60 posts • joined 19 May 2012
Re: I don't get it..
> why expect a length parameter at all ? That is metadata that can be calculated quite trivially.
How? A socket connection is just a stream of octets, there are no record delimiters (except as provided by your own protocol).
And then you need to detect with partial data (eg. interruption on the network).
Re: Deal With It!
> A triangular rubber coin 6,800 miles along each side?
Fiddling small change then, and thus not accepted by glacta-banks.
Re: HTTPS compulsory?
> Someone better tell El Reg then.
More than a little of the pot calling the kettle black here.
They certainly do use images.
But the images are always the complete install (a "diff" image would work, but only for the same base).
However there are a lot if images to manage and maintain: different OS editions/versions, different Office editions/versions, ...
This soon becomes a rather large number each patch Tuesday.
The Halting Problem Applies to Verification of Computer Systems
From the first page of the article:
> So what's your solution?
>You can imagine some future technology where you can prove assurance, where you
> can prove that a piece of software or hardware does what you believe it does and
> nothing more. That's not beyond the realm of possibility.
Wrong. It is beyond the realm of possibility. I would have expected Bruce Schneier to be aware of the halting problem. Turing proved that there is no possibility to provide a procedure that will determine if a given program will halt (terminate). As any specific action can be mapped to termination (when X happens halt) you cannot prove it does or does not do something.
Re: Umm, what?
If notepad is sufficient for your – clearly limited by definition – text file editing needs, then stick with notepad.
For those of us who work with non-trivial text files, there are lots of options: this has a lot to live up to.
And yes, it does sound rather like that everything is programmable/customisable approach of Emacs and other editors that have survived for more than a few update cycles. This is no bad thing: just because it is an old (relatively) idea does not mean it is a bad idea (equally a new idea is not automatically a bad idea).
Re: Does it really take that much power?
> Maybe GPS used a lot of power a while ago but I assume all that calculation is now handled by dedicated logic
True for some dedicated devices certainly.
But it seems smart-phones (and, based on experience of battery life when not plugged in, car sat-nav units) don't have such specialist hardware, rather using their CPUs to perform the calculations.
Just calculating the position wouldn't be too bad, but then that calculation is done repeatedly to track position and velocity changes, then transforming and laying out the map display in real time to match…
Re: So what's the solution?
Your third paragraph is why. Mono-culture is bad, however much better that one is currently.
(This is why I am glad IE and Firefox do not use Webkit: everyone using one browser engine would just lead to a repeat of the first browser wars with Webkits' defects being the new standard.)
Using goto when goto is the best approach (such as a series of tests with shared non-trivial clean-up) is reasonable. It would be possible to fake the gotos with breaks in a do...while (false) one-shot loop but that is a significant abuse of a loop (and the one-shot nature is hidden at the bottom).
In this case a boolean tracking hasFailed and checking in each test would be reasonable, but if the existing tests are more complex the addition of checking that boolean adds to the complexity.
In the end the pattern of a series of tests with a fall-out to common clean up is seen often enough the pattern is recognised and thus the code easier to understand.
Remember Dijkstra's paper (it is worth the effort to read) is about the overuse of goto when there are better alternatives. Too many people see the title without reading the content and thus "ban goto".
All that said; in more than two decades of professional programming I've use goto twice (C++'s ability to do cleanup in a destructor of local objects really helps).
Re: Why not space?
Low Earth orbit still has quite a lot of atmosphere (this is why the IIS needs a push from time to time).
The vacuum in the LHC is orders of magnitude greater than that of inter-planetary space which is already far greater than just above a planetary atmosphere.
Re: A hex upon thee
However they don't handle the central pin added for "security".
Re: Bloody eagles
No. That would be parrots. Specifically keas in New Zealand.
Often know to have a go at the window etc. seals on cars.
Equally there is no patch for XP/Vista to make it possible to disable RC4. Or support for TLS 1.2.
Old versions in extended support don't get new features.
> As a web browser user how do I tell if a site is using RC4?
In IE: Right click and select properties: details of the ciphers used is under connection.
In Chrome: click on the padlock on the address bar and click on the connection tab.
In Firefox it is in Tools | Page Info at the bottom of the General tab with more details on the Security tab.
Re: Rose tinted spectacles
> The Googled tutorials on W3C all agree that the method is supposed to give focus to the target window.
Then they are simplifications and/or out of date.
I suggest a reading of the specification of Window.focus() (and Window.blur()), especially the Note at the HTML5 specification. Direct link for the latest working draft: http://www.w3.org/html/wg/drafts/html/CR/editing.html#dom-window-focus.
> written in vb are in he same boat but without any of the options to ease the blow.
Assuming you mean VB6 then no, or at least not any time soon.
