It seems that you (like a great number of other people) assume that an ordinary person without special skills cannot comprehend what some code does once it is compiled. But that assumption is fortunately wrong. It is easier than you think to learn to read disassembly of machine code. It would be much easier to read higher level bytecode such as Android VM's smali.
So don't fear compilation. What is truly worrying is any attempt to restrict access to code that is run by a computer. Even a highly skilled reverse engineer cannot do anything if there is no way to access code.
Even though my intuition tells me that I should support neurodiversity my reasoning keeps failing to justify it without introducing "diversity is unconditionally good" as an axiom. I find it difficult to add it to the list of axioms I support because it seems like hypocrasy to endorse diversity considering the history of humans.
Almost every human has the ability to learn and speak language, which is unique to mankind. (What media often reports as an animal language is not a language in that it doesn't have recursion -- the ability to handle it is, Chomsky and his supporters believe, unique to humans)
But shortly after language was born, in the very first stage of evolution of language, there must have been significant percentage of people who could not learn language. Where did they go? The answer is: they went extinct, failing to reproduce. And that's why we all can learn and speak language. The ancestors of us are those who could speak it. By making it difficult to reproduce for those who couldn't speak language, through the process of natural selection, we managed to build society where almost all of the members can speak it. Having autism in this era is analogous to being non-verbal in the early stage of humans.
With that said, endorsing diversity seems to be denial of evolution to me, denial of how we have come this far. It is by putting selection pressure on those who cannot adapt to society. And the sad reality is, you cannot stop it from happening. Autistic people will go extinct, even without the gene-editing technology, just like non-verbal people went extinct.
Once I tried to figure out how to parse complex C declarations just by reading the specification (http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf), that is, without consulting guides for layman like this. But I gave up. I looked at what seemed a BNF-like description of the C grammar but I had no idea what it tells about the parsing rules. So I ended up using this guide: http://ieng9.ucsd.edu/~cs30x/rt_lt.rule.html With this I managed to implement an imitation of cdecl.
It might be the right thing to do to torture, to add more pain to, someone who already feels so much pain that she attempts suicide, by some standard that I cannot comprehend. We might have to accept such a standard as the cost of diversity.
However it seems obvious to me that it is impossible for any sound-thinking person to argue that it is justifiable to obstruct suicide attempts. One of the values upon which capitalism society is based is the notion of private property, which entails that we have exclusive control of things we own. If it is justifiable to obstruct suicide attempts, that would imply that we do not own our bodies. Well, there's a name for such people: slaves.
It's just funny that it is still called "natural selection" even when the environment that selects individuals is created by nothing but ourselves. I think it'd be much more accurate to call it "social selection" because for humans the environment is not nature, but society.
With that in your mind, those of you who are clever might wonder: what is the fundamental difference between "social selection" and eugenics, which many consider morally wrong? My answer is: they are essentially the same thing. It's because if we define eugenics as society deciding who to reproduce and who not to, that's exactly what is happening now.
I meant HTTP but I have to admit it was not clear. What I had in my mind when I wrote that was there needs to be something that forces people to provide semantics of web pages. By which I mean HTTP is too liberal, allowing any kind of document including documents without semantic annotations to be transferred. Therefore I thought people would provide page semantics if HTTP required documents be annotated with semantics just like HTTP requires Content-Type be given.
Extracting machine-understandable meaning from web pages is much analogous to extracting text from images.
Fortunately, we usually don't need to process web pages using fancy yet hardly accurate algorithms in order to extract machine-readable text from web pages. Why? It's because we agreed to use character codes to codify letters and most of the time text is encoded using some character code, which makes it unnecessary to OCR pictures of hand-written letters to programatically process text from web pages.
These kinds of program wouldn't be needed if only the same thing had happened for page structures, if HTTP included page semantics.
You can read Wikipedia articles without letting them know which article you're reading by downloading the database dump of Wikipedia, which can be obtained at dumps.wikimedia.org.
Google developed SPDY, an efficient binary representation of HTTP messages. Maybe they will do the same thing but for HTML. It would be much more efficient if one could design a binary representation of HTML that can only express well-formed HTML.
It'd be great if it were implemented as a peer-to-peer protocol as it'd make taking the service down much more difficult.
EDIT:
Although making the service completely peer-to-peer might be impossible, it is possible to distribute articles in a peer-to-peer way. I'm considering an architecture which consists of a peer-to-peer network to share articles, and servers to download articles and put them on the network. In this architecture, even if all the servers got taken down at least the articles which have been shared would be accessible provided that the peer-to-peer network is alive.
