Contents

1. Leonid Meteor Shower Peaks Early Tuesday Morning
2. SSL Renegotiation Attack Becomes Real
3. Microsoft Open Sources .NET Micro Framework
4. Optical Mice Used To Detect Counterfeit Coins
5. Are There Affordable Low-DPI Large-Screen LCD Monitors?
6. Intel Allows Release of Full 4004 Chip-Set Details
7. DNSSEC Implemetation Held Up By Tech Delays
8. 100 Million-Core Supercomputers Coming By 2018
9. Russia Recalls Modern Warfare 2
10. Mark Cuban’s Plan To Kill Google
11. If the Comments Are Ugly, the Code Is Ugly
12. Becoming Agile
13. Apple Patents ‘Enforceable’ Ad Viewing On Devices
14. Most Security Products Fail To Perform
15. Copyright Time Bomb Set To Go Off
16. The First Windows 7 Zero-Day Exploit
17. Public School Teachers Selling Lesson Plans Online
18. Nvidia’s RealityServer 3.0 Demonstrated
19. Free Software For All Russian Schools In Jeopardy

impress the women with your knowledge of the skies - by Blue Shifted (Score: 2, Interesting) Thread

i know it sounds funny, but through the years i’ve found many women who are interested in watching the meteor showers with me. when i used to hang with groups of friends in san diego, i’d inform all of them about an upcoming meteor shower and invite them to go with me to a mountain (usually palomar) to watch. and more often than not, more women would come with me than men.

and then i would answer all their questions about meteors; how fast they go, how big are they, where do they come from, the comets they are associated with, why they are named after constellations, etc. And of course i’d tell them scary stories about how Betelgeuse could kill all life on earth, and show them the BEAUTIFUL Pleiades through binoculars, and before you know it, they were looking at me in a whole new light, and hey, geeks were cool!

i’m old and have a girlfriend now, and she loves meteor showers too, so i don’t promote the showers with the single girls anymore, but just thought i’d throw this out there for my fellow slashdotters… Invite that girl you like to watch the show, she will probably like it!

Re:impress the women with your knowledge of the sk - by Blue Shifted (Score: 2, Insightful) Thread

also, bring a blanket, cause when it’s cold, you might just have to share it!

Vulcans - by Smivs (Score: 3, Funny) Thread

Watch out for the ones with pointy ears. They’re Leonid Nimoys!

Re:Vulcans - by royallthefourth (Score: 4, Funny) Thread
…and the ones with the eyebrows are Leonid Brezhnevs!

Better than light pollution - by E IS mC(Square) (Score: 3, Informative) Thread
Well, at least you still have a sky, and a chance to see meteors when weather permits. With the light pollution around NY/NJ in the USA, you can’t see one until it’s about to explode on you.  
 
I was amazed to see how many stars you can see with your naked eyes when I visited the ‘dark’ continent of Africa few years back.

Re:theregoestheinternet? Not so fast! - by cduffy (Score: 5, Informative) Thread

You could actually read the rest of the article, in which it indicates that this is not merely a CSRF-equivalent attack (as it was originally taken to be), as opposed to just reposting an out-of-context snippet chosen to make the editors look bad.

Good explanation of the bug by TLS spec author - by cullenfluffyjennings (Score: 5, Informative) Thread

A good source of info about what this attack is and how serious it is can be found at 
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

Kinda bad summary - by Virak (Score: 5, Insightful) Thread

Important part of the article:

He did it by injecting text that instructed Twitter’s application protocol interface to dump the contents of the web request into a Twitter message after they had been decrypted.

The only reason it was exploitable was because of Twitter’s API. Understandably, I’m not too worried about the rest of the Internet going down in flames any time soon.

Kinda bad article - by Virak (Score: 5, Informative) Thread

Well, I suppose it’s my own fault for trusting The Register. After reading the first article, I got curious and went on to check out the technical details of the exploit. What The Register phrases as “it’s Twitter’s API’s fault” is actually “holy fuck you can POST the whole HTTP message to arbitrary locations (hosted on the same server, anyway)”, which is a tad bit worse. While the Internet still isn’t going to go down in flames, this does open up potential for some sites to get some nasty burns, and in a way they almost surely won’t already be protected against, even if the developers aren’t idiots.

Well, I suppose thats another Benefit of Twitter.. - by Monkeedude1212 (Score: 5, Funny) Thread

It’s nice to have a Sandbox for testing the latest and greatest hacks and security protocols, where no one cares about the user and/or what information they’ve posted on the site.

Yeah, sure - by Shadowhawk (Score: 5, Insightful) Thread
Wake me up when they open source the main .NET framework. They put this out there because no one is using it.

There is a problem - by Groo Wanderer (Score: 5, Interesting) Thread

I was initially impressed by the MS ‘open’ pledges, until I talked to several coder friends. Their take, paraphrased, was that it was window dressing with a lot of traps. Basically, they ‘opened’ the wrapper, just like they did with their Office formats.

The problem, as it was explained to me, is that if you want to do anything useful, you have to call a bunch of things that are not opened, will not be opened, and MS can still sue your *ss off for using. One person asked how useful it is to ‘open’ the hypothetical call, Play_video_with_MS_proprietary_closed_codec? I mean, you can copy the functionality, but your software is only cross-platform to the extent that MS proprietary and closed codecs and other things are ‘open’.

This is nothing more than a stealth PR attempt, they will use it to say, “We opened everything up, and see, Linux still sux0rz because it can’t play movies, sound, DRM, or anything else useful. We opened everything up, but the Linux model is broken, and their lazy codes won’t do the right thing. If you want real XYZ, you need Windows”.

It is nothing more than opening the most useless bits, and using it as a PR hammer. Yay progress?

                  -Charlie

OMG it is Meta EEE! - by 140Mandak262Jamuna (Score: 5, Funny) Thread
Not satisfied with killing software competitors by the Embrace, Extend and Extinguish methodology, now they are doing it to licenses. Pretty soon Apache license will be incompatible with everything non Microsoft, inlcuding Apache Web Server. Run, Run away when you still can!

