Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

typodupeerror
DEAL: For \$25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

## Comment Re:It has its uses (Score 1)381

I'm going to argue there are no special cases that don't fit.

In a strictly mathematical sense, yes, various things are equivalent and various patterns are universal. However, that's a bit like saying you can do anything with sequencing, selection and repetition. While true in a sense, realistically it doesn't necessarily represent the clearest way to express everything. In practice, I have sometimes found that while I might build individual parts of a complicated algorithm from tools like folds, it may be clearer and easier to write the "big picture" using explicit recursion rather than trying to adapt everything to fit some standard algorithm.

As a practical example, not so long ago I was working on some code that would take some information in a certain format as input, and update a rather complicated graph-like data structure to incorporate that extra information. This algorithm involved walking the graph, and depending on the properties of each node reached and of the information to be merged in, either updating that single node "in place" or changing the structure of the graph around it. Each such step would typically transfer some of the remaining information into the graph, and then continue walking the rest of the graph to merge in the rest of the information until one or the other ran out. No doubt with enough mathematical machinations this could have been shoe-horned into some standard pattern, but in practice it was far simpler and more transparent to write a small set of mutually recursive functions that implemented the required behaviour at each step. And of course each of those functions then received information about the state of the graph walk and the state of the information being merged in through parameters.

At this point I think purity allows for laziness and laziness demonstrates a lot of the advantages of purity.

If you only care about the result of evaluating a function, sure, but if you also care about the performance characteristics of your program, I don't think it's so simple. Laziness can be both a blessing and a curse.

As for lazy with large amounts of data, Hadoop is lazy. So I'm not sure what you are saying.

In short, unrestricted laziness can cause huge increases in the amount of working memory required to run a program, until finally something triggers the postponed evaluations and restores order. As I recall, there was even a simple tutorial example in Real World Haskell that could wind up exhausting the available memory just by scanning a moderately large directory tree because of the accumulated lazy thunks.

## Comment Re:It has its uses (Score 1)381

Until functional programmers start speaking the same language as people in industry, we'll keep rolling our eyes and ignoring you.

I'm pretty sure maths has been around longer than programming, so who is really redefining the language here?

Also, false dichotomy is false. Functional programming concepts are widely and effectively used in industrial programming. The idea that what we're talking about is some academic, ivory tower idea is decades out of date.

## Comment Re:It has its uses (Score 1)381

That's just bad functional code.

It was a simplified example, but I think the point would still be valid in some more complicated case that doesn't fit one of the everyday functional programming patterns. The state is still there, it's just conveyed by accumulating function argument(s) in recursive, functional code instead of storing it in loop control variable(s) in imperative code.

The other thing is you don't want to be "doing stuff" and iterating. You want to be computing stuff and then "doing stuff" on the entire set of output. The system as it pulls output will drive the iteration on the computation.

I think you're conflating lazy evaluation with functional programming here. In any case, I think that sort of claim needs some qualification. Haskell-style laziness is nice for composition in theory and sometimes it lets us write very elegant code in practice, but it can also become a liability, particularly if you're working with very large amounts of data or anything time-sensitive.

## Comment Re: It has its uses (Score 1)381

On the other hand, if you've used a language that is designed to support functional programming, you probably wouldn't be in much doubt.

For example, here's the all-positive check written in Haskell:

all_positive = all (>0) [1, 2, 3, 5, 8, 13]

which is just a convenient notation for:

all_positive = all (\x -> x > 0) [1, 2, 3, 5, 8, 13]

where the backslash is Haskell's general syntax for introducing a lambda.

Criticising the ideas of functional programming because, for example, C++'s syntax for lambdas is horrific is like criticising OOP because setting up dispatch via vtables is a bit messy in assembly language. It's just not the right tool for the job, and it's unlikely to give great results no matter what you do with it. You have to look at the underlying principles to see whether they're useful or not.

## Comment Re:Wonderful (Score 1)154

Again, it seems we basically agree on this one in principle, but again, I'm perhaps a little wary in practice. When we start talking about regulating software development, and so recognising accepted good practice in some way, that implies that there is someone qualified to judge what good practices actually are and some reasonable basis for determining what the regulations should be. My personal view is that I'm optimistic about the future but we're not there yet.

In particular, suppose we tried to move in that direction tomorrow, or maybe we even went as far as making software development a proper engineering discipline and a licensed profession. I think the kind of people who would find their way into the influential regulatory positions probably would not be the people who were actually best qualified to advise on such issues, not least because they're busy building useful software. Instead, I think you'd get the dreaded consultants -- not the legitimate ones who really do have wide experience and now make a living sharing it to help others, but the ones who are more politician than engineer, engaging speakers and writers, always quick to tell others how they should write software, yet typically having built relatively little of their own and having little actual data to support their recommendations. (I have this vision in my head now of some Extreme Agile Craftsmanship Consultant telling guys who have been writing security-sensitive networking stacks for 30 years how in future they should TDD their way to the basic functionality and then add "security" on later, and as long as the tests are still passing they can just ship right away.)

