Forgot your password?

Comment: Gentrification? (Score 4, Interesting) 357

by jgotts (#46762915) Attached to: San Francisco's Housing Crisis Explained

This isn't gentrification. This is super rich people pushing out very rich people, as compared to everybody else in the country.

If you're paying more than $1,500/month rent to live in a one bedroom apartment anywhere in the US, you're very rich. If you're paying $2,500/month to live in a one bedroom apartment anywhere in the US, you're super rich. The last time any poor people lived in San Francisco was the 1960's.

The rest of the US population not living in San Francisco doesn't have very much sympathy for you, except maybe the unfortunate souls living in Boston or New York.

I use the terms very rich and super rich, but feel free to substitute "less affluent upper middle class" and "more affluent upper middle class," if it makes you feel any better.

Comment: Theo de Raadt redeems himself (Score 1) 289

by jgotts (#46760315) Attached to: OpenBSD Team Cleaning Up OpenSSL

I've not liked some of the things I've heard from Mr. de Raadt in the past because they seemed to be less fact than emotion, but in this case Theo has redeemed himself in a big way.

Like it or not, OpenSSL is now one of the most important pieces of software in the world. OpenSSL protects people's bank account numbers, credit card numbers, medical records, and employment records. OpenSSL protects corporate and government secrets (hopefully in combination with other defensive tactics). OpenSSL is not used for all encrypted network sockets, but it is widespread, to say the least.

de Raadt and his team are stripping OpenSSL down to its bare minimum. That is exactly what we all need. When someone's device creates an encrypted HTTP connection to another device, you want that functionality to work perfectly. That is the vast majority of use cases, and that most important use of OpenSSL failed in a spectacular fashion.

You don't care about being able to build OpenSSL on anything right now except OpenBSD. That is the platform de Raadt's team will be using for testing. You don't care about high-performance wrappers. Computers are lightning fast now, have gigantic amounts of memory, and network speeds are phenomenal compared to the requirements of using an HTTPS connection. OpenSSL today does not want for any system resource, even on a telephone or an embedded platform.

You don't need a platform on which to perform experiments in cryptography. OpenSSL was being used by scientists and mathematicians and the NSA to test new ideas. That is not an appropriate use for the mainline OpenSSL distribution.

Once de Raadt's team is finished, one or more of the hundreds of thousands of Windows programmers can spend a few weeks re-adding their build architecture and necessary wrappers for the latest versions of Windows and some Linux people can do the minor porting on that platform.

Perhaps the original OpenSSL can be relegated back to the laboratory. If you've ever used the OpenSSL command line programs, it feels like you're working with test tubes and bunsen burners. From what I've read of the code, it is no better.

Comment: Apocalyptic thinking (Score 4, Insightful) 733

by jgotts (#46737687) Attached to: Ask Slashdot: Are You Apocalypse-Useful?

Here's my opinion on apocalyptic planning. You're wasting your energy. We've been predicting that the apocalypse is right around the corner since the dawn of civilization.

Prepare yourself for _likely_ (mathematically probable) scenarios. If you're 40 or under, prepare yourself for the possibility of dying or being seriously injured in an automobile accident. Buy the safest vehicle you can afford, because this is your leading cause of death. If you're over 40, take measures to prevent yourself from dying of heart disease by eating right and getting more exercise.

A cache of guns and a bomb shelter full of provisions won't do you any good if you're obese and you die of heart attack at age 55. Nor will it do you much good if you're in your late 20's and you die in a car crash on the way to Wal-Mart to purchase rifles and canned food.

Continue doing whatever you're doing because if something serious like an asteroid hits Earth, you're already dead. Anything serious like that will completely rewrite all the rules for life, and you can't predict what you will need. Maybe the only thing you will need is genetic resistance to the diseases that will run rampant. Or the ability to hide. Or the ability to relax and not worry. Or the ability to accept death.

Comment: systemd Architecture (Score 5, Informative) 641

by jgotts (#46661991) Attached to: Linus Torvalds Suspends Key Linux Developer

Let's take a step back and consider what systemd has given us compared to what we had before.

Before systemd, configuring what gets started on Linux systems was standard across all distributions, dating back to before 1995, when I started developing software with Linux. There was /etc/rc.d/init.d or in some cases /etc/init.d and in most cases there were links in rc1.d, rc2.d, rc3.d, etc. It was that simple. Nothing ever broke.

