Forgot your password?

Comment: cost now (losses) vs cost (funding) (Score 2) 79

by lkcl (#46808625) Attached to: Heartbleed Pricetag To Top $500 Million?

ynow... there is a moral to this tale: if businesses and individuals making money from software (libre) had properly funded it, putting some of the money that they saved from not purchasing proprietary software into the hands of those software teams, would we be talking about this now? in all probability, the answer is no. the reason is because those teams would be able to expand, take on more people, pay for security audits and so on which they would otherwise, as we have discovered, not be in a position to do.

so my take on this is that it is really really simple: businesses have received what they paid for, and got what they deserved.

i have been through this experience - directly - a number of times. i worked on samba - quietly - for three years. whilst the other members of the team were receiving shares from the Redhat and VA Linux IPOs, which they were able to sell and receive huge cash sums - i was busy reverse-engineering Windows NT Domains so that businesses world-wide could save billions of dollars.... and not one single one of those businesses called me up to say thank you, have some cash. as a result, about a year after terminating work on samba i was working on a building site as a common labourer.

it was the same story with the Exchange 5 reverse-engineering, which the Open Exchange Team mirrored (copied, minus the Copyright and Credits).

there is a moral to this tale: unlike proprietary software, which has a price tag commensurate with its perceived value, the process of even *offering* payment to individuals working on a software libre project that has been downloaded, usually from a completely different location (via a distro), is completely divorced from the developers actual efforts.

even in shops in rural districts, it is understood that if the door is unlocked and the shopkeeper not there, you help yourself, open the till, sort out your own correct change and walk out. but in the software libre world there is often not even that level of expectation! the software is quotes free quotes therefore it is monetarily zero cost therefore we should not have to pay, right? and businesses are pretty pathological about taking whatever they can get without paying for it.

so the short version is: there is a huge disconnect in software libre between service provision (the software) and paying for that service, and i really cannot see a solution here. perhaps this really should be bigger news: perhaps in this openssl vulnerability we have an opportunity to make that clear.

Comment: Re:parallelism (Score 1) 117

by lkcl (#46789553) Attached to: Linux 3.15 Will Suspend & Resume Much Faster

You're assuming a lot there. How would you know if osx or windows NT kernels are 'fully parallelized'? Have you seen the source?

someone else answered about OSX. NT, based on the MACH kernel, has been fully re-entrant and multi-threaded for a looong time. also, given that the service control manager (which is a parallelised start/stop daemon service) is fully parallelised i'd be incredibly surprised if the same attention to detail wasn't also carried through on device-driver initialisation as well. although.... the only evidence against that is the "Debug Startup" mode, which initialises drivers in sequence (and shows you the sequence), but that could well be due to the request for "Debug Mode" rather than an underlying design. honest answer: don't know.

Comment: bowling for columbine (Score 1) 1608

by lkcl (#46768565) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

wasn't it some guy michael who did that documentary, showing that there are an average of THIRTY FIREARMS PER PERSON in Canada, yet there were only two gun-related murders in the entire country that year. by contrast, i remember the camera man showing the city of detroit and this guy michael saying that there had been tens of thousands of gun-related murders in just that one city of the united states, alone.

no: if canada's population can be sensible about guns, then gun "control" in america is not the answer. basically we may reasonably deduce that there's something terribly wrong with american society, resulting in many individuals placing little value on another person's life and them being sufficiently stressed or pathologically outright insane as to be capable of killing. passing laws to remove the guns *will not stop that*. it is simply not connected.

if [sensible] citizens are not permitted to defend themselves from their own government, what we then have is a situation where the Oligarchy of the United States (see ) could basically murder those people who see it as their duty to protect their fellow cizitens from tyranny.

hmmm... where have we seen that happen before? and before anyone *outside* of the united states imagines this to be a "local problem", remember that the united states has been doing things like bombing other countries and cutting off communications (cutting underwater mediterranean cables for example) of any country that attempts to e.g. start selling oil *not* on the $USD standard. so basically if the united states ends up in chaos it means the rest of the world ends up in chaos as well.

sensible U.S. Citizens: please make your voices heard. loudly.

Comment: parallelism (Score 3, Interesting) 117

by lkcl (#46736749) Attached to: Linux 3.15 Will Suspend & Resume Much Faster

.... um, it's 2014, the linux kernel is a critical part of the planet's internet infrastructure, is used in TVs, routers and phones all over the world, and you're *seriously* telling me that its internals aren't fully parallelised? i thought the linux kernel was supposed to be a leading example of modern operating system design and engineering.

