Forgot your password?

Comment: Re: How many GPS systems are there? (Score 4, Informative) 86

by dwheeler (#48175617) Attached to: India Successfully Launches Region-Specific Navigation Satellite
I know of at least the following systems that exist or are being built: GPS (United States), GLONASS (Russia), Galileo (planned, European Union), Indian Regional Navigation Satellite System (India), and the Beidou Navigation Satellite System (China). GPS and GLONASS, in particular, have been around a long time.

Comment: Binary prefixes: Use them (Score 3, Informative) 272

by dwheeler (#47485307) Attached to: Ask Slashdot: How Many Employees Does Microsoft Really Need?

By standard and by law, a "k" is x1000, an "M" is x1,000,000, and so on, and NOTHING else. Standards groups like IEC and IEEE are unanimous: they ALWAYS mean a power of 10. There have already been a number of court cases where someone used "K" etc. to mean binary prefixes, and every time they have had to concede (and typically end up paying up in out-of-court settlements). Examples include Willem Vroegh v. Eastman Kodak Company and Cho v. Seagate Technology (US) Holdings, Inc.

And don't tell me that computers "always" use base 2 measurements. Hard disk drives, clock cycles, and bandwidth are typically measured using base-10 prefixes (multipliers of 10^3). Yes, RAM has been traditionally been measured using prefixes that imply powers of 2, but the errors have been getting worse and worse as the numbers get larger.

Technologists should care about being precise. If you can't tell what a number means, that is a problem. The binary prefixes are a nice solution to a widespread problem. If you don't care about precision, use whatever term you want. But when you want to measure accurately, use the right units.

Comment: What do you call objects orbiting stars? (Score 1) 128

The practical problem is a difficulty of communication. The purpose of words is to help us communicate. If we have no word for a common idea we want to express, then we usually create a new word or phrase.

Let's say we observe an object, with mass less than a star, that is orbiting a star other than our Sun. What, exactly, do you call it? Under the IAU rules, you cannot call it a planet, because we generally cannot know if it has cleared its orbit. The standard solution in English is to call it a "planet". But if we call it a planet, then we should use the same definition everywhere.

Comment: Pluto=planet, because there are other stars (Score 1) 128

As I commented years ago, the worst problem with the current IAU definition of "planet" is a practical one: we can't practically use it for objects orbiting other stars.

We are too far away to observe small objects around other stars, and I think we will always be able to detect larger objects but not smaller ones in many faraway orbits. So when we detect an object in another galaxy with the mass of Jupiter, and it’s orbiting a star, is it a planet? Well, under this current definition we don’t know if it’s a planet or not. Why? Because we may not be able to know what else is there in orbit. And that is a real problem. I think it’s clear that we will always be able to observe some larger objects without being able to detect the presence of smaller ones. If we can’t use the obvious word, then the definition is useless - so we need a better definition instead.

I think a much better definition of "planet" is "orbits a star, enough mass to become round". Yes, that means that Ceres and some Kuiper Belt objects become planets. That's a GOOD thing. A lot of people don't know of Ceres, yet that one object has about 1/3 of the ENTIRE mass of the asteroid belt.

Of course, none of this affects reality; this is merely a definition war. But clear terminology is important in any science.

Comment: Internet Explorer IS vulnerable though (Score 1) 107

by dwheeler (#47424855) Attached to: India's National Informatics Centre Forged Google SSL Certificates

This is a big deal. If you use a browser on Windows that does NOT counter this, such as Internet Explorer, then you ARE vulnerable. I imagine Microsoft will come out with a special-purpose patch, but still, this is a pretty nasty issue.

Untrustworthy CAs have been a problem for a long time; we need mechanisms to address them. The terrible cert revocation system makes it even worse; you can't be sure that the certs are checked in many cases. Chrome's CRLSets are not the answer; they are not even the beginning of an answer. We need to fix the whole revocation system. Sadly, there hasn't been enough work or enough urgency on these problems; maybe this will light a fire under those efforts. I doubt it, but it's worth hoping.

Comment: Old problem. Let's fix it. (Score 1) 215

by dwheeler (#47338317) Attached to: Exploiting Wildcards On Linux/Unix

I'm glad that people are learning about this problem. Sadly, it's not new, it's been known for decades. CERT’s “Secure Coding” item MSC09-C (Character Encoding — Use Subset of ASCII for Safety) specifically discusses the vulnerabilities due to filenames. The Common Weakness Enumeration (CWE) includes 3 weaknesses related to filenames (CWE 78, CWE 73, and CWE 116), all of which are in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors. My freely-available book on writing secure software has a whole section about filenames. And so on.

We need to fix the problems with Unix/Linux filenames, not just keep rediscovering them. In particular, ensuring that filenames had no control characters, no leading dashes, and used UTF-8 encoding would simplify developing correct programs. Most people writing software already follow these rules. We don't need to make it easy for attackers.

Comment: Re:Sanity check (Score 1) 197

by dwheeler (#46990705) Attached to: 7.1 Billion People, 7.1 Billion Mobile Phone Accounts Activated

To be fair, the article itself does state that the 7.1B figure does not represent unique users or handsets in use. Instead, it says that "The number of unique users is now 4.5 Billion or 63% of all humans alive are actually users of mobile phones. The remaining 2.6 Billion accounts are second or third accounts for the same user... So 20% of us, one in five who has a mobile subscription or account, actually walks around with two phones (and at least two accounts)."

(1) Never draw what you can copy. (2) Never copy what you can trace. (3) Never trace what you can cut out and paste down.