Forgot your password?

Comment: Re:401k (Score 1) 418

by bluefoxlucid (#46780191) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

Liquidity is not an all or none thing. Stocks, over a long time, have proven to be very liquid. And the core of their valuation - the ability of a company to create value - is more stable than most other asset classes.

That's not money coming from somewhere; it's the ability to access money. The correct term for this is "solvency", and if you yank out the full actual dollars on hand then the bank (or stock market) becomes "insolvent". It's when you have less money being demanded than is actually there, even if there's much more money on paper than in reality.

There's plenty of other ways money effectively enters the market. Companies pay dividends to investors. They buy back shares. Public companies are bought or liquidated. The reason stocks are worth money is because companies create value; they did that, and were worth money, before there were stock markets. Owning part of a company isn't just trading baseball cards for companies you like, it's owning a productive asset - and that's why companies are largely evaluated by their price/earnings.

Nobody who has any understanding of economics thinks it's a zero sum game.

Except dividends are money from outside being put into the market, increasing the money in the market. Buybacks are money being put into the market from outside the market, to remove stocks from existence. In any of these cases, there is money flowing into the market.

Money flows from an outside source into the market. When an investor puts capital into the market to buy stocks, money comes into the market. When an investor sells those stocks, he has money that he can re-invest. If he decides to not re-invest some of the money, then that money leaves the securities market. If he decides to bring in more capital, he injects more money into the securities market.

The securities market has exactly as much money as has been injected into it minus exactly as much money as has been removed from it; you cannot put $100 in to buy 100 shares of a stock, hit $2/share, sell that for $200, and actually get $200 unless another $100 is brought to the table from outside the stock market.

This is called a zero-sum game. Every stock that's brought in is put there from the outside. Every dollar that's brought in is put there from the outside. The amount of money in the market minus the amount of money that has come from outside the market is zero, and when we all go home we have exactly the same number of dollars that we started with--just divided up differently. That somebody can bring more monopoly money in at any point in the game doesn't change this: money comes from outside, not from within. The market doesn't create money and it doesn't destroy money; it transfers it.

Comment: Re:I wonder how much damage... (Score 1) 96

by LWATCDR (#46779983) Attached to: Apache OpenOffice Reaches 100 Million Downloads. Now What?

Calc used to be really bad. I can not remember if it was LibreOffice or OO that just refactored Calc and added support for GPU compute. Calc is now pretty good. Exchange/Outlook has been a sticking point for a while.
As too how many government agencies could move? None. Until they are forced they will not move and Microsoft probably gives them a great deal just so they can sell copies of office to every vendor.

Comment: Re:So Much Fail (Score 1) 418

by bluefoxlucid (#46779685) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

1) A typical well-diversified index fund delivers returns over the long-term well over the interest charged on mortgages or car loans if you took out those loans when you have decent credit.

Buy and hold! If you buy-and-hold, you are nearly guaranteed not to loose--and if you do, it'll probably be less than a 3% loss over 20 years. Sure, you might gain 14% in 20 years (not the much touted 10% per year), but importantly you won't lose so much. Of course trying to time your investments to the market can make you 56% gains per year, or lose you 48%--and that's a lot more loss than a buy-and-hold strategy might expose you to, and a lot more likely to happen!

Yeah, the market is hard. The easy version of the market is slow.

(Yeah, credit cards do suck and you should pay those off ASAP after you get your max 401(k) match, if offered.)

My credit cards cost me less than my house. Consider $150/mo per payment, versus a one-time $80 payment and a year and some months with no interest. I do some monkey business with the cards to get that kind of thing going on (BAC has 14 month no-interest balance transfers all the time), and I frequently have exceedingly high credit card debt which costs me all of $200/year in fees and interest the worst of times. If I ever bought a $6000 motorcycle, I'd finance it with my credit cards in part, due to 6% motorcycle loans. For the most part, my cards stay high because I target other debt or stack up cash before paying them--it's a strategy that has saved me thousands of dollars.

My employer's 401(k) match is a lower immediate return than paying extra into my mortgage, which is nearly a 70% return. To make this more physical: If I put $225 in my 401(k), I get a match of $112.50. If I put $225 in my mortgage payment, I skip about $150 of interest at the moment. $150 > $112.50, even though they both end in 50.

You have not done full-scale investment. I can tell. I can tell because you obviously have not spent several 8-12 hours per day analyzing the indexes against each other (it's just division), analyzing technical metrics, analyzing news (yay Marketwatch), waking up at 4am to read the news and check the foreign markets, making trends predictions, drawing arcs and channels and other funny things on graphs, squinting hard when you see multiple indicators in conflict, trying to resolve the conflicts to work out a good guess at what the market will do, and then just gave up and cashed out on Friday so that you don't have to worry about 2 non-trading days and what might happen while you can't do anything about it, come back Monday to start again.

