A C tutorial

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

OTOH, Acrobat Reader lets you copy/paste, generates excellent output
and is trivially easy to use.

Is the source code freely available, so that I can assure myself that the
program contains no malicious code?

On how much of the software you're currently using have you already
performed this check?

(a) Non sequitur. If the source is available then I can, if I wish, perform
this check. Whether I then choose to do so is entirely up to me.

(b) Even though it's a non sequitur, I'll answer it. I have performed this
check on /some/ of the software I use, but not all.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

jacob navia wrote:

But PDF is a widely used format,

Oh, I know, I know. That doesn't mean it necessarily /should/ be.

Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

As for the printed output, it looks pretty good from where I'm standing. If
your text printout quality is low, consider investing in a better printer.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Mark McIntyre wrote:

BTW I bet you a groat you don't scan most programs for malicious code,
so your argument is spurious.

I disagree that the argument is spurious. It's true that I don't scan most
programs for malicious code; I don't have to, because - since they're Open
Source - lots of people have done this already,

How do you know it? If everyone reasons like you, no one is actually
doing it :-) ^^

For the record, I often read the source code of Free Software, which
disproves that /no one/ is doing it. :)

Do you know what "if" means in English?

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Mark McIntyre wrote:

> BTW I bet you a groat you don't scan most programs for malicious code,
> so your argument is spurious.

I disagree that the argument is spurious. It's true that I don't scan most
programs for malicious code; I don't have to, because - since they're Open
Source - lots of people have done this already,

How do you know it? If everyone reasons like you, no one is actually
doing it :-) ^^

For the record, I often read the source code of Free Software, which
disproves that /no one/ is doing it. :)

Do you know what "if" means in English?

Suffice it to say that what I wrote contains no indication that I don't.
If you disagree, please be more elaborate.

Martin

In <c0**********@titan.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

OTOH, Acrobat Reader lets you copy/paste, generates excellent output
and is trivially easy to use.

Is the source code freely available, so that I can assure myself that the
program contains no malicious code?
On how much of the software you're currently using have you already
performed this check?

(a) Non sequitur. If the source is available then I can, if I wish, perform
this check. Whether I then choose to do so is entirely up to me.

Nope, it's not a non sequitur: if you don't perform such scans, the
ability to perform them becomes irrelevant.
(b) Even though it's a non sequitur, I'll answer it. I have performed this
check on /some/ of the software I use, but not all.

Therefore, you have no a priori reason to reject Acrobat Reader: you're
already using software you haven't scanned.

There is a nice paper by Ken Thompson, proving that such scans cannot
guarantee a lack of malicious code being included in the application,
unless you have assembled your own compiler. He had included a backdoor
in Unix via the C compiler and no matter how carefully you'd study the
source code of the C compiler, that you could use to rebuild the compiler
from the sources, you'd see nothing because there was nothing left in the
source code. The malicious code was inside the executable of the compiler
that was coming with the system and it would reproduce itself in the
binaries of the clean compiler you'd compile with that compiler.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

> OTOH, Acrobat Reader lets you copy/paste, generates excellent output
> and is trivially easy to use.

Is the source code freely available, so that I can assure myself that
the program contains no malicious code?

On how much of the software you're currently using have you already
performed this check?
(a) Non sequitur. If the source is available then I can, if I wish,
perform this check. Whether I then choose to do so is entirely up to me.

Nope, it's not a non sequitur: if you don't perform such scans, the
ability to perform them becomes irrelevant.

(b) Even though it's a non sequitur, I'll answer it. I have performed this
check on /some/ of the software I use, but not all.

Therefore, you have no a priori reason to reject Acrobat Reader:

Yes, I do.
you're
already using software you haven't scanned.
But I'm not using /Adobe/ software that I haven't scanned.
There is a nice paper by Ken Thompson,

I know. I don't have a problem trusting gcc.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

On Tue, 10 Feb 2004 18:55:07 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

jacob navia wrote:

But PDF is a widely used format,

Oh, I know, I know. That doesn't mean it necessarily /should/ be.
Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

Not trying to be difficult, but if you can define "text" then I'll feel
happier. Bearing in mind that at least one popular OS makes no distinction
between "text" and "binary" data. Hey, thats nearly topical.
As for the printed output, it looks pretty good from where I'm standing. If
your text printout quality is low, consider investing in a better printer.

I have a colour laser printer, and /still/ all my text docs come out in
crappy black 10pt courier typewriter font, circa 1950 IBM standard, just
the same as it comes out on my chain printer (tho admittedly the
chainprinter causes my neighbours to bang on the wall and call the police,
so I rarely fire it up except after very extensive p*ssups^wparties. I'm
not sure that expensive printers will improve that.

But we digress...
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Mark McIntyre wrote:

On Tue, 10 Feb 2004 18:55:07 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

Not trying to be difficult, but if you can define "text" then I'll feel
happier.

See 5.2.1 of C99 (Character sets).

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

In <c0**********@titan.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

jacob navia wrote:

But PDF is a widely used format,

Oh, I know, I know. That doesn't mean it necessarily /should/ be.

Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

As for the printed output, it looks pretty good from where I'm standing. If
your text printout quality is low, consider investing in a better printer.