Marketshare in Mobile Market - by Ohio Calvinist (Score: 5, Insightful) Thread
Microsoft knows that mobile development is booming right now and their best chance to get into the market is on very accessible powerful development tools rather than the Windows OS which is quickly losing market share. If Microsoft can have mobile developers coding in .NET, having them be familiar with Windows development is trival (since the Framework obstruficates most of the OS API.) 
 
If the Framework gets ported to non-MS platforms, having those developers develop on Visual Studio, on Windows, in Windows eco-systems is additional trivial. 
 
I am absolutely certain that iPhone development is causing iPhone developers to learn and be comfortable with XCode on Mac machines while at the same time creating more skilled Objective-C coders that will be more proficent in writing normal OS X applications.

Re:Mono? - by LWATCDR (Score: 5, Informative) Thread

Nope this framework is for mobile devices and the 360. 
Microsoft is really dieing in the mobile space right now. WinMo 6.5 Still doesn’t have native support capacitive touch screens and the Mobile world is on fire with Android and of course the iPhone. 
HTC, LG, and Samsung are all developing or have released Android phones. 
Palm and Motorola are now dropping WinMo and going with WebOS and Android. 
This is one space where Microsoft is at best an also ran and really is dropping in the race for mind share.

How does it compare to a vending machine? - by istartedi (Score: 4, Insightful) Thread

In what ways does it defer, if any, from the techniques used in vending machines?

If it’s better, patent and sell to vending companies? Yeah… patents are evil; but maybe a novel application of an existing technology isn’t so evil in this case—provided it really is novel and not just a poor-man’s vending machine detector, in which case the vending machine companies may already have a patent on it…

Re:How does it compare to a vending machine? - by BKX (Score: 5, Informative) Thread

Vending machine detectors are usually just magnets (at least in the US). Very few countries make their coins with enough iron, nickel, or cobalt to be magnetic, so a magnet can pick out most slugs (the usual form of counterfeiting used on vending machines). I know; I own vending machines.

Also, it’s OT, but your sig annoys the crap out of me. I use whom correctly all the time, “intensive purposes” is retarded. Begging the question, though, seems to have actually changed meanings over the years, so, being a descriptivist, I’ll give you that one.

Re:How does it compare to a vending machine? - by Drishmung (Score: 4, Informative) Thread
Are they just magnets?

My understanding was that the coin falls into a balanced cradle that measures the diameter and weight. If it’s the wrong size it is rejected (and can fall through to another cradle that tests for a different value coin—-and so on). If it is the right size but the wrong weight the cradle tips too far or not far enough and deposits it in the reject slot.

If it’s the right size and weight then the coin drops between two magnets onto a little anvil. If the metallic composition is right the coin will slow just enough passing through the magnets to hit the anvil at the right place and speed to bounce into the accept slot. Anything else and it misses.

The end result is a very quick, accurate but cheap analysis of the coin’s weight, size and metallic composition.

I know that’s the way it used to work. Have they dumbed down the machines recently?

Re:Who counterfiets 2-Euro coins anyways? - by von_rick (Score: 5, Funny) Thread
I can get you a mouse, but you will need to write the algorithm yourself.

Genius you see… - by Monkeedude1212 (Score: 5, Funny) Thread

The laser from the mouse will heat up the chocolate inside of counterfeit coins, thus exposing the fakes and creating a mess.

It comes down to manufacturing issues - by WuphonsReach (Score: 5, Informative) Thread
There’s really only a few pixel densities manufactured today. 
 
0.282mm to 0.285mm (19” 1440x900 or 22” 1680x1050) 
 
0.270mm (seen in 24” 1920x1200 displays) 
 
0.243mm to 0.248mm (19” 1680x1050 or 22” 1920x1080) 
 
Personally, I find the 0.245mm pixels to be too small, with the 0.285mm pixels to be just about perfect for me. Then there’s the 15.4” Thinkpad display that is 1680x1050, that has really really small pixels (around 128ppi or 0.200mm). 
 
There is an Acer 27” that is 2048x1152 with reportedly 0.291mm pixels. 
 
Basically, when monitor shopping, you need to look at a particular resolution (such as 1680x1050) and then make sure to buy the displays that are the upper end of the size range. The 1680x1050 glass is currently sold in sizes that range from 19” to 22”. Your older users will be a lot happier with the 22” 1680x1050. 
 
Or you could go looking for 24-26” 720p TV sets which are typically 1360x768 and have very large pixels. Of course, the small resolution will quickly become a bane to future users. 
 
All of the smaller 1080p TV sets are all 24”, which is only a pixel size of around 0.270mm. So the 22” 1680x1050 displays with 0.285mm pixels are a better choice.

Non-problem? - by mewsenews (Score: 4, Insightful) Thread

I’ve noticed this option doesn’t cross the minds of some IT guys, but how about letting the users do what they want?

If they want to look at an awful non-native resolution on their LCD, why don’t you shed your single tear about the waste of technology and let them go about their business? Does it actually affect you in the slightest?

Q&A - by clinko (Score: 5, Funny) Thread

Q: “Why does Bill get a freaki’n big screen TV?!”

A: “Because Bill doesn’t bother the IT guy with stupid questions like this one.”

New Egg - by NewWorldDan (Score: 5, Informative) Thread

As usual, it’s New Egg to the rescue. You can search monitors according to pixel size. The largest pixel sizes give you a resolution of 1920x1080 at 28” (~$370). There are also some even larger screens at lower resolution, but I don’t know how big you want to go. They have large format screens - 32” at 1366x768, but those seem to be quite a bit more expensive (~$950).

http://www.newegg.com/Product/Product.aspx?Item=N82E16824254043 
http://www.newegg.com/Product/Product.aspx?Item=N82E16889252035

Personally, I prefer a 4:3 ratio on my screens and those have become very hard to find.

