Forgot your password?
typodupeerror

Comment: Re:Call me a rock wielding barbarian (Score 1) 41

by Animats (#46796427) Attached to: Google's New Camera App Simulates Shallow Depth of Field

Some movie directors are still bitching over the disappearance of film grain. There are companies putting unnecessary film grain in digital images.

We need to get to 48FPS or better, so slow pans over detailed backgrounds look right. No more strobing!

(Instead, we're getting 4K resolution, which is only useful if the screen is in front of your face and a meter wide.)

Comment: That's the Chevy Volt. (Score 1) 347

by Animats (#46796229) Attached to: Mercedes Pooh-Poohs Tesla, Says It Has "Limited Potential"

A pure electric first gear would marry the best torque range of electric motors would free the IC engine of its low end torque requirements. No battery, no regenerative braking or fancy nancy stuff.

That's the Chevy Volt. Modest engine and battery, good electric motor. The Honda FCX has electric drive, a fuel cell, and ultracapacitors for acceleration boost.

A pure electric transmission with an IC engine? That's a Diesel-electric locomotive. Works very well, especially with modern solid-state controls. Overkill for a car, where getting started isn't that hard and clutches are in slip for only a second or two. A huge win for trains, where getting all that mass moving is the hardest part of the job.

Comment: Not a problem for MGP (Score 1) 176

by Animats (#46796143) Attached to: Beer Price Crisis On the Horizon

MGP Ingredients, which produces a sizeable fraction of the distilled spirits in the US, doesn't seem to have a problem with this. They're already running their distillery by-products through a dryer and turning out dried-grain animal feed. MGP, formerly Midwest Grain Products, takes in grain and turns out a broad range of food and beverage products. They're set up to make and ship food-grade products for humans, so complying with the rules for animal feed isn't a big deal for them.

The liquor industry is different than ads indicate. The "secret family recipe" hype is mostly bullshit. Huge plants in the Midwest produce bulk alcohol, which is then shipped by rail, in tank cars, to companies which perform further processing and bottling. The same ethyl alcohol is used for vodka, gin, rum, scotch, bourbon, brandy, tequila, Canadian whiskies, and liqueurs. MGP also sells some ethyl alcohol for fuel use, although for them it's a sideline, not their main business. They make more alcohol than the booze industry can use.

So, for the big plants, this isn't a problem.

Comment: Bullshit (Score 5, Insightful) 176

by Animats (#46795611) Attached to: Beer Price Crisis On the Horizon

Brewers get $30 a ton for the waste from beer manufacturing. Per can/bottle of beer, that's negligible.

Brewers can continue to sell this as animal feed. They just have to follow the same rules as everybody else who sells animal feed, like Purina Chows and Cargill. The big plants will have to do a little more processing and testing. The "craft brewers" don't produce that much waste, and it's biodegradable.

Comment: Overcollection (Score 2) 90

by Animats (#46791557) Attached to: How Nest and FitBit Might Spy On You For Cash

The trouble with these things is that they want to "phone home" too much. For energy conservation, Nest talks to a Nest, Inc. server and tells it too much. The info it needs (outside temp, power grid load status) is freely available from read-only web sites. (Given a ZIP code, the National Weather Service site will return info in XML.) But no, it has to talk to the "cloud" and give out personal information. That's totally unnecessary.

Comment: Re:When did slashdot become a blog for Bennett? (Score 1) 232

by khasim (#46791205) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

Except he did not stop there. That's the problem. Allow me to re-state his original premise.

For a currency "X" there exists an amount "Y" at which (or below) no one will sell accurate bug reports to you.

When X = "pennies" and Y = "2" you can see how it works. Would you spend your time looking for bugs and reporting them for a possible payout of two cents per report? So at that point I can agree with him.

BUT THEN HE TRIES FOR A FALSE COROLLARY.

For a currency "X" there exists an amount "Z" at which (or above) people will sell accurate bug reports to you.

He uses X = "dollars" and Z = "10 million" there.

The reason it is a false corollary is that it depends upon a bug's existence being based upon the amount offered to find it.

Comment: No, they are not. (Score 1) 232

by khasim (#46790893) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

All of the people talking as if I had said there were "literally infinite" bugs in a product are missing the point.

No. They understand and they are explaining to YOU where YOU are wrong.

I said, very clearly, that of course the number of bugs is not literally infinite, but I was considering the case where there are so many bugs which can be found for $X worth of effort, that it's unrealistic to find and fix them all in the time frame before the product becomes obsolete anyway.