Comment: serious problems with networking equipment in HFT (Score 3, Informative) 342

by lkcl (#46684581) Attached to: Australia May 'Pause' Trades To Tackle High-Frequency Trading

this article explains in depth what the problem is. the SEC has now been alerted to the problem, and is investigating. the people who found the issue believed originally that this was deliberate, but it actually just turned out to be a systemic problem of the speed differentials between different routes that high-frequency trades come in at.

what they originally discovered was that they could see a price on a screen, but the moment that they put in the bid to a number of brokers, the price would DISAPPEAR. they thought that this was deliberate, that someone was scamming them: it turned out that this wasn't true, but it took a couple of years of investigation to find out. what they did was they put in *individual* bids *directly*, and found that they were accepted. they then investigated various combinations, introducing delays into the bids, and found, amazingly, that it was down to the *time of arrival at the exchange* of their bids as they were sent via numerous brokers.

so it was only when they invented a tool (which they called "Troy") that *deliberately* introduced networking delays, such that the bids would (as best they could manage) arrive within milliseconds of each other at the exchange, that they managed to trade successfully.

if however any one of those bids happened to go via a different ISP, or a different router, or any other random combination, then the bids would *FAIL*.

the problem it turns out is that these delay effects are well-known. most of the money in high-frequency trading is therefore made by seeing a slightly slower broker's prices, then putting in an undercutting bid *knowing full well* that the other broker has a slower network. and this aspect of high-frequency trading is what is currently under investigation by the SEC.

*this is why the introduction of networking delays is so absolutely important*.

the people who discovered this phenomenon basically had to set up their own independent exchange in order to solve the problem. they needed to introduce a delay of 350ms as a way to make things fair for everyone. they did this by basically putting in 38 miles of fibre-optic cable in a shoe-box in the basement of the server farm that they leased.

it turns out that once investors discovered this, they began *specifically demanding* that their trades *exclusively* be brokered through this new exchange that had this 350ms shoe-box delay. it actually caused a lot of embarrassment for a number of brokers and trading houses because the brokers were explicitly disobeying their client's instructions, because the brokers didn't understand how important this really is.

anyway: you really have to read that article (or the book) fully because it's quite complex, and it's basically an inherent flaw down to the fact that the internet (TCP/IP) is routed randomly, thus introducing gross unfairness that has become the subject of intense investigation, very recently.

so yes, *all* trading should be done with at least a 350ms delay.

Comment: left-handed and right-handed knots (Score 1) 393

by lkcl (#46678131) Attached to: Why Are We Made of Matter?

in the studies that i've been doing for the past four months the best explanation i've encountered is one where particles are actually photons obeying maxwell's equations *to the absolute* letter, on some form of circular (or knotted, or hubius helical) path, where the epicentre creates a synchtronic electro-magnetic field that it in symbiotic support of the epicentre. there is actually a lot of research recently into optics which shows that it *is* actually possible to create phased laser beams that will literally bend in a semi-circle.

with that description in mind, the definition of a "particle" is therefore that the phase of the photon at the centre rotates in one direction.... and that for an anti-particle it rotates in the opposite direction. the string theorists / knot physics people have this down as "the knot being tied left-handed or right-handed".

it's really that simple... but it requires a bit of explanation otherwise it makes no sense. why did the universe choose one in priority over the other? who knows: who cares. the choice has been made.

Comment: Re:The new Hitlers (Score 1) 564

by lkcl (#46674895) Attached to: Was Eich a Threat To Mozilla's $1B Google "Trust Fund"?

Divorce laws can be changed to recognize civil unions so those wishing protection without getting married can be afforded it. Many insurance companies and private businesses already allow for 'domestic partners' when it comes to insurance, I don't see any requirement there that those partners be having sex.

que?? since when did married people have sex??

Comment: Re:i don't understand (Score 2) 564

by lkcl (#46673263) Attached to: Was Eich a Threat To Mozilla's $1B Google "Trust Fund"?

ok. i understand. there are personal views and there is a naive belief that his personal views will somehow interfere with his legal obligation to enact the articles of incorporation as a Director of a Corporation. to imply that someone is unfit to distinguish between personal and professional (legal obligations) is actually a very very serious accusation to level at someone, for which he could probably demand significant compensation, as well as initiate libel lawsuits against those people making such defamatory remarks. as he has faithfully been the CTO as well as a loyal person within the Mozilla organisation for such a long time i think he would stand an extremely good chance of winning.

Comment: fwbuilder (Score 1) 187

by lkcl (#46671451) Attached to: Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

i have a bit of a problem comprehending firewall rules (and deploying them). i asked around (just as you did) and got the advice "use fwbuilder". i liked it so much that i ended up writing a python script that parsed its xml files and generated HTML output so that i could clearly see what it was doing.

but, despite admitting that i am not a firewall rules expert, i do have to say that nothing substitutes for actually studying what firewall rules are and understanding them properly. i say that from the position of being a person who, whenever they need firewall rules, does an internet search and cuts/pastes the results successfully into an amalgam that "does the job", but it "does the job" with the concern always being in the back of my mind that i probably completely messed it up...

Comment: i don't understand (Score 4, Insightful) 564

by lkcl (#46669557) Attached to: Was Eich a Threat To Mozilla's $1B Google "Trust Fund"?

i'm sorry but i genuinely fail to see the importance of any of this "personal view" stuff. a technically-competent person who has been with it almost since the beginning: they were the CEO of Mozilla for about a week. someone as technically competent as brendan should have absolutely no difficulty firewalling personal from professional: why do we have to have idiots believe otherwise? could someone therefore please explain to me in simple language what's really going on?

