Is there any article on the actual features f the current renderman, since i cant be arsed to google

Renderman was a very specialist piece of software and a total pain in the backside to use coming from a gui and im sure its changed dramatically since then but i'm curious as to how well it might interface with max, for eg and some of its features be introduced as plugins, maybe - the full gamut of pixar films show a vast arrangement of materials and interesting features, stuff like the hair in Brave would be great if Renderman Free Edition can render it and the tools are there to create the hair guides etc intuitively, otherwise Renderman might not be the perfect thing one might uimagine it could be if you don't get a hold of the technology renderman is itself rendering - when i used rendrman it was a bunch of tools with functionality to cover all aspects of the process from handling rib files to networking for a renderfarm, the renderer, PRMan was just one of many tools, didnt even do proper raytracing in toy story era, another company made BRMan whch WAS a proper raytracer and in Toy Story they used the renderer that would be best fit for te shot, given BRMan was naturally much much slower than PRMan

No idea how it all works out now but one thing Renderman CAN boast is a very large selection of shaders and materials, documentation, research and lots of great stuff if you want to get serious with your rendering - its worth remembering that the development of Renderman was a huge influence on many 3D rendering concepts. I havent used it, i guess i should give it a go and see what kind of beast it is now, and I hope it can descend into the nerdfest mentioned above - its nerdery with a payoff though, you get some amazing results. Assuming they used Renderman for Blue Umbrella (not sure why they wouldnt) then thats all the evidence you need for the quality of this thing

It's not for people who arent well acquainted with rendering however, in fact you'd prob need to be savvy with many parts of the process to really get on top of it, post prod and compositing being obvious ones

Definitely one for the schools i think, the hobbyist might find a lot of joy but the average 'rendering guy' or whatever you call them would i'd imagine be much more comfortable and productive with an autodesk big name, max or maya and using vray or mental ray . I personally dislike menta ray, it's got this fiddly bolted on feel in max when vray all makes perfect sense.

Regarding games usage for it, it can depend a lot - if its a decent amount faster for an equivalent image than vray for approximately similar output and it has some render to texture functionality it would be a lovely proposition for texture baking in static scenes, and perhaps if you can get the materials set up so switching renderers isnt a massive pain then being able to beauty shot your scenes and models with such illustrious software could be prety cool. I promised myself the ther day id give keyshot a proper go but renderman might be pretty useful there, promo, concepting etc

Generally if i can understand its workflow, hoping for software specific tools (will have to look) im sure it could be quite useful for a bunch of things, but if it could bake textures more quickly than vray can for equivalent results then that would make it extremely useful to me. Worth a go some time soon but again i get the feeling that it may still be a quite confounding set of tools

There might be some functional crossover between Renderman shaders and videogame engine shaders (given an engine, an understanding of how it likes your shaders approached and perhaps renderman specific tools) for consistency and wotnot but i think thats chumps thing (actually i often feel pretty humbled by how much i dont know) than mine for definite

http://bost.ocks.org/mike/algorithms/

I'm doing some agile development from next week.  I'm to be ScrumMaster.  Anyone got experience of that type of lark??

Obv i can't help from professional experience, i spose taken what i learnt from last years compo and my own self motivated work, which is almost all of it, which stays rather prototypical in nature, i'd have something to offer but it might be silly and trivial in your circumstances.

I personally like estimation sessions, because then at least everyone can see what the big picture is, and have a say on it. Agile or not, that's a good thing.

What Chump says about the clear separation of concerns on larger deliverable units is also good. As a Scrumm Master, I personally think it's up to you to understand just how big and complicated those sub units are... To do that, you need to make sure that each user story makes perfect (or as near as dammit) sense, and (partly with the help of the estimation sessions) make sure that your team both understands the requirements, and are happy with developing them...

This is where Agile can break down in a very nasty way. 

Your product managers will need to write bulletproof specifications, because coders are not mind readers, and scope creep is just as annoying in a 2week sprint as it is in a 6 month dev effort. If the user stories are well written, and your team is comfortable with the work required (usually indicated by acquiescent estimation rounds, but that's just a hard and fast observation), then most of the battle will be won...

But then as a Scrumm Master, you're also responsible for assuring team 'Velocity', which is tough.

As a grunt all I can offer on that, is that it's always going to be a painful thing to build on, but transparency will be your best bet, because you're generally going to be working with people who enjoy chewing over details, and may well offer insights and ideas that you didn't consider at the time you specced' the sprint/iteration...

Good luck.

Cheers chaps, useful stuff.

Think I'd stand a chance if it was stuff I knew about, but the project is analysing performance of all our newly-virtualized products, and I know little about virttualization and little about most of those products! Ho hum. Think the first couple of sprints may be "interesting"!