And that is where you are wrong. YOU are claiming that a very specific HYPOTHETICAL situation is same as the general ACTUAL situation.

Your HYPOTHETICAL situation is 100% divorced from the ACTUAL situation.

In the ACTUAL situation there are a finite number of buffer overflow bugs in any specific program and those buffer overflow bugs can be found and fixed WITHOUT another buffer overflow bug appearing. And it is EASY to find the MAXIMUM number of buffer overflow bugs by searching the source code for every instance of a buffer being used.

Finite AND countable AND fixable.

The fact that there are dozens of people responding as if I had said "literally infinitely many bugs" does not make their point any more valid.

No. They are pointing out that YOU have made that assumption even though YOU keep denying it.

Because once you admit that the number of buffer overflow bugs is finite AND countable then there exists a point where they can ALL be fixed. And you keep denying that that is possible.

Comment: Re:Bennett's Ego (Score 1) 232

by khasim (#46790713) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

Well, theoretically yes.

"Theoretically". Got it.

But do you think that Apache could ever reach a state in practice, in the world we actually live in, where you couldn't find a new vulnerability in it for $10 million worth of effort?

Emphasis added.

So now you're conflating a real-world situation with a hypothetical situation ... no. You do not get to mix real-world and hypotheticals in the same sentence. No one is offering $10 million and no one is likely to offer $10 million.

IF someone would offer $10 million for buffer overflow bugs in Apache then a lot of people would comb through the code and check each instance of a buffer for an overflow bug. All the buffer overflow bugs would be found.

After that, finding ANOTHER buffer overflow bug would not be possible IN THAT CODE BASE. No matter how much money was offered. Because all the instances should have been checked and identified.

Someone would have to submit code that included a NEW buffer overflow bug in order for a NEW buffer overflow bug to be discovered.

No matter how much money was being offered. No "theoretically" about it. It's Computer SCIENCE.

Comment: Re:"Web 2.0" is a decade old now (Score 1) 54

by Just Some Guy (#46789491) Attached to: The Internet of Things and Humans

When I step on my scale, it tells me if I need to carry an umbrella today (based on the weather forecast it downloaded). Then it sends my weight etc. to my iPhone where it's merged with information from my fitness wristband and my diet tracker. Based on that, I get suggestions like "you've been going to bed a little later than usual. You should catch up." or "drink more water today" or "try to walk this much further than you did yesterday".

I think that's not so shabby.

Comment: Teletype machines (Score 4, Interesting) 623

by Animats (#46789303) Attached to: Ask Slashdot: What Tech Products Were Built To Last?

I have several Teletype machines from the 1926 to 1940 period. All are in good working order. They're completely repairable; it's possible to take one apart down to the individual parts and put it back together. But they're high-maintenance. There are several hundred oiling points on a Model 15 Teletype. There are things that have to be adjusted occasionally, and manuals and tools for doing that. Every few years, the entire machine has to be soaked in solvent to clean off excess oil, then relubricated and adjusted. This is the price of building a complex machine good for a century or more.

(The Model 33 of the minicomputer era is not one of the long-lived machines. This was by design. The Model 35 was the equivalent long-lived, high-maintenance product; the 33 required little mainenance but had a llimited life.)

Comment: Eliminating buffer overflows (Score 1) 232

by Animats (#46789181) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

The problem is C. Programs in all the languages that understand array size, (Pascal, Modula, Ada, Go, Erlang, Eiffel, Haskell, and all the scripting languages) don't have buffer overflow problems.

It's not an overhead problem. That was solved decades ago; compilers can optimize out most subscript checks within inner loops.

I've proposed a way to retrofit array size info to C, but it's a big change to sell. There are many C programmers who think they're so good they don't need subscript checks. Experience demonstrates they are wrong.

Comment: Re:That's where you are wrong. (Score 1) 232

by khasim (#46789043) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

Do you really believe that if you offered a $10 million prize to anyone who could find a vulnerability in the Apache web server, that you would reach the point where people weren't finding and reporting new ones...

From your inclusion of "really believe" I'd say that your question was rhetorical.

And wrong.

At $10 million per buffer overflow? Yes. There would be a finite number of buffer overflows that would be found and fixed.

At $10 million per X category of bug? Yes. There would be a finite number X's that would be found and fixed.

Therefore, unless you assume an infinite number of categories of bugs, all the bugs would eventually be fixed.

Because the code base comprises a finite number of bits and there is a finite number of ways that those bits can be run.

You can tell how far we have to go, when FORTRAN is the language of supercomputers. -- Steven Feiner

Working...