Normally it would be a shedload
Except, obviously, you don't keep vulns in a shed.
So sandbox (or sandboxload) is clearly the correct term here.
213 posts • joined 11 Mar 2008
Except, obviously, you don't keep vulns in a shed.
So sandbox (or sandboxload) is clearly the correct term here.
Maybe this'll all turn out good, but I'm not sure that's guaranteed. Companies that get interested in security frequently go down a well-trodden path where they keep adding defences against more and more threats, becoming a jack of all trades. And in the process they duplicate facilities that are already available from others (as add-ons in the case of Firefox), often in an inferior and incompatible way.
So I'm not optimistic that Firefox can out-ghostery Ghostery, or out-adblock AdBlock Plus, etc. But I am confident that they can make idiotic design decisions while attempting to do so and make it considerably harder for these exiting add-ons to continue.
Add-ons have the distinct advantage that you can easily swap between them. So when AdBlock Plus started selling its soul to certain "approved" advertisers, there was AdBlock Edge to move to. Now imagine what'll happen when (not if) Mozilla changes things the way you don't like. It'll be take it or leave it, like with all their random UI changes.
For my money, the correct approach is to work with the add-on suppliers to make their job easy by exposing the necessary internals, fixing the bugs that plague them and not continually changing features they depend on. And I include the Tor bunch as "suppliers" as I'm sure they could tell Mozilla a thing or three about the tracking risks baked into its browser.
Please, Firefox devs, concentrate on your core competence and give us a reliable, fast, stable and standards-compliant browser and recognise that you need others to help you with many of the extras - and that you need to make their life easier.
I assume the reason AV software is sensitive is because it can potentially detect malware planted by law enforcement. So obviously you wouldn't want any old crim getting his hands on it (rolls eyes), especially not one with a foreign-sounding name (smacks head).
Although this does pre-suppose that Sophos' AV software detects government-produced malware in the first place. Given that US and UK AV vendors don't seem to be targets for NSA/GCHQ hacking or reverse engineering, that's not so certain, of course.
Or it could just be that if the powers that be don't like you they don't want you to have any software at all. But surely even they can see the futility of that?
Indeed. He has plenty of form when it comes to over-hyping things in an alien-life-on-comets direction, not to say bending the evidence a bit to fit on occasion. Organic molecules on comets have been known for many years, but that doesn't equate to life. It's probably best not to jump to any conclusions about the latter without pretty firm evidence.
Religious leaders have always needed something big and scary so that the church could save you from it, especially so the Church of Rome that has so many people to control. These days, governments are using the tactic rather more effectively than churches, though - and with better memes, what with fire and brimstone being a bit old hat.
Unfortunately for the Pope, however, paedophiles are out (for obvious reasons) and terrorists are a bit risky considering how the Romans would have viewed Jesus of Nazereth. So climate change seems to fit the bill nicely.
It's a bit surprising it's taken Rome so long to catch on to the trend everyone's been following for years. But, then, they've only quite recently caught on to the Earth going around the Sun, so I guess you can't expect miracles.
Just thought I'd point out that to test AV software against a set of files (like dlls) you don't actually have to install those files. This sort of problem can be avoided by just plonking all the files somewhere in a big heap and scanning them.
Presumably someone told Cameron about a wave function and he though it sounded like a great photo opportunity.
Quantum mechanics or quantum engineering? I's so hard to decide. Maybe I could do both?
I think you might have just solved the problem of how to overturn the patent system. I'm sure any decent composer could set that legalese to a catchy tune.
Method and apparatus for producing rounded corners... doo dah, doo dah!
So if I read the article correctly, the existence of a quantum computer would serve as experimental refutation of this theory. These days it's good to find such a simple experimental test of a new theory in physics - and such a well funded one too!
Personally, I'd have to agree with Richard Feynman's original observation that, essentially, the universe has to be able to compute a lot faster than our classical computers do or it wouldn't be able to work fast enough itself. Quantum computing is just a way of harnessing the computing that goes on around us all the time - and it's staggeringly fast.
So did it punch a hole through the engine block (quite impressive) or did it just damage the "engine manifold"? I'm not quite sure what the latter is, but it sounds like it involves only a fraction of the metal mass of the former. If they meant the exhaust manifold, which would likely be quite accessible, then all you'll have is a rather noisy truck, not a dead one.
Looking at the picture and assuming the laser is fired horizontally, the hot spot looks too high to be targeting the main block. I'd think 30kW would also take quite a while to heat the mass of an engine to a destructive temperature, what with it being water cooled and stuff. My guess is that any disabling of the truck is most likely to result from burning the electrics. Quite effective, I guess, but not a patch on what even a small amount of high explosive would do.