Age besets me - by xenoglossy (Score: 4, Interesting) Thread
Finding myself in my mid 40’s with a eye problem has affected work to a large extent. 20/20 all my life to end up with distorted vision in my right eye has led to a number of changes. First, went back to the huge Mitsubishi 2070 CRT. I find it clearer that the 19” LCD’s. Second, received glare reducing glasses from corporate HR (gunnars.com) which greatly help glare issues with my wonky eye. Without the glasses I cannot work a full day. Third, installed a theme manager to try and darken the windows screen. For the most part this works except for the inability to darken Outlook backgrounds and still be able to read email.. Fourth, looking into a large LCD or similar which can display a high resolution (lots of real estate) with “large fonts”…

Control Systems using 4004 - by SwedishChef (Score: 5, Interesting) Thread

In the very early 70s our engineering group was interested in using the new 4004 to simplify the production of control systems for heavy machinery (windlasses, hydraulic systems, etc). The machinery itself was slightly different from contract to contract and even from item to item within a contract so we had to design a new control system for each unit. When the 4004 came out we were excited to see if we couldn’t do it cheaper and faster using a microprocessor.

We had moved from relays and discrete wiring to CMOS components on printed circuit boards and thought that was a big step. CMOS could be run at 15vdc which meant that the noise inherent in the environments our machinery worked in would not be quite as big a problem.

Unfortunately we discovered that we had several problems including the limited instruction set and memory capabilities of the 4004 along with the lower voltages needed so we stuck to CMOS until I left a couple of years later.

Still, the 4004 was my introduction to microprocessors and that changed the course of my career from electronics and electronic control systems to digital control systems and computers.

It’s been an exciting ride, too. I am grateful to have grown up with the technology.

Re:If one was produced with a 40nm process… - by mako1138 (Score: 5, Insightful) Thread

This is true, but smaller process nodes also produce faster transistors. When you make things on the chip smaller, you have the practical effect of reducing parasitic capacitance in transistors and interconnect. Lower capacitance means a smaller RC time constant (using a first-order model), so logic will work faster. Intel’s 45nm process can create an inverter with a delay of less than 5 ps.

Your statements imply that transistors have a fixed speed, and that the only way to improve performance is parallelism. This is false.

A great presentation of it all on YouTube - by V!NCENT (Score: 5, Informative) Thread

Link: http://www.youtube.com/watch?v=j00AULJLCNo

Re:Awesome! - by dissy (Score: 5, Interesting) Thread

One of the things I hated most about my computer arch class was that we had to learn about a completely made up system design which didn’t translate to ANYTHING in the real world. Oh yeah, and it was RISC. *Snoooreeee*

That’s only because you dropped out before getting to the FPGA classes!

Any functional CPU design (technically non-functional ones too, for whatever good that would do) can be flashed into an FPGA and become as real as any other silicon chip.

And identical to psudocode, psudo-chipfab can be translated into any real code/fab language by anyone that knows basic design and the target language. You were supposed to be learning the basic design part, so once you got to using a real language used in the real world, you would have some clue what to do with it.

Re:Awesome! - by loose electron (Score: 5, Informative) Thread

For the most part - Newer digital designs are language driven, not schematic driven. The advent of Verilog & VHDL lead to purely digital designs done up in code.

Some of the special devices are done using transistor level design, but synchronous logic these days is a HDL (hardware description language) followed by gate level synthesis, and then autoplace and auto routing.

A lot of fine tuning along the way for high performance items does get tweaked a lot but for the most part, digital chips are created as a coding exercise.

Why use digital signatures? - by Myria (Score: 4, Interesting) Thread

This really seems like a ploy by VeriSign and friends to make ever more people and companies to purchase signed certificates at $100/year or whatever. I don’t feel that it’s necessary to use digital signatures to secure the system.

The fundamental flaw of DNS is that the “nonce” - the one-time-use random constant used to prevent spoofing - is only 16 bits. If you’re going to change the DNS protocol, why not just increase the size of that field to 64 bits and be done with it? Then it’s only a software change to DNS servers rather than an expensive certificate and far less of an administrative headache.

Also, I don’t think that it’s even necessary to change the protocol. The protocol allows for multiple DNS queries in one packet. When doing a DNS query, ask for both www.google.com and a nonce domain like eujrdyhtaeoym.example.com. If the query comes back saying that eujrdyhtaeoym.example.com does not exist (or even if it says it does!), you know nobody is spoofing DNS queries back at you because unless they were snooping traffic, they wouldn’t have a way to know that your nonce was eujrdyhtaeoym.

Re:Why use digital signatures? - by Burdell (Score: 5, Informative) Thread

You should understand DNSSEC before criticizing it. It doesn’t work with SSL-style certificates that have to be signed by a recognized certificate authority. Also, it doesn’t change the existing protocol, it extends it in a (mostly) backwards-compatible way. DNS servers just have to know how to request and handle the new additional records; old servers and clients keep working fine.

Your proposed solutions only fix one small piece of the DNS problem, that of spoofed network packets. DNSSEC authenticates the entire response chain, so that (for example) you can be sure that your ISP isn’t modifying responses to point you somewhere else (such as their servers) rather than what you requested.

With DNSSEC, you could possibly eliminate the SSL certificate authorities and use signed DNS records to include the certificate information (so you can make sure that when you go to https://www.foo.com/, you really got www.foo.com’s certificate and not that of a man-in-the-middle attacker).

Technical delays, Yeah Right. - by lbalbalba (Score: 3, Insightful) Thread
Unable or unwilling admins is more like it.

Re:Technical delays, Yeah Right. - by Anonymous Coward (Score: 3, Insightful) Thread

Yeah, Verisign, the largest certificate authority, is the organization responsible for implementing the feature of DNS that basically makes certificate authorities less necessary? I’m sure they’re all over trying to get this done quickly.

Can someone explain ZSK and KSK? - by rsborg (Score: 4, Insightful) Thread

Kane said that VeriSign will create and manage the zone-signing key (ZSK) for the root zone, and sign the root zone, for .net and .com. Icann will create, manage and publish the root zone key-signing key (KSK).

This is over my head, as the terminology seems repetitive (ZSK for root zone vs. root zone for KSK ?!?!)… can anyone explain the details to a DNSSEC initiate (A quick google search didn’t yield any easily understandable content).

