Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
On Fri, 11 Apr 2014 21:21:27 -0700 (PDT), dakupoto@gmail.com wrote:
There is absolutely NOTHING wrong with C. The original
designers - Ritchie/Kernighan created a language, often
called "souped up Assembly" to do system-level tasks.
Incompetent programmers cannot pass on their stupidity
on some computer language. Please try finding out why
Yahoo or later Bing could not come remotely close to
Google in terms of search speed performance.
K&R wrote the best book on a computer language ever: the C Programming
Language. It's beautifully written; so clear and precise in every
respect - a rare achievement in a technical work.
"Cursitor Doom" <cd@spamfreezone.net> wrote in message
news:j6nlk95u5hfai3tpu7ab3errt1bpdv17oo@4ax.com...
At least in a bar you can see for yourself if the other person is of
the age, sex and race they claim to be.
Even a bar in Thailand?...
Tim
On Monday, April 14, 2014 12:30:45 AM UTC+2, k...@attt.bizz wrote:
On Sun, 13 Apr 2014 13:22:28 -0700 (PDT), Klaus Kragelund
klauskvik@hotmail.com> wrote:
On Sunday, April 13, 2014 5:14:50 PM UTC+2, k...@attt.bizz wrote:
On Sat, 12 Apr 2014 23:56:10 -0700 (PDT), Klaus Kragelund
klauskvik@hotmail.com> wrote:
Quoted:
On Friday, April 11, 2014 12:37:39 AM UTC+2, k...@attt.bizz wrote:
On Thu, 10 Apr 2014 15:07:38 -0700, John Larkin
jlarkin@highlandtechnology.com> wrote:
On Thu, 10 Apr 2014 18:50:31 GMT, Jan Panteltje
pNaonStpealmtje@yahoo.com> wrote:
On a sunny day (Thu, 10 Apr 2014 09:16:12 -0700) it happened John Larkin
jjlarkin@highNOTlandTHIStechnologyPART.com> wrote in
asgdk9d29q9ds74218i3r5me51loi12pm5@4ax.com>:
I avoid battery-powered tools. They are wimpy, and the batteries will die in a
year or two.
You have a cellphone?
Sure, a simple one. I charge it about every other week, and I've
replaced the battery once. But it's not a power tool.
You're not going to get a horsepower or so out of a battery for long,
especially when the battery is two years old.
You're not going to get a "horsepower or so" out of a hand tool.
You're in the stationary tool realm at a HP (Craftsman HPs don't
count).
Sure you will
I swear to Festool tools. I am dreaming about this one:
I like Festools, too. Great stuff. You are dreaming about your
knowledge of motors.
https://www.festool.com/Microsite/Pages/TSC.aspx
I own one. I can *guarantee* you that it does *NOT* develop anywhere
close to 2HP. It's actually a rather wimpy saw (my DeWalt is far more
powerful) but also quite useful. Its purpose is to cut sheet goods;
not an incredibly demanding job.
You bought one? Ha, imagining stuff now, eh?
Yes, I've owned a TS55 for three or four years, with several of the
attachments (two 55" rails, a 106", and a parallel guide
w/extensions). I've said as much. I also own a 1400EQ router and a
500Q Domino. Unlike your blathering, I do know a little about the
things. Your can resume your lies now.
On Sun, 13 Apr 2014 18:43:03 -0400, krw@attt.bizz wrote:
On Sun, 13 Apr 2014 20:51:37 +0200, Cursitor Doom
cd@spamfreezone.net> wrote:
On Sun, 13 Apr 2014 01:46:50 -0700 (PDT), haiticare2011@gmail.com
wrote:
I don't either - but Facebook is really "Fakebook." Fakebook likes and Fakebook
"friends" are a falsity. Similar to people one meets in a bar.
I don't go near any of it. The people who have the most to say about
themselves are the most vacuous, self-obsessed, narcisistic, boring
and uninspiring of individuals; well worth avoiding having any contact
with.
You don't do any of it but you know what everyone is saying. Well...
