Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Call me skeptical (Score 1) 222

Basically "SQL" or relational algebra is a programming language. All the arguments are against weaknesses in the implementation, not problems with the language itself. NoSQL seems better, but does not implement the complete language only part of it. If I try and implement SQL or a relational programming language on top of "NoSQL" databases you will find there are features missing. Eventually NoSQL will need to implement the complete language and will become relationally complete, but the result will probably not be as elegant.

As for the join example, you compare a table join against a single lookup... not the same thing. How many seeks would objectivity need to find the phone number for the employers of all aunts (on the fathers side) of every person in the database (which is what a join is for)? And as for the virtual addresses, Oracle (for example) can use raw disk access to optimise the layout of data on the disk to minimise head movements when executing common queries. It can do this because relational algebra hides all details of the implementation from the user, allowing the database code more freedom to choose how it stores and processes the data).

Comment Re:Call me skeptical (Score 1) 222

This is true, NoSQL must be better if you are doing the ORM thing. But that's not how you should use a relational database. Ralational Algebra (of which SQL is an implementation) is a programming language. You construct your data in relations (tables) then write the operations on them in relational-algebra (SQL).

So you can either use object modelling and and ORM/NoSQL, or relational modelling and relational-algebra/SQL. Of the two relational modelling is more powerful (can model more situations), and relational-algebra is a higher level language (because you specify what you want done, not how to do it).

Comment Re:Cut the hardlines (Score 1) 254

I agree about the difficulty of being truly secure against dedicated attackers. I think the idea that security is "done" and you are "secure" is part of the problem. I think its more like how hard do you want to make it. The more time and effort you spend on security, the greater the cost to the would-be attacker. But given enough time and money _any_ security system is vulnerable. In a way it comes down to risk management. How much is the cost of a compromise, and then how probable is it to happen.

Comment Re:Cut the hardlines (Score 1) 254

Virus detectors only detect known viruses... Even with virus protection, you are vulnerable to unknown viruses.

To make this even more thought provoking, what if the virus detector is infected. What if the 'C' compiler is infected, such that all programs it generated automatically are infected, and cannot detect the infection. If the infection is not spotted soon enough, all virus detection products compiled with the compiler will be infected. What if this has already happened?

Comment Re:Cut the hardlines (Score 2, Informative) 254

I said stuxnet does not _need_ the PLC (PLD) containing machines to be connected. In reality they may be connected, but disconnecting them will not stop Stuxnet infecting them as it gets in when the PLC programming is updated.

For reference a "Field PG" is a machine used to program the PLCs not the actual target of the infection.

"Once Stuxnet had infected a computer within the organization it began to spread in search of Field PGs, which are typical Windows computers but used to program PLCs. Since most of these computers are non-networked, Stuxnet would first try to spread to other computers on the LAN through a zero-day vulnerability, a two year old vulnerability, infecting Step 7 projects, and through removable drives. Propagation through a LAN likely served as the first step and propagation through removable drives as a means to cover the last and final hop to a Field PG that is never connected to an untrusted network."

Comment Re:Cut the hardlines (Score 1) 254

Burning a CDROM on one and using it on another is enough. Its almost as is nobody remembers floppy discs with file and bootsector viruses. With Stuxnet because it can infect the design files, moving the PLD designs from one computer to another by _any_ means (USB key / SDCARD / DVD etc...) will spread the infection.

Comment Re:Cut the hardlines (Score 5, Informative) 254

Actually Stuxnet does not require the machines to be connected to the Internet. In infests the machines used by the designers of these systems, and piggy backs on update PLDs (programmable logic devices) for the production machinery. It does not even rely on the PLD programming machines being connected, as it infests the PLD design files. It infests the PLD design engineers workstations when someone plugs an infected laptop into the private network that all the design computers are on.

Comment Re:legal for iPhone, illegal for DS? (Score 1) 254

Yes, and you _could_ argue that about the iPhone, you _could_ develop for Android or one of the totally open platforms... and yet the iPhone has been given an exemption from the DMCA. My point is for consistency they either have to allow the "running non approved software" argument to apply to all closed systems, or to none. To just apply it to the iPhone is like passing a law saying you can only do home-mechanics on a Ford.

Comment Re:Waiting for JDK 7 (Score 1) 270

epoll has already been tried see: "" The conclusion: "Results shows that the cost of NIO selectors coupled with OS polling mechanism (in this case efficient epoll VS selector/poll) has a significant overhead compared to the cost of context switching 1700 threads on an NPTL Linux kernel."

Slashdot Top Deals

Nothing motivates a man more than to see his boss put in an honest day's work.