Win8 and 8.1 include the VB6 runtime, so that is supported—you applications will keep running—until at least those OS' go end of life (for Win8 enterprise currently set at 2023-10-01).
Of course if I business is still, in a decades time, running applications written what will be a more than 25 year old tool, then perhaps that business is itself so obsolete that it is time to switch off life support.
> we're looking at ~169mb per client this month !
Only if you're not running WSUS, which if you have enough machines to matter you should be.
Re: Easter Egg
The blog entry about it shows an image isn't from the OS map data...
Re: Why bother ?
You cannot build your own things in Google Maps.
Hmm... I wonder if ComputerCraft is up to a mini-Minecraft inside Minecraft: at home playing Minecraft at home playing Minecraft…
> All those ports are packed into a 1U form factor that This all happens in a 1U form factor that can't be prised apart and reconfigured, an arrangement […]
Someone needs to have a word about proof reading…
Re: and what happens
> Doesn't StackExchange work primarily on OpenID - I have about a dizen sites all on the same login so that's going to be annoying.
1. StackExchange has its own openID provider: set up an identity there as the future replacement.
2. StackExchange has a central identify across all its sites, so you only need to change once. You might need to log into each site (that isn't a sub-domain of stackexchange.com) separately with the change.
3. You can have multiple logins configured for your StackExchange account. Therefore adding the new identity while still being able to login with the current one.
Doing this, and updating by domain's default page's link elements away from myOpenId, is now on my to do list...
OpenID is in so many ways the right approach to identify. However the failure of the various OpenID providers (especially Google in the early days) to provide a consistent approach for the consumers of OpenID logins (the web sites you login to) made it too unreliable and too hard in practice.
> It's not wrong at all. Just depends on your preference, as long as it's all consistent.
Exactly. If you cannot read and maintain any consistent style then you need to think of a different career. There are far harder things in programming (understanding what the customer wants for a start).
OTOH one can have a preference: one true brace style is called "true" for a reason :-).
A coding style only needs four unbreakable rules:
1. Be consistent.
2. Indent to make program structure clear.
3. Name's clarity (eg. long and more more descriptive) should reflect their scope.
4. Tabs/spaces [choose one for the team/organisation, delete the other] only.
/Everything/ else is subject to argument and exceptions.
Re: If you liked this....
Certainly worth a visit. They have a collection of cold war military equipment including a WE.177 case (well I hope it's empty).
Lots of signs to it in the area... really must get a photo of a few on a visit to family in the area at some point.
In the early days of Azure there was a lot of talk about lots of security verifications being done (usual alpha-numeric soup of standard identifiers).
So it is possible PCI-DSS is covered.
But likely you'll need to ask Microsoft directly if a hunt for "Azure security compliance" fails to show anything.
Re: Super Proton Synchrotron
> Radiation damaged cables? How?
Read up on synchrotron radiation: when you use an electro-magnetic field to change the direction of charge particles (eg. protons) EM radiation is emitted. At the energy levels of CERN this is hard X-Rays.
Re: That's why codecs are usually compared with lots of different footage
> BBC has to constantly transmit every local station as a full stream
If I recall correctly this has already changed or is due to sometime soon if not done already.
The problem was combining the variable bandwidth stations in the MUX with the regional BBC1 feeds and sending to the regional transmitters: the technology to make BBC1 variable width in each region and merge didn't exist when Freeview started.
With newer kit, HD and analogue switch off the situation has (or will soon) change.
 I seem to recall it was linked to the completion of analogue switch off and HD roll out.
"NATO Standard Rounds" makes for simpler logistics, and in the end conventional wars are more about logistics than anything else.
Re: "The temperature scale simply does not end at infinity,"
> Or do they have other research going on that gets to negative values of temperature by heating something to infinity and beyond?
That's exactly it.
The Wikipedia article http://en.wikipedia.org/wiki/Negative_temperature has been cited as containing a good introduction.
It is an effect in a quantum system so you need to forget your intuition.
Pathologically Eclectic Rubbish Lister
Given garbage in is the norm this is inevitable.
> Isn't 486 a 386+maths coprocessor?
Not necessarily: remember the 486SX?
Plus it made some significant changes to the instruction set that made multi-threading significantly easier. For example the atomic interlocked increment and decrement operations return the new value rather than just a zero or not-zero indication. Hence (from the article:
> which complexity has plagued us with extra work whenever we wanted to change SMP primitives
(And also why the InterlockedIncrement and InterlockedDecrement Win32APIs where different on WinNT vs. Win9x.)
I Think Wear Leveling Will Still be Needed
> look like making wear levelling irrelevant.
I don't think so.
Image a block being written once a second (quite possibly pessimistic for something like control information in a database file on a busy server), that's ~31.6 writes a year.