With systemd, a solution in search of a problem, everything changed. Now you have all of these directory hierarchies and countless old bugs that take years to get resolved. For example, "network restart" was broken in Fedora for ages for a machine of mine with one DHCP Ethernet interface and two static Ethernet interfaces (with nothing fancy like wireless). "network restart" fails on a variety of machines I have access to; forget about "network reload." ifcfg-eth0 and the like are simple things, some of the most basic boot-related operations. I've tried to open bugs but the problem seems to be buried somewhere in the guts of systemd.

I've had systems rendered unbootable during upgrades because of silent failures trying to make a good initrd. It's too complex to get everything right with systemd. For a long, long time when the boot scripts died with systemd there was no obvious way to see any errors. Recently they added some more debugging output suggesting that you use journalctl. Why didn't they tell us about that earlier? The reason? No documentation. They wrote an entirely new way to boot the system but kept the design in their heads. Maybe, many years later, there is some scant documentation available (except for that one old useless design document justifying systemd's existence that everyone has read). Of course, nobody writes man pages anymore but they were sure to remove the man pages for the old boot system.

So what new things does systemd give us? Pretty much nothing except for bugs. Maybe there are a few oddball use cases like booting off of weird media, but most people today boot off of a fixed hard drive that doesn't change in years. 19 years later it might be an SSD, but that is the same use case.

Comment: Limit order? (Score 5, Insightful) 246

Nobody trades like this, and nobody traded like this in the early 2000s. That trading style has been obsolete for 20 years, and predates HFT. You don't see something, decide you want that, and then hit Enter or click your mouse button.

In this example, you decide the maximum price you want to pay in advance, and you enter a limit order. If you're selling you decide upon your minimum selling price, and in the same way you enter a limit order. You've locked in your profit, regardless of timing.

If you're setting up some sort of combination, you enter the triggering parameters in advance, and you don't even need to see what was being done on screen.

People say that computers are trading with each other. That is false. That's like saying that Microsoft Word writes documents. Trading companies, their traders, and their programmers write trading software and adjust parameters. 30 years ago, the "software" was held in the traders' minds, and the execution was done via outcry. The underlying mathematics is the same, and traders don't have to hold these calculations in their minds.

The problem here is this. Extremely rich companies can have the fastest links to the exchanges, but this is no different from the olden days where the oldest and richest companies had the smartest and most well-connected traders. The tools of the trade are slightly different, but rich and successful companies will leverage their money to be the most successful, or else they will be replaced by somebody else.

My own background is that I wrote a derivative trading system between 1999-2006 for a tiny company that ultimately didn't make it because we couldn't compete against the big boys. This angst about HFT is largely technophobia. The traders trade, they learn the software, and they often don't understand how it works. To programmers like me, the algorithms are a black box, but the traders do understand the mathematics pretty well. When you have traders coming out against HFT, you have traders who couldn't understand the software or were burned because their companies weren't rich enough.

People who have never worked in this field who are against HFT really don't understand computer-based trading very well, from either a programmer's perspective or a trader's perspective. Keep in mind that the job of a computer is to make mundane things happen more quickly, so we can focus on more human things. You want your 401K to execute as accurately-priced trades as possible. HFT ensures that both styles of trading benefit.

Comment: Re:Beach houses (Score 2) 230

by jgotts (#46610885) Attached to: Geologists Warned of Washington State Mudslides For Decades

The Great Lakes region has a significant percentage of the US's population and I would not consider it "way too risky."

Southeast Michigan, part of this region, has around 5.5 million people. We haven't had a significant natural disaster that I'm aware of in the last 100 years or more. We are not subject to tsunamis or earthquakes. We're far away from the ocean and fault lines. We aren't subject to volcanoes or rock slides. This region is flat; no mountains here. Remnants of hurricanes cause little more than some rain. We don't have the kinds of tornadoes you see in the central plains states. We might have one tornado every few years that causes a handful of deaths. We're not prone to severe flooding. We're used to minor floods that drain into the Great Lakes. They're simply an annoyance. It doesn't get very hot here, so you're not going to die of heatstroke. By the same token, due to the effect of the lakes, it doesn't get very cold here compared to other states at this latitude. In the southeast we don't get much snow, either. The snow dies out crossing the state.

In the pre-Columbian days, Michigan's lower peninsula had a large Native population, for very good reason.