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

>Mark McIntyre wrote:
>
>> BTW I bet you a groat you don't scan most programs for malicious code,
>> so your argument is spurious.
>
>I disagree that the argument is spurious. It's true that I don't scan most
>programs for malicious code; I don't have to, because - since they're Open
>Source - lots of people have done this already,

How do you know it? If everyone reasons like you, no one is actually
doing it :-) ^^

For the record, I often read the source code of Free Software, which
disproves that /no one/ is doing it. :) ^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Do you know what "if" means in English?

Suffice it to say that what I wrote contains no indication that I don't.
If you disagree, please be more elaborate.

Reread the underlined text above and explain what it was supposed to mean.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

jacob navia wrote:

> But PDF is a widely used format,

Oh, I know, I know. That doesn't mean it necessarily /should/ be.

Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

As for the printed output, it looks pretty good from where I'm standing.
If your text printout quality is low, consider investing in a better
printer.

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.

That's tricky, because the quality obtained from PDF documents is so low.
Here's an example:

~Iå¨~R_ß^U~Pp>Ì7
Ô~Pì$~@Í×à·ÑNæ`~B^SÔ~Sm^Uéúï^O²~R~C8!»ì^@}z~Z¬^_~G §¬õë?y+d½Ì¬ª\ê^?¥f¨w1^R¢
·-.~I¸:^?q~RVÐð~C2D~U,ÞC%|¢^Ròèz©ü«`,ä½~XSÕ;óI÷w"°^]ðXI^R^_?eqa#]¸ñÞ'åv^L6¥|
¾HQº^X^^~^ÕUõ/^VÇ~GÒpA×É=^G~HÞZ^GÜTÌl¢6µW~L^^`ñ|°³^TØ~H
½C^Y¬~C©?Ëût3^U^EçÒ^C¹1~Vþz^QºFÙjÿ©¶~SM~Qä~X£wÈ^RÇ µ¾mH^NÝ!XH}~Ky«t0^CFTz~N¸ðlE
cx.ÙhjAA¸$| üO?Ñ~Bìõ^S~]Y;Õ0ÆH$TECÄ~I^K0
Þ~U¡§?Ç~WÉÙ Ê~I|"@¬~GdË^V¼¥Á»/^Q~X^An~].Nè~V&¨ü<õY¶^A^DѬåÎ^G~G7*
FQ~M?I~L¨ÑaÇÚ^HiedJè^]^WÝâ~_~HÎ~B¨SÓ^^X ]¶¹ï^S~DU^G~\«%e1o^XFã~S¡¯V
I can't manage anything quite so bad using text, I'm afraid.
--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>
>>Mark McIntyre wrote:
>>
>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>> so your argument is spurious.
>>
>>I disagree that the argument is spurious. It's true that I don't scan most
>>programs for malicious code; I don't have to, because - since they're Open
>>Source - lots of people have done this already,
>
> How do you know it? If everyone reasons like you, no one is actually
> doing it :-) ^^

For the record, I often read the source code of Free Software, which
disproves that /no one/ is doing it. :) ^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Do you know what "if" means in English?

Suffice it to say that what I wrote contains no indication that I don't.
If you disagree, please be more elaborate.

Reread the underlined text above and explain what it was supposed to
mean.

The underlined text is not a complete sentence and was therefore not
supposed to mean anything by itself. Only the whole sentence was
supposed to have meaning.

Martin

On Tue, 10 Feb 2004 20:33:35 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Mark McIntyre wrote:

Not trying to be difficult, but if you can define "text" then I'll feel
happier.

See 5.2.1 of C99 (Character sets).

This defines "character sets", not "text". If you consider the two to be
synonyms then you presumably consider all non-English text documents to be
non-text. I'd call you a rude name at that point, but then we could invoke
godwin... :-)

Anyway, I was fully expecting 7.19.2....

--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

On Tue, 10 Feb 2004 20:47:54 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.
That's tricky, because the quality obtained from PDF documents is so low.

for pathological definitions of "low".
Here's an example:
Just because you can't read it, doesn't mean its not high quality.

Or do you claim that because your C code is converted from "text" to
"binary" then by definition it is poor quality? :-)
I can't manage anything quite so bad using text,

You're simply not trying hard enough.

And by the way, that /was/ text....

--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Dan Pop wrote:
[snip}

There is a nice paper by Ken Thompson, proving that such scans cannot
guarantee a lack of malicious code being included in the application,
unless you have assembled your own compiler. He had included a backdoor
in Unix via the C compiler and no matter how carefully you'd study the
source code of the C compiler, that you could use to rebuild the compiler
from the sources, you'd see nothing because there was nothing left in the
source code. The malicious code was inside the executable of the compiler
that was coming with the system and it would reproduce itself in the
binaries of the clean compiler you'd compile with that compiler.

Dan

I was wondering when someone would bring up the Thompson paper
in this thread :)

--
Ñ
"It is impossible to make anything foolproof because fools are so
ingenious" - A. Bloch

Mark McIntyre wrote:

On Tue, 10 Feb 2004 20:33:35 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Mark McIntyre wrote:

Not trying to be difficult, but if you can define "text" then I'll feel
happier.
See 5.2.1 of C99 (Character sets).

