Why American software is junk and why it matters

35 posts, 11 voices

Pages: 1 2

Dec 14, 2019 12:23am Fred Smith (8327) 12 posts	It says that Windows embedded needs 2GB here Really? “While an OEM-only version of Windows XP for 64-bit was released, these Windows XP Embedded products are all 32-bit for x86 only. The minimum requirements were 128 MB of storage and 256 MB of RAM.” A classic RISC OS 5 installation will need at least 64 MB RAM and 83.7 MB of disc space. XPe provides much more functionalities (including PMT, full Unicode support, a web browser, Wifi support and a RDP client). So it’s probably not so bad under the same perimeter. Really? That’s funny mine is 22megs including the self-extracting archive and the ROM and RPCEMU. There is no correlation between code size and security. You can easily have a small tight piece of software that is worse than a hulking monster if the small one gets its lean size because it doesn’t bother to validate inputs, sanitise things, and include protections to try to reduce potential attack vectors. Dealing with potential problems adds code. Correct on all points. Nope. Removing protections is not the same as getting rid of bugs is it? https://www.onr.navy.mil/en/Media-Center/Press-Releases/2016/Software-Bloat.aspx Even the US military acknowledge as much They criticise the bloat, not the size. Bloat by the nature of the term refers to size I.e something is bloated in that it’s large Hence why many people go on about Microsoft bloatware, ie the size. I can find another refernce to this. It’s called Wirth’s law https://www.techrepublic.com/article/bloatware-as-a-security-risk-researchers-innovative-ways-to-combat-the-scourge/ We get it you are a RISCOS developer who does not like RISCOS and who pours cold water on any suggestion of improvements. Troll point. Er how? It’s perfectly possible to be a fan of something and not to think its very good. I like watching bad scifi and pouring scorn on it. Graham Norton likes presenting Eurovision and pouring scorn on it and people enjoy watching it. But at the same time, to be frank, a certain negativity towards innovation explains why British industry, such as it is, is the way it is. It explains why the computer, the APT and several other British invention were developed abroad in that people pour cold water on innovation. It even exists amongst engineers and the like. And a particular instance of the “It can’t be done/It’s too expensive/Why go to all this effort” syndrome can be seen with attitudes towards the privatisation of British Telecom. If the above isn’t true can you name me one large British owned international IT company? You didn’t. You made fun of Greta Thunberg and said that it was normal for there to be waste because of capitalism Another. Goodbye. Only partly true in that I misread that section. Apologies Here is what else he said It’s called capitalism. They exist to sell you stuff. If they can’t sell, they go bust. It’s not moronic, it is just how it works. So he is stating that it is normal for there to be waste through the unnecessary encouragement of upgrades. Thank you. IF we are talking about trolling. Not that I take offence 1) People are I think rather fed up with the whole culture of people going “That’s offensive” when something isn’t and this is partly the reason why I think people in the end voted for the conservatives. 2) If we are talking about “trolling” and if one sets that as a baseline (and again I don’t take offense) look at the following Are you… even old enough to be considered a teenager? Surely nobody with a double-digit age could write something so utterly naive