Why build this monstrosity? - by 140Mandak262Jamuna (Score: 5, Funny) Thread
We know what answer it is going to give. 42. Save the money.

Re:AMD vs Intel - by Eharley (Score: 5, Informative) Thread

I believe AMD was the first mass market CPU to include an on-board memory controller.

Why 100 million processors? - by 140Mandak262Jamuna (Score: 4, Funny) Thread
Technically, shouldn’t 640K processors be enough for every one?

Re:Why 100 million processors? - by Yvan256 (Score: 4, Funny) Thread

It is, if we’re talking about cloud processors for running vaporware.

Re:How many problems can these systems really solv - by Again (Score: 5, Funny) Thread

So you’re saying that OpenOffice would still take forever to start.

America gets it far worse - by mike260 (Score: 5, Funny) Thread

The US military spends half the game trying to recapture a Burger King and the other half trying not to bomb their own White House. At least the Russians get portrayed as *competent* terrorists.

Have they played the mission? - by cosm (Score: 5, Insightful) Thread
In ‘No Russian’, you play as an American CIA agent, and you, as an AMERICAN agent, lay round after round into the innocent populace, alongside the Russian antagonist. I think the even larger message Infinity Ward sends with this mission is the atrocious things the American government is willing to do for the sake of ‘National Security’.  
 
Does anyone else see the hilarity in this? Not to mention their foreshadowing of American soldiers torturing an informant via electrocution! Each side of the geopolitical spectrum gets demonized in their own right.  
 
But hey, lets just hate on the game that shows the gritty reality of the world.

Re:Have they played the mission? - by tetromino (Score: 5, Interesting) Thread

If you made a game with a “No English” mission, where you play as a Russian GRU agent who helps an American terrorist John Remington kill dozens of American civilians at a New York City airport, you will get the American version of game censorship: none of the major stores (Walmart, Best Buy or GameStop) would touch the game with a 6-foot pole. The only reason the federal government wouldn’t try to censor the game is that US law currently doesn’t allow it to do so.

But the Russian law does allow such censorship: propaganda of terrorist activities is explicitly illegal. And a game that allows you to participate in terrorist acts (as opposed to just passively watching them or reading about them) would probably have been judged to be propaganda of terrorism, if the game’s Russian publisher had decided to go to court about it instead of proactively removing the mission.

Re:Have they played the mission? - by snowraver1 (Score: 5, Informative) Thread
I played this mission. All the hype was saying you have to kill dozens of civiilans, but in truth, you didn’t have to kill any. You were just along for the ride. If you chose to kill some, that was up to you, but it was not required. I am sick about all the misinformaiton about this game.

Re:Have they played the mission? - by H0p313ss (Score: 5, Interesting) Thread

I actually found myself facing a moral quandry when I got to this mission. So I opted to try not using my weapon at all… this was no problem until we faced heavy opposition from the security forces and I opted to apply my fire selectively for self defense. So all told I fired less than 50 rounds, didn’t shoot a single civilian and mostly hid behind things.

That being said I have been waiting for this to hit the proverbial fan ever since.

You first, Mark - by Jason Levine (Score: 5, Insightful) Thread

Looking at Mark Cuban’s robots.txt file ( http://blogmaverick.com/robots.txt ), I see that he’s not blocking Googlebot. Therefore, he is listed in Google’s index. So why should someone take $1 million from him to leave the Google index when he clearly does not want to leave Google’s index himself?

Fundamentally unsound business strategy - by Stuntmonkey (Score: 3, Informative) Thread

Any business strategy that boils down to “kill off competitor X” is fundamentally unsound in this type of open market. Michael Wolff, in his recent Vanity Fair article on Rupert Murdoch’s troubles succeeding on the internet, stated the issue well:

Murdoch is not a modern marketer. He runs his business not on the basis of giving the consumer what he wants but through more old-fashioned methods of structural market domination. His world, and training ground, is the world of the newspaper war—a zero-sum game, where you wrestle market share from the other guy.

To view any of Google’s markets as zero-sum is fundamentally myopic, and plays to Google’s advantage. Any competitor is better served identifying something that Google doesn’t do well for the customer, and focusing on that instead of taking market share away from Google. Of course, this requires real work and innovation.

Pay the users. - by w0mprat (Score: 3, Interesting) Thread
I always said you’d have to pay me to use Bing. How about bribing 1 million heavy users with $1000 to switch and evangalize about it? That’s one epic astroturf right there.  
 
Nice to know our richest people fail at finding uses for their spare cash that actually benefit the human civilization.

Microsoft’s real problem - by Wonko the Sane (Score: 4, Funny) Thread

Before Microsoft tries to take over from the most successful search engine in the world they really need to get a better name. Can you really imagine youself using “bing” as a verb in mixed company?

The person who came up with that name must be the same one who thought it was a good idea to sell devices that allow you to “squirt” pictures of your kids.

Not to be a communist here… - by Arcaeris (Score: 5, Insightful) Thread

… but if he’s going to just throw a billion dollars away, why doesn’t he do something decent with it like feed the poor or cure a disease or give computers to schools or fund music programs?

Or start a new business to help America get its shit together and beat this recession?

I can’t believe the OP is even possible - by syntap (Score: 3, Insightful) Thread

Whoever is criticizing grammar in comments obviously never had to look through legacy code and ask him/herself “WTF was this developer thinking?!” Or better yet, looking at one’s own code written five years earlier and asked him/herself “WTF was I thinking?!” In those cases, any comments at all will provide clues.

We should be encouraging coders to use comments _at all_, not giving incentive to shortchange it because they are going to be graded on stuff the compiler ignores. Any coder stuck with making changes to old code will be very thankful to see long-winded comments.

Let’s not forget that code is read many more times than it is written. Yes, it would be nice to have precise comments that tell all. But if a coder wants to go into detail then friggin let him, to suggest otherwise is just dumb.

syntactic and logical perfection can be crap - by lophophore (Score: 5, Insightful) Thread

Perfectly working, syntactically and logically correct code can be utter crap if it is not maintainable.