Comment: Re:Tip from a programmer (Score 1) 78

by jgotts (#46607349) Attached to: FTC Settles With Sites Over SSL Lies

Hi, you would be right except there is definitely something punitive in the settlement. Both formal security audits and formal certification procedures are very expensive to small business. If you have only a handful of developers and the audit or certification takes him out of circulation for 3-6 months that's very expensive. Even having your developers distracted by the necessarily niggling and picky auditors is expensive even if they aren't on it full time.

Okay, SSL has its flaws. But if you say SSL and don't have validation turned on then you're lying. If you don't believe in SSL then don't use it. Encrypt contents, but don't screw that up. A PCI-compliant installation might use SSL, encrypt the credit card data using a public key, and decrypt using a private key only on a server accessible via two-factor authentication. SSL is only one layer of the onion.

I'll bow out after this one. Thanks for the good discussion.

Comment: Tip from a programmer (Score 3, Interesting) 78

by jgotts (#46606995) Attached to: FTC Settles With Sites Over SSL Lies

This should be a lesson: If somebody is having trouble connecting with you, or you're under some kind of deadline pressure and you can't connect to them, don't turn off SSL validation. Get your connection working properly before going live. Because once you go live, you won't want to/may not be able to properly set up SSL.

Comment: Re: acceleration (Score 2) 83

by jgotts (#46586403) Attached to: XWayland Aiming For Glamor Support, Merge Next X.Org Release

Anything without acceleration is an experiment. It doesn't matter how many lines of code you've written, or how efficient it seems. 100% of the required functionality is acceleration.

Acceleration is why X is being replaced by Wayland. 2D X11 requires a separate driver for every different type of hardware. 3D X11, from what I read by the Wayland people themselves, has three different APIs. For a long time, the only drivers with good 3D acceleration were proprietary drivers from AMD and nVidia.

I want Wayland to succeed, but I feel that it's still a long way off. The devil is in the acceleration. Think about the time spent by XFree86 developers over the decades writing acceleration code versus everything else, and that's the part we're missing right now. I'm not very clear on just where the acceleration is missing, but it sounds like it's missing in a foundational piece.

Comment: Re:risk aversion (Score 2) 112

by jgotts (#46558203) Attached to: Electric 'Thinking Cap' Controls Learning Speed

My objections are evidenced throughout this thread: For example, someone wants to go to Radio Shack and spend $15 to build his very own brain stimulator. Hopefully nothing goes wrong but the cost to society of people with damaged or malfunctioning brains in a lot more than $15. People with damaged or malfunctioning brains can commit murder or become a ward of the state. That's liable to cost society more like in the millions.

You don't go to Radio Shack and build a kidney dialysis machine for $15, and I don't need to say how much more complex the brain is than a kidney. [But if you ask scientists how a kidney works, even, there are still mysteries and unknown mechanisms.]

Comment: The brain is a delicate organ (Score 3, Insightful) 112

by jgotts (#46557811) Attached to: Electric 'Thinking Cap' Controls Learning Speed

This seems analogous to grabbing a smartphone, connecting a wire to some metal part, plugging that wire directly into a 120 V AC source, and hoping that the smartphone works better afterwards. Yes, smartphones have electricity running through them, too, but what you're doing isn't like to be productive.

We're only going to be able to safely operate on the brain when we can stably reprogram individual neural networks. That's the model we're going to have to have of the brain. Something on the order of sophistication of microchip and circuit designers with a cadre of millions of neuroprogrammers. Brain programming might one day be the growth field. We can't have opinions of how the brain might work. We need to have facts about how the brain does work, in minute detail.

Comment: Awful (Score 4, Interesting) 250

by jgotts (#46488117) Attached to: Why San Francisco Is the New Renaissance Florence

Why should I have to make over $125,000/year to live comfortably when I can make under half elsewhere in the country and be equally content? Why should I be forced to rent unless I can afford a million dollars for a house? How am I supposed to lay down roots? Why should any home short of a mansion cost a million dollars in the first place? Silicon Valley is pretty close to my idea of hell. The only thing I like about it is the City of Berkeley and the surrounding mountains and national parks where you can get away from the people living there on the weekends. San Francisco is bleak, dirty. There's nothing I like about it. It was good in the 60's but that was 50 years ago. Why would I want to surround myself with 99% ghetto rich (making a lot of money but having to spend it all on rent and expenses) men mostly struggling, thinking that their website will be the next Facebook.

For the 1% of people living there, I bet it's great. Those same people would be happy anywhere, because they're very wealthy.

The trouble with opportunity is that it always comes disguised as hard work. -- Herbert V. Prochnow