Re: Once again...
Biometrics used as passwords are, in general, a bad idea. They're not secret, they're not revocable and they're not precise.
Exactly. Biometric data should be the login ID and confirmed with a password.
766 posts • joined 8 Jul 2009
Biometrics used as passwords are, in general, a bad idea. They're not secret, they're not revocable and they're not precise.
Exactly. Biometric data should be the login ID and confirmed with a password.
...talking to plants (although Mythbusters showed that there may be an effect here...
I don't usually put too much stock in anything Mythbusters says.
But I've always thought of talking to plants as basically bathing them in CO2 rich air. As long as you haven't been chowing on too many onions and garlic, I would expect there to be some benefit over time.
If you blink really quickly, you'll save power and your browsing experience wouldn't lose a dimension.
Norwegian banks introduced the first EFTPOS terminals (and the debit cards to use in them) to shops in 1991. While I wasn't in the country back then, from what I understand they were verified with PIN codes 25 years ago.
On a related note, most Norwegians I know laugh when they hear that cheques are still used in other countries. I've been here 11 years and cheque books were a distant memory for Norwegians even back then.
In the UK, hot and cold water is still delivered to the taps in separate pipes
I think you'll find hot and cold water is delivered in separate pipes all over the world. ;)
But I know what you meant. There's actually a very good (semi-historical) reason for that.
In most UK houses (older houses certainly, I'm not sure how it's done now) the hot water heater is fed from a cold water storage tank in the roof, which in turn is fed from the mains pipe opened and closed through a ballcock similar to the average toilet. (I.e., the surface of the water when the tank is full is below the pipe feeding it.) The tank in the roof also feeds all other cold water taps in the house except for the kitchen sink which is supplied straight from the mains (and is the only cold water tap you can safely drink from).
This arrangement means that the water pressure, at least in the kitchen, is usually different between hot and cold taps, so installing a mixer tap could potentially allow cold water to push back into the water heater if the mains pressure was sufficiently high, ultimately flooding the house from the roof down - although that's probably quite rare given that the tank in the roof will have an overflow pipe leading outside the house. It's usually safe to installer mixers in all other rooms - unless they too are fed directly from the mains.
Setting up the pipes like this ensures every household has a small, clean supply of both hot and cold water in case of a burst water main, and also that if the mains pressure does drop opening a tap doesn't allow contaminated water (from whatever source of contamination) to feed back into the mains (thus spreading the contamination further).
...the Patent Office and the FCC are now aligned with Google, and in both cases populated by former Google employees.
It's almost like the Scientology takeover of other US government agencies back in the 60 and 70s.
Yeah, there's a lot more I can do.
I'm too lazy though. ;) *duck*
Think I'm the last of a dying breed...
Second to last. The front page for my company's website weighs in at 74KB. And 10KB of that is CSS that I really do need to trim down.
The laziness of web developers isn't a new thing, and it isn't a new trend in development in general either. 95% of developers have always been lazy. Most just don't understand the concepts of optimisation, the rest don't care. I've always been pushing others to think about what the consequences of their choice of algorithm or implementation might be. Minimising network traffic is no different to maximising cache usage, fully utilising all those cores, minimising memory fragmentation, or reducing pipeline stalls.
No, you should keep Real Player. I think it could turn out to be quite handy for helping train your brain to recognise things when your eyes are burned out and you can't see any detail smaller than a barn.
So why are you making life difficult for people who don't believe in what you believe in?
Because some of those people are in positions to enact laws that affect my life in a multitude of ways.
When it is illegal to brainwash children with religion; when it is illegal for laws to be passed that negatively affect certain members of society simply for thinking or acting differently; when organised religion is not legally protected from insult and/or closer scrutiny then we can talk.
Until then, I will continue to ridicule the ridiculous.
Windows Phone is dead.
UWP is not the same as Windows Phone. Windows Phone just happens to be one of the hardware platforms that can run UWP apps. (Desktop PCs running Windows 10 are another, for example.)
