Forgot your password?
typodupeerror

Comment: Over at Dice? (Score 4, Insightful) 230

by eldavojohn (#47560113) Attached to: Programming Languages You'll Need Next Year (and Beyond)

Over at Dice

But we are at Dice, sir:

[Querying whois.publicinterestregistry.net]
[whois.publicinterestregistry.net]
Domain Name:SLASHDOT.ORG
Domain ID: D2289308-LROR
Creation Date: 1997-10-05T04:00:00Z
Updated Date: 2014-03-14T22:12:11Z
Registry Expiry Date: 2015-10-04T04:00:00Z
Sponsoring Registrar:Tucows Inc. (R11-LROR)
Sponsoring Registrar IANA ID: 69
WHOIS Server:

Referral URL:
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID:tuE8gFbzWFO9qSj2
Registrant Name:Host Master
Registrant Organization:Dice Holdings, Inc.
Registrant Street: 1040 Avenue of the Americas
Registrant City:New York
Registrant State/Province:NY
Registrant Postal Code:10018
Registrant Country:US
Registrant Phone:+1.8557527436
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:hostmaster@slashdotmedia.com

Pros: Today's article has more content than the usual Dice front page linkage. Great article if you're not a programmer but feel stymied by the wide assortment of languages out there. Although instead of hemming and hawing before making your first project you're better off listening to Winston Churchill and sticking your feet in the mud: "The maxim 'Nothing avails but perfection' may be spelt shorter -- 'Paralysis."

Cons: It barely scratches the surface of an incredibly deep topic with unlimited facets. And when one is considering investing potential technical debt into a technology, this probably wouldn't even suffice as an introduction let alone table of contents. Words spent on anecdotes ("In 2004, a coworker of mine referred to it as a 'toy language.'" like, lol no way bro!) could have been better spent on things like Lambdas in Java 8. Most interesting on the list is Erlang? Seems to be more of a random addition that could just as easily been Scala, Ruby, Groovy, Clojure, Dart -- whatever the cool hip thing it is we're playing with today but doesn't seem to quite pan out on a massive scale ...

Comment: No, it isn't and they don't (Score 1) 148

by jd (#47556521) Attached to: OKCupid Experiments on Users Too

The Internet is not powered by experiments on humans. Not even in the DARPA days.

No, websites do NOT experiment on users. Users may experiment on websites, if there's customization, but the rules for good design have not changed either in the past 30 years or the past 3,000. And, to judge from how humans organized carvings and paintings, not the past 30,000 either.

To say that websites experiment on people is tripe. Mouldy tripe. Websites may offer experimental views, surveys on what works, log analysis, etc, but these are statistical experiments on depersonalized aggregate data. Not people.

Experiments on people, especially without consent, is vulgar and wrong. It also doesn't help the website, because knowing what happens doesn't tell you why. Early experiments in AI are littered with extraordinarily bad results for this reason. Assuming you know why, assuming you can casually sketch in the cause merely by knowing one specific effect, is insanity.

Look, I will spell it out to these guys. Stop playing Sherlock Holmes, you only end up looking like Lestrade. Sir Conan Doyle's fictional hero used recursive subdivision, a technique Real Geeks use all the time for everything from decision trees to searching lists. Isolating single factors isn't subdivision because there isn't a single ordered space to subdivide. Scientists mask, yes, but only when dealing with single ordered spaces, and only AFTER producing a hypothesis. And if it involves research on humans, also after filling out a bloody great load of paperwork.

I flat-out refuse to use any website tainted with such puerile nonsense, insofar as I know it to have occurred. No matter how valuable that site may have been, it cannot remain valuable if it is driven by pseudoscience. There's also the matter of respect. If you don't respect me, why should I store any data with you? I can probably do better than most sites out there over a coffee break, so what's in it for me? What's so valuable that I should tolerate being second-class? It had better be damn good.

I'll take a temporary hit on what I can do, if it safeguards my absolute, unconditional control over my virtual persona. And temporary is all it would ever be. There's very little that's truly exclusive and even less that's exclusive and interesting.

The same is true of all users. We don't need any specific website, websites need us. We dictate our own limits, we dictate what safeguards are minimal, we dictate how far a site owner can go. Websites serve their users. They exist only to serve. And unlike with a certain elite class in the Dune series, that's actually true and enforceable.

Comment: Re:Oe noes! A compiler bug! (Score 2) 702

by TheRaven64 (#47549141) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

The reason that most extensions exist is that there is (or was) no way of implementing things that people want with standard C. Inline assembly is one example. All modern C compilers support it, but GCC and Microsoft's compilers use different syntax (most other compilers implement one or the other, sometimes both). Without it, you require that every time you want to use even a single instruction of platform-specific assembly code, you must write an entire function and call it.

Atomics were another big reason for extensions. Prior to C11, if you wanted atomic operations, you needed either assembly or non-standard compiler intrinsics. Efficient vector support is another one.

Comment: Re:Or upgrade to llvm ... (Score 2) 702

by TheRaven64 (#47549083) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"
While that's technically true, the Ada and Fortran front ends are both using DragonEgg, which is a GCC plugin that converts GIMPLE to LLVM IR. It doesn't work well with GCC 4.7 or newer, produces poor debug info, and is now largely unmaintained. There is a Flang project to produce an LLVM front end for Fortran, but it's very immature. The Ada Labs guys were looking at producing an LLVM front end for Ada, but I don't know that they got anywhere with it.