Years ago, a very smart man told me that I was not writing code for the compiler, I was writing code for the next poor slob that had to work on it. Let’s face it, most source code is going to be subject to rework or maintenance over its life span, so let’s do what we can to make that next developer productive. The key to this is reasonable commenting.

One of the best ways I know of to teach developers to write maintainable code is to have them do support and maintenance for a while. Developers learn quickly which styles work for maintenance, and which ones don’t.

As far as I am concerned, source code needs to look good as well as compile. So I would go one step beyond TFA to say that style, indentation, proper symbol names, use of constants where appropriate, and (yes) proper commenting are all good indicators of quality in source code.

Comments are for future maintainers - by cwills (Score: 3, Insightful) Thread
The whole purpose of comments is to explain the code so that future maintainers (including the author of the code) can easily understand what is going on. If done right, a maintainer can pick up a module and come up to speed as to what the code does, why it does it, and any thing else that might trip them up. Comments need to capture the developers thoughts from when the code was being designed and written. The reasoning and ideas behind an algorithm that took several months to design cannot be truly captured with a 3 line comment and 25 lines of code.

I feel that comments can be broken into four types:

1. Boiler plate front matter. These are the comments that are required by the coding standards of the shop. Usually contains copyright notices, author’s name, list of changes, etc.
2. Specification and reference comments. A list of the external references, such as the formal specification for the code, a bibliography for the algorithms used, etc.
3. Block comments. These should describe the intent of a larger block of code. The reader should be able to take all the block comments from a program and have a good understanding what the entire program does. Block comments should describe the what and why. Block comments should also describe any gotchas, or special conditions that the maintainer needs to be aware of.
4. Line comments. Should describe the purpose of a small number of statements. Line comments should not merely echo the action of the code itself, but describe what is happening and how the particular action relates to the rest of the program.

   i += 4; /* Increment i by 4 */ BAD comment 
    
   i += 4; /* Ignore the first 4 fields */ Better

OT on long comments - by FrankSchwab (Score: 5, Interesting) Thread
Being as this is devolving into a discussion of long comments, rather than a discussion of whether mispellings in comments indicate a lack of attention to detail in coding, I thought I’d throw in something.

To maintain some sense of topicality: I don’t particularly agree with the blog post. As someone with good English skills, I’ve read a lot of code where the English language skills (and thus spelling and grammar in the comments) of the coder are below mine, but their skills in the computer language at issue are superior to mine. Frankly, there’s a far greater relationship between accuracy of the comments (do they actually describe what the code does) and the quality of the code, than there is between spelling, subject-verb agreement, and number of spaces after a period and the quality of the code. This relationship does follow the blog author’s contention about coders needing to be nit-pickers.

Occasionally in my coding, I write a novel in the function header. Generally, this isn’t because I don’t understand the problem so much as its because I do understand the problem. I’ve spent hours or days understanding the problem, and the particular necessray function that implements the solution, and I don’t relish spending hours or days 6 months in the future remembering what I know today. The interesting thing is that, most of the time, the novel is multiple times larger than the function - 50 lines of comment for a 20 NCLOC function isn’t unheard of.

In my specialty (embedded systems, with especially tight hardware integration), there are functions that need to be written that deal with extraordinarily complex situations. Many times, the bare code tells a misleadingly simple tale - “do this, that, and the other thing”, rather than (as Russ Nelson pointed out above)

. Oftentimes, the novel is there to explain all the ways to trip up in this 20-line function - e.g. unspecified hardware dependencies, subtle system dependencies, unobvious race conditions. Sometimes its there to explain why, no matter how wrong the function appears, it is actually correct.

You are not expected to understand this - by wandazulu (Score: 5, Funny) Thread

The granddaddy of WTF comments must come from the original Unix source, written by none other than Dennis Ritchie: /* 
          * If the new process paused because it was 
          * swapped out, set the stack level to the last call 
          * to savu(u_ssav). This means that the return 
          * which is executed immediately after the call to aretu 
          * actually returns from the last routine which did 
          * the savu. 
          * 
          * You are not expected to understand this. 
          */ 
        if(rp->p_flag&SSWAP) { 
                rp->p_flag =& ~SSWAP; 
                aretu(u.u_ssav); 
        }

So here’s an example of a comment that does an excellent (I assume) job of explaining why the code is doing what it’s doing, yet the whole thing is so complicated that Ritchie even needed to acknowledge that the comment probably wasn’t going to be of much help either with an amusing, and now somewhat famous, statement.

How to turn your skilled employees into cogs - by composer777 (Score: 5, Insightful) Thread

I think the appeal with agile development is that it removes any barriers that programmers might have, such as rigid milestones, etc, and basically allows management to do what they want in terms of setting goals. It also is appealing to management because the knowledge sharing implies that they can get rid of their most expensive employees after a period of time (once the knowledge has dispersed). Specialized knowledge is an anathema to management, as it means that you have to pay that person more, and it’s critical to the business, it’s harder to fire them.

We have to evaluate agile based on it’s real world results, not what the books describe. In the real-world, agile creates a very high-pressure work environment, where personal space is non-existent, everyone is watching you, and your work is constantly on display. This pressure can produce productivity gains but I would say that in the long run these gains aren’t sustainable. I think agile is a very poor fit for your average introvert, which, imagine that, describes most programmers very well. What I believe will happen is that over time the better developers will move to a work place where things aren’t quite so agile.

In the mean time, throwing out such ideas as design first, is going to cost us, big time. I think that software quality will drop, but it won’t be obvious, as “quality” and “productivity” aren’t things that are easily measurable. Often times, managers walk through a room, and if they see a bunch of people typing away or debating some design issue, then they see that busyness as productivity. No, I think the drop in productivity will become apparent when non-agile competitors clean their clocks, but then it will be too late.

PyPy - crashing and burning with “agile”. - by Animats (Score: 5, Interesting) Thread

The attempt to write a Python implementation in Python, PyPy, turned into a death march. The project has been underway since at least 2003 (when they had their first “sprint”), never produced a usable system, and the European Union pulled the plug on funding. But the project limps on. There’s a released version. It’s slower than CPython. There’s supposed to be a “just in time” compiler Real Soon Now. (This is try #2 at a JIT, not counting the schemes for outputting Java bytecode and Javascript.) Six years in on a compiler project, and no product.

