Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:I like functions... (Score 1) 287

Yes, it means your functions aren't allowed to have side effects (i.e., all parameters are passed by value and the only result is the value returned to the caller).

It's quite a bit more than that, at least if you're talking about pure functional programming. You also have to get rid of most all of your old notions of flow control. Imperative programming is about defining sequences of steps, some of which are conditional. Functional programming is all done with nested transformations; there are no sequential steps, there are no branches, there is no iteration.

If this sounds freakish and impossible to someone raised on imperative programming paradigms... yes, it is. Functional programming requires thinking in an entirely new way. It's a very powerful tool. I'm not sure it's the best tool for the systems I build (though I'm also not sure it isn't), but at a minimum it's a useful way to think about code construction. Every programmer should spend some time learning it.

Comment Re:"Like"? (Score 2) 287

I don't get what you mean by "like".

Procedures are procedures, period.

Indeed they are. And purely functional programming languages don't have procedures.

The grafting of functional programming constructs onto imperative languages is interesting and useful, but every programmer should spend some time learning to program in a purely functional style, even if they then go back to imperative languages for their everyday work. It opens up a whole new way of thinking about code.

Comment Re:It has its uses (Score 1) 287

There's two big things that have come out of the recent move towards more functional programming which are really important.

You missed the biggest one: Eliminating mutable state makes code inherently safe for concurrency. Not an inconsiderable issue, since the direction of hardware progress seems to be towards ever more cores.

Of course, pure functional programming eliminates mutable state by creating massive numbers of copies. Actual functional programming languages (e.g. Haskell) are quite clever about optimizing out nearly all of those copies, but the result of that is that the generated code has mutable state. Still, this may very well be the best way forward... automatic parallelization of imperative code is very hard. It may well be that it's easier to automatically decide how to split work up by analyzing data copying, and then apply copy optimization to each thread.

Comment Re:What's changed? (Score 3, Interesting) 223

On the internet, short of blocking them on social media, you are confronted with them constantly.

Actually, I think it's the ability to block (or just de-friend) that creates the biggest part of the problem. It creates echo chamber effects, which help ideas morph into their most virulent and effective forms, especially ideas that demonize the holders of opposing ideas -- which, from a memetic evolutionary perspective are really cooperating ideas, not competing at all.

A good, though somewhat annoyingly dumbed down, explanation of this process and effect is this youtube video. If you haven't watched it, you really should -- and then think about the ideas that you hold and consider the possibility that they have evolved specifically to push your hot buttons in the most effective way possible, and how you can counter that.

Comment Re:What could possibly go wrong? (Score 1) 80

Perhaps: Well the ocean temperature dropped enough, but turns out the local increase in salinity due to the cloud whitening machine spraying salt in to the air has killed off the entire Great Barrier Reef. Oops.

It should be trivial to calculate the potential salinity increase. Do you really think environmental scientists trying to protect the reef won't bother to check that?

Comment Re:DRONE ON (Score 1) 253

So working to reduce our waste volume is the only realistic plan.

Not the only one. Another is to learn how to engineer the climate. Actually, in the long run that will be necessary anyway, because the Earth's climate has significant natural variation, enough that for most of the planet's life-bearing history it's had a climate that we wouldn't like very much. There's also evidence from both Greenland and Antarctic ice core records that the planet occasionally undergoes very rapid spontaneous (i.e. not driven by obvious causes like large volcanic event) climate changes -- faster than the current anthropogenic change. We need to learn how to manage the climate.

Reducing our "accidental" impact will make the job of engineering appropriate deliberate impacts easier, of course.

Comment Re:The problem is depth perception (Score 1) 55

Your eyes are far better at matching light frequencies between both eyes to get the depth mapping correct. Your standard camera can only distinguish 24 bits of light frequency. At that level you get somewhat of a depth map but not a very good one.

Waymo uses LIDAR, not visual light cameras. It gets an extremely accurate depth map, far more accurate than any human could, because LIDAR measures the time it takes light to reach the "seen" object and bounce back to the receptor.

In a 3D mapped world, all the depth information is 100% accurate.

Which is only slightly better than LIDAR-derived depth information.

Comment Re: I think I speak for all of us here (Score 1) 73

So, not for moral reasons at all


they saw hacking as a "moral crusade", said Paul Hoare, senior manager at the NCA's cybercrime unit, who led the research. Others were motivated by a desire to tackle technical problems and prove themselves to friends

I realize that reading the article is too much to ask, but reading the summary really isn't.

Comment I think I speak for all of us here (Score 1) 73

I think I speak for all of us here when I say: Duh?

I mean, I'm glad they've realized this, but rather disappointed they didn't figure it out, oh, 30 years ago, back when kids were hacking the phone system. I mean, even back then some of them "stole" quite a bit of value in the form of hours-long international telephone calls (which used to be really expensive, not like now), but clearly the monetary value was irrelevant, except perhaps as a way to keep score.