These seem to come around regularly and rarely do they sound that convincing; this less than most, in fact.
It's obvious you can design just about anything by natural selection (c.f. the natural world) but you'd be a pretty dumb craftsman if you set out to do it that way and not use a modicum of intelligent design. For a start, you can make small sound holes, then play the violin, then make them bigger and see what changes. That's not random and I can't believe a decent craftsman wouldn't have done exactly that, many times over in fact.
Obviously, sound holes aren't the only important design factor, either, so certainly not the "secret" of Stradivari. In fact, if it were just down to dimensions, machines would be able to turn out top-quality violins by the thousand as they'd be able to accurately reproduce the dimensions of great old instruments.
And the sound holes don't just let the sound out. Among other effects, they allow the "table" (the approximate square of the top plate between the sound holes) to vibrate largely independently and affect the resonances of the whole instrument. Elongated sound holes obviously do that better.
You'd have to think the old craftsmen were really pretty stupid to have spent their whole lives breaking new ground in instrument-making and not realise just a little of this. To the extent that they were no better than a bunch of random monkeys? Pull the other one!
I think it's a basic assumption in climate models that water vapour concentrations are increasing. The thinking is that as temperature rises, so the atmosphere holds more water. It's a positive feedback effect.
But the increased water vapour also allows the atmosphere to transport heat from the earth's surface to the upper atmosphere more efficiently, where it's radiated into space.* That's a cooling effect and therefore a negative feedback.
Both these effects are quite strong. So the net effect depends a lot on getting your model for water vapour correct. That rarely seems to get discussed, but it's quite important and complicated, what with clouds and stuff being involved.
*The radiation absorbed by CO2 has never been able to reach space from ground level (the greenhouse effect is a dumbed down explanation for the masses). The atmosphere is optically thick at these wavelengths and always was. The heat is instead radiated from the top of the atmosphere and it gets up there primarily by convection.
If you're going to do:
rm -rf $somewhere/*
then using "set -u" beforehand might save you a lot of bother in the event that $somewhere didn't get defined or you mis-typed it.
I'm sure it'll all be very nice and shiny when it's all agreed and implemented. But the trouble is, having gone to all that effort, in 50 years time they'll still be using the effin thing. Much like how it still takes 7 working days for a cheque to clear.
You'd think that with a brain the size of a planet and a subject of such fundamental importance, he'd at least come up with an original thought - even a small one. Wouldn't you?
But instead he says something that's been said about a million times ever since the idea of a computer first arose. Maybe he's just discovered SF and it's got him all fired up to the extent he didn't bother checking if anyone else had ever pontificated on the subject.
Tell you what Stephen. Submit a paper with your thoughts on AI to your favourite scientific journal and let's see how impressed the referee is to hear that old saw again.
Over the years, a number of Scotchmen have informed me that the only thing the adjective "scotch" can be applied to is whisky. Obviously, as an Englishman, I consider that to be nonsense and object with eggs, mist, corner, butter, hop and many other examples of ancient English usage. But they are insistent.
So what's Carmen's take on this as a Scotchwoman? Do they call them Scotseggs in Scotland, or just eggs?
I'm not sure it's accurate to say this is the first layman's book on quantum biology. McFadden's earlier book "Quantum Evolution" surely counts (there may be others). That book was a rather fanciful and unscientific exposition, although interesting.
But what's all the fuss about quantum mechanics and biology? Self evidently QM influences biology. Without it atoms and molecules wouldn't be stable (the entire world wouldn't exist). The quantum de-localisation of electrons makes much of chemistry (hence biology) possible. Of course reaction pathways follow the routes that QM allows even when they're classically forbidden: QM was invented to explain the behaviour of atoms after all.
What's more contentious is whether the more "spooky" quantum effects can survive and be observed at a macroscopic scale. McFadden's first book was full of such claims, but little of it convinced me. As this subject advances, it seems to be leaving these wilder claims behind and focusing on more mundane aspects of QM that amount to - well, little more than normal chemistry to be honest. If the macroscopic consequences of QM in biology are so remarkable, then so, also are other simple facts, like the existence of solids and liquids, electrical conductivity and countless other phenomena we take for granted.
Penrose's conjecture certainly retains the essence of "spooky quantum action" and deserves more study than it's been getting, but apart from that, I say "meh" to quantum biology.