Dec 14, 2019 2:05am Rick Murray (539) 13851 posts	Even the US military acknowledge as much They acknowledge that recycling code and using large general purpose libraries adds bloat and potential security issues. They don’t talk much about actual size, of how big something should be. Only the ought-to-be-obvious implication that bunging a big library into your code in order to use a function or two is… Not good. Therefore it follows with elegant inevitability that in 100 lines of code you can find 10 bugs It doesn’t even remotely follow. There’s no celestial bug quota that must be maintained, it’s not like “oop, we’ve done nine lines of good code, gotta screw up the next one then”. Should I preclude the average person from participating. The “average person” probably uses one of your beloved American systems, doesn’t know this discussion even exists, and wouldn’t care if they did. of what amounts to er um pedantry within the context which I have set of simplicity You want to talk about enhancing the platform. Rather than, oh I dunno, “how can we get Bluetooth working” you’re all “let’s patch up the leaky bits AND TAKE OVER THE WORLD”. Sooner or later reality will need a look in. Don’t change things. Don’t come up with anything different [blah blah blah whinge whinge whinge – snipped] Two golden bits of advice: Know thyself, and Know your enemy. In other words, understand carefully your strengths and weaknesses, then understand the strengths and weaknesses of the enemy. If you are RISC OS and the enemy is Windows… I don’t think even Sun Tzu could come up with an analogy on which that battle is won. He might prefer to be post meta and quote WOPR – the only winning move is not to play. I state that Americans tend to like things which are large and by extension of that you infer that I am stating that it follows that one can state that English people tend to be Brexit-loving foot-shooting xenophobic racist pillocks. Actually you were talking about how much the bombs cost and “stereotypes”. Which is what I was referring to. Stereotyping. But, you know what? Sure, fine. You took my “bug in ten lines of code”, completely missed the point, and ran with it for all it was worth. So Linux is the same size as Windows and does the same things. Jolly good Linux and Windows do similar things. They are of completely different internal architecture, even different kernel paradigm. And no, they don’t do the same things. Unless Windows is somehow capable of running stuff like web servers in the background as a command line non-UI process, and can have its window manager changed for a different one… So it needs a FS check if it runs from ROM? You ask that as if the concept of user data, that the user trusts the system to keep, is of little consequence to you. The purpose of the filesystem check is not to check the OS (that ought to be a simple checksum at initial boot), it’s to check the media on behalf of the user. and who pours cold water on any suggestion of improvements. Yeah yeah. Whatever. I’m still waiting for one single solid suggestion of an achievable improvement. Have you heard of RISC OS Developments? Have you looked at the bounty page? Those are improvements. Those are realistic proposals. Not some over simplified “updates” and it’s going to be great. You made fun of Greta Thunberg Actually I pointed out that if somebody is going to lecture me on the environment, it’s going to be her, not you. Because right now she has a lot of credibility. and said that it was normal for there to be waste because of capitalism I said it was normal for there to be waste when tech is considered a disposable commodity. One doesn’t fix, one… Oh sod it, I’m not going over this three times Here is how to make a feasibility study involving finance What an awful lot of pointless blather in that thing you linked to. Point one in any feasibility study – have a concrete realistic idea of what needs done. Not wishy washy “improvements” but actual solid “this, this, and this”. Point two – have a good estimate of how much code is likely to be involved. Then double that estimate. Point three – how long will it take? what resources will be required? Then, and ONLY THEN can you start talking about money. If you haven’t done the first three things, then the 3-5 million is essentially a figure plucked from your posterior quarter. Heard of Aemulor? Yes. And it improves security how? So type 1 supervisors are not secure then or at least as secure as it gets? Maybe if you stuck to a proper definition of what an operating system is, you would understand why I said the hypervisor was irrelevant. I’m not going to explain this again, read what I wrote and pay attention to the part in italics. Actually the point is the less code you have the less bugs and the less security flaws So why aren’t you using a BBC Micro? Full, vectorable OS in a 16K ROM. BASIC with built in assembler, also in ROM. Best damn 8 bit firmware ever written, if you ask me. Everything else pales in comparison. Especially the Spectrum. I use an alternative which works You have a browser that never crashes? Which? I’m sure we’d all like to use it. Why support it? It’s used on less than 10% of the world’s computers Because other stuff has licenced the ability to work with AirPrint and, suddenly, this stuff just works… And size of code does matter to google Oh, I don’t give a flying flamingo what Google thinks. I’m not going to take advice on web site design from a company that provides a pleasantly simple looking search page that is hiding nearly a MEGABYTE of scripting and other rubbish. Google got popular way back when because AltaVista was a bloated mess with annoying highlighted adverts. Isn’t hindsight ironic? Google do what Google want and everybody is expected to STFU and pay attention. Nope. Removing protections is not the same as getting rid of bugs is it? Actually, we were talking about adding protections, which by your thinking would add lots of bugs. Do, at least, attempt to pay attention instead of cherry picking random bits. Bloat by the nature of the term refers to size I.e something is bloated in that it’s large Bloat, as in swollen. Not referring to size, referring to abnormal size. The RISC OS character map running in at under 64K is good. But if it was 3MiB and contained features like “print a character set reference”, then that would be bloat. It’s called Wirth’s law You do realise that Wirth’s Law is a parody mocking Moore’s Law? So he is stating that it is normal for there to be waste through the unnecessary encouragement of upgrades. That is a conclusion you have jumped to be correlating two different sentences. As it happens I agree with the general principle, but “capitalism equals waste” isn’t something that I outright stated. Anyway, all of this aside, still waiting for a solid realistic proposal of additions and enhancements.

