programming

FCC releases final proposal to end net neutrality

FCC releases final proposal to end net neutrality

And in a fun twist, the commission also intends to prevent states from passing their own net neutrality laws. Allowing states to implement their own rules, the commission says, “could pose an obstacle to or place an undue burden” on the delivery of broadband service.

State's rights?

Not programming, but I think every sane programmer cares deeply about this.

Every sane person should care deeply about this horseshit.

This country is going to shit so quickly it's almost entertaining to watch.

How type differs from class? Programmer Dictionary article: Class vs Type vs Object.

How type differs from class? Programmer Dictionary article: Class vs Type vs Object.

The Box is a class, while Box<Int>, Box<A>, Box<List<String>> are types generated by generic class Box.

The term is type constructor or function of kind Type -> Type, bro.

Virtually any language that does first class types has no notion of subtyping.

Typed Racket is a known counter example where the type Type is really nothing more than Top -> Bool, as in any function that can take any value and return true or false also known as a predicate in Scheme-lingo and yeah you can in theory subtype that type. In theory the type of Top -> (Unique #t) would be a subtype of that. Any function that can consume any value and always returns true since Bool is defined as the union of Unique #t and Unique #f.

Note that Haskell and Scala and other languages with type constructors and higher-kinded type constructors do not have first class types. Idris however does but has no notion of subtyping that I know of.

The difference between object and class should be intuitive to most programmers

And the solution is trivial.

You are right, but generic class is also correct term in JVM and in Kotlin and I am trying to minimize number of introduced terms. https://docs.oracle.com/javase/tutorial/java/generics/types.html

EtherDFS - The Ethernet DOS File System

EtherDFS - The Ethernet DOS File System

Wondering about using EtherDFS on a no-NIC computer, using its LPT port?

Uh, no, I wasn't, why would anyone...

Read this article I posted on my gopher.

[checks calendar to confirm current year]

I prefer true cloud storage

jokes on them, I have a Xircom Pocket Ethernet Adapter.

It's an ethernet adapter that plugs into the parallel port.

(I've also got a Wifi232, which plugs into the serial port and acts like a modem, so you can "dial" telnet, but that's newer and cheating)

Are you the author?

Does this support file/record locks?

I think the program uses the DOS call AX= 5C00/5C01h / INT 21

.... I know of a group of stalwart individuals still using a DOS based business management solution, not willing to retrain. They're old they're happy, It works fine for them... yes it's "Y2K compliant". (haha haven't had to say that in many years)

I can't say I WANT to use this for them, or whatever... I can't say that I would... It just piqued my curiosity and I felt I should ask.... I don't even know why I'm asking... Probably for the same reasons you wrote it... "what if"

How to Solve Any Dynamic Programming Problem.

How to Solve Any Dynamic Programming Problem.

Clickbait articles 101

@ Shows magical way to solve any dynamic programming problem

@ Demonstrates it on easiest dynamic programming problem possible which every person already knows how to solve

Next up, How To Solve Any Problem:

Write down the problem Think really hard about it Write down the solution

The biggest problem is the naming. "Dynamic programming" is one of the worst names in history of computer science, it vastly confuses new to the topic.

So we are just learning heuristics, tricks etc for getting through interviews. Lovely hell we made for ourselves.

cURL's author is awarded with the Polhemspriset award.

cURL's author is awarded with the Polhemspriset award.

Someone actually did this? It feels like giving an award to the person who created wood or wind. The things we take for granted... Congratulations

His blog post is incredibly humble, he seems like a great person. Congratulations to him!

I kept seeing posthumously in the title. Glad he's still with us.

So deserved. Props to the jury for picking such a low-profile, yet so important part of the solutions all around us.

KRACK Attacks: Breaking WPA2

KRACK Attacks: Breaking WPA2

So, in short:

No, it's not the death of WPA2. It can be fixed in a backward-compatible way. The main attack is a client vulnerability so you won't need a new router to be safe.

Everyone, put down your pitchforks, calm down, and apt upgrade at your earliest convenience.

Distribution security updates:

Archlinux: https://git.archlinux.org/svntogit/packages.git/log/trunk?h=packages/wpa_supplicant Debian: https://lists.debian.org/debian-security-announce/2017/msg00261.html

Until we have legislation that treats this as gross negligence

Yeah. No thanks. I don't want to have to maintain 100 old products just to avoid getting sued.