The PyPy project is very “agile”. They have “sprints”. They have “flexibility”. They have nightly builds. They have mailing lists and trackers. They support multiple output back-ends. They have about 50 contributors. What they don’t have is a usable product.

Meanwhile, one programmer produced Shed Skin, which compiles Python to C++, with a speed gain of 5x to 50x over CPython.

When the problem is dominated by design and architecture, “agile” doesn’t help.

Re:PyPy - crashing and burning with “agile”. - by Clover_Kicker (Score: 5, Insightful) Thread

Yeah but I’m sure someone here can point to hilarious failures of any methodology, or tool, or language.

Let’s face it, software sucks. Writing software is hard.

Agile development in engineering? - by 140Mandak262Jamuna (Score: 5, Interesting) Thread
Our company is trying to switch to Agile methods and have bought some software. Hoping to get training scheduled soon. But from what I see in the intro so far, all the examples are from GUI development or web support or IT where a large number of coders with very similar skill set is used to implement from the scratch a new application for deployment.

But our company software has a large installed base and we need to fix bugs in existing code and somehow graft new functionalities into existing architecture with full backward compatibility for old saved data. And the skill set of coders varies widely. There are just a couple who can even touch isoparametric element stiffness matrix code, to name just one example. I still dont know how agile is going to change the way those two guys work.

I see the advantages of early feedback, and early testing, testing partial implementations etc. But at some point for some kind of code development, Agile may not be the best way to do the code. And I am hoping the training will shed light on where I can use Agile and where I should stay clear of it. I don’t want to jump on a band wagon because it is the latest and then have a minor revolt among my padavans.

Ad hoc is best - by etymxris (Score: 5, Insightful) Thread

The best programmers utilize domain specific knowledge gained through years of experience to perform the project design and development tasks that make sense. Trying to generalize one model to fit all domains is doomed to failure. Mainframe COBOL screens work differently than web screens which work differently than low level screen drivers and so on.

If you’re starting work in a new domain, no methodology is magically going to make things work. New domains of development require plenty of experimentation and failure. How to best build the project is going to depend on what comes out of that experimentation.

And above all, the most important factor is people. You need smart people. No amount of clever methodology is going to make mediocre programmers create a great project. And for smart people, SDLC usually stands in the way of what they already know works best.

Apple officially adopts Evil(tm) - by David Gerard (Score: 3, Funny) Thread

After bricking unlocked iPhones, kicking applications off the iPhone store that might even slightly compete with iTunes in the far future and filing a wave of patents on basic well-known computer science as well as some of the most obnoxious ideas for advertising ever invented, Apple Inc. today filed a Form 8-K with the Securities and Exchange Commission declaring that it was openly adopting Evil as a corporate policy.

“Fuck it,” said Steve Jobs to an audience of soul-mortgaged thralls, “we’re evil. But our stuff is sooo good. You’ll keep taking our abuse. You love it, you worm. Because our stuff is great. It’s shiny and it’s pretty and it’s cool and it works. It’s not like you’ll go back to a Windows Mobile phone. Ha! Ha!”

Steve Ballmer of Microsoft was incensed at the news. “Our evil is better than anyone’s evil! No-one sweats the details of evil like Microsoft! Where’s your antitrust trial, you polo-necked bozo? We’ve worked hard on our evil! Our Zune’s as evil as an iPod any day! I won’t let my kids use a lesser evil! We’re going to do an ad about that! I’ll be in it! With Jerry Seinfeld! Beat that! Asshole.”

“Of course, we’re still not evil,” said Sergey Brin of Google. “You can trust us on this. Every bit of data about you, your life and the house you live in is strictly a secret between you and our marketing department. But, hypothetically, if we were evil, it’s not like you’re going to use Windows Live Search. Ha! Ha! I’m sorry, that’s my ‘spreading good cheer’ laugh. Really.”

There’s a very simple workaround to this problem. - by petes_PoV (Score: 3, Interesting) Thread
… don’t buy stuff from Apple.

Really, there are many more and often better alternatives to pretty much everything that Apple sells. I can see no reason why I would feel the need to be abused by stuff I’ve paid for and have it tell me what to do.

n900 - by dwater (Score: 3, Insightful) Thread

Does this patent mean Nokia can’t use it on the N900 (and successors)? if so, “Good, well done Apple.” Tough shit iPhone users though.

welcome to america! - by nimbius (Score: 4, Insightful) Thread
where failure to consume is frowned upon, if not outright treasonous.

Want to bypass the enforceable advertising? - by L4t3r4lu5 (Score: 5, Funny) Thread
There’s no app for that.

Confidentiality Integrity Availability. - by Dr. Evil (Score: 5, Insightful) Thread

This all sounds like security certification speak.

Among the recommendations from the article: “Use certified products. While certification can never eliminate risk, it substantially reduces risk by ensuring that products meet objective, publicly vetted criteria.”

This shouldn’t be on Slashdot. We all know that the best software tools are FOSS, subject to the most rigourous testing and peer review. “Certified Products” are a black box with a “Trust us” next to a logo for a “Limited Liability Coproration.”

The article should be lumped in with the Gartner reports and marketing materials.

Security is a process not a product - by Afforess (Score: 5, Insightful) Thread
There is no such thing as security. You can become more secure, but never absolutelysecure. Security is a process, not a product. The moment we realize this, most of these problems go away.  
 
Instead of looking for the “silver bullet” in the form of a anti-virus software, you should be using anti-virus in conjunction with Firewalls, the latest patches for your OS, and safe browsing habits. After all, I would bet that 9/10 viruses come in the form of human error rather than the case of a malicious hacker trying to force entry to your system.

This just in! - by L4t3r4lu5 (Score: 5, Insightful) Thread
New devices and software may have bugs which affect performance. Patches may be required for correct performance when exposed to unexpected conditions. 
 