This defines "character sets", not "text".

This seemed to me to be sufficient.
If you consider the two to be synonyms
Not really, but I consider one to be built out of the other, pretty much.
I'm not silly about it, though; I would be perfectly prepared to accept
common extensions, such as @ and $ (both available in both ASCII and
EBCDIC).
then you presumably consider all non-English text documents to be
non-text.
Not so. For example, I consider C programs to be text documents, and they
are most certainly not written in English.
I'd call you a rude name at that point, but then we could invoke
godwin... :-)
If you were to call me a rude name at that point, I suspect it would be
because of your misunderstanding of my position, rather than because of my
actual position.
Anyway, I was fully expecting 7.19.2....

That is another good expression of my point, yes.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Mark McIntyre wrote:

On Tue, 10 Feb 2004 20:47:54 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.
That's tricky, because the quality obtained from PDF documents is so low.

for pathological definitions of "low".

<shrug> It is claimed that PDF documents are in a portable document format.
That's what PDF /stands for/. And yet PDF is clearly /not/ a portable
format, requiring as it does special readers which are not available on all
platforms.

Here's an example:
Just because you can't read it, doesn't mean its not high quality.

Well, it doesn't mean it's not of high quality from someone else's point of
view. I will agree with you thus far. But from /my/ point of view, if I
can't read it, it's useless. Useless *to me*, that is.

Or do you claim that because your C code is converted from "text" to
"binary" then by definition it is poor quality? :-)
No, but then I don't claim that my C compiler produces portable documents,
either.

I can't manage anything quite so bad using text,
You're simply not trying hard enough.

I don't say other people can't manage anything quite so bad. :-)

And by the way, that /was/ text....

To you, perhaps. Not to me.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Richard Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

There is a nice paper by Ken Thompson,

I know. I don't have a problem trusting gcc.

Besides, given the existence of other, if necessary self-designed,
languages, Thompson's reflections are not as significant as they appear
at first sight.

Richard

Richard Heathfield <do******@address.co.uk.invalid> wrote:

Mark McIntyre wrote:

On Tue, 10 Feb 2004 20:47:54 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

Dan Pop wrote:

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.

That's tricky, because the quality obtained from PDF documents is so low.

for pathological definitions of "low".

<shrug> It is claimed that PDF documents are in a portable document format.
That's what PDF /stands for/. And yet PDF is clearly /not/ a portable
format, requiring as it does special readers which are not available on all
platforms.

You can write your own reader, if you wish. There are systems without
HTML readers, but few people would call HTML unportable, because it is
at least possible to write an HTML reader for just about any platform;
the same thing should be true for PDF.
Hell, if you're satisfied with a plain-text representation, a PDF reader
could even be on-topic in c.l.c :-)

Richard

In <c0**********@sparta.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

>Dan Pop wrote:
>
>> OTOH, Acrobat Reader lets you copy/paste, generates excellent output
>> and is trivially easy to use.
>
>Is the source code freely available, so that I can assure myself that
>the program contains no malicious code?

On how much of the software you're currently using have you already
performed this check?

(a) Non sequitur. If the source is available then I can, if I wish,
perform this check. Whether I then choose to do so is entirely up to me.

Nope, it's not a non sequitur: if you don't perform such scans, the
ability to perform them becomes irrelevant.

(b) Even though it's a non sequitur, I'll answer it. I have performed this
check on /some/ of the software I use, but not all.

Therefore, you have no a priori reason to reject Acrobat Reader:

Yes, I do.

Please elaborate. Which other pieces of Adobe software have bitten you
with their malicious code?

you're
already using software you haven't scanned.

But I'm not using /Adobe/ software that I haven't scanned.

Why?

There is a nice paper by Ken Thompson,

I know. I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,
precisely because its code is widely available and most people use gcc
to build gcc.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0**********@sparta.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@titan.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

>jacob navia wrote:
>
>> But PDF is a widely used format,
>
>Oh, I know, I know. That doesn't mean it necessarily /should/ be.

Name one document format with a public specification that should be
used instead, allowing for comparable quality of the printed output.
And explain why that format should be used instead of PDF.

Text works for me. No public spec needed; if there's anyone out there who
doesn't know what text is, I probably don't want to read their stuff
anyway.

As for the printed output, it looks pretty good from where I'm standing.
If your text printout quality is low, consider investing in a better
printer.

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.

That's tricky, because the quality obtained from PDF documents is so low.
Here's an example:

~Iå¨~R_ß^U~Pp>Ì7
Ô~Pì$~@Í×à·ÑNæ`~B^SÔ~Sm^Uéúï^O²~R~C8!»ì^@}z~Z¬^_~ G§¬õë?y+d½Ì¬ª\ê^?¥f¨w1^R¢
·-.~I¸:^?q~RVÐð~C2D~U,ÞC%|¢^Ròèz©ü«`,ä½~XSÕ;óI÷w"°^]ðXI^R^_?eqa#]¸ñÞ'åv^L6¥|
¾HQº^X^^~^ÕUõ/^VÇ~GÒpA×É=^G~HÞZ^GÜTÌl¢6µW~L^^`ñ|°³^TØ~H
½C^Y¬~C©?Ëût3^U^EçÒ^C¹1~Vþz^QºFÙjÿ©¶~SM~Qä~X£wÈ^R ǵ¾mH^NÝ!XH}~Ky«t0^CFTz~N¸ðlE
cx.ÙhjAA¸$| üO?Ñ~Bìõ^S~]Y;Õ0ÆH$TECÄ~I^K0
Þ~U¡§?Ç~WÉÙ Ê~I|"@¬~GdË^V¼¥Á»/^Q~X^An~].Nè~V&¨ü<õY¶^A^DѬåÎ^G~G7*
FQ~M?I~L¨ÑaÇÚ^HiedJè^]^WÝâ~_~HÎ~B¨SÓ^^X ]¶¹ï^S~DU^G~\«%e1o^XFã~S¡¯V
I can't manage anything quite so bad using text, I'm afraid.

If this was an attempt at being funny, you failed. If it was an attempt
at being stupid, you brilliantly succeeded.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Richard Bos wrote:

[PDF]

You can write your own reader, if you wish. There are systems without
HTML readers, but few people would call HTML unportable, because it is
at least possible to write an HTML reader for just about any platform;
the same thing should be true for PDF.
Hell, if you're satisfied with a plain-text representation, a PDF reader
could even be on-topic in c.l.c :-)

What an interesting idea. :-)

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

Dan Pop wrote:

Show us how you can use the plain text format to display a complex
mathematical formula or the picture of your cat (dog, whatever)
with a quality comparable to that obtained from a PDF document.

That's tricky, because the quality obtained from PDF documents is so low.
Here's an example:
<junk characters snipped>

I can't manage anything quite so bad using text, I'm afraid.

If this was an attempt at being funny, you failed. If it was an attempt
at being stupid, you brilliantly succeeded.

It was neither. I don't expect you to understand this.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,
precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Richard Heathfield <in*****@address.co.uk.invalid> wrote:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,
precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

No, he is not. He is claiming that _if_ you want to install a back door
of the Ken Thompson kind, _then_ gcc is your ideal target, for the
reasons he cites. Which is true.
OTOH, if you're a commercial compiler writer, you don't even need
Thompson's trick. Ask M$.

Richard

In <40******@news2.power.net.uk> Richard Heathfield <in*****@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

I am claiming exactly what I have written above. If you have a problem
reading plain English text, it is your problem, not mine.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

>Da*****@cern.ch (Dan Pop) writes:
>
>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>
>>>Mark McIntyre wrote:
>>>
>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>> so your argument is spurious.
>>>
>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>programs for malicious code; I don't have to, because - since they're Open
>>>Source - lots of people have done this already,
>>
>> How do you know it? If everyone reasons like you, no one is actually
>> doing it :-) ^^
>
>For the record, I often read the source code of Free Software, which
>disproves that /no one/ is doing it. :) ^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Do you know what "if" means in English?

Suffice it to say that what I wrote contains no indication that I don't.
If you disagree, please be more elaborate.

Reread the underlined text above and explain what it was supposed to
mean.

The underlined text is not a complete sentence and was therefore not
supposed to mean anything by itself. Only the whole sentence was
supposed to have meaning.

Then, pray tell, what was the whole sentence supposed to mean?

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Dan Pop wrote:

In <40******@news2.power.net.uk> Richard Heathfield
<in*****@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ precisely because its code is widely available and most people use gcc
to build gcc.
Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

I am claiming exactly what I have written above.

Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.

If you have a problem
reading plain English text, it is your problem, not mine.

If I have a problem reading plain English text, it is indeed my problem. (I
don't, as it happens.)

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Richard Heathfield wrote:

<shrug> It is claimed that PDF documents are in a portable document format.
That's what PDF /stands for/. And yet PDF is clearly /not/ a portable
format, requiring as it does special readers which are not available on all
platforms.

That is like saying C is not portable because you need special
software for each platform it needs to support. Tell me about one
platform which does not have and acrobat reader available and
you have ever found yourself in need of one.

--
Thomas.

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>
>>Da*****@cern.ch (Dan Pop) writes:
>>
>>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>>
>>>>Mark McIntyre wrote:
>>>>
>>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>>> so your argument is spurious.
>>>>
>>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>>programs for malicious code; I don't have to, because - since they're Open
>>>>Source - lots of people have done this already,
>>>
>>> How do you know it? If everyone reasons like you, no one is actually
>>> doing it :-) ^^
>>
>>For the record, I often read the source code of Free Software, which
>>disproves that /no one/ is doing it. :) ^^^^^
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Do you know what "if" means in English?

Suffice it to say that what I wrote contains no indication that I don't.
If you disagree, please be more elaborate.

Reread the underlined text above and explain what it was supposed to
mean.

The underlined text is not a complete sentence and was therefore not
supposed to mean anything by itself. Only the whole sentence was
supposed to have meaning.

Then, pray tell, what was the whole sentence supposed to mean?

It was supposed to mean that the individual making the statement ("I")
many times ("often") systematically looks at ("read[s]") computer
programs ("Software"), which have a license that provides certain rights
("Free"), in their preferred form for studying and modifying their
behavior ("source code"), and this fact demonstrates that it is false
("disproves") that less than a single individual ("no one") takes steps
to find malicious code in said programs ("is doing it").