Have you ever seen someone who was completely sober, had gotten 2-3 hours of sleep per night for weeks, and talked reallyreallyfastliketheywereonmeth? That was me for a few weeks.

This is not a leisure job. You don't lay back, masturbate some while checking out Playboy Asia, idly click on a few things, buy, sell, mmhmm... It's not World of Warcraft. It is a vicious game of absolute timing, of completely predictable behavior that requires mountains of knowledge to actually predict, of a complete lack of those mountains of knowledge, of strife and fear and reflexes and reaction and bounds and calculations. It's chaos theory: the random element is what you don't know. Insider traders get to look at all the cards, high-level traders look at some of the cards and do card counting, and the fish are there just throwing down chips and hoping they can get a full house.

I don't care to work that hard. I got an honest job instead, and worked on minimizing my mandatory expenses and enhancing the stability of my financial position. My relative income to expenses is huge now, so very huge that I see people making oblivious statements like "yeah, you should save money, but the problem is today if you make $60k-$70k that's basically impossible", and I'm like, "Are you kidding? I was making $60k and spending $2000/mo on junk. I paid off a $3000 credit card in a month and a half on a $3500 salary, and had cash left over, then went back to buying old video games on eBay."

When you're actually better off than me, you can come back and tell me about finances. I've already heard this advice--I've given this advice and later figured out I was wrong. Been there, done that, yeah lol no.

Comment: Story important for pacifying headlines (Score 3, Insightful) 58

by hessian (#46779065) Attached to: RCMP Arrest Canadian Teen For Heartbleed Exploit

Here in USA it's being reported this way:

"Heartbleed hacker caught in Canada"


Media sheep, go back to sleep. We caught THE hacker responsible for Heartbleed, thus it can fall into the memory hole. Any concerns you may have about your fellow citizens, their business interests or governments monitoring you, or perhaps about the general competence of software development (!!!) can also go back to sleep.

Sleep, sleep my lovelies. Tomorrow there is obedience at school/job, and then shopping and sexy videos on the internet. Sleep, sleep.

Comment: Re:I will be a millionaire. (Score 1) 418

by bluefoxlucid (#46779063) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

Yes that's the result of giving women rights. You don't think anyone really cared about that whole "Women's Suffrage" thing, do you? It went like this: heyyyyyy... maybe we can convince women they're equals.... yeah, and heyyyyyyyyy then they can get jobs! And then... they'll have MONEY! And then, when couples want to buy a house, settle down, have kids like, ya know? Then, we'll milk them for all they're worth! Yeahhh! /zephod

If women had just stopped at "right to vote" and not gone on to "right to be men and have careers as steel workers and go to college and all get jobs", we'd have been better off. Women already had jobs. Have you ever been a bachelor? Have you ever worked a 40 hour work week, then came home and had to do your own house work so you don't live in an unkempt shithole? THAT SHIT IS HARD. Women were cooking and cleaning and doing mildly complex manual labor (look, I don't know about you, but my biggest problem with cleaning house is WHERE THE HELL DO I PUT SHIT THAT ISN'T TRASH?!), and then we told them, oh, you should get actual jobs.

Are. You. SERIOUS?!

A married woman has a job. If you bang her the right way, she'll have three jobs. If I ever had kids, I'd do the housework and tell the woman to deal with the babies. Fuck that. I can handle dishes and vacuuming and ironing, she can get up at 2 in the morning to change diapers.

So yeah. If you want to buy a small house, you need two people working at least three jobs.

Comment: Re:401k (Score 1) 418

by bluefoxlucid (#46778957) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

The amount of tax deferred income you can contribute to an IRA is not dependent on your salary,

See IRS.

if you made smarter choices, like using a home equity line of credit instead of credit card financing to do your insulation work you'd save even more.

My credit card costs me $80.

I'm serious. I don't pay interest. And no, I'm not on any introductory rate. I simply don't pay interest; I have two credit cards, and I constantly get promos to pay 1%-4% for a balance transfer, so I run one card up like hell when I need a few grand and then pay it off with a balance transfer. $3000? $120. If I have some cash on hand, I just pay down the first card partly before doing the balance transfer. Then it's like... oh you transferred $2500 in March 2014? You have until November 2015 to pay it off. Yeah uh, it's going to be paid off in 2014 (but I stack cash in a separate bank account and pay it off all at once when it won't totally drain my liquid funds, in case I suddenly need CASH).

Trust me, there's nothing obvious that's going to save me money. I'm not aggressively leveraging debt; I'm just aggressively looking for ways to minimize the impact of debt when leveraging cash is either not possible or actively bad (i.e. would I rather have $0 or would I rather pay $80 to have $3000 still on hand, but be $3000 in debt for the moment? Uhh... I'll take a little debt).