Is security software supposed to be automagically immune to human error? Or is this another “Coders aren’t employing secure coding practices” piece I’ve been reading for well over 3 years. “Validate your inputs” “check loops exit under all circumstances” etc etc. Woo. Insightful this ain’t.

Re:This just in! - by mcgrew (Score: 5, Insightful) Thread

Woo. Insightful this ain’t.

Mods, please don’t mod that uninsightful coment “insightful”. Having a defect in a device I’ve bought has been extremely rare, buying anything from toasters to TV sets to video cards that just don’t work is unheard of. Don’t talk to me about the “complexity” of writing software, you think you car is simple?

If your software is buggy your company is incompetent. Period. We as customers shoud stop putting up with defective products and beta sofware that’s been rolled out as a “finished product.” If I find your software doesn’t perform, I should get my money back.

People, can we please stop putting up with incompetents’ excuses? After a quarter of a century of putting my up with your crap software I’m getting a little tired of it.

Re:This just in! - by RichardJenkins (Score: 5, Insightful) Thread

Your car may be complex, but it has relatively few ways for the user to interact with, and is likely always used in the same environment, and fundamentally the same to most every other car on the road. It’s been done. Lots.

This goes doubly for your TV and even more for your toaster.

Are you saying software bugs needn’t exist because mechanical and electrical engineering can be done so well? That’s asinine.

And last I checked, most cars can still crash.

Re:Effect on games, etc.? - by Rary (Score: 5, Informative) Thread

It won’t. A licensed use of a song can’t be retroactively unlicensed just because the copyright changed hands. Once it’s licensed, it’s licensed.

However, if the game companies want to use some of the same songs in future versions of the game, they may find themselves negotiating with different people this time, who may have different terms, or may even decide against licensing altogether.

Tables turned - by mr_gorkajuice (Score: 5, Interesting) Thread
Cool stuff. Artists will be giving publishers the same phrase publishers have been giving consumers: “You don’t own the music you bought from us - you’re just licensed to it”

Awesome - by SirGarlon (Score: 5, Interesting) Thread

I did not know about the grant expiration clause written into the 1976 Copyright Act (RTFA to learn more). It’s good to know that Congress defined copyrights to actually belong to the artists and they can get them back from the recording companies after 35 years. This sort of restores my confidence in US copyright law. Seriously.

Of course I think 35 years is too long but that’s just a matter of degree. I wonder if the same applies to book publishing contracts.

Re:Awesome - by Rogerborg (Score: 5, Insightful) Thread
What was Written can be Unwritten. Watch for a rider being slipped through on the Protecting Freedom, Goodness and Innocent Children Act 2010. Congress has gotten better at this since the last time they got caught boning creatives over Work For Hire.

Re:Awesome - by db32 (Score: 5, Funny) Thread
No, they will find something they can name like the whole USA PATRIOT crap. For example, the US Internet Safety & Freedom Under Copyright Key Enhancement Doctrine…

Erm… no. Not quite. - by jimicus (Score: 5, Insightful) Thread

I respectfully disagree.

Any IT staff worth their pay packet should have EVERYTHING blocked at the firewall, then open holes for things that you can be certain you need. Ideally, those holes don’t go direct to systems on the company LAN but instead to a DMZ.

Re:buttons - by BrightSpark (Score: 5, Funny) Thread
Does it have Digital or DG written on it too? Happy days. From the time when a cluster was better than a cloud? When computers were “managed” by people who knew how they worked and who knew Netbios was for something only a friend would share (with another friend). If you wanted a file over a network you sent a request to the Operator for a kind lady to haul your disc pack to the big washing machine thingy and mount it for you. Promotion meant getting system privileges like clearing your own printer queue. Goodbye PDP-11. Mourn not for AOS-VS II. Farewell DG/UX. No more CLI. Welcome to the nouveau “geek” who needs to know why it’s bad to have port 139 open but kicks ass in Gears 2. To quote Ripley from “Aliens”, “Did IQs suddenly drop while I was gone?”

Answer - by AliasMarlowe (Score: 5, Informative) Thread

Here’s a list of assigned port numbers: https://www.arin.net/knowledge/rfc/rfc1700.txt

Re:I have to ask - by Spad (Score: 5, Informative) Thread

139 is NETBIOS, 445 is SMB.

139 is used for discovery and browsing of network shares (Primarily on legacy machines), 445 is the “current” port for accessing network shares.

Terrifyingly potent - by Sockatume (Score: 5, Funny) Thread

A maliciously crafted URI could hard-crash affected machines beyond any remedy

Oh no! A PC-killer!

besides pushing the white button

A reboot? Well, it’s an unorthodox and extreme solution to a machine crashing, we’ll have a hard time convincing Windows users to do that.

You all have no idea - by rlp122 (Score: 5, Informative) Thread
It’s laughable at the number of people here who think that teachers get time to create anything during public school hours. My wife is a third grade teacher. She spends literally all of her at work free time in meetings. Parent meetings. Administration meetings. Team meetings. She gets zero time to grade papers, produce teaching plans, or anything else at school during her regular working day. She makes a whopping $45k a year which for the Atlanta area will barely rent a one bedroom apartment and keep up a run down car. If it were not for my job we would have to move just to make ends meet. Not to mention that she has $60k of education debt @$350 a month. Plus she still has to do continuing education and pay for it out of her pocket. It takes roughly 15 to 20 hours of her time at home per week to grade papers and do lesson plans. It’s just this school perhaps? Not on your life. She has worked at 4 different schools and every one of them is exactly the same. Ask any teacher, I bet you get nearly the same results. I agree the public school system is crap. But it’s not the teachers fault. They have to teach what the national, state and local school board(s) tell them to teach. Not to mention that they have to try and get Johnny who doesn’t speak English and is dumber than a box of hammers up to the same level as the rest of the class. For which the rest of the class suffers, because the teacher has to spend one on one time with him. Before you go bagging on how it’s always the teachers fault, perhaps you should put your brain back in and actually think of who controls what the teacher does. Because they sure don’t get to teach what they want to. If they did, kids might actually get a quality education.

Dinners out, mortgage payments, credit card bills - by Zarniwoop (Score: 3, Funny) Thread

Unbelievable. Why would somebody making a sweet $34,000 after a mandated four-year education feel the need to supplement their income!