That is correct. Throughout my life I've noticed the most interesting
people are the ones who are highly reluctant about discussing what
they've done and what they plan to do. Those are precisely the kind of
people I'd like to get to know, but they obviously won't go near
Faecesbook, and so that's why I myself don't bother with it, never
have and never will.
At the time of its creation, both memory and CPU time were expensive. It
wasn't practical to specify the language in a way that ensured bounds
checking because of the memory and time costs involved.
"Sylvia Else" <sylvia@not.at.this.address> wrote in message
news:br0tf2Fs854U1@mid.individual.net...
At the time of its creation, both memory and CPU time were expensive. It
wasn't practical to specify the language in a way that ensured bounds
checking because of the memory and time costs involved.
Have they never been "inexpensive"?
This sort of malady has been known since the 60s at least, and bounds
checking has been around since about the same time (e.g., when was BASIC
introduced -- which AFAIK, always has bounds checking... at least when
interpreted?). For God sakes, the 80186 even brought the BOUNDS
instruction to x86. It goes unused to this day!
It doesn't help that C's [ASCII] "strings" are zero-terminated. Because
they're just stupid arrays, and the standard libraries decided they should
be treated in that way. Absolutely no necessity of doing it that way. Of
all the dubious aspects of the language, that's one that should recieve
the most ire. What a stupid idea. Other languages (I'm only familiar
with QuickBasic offhand) store strings with a length prefix. And do
bounds checking besides.
Here's another thought:
Bad programmers want to be like good programmers. So they want their code
to be fast. So they write ugly, terse code. They prematurely optimize.
They settle on algorithms that are understandable. And they leave out
security and sanity features, like bounds checking. Fully missing the
fact that, good programmers achieve all of these goals (or at least strive
to).
On Fri, 11 Apr 2014 20:24:01 -0700, josephkk
joseph_barrett@sbcglobal.net> wrote:
See Link:
http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-
yahoo-mail-passwords-russian-roulette-style/
?;..((
This scare seems wonderfully well-timed to coincide with Widows XP
support stopping. Some ruse to panic people into upgrading to Win8,
possibly? Just a guess.
At the time of its creation, both memory and CPU time were expensive. It
wasn't practical to specify the language in a way that ensured bounds
checking because of the memory and time costs involved.
On Fri, 11 Apr 2014 20:24:01 -0700, josephkk <joseph_barrett@sbcglobal.net
wrote:
See Link:
http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/
?;..((
Here is the technical analysis:
http://xkcd.com/1354/
And some details:
http://www.theregister.co.uk/2014/04/09/heartbleed_explained
which reinforces what an astonishingly bad programming language c is.
On Fri, 11 Apr 2014 20:24:01 -0700, josephkk
joseph_barrett@sbcglobal.net> wrote:
See Link:
http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/
?;..((
Only if you're dumb enough to use Yahoo, gmail, or any Micro$hit
product.
...Jim Thompson
On Saturday, April 12, 2014 7:30:59 AM UTC-7, edward....@gmail.com
wrote:
http://www.theregister.co.uk/2014/04/09/heartbleed_explained
which reinforces what an astonishingly bad programming language
c is.
That just reinforces what an astonishingly poor understanding you
- and many others - have about programming languages, and about
bugs in software.
This was a bug in the implementation of the response to
"heartbeat" telegrams in OpenSSL, which is a commonly used
library for SSL. The bug was caused by the programmer using data
in the incoming telegram without double-checking it. It is
totally independent of the programming language used, and totally
independent of the SSL algorithms and encryption.
This is really a problem of the go
(ghost key pressed)
This is really a problem of the Government/Industrial leadership (or
lack of). This could have been fixed quietly with must less damages.
But now, everybody (including criminals) know how to and how easy it
is to hack into servers.
If someone discoveres a bug, who are you going to call? NSA, CIA,
FBI, etc?
Skybuck Flying wrote:
Unchecked buffers and stack overflows have been chronic security lapses for
decades now, thousands and thousands of times. Wandering around data structures
with autoincrement pointers is like stumbling in a mindfield, blindfolded. With
various-sized mines.
The c language and, more significantly, the c language culture, will make this
sort of thing keep happening.