Comment: Re:401k (Score 1) 418

by bluefoxlucid (#46778883) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

It's not really much like poker, because it's not a zero sum game. Stock value has gone up fairly steadily over a century.

Oh my god are you KIDDING ME?! This again?!

Let's say you have 100 stock WORTH A DOLLAR. $100 = 100 x EAX. You go on the market and sell 100 stock, get $100 from the only other person in the market.

Now the market has $100 and 100 stock. Jake has $100, and Tim has 100 x EAX he bought.

Valuation of EAX goes to $2. Jake spends $50 and buys 25 x EAX. Jake now has $50 + 25 EAX, Tim has $50 + 75 EAX.

Tim tries to sell Jake more EAX. Jake has $50, Tim has 75 EAX. Tim sells Jake 50 EAX for $45, taking a loss. Tim: $95 + 25 EAX, Jake $5 + 75 EAX.

Now Tim tries to sell Jake 25 EAX.

Jake has $5.

How many EAX can you sell when there are $5 in the market?

The answer is simple: Jake's $5 start to become much more valuable than EAX, because dollars are scarce. Eventually the price comes down to 20 cents per EAX, Jake gives Tim $5, Jake has 100 EAX and Tim has $100.

We can change this dynamic by bringing more dollars into the game: Jake or Tim pony up more money in the bidding war, or Alex shows up wanting in on the action and brings us money. But here's my point: If you have $100 and 100 x EAX @ $10/share, you aren't going to sell 100 EAX and get $1000. The price of EAX is going to come down as there's less money in the market, thus less trading, thus the market crashes.

Yes, it's a zero sum game. Exactly as much CASH DOLLAR CURRENCY as you put in comes out. Exactly as much of each individual security as you put in come out. There's a lot more money on paper than there is actual, accessible money; and for you to get your money on paper, somebody has to give you their actual, real, physical dollars.

But eventually, you'll almost certainly want money in the stock market if you're ever going to retire.

Except when the big correction comes and you lose 90% of it, and 10 years later still have not recovered. I know quite a few people who have taken to working in old age because their 401(k) funds became worthless. That's a black swan event, but it happens. The market was simply overbought.

If I had $500,000 right now, in cash, I could simply retire. I'd make it until age 85, although I have luxury models that make me a pauper at 72 and frugal models that take me to 90-ish.

Comment: Re:401k (Score 1) 418

by bluefoxlucid (#46778773) Attached to: Survey: 56 Percent of US Developers Expect To Become Millionaires

I know about inflation. You seem to not know about interest. I'm getting, currently, around a 70% return on my money--this will scale back as I pay down my loan balances, of course. But essentially, I pay $220 in principal and $150 in interest per month; every extra $220 I pay on my loan balance (roughly--that number gets bigger each payment or pre-payment) saves me $150 (roughly--that number gets smaller) in total.

My employer will match 50% up to 2% of my paycheck. So I get a 50% return, which is smaller. I put my money into HSA, which gives me a 33% return (which is still smaller) due to skipping taxes; but I spend the HSA on toothpaste, bandages, and dental work, expenses I'd have anyway, and I have 33% more money free to put into knocking down my loans. I can go for Traditional IRA, which will give me an even smaller return: it appears to be 33% (pre-tax), but when I withdraw I will pay taxes. Also I can get a 1% raise out of my employer? Fantastic.

If you are saving money, and qualify, you should be putting the money into a ROTH IRA if you're just saving it post-tax anyway. You can withdraw up to the amount you contributed at any time with no penalty and you pay no tax on the interest and the money is tax free when it is taken out.

If you have a ROTH IRA and you place post-tax money into it, you pay full tax. Say you pay 30% tax overall, you take $5000 and pay $1500 in taxes, store $3500. You can pull that $3500 when you retire, with no tax penalty.

If you have a traditional IRA and qualify for the tax rebate (I almost don't),it's different. Instead of paying 30% tax, you stick $5000 in. When you withdraw, it's income. If you withdraw, say, $15,000 per year, you only pay 15% tax. So from that $5000, you pay $750 and keep $4250, which is $750 more than the $3500.

But wait, there's more! Taxes are bracketed. Income below some $8925 is 10% taxed. Up to $36250, it's 15% taxed. So for your $15k, you'd actually pay $892.50 plus 15% of $6075 ($911.25), meaning you pay roughly 12.025% taxes if you withdraw $15k/year in retirement.

It floats around, but the point is that you can expect roughly 15% total immediate growth from your pre-tax contributions. Post-tax contributions are for people who expect to spend more in retirement than their income while working, or who expect to play the market hard and win. Neither applies to most people.

And honestly, what would you do if you spent all this money and found that, in the end, you're 30 years old with $500/mo expenses and $3200/mo post-tax income, with a full $3500/year going into HSA on top of that? Time to have kids? I mean you can certainly afford it (not to mention getting married would give you a huge tax payout with that $11500 standard deduction and 15% tax rate). Honestly I could have done this 5 years sooner, I'm just slow and it took me a while to figure out how to handle finances.