The more cynical reader might suggest the following edit:
"If they'd just kept their mass data collection out of the media, then I'll wager no-one would even care..." ;)
Dreams? Back in my day we had to make do with what we had. We used to envy people with dreams.
(the chip name predated the company by a few years - the original name was the Acorn RISC Machine)
The original ARM processor development started in October 1983, with the first test hardware produced in April 1985. ARM Holdings (when Apple became involved) was incorporated in 1990.
If you've got a freeform format string that could give an output of any length I'm not sure how you can get around allocating heap memory.
That's partly where my string class comes in. By allowing the programmer to specify how large the internal buffer is, you can catch 99% of cases, and only allocate when you have to. (Which is basically what most programmers do anyway: char buf; sprintf( buf, ... At least this way I don't ever have to worry about overflows.)
It's a little trickier inside signal handlers because you have to basically be 100% certain you're never going to allocate, but in these instances it's normal to just preallocate a ridiculously large static buffer (16k or so) and use that. A little truncation in such circumstances (I.e., when you're busy crashing) is acceptable, I think.
Implemeting SSL oneself however would be an order of magnitude buggier.
I know. :) I have no desire to want to do that. At least not for any current products I'm working on. That said, it might be a fun side project some time though. ;)
I suspect most of the speed up from my string formatter comes from the fact it doesn't create an in-memory file and then send character data to that file one byte at a time (which is what the MS implementation used to do). It also doesn't waste time allocating any heap memory - something else sprintf, et al. and Boost like to do far too often.
It currently supports converting format parameters between UTF8 and UTF16 depending on the destination encoding, decimal signed and unsigned (32 bit and 64 bit) integers, formatting numbers as hexadecimal or binary (believe it or not, I actually did need this once), floating point numbers (I don't think I support scientific notation) padding and alignment of both strings (padded with spaces) and numbers (padded with zeros), pointers, and UUIDs.
With regards to the float parsing, I didn't need to worry about exponents. But they're nothing special really, and could have been added with a few extra lines that wouldn't have impacted performance too much. I didn't enforce any additional restrictions. (To be honest the whole system was - still is - a fucking mess that only exists to work around deficiencies in a commercial third party library we're stuck with.)
True, but there is a correlation between the number of people voluntarily using a library and its stability and lack of bugs. If 10s of thousands of coders from finance to aviation use a library then its a good bet it works and works well.
Hero Coders are asshats. I've had to deal with enough of those over the years. Obviously I don't consider myself one, and hopefully people I work with don't either. (You'd have to ask them that though.) I do know how to program though, and I think most code I write is above average quality (which these days isn't particularly hard to be honest). I do write shit from time to time, of course, but mostly when I can't be arsed to think something through properly. :)
So don't use them. Simple.
Generally speaking I don't use them too much these days, but they do still have their uses occasionally, and when I do need them, they're available and practical to use (from a user's perspective).
Well done, you've successfully called a GNU extension function that returns an array of addresses. Now resolve those addresses to function names with source file information on Posix and Windows. For bonus points, do this without allocating memory so you can be safely called from a signal/exception handler.
So use Boost then.
"String formatting is very slow in the C library"
No it isn't. Its actually pretty quick.
No, it really isn't. My string formatter is about seven times faster than sprintf for most things, and over 20 times faster than the equivalent C++ way of formatting using stringstream. In addition, my formatter supports reordering arguments to more easily facilitate changing word order in foreign languages.
Here's a fun fact: Recently (at work) I had to optimise some code that was pulling floating point numbers from a string using stringstream. Switching to atof resulted in a 20x performance boost. Ditching atof in favour of my own float parser resulted in a further 6x performance boost for a total boost of around 120x.
Oh come on, seriously?? You don't think there are libraries out there do to everything you mentioned with UTF and more? They've been around for decades!