So 100 million is reached in a little over three years.
So unless the ">" in "to > 100M Cycles" is really order of magnitude greater than, wear levelling is still going to be needed for server (ie. enterprise grade) SSDs.
Re: I'm no physicist, but ...
Vacuum is not empty.
All that quantum fluctuation (where the closer you look the more noisy it becomes) for a start.
Plus the odd bit of dust or gas.
(The vacuum used in The LHC contains considerably less matter than in inter-planetary space.)
> A Dyson should be able to suck up a real one. Or a lamb. Or at least kittens.
Which leads to the question: what is the speed of a kitten in a Dyson?
Should be a little more of an everyday speed that a sheep in a vacuum? (The outer space kind rather than cleaner kind of course.)
Re: The good old days...
> 0.066666 FLOPS
To put this in perspective, the Harwell Dekatron described was built in 1949, so assuming it was running continuously ever since it has 63 years of runtime at that 1/15 flop/s.
And then compare with the 27PFlop/s Titan at Oak Ridge (top of the latest Top 500 list).
A few calculations...
Titan would take about 500nS to perform the same number of operations at the Dekatron in 63 years.
Five hundred NANOseconds.
Even a nVidia Tesla card, running at about 1TFlop/s would only need around 130μS.
Even a computer as slow (by today's standards) as a megaflop would only need a couple of minutes.
Re: A Patent Wars icon is needed
A crying toddler. or rather having a strop would cover many a report of legal posturing.
Re: We need
Unicode already has its 'PILE OF POO' (U+1F4A9), so this isn't much of a stretch.
Re: I just spat out my instant noodle
Remote code includes documents received from other parties.
For lots of "near" misses...
I would suggest a more careful read of the article, in particular this sentence:
> Ormandy reported the vulnerabilities to Sophos on 10 September.
That's rather more than 5 days,
I would expect Peer1 (who run the DC) will be looking at that in the future.
The fuel tank may well be stuck in the basement by local planning (zoning) regulations, but maybe putting the pumps in the ground or first floor (1st or 2nd for USAians), maybe with a submergeable booster next to the tank (to get things moving).
Re: Use the cloud
Some web sites have done that.
StackExchange.com (including StackOverflow.com) are running out of their backup DC in Oregon, some of Fog Creek's applications are now in AWS.
Of course this isn't something you can just magically do, throw some servers into another DC and it will work, you need both application changes and administrative processes (and monitoring) that will allow the fail over. (Eg. StackExchange recently – in a rather timely manner – tested their fail over, found some issues and fixed them.) Whether for a given web site it is worth the costs for the level of risks is a business choice.
Re: Anyone actually expect the hardware is the same?
> You'd hope performance would be equivalent regardless of the hardware.
Not really, I would expect performance to be no worse (and often better) than the minimum specified for the type of VM.
Ie. you get at least what you pay for, but you might get lucky.
Of course those faster, more modern, host machines could be getting a higher density of VMs loaded on to them. So a faster CPU might just mean more users sharing it so – on average – you end up getting the same availability of CPU instructions executed per unit time per VM.
Arguably for much of physics even the SI units are a RPITA. So many things would be easier with "natural" units. For example in particle physics using Planck Units, however these are not exactly practical outside their specialisms (time in units of approximately 5.4e-44s and distance of 1.6e-35m).
I suggest a view of
(followed by parts 2 and 3), which briefly covers how a particle is a field and visa versa.
> And the articles are not behind a paywall for a change.. *shock*
Indeed, and it gets better, from the "Open Access" section of each article:
> his article is published Open Access atsciencedirect.com.It is distributed under the terms of the Creative Commons Attribution License 3.0,
"Dominion's vast southern neighbour"
The dominion in question has a somewhat larger area than the southern neighbour.
Too much sub-editing without fact checking?
Re: Mostly agree
Do the admins having to deploy that "scalable, stable, ultra low-latency and high throughput algo trading system" agree?
Re: Problem for 3-D Secure?
This is not a security hole: if you can access this you already have complete access
To access this information you need to either capable of taking ownership of that part of the registry or running as SYSTEM.
In either case you all ready have complete and total control of the machine.
(The linked article acknowledges this., Hint: check out the ACL on HKEY_LOCAL_MACHINE\SAM\SAM.)
Another case of if you are already inside the safe, the you have access to the contents of the safe.
Re: Express: Are they fealing the 'heat' or... ?
> Very surprising if you ask me since former statements seemed to indicate that desktop development wouldn't be freely available at all, only in the full versions of VS 2012
That was changed several months ago due to the outcry the limitation it generated. Announced on one of MS DevDiv's blogs a few months ago.
- Updated Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
- Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
- Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Android engineer: We DIDN'T copy Apple OR follow Samsung's orders