Martin

In <40******@news2.power.net.uk> Richard Heathfield <in*****@address.co.uk.invalid> writes:

Dan Pop wrote:

In <40******@news2.power.net.uk> Richard Heathfield
<in*****@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

>I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

I am claiming exactly what I have written above.

Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.

My claim is that gcc is the ideal target for such an attack. If, from my
claim you infer that you have no reason not to blindly trust gcc, then
fine. But then, you'll look like the king of the hypocrites when claiming
that you distrust software you cannot check for malicious code (an
attacked gcc is a piece of software you cannot check for malicious code,
even if the sources are available, as long as you use gcc to rebuild the
program).

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

>Da*****@cern.ch (Dan Pop) writes:
>
>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>
>>>Da*****@cern.ch (Dan Pop) writes:
>>>
>>>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>>>
>>>>>Mark McIntyre wrote:
>>>>>
>>>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>>>> so your argument is spurious.
>>>>>
>>>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>>>programs for malicious code; I don't have to, because - since they're Open
>>>>>Source - lots of people have done this already,
>>>>
>>>> How do you know it? If everyone reasons like you, no one is actually
>>>> doing it :-) ^^
>>>
>>>For the record, I often read the source code of Free Software, which
>>>disproves that /no one/ is doing it. :) ^^^^^
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> Do you know what "if" means in English?
>
>Suffice it to say that what I wrote contains no indication that I don't.
>If you disagree, please be more elaborate.

Reread the underlined text above and explain what it was supposed to
mean.

The underlined text is not a complete sentence and was therefore not
supposed to mean anything by itself. Only the whole sentence was
supposed to have meaning.

Then, pray tell, what was the whole sentence supposed to mean?

It was supposed to mean that the individual making the statement ("I")
many times ("often") systematically looks at ("read[s]") computer
programs ("Software"), which have a license that provides certain rights
("Free"), in their preferred form for studying and modifying their
behavior ("source code"), and this fact demonstrates that it is false
("disproves") that less than a single individual ("no one") takes steps
to find malicious code in said programs ("is doing it").

OK, so you're confirming that you don't understand the word "if".

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>
>>Da*****@cern.ch (Dan Pop) writes:
>>
>>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>>
>>>>Da*****@cern.ch (Dan Pop) writes:
>>>>
>>>>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>>>>
>>>>>>Mark McIntyre wrote:
>>>>>>
>>>>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>>>>> so your argument is spurious.
>>>>>>
>>>>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>>>>programs for malicious code; I don't have to, because - since they're Open
>>>>>>Source - lots of people have done this already,
>>>>>
>>>>> How do you know it? If everyone reasons like you, no one is actually
>>>>> doing it :-) ^^
>>>>
>>>>For the record, I often read the source code of Free Software, which
>>>>disproves that /no one/ is doing it. :) ^^^^^
>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>> Do you know what "if" means in English?
>>
>>Suffice it to say that what I wrote contains no indication that I don't.
>>If you disagree, please be more elaborate.
>
> Reread the underlined text above and explain what it was supposed to
> mean.

The underlined text is not a complete sentence and was therefore not
supposed to mean anything by itself. Only the whole sentence was
supposed to have meaning.

Then, pray tell, what was the whole sentence supposed to mean?

It was supposed to mean that the individual making the statement ("I")
many times ("often") systematically looks at ("read[s]") computer
programs ("Software"), which have a license that provides certain rights
("Free"), in their preferred form for studying and modifying their
behavior ("source code"), and this fact demonstrates that it is false
("disproves") that less than a single individual ("no one") takes steps
to find malicious code in said programs ("is doing it").

OK, so you're confirming that you don't understand the word "if".

I have done no such thing. It does not follow from my assertion that at
least one person checks source code for malicious code that I didn't
understand your statement. The only thing that does actually follow is
that it is false that everyone reasons like Richard Heathfield.

Since you have either failed or refused to explain what indicates that
I didn't understand the word "if", I can only concluse that even you
cannot find any such indication yourself.

Martin

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

>Da*****@cern.ch (Dan Pop) writes:
>
>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>
>>>Da*****@cern.ch (Dan Pop) writes:
>>>
>>>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>>>
>>>>>Da*****@cern.ch (Dan Pop) writes:
>>>>>
>>>>>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>>>>>
>>>>>>>Mark McIntyre wrote:
>>>>>>>
>>>>>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>>>>>> so your argument is spurious.
>>>>>>>
>>>>>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>>>>>programs for malicious code; I don't have to, because - since they're Open
>>>>>>>Source - lots of people have done this already,
>>>>>>
>>>>>> How do you know it? If everyone reasons like you, no one is actually
>>>>>> doing it :-) ^^
>>>>>
>>>>>For the record, I often read the source code of Free Software, which
>>>>>disproves that /no one/ is doing it. :) ^^^^^
>>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>> Do you know what "if" means in English?
>>>
>>>Suffice it to say that what I wrote contains no indication that I don't.
>>>If you disagree, please be more elaborate.
>>
>> Reread the underlined text above and explain what it was supposed to
>> mean.
>
>The underlined text is not a complete sentence and was therefore not
>supposed to mean anything by itself. Only the whole sentence was
>supposed to have meaning.