I guess this will just lead to the alternative of allowing your nudie pics to be posted on the internet by your lover. Then, when you get jilted, you claim you never gave permission.
Indeed. One of the most important experiments in physics, although it routinely gets overlooked when documentaries are looking for the big moments in science.
It also sounds suspiciously like the gear used to look for gravitational waves. In fact, from the description I can't see how you'd tell the difference if you did detect something. Presumably there'll be a subtle signature in the signal that's below the noise level of journalists.
There are lots of people who are scientists (but not climate scientists) who have plenty of relevant knowledge for assessing the work that climate scientists are doing. Many of them have extensive knowledge of data analysis, computer modelling, physics, chemistry, statistics and all manner of other subjects that are very relevant to climate study. Many also work in far stricter disciplines, where the scientific method and the burden of proof are adhered to far more closely than in climate science and where being a sceptic is seen as fulfilling a valuable scientific role.
Many people with these sorts of backgrounds look at what climate scientists are doing and feel they are letting science down, badly. They can see very little scientific rigour being applied and no scientific basis to the theories that predict future climate - principally because none has ever passed even the simplest of experimental tests. These details are important, because they are what distinguishes science from opinion.
So, to put it bluntly, there is every reason to think that the man-in-the-street's opinion will be just as accurate as that of the climate scientist, because neither is doing science.
No matter how "good" they are, why would I go there to buy something they don't stock? Small places inevitably don't have as much stock. When buying books, the range available is quite important. That's why Amazon is a better solution, quite apart from the price.
Standard suitcases already contain most of the required sensors for this sort of work. They contain plastic parts that fracture at a pre-determined impact to detect rough handling. They have bendable metal handles that detect excessive loads (just check to see whether the handle will still pull out when it arrives). They also have absorbent coverings to detect moisture and many will reveal contact with abrasive or sharp objects by ripping.
Of course, you can also install your own sensors internally; a cheap bottle of wine will reveal if the bag has been thrown around by imparting a red stain to your undergarments.
Technically, I think he has stopped. Unless he uses it again, of course. But you won't know that until he does, so it's too early to complain yet.
Actually, that they're orbiting at 300 times the speed of sound is about the least extraordinary thing about them. In astronomical terms, that's a boring, pedestrian speed.
This is an insulting first step towards failing to rebuild trust in our transatlantic relations.
Yes, definitely a bit vampire squidish, that.
"If they accede to demands without sending them to court, Google are pro censorship, and their previous freedom posturing is exposed as lies!
And if Google send things to the courts, then Google are arrogantly attempting to defy their obligations under EU law!"
But that's pretty much the dilemma we all face, including the law itself. Either we're in favour of censorship or we're in favour of violating privacy. Unless we all agree on exactly where the dividing line falls (and there's not much chance of that as it's a political judgement as much as anything) then there's no squaring this particular circle.
The usual solution in such cases is to enact some fairly vague and ambiguous laws so that only those people who care enough to spend a fortune going to court ever need a firm decision. The rest of us just have to lump it because we can't afford the money or effort to fight. In the case of data protection, you also set up a watchdog with no teeth to take the wind out of people's sails if they have the cheek to complain
Looks like we're fairly well down that path already.
I guess they were just miffed he didn't get any publications out of it.
One big difference between the US and UK is that we drive on the left in the UK. But I guess we should be OK there, so long as NASA don't get involved.
Small group of people on Twitter get annoyed about something trivial. What a great story that'll make.
Sounds like business as usual to me. Actually, maybe just a brief holiday before returning to normal.
Why all the fuss?
...when an automatic software update bricks them all at once?
Cut out the middle man...
You're right. Browsers are already too complex - a bit like operating systems became, in fact. I think it's time we stopped using "a browser" and had browser distributions like we have Linux distros. That way, projects could more easily set up new forks of (say) Firefox and just use the bits they like.
More importantly, they could also add in any extras they want and could enhance neglected areas (like security and privacy) without taking on the massive challenge of supporting an entire browser. At one time, Firefox's extension mechanism was a great strength, but many extensions now look like little more than sticking plaster and just provide an excuse for not tackling fundamental browser problems.
We need to develop an ecosystem where competition can help drive forward the individual component parts of a modern browser and take control out of the hands of the big players.
Or that you can use a ruler to measure any length so long as it's not 10cm.
I doubt they can do that. Amazon has probably already patented the idea: "Method and Apparatus for issuing daft patents...".
"Dont need link scanning, email scanning, network lock downs, child monitoring, arbitrary trusted app levels, convoluted firewall blah blah blah..."