Name one - just one - which was around 20 years ago and is still maintained today when I started putting mine together. The Internet barely existed back then and sites like sourceforge and github certainly didn't. Should I have typed in a library from my favourite computing magazine?
...no offence - probably better because they've had lots of people work on them...
I'm fairly certain that there's no statistically significant correlation between the number of people working on something and the quality of said product. I suspect in general, the exact opposite is more likely to be true.
If thats the case then the programs you write are either utterly trivial or you've pointlessly re-written tried, tested and debugged standard functions making any maintenance coders job a nightmare and your software more than likely inefficient and full of faults at all levels.
Not at all. Let's look at some of what the C-Runtime library provides, and what I needed:
assert: No way to ignore asserts at runtime either individually or across an entire function or file. No inclusion of callstack displaying (can be useful if testers just copy and paste the assert message into a bug report - although I'll admit this was something I found more useful 20 years ago before I developed proper bug reporting systems).
math: Very old API with no built-in support for vectorised (Altivec, SSE, etc) types - or indeed any real support for vectors, matrices, quaternions, and other more complex math types. I do still use some of the math functions, but usually through their C++ counterparts.
stdio: I've generally abstracted file system access behind C++ classes that use the most appropriate platform API internally. On Windows (and Xbox) this definitely isn't the C library functions. Posix based platforms generally only have these available (and I do use them there), but they do lack functionality in places compared to Windows. String formatting is very slow in the C library (not as slow as stream formatting in C++, but I digress), which leads us to...
string: I have a quite extensive string library that allows me to (among other things) deal with UTF8 or UTF16 strings seamlessly. Most of this is wrapped up in my string class which additionally provides a template parameter to control the size of the internal buffer (so I have a LocalStr class, for example, that has a 1K internal buffer that 99% of the time doesn't use heap space when manipulating temporary strings on the stack). A lot of the functions here are the sorts of string utility functions you see in other languages these days, but some are extensions to the basic functions available in the C library. For example, I can retrieve the CharCount, the UnitCount, or the ByteCount for any string, or the projected counts when converting any string between the different Unicode formats.
In addition to the above, I also have modules for thread management, synchronisation, graphics manipulation, an entire GUI engine (mostly used for games), the basic API for my render engine, XML parsing and processing (used in Oso XML Merge), a ton of platform-specific extensions, memory management, and much much more.
Doesn't everyone have a folder they created years/months/weeks ago that contains junk functions like this?
Everyone sensible does.
My Core Framework consists of 575 files of classes and namespaced functions and forms the basis of any C++ project I work on at home. It is constantly evolving and growing, and the very first line of code dates back to some time in 1996.
As a result, I have very few dependencies to third party / open source libraries and rarely even need functions from the C-Runtime library.
I have a 2, a 3, and a Mini. They're all as bad as each other to be honest. Except for the 3 - they're were always terrible.
To be honest, I've had to put up with Safari crashing fairly regularly on my iPads for the last year or two at least.
And it's forever taking fag-breaks trying to work out what to do next.
Safari + iOS = Worst Browsing Experience Ever.
It used to be nice - well... I seem to recall it used to suck less.
And then, they need to use that information appropriately, not keep it secret. Once again, it appears, the security services were aware of at least one of the Brussels attackers, but they didn't release that information to the people that mattered.
Isn't that exactly what this story reported ministers wanting?
To be honest all I want is a version of Skype that doesn't notify me on three different devices about a conversation I've just had on a fourth.
I discovered that Edge simply did not run in non-cloudy accounts and therefore I *had* to figure out how to disable it in favour of IE for *all* web content. Having done this, I have no idea when (or whether) Edge was finally able to run in a local account.
It works just fine.
In my experience, it's a very fast browser (compared to Firefox) that works with most sites without problems, with a monumentally shit UI. I want to use it more (everytime Firefox takes a 30 second cigarette break) but it's just so not ready for everyday use.