Then, pray tell, what was the whole sentence supposed to mean?

It was supposed to mean that the individual making the statement ("I")
many times ("often") systematically looks at ("read[s]") computer
programs ("Software"), which have a license that provides certain rights
("Free"), in their preferred form for studying and modifying their
behavior ("source code"), and this fact demonstrates that it is false
("disproves") that less than a single individual ("no one") takes steps
to find malicious code in said programs ("is doing it").
OK, so you're confirming that you don't understand the word "if".

I have done no such thing. It does not follow from my assertion that at
least one person checks source code for malicious code that I didn't
understand your statement. The only thing that does actually follow is
that it is false that everyone reasons like Richard Heathfield.

But, since no one claimed or implied that everyone reasons like
Richard Heathfield, there was *nothing* to be disproved. Since you
seem to be believe that you have disproved something, the only conclusion
is that you don't understand the word "if".
Since you have either failed or refused to explain what indicates that
I didn't understand the word "if", I can only concluse that even you
cannot find any such indication yourself.

See above.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

Da*****@cern.ch (Dan Pop) writes:

> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>
>>Da*****@cern.ch (Dan Pop) writes:
>>
>>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>>
>>>>Da*****@cern.ch (Dan Pop) writes:
>>>>
>>>>> In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:
>>>>>
>>>>>>Da*****@cern.ch (Dan Pop) writes:
>>>>>>
>>>>>>> In <c0*********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:
>>>>>>>
>>>>>>>>Mark McIntyre wrote:
>>>>>>>>
>>>>>>>>> BTW I bet you a groat you don't scan most programs for malicious code,
>>>>>>>>> so your argument is spurious.
>>>>>>>>
>>>>>>>>I disagree that the argument is spurious. It's true that I don't scan most
>>>>>>>>programs for malicious code; I don't have to, because - since they're Open
>>>>>>>>Source - lots of people have done this already,
>>>>>>>
>>>>>>> How do you know it? If everyone reasons like you, no one is actually
>>>>>>> doing it :-) ^^
>>>>>>
>>>>>>For the record, I often read the source code of Free Software, which
>>>>>>disproves that /no one/ is doing it. :) ^^^^^
>>>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>>> Do you know what "if" means in English?
>>>>
>>>>Suffice it to say that what I wrote contains no indication that I don't.
>>>>If you disagree, please be more elaborate.
>>>
>>> Reread the underlined text above and explain what it was supposed to
>>> mean.
>>
>>The underlined text is not a complete sentence and was therefore not
>>supposed to mean anything by itself. Only the whole sentence was
>>supposed to have meaning.
>
> Then, pray tell, what was the whole sentence supposed to mean?

It was supposed to mean that the individual making the statement ("I")
many times ("often") systematically looks at ("read[s]") computer
programs ("Software"), which have a license that provides certain rights
("Free"), in their preferred form for studying and modifying their
behavior ("source code"), and this fact demonstrates that it is false
("disproves") that less than a single individual ("no one") takes steps
to find malicious code in said programs ("is doing it").

OK, so you're confirming that you don't understand the word "if".

I have done no such thing. It does not follow from my assertion that at
least one person checks source code for malicious code that I didn't
understand your statement. The only thing that does actually follow is
that it is false that everyone reasons like Richard Heathfield.

But, since no one claimed or implied that everyone reasons like
Richard Heathfield, there was *nothing* to be disproved. Since you
seem to be believe that you have disproved something, the only
conclusion is that you don't understand the word "if".

I have in fact disproved something, namely that no one checks source
code for malicious code. I have done so even though no one has claimed
or implied it, and I have never claimed or implied that anyone has
claimed or implied it.

You seem to believe that only things which have previously been claimed
or implied can be disproven. That is not the case.

Martin

Dan Pop wrote:

My claim is that gcc is the ideal target for such an attack. If, from my
claim you infer that you have no reason not to blindly trust gcc, then
fine. But then, you'll look like the king of the hypocrites when claiming
that you distrust software you cannot check for malicious code (an
attacked gcc is a piece of software you cannot check for malicious code,
even if the sources are available, as long as you use gcc to rebuild the
program).

King of the hypocrites? No, not really. You see, I don't distrust GNU. But I
/do/ distrust Adobe. I am confident of GNU's good intentions. I am not
confident of Adobe's good intentions.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Thomas Stegen CES2000 wrote:

Richard Heathfield wrote:

<shrug> It is claimed that PDF documents are in a portable document
format. That's what PDF /stands for/. And yet PDF is clearly /not/ a
portable format, requiring as it does special readers which are not
available on all platforms.
That is like saying C is not portable because you need special
software for each platform it needs to support.

And, in a way, that's true. (It's still /more/ portable than any other
language AFAIK.)
Tell me about one
platform which does not have and acrobat reader available and
you have ever found yourself in need of one.