Comment: stress-related illness (Score 1) 157

by lkcl (#46637525) Attached to: Should Patients Have the Option To Not Know Their DNA?

the effects of stress in exacerbating and causing physical ailments is one that is well understood. many people naively believe that genes are the sole exclusive means by which illness may occur, despite there being innumerable counter-examples clearly demonstrating that this is false. that does not prevent people from *believing* that genetics is the sole exclusive cause of one particular illness or another, and *for such people*, that belief, when they are presented with such "quotes truth quotes", is quite likely to result in their death, due, ironically, to stress *triggering* the very illness that is merely latent rather than active within their genes.

here on slashdot we have people who, by and large, are capable of logical and rational thought. when presented with scientific issues, they apply rational bullshit filters on the topic of for example genetics. many of the opinions marked "insightful" on this article are a clear demonstration of that. however the general population has little understanding of genetics, and many many people simply do not think "rationally".

on the whole then, if it became a *legal requirement* to *force* people to listen to a doctor telling them words which, when that person heard them, were translated in their own minds due to their lack of knowledge and self-belief, that "they were basically dead already because of their genes", i would consider such people who pushed such laws through as being severely mentally ill as well as their actions being morally reprehensible.

answer: no. it is highly irresponsible to force absolutely everyone to listen to something that they are not fully equipped to comprehend.

Comment: Re:O RLY (Score 5, Insightful) 259

by lkcl (#46522959) Attached to: Overuse of Bioengineered Corn Gives Rise To Resistant Pests

And the corporations selling this stuff cannot care less about it, all they care about is that we transition to patented and sterile seeds so we perpetually depend on them.

my biggest concern is that they start creating what can only be described as "generation time-bomb crops", in a pathologically-insane effort to further save money. "time-bomb crops" would be those which you plant once, they grow, seed, plant twice, they grow, place a third time and they FAIL.

now imagine such insanely-dangerous crops pollenating and cross-pollenating world-wide and it's not so hard to imagine a scenario in which world famine occurs within a five to eight year period in which all food crops world-wide completely fail.

i was actually pretty shocked when i first heard of sterile seeds that even have a *single* generation planting. there's no guarantee that nature will not, through its own process of DNA evolution, *accidentally* come up with generation time-bomb crops.

i've said it once and i'll say it again: genetic modifications to crops are so insanely dangerous that i'm beyond understanding why people do not understand this. if there was even the *slightest* risk of killing 7 billion people *why would you even contemplate it*?

Comment: Re:directfb-lite and other webkit ports (Score 2) 240

by lkcl (#46464519) Attached to: Google To Replace GTK+ With Its Own Aura In Chrome

ls -altr /usr/local/lib/*lite*
lrwxrwxrwx 1 root staff 16 Dec 7 2010 /usr/local/lib/ ->
lrwxrwxrwx 1 root staff 16 Dec 7 2010 /usr/local/lib/ ->
-rwxr-xr-x 1 root staff 928 Dec 7 2010 /usr/local/lib/
-rwxr-xr-x 1 root staff 48848 May 3 2011 /usr/local/lib/

i'm sorry - that's 48k not 86k!! liblite is *tiny*.

Comment: Re:directfb-lite and other webkit ports (Score 1) 240

by lkcl (#46464505) Attached to: Google To Replace GTK+ With Its Own Aura In Chrome

Which version of Qt did you use? There were a few releases that focused on load-time speedups.
Have you tried it against Qt5? It should be 99% identical

it was qt4.3 or thereabouts. the problem is that qt does far too much. when you think that lite 1.2 is around an 86k binary and qt4 and qt5 are several tens of *megabytes* you start to understand the extent of the problem. libQtCore is 3mbytes. libQtGui is 11mbytes.

now bear in mind that when you're doing something like a web browser, all you really need is a font and pixel drawing system (cairo, pango), an input box (liblite), a way to read the keyboard and mouse, and err... it really ain't that complicated, then you start to understand why GTK and QT are complete overkill. only when you need to do things like open a new popup window or open a new browser window that you need something more complex, and heck, those can be done with a bit of X11 or Win32/GDI message handling for goodness sake. in cases where you're doing direct framebuffer writes (such as in chrome os, android, b2g, DirectFB applications and more) then you don't even need _that_, in many cases.

so in effect it doesn't matter how good Qt4, Qt5 or GTK2 or GTK3 are, the fact remains that even the initialisation of the sub-systems that aren't going to be used are all simply too much. the only reason for maintaining those ports (of webkit) is to make it easy for people who wish to integrate webkit into *their* applications that are written in those frameworks.

so the difference is: under the circumstances where you don't need the infrastructure of those frameworks, because you're doing a stand-alone web browser, these heavy-weight frameworks like Qt and Gtk are an exceptionally bad idea.

Luck, that's when preparation and opportunity meet. -- P.E. Trudeau