Data should be stored in declared buffers, and runtime errors thrown if attempts
are made to address outside the buffer. Items should be addressed by named
indexes, not by wandering around with pointers.
So how to protect against this threat?
I just got an email from a friend's yahoo address, saying that this person
had been in an accident and needed me to send $1300 to a western union in Rome,
Italy. All false of course.
What to do? - practical steps?
On Sun, 13 Apr 2014 14:44:33 -0700, John Larkin
jjlarkin@highNOTlandTHIStechnologyPART.com> wrote:
On Sun, 13 Apr 2014 20:47:34 +0200, Cursitor Doom <cd@spamfreezone.net> wrote:
On Sat, 12 Apr 2014 10:39:03 -0700, John Larkin
jjlarkin@highNOTlandTHIStechnologyPART.com> wrote:
Working in c, always check every buffer for size errors. Study every pointer.
Don't just write the code, READ it.
I don't think that helps. You can study and study and study a chunk of
code over and over and over again and still not see where a possible
problem lies. Computer Guru extraordinaire Steve Gibson (grc.com) has
warned programmers about this phenomenon many times. Our thought
processes simply don't work that way.
So, write code, compile and run, ship it, but don't bother to check it?
Step-thru debugger.
That just reinforces what an astonishingly poor understanding you - and
many others - have about programming languages, and about bugs in software.
This was a bug in the implementation of the response to "heartbeat"
telegrams in OpenSSL, which is a commonly used library for SSL. The bug
was caused by the programmer using data in the incoming telegram without
double-checking it. It is totally independent of the programming
language used, and totally independent of the SSL algorithms and encryption.
Unchecked buffers and stack overflows have been chronic security lapses for
decades now, thousands and thousands of times. Wandering around data structures
with autoincrement pointers is like stumbling in a mindfield, blindfolded. With
various-sized mines.
The c language and, more significantly, the c language culture, will make this
sort of thing keep happening.
Data should be stored in declared buffers, and runtime errors thrown if attempts
are made to address outside the buffer. Items should be addressed by named
indexes, not by wandering around with pointers.
And it's crazy for compilers to not use MMUs to prevent data and stacks and code
from being all mixed up.
Remapping MMU hundreds or thousands times for every program? Impractical!
"Sylvia Else" <sylvia@not.at.this.address> wrote in message
news:br0tf2Fs854U1@mid.individual.net...
At the time of its creation, both memory and CPU time were expensive. It
wasn't practical to specify the language in a way that ensured bounds
checking because of the memory and time costs involved.
Have they never been "inexpensive"?
This sort of malady has been known since the 60s at least, and bounds
checking has been around since about the same time (e.g., when was BASIC
introduced -- which AFAIK, always has bounds checking... at least when
interpreted?). For God sakes, the 80186 even brought the BOUNDS
instruction to x86. It goes unused to this day!
"strings" are zero-terminated. Because
they're just stupid arrays, and the standard libraries decided they should
be treated in that way. Absolutely no necessity of doing it that way.
Of all the dubious aspects of the language, that's one that should recieve
the most ire. What a stupid idea. Other languages (I'm only familiar
with QuickBasic offhand) store strings with a length prefix. And do
bounds checking besides.
The same focus on short-term gains that's destroying the rest of the
world, not just software...
The CS departments of the world should have Manhattan-project, Man-on-the-moon
scale projects to make computing reliable. They have other priorities.
On Sat, 12 Apr 2014 10:39:03 -0700, John Larkin
jjlarkin@highNOTlandTHIStechnologyPART.com> wrote:
Working in c, always check every buffer for size errors. Study every pointer.
Don't just write the code, READ it.
I don't think that helps. You can study and study and study a chunk of
code over and over and over again and still not see where a possible
problem lies. Computer Guru extraordinaire Steve Gibson (grc.com) has
warned programmers about this phenomenon many times. Our thought
processes simply don't work that way.
On 12/04/2014 18:39, John Larkin wrote:
The CS departments of the world should have Manhattan-project,
Man-on-the-moon
scale projects to make computing reliable. They have other priorities.
CS departments have made a lot of progress in this field for high
reliability code. It is *INDUSTRY* that isn't listening to them.