A poor analogy would be... Yale should be held accountable because their 20yo lock on an old Rolls Royce is no longer secure because a device made in 2010 could wiggle it open in 5 seconds. Information which only surfaced in 2017.

For sake of argument let's say WPA2 is broken. How can android vendors be held responsible for those using out-dated devices? Sure there's the case where someone has a 5yo phone and vendor no longer produces updates for it, but isn't that just tough? You can't expect every company be liable for everything that could possibly go wrong indefinitely. Almost any crypto will be broken in the future anyway, with fast enough computational methods... so the point is kinda moot.

The problem is the hundreds of millions of devices that will never get patches. Android phone, smart home gadgets, TV sets, cars, …

Until we have legislation that treats this as gross negligence, this will only continue to rise as a problem.

When EOL in the Android world is 2 years, that's an Android problem.

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Not just eavesdropping:

The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others.

Basically WPA is just as 'bad' as WEP now.

These are the CVE-2017-identifiers registered for the exploits 13077, 13078, 13079, 13080, 13081, 13082, 13084, 13086, 13087, 13088. Yes. 10 of them.

It looks like this is actually a pretty big deal. WPA-2 is vulnerable at the protocol level so it doesn't really matter if you use WPA Enterprise; it's just as vulnerable.

So yeah. "Oops" describes this mess pretty well. If anything this shows the importance of end-to-end encryption and that now in 2017 there is no excuse at all anymore to not offer https to your customers.

Edit: Fortunately it can also be patched client-side so the world isn't coming to an end just yet (thanks /u/Chee5e)

Whenever this happens (like with heartbleed), I always wonder how long someone else has known and taken advantage of it.

Will be interesting to see the complexity required to perform this attack. A hole this wide in WPA2 would have serious security ramifications for almost all of us who connect to home and many commercial WiFi routers.

Whenever this happens (like with heartbleed), I always wonder how long someone else has known and taken advantage of it.

Given the vast amount of mathematicians & security researchers employed by the NSA, it's hard to imagine they haven't known it for quite some time.

The same probably applies to russian & chinese agencies...

Announcing Rust 1.21

Announcing Rust 1.21

Is there anything more certain in life than trolls showing up in a post even only tangentially related to Mozilla on reddit?

Shamelessly repasting my HN comment:

For those curious about getting involved with Rust, note that right now is an ideal time. :) This last quarter of the year is reserved for "the impl period", a collection of all-out heads-down sprints designed to make sure that none of the remaining milestones from our 2017 roadmap get left behind. There are currently 37 working groups in a variety of disciplines, some more involved than others and some more popular than others, but mentorship is offered to all who'd like to contribute!

See our most recent newsletter for the impl period here: https://internals.rust-lang.org/t/the-impl-period-newsletter-2/6034

Don't feed the troll.

What does |i| mean?

This is a closure that takes one argument. This syntax is similar to Ruby and Smalltalk.

What the heck is move in this context ? Is it a parameter, function or variable ? It's not defined in there code snippet.

By default, closures infer how their ownership should work; move overrides this and says "take all things in the closure by value".

Why does println have a ! ?

It is a macro, and all macros have a ! when invoked. It's a macro because, among other things, it typechecks the format string at compile time.

not sure where to start with that ... you loop though 0 to 100, doing something... then do another loop?

These are called "iterators" and "iterator adapters"; this says, roughly, "for every number from 0 to 100, add one to it, then only keep the ones that are even, and then print those ones out".

I'm guessing that is some type of generic, not sure what it means though, lol.

Yes, this is generic syntax.

Rust's string type is named str ?

The primitive string type is str, yes. There's actually another blog post on proggit right now explaining more about strings: https://www.reddit.com/sub/programming/comments/75yr03/rust_str_vs_string/

What is a trait?

Traits allow you to define behaviors on data, and then write functions that act generically over things that implement a trait. They're sort of like interfaces, if you've used a language with those.

What is a truple?

Tuples are a heterogenious collection type. (i32, &str, f32) would be a tuple with three elements, the first being an integer, the second a string, the third a floating point number. They can vary from zero elements '()' to as many as you feel like typing out.

Try one of these subthreads