You need to tell that to pretty well everyone who's writing stuff these days. No-one seems happy any more with software that does what it needs and nothing more. If another feature is possible, then it needs to be added... and on and on... until it collapses under its own bloat. AV, unfortunately, is not alone in this by a long way.
That's not to say it doesn't deserve to die, though.
...should cost more if you're wearing big glasses.
Especially if you've more than one OS installed. Breaks as soon as you look at it. Fortunately fixing it is usually pretty simple. Overall, not necessarily a good situation, though.
I guess it's just become over-bloated as these things always seem to do.
No, the real bug is having a software development system that allows someone with insufficient experience to add code to a system that needs to be secure - and then not having a sufficiently robust review process in place - and then installing that software in a critical situation on huge numbers of servers around the world.
This bug is the sort of mistake beginners make (I believe the culprit was still at uni). I'd be embarrassed if I put a bug like that into a one-off throw-away lash-up. But somehow it got into openSSL which everyone regarded as secure.
It's a bit like the debt-laundering that took place before the financial crash. Everyone thought the debt was solid, but simply because no-one bothered to look at the fundamentals. I think this incident has shown FOSS security to be based on similar principles.
In my view seeing a naked memcpy call at all in supposedly secure code is like walking into a restaurant kitchen and seeing a big pile of rotting carrion on the floor. The staff may know not to handle it before dipping their fingers in the gravy, but it's a clear danger that you don't want to have around. It may cost to clear it up, but that's what you have to do.
memcpy is a big red flashing warning light that says "make damn sure you've checked and sanitised every bit of data that goes in and out of here" (not only memcpy, of course, but quite a few other C functions). In fact. I'd suspect simply looking for all the memcpy et al. calls is a pretty good way of finding vulnerabilities. The best approach is to wrap them up pretty tightly. Even that's not 100% secure, but it does make a difference and in security code it's 100% worth doing.
That makes me scratch my head a bit too. Either it's a lot faster than a classical computer or it doesn't really matter whether it's a quantum computer or not.
I could say I'd sold my soul to the devil in return for the skills to make blisteringly fast computers, but if the computers I sold weren't actually fast, what would be the point?
I'm more interested in what it'll do to barley and hops, actually.
For once, the perfect icon!
What bit of "trust" don't they understand?
OK, so you have to edit a config file. Not ideal, obviously.
But OTOH, do you want a dancing paperclip popping up saying "I see you're looking at a web page, would you like me to help you create a short cut to that?" and then proceeding to create a widget that plays a tune every time you mouse over it, tells you the time of day in the web site's locale, adds it to a semantic map of your browsing habits, emails all your friends to tell them what a great site you think it is and posts to Facebook, Twitter et al. just for good measure, before suggesting where you can get discount vouchers, signing you up to the web site's spamletter and prompting you to create an account?
There's a balance to be struck here. In my view it's about at the level of right-click and select "create a desktop link to a web page". Unfortunately, 99% of GUI designers seem to have convinced themselves we prefer the "paperclip" approach. So kudos to Gnome for going the other way, but it's still not right guys!!
Now that's proper mental mental arithmetic... a counting system with multiple fields and different bases in each field. Who on earth would invent a system like that? Oh, hang on... I seem to recall spending several years of my life practicing that stuff.
FWIW I also recall we had a computer* made out of relays when I was at school that could do arithmetic in yards, feet and inches and suchlike. I think it could calculate pi as well, but rather slowly.
* IT angle.
Rounded corners aren't cool in monkey society. Simians prefer curved, elongated shapes with pointy ends. So that idea's now in the public domain, before Apple patent it and come up with the iBanana.
I think it doesn't really help that they change the design on coins and banknotes so often. There are so many designs in circulation now that I don't necessarily recognise them all and I'm not that surprised when I see a new one. If I got given a pound coin with a picture of Mickey Mouse on one side, I'd probably assume it's some stupid attempt to commemorate Walt Disney or something.
So now I suspect the fraudsters could start minting 13-sided pound coins and still get away with it. People would just assume it's a new official design.
You seem to be talking about theories that propose that outside our universe there are other things (that might be other universes), hence a multiverse. But in "quantum physics" (as mentioned in the title), the multiverse normally refers to the idea that all possible quantum statistical outcomes of an event actually exist together (rather than one of them being special and representing a unique reality).
So have you just conflated two rather unrelated ideas, or is there some more subtle connection between the two that I've missed? For example, is it being suggested that the existence of inflation is somehow the cause of quantum uncertainty?