If I can read the contents of a US website, why can't I stream HULU and watch US ad breaks every 5 minutes for a 30-minute sitcom?
Presumably because the ad-slingers don't want to give money to the networks for adverts that simply don't apply to foreign viewers.
I completely agree with your sentiment, but from a business perspective it just doesn't make sense.
What you should be asking is: "Why don't the TV networks localise the ads in the same way YouTube does?" To which the answer is most probably along the lines of: "We make more money from selling broadcast rights to local TV stations."
Ultimately though this has to be the way forward: Remove geo-blocking for all streaming content and localise adverts. In theory you could then actually stop providing TV services through a dedicated cable and simply set up a properly designed website where the whole world can consume your content. (Although if I'm being totally honest here, I can't stand watching TV with ad-breaks every few minutes in Europe and the number of breaks in the US is insane.)
Outside of digital media, I can understand why UK companies, for example, would choose to block customers from other EU countries purchasing digital goods, and that is that the VAT rules are completely fucked up these days. In the UK, I can sell products VAT free until my UK sales reach the current VAT threshold (somewhere around £70-80,000 iirc). However, I have to charge VAT on the first penny of income I make from an EU (non-UK) customer and then spend accountancy fees registering and paying that VAT to the appropriate EU nation. It's completely retarded. Fortunately I'm in the lucky position that nobody seems to want to buy my products. :D
I wasn't really talking about saying something to someone's face in a jokey manner. I see exactly what you're saying there and totally agree with it.
I was actually thinking more about the over the top PC-Gone-Mad people who get offended when they see someone breast-feeding in public, or get offended on other people's behalf (which is offensive in itself). In today's society far too many people through around the "I'm so offended" card to try and not only validate their own point of view but also force that point of view on others.
In his stand up shows, Bill Hicks used to tell jokes about handicapped and disabled people and it used to rile up half his audience, who would boo and shout and come up and tell him what they thought after the show. One time there was a group of handicapped people in the audience (unbeknown to him) who came up to him after his show and told him how much they loved the fact that someone didn't try to not step on anyone's toes, so to speak.
I know I should care about the hurt feelings of others...
If someone's feelings get hurt, that's pretty much the *only* thing that's happened. Nobody died. Nobody was harmed. Someone got offended. They will get over it, and life will continue.
No matter how you look at it, getting offended and learning how to live with whatever it was that offended you and understanding that not everyone sees the world the same way that you do is part of growing up.
I've been to Microsoft parties with scantily clad girls dancing and to be honest, I thought it was kinda sad more than anything else. At the end of the day though, the girls got paid, the (other) geeks around me probably had the best night of their lives, and I had a few free drinks. I didn't see anyone being forced to watch, or water-boarded, or tortured into selling their first-born to the devil. I did see a few bored developers standing around awkwardly in a room that could have housed 10 times as many people, but this wasn't
If there had been scantily clad guys dancing instead I wouldn't have felt any differently. I'm not embarrassed by seeing a bit of skin that doesn't belong to me, and neither should anyone else. If you are, that's *your* problem. Not mine nor anybody else's.
It's good to have a book detailing all the checks you should make before writing a cheque.
However, I contend, *any* toolchain which removes that memset is a security liability, requiring at least manual assembly audit for secure code, I'd argue that makes it broken.
You could equally contend then that half the C runtime library is broken, half the features of C++ are broken, half the languages out there today are broken, and having a data stack that descends down through memory is broken - from a security perspective. :)
I don't disagree with your sentiment, but there are so many exceptions to the rule in this respect I find it hard to fully agree with your rationale. An optimiser does treat a hell of a lot of things as special cases - memset is just one example - and for the vast majority of cases this is a Good Thing (tm). Optimisers wouldn't be as half as good if they didn't have such special cases.
 technically, a compiler vendor is free to do all kinds of magic, provided a strictly conforming program can't observe any difference between that compiler vendor's hosted environment and a more naive direct translation.