We’re paying them a fair wage for their work. Salary, so the “extra time” they spend outside of school (like they need that!) lesson planning, well, that’s figured in as well.

Those greedy bastards. Trying to afford things like food, housing and clothes.

BTW: Google ad as I type this is Want to Teach Special Ed? Noooooooooooo. Nooo! No. No sir! No, I do not. No. Thank you.

Peanuts Compared to Textbook Rip-Offs - by rueger (Score: 5, Insightful) Thread
Given the exorbitant, outrageous, and staggering prices that even first year post-secondary text books sell for, this doesn’t seem worth a moment’s thought.  
 
Once you’ve figured out how to price text books about the same as a best seller hard-cover book instead $100-200 a copy, I’ll be willing to worry about teachers selling lesson plans.

Married to a teacher… - by Anonymous Coward (Score: 5, Insightful) Thread

I know the bad ones copy the lesson plans out of the back of the text and are headed out the door as soon as their union obligated hours are done. The good ones spend countless hours of their own time at home, on the weekends, during winter, spring and summer break, creating new and innovative ways to engage their students.

The best of the best pass those ideas down to other teachers, through workshops and other means.

But, I cant fault someone for wanting to get paid for there time.

Bind not the mouths of the kine… - by Anonymous Coward (Score: 4, Informative) Thread

The teachers developed workable lesson plans. Unless things have radically changed since I last taught, the time to develop lesson plans is probably not built into the schedule. You do that on your own time, or in a very short time period like a 30 minute ‘planning period’. If the government would like to own these lesson plans then perhaps they should consider paying for the time used to develop them.

One question: Why? - by adolf (Score: 5, Insightful) Thread

Summit, in TFA, goes on at different points about a car application — ie, a system that one might use to preview and/or order new cars. Pick your wheels, your paint, your trim, your seats, and get a few views of the thing in short order*.

All I can think is that if it were really so important for Ford to give you a raytraced view of the car you’re ordering, that the options are so limited that all of them could easily be pre-rendered and send all together. How big are a few dozen JPEGs, anyway?

Even if a few dozen JPEGs isn’t enough: Don’t we do this already with car manufacturer websites, using little more than bog-standard HTML and a whole bunch of prerendered images? In what way would having this stuff be rendered in real-time be any more advantageous than doing it in advance?

Do we really need some manner of fancy client-server process, with some badass cloud architecture behind it, when at the end of the day, we’re only going to be shown artificat-filled progressive-JPEG still frames with a finite number of possibilities?

Everyone, please, go look at the demo video. Neat stuff, I guess, but it’s boring. Office with blinds open; same office, blinds partly open. Then, closed. Office at night. Different angle. Woo. It’s simple math to figure out how many options there are, and it’s just as simple to see that it’s easier, cheaper, and better to just go ahead and render ALL of them in advance and be done with it and just serve out static images from then on out.

If I’m really missing the point here (and I hope I am), would someone please enlighten me as to how this might actually, you know, solve a problem?

*: Just like a lot of auto manufacturer’s websites already do TODAY, using only HTML, static images, and a sprinkling of javascript or (less often) flash.

This is Old Technology - by webbiedave (Score: 5, Funny) Thread
I got some reality served to my phone last week in the form of a break up text from my girlfriend. It took four months to render.

Didn’t we see this slashvertisement before - by tomhudson (Score: 5, Informative) Thread
… like two days ago …

Re:Hours and hours - by Romancer (Score: 5, Informative) Thread

Better demo of the capabilities here:

http://www.youtube.com/watch?v=atcIv1K_gVI&feature=related

Re:Hours and hours - by adolf (Score: 5, Informative) Thread

Whatever.

I used to do some raytracing stuff with POV under MS-DOS back in the day, on hardware far slower than the 6-year-old Palm Zire that I recently retired. Nowadays, the iPhone/droid/whatever is way faster.

Was it slow? Of course. But it was nowhere near “months.” Long hours, or days — yes. Not months. Nowhere near. Especially if I were targeting something the size of a modern mobile screen, instead of the fairly high-resolution stuff I was interested in back then.

[I already moderated this article, and posting will undo all of that. Oh, well — that’s the bane of the lack of the -1, Disagree moderation . . .]

Free Windows SW is cheap marketing. - by FrankHS (Score: 5, Insightful) Thread
Microsoft gives the schools free software and Russian students learn to use it. They get the Microsoft propaganda (Lower TCO, innovative, how easy is is to do … etc). In a few years these students are the experts and will be working in government, industry and where ever. When they are asked how to solve a problem they will usually recommend Microsoft because that is what they know. Now had they been trained on OSS they would recommend that. This is a quite a bargain for Microsoft, even if they give the schools free software forever. If it works for them a large part of Russia will be using and paying for Microsoft software, just like here.

Re:Where can I send disks? - by mk_is_here (Score: 5, Funny) Thread

You’re trying to offer DDOS (Disk Delivery Overseas Service) to Russia?

Donations? - by Tablizer (Score: 5, Insightful) Thread

It almost smells like sabotage. I imagine MS wouldn’t directly do it, but instead pay people to “keep an eye on the project” with a lot of wink-wink. I wonder if there’s not a way to donate to the cause?

Special pricing. - by palegray.net (Score: 5, Insightful) Thread
This is business as usual for governments and Microsoft. The government in question threatens to roll out an open source solution to a large number of machines, problems magically pop up early in the deployment, and Microsoft pitches their solution for next to nothing in upfront costs. Note that the ongoing costs of managing the deployment down the road are virtually never considered, and the taxpayers wind up getting screwed with a “solution” that eats up enormous amounts of money in overhead, future licensing fees, and security issues.

Re:Special pricing. - by palegray.net (Score: 5, Insightful) Thread
Of course it does. The difference is primarily that you don’t get yourself locked into a single platform for years to come that winds up costing a small fortune in licensing fees, and your overhead for managing the systems is lower over that period as well. I’ve worked on both sides of this equation for over a decade.

Signal to Noise ratio over time