permissive license, there's a lot of network hardware out there running ancient, patchwork code that's massively obsolete, along with a crazyquilt of patches of widely varying quality. None of the users of this hardware have any idea of what's inside there, no one can say what security vulnerabilities may or may not exist in any particular model # or serial #, because the code itself is just a frankenstein jumble.
Personally I would have preferred the GPL, because it would have prevented this sort of situation, but it would be quite difficult for the OpenLDAP Foundation to contact all of the copyright holders and ask them to approve a license change, and I suspect a number of them would refuse to change.
Just keep in mind - the freedom that permissive licenses grants to proprietary software companies almost always works to the customers' disadvantage. They will allow their code bases to diverge, they will allow bitrot to set in, they will allow CVEs to go unaddressed, and no one outside will know exactly how bad things are. Until perhaps 10-15 years later, if someone inside the company wakes up and realizes how untenable their situation really is. But the problem is these companies always jump down this path at first; they haven't looked far enough down it to see where it goes.
You would be doing anyone you make such a recommendation to a disservice. BerkeleyDB was a nice piece of work for the 1980s. It is totally outclassed by LMDB today.
5.0 is pretty ancient. MySQL abandoned BDB as a backend in 2006, shortly after Oracle acquired BDB. They couldn't use vanilla BDB, it required their own patches to the BDB source tree.
Link to Original Source
Yes, it's overblown, but tmpfs is not a reliable solution. If the system is under heavy enough load and memory pressure, the tmpfs contents may get swapped out to disk anyway.
And oh yeah, the swap partition on your disk is a liability too. But anytime someone has physical access to your disk, all bets are off anyway...
I rewrote the pidgin-otr plugin to use plain libpurple a few months ago. It will work on anything that libpurple works on, including finch. You can read about it here
and grab the code here
There's already a package for it in Arch Linux.
On that topic, i guess it would be a really good idea to write an OTR plugin for the vanilla Android SMS app. Something for my todo list if it hasn't already been done. (PS, you can find my OTR plugin for Finch/libpurple here https://gitorious.org/purple-otr )
Google has been grossly negligent from Day 1. I paid ~ $600 for my G1 phone 2 years ago, and got zilch for customer support from Google, and nobody at T-Mobile was smart enough to even know what to do with any Android technical problems. When people are paying this much real money for a product, by god you better offer them real technical support.
You can't find any dedicated email address or phone number to report issues, the best you can do is file a bug report that's unlikely to be acted on, or post on groups.google.com and hope some bored developer with a few cycles to spare reads your post. That's completely inexcusable for the price people pay for these devices.
I've stuck with it because I've been able to download the source and fix issues I've run into, but only after many days of beating my head against the poorly or non-documented interfaces in the system. But again, regular customers paying real money shouldn't have to do that. For this kind of money, there should be dedicated customer support people who are proficient with the OS and the range of devices, and there should be complete documentation on all of the bundled features.
They claim the battery construction is completely safe, and that the battery keeps operating even after having a bullet fired through it.
(I'll leave it to you to run it thru google translate if needed...)
My compiler will allow you to write whatever code you want, but it will refuse to compile it into insecure code.
My compiler's source:
10,000 rounds sounds a bit too generous, are you trying to destroy the army or just kill the leader(s)?
That's also got me thinking down the line of Asimov's psychohistorians. I wonder if enough media has already been moved onto the web that we could harvest enough online data from say, the past 10 years, to feed into a computer model of the world that produces identical results to the historical data. Then if the model is working well, you can start playing what-if games to see what changing one or another factor does to modern life. You could go back further, if you wanted to manually enter all the data, but I doubt you could go back more than a decade or two because there just isn't sufficient data. Dunno.
And then, assuming you have this wonderful computer model, does its existence alter the world that it is modeling? Do you have to keep it a secret so that it's able to model and predict without impacting the world? Imagine if it was just a big Distributed Computing project, and it became well known, commonplace even.
I would guess that the NSA or CIA already has something similar crunching in one of their data centers, but it would be cool to have just for its speculative aspects...
I've often wondered what would have happened in the Roman Empire if Christ had not been crucified; if perhaps some time traveler went back and smuggled him away into exile. I'd like to believe that Christianity would never have arisen, and most of the atrocities done in the name of Christianity would never have occurred. Who knows, maybe the same things would have been done anyway, just in the name of some pagan deity instead. I'd like to see how the world would have turned out without a Catholic Church running Europe for millenia, and what humanity would have achieved instead of spending hundreds of years and generation after generation building huge cathedrals. I'd like to see whether there would still have been Spanish Conquistadors in the New World, or if the native Americans would have been left alone to continue developing their own civilizations.
I'd also like to go back and throw a few defeats in the path of Julius Caesar, before his rise to power, and see how Europe would have shaped up if the Roman Empire's growth was halted far earlier. Wondering if a lot of older religions would have survived in better health. (Which also ties into the Christianity thing as well...)
But all of that would take more than just one free trip. Need to be able to hop back and forth a few times to take in the full effect.
A lot of students are bad at algebra simply because they don't understand what to do with x and y in e.g "y = 2x", so you still need at least part of the test to force them to work all the way to a concrete result from concrete inputs. Again, there's a big difference between theory and practice, and people should be learning both.