<grin> That's easy; none, because I don't use PDF files (with the single
exception of the ISO C99 document, and I'm converting that to text anyway,
albeit slowly). Therefore, I don't need Acrobat Reader.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

On Wed, 11 Feb 2004 06:49:20 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

<shrug> It is claimed that PDF documents are in a portable document format.
That's what PDF /stands for/. And yet PDF is clearly /not/ a portable
format, requiring as it does special readers which are not available on all
platforms.
I understand your point, I just think you're being blinded by
anti-proprietary-ism if you see what I mean.

Text files are no more portable than pdf, since they too require special
readers. You may disagree with this, but remember that even cat and more
are file readers, and without them you could not read a text file on unix.
if I can't read it, it's useless. Useless *to me*, that is.

And chinese text is useless to me. Your point is.... :-)

And by the way, that /was/ text....

To you, perhaps. Not to me.

my point exactly !

--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

In article <c0**********@sunnews.cern.ch>, Da*****@cern.ch says...

Please elaborate. Which other pieces of Adobe software have bitten you
with their malicious code?

Perhaps a reminder that recently Adobe has gotten some flack for
introducing some "malware" into Acrobat reader that makes it
absolutely refuse to render certain graphic images, such as
US currency. No warning, no disclosure, it's just there. It
makes it load much, much slower while it scans the file looking
for such on each "fopen()".

Here is an example of such discussions:

http://www.pdfzone.com/news/767-PDFzone_news.html

--
Randy Howard
2reply remove FOOBAR

Mark McIntyre wrote:

On Wed, 11 Feb 2004 06:49:20 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

<shrug> It is claimed that PDF documents are in a portable document
format. That's what PDF /stands for/. And yet PDF is clearly /not/ a
portable format, requiring as it does special readers which are not
available on all platforms.

I understand your point, I just think you're being blinded by
anti-proprietary-ism if you see what I mean.

Text files are no more portable than pdf, since they too require special
readers. You may disagree with this, but remember that even cat and more
are file readers, and without them you could not read a text file on unix.

Yes, I could - using vim, or emacs, or ed, or less, or joe, or pico, or even
grep! Or I could simply write a simple cat:

#include <stdio.h>
int main(void)
{
int ch;
while((ch = getchar()) != EOF)
{
putchar(ch);
}
return 0;
}

You see, text fits in with the C model very well indeed. It's easy to write
text processors in C.

if I can't read it, it's useless. Useless *to me*, that is.

And chinese text is useless to me. Your point is.... :-)

....that the fewer constraints one puts on one's intended audience, the wider
that audience can be.

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

In article <40******@news2.power.net.uk>,
Richard Heathfield <in*****@address.co.uk.invalid> wrote:

Dan Pop wrote:

In <40******@news2.power.net.uk> Richard Heathfield
<in*****@address.co.uk.invalid> writes:

Dan Pop wrote:

In <c0**********@sparta.btinternet.com> Richard Heathfield
<do******@address.co.uk.invalid> writes:

>I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?

I am claiming exactly what I have written above.

Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.

I'm not quite sure, but I think it might have been Kernighan who
described how to add an invisible backdoor to a compiler.

(Start with a compiler X. Based on X, write a modified compiler Y that
will recognise (a) your favorite password checking function and (b) the
code generation of compiler X, and replace them with modified code that
does exactly the same thing. Compile the compiler Y with X and you get a
compiler that adds backdoors to compilers and password checking
functions. Compile X with the result and the object code will still
install backdoors. Distribute X and the compiled compiler with backdoors
widely. )

Christian Bau wrote:

In article <40******@news2.power.net.uk>,
Richard Heathfield <in*****@address.co.uk.invalid> wrote:

Fine. So - I /had/ no reason not to trust gcc, and I /still have/ no
reason not to trust gcc. Nothing has changed, then. Good.

I'm not quite sure, but I think it might have been Kernighan who
described how to add an invisible backdoor to a compiler.

No, it was definitely ken (Ken Thompson). Google for "Reflections on
Trusting Trust".

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

On Wed, 11 Feb 2004 15:35:18 +0000, in comp.lang.c , Richard Heathfield
<in*****@address.co.uk.invalid> wrote:

Dan Pop wrote:

In <40******@news2.power.net.uk> Richard Heathfield
<in*****@address.co.uk.invalid> writes:
I am claiming exactly what I have written above.

Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.

Hmm. I'm puzzled here.

You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it. But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.

And even though software X is potentially modifiable by all and sundry and
thus vulnerable to malicious additions, whereas software Y is not so
vulnerable, you don't feel any need to check software X yourself, but won't
use software Y.

I think you need to explain more clearly. Your logic seems more like
disestablishmentarianism to me.

On second thoughts, don't bother. I'm pretty convinced that your *real*
reason is quite different, and something more akin to a mania than logic.
No offense I hope. I'm similarly maniacal about good guitarists.
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Mark McIntyre <ma**********@spamcop.net> writes:

You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it. But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.
I trust software once the source code has been inspected by a reasonable
large number of different independent parties. This is the case for
some (but not all) free software, but it is never the case for proprietary
software, simply because the source code is not available to enough
independent parties.

Whether or not the software is commercial makes no difference to me.
And even though software X is potentially modifiable by all and sundry
and thus vulnerable to malicious additions, whereas software Y is not
so vulnerable,
I believe it is /much/ easier to sneak malicious code into proprietary,
closed-source software than into the source code of free software, where
everybody could immediately see it.