Some of those kids grow up and turn their skills to deliberate crime for profit, sure. But I think it's always been clear that basically none of them start that way. Honestly, I don't think it's even possible. There has to be an overpowering love of and fascination with the technology at the beginning, that almost certainly overshadows any interest in material gain. Later, the glamor of the tech fades a bit, but that takes years.

Comment Re:Yeah, Climate Change isn't real /sarcasm (Score 1) 306

And the Republicans insist climate change isn't real . . . well maybe when half the red leaning states are under water they'll open their eyes. Probably be way too late by that point though.

I wouldn't count on that. A lot of red-leaning states are inland, while the coasts are 2/3 blue.

Comment Re:One day they'll discover the folly.... (Score 1) 84

If it is used as a password (IE: no other authenticating properties), it's a password.

Only if you conflate all authentication with password authentication.

In short, if someone obtains that representation and is able to utilize it, the user is toast

That statement is correct, but note that it contains two parts: (a) if someone is able to obtain the representation and (b) if someone is able to utilize it. This, in a nutshell is the difference between password and biometric authentication. With passwords, the hard part is (a), and (b) is easy. With biometrics, the hard part is (b), and (a) is easy. Exactly how hard (b) is depends on the details of the system.

Comment Re:One day they'll discover the folly.... (Score 1) 84

It looks like you don't understand yourself. Otherwise you would not claim that biometric authentication is not comparable to password authentication, and then conclude it is better than PIN authentication.

You need to re-read the post you responded to. Nowhere did I say that biometric authentication cannot be compared to password authentication. I said a biometric is not a password. The security models are different, but that does not mean they cannot be compared. Also, I did not say that biometric authentication is unambiguously better than PIN authentication. I said it's better in some ways and not as good in others, and overall, for this application, this threat models, it's "on par". That means "about as good".

Comment Re:One day they'll discover the folly.... (Score 1) 84

Don't trust any organization that doesn't understand that the fingerprint is the user name not the password.

Fingerprints are not passwords, but they're even worse usernames. Fingerprints come with no uniqueness guarantees and don't consistently identify the same person. Fingerprints are useful authenticators, but you have to understand the security model of biometric authentication, and it is not the same as password authentication. You can't just slot biometrics in as either usernames or passwords. They're different, with different strengths and weaknesses.

Comment Re:One day they'll discover the folly.... (Score 3, Insightful) 84

One day they'll discover the folly of using biometrics for authentication or authorization, but then it will be too late. Let's all tie everything to a password that we can never change right? Great idea! Sigh

Sigh, indeed. You fundamentally misunderstand biometric authentication if you think it is anything like a password, or if you think it matters at all that it can't change. Biometrics do have their share of cons, but not being able to rotate them is definitely not among them.

The security model for password authentication derives its strength (or lack thereof) from the secrecy of the password. Biometrics do not. Your fingerprints are not secrets; you leave them everywhere you go (which is what makes them so useful forensically). From a security perspective the only reasonable way to treat fingerprints or other biometric data is as public information. Assume that the whole world knows your fingerprints, because anyone who really wants to, does.

Because password security is based on secrecy, and because over time those secrets may leak, or be discoverable through time-consuming brute force, password rotation is important. It closes the window of vulnerability if they've leaked, and if you rotate them soon enough that no realistic attacker could have had time to discover them via brute force search (given whatever brute force mitigations are in place), then you maintain the secrecy. Because biometric security is not based on secrecy, rotation helps nothing and is irrelevant.

But if biometric authentication security is not based on secrecy of the biometric, what is it based on? The integrity of the measurement and matching process. Your fingerprint is public information, indeed it's almost certainly conveniently available from the surface of your credit card. So the security of the authentication is precisely equal to the difficulty that an attacker has in presenting your known-fingerprint to the card in a way that it will accept it. If the attacker can splice into the data link between the scanner and matching engine and replay a digital copy, he can authenticate as you. Various techniques, strong ones, can mitigate against that attack.If the attacker can subvert the matching process and get it to report success regardless of input, he can authenticate as you. This is fairly easy to defend against, unless the attacker is very well-equipped. If the attacker can create a fake finger that the scanner will believe is real, and which contains your print image, he can authenticate as you. Various techniques can be used to mitigate against that... but the ones that are deployable in mass-produced consumer devices to be used in essentially unattended operation are pretty weak.

Weak is honestly just fine for this application, though. The fingerprint is just one mitigation on top of many others. It's definitely better than the signature "authentication" currently used in the US. In many ways it's better than PIN authentication, because PINs can be shoulder-surfed. In other ways it's not as good, but overall it's definitely on par.

Slashdot Top Deals

"Gotcha, you snot-necked weenies!" -- Post Bros. Comics