Technically though, if you don't read from that memory again, you have no way of knowing whether the memset was called or not. So by your own arguments removing the call to memset is a valid optimisation in this case.
Actually, ZeroMemory can be removed by an optimising compiler. SecureZeroMemory will not.
And although ZeroMemory is implemented as a macro for memset in C/C++ today, why do you a) assume that this was always the case, and b) think the Windows API should only support the language you use the most?
Which is funny considering the first roundabout was in the US.
And beware of roundabouts in Russia and other ex-soviet states where cars entering the roundabout have right of way...
Vote for Bernie. :)
True. But it seems suspicious that it's only HTTP traffic that's adversely affected. Downloading through peer to peer gives me maximum throughput, and speed testing software (like speedtest.net) always gives me at least what I'm supposed to be getting (usually a little higher, but I presume that's just down to the accuracy of the software and the limiters regulating traffic throughput).
Yeah, I have 100/100 fibre to my place (I actually have two fibres coming in because my tenants wanted one too) and all it really does is show me how slow web servers are.
My provider called me a little while ago asking if I was interested in upgrading to 120/120 (or maybe it was 150/150 - I don't remember) and I honestly couldn't think of a single reason why I would need anything faster right now.
Sounds reasonable when you remember that the average is not the same as the median.
"The only problem is that the women seem to keep falling pregnant"
What are you doing to them?
If you still don't know how that works...
Then a career in IT is perfect for you. :D
Sideslipping isn't really an option since they started putting the engines underneath the wings. ;)
Which leaves crabbing. I once heard (pre-Internet when I was a kid) that Boeing used to stress test their undercarriage for landing up to 45 degrees from the direction of travel. How true that actually is though, I wouldn't like to say. :)
People hated playing multiplayer Syndicate with me. I would just leave jacked up agents with lasers hiding inside buildings. As soon as someone walked past outside, the door would open, my agent would see them, and immediately vaporise them before they had time to react. Happy days. :)
DK was a few months into development when I (foolishly) left.
I worked a little on the console versions of Populous II and Powermonger, did map design for the original versions of Syndicate, and programming on Theme Park.
I'm still in touch with most of the people from there though, so I can forward your worship (is that a noun? - it is now) as and when I see them. ;)
We have a daily stand up at 09:45. I tried to get it moved to a more reasonable time of day, but unfortunately our QA team in India has to join and they couldn't find a free meeting room later in the day. :( Total waste of time.
My very first job at Bullfrog (the games company) back in the early 90s had the best concept for status meetings ever: Around 15:00 on a Friday afternoon everyone would get together and slowly walk around checking out people's monitors seeing what they'd been working on (which is actually quite fun and productive in a games company - it obviously wouldn't work if you're making office software), giving feedback, etc. while munching on cake, ice cream, and other assorted snacks while drinking beer. After an hour or so this "meeting" usually just devolved into the end of week / pre-weekend party.
My Lumia 950 can't connect* to a lot of Bluetooth devices that my old HTC 8X could, (including the car) so you might want to take that particular feature for a test drive, so to speak, first.
* I haven't tried it lately with the latest updates.
Not transmitting - yet. Just tumbling around in space, waiting for orders.
If I were a crackpot dictator with a questionably retro hair style of an insignificant little nation everyone despised, I'd launch dozens of such 'failures' and then activate them all together one day.
Peeps still have Java on their machines? In 2016?
Actually, I only have it on one of my machines now and that's basically because the Android Dev Kit needs it.
...what makes you think that if you can't get to the hospital, emergency services can get to you?
The fact that they own more helicopters than me.
I moved to Spain about nine months after Euro currency was introduced, and I heard stories of farmers and other Spaniards driving around in brand new Land Rovers (et al) buying up apartments and houses for cash. Presumably cash they'd been squirrelling away since the days of Franco. Typically the transaction went something like this: "I like this. How much is it?" ... *Goes to car, fetches briefcase*. "Here."