Dec 14, 2019 11:41am John McCartney (426) 148 posts	This is getting to be as tedious as the election. It’s all just naysaying without achieving anything useful.

Dec 14, 2019 3:07pm Fred Smith (8327) 12 posts	Even the US military acknowledge as much They acknowledge that recycling code and using large general purpose libraries adds bloat and potential security issues. Bloat is the same thing as size. If something is bloated, it is large is it not? And that’s just one example The ONR is collaborating with security researchers Dr. Dinghao Wu at Pennsylvania State University and Dr. Harry Xu at the University of California, Irvine to address security issues caused by software bloat. “A bloated software system contains a larger code base that could lead to more vulnerabilities and greater entry platforms for hackers and cyber terrorists,” mentions Wu in the ONR press release. “After gaining access to a system, a hacker can use the code—even unused, older code—for malicious purposes.” I can probably find other examples. As you can see it does refer to size Therefore it follows with elegant inevitability that in 100 lines of code you can find 10 bugs It doesn’t even remotely follow. There’s no celestial bug quota that must be maintained, it’s not like “oop, we’ve done nine lines of good code, gotta screw up the next one then” Well er um yes it does lol. It’s simple mathematics You stated that “you can find a bug in any 10 lines of code” Therefore in 100 lines of code, you will find be 10 bugs because if you multiply 10 by 10 you get 100 Should I preclude the average person from participating. The “average person” probably uses one of your beloved American systems, doesn’t know this discussion even exists, and wouldn’t care if they did Does it matter if I put things in layman’s terms? I mean really? I’m a returnee, as it were, expressing an interest in RISCOS and I am talking to well someone who simply does not know how to argue but who chooses to argue nonetheless and who is needlessly rude. Others seem to have sensible points about code size versus code efficiency. I occasionally make jokes about how people may treat RISCOS in the same manner as Eurovision What am I or indeed anyone else meant to think. I dunno whether anyone else agrees that it is not a good policy for RISCOSopen to drive away potential interest. Who knows, I could be a potential investor and you could be putting me off or indeed any potential investor who is watching. If I was an investor, I certainly would take pains to develop my own version elsewhere and not to bother here. Allowing this sort of thing would help to explain why RISCOS is not as successful as it might be. Don’t change things. Don’t come up with anything different [blah blah blah whinge whinge whinge – snipped] You do make me laugh. No really The Uk is doing well with brexit isn’t it and its industrial policy isn’t it? Let’s call people who point out that the UK… 1) Does not have any large IT companies, Where is the future economic prosperity going to come from? Finance? 2) Allowed America to develop its invention, the computer and to develop an industry on the basis of that invention and moreover did as much with other inventions such as the advanced passenger train 3) Has a large national debt which is supported by low interests rates …“Whingers” I state that Americans tend to like things which are large and by extension of that you infer that I am stating that it follows that one can state that English people tend to be Brexit-loving foot-shooting xenophobic racist pillocks. Actually you were talking about how much the bombs cost and “stereotypes”. Which is what I was referring to. Stereotyping. Yes and its what they do in market research. X country tends to like X If I say that in China they tend to like Sherlock Holmes whereas in Bhutan they don’t, you call that “stereotyping” In America they tend to prefer cars to high speed rail for example. And so on and so forth But, you know what? Sure, fine. You took my “bug in ten lines of code”, completely missed the point, and ran with it for all it was worth. See point one and who pours cold water on any suggestion of improvements. Yeah yeah. Whatever. I’m still waiting for one single solid suggestion of an achievable improvement. “Realistic” is often a word used in that context. Let’s be “realistic” when the person is pouring cold water on new ideas. https://www.youtube.com/watch?v=kYfNvmF0Bqw and said that it was normal for there to be waste because of capitalism I said it was normal for there to be waste when tech is considered a disposable commoditys , Yes and when one requires people to unecessarily upgrade this makes the problem worse Here is how to make a feasibility study involving finance What an awful lot of pointless blather in that thing you linked to. You said feasibility does not refer to finance, It’s called a correction. I reali<e you might think that using this is “blather” If you haven’t done the first three things, then the 3-5 million is essentially a figure plucked from your posterior quarter 3-5 million. A team of 100 to 166 people at an average salary of 30k working full time for a year. Seems reasonable. Seems more than reasonable. <blockquote< Heard of Aemulor? Yes. And it improves security how? You were talking about compatibility not security. Two different things So type 1 supervisors are not secure then or at least as secure as it gets? Maybe if you stuck to a proper definition of what an operating system is, you would understand why I said the hypervisor was irrelevant. But it isn’t because it affords extra security. Hence why if I use a VPS, that VPS will be isolated from the other VPS because the server upon which it runs uses a hypervisor <blcockquote Actually the point is the less code you have the less bugs and the less security flaws So why aren’t you using a BBC Micro? Full, vectorable OS in a 16K ROM. BASIC with built in assembler, also in ROM. Best damn 8 bit firmware ever written, if you ask me. Everything else pales in comparison. Especially the Spectrum Because it doesn’t have a GUI. Next Why support it? It’s used on less than 10% of the world’s computers Because other stuff has licenced the ability to work with AirPrint and, suddenly, this stuff just works… What’s wrong with wifi? And size of code does matter to google Oh, I don’t give a flying flamingo what Google thinks. I’m not going to take advice on web site design from a company that provides a pleasantly simple looking search page that is hiding nearly a MEGABYTE of scripting and other rubbish. Well it is kind of important given that they own the search engine market if you run a business in the west. Nope. Removing protections is not the same as getting rid of bugs is it? Actually, we were talking about adding protections, which by your thinking would add lots of bugs. Nope, you were stating that in cases where one removes protection, the smaller code size makes it less secuıre which is er um kind of obvious. I was referring to large code size in general and to bloat. Code is not large because it is more secure Do, at least, attempt to pay attention instead of cherry picking random bits I think we’ll put that down to psychological projection :) No offense Bloat by the nature of the term refers to size I.e something is bloated in that it’s large Bloat, as in swollen. Not referring to size, referring to abnormal size. If something is swollen, it refers to size It refers to something which is overly large in other words, it refers to size. It’s called Wirth’s law You do realise that Wirth’s Law is a parody mocking Moore’s Law? I don’t wish to be rude but it does seem that you are here to point-score and to argue and are stating things which are not true.. It is also referred to as Page’s law https://developers.slashdot.org/story/09/06/01/1232206/Can-Pages-Law-Be-Broken?from=rss https://en.wikipedia.org/wiki/Wirth%27s_law https://www.techopedia.com/definition/24381/wirths-law If it was “a parody” then google would hardly be thinking of putting a marker on sites which load slowly because of amongst other things code size So he is stating that it is normal for there to be waste through the unnecessary encouragement of upgrades. That is a conclusion you have jumped to be correlating two different sentences. As it happens I agree with the general principle, but “capitalism equals waste” isn’t something that I outright stated. It’s called “being implied” If you are encouraged to upgrade when it is not necessary, that means waste Anyway, all of this aside, still waiting for a solid realistic proposal of additions and enhancements. That’s not the point of my little “Janet and John“ essay