Comment: Re:Or upgrade to llvm ... (Score 1) 702

by TheRaven64 (#47549053) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"
Clang wasn't. Clang began in 2007, after Chris Lattner had moved to Apple. Before then, if you wanted to compile C code with LLVM, you had to use llvm-gcc, which was a horrible hack that took a forked version of GCC and translated one of the GCC IRs into LLVM IR before code generation.

Comment: Re:Laziness (Score 1) 143

The problem is worse on Android than on many other platforms because there are very few native shared libraries exposed to developer and there is no sensible mechanism for updating them all. If there's a vulnerability in a library that a load of developers use, then you need 100% of those developers to update the library and ship new versions of their apps to be secure. For most other systems, core libraries are part of a system update and so can be fixed centrally.

Comment: Re:Not surprised (Score 1) 143

I doubt Apple has such a patent. Both of these were features of Symbian at least since EKA2 (over 10 years ago) and, I think, earlier. Apple may have a patent on some particular way of exposing this functionality to the UI, but that's about the most that they could have without it being shot down in court in 10 seconds (prior art that's in the form of a phone OS that millions of people owned is hard to refute).

Comment: Re:umm duh? (Score 1) 175

by TheRaven64 (#47548225) Attached to: Dropbox Head Responds To Snowden Claims About Privacy
Everything you ask for exists. The reason that Google, Microsoft, and Dropbox don't use them is that their entire business model depends on differentiation. If you could connect to their services with any third-party client that also worked with a server that you set up yourself and with their competitors' services, then their hold on the market becomes very tenuous. You're searching for technical solutions to business problems.

Comment: Re:Advertised on YouTube? (Score 4, Interesting) 95

The 'you can skip in 5 seconds' ads amaze me. Presumably the people using them know that they have 5 valuable seconds that everyone can see, yet they uniformly squander them. I've almost never seen an ad that tells me anything interesting in the first 5 seconds, which isn't that surprising, but it's really surprising to me that most don't even tell me what the product is. Several that I've seen use the first 4 seconds to fade from black, then get 1 second of something incomprehensible before I hit skip.

Comment: Re:umm duh? (Score 1) 175

by TheRaven64 (#47544353) Attached to: Dropbox Head Responds To Snowden Claims About Privacy

Please correct me if I'm wrong because I may not have imagined this system properly. I was thinking the idea was that you encrypt each file with a single unique key, and then to use a public-key encryption scheme to encrypt that key. You can then send the encrypted file and the encrypted key to another user, knowing that it will need that users private key to decrypt.

Every time you upload a file, you generate a random symmetric key. You encrypt the file with this key and the key with your public key. If you want to download the file, you get the file and the encrypted key and then you decrypt the key with your private key and then decrypt the file. When you create the account, you upload your public key.

When you want to share a file with everyone, with no access control, you download the encrypted key, decrypt it, and provide it to the server. The server can then decrypt the file.

When you want to share a file with a limited set of users, you download each of their public keys (which you can cache in the client) and the encrypted symmetric key, decrypt the key, and then encrypt it once for each user. They will then only be able to access it with their client.

I'm not sure who you're 'we' as in 'internet community' is. We do have standards and off-the-shelf libraries for everything required to implement this and others have done so in the past (one of my colleagues during her PhD did back around 2006, to give one example, others have implemented more complex and flexible schemes more recently). Note that this is the simple textbook scheme for doing this kind of system. It's been implemented before and doubtless will be again. If you check the research literature then you'll find more interesting schemes.

The only problem is if you want to be able to access it from the browser, without some kind of plugin (Google actually does compile OpenSSL with Emscripten to do ASN.1 parsing, but I wouldn't recommend using it for encryption).

Comment: Re:FUD filled.... (Score 1) 212

It sounds like this transformer had its center tap grounded and was the path to ground on one side of a ground loop as the geomagnetic field moved under pressure from a CME, inducing a common-mode current in the long-distance power line. A gas pipeline in an area of poor ground conductivity in Russia was also destroyed, it is said, resulting in 500 deaths.

One can protect against this phenomenon by use of common-mode breakers and perhaps even overheat breakers. The system will not stay up but nor will it be destroyed. This is a high-current rather than high-voltage phenomenon and thus the various methods used to dissipate lightning currents might not be effective.

Comment: Re:umm duh? (Score 1) 175

by TheRaven64 (#47539311) Attached to: Dropbox Head Responds To Snowden Claims About Privacy

then you may as well just give the server the AES key and ask it to decrypt the file

But in that model, if "the server" has the key, wouldn't Dropbox have the key? I thought that was the whole thing people were freaking out about.

No, you'd have the key. If you wanted to share the file publicly, then there's no point in keeping it encrypted, so you'd provide the server with the key and it would decrypt, saving you the cost of downloading and reencrypting.

I understand what you (and the AC) are saying about storing an encrypted key on the server, and then re-encrypting the key for each new user you'd want to share with. That's a clever arrangement and I admit that I hadn't thought of it, but it still seems like it has the potential to create more complexity than most people want to deal with. It still means you need to manage various encryption keys, and we (Internet culture) seem intent on not developing a coherent system for managing encryption keys.

The client just needs one key, the RSA (or equivalent) public key. You'd need to copy this between devices, but it's relatively small (under 1KB). It's small enough to fit in a version 40 QR code quite easily, so you could set up mobile devices by displaying the QR code on your laptop screen and point the mobile device's camera at it, if you don't have any sensible way of transferring files between devices. The client then has to download the file and the associated key, decrypt the key with the locally-stored key, and then decrypt the file, but that's not something that's exposed to the user.

A committee is a group that keeps the minutes and loses hours. -- Milton Berle

Working...