|
(Mostly a repost of something I wrote elsewhere yesterday.)
The problem is that, like with most hard problems, there are *NO* good solutions. We could:
1) Yank the plug before a disaster happens; don't have any fallback mechanisms in place. This is the current plan. It will have the unfortunate effect of cutting of millions of people whose $10 feature phone with a minimalistic web browser is the only way they can get online, and which they can't afford to replace because $10 is a weeks total income/a years disposable income making it unaffordable.
2) Maintain the status quo. Allow SHA1 to continue to be used. This keeps poor people who can't afford to replace their very low end hardware able to access the internet. Eventually, we'll discover that someone, either an entity that owns super computers; or that runs botnets with supercomputer scale compute capacity is breaking SHA1 for malicious purposes. In this case, the abrupt, disorderly shutdown that occurs when the major players all pull the plug in SHA1 immediately after the disclosure will be messy and spread the harm across most than just people who'd lose any secure internet access. Don't forget that the negotiations to pick the crypto mode for HTTPS/etc are of necessity done in the clear; if SHA1 is available everyone is vulnerable to a MITM downgrade attack. You, I, and everyone living in Oppressistan where the secret police control all the border routers connecting their country to the internet.
3) Pull the plug for most people but offer a fallback for when they encounter people who can't do SHA256. This is Facebooks proposal. The problem is that the same entities who'd break SHA1 and abuse it in scenario 2 would still be able to do so by conducting a man in the middle downgrade attack; meaning that like 2 it leaves everyone vulnerable to attack including the people for whom the false sense of security it gives is *most* dangerous to.
Remove what's soon to be a false sense of security to some of the poorest people in the world and kick them off the secure web; or leave everyone vulnerable to having our secure communications compromised. Pick your poison. These choices all suck.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
|
Support for Apple's Mac hardware continues to climb. ((Looks to the right.)) ((Looks to the left.)) Not around here.
|
|
|
|
|
One have to praise Apple marketing machine - you got to be very good to convince people to pay 2-3 times as much for comparable hw/sw.
|
|
|
|
|
That must be the worst bit of technical reporting I've ever seen. Blatantly untrue.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
I can see more and more Mac's at places with high visibility (like the reception) just to make a "good" impression on visitors.
Might depend on your definition of "office" ofcourse, but they are on the rise here.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
On the rise yes. Overtaking is overstating it a tad.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
In headline speech, "is overtaking" means "currently growing faster and I just linearly extrapolated it like I learned in 7th grade"
|
|
|
|
|
May also be influenced by locale. I see far too many Macs in places where one would simply expect a cash-register. I believe it is called a "POS" (a piece of dung) or something like that
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Kent Sharkey wrote: Not around here. They don't mean workplaces where actual work is done, they mean the backoffice.
Where looks and names are more important than actual production and adding value. Marketing is winning from thinking, that's the only way I can explain those Windows-machines that use a screen with a Mac-logo.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Remember folks, we are not normal people; we are Windows/PC persons.
I see a lot of Apple iMac and laptops outside of the development rooms; not just in graphic shops, but now in generic business, lot of them are using google docs and/or Office for Mac.
I'd rather be phishing!
|
|
|
|
|
Not around here either... thank goodness.
However, it does seem wherever I go there is one person in the office with a Mac. And you always see the LAN/IT admin walking away from their office muttering nasty words.
|
|
|
|
|
Mac's aren't bad, but I love my PC's. I don't see where all the startup get the money for that stuff anyway.
i cri evry tiem
|
|
|
|
|
Well, consider the company that did the survey:
"Since 2002, JAMF Software has been solely focused on helping organizations succeed with Apple. JAMF is committed to enabling IT to empower end users and
bring the legendary Apple experience to businesses, education, and government organizations via its Casper Suite and Bushel software, and the 26,000+
member JAMF Nation Community. Today, more than 6,000 global customers rely on JAMF to manage 5.2 million Apple devices."
Survey White Paper can be downloaded here (PDF): [^]
«I want to stay as close to the edge as I can without going over. Out on the edge you see all kinds of things you can't see from the center» Kurt Vonnegut.
|
|
|
|
|
Not exactly unbiased reporting, eh?
What do you get when you cross a joke with a rhetorical question?
The metaphorical solid rear-end expulsions have impacted the metaphorical motorized bladed rotating air movement mechanism.
Do questions with multiple question marks annoy you???
|
|
|
|
|
An organic mixed ion-electron conductor for power electronics A shocking document
Oh look, there's my coat.
|
|
|
|
|
Electrifying!
What do you get when you cross a joke with a rhetorical question?
The metaphorical solid rear-end expulsions have impacted the metaphorical motorized bladed rotating air movement mechanism.
Do questions with multiple question marks annoy you???
|
|
|
|
|
Can C# beat out C++ for speed of execution? If you asked me that question, I’d generally say “No.” But interested in testing the idea out, I recently took a program written in C++, converted it to C#, and compared the two. The C# version ran twice as fast—something I wasn’t expecting. "There are three kinds of lies: lies, damned lies, and statistics"
|
|
|
|
|
You would imagine that the whole .NET written in C/C++. They might use native API vs. std functions for some functionality or the other. Would be nice to know why wouldn't they roll it in into the C/C++ libs.
|
|
|
|
|
As much of the .NET Framework is probably written in C++ (certainly the earlier parts before they moved over to C#) you would expect a similar performance.
You would surely need to adjust for hardware to be a fair test. As C++ was developed to run on early Windows hardware, it was optimised for that platform. Likewise, C# was developed to run on modern Windows hardware and so is optimised for that platform.
"There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult." - C.A.R. Hoare
Home | LinkedIn | Google+ | Twitter
|
|
|
|
|
"As C++ was developed to run on early Windows hardware, it was optimised for that platform."
I question the validity of that statement, further it is not like C++ compilers haven't been continually developed since its inception.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
The .NET Framework consists of assemblies, which AFAIK can't contain native code, but they do make calls into the OS and native dll's.
Wout
|
|
|
|
|
They can be mixed, as for example C++/CLI ones often are, but AFAIK the framework doesn't use that.
|
|
|
|
|
|
Aren't they working on making C++ slower?
|
|
|
|