This isn't to say that the underlying problem is not serious. The idea that everything should be connected and the idea that security and privacy concerns are being adequately addressed by today's market is a terrifying and potentially extremely dangerous combination. As a geek, I'm able to protect myself and my family to some extent by avoiding a lot of the junk, but obviously most people don't have that advantage and general public awareness of the real implications of these modern trends is still disturbingly low.

I wonder whether a useful way forward in the near future would be some sort of voluntary endorsement system to help raise that public awareness. You don't have to absolutely require following lots of specific regulations, but maybe those who can demonstrate that they at least meet some basic, uncontroversial standards get to label their products with some sort of reserved mark, and then maybe customers start asking why some other product doesn't come with, say, a money-back guarantee and extra compensation in the event of certain bad things happening.

## Comment Re:Wonderful (Score 1)154

Yes, I agree with pretty much everything you're saying. I also think it's important to distinguish a theoretical benefit, where it's possible to conduct such a review and possibly to fix problems yourself, from a practical benefit, where someone actually has the time and skills to do that or the time and money to get someone else to do it.

## Comment Re:Sledgehammer approach. (Score 2)163

Actually, if someone sells insecure crap that subsequently gets hacked and stops working as a result, in a lot of places that's going to be considered unfit for purpose or the legal equivalent and therefore entitle the owner to some sort of refund or other remedy at the vendor's expense. While I don't condone the vigilante aspect here, it might prove to be quite effective at highlighting how poor the state of security is in the IoT industry and forcing manufacturers of these devices not to cheap out so much.

## Comment Re:Wonderful (Score 1)154

The trouble is, we don't know how to make bug-free, perfectly secure software and hardware yet. Requiring the SoC manufacturers to meet a practically impossible standard isn't going to put prices up "a bit", it's going to increase them dramatically, and it's still not going to solve the problem, it's just going to make the luckier insurance companies underwriting those manufacturers a bit richer.

If the idea of better regulation is going to go anywhere useful, it has to push manufacturers and those along the supply chain towards an achievable better position, and it has to do so with a cost that is commercially viable. I'm not sure that's what some of the people posting in this discussion are asking for.

## Comment Re:Wonderful (Score 4, Interesting)154

This sort of argument gets made every time there is a breach in any proprietary system, but where exactly are you going to find these "security professionals" to carry out detailed audits on entire firmware systems every time someone released a new product? Who's going to pay their bill? What good is a fix from a SoC manufacturer if the suppliers of devices incorporating those SoCs or the networks reselling them don't then supply an OTA update in a timely and secure fashion?

The idea that enough eyes make all bugs shallow might be one of the most dangerous fallacies in computing today, but even if it were true, it would still only be the first step to fixing a problem like this.

## Comment Re:For lawyers, by lawyers (Score 1)194

I've no reason to doubt your description of your own experiences. As you say, we're talking anecdotally here. I'm just saying that's not always how things work out.

I suspect in our case the issue might be that the uploader was themselves taking the material down some time after we filed the notices but before YouTube got around to acting on them, so by the time our notices got processed we just received another standard form message about the content having been removed already. That's all well and good, the content was down either way, but it doesn't stop thousands of people from watching it on this person's YouTube channel and in some cases apparently thinking they made it as well instead of finding an authorised source run by the original creators, and it doesn't stop us having to spend a lot of time filing notice after notice when stuff went back up again. YouTube's system seems to be completely incapable of dealing with this, and I really see no justification at all for a heavily automated system like theirs taking multiple days to act on a properly submitted takedown notice, but maybe this is why our experiences have differed.

As for removing safe harbour provisions being an existential threat to sites like YouTube, I'm not sure I have a problem with that. YouTube isn't actually creating the content people enjoy there, it's just making a lot of money from hosting it, which is a secondary service that could certainly be replaced in a variety of ways, some of which might work better. If nothing else, not so many years ago, when the Internet was more decentralised, people just ran their own web sites and blogs and email and so on, using their own ISPs as hosts. Given all the advances in related areas since then I don't see why a similarly decentralised approach couldn't work today, and I suspect the online world might be a much nicer place without so much power and so little accountability being concentrated with a tiny number of hosting services like YouTube and Facebook. After all, if any normal person is hosting infringing content on their site, there is no magic law to protect them, and yet the Internet still became perhaps the greatest information sharing and communication tool in history.

## Comment Re:My how have the tables turned (Score 1)194

The fourth group doesn't exist if things are done right.

It really does. An existence proof is that I've seen people rip material and then offer it with their own branding applied from their own source(s), and I've then seen other people who have supported that (including financially) and whose public comments make it obvious that they think they're supporting the original creators of the work. Those people liked the work and demonstrably were willing to support it financially in whatever way, they were just unknowingly supporting the wrong person.

Are you certain you're seeing the same account put your music back up after you have it taken down, over and over, more than three times?

Yes (though it wasn't music in our case).

In the most recent incident, it was unmistakably our content, right up to the point of sometimes forgetting to remove our URLs from videos and the like while slapping the infringer's own channel branding all over it. It was posted by the exact same account, along with obvious infringements of various other people's work. In some cases it was even removed and then the exact same content reposted a few days later by the same account.

