Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment How about the BSD 2-Clause License? (Score 1) 58

When the University of Berkeley wanted to release its Unix distribution, they also had the problem of finding a suitable permissible license, without falling into the extreme of Public Domain, which, as others have rightfully observed, isn't always recognized internationally. So they invented the beautiful BSD license. This license had a couple of clauses, that ultimately went down to just two now. How about the DoD releasing their stuff under the 2-Clause BSD License as well? Short, sweet, crisp, neutral, developer-friendly, and free of all ideology and cruft. I know, that's taking side in an open debate, and opening a can of worms, but seriously, for government-funded work, that may really be like U. Berkeley's code the best option.

Comment Re:Sigh (Score 1) 374

Concerning Rust, it still has to be seen if it is not just yet another fad of the year. We've seen programming languages come and go in the last couple of decades, and the sheer inertia of the C/C++ code-base and programmer-base would make me very skeptical w.r.t. any new languages, including Rust (not that I dislike it, far from that).

As to Ada... I've coded in Ada too back then, and I know of some big code-bases that are rock solid in Ada. Unfortunately, there is a severe shortage of Ada programmers who are willing to maintain those code-bases, so what happens is that a lot of money is being thrown at converting all that Ada code to C++ code, using semi-automated tools where possible. This auto-generated C++ code is then manually re-validated by C++ hackers (and that's what is so costly), and from here on, it will persist as C++ code, maybe for decades.

That's the way it goes. A language may have merits of its own, but if it is not popular and if you can't get enough people to maintain your sizeable code-bases, that language is ultimately of no use. C++ seems like a good compromise between openness, royalties/patent-lessness, speed, type safety, maintainability (when done right!), and long-term maintainability through coders. Despite its known shortcomings. No Rust, not even Ada can beat that.

Comment Re:Reason to learn C++ (Score 1) 374

Maybe someday someone will figure out how to use C++ in a clean, nice looking style. Then I'll use it. Until then, I'm staying away.

You may also make suggestions and contribute to shape the next iterations of the C++ standard...

Personally, I really like what has become of C++ since C++11, and I'm seeing that C++17 is getting some real nice additions in the Standard Library too. What I'm still missing though: standardized networking (Boost.ASIO looks like a monster at this stage, don't know if that would or even should make it into the ISO standard anytime soon). Missing networking is a big minus IMHO. I also consider the difficulty of writing more specialized streams, e.g. for encryption etc. a small minus... but that may only be me not yet grokking enough the iostreams / streambuf library design to extend it that way.

Save for that, C++11's style and philosophy is something you get used to after a while. It takes some time to finally "get it" and get the hang out of it. That's not just a couple of syntactic rules and keywords and weird ways to write templates and template specializations and throw in iterator flavors everywhere where you don't expect them to come up, it is more than that. Once you finally reach some stage of enlightenment, you'll start to really like C++ and will start coding in it as it was supposed to be and designed to be. I know, it sounds like a pathetic excuse for not being easily accessible...

Comment Re:AT&T claimed users would destroy phone syst (Score 1) 310

I don't want to play the devil's advocate here, but to AT&T's defense, the POTS was an analog system, and back then, there were no clearly defined interfaces between CPE (customer premises equipment) and "the network". If a customer screwed up the local loop in some really bad way (the system was really robust, it could take a lot of abuse, but it was not indestructible), he could easily damage a certain part of the attached parts up to and including the switch, and that could be costly. And in general, playing around in an analog network where everyone has to play by the rules is a tricky business better left to people who are at least a little bit trained in it. Of course, later things changed considerably, and there was a loose coupling and clear interfaces between CPE and the rest of the network, so customers were free to fool around with their equipment and house wiring as much as they desired without risking to take down other customers with them.

Comment Ad hoc (IBSS) != Wifi-Direct (technical details) (Score 2) 75

Sadly, Google amputated Ad hoc mode (IBSS) in Android, even though that would have been the perfect method in this particular case. Not the technically inferior Wifi-Direct. Some people have tried to hack CyanogenMod on some devices to resurrect IBSS mode on some devices a while ago, but that is not so easy. I think this deserves more attention and love by devs and by Google. There's no reason why we don't have IBSS (ad hoc) mode on those devices out of the box, so we could experiment with real P2P routing algorithms that would be ideal for disaster recovery and deployment of ad hoc meshes.