Dec 14, 2019 4:38pm Rick Murray (539) 13851 posts	You said feasibility does not refer to finance, No, I absolutely did not. I said that prior to talking about finance and money, you need to know what exactly needs to be done. Let’s ignore RISC OS for a moment and work with this: A team of 100 to 166 people at an average salary of 30k working full time for a year. Three million. Well, I can see where you get that figure from. It’s your 100 employees at 30K a year. Or 2.5K a month. You do understand, this is about as ridiculously simplistic as your “10 bugs in 100 lines” calculations. For starters, employers pay for employees. I make about half of what you’re offering (so it must be a rubbish wage you’re offering considering what I do for a living), yet oddly enough it costs my employer just shy of 2K/month between what they pay me and what they pay as their part of the various contributions. Now, where are you going to put your 100 employees? Even if you find a ready made empty building, it will need furnishing and such. Then there are the resources. Hardware, comms, staff canteen, all the necessary fire extinguishers, electricity bill… That’s just for starters. It is imperative to understand WHAT IS NECESSARY before talking about money. Any talk of throwing finance at ill defined ideas…that’s what Kickstarter is for. Anyway, all of this aside, still waiting for a solid realistic proposal of additions and enhancements. That’s not the point of my little “Janet and John“ essay Uh… Huh? So let me see if I understand this correctly. You talk about how RISC OS needs updating and how American software is just bad. You then consider that I am potentially driving away investors¹ when I point out that RISC OS is not going to become The Next Best Thing², and when I ask you for an actual viable proposal of something that needs updated that we could begin to work with you on how/why/when, you say that it wasn’t the point of your essay. Well what was the point….. …actually, you know what? I have many better things to be doing than wasting my time with yet another troll. *Goodbye.* ¹ I know you are not an investor, because investors will be talking to ROOL Ltd or ROD Ltd and not wasting their time on a forum or giving the slightest inkling of a crap about what some random prat thinks. ² It’s been around since ’86. Thirty three years. We actually predate people even using Windows. If it was going to happen, it already would have. Not cold water, just cold hard reality.