We filed DMCA requests against each infringing video for a few days, and then eventually sent a separate email to YouTube pointing out the persistent infringement and that we had already filed numerous separate takedown notices against that account. This went back and forth a couple of times, but the bottom line was whoever was replying didn't even seem to be reading the basic details we were sending, and we were just getting fobbed off with form content about needing to submit a proper takedown notice and being directed back to the same takedown notice page that we'd already been using and had told them we'd already been using. At no point did they even seem to acknowledge being informed about the ongoing and repeated infringement or understand that notifying them of this was the purpose of our separate email.

I can't speak about anyone else's experiences here. I'm just offering a data point that we have followed these processes very recently, and found them to be totally ineffective. We actually got results by taking action directly against the infringer, who apparently subsequently pulled the content from YouTube voluntarily before YT's staff did anything about it (but still a considerable time after the original takedown notices were submitted). It's hard for me to see how YouTube's actions would have qualified as either acting reasonably quickly to remove material after receiving a proper takedown notice under the DMCA or meeting their obligation under the same law to deal with persistent infringement.

Apparently your experience and ours have been wildly different. Maybe it was different timing, or because you were talking about music and we were talking about other types of video, or just that you got the diligent agent and we got the guy phoning it in. Whatever the cause, the bottom line is that their system apparently did absolutely nothing to protect or help us in that case.

## Comment Re:My how have the tables turned (Score 1)194

Even if YouTube did go away, who is to say that would be a bad thing and it wouldn't naturally be replaced by something different and perhaps better? We take a lot in the technology world for granted because once, often long ago, it somehow won and became the default way of doing things. That doesn't necessarily mean it was or remains the best or even a good way of doing things, particularly if after the incumbent had become established the barriers to something else developing became high. Personally I think the centralisation of the Internet in recent years, and the disproportionate and largely unearned influence it gives to a few big hosting services and gatekeepers, is a prime example of this.

## Comment Re:My how have the tables turned (Score 1)194

The only thing that can tip that balance is either some kind of revolution or collective bargaining (which I could totally get behind) OR legislation.

Well, a review of the principles underlying IP regulation/legislation does seem long overdue. Intellectual property rights in their current form often are not creating effective competitive markets, which is their raison d'être. The most important players in the creative markets are the creators and the consumers/society, yet current incentives are mostly directed towards the middleman services. Given that those services are provided to creators, if competition were functioning effectively, this would be driving compensation for creators up and margins in the services down, but often that does not seem to be happening.

The economics of creative industries are complex at the best of times, and maybe the legal frameworks we've relied on in the past just don't do a very good job any more with the possibilities created by modern technologies and communications channels. But in that case, they should be changed, and IMHO that change should go back to first principles and start with how (and indeed how much) we want to incentivize the creation and distribution of new works for the benefit of society. The legal and regulatory landscape should be dictated by that underlying policy. The scope for any secondary services and how much of any money moving around they ultimately receive should in turn follow naturally from whatever best promotes the original goal.

## Comment Re:My how have the tables turned (Score 1)194

Would it be fair for /. to be on the hook if I cut paste a copyrighted work here?

If you did it once, and when informed of the problem they promptly removed it, perhaps not. I don't think it's a clear-cut issue, but there are obvious costs to having every piece of hosted third party content potentially incur liability, and it may be that the net benefits to society of making it easier to run a hosting service do outweigh the costs.

If there was a pattern of you doing it, and they were aware of that pattern, and they didn't then do something reasonable about it, I think that's a different question and potentially the cost/benefit ratio of allowing that practice is also different.

If they actively built a business out of that kind of infringement, such infringement continues to be widespread and conducted by large numbers of their users, it is reasonable to assume they are well aware of this, and they continue to make lots of money from it? That's a different question again.

## Comment Re:My how have the tables turned (Score 1)194

But you missed a fourth group, which is the people who enjoy your novel and would have been happy to pay for it if they'd found a legitimate source first, but who actually found it somewhere else and maybe even paid the unauthorised source for it instead of you.

As someone else doing relatively small-scale creative business, I can testify that this group can be a significant one, and I both sympathise and empathise with the situation that sneakyimp has described in terms of watching people ripping your stuff on YouTube and finding them hiding behind the safe harbour provisions even when it is clearly an ongoing problem and you have made them well aware of it.

I'll add a little from personal experience. Under the DMCA and similar laws, safe harbour is rarely an absolute protection, and typically those appealing to it are still expected to have some mechanism for dealing with persistent infringement, such as stopping the account of the infringer. In our experience, YouTube have shown no willingness to do this, and any attempt to contact them about it at their published email address for such matters just gets something boilerplatey back that directs you to their online form for filing a single DMCA complaint... again. Perhaps when they're dealing with anyone big enough that they are likely to take real action and have the resources to do it, YouTube follow other processes, but from a legal point of view it looks like they would have forfeited their safe harbour protection in a case like ours if we'd wanted to make a point of it.

# Slashdot Top Deals

"Catch a wave and you're sitting on top of the world." - The Beach Boys

Working...