I suppose not. I presume the way would be vulnerabilities in code handling untrusted data streams such as USB, Wi-Fi, or BlueTooth. Although the amount of time it takes might be getting longer, every major iOS update eventually has had jailbreaks, which implies for an organization with larger budget than jailbreak hackers would likely be able to discover 0-day vulnerabilities in iOS.
I quite agree. However I have seen a great many registration forms that only accept a short password. If passwords are handled properly there's no reason to limit password length because a password will get converted to a fixed-length string due to hashing before storing it to a database. So I suspect many people prefer storing passwords in plaintext.
I think Apple and all other tech companies that support it move as the FBI (or whoever controls the FBI) expected or wanted.
What was revealed a few years ago was the fact that big tech companies betrayed people's trust. So quite naturally they should attempt to regain that trust. Because if majority of people stop trusting tech companies and start using end-to-end encryption, use of encryption stops working as a signifier that indicates a higher likelihood that the user's doing something wrong. Thus it's crucial to keep ordinary people away from using encryption. In order to achieve this, it's important to make people trust big tech companies again.
In my opinion, this is what the writer of the plot of the dispute between the FBI and Apple thinks.
I think Daylight Saving Time is a bad idea in the same sense that (abusing) global variables is a bad idea in programming.
In programming, changing a global state in order to achieve something is almost always a bad practice because it affects everywhere and sometimes in unpredictable ways. Instead of abusing global states, we invented object-oriented programming, which I consider as a way to keep states locally (inside objects).
So if someone wants to save daylight, that should be achieved locally for example by changing school schedules.
> A sufficiently paranoid individual can only run code they wrote themselves.
I'd say that is not sufficient because even in this case you trust someone: the manufacturer of the CPU on which the code would run.
It might surprise some people but you can examine code of a piece of software to check whether it has a backdoor even if it is closed-source by reading disassembly. Surely it requires some skills and is a bit time-consuming but it's doable for an ordinary individual. Reverse engineering software is not as difficult as many think. And as a matter of fact, a large number of people are reading disassembly of widely-used software to find vulnerabilities to sell in black markets. So I think it's unlikely for Windows or iOS to have maliciously planted backdoors.
On the other hand, it's tremendously difficult to reverse engineer hardware especially CPUs for an individual without a large budget. So if I were them I'd choose CPU as a place to put a backdoor because virtually nobody reverse engineers a modern CPU and thus it'd be very unlikely to be found.
By the way, contemporary CPUs can update itself through microcode updates.
I had been doing this until some time ago to block ads and to prevent Google from collecting my web browsing history via Google Analytics. During the time I witnessed a strange phenomenon. Every time I added "127.0.0.1 www.google-analytics.com" to C:\Windows\System32\Drivers\etc\hosts. I saw the line removed from the file some hours later. Although I had added tens of lines I only saw the Google Analytics line removed. IIRC finally I decided to figure out whet caused the removal. I used Filemon to watch file changes, though the line got removed again while watching the file and nothing appeared on the log. I suspected Ring-0 processes were secretly running and causing the removal, but I knew nothing about the Windows kernel so I gave up here. I wonder what was the cause to this day.
What I don't understand about authentication over HTTPS is, though, why not making login a part of the protocol? Wouldn't it be much better to authenticate a user with a public key of the user like in SSH, instead of password authentication over the public key of the server? It'd be more resistant to attacks such as MITM or stealing the private key of the server. If a user can register a password on a website, why does it have to be a password rather than a public key? The only hindrance is the fact that the protocol doesn't support it.
I have no idea why this easy change hasn't been made in the protocol.
The author of Tree Style Tab has commented (in Japanese) on the change to deprecate add-ons making use of XUL. [1]
Roughly what he said might be summarized as follows (sorry if I misunderstood his intention): Tree Style Tab is useful because the add-on changes the behaviors of the tab globally. That way, it can cooperate with other tab-related add-ons whose authors didn't intend to make the add-ons work with TST. Therefore providing the Sidebar API doesn't help because you can't expect add-on authors to write code just to make add-ons work better with TST.
How naive it is to believe that Microsoft will obey these settings? It is very time-consuming to make sure if they fulfill the promise because that requires reading disassembly as Windows is closed-source. And, even if they were caught not following the settings they could use the word "bug" as an excuse.
Also, it should be emphasized that providing options to disable privacy-invasive features doesn't justify invading the privacy of the non-tech savvy people, who cannot disable privacy-invasive functionalities.
So don't fear compilation. What is truly worrying is any attempt to restrict access to code that is run by a computer. Even a highly skilled reverse engineer cannot do anything if there is no way to access code.