Dec 14, 2019 5:14pm Fred Smith (8327) 12 posts	You said feasibility does not refer to finance, No, I absolutely did not. I said that prior to talking about finance and money, you need to know what exactly needs to be done. Yes I neglected to include the word only. A slight oversight which unlike some I admit but then the other consideration can be guessed at at an initial estimate. You will understand (and I can be guilty of this sometimes) that you do stray off the point somewhat. Let’s ignore RISC OS for a moment and work with this: A team of 100 to 166 people at an average salary of 30k working full time for a year. Three million. Well, I can see where you get that figure from. It’s your 100 employees at 30K a year. Or 2.5K a month. You do understand, this is about as ridiculously simplistic as your “10 bugs in 100 lines” calculations. No the 10 bugs in 100 lines is from your statetement lol This is how initial business plans are carried out when for example you are applying to work at a startup and to secure a visa. I know because that’s how I did it. Now, where are you going to put your 100 employees? Even if you find a ready made empty building, it will need furnishing and such. Then there are the resources. Hardware, comms, staff canteen, all the necessary fire extinguishers, electricity bill… That’s just for starters. Ok rent of 100k at the most.. So slightly incorrect but then I said between 100k and 166k employees so such errors are encompassed. Pss. Do you know that startups include such things for a monthly fee. Anyway, all of this aside, still waiting for a solid realistic proposal of additions and enhancements. That’s not the point of my little “Janet and John“ essay Uh… Huh? Try reading the title. It might help lol So let me see if I understand this correctly. You talk about how RISC OS needs updating and how American software is just bad. You then consider that I am potentially driving away investors1 when I point out that RISC OS is not going to become The Next Best Thing2, and when I ask you for an actual viable proposal of something that needs updated that we could begin to work with you on how/why/when, you say that it wasn’t the point of your essay. No, The title is “Why American software is junk” The title is not “Here is my business plan for RISCOS” …actually, you know what? I have many better things to be doing than wasting my time with yet another troll. Goodbye Again I’m afraid to state that this is projection. I have in no way demeaned you apart from suggesting that you are perhaps a bit rude (which can be productive in certain circumstances but perhaps not here) and perhaps someone who considers RISCOS in the same way as others consider Eurovision which is fine But anyway, its been revelatory I know you are not an investor, because investors will be talking to ROOL Ltd or ROD Ltd and not wasting their time on a forum or giving the slightest inkling of a crap about what some random prat thinks. It’s a) open source so one does not have to b) One might be trying to discuss some technical details. c) I don’t care but others will do. d) I do have a business and am considering the possibility.. It’s been around since ’86. Thirty three years. We actually predate people even using Windows. If it was going to happen, it already would have. Not cold water, just cold hard reality. So had the concepts for television, AI and so on. https://www.britannica.com/technology/artificial-intelligence/Alan-Turing-and-the-beginning-of-AI Not cold water, just cold hard reality I bet RISCOS developments, cloverteam and so on must really love you :)

Dec 14, 2019 6:01pm Steve Pampling (1551) 8172 posts	I really should have said this straight after the first post. Wrong forum. Try Aldershot Obscure reasons for the forum name, but perfect fit for this mega-stream of text. b) One might be trying to discuss some technical details. I’ve seen no evidence of that, hence the suggestion of Aldershot.