Just because it's legal to distribute modified versions of free software,
but illegal to do the same with proprietary software, doesn't mean it's
also technically more difficult to modify proprietary software.
you don't feel any need to check software X yourself, but won't
use software Y.

I think you need to explain more clearly. Your logic seems more like
disestablishmentarianism to me.

I find Richard's logic quite convincing. :)

Martin

Mark McIntyre wrote:

On Wed, 11 Feb 2004 15:35:18 +0000, in comp.lang.c , Richard Heathfield
<in*****@address.co.uk.invalid> wrote:

Dan Pop wrote:

In <40******@news2.power.net.uk> Richard Heathfield
<in*****@address.co.uk.invalid> writes:
I am claiming exactly what I have written above.
Presumably, then, you are not claiming that gcc contains a back door.
Fine. So - I /had/ no reason not to trust gcc, and I /still have/ no
reason not to trust gcc. Nothing has changed, then. Good.

Hmm. I'm puzzled here.

You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it.

No, sir. I already trusted gcc. Dan raised a possible bugbear, but then
scotched it again. Situation is as before.

But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.

No. I trust gcc partly because of the million eyes, but mainly because I
firmly believe that GNU have the interests of the programming community at
heart. I don't have the same faith in Adobe.

<snip>

--
Richard Heathfield : bi****@eton.powernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton

Richard Heathfield <do******@address.co.uk.invalid> wrote:

Mark McIntyre wrote:

But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.
No. I trust gcc partly because of the million eyes, but mainly because I
firmly believe that GNU have the interests of the programming community at
heart.

You _have_ read the GCC man pages, haven't you? I refer in particular to
their comments about -pedantic.
I don't have the same faith in Adobe.

Neither do I, but at least if Adobe turn out to be criminals rather than
merely scummy weasels we can sue them.

Richard

In <c0*************@news.t-online.com> Martin Dickopp <ex****************@zero-based.org> writes:

You seem to believe that only things which have previously been claimed
or implied can be disproven. That is not the case.

I merely don't see the point in disproving things no one has claimed or
implied. Unless you enjoy talking alone...

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0**********@sparta.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Dan Pop wrote:

My claim is that gcc is the ideal target for such an attack. If, from my
claim you infer that you have no reason not to blindly trust gcc, then
fine. But then, you'll look like the king of the hypocrites when claiming
that you distrust software you cannot check for malicious code (an
attacked gcc is a piece of software you cannot check for malicious code,
even if the sources are available, as long as you use gcc to rebuild the
program).

King of the hypocrites? No, not really. You see, I don't distrust GNU. But I
/do/ distrust Adobe. I am confident of GNU's good intentions. I am not
confident of Adobe's good intentions.

Non sequitur and a proof that you have understood nothing of this issue.

GNU distributes source code, not binaries. It is the distributor of the
binary that can implement the hack I was talking about, for the simple
reason that it doesn't exist in the distributed source code. Therefore,
GNU's intentions, either good or bad, have nothing to do with this
discussion.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <c0**********@hercules.btinternet.com> Richard Heathfield <do******@address.co.uk.invalid> writes:

Mark McIntyre wrote:

On Wed, 11 Feb 2004 06:49:20 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@address.co.uk.invalid> wrote:

<shrug> It is claimed that PDF documents are in a portable document
format. That's what PDF /stands for/. And yet PDF is clearly /not/ a
portable format, requiring as it does special readers which are not
available on all platforms.

I understand your point, I just think you're being blinded by
anti-proprietary-ism if you see what I mean.

Text files are no more portable than pdf, since they too require special
readers. You may disagree with this, but remember that even cat and more
are file readers, and without them you could not read a text file on unix.

Yes, I could - using vim, or emacs, or ed, or less, or joe, or pico, or even
grep! Or I could simply write a simple cat:

#include <stdio.h>
int main(void)
{
int ch;
while((ch = getchar()) != EOF)
{
putchar(ch);
}
return 0;
}

You see, text fits in with the C model very well indeed. It's easy to write
text processors in C.

Especially if they're not supposed to work when the text file doesn't
match the author's assumptions. As a trivial example, your program
blisfully ignores character set issues, something that PDF readers usually
get right.

These days, text means more than whatever can be expressed with the
ASCII character set. Or even with any of the ISO-8859 8-bit character
sets.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de

In <MP************************@news.verizon.net> Randy Howard <ra*********@FOOverizonBAR.net> writes:

In article <c0**********@sunnews.cern.ch>, Da*****@cern.ch says...

Please elaborate. Which other pieces of Adobe software have bitten you
with their malicious code?

Perhaps a reminder that recently Adobe has gotten some flack for
introducing some "malware" into Acrobat reader that makes it
absolutely refuse to render certain graphic images, such as
US currency. No warning, no disclosure, it's just there. It
makes it load much, much slower while it scans the file looking
for such on each "fopen()".

Here is an example of such discussions:

http://www.pdfzone.com/news/767-PDFzone_news.html

Your example talks about Adobe Photoshop and the change in question does
not qualify as malicious code.

So, what was your point?

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de