Comment Re:No c++ love? (Score 1) 149

To C++ aficionados, weekends are for reading and meditating through Stroustrup's and others' fine books, the ISO standard, Boost code, etc. to get a better grasp of the language and its modern features to then be used during the week days to create even more obscure, beautiful metaprograms that solve the Halting Problem at compile time by applying a policy meta-template instantiated with some magic traits. Do you think there's time to commit code like that on GitHub on the weekends and hoping those commits to still make sense on Monday?

Comment Re:The dumbing down is real (Score 1) 176

I couldn't agree more. Most CS graduates can get by writing and maintaining application code, but as soon as it gets to getting their hands dirty and doing library / infrastructure work, i.e. touch real data structures, etc., good luck with that! And that's only foundational stuff... I'm not even mentioning serious aspects like IT security, where a solid mathematical understanding of crypto basics is required nowadays, along with a good base of discrete mathematics, complexity theory and so on. Your typical CS graduate will only have a very superficial understanding of those topics, unless he specialized deeply into that... and even then I wouldn't be the farm on their cognitive skills. That's really sad.

Comment C is slowly being replaced by C++ (Score 4, Insightful) 286

C isn't dying, but I think that it is being slowly replaced more and more by C++. Not all of a sudden, but when new code gets added, it is just more convenient to use std::string, RAII, the whole C++ Standard Library. Especially since C++11, C++ and its library have matured a lot to actually become useful and have you write beautiful and fast/efficient code, thanks to move semantics. So no, C isn't dying, it is morphing into C++11 and later. Even for embedded and kernel-level programming: check out recent projects: many use C++, carefully avoiding features like virtual functions that would slow down running time. It is as good as C can get, only better.

Comment What's the most security-hardened Linux distro? (Score 1) 224

Still relying on OpenBSD, and sometimes also on a trimmed-down FreeBSD with Capsicum for security-related work; but I'm wondering what the most hardened (minimalist) Linux distro you guys are recommending? I understand that the less software, the smaller the attack surface, but I'm also thinking along the lines of SELinux-by-default, settable access policies (not just discretionary access policies but also rules-based access policies), etc...

Comment Re:Roll back surveillance (Score 1) 215

Let me put this file I encrypted with PGP on an anonymous FTP site / dropbox. You can then download it and tell me what's in the file. No wait, you can't, because it's encrypted with an OS-agnostic algorithm and you don't have the key.

I'm not sure you get the point. Are the (private) keys located on the Android device? Do you enter the passphrase to unlock the private keys directly on the Android device? If so, your beloved App's security is toast, because key material is hitting the OS before it even reaches the App.

Comment Re:Roll back surveillance (Score 1) 215

Encryption is out there, and a reality. If the phone manufacturer compromises their full-disk encryption, then app makers start writing un-compromised encryption into their apps.

If it were only so simple! If the underlying OS is compromised and can't be trusted, what's the value of any encryption on top of that?

Let's say Gov't passes an anti-encryption law for smartphones. First thing Apple and Google will (have to) do, is to purge their App Stores from all apps that implement un-snoopable encryption. That's the first step. So no un-compromised encryption in apps for the plebs.

Then, next step, Apple and Google will (have to) remove all encryption libraries and support in the OS (libraries etc.), or cripple them with backdoors, so the Government(s) and other evil-doers can snoop right back in, even if Apps are still allowed to call encryption APIs.

Finally, every I/O in and out of an App has to go through some layer of the OS; and if the OS can't be trusted, what good is solid encryption? You as a user can't listen to encrypted voice, you can't read encrypted messages, you can't watch encrypted photos and videos: you're the analog counterpart that requires decryption, and this is the point where device makers will be compelled by the Gov't to let the snooping start.

Of course, there's still the option of alternative ROMs that you compile yourself out of reliable source code (CyanogenMod et al. come to mind); but here, there are still some binary blobs that are required to drive the modems etc.: same problem as with a regular Linux: do you trust these, if Government were to mandate snooping on a hardware low-level from manufacturers?

Slashdot Top Deals

The amount of time between slipping on the peel and landing on the pavement is precisely 1 bananosecond.