Dec 14, 2019 6:13pm Fred Smith (8327) 12 posts	Well one might go onto that but as you can see I did not get past the basics. Anyway shall take a look. Thanks Was interesting

Dec 14, 2019 6:20pm Andy S (2979) 504 posts	No, The title is “Why American software is junk” The title is not “Here is my business plan for RISCOS” Hi. If you don’t have something specific to contribute or discuss regarding RISC OS and just want to talk more generally about software bloat, I’d suggest that this thread should be in the Aldershot section of the forum. [Edit: Oops, Steve beat me to it :)] That’s what it’s there for. So far you haven’t suggested any specific ideas for RISC OS with sufficient detail for anyone to work with. We all want RISC OS to improve and gain more useful, up-to-date features whilst remaining efficient and fast. Where feasible, improvements in security are desirable too. ROOL Ltd and ROD Ltd already have a roadmap for this and ROD are already paying developers. This is quite a small community so the number of developers available with knowledge and experience of RISC OS is currently limited and many of them have other jobs so limited time to devote to RISC OS as well. It’s therefore of questionable use to just suggest that you can throw millions of pounds at the project and guarantee minimal bugs, perfect security and exactly all the modern features that you want, although if you want to help the continued development of RISC OS you could consider making a donation to the bounties on this site or to RISC OS Developments Ltd. No the 10 bugs in 100 lines is from your statetement lol As has already been covered, you’re making an oversimplification. Sure, on average over the lifetime of a programmer, the more code they write, the more bugs they will write too. The correlation is not as direct as you’re making out though, because the potential for bugs will vary across different styles of code within one project as well as things like code verbosity and the checks that the compiler performs. I could write code that is nothing more than hundreds of function calls with no parameters and provided the function names are not easily confused that code itself could have a high probability of being completely bug free. So code complexity can increase the risk of bugs occurring. Note also that the number of lines of code won’t directly determine the size of the executable because it depends on the compiler and its optimizations.

Dec 14, 2019 7:12pm Fred Smith (8327) 12 posts	Hi. If you don’t have something specific to contribute or discuss regarding RISC OS and just want to talk more generally about software bloat, I’d suggest that this thread should be in the Aldershot section of the forum. [Edit: Oops, Steve beat me to it :)] That’s what it’s there for. So far you haven’t suggested any specific ideas for RISC OS with sufficient detail for anyone to work with. We all want RISC OS to improve and gain more useful, up-to-date features whilst remaining efficient and fast. Where feasible, improvements in security are desirable too. ROOL Ltd and ROD Ltd already have a roadmap for this and ROD are already paying developers. This is quite a small community so the number of developers available with knowledge and experience of RISC OS is currently limited and many of them have other jobs so limited time to devote to RISC OS as well. It’s therefore of questionable use to just suggest that you can throw millions of pounds at the project and guarantee minimal bugs, perfect security and exactly all the modern features that you want, although if you want to help the continued development of RISC OS you could consider making a donation to the bounties on this site or to RISC OS Developments Ltd. Yes wrong forum perhaps. Sorry. Although, whilst only relatively few people might as you state be familiar with RISCOS, that does not preclude the possibility that others within a very short space of time, being familiar with ARM assembly and indeed C, might become familiar with RISCOS and might be able to contribute, does it? Or perhaps I am wrong. For what it’s worth having no knowledge of programming, I learnt BASIC in a week a language which I reali<e is an order of magnitude simpler than ARM assembler, so there are bound to be others. Moreover if that were the case, it would not preclude the possibility of investment. No the 10 bugs in 100 lines is from your statetement lol As has already been covered, you’re making an oversimplification. Sure, on average over the lifetime of a programmer, the more code they write, the more bugs they will write too. The correlation is not as direct as you’re making out though, because the potential for bugs will vary across different styles of code within one project as well as things like code verbosity and the checks that the compiler performs. I could write code that is nothing more than hundreds of function calls with no parameters and provided the function names are not easily confused that code itself could have a high probability of being completely bug free. So code complexity can increase the risk of bugs occurring. Note also that the number of lines of code won’t directly determine the size of the executable because it depends on the compiler and its optimizations. No that was his oversimplification lol. And yeah I get the point. It’s not linear.