Comment: Re:de Raadt (Score 1) 284

by bluefoxlucid (#46778663) Attached to: OpenBSD Team Cleaning Up OpenSSL

You cannot assume that.You don't know how long this vulnerability has been exploited, and it is reasonable to expect that some high-profile targets that use OpenBSD in their stack may have been compromised.

Netcraft reports BSDs as 1% or less of the servers out there, OpenBSD being a fraction of that, FreeBSD being another, NetBSD and other such probably being a smaller fraction than either. I would expect OpenBSD to be the bigger fraction--who uses BSD on a server?--but FreeBSD appears to be more popular as a desktop OS, and that may carry weight. Of course we're talking about the tastes of the 1% so who really knows?

Thing is we know a lot of high-profile targets are straight Linux or they have dedicated appliances that were vulnerable (FortiNet products, SonicWall products, Cisco and Juniper gear even). When making conjectures, I take the larger probabilities--look up Operational Risk Management and related analytical techniques--and draw likely conclusions. "OpenBSD isn't vulnerable" would not have convinced me (or likely anyone) that the situation is any different from a practical standpoint, except that a few machines somewhere would theoretically escape vulnerability, and even then you may be able to modify the attack (i.e. take less than 4k?).

The problem is, on top of the fact that no boundary check was performed on a copy operation, this passed a code review and was incorporated in the most widely used SSL library, that reads and process sensitive information.

Yes I've said this a few times about "better coding practices". Cleaner code would have helped, heartbleed was very self-contained, the process of review and clean code *may* have increased the likelihood of Heartbleed not making it past a review, but it did make it past several manual reviews as-is, etc etc. Part of my larger argument has been that Heartbleed isn't exposed by technical runtime countermeasures until exploited, and apparently nobody thought to look for this particular kind of bug, so it was never tested.

That actually sounds interesting. What happened to it?

Well besides that I am not the world's best programmer--I do have a certain strength in the area, but it's vastly outweighed by my weakness in larger architecture and I always had this perfectionist thing going on with no real code discipline so I was always frustrated with my own bad code--I could never get the allocator tested. You do understand why it might be hard to test a memory allocator as it's incrementally written, right?

The basic plan was to implement parts of malloc(), and fall back to glibc's malloc() for cases I don't handle. I used a staged design, with arbitrary object sizes based on some research papers I read--16 byte objects are common, so I have a "picoheap" or whatever I called it that's just a collection of mmap() areas for holding 16 byte objects. For larger (128 byte-256 byte?) objects I had separate mmap() areas which used canaries to detect write overflow (too much overhead to do that with 16 byte allocations, just made them 4k pages with a bitmap). And so on. I tried to implement one class of allocation, and fallback to malloc() otherwise... and the interposing wasn't something I knew how to do.

I'm sure Peter Gutmann would have something to say about me replacing malloc() with something much better I invented one morning over coffee (and the Web site part is now defunct... I still have the design docs somewhere, probably the schizophrenic rantings of a child).

Eg. acessing odd memory positions is a stall in most modern CISC cpu's (and some ancient ones too), so your code will actually run slower. In some cpu's, the stall is everything that is not 16-byte aligned.

Yes I know. I ingested enough about computer architecture in 1 month when I was 19 to have the Tetris Effect on a hilarious level. It's called a psychotic episode. But hey, did you know that on IA-32 you can mark a page with the Supervisor bit, and when you try to access it you cause a page fault exception into the kernel, which can then check if you want to READ/WRITE or EXECUTE the page, and kill the program if EXECUTE, else force a DTLB load (in the CPU) which gets cached and no longer raises an exception until the DTLB fills up and invalidates that entry? Then you have a hardware NX bit on a fucking 486-SX! Some dude in Hungary came up with it; he later absorbed Ulrich Drepper's method of making only lower RAM executable, so the whole stack was automatically NX without all that extra overhead, and the heap was page-granularity protected.

Yeah. Psychotic episode. I didn't really know how computers worked at the time. I got into security and loaded in a fair amount of OS design, compiler design, and low-level CPU behavior in a month. And kept adding to it for about 3 months before cooling down. I know about word alignment.

My god the guy who wrote PaX is a genius.

Comment: Re:Uproar? (Score 5, Insightful) 101

by SuperKendall (#46776245) Attached to: Vintage 1960s Era Film Shows IRS Defending Its Use of Computers

The uproar was that with computers long term storage the IRS could do things like make you pay taxes on something your parents did 60 years ago, or use the power of tagging to harass specific organizations based on political leanings. What absurd notions those people of ancient times had!


It is not every question that deserves an answer. -- Publilius Syrus