Haha!

Well spotted!

Anyone seen the news about Google's Twitch buyout?

Probably better value than Facebook - Oculus at any price...

This had almost slipped me by - ACM have actually made the siggraph 2014 papers available through them for a month, instead of having to scrabble around the individual author webpages! Only for a month and it started July 27th so you've only got a week left then it's back to scrabbling:  

http://blog.selfshadow.com/2014/08/14/siggraph-2014-links/


NB - VR one here might be of interest to you gunn, Abrash and some nvidia and disney folk  http://dl.acm.org/citation.cfm?id=2628332&CFID=408195916&CFTOKEN=67332391

Oops:

http://www.bbc.co.uk/news/technology-29361794

In more detail:

Bash supports exporting not just shell variables, but also shell
functions to other bash instances, via the process environment to
(indirect) child processes.  Current bash versions use an environment
variable named by the function name, and a function definition
starting with “() {” in the variable value to propagate function
definitions through the environment.  The vulnerability occurs because
bash does not stop after processing the function definition; it
continues to parse and execute shell commands following the function
definition.  For example, an environment variable setting of

  VAR=() { ignored; }; /bin/id

will execute /bin/id when the environment is imported into the bash
process.  (The process is in a slightly undefined state at this point.
The PATH variable may not have been set up yet, and bash could crash
after executing /bin/id, but the damage has already happened at this
point.)

The fact that an environment variable with an arbitrary name can be
used as a carrier for a malicious function definition containing
trailing commands makes this vulnerability particularly severe; it
enables network-based exploitation.



So far, HTTP requests to CGI scripts have been identified as the major
attack vector.

A typical HTTP request looks like this:

GET /path?query-param-name=query-param-value HTTP/1.1
Host: www.example.com
Custom: custom-header-value

The CGI specification maps all parts to environment variables.  With
Apache httpd, the magic string “() {” can appear in these places:

* Host (“www.example.com”, as REMOTE_HOST)
* Header value (“custom-header-value”, as HTTP_CUSTOM in this example)
* Server protocol (“HTTP/1.1”, as SERVER_PROTOCOL)

The user name embedded in an Authorization header could be a vector as
well, but the corresponding REMOTE_USER variable is only set if the
user name corresponds to a known account according to the
authentication configuration, and a configuration which accepts the
magic string appears somewhat unlikely.

In addition, with other CGI implementations, the request method
(“GET”), path (“/path”) and query string
(“query-param-name=query-param-value”) may be vectors, and it is
conceivable for “query-param-value” as well, and perhaps even
“query-param-name”.

The other vector is OpenSSH, either through AcceptEnv variables, TERM
or SSH_ORIGINAL_COMMAND.

Other vectors involving different environment variable set by
additional programs are expected.

It's a bit scary. Stuff like heartbleed and shellshock make me worry about a) what haven't we found? b) what haven't we found that some douche bag has? and c) would we have ever found this if it weren't open source?

GCHQ ticks another exploit off the list. List probably still longer than yer arm. Have to presume that if it's aon a computer linked to the interwebs, someone somewhere can get at it if they really want to.

dynamiteReady wrote:

That's quite a scary bug that though. Perhaps worse than heartbleed. Much of the internet (or at least it's webpages) is compromised.

It is, and it's a slightly baffling one to consider as a genuine mistake. I would have thought that any parser with a modicum of context sensitivity processing script in a language with a scope block structure would terminate after the function delimiter. Apparantly not it seems. But it's too easy to criticise - I'd be on surer ground if I had written a shell or code parser/compiler myself - but I haven't.

I don't totally understand the detail above not being familiar with Unix, but if I get the meaning then I'd say that being able to hurl code around like that also seems to be a cavalier design decision - very much engineer led -  but again it's easy to criticise. Up until now so much is designed to deliver functionality with no thought of security. It is something that clearly has to change and a loss of flexibility will be the cost.

Are you a CISSP or something @acemuzzy? You speak a bit like our security consultants and presenters at security events I attend from time to time. I'm getting our internal security bods trained up at present.

We had our Engineering Conference at work last week - an annual extraveganza where you can optionally volunteer to talk about whatever you want that's (ideally) vaguely Software Engineering related (I gave one last year on Unity; nothing from me this year).

Highlights this year:
 - The madness that is General Game Programming (on which one of my colleagues is apparently World Champion!).  Basically AI for games where they only get told the rules of the game at runtime .
 - Elm, and its Time Travelling Debugger



 - Learning that stores use wifi tracking to work out where you are as you walk round the store (triangulating from in-store wifi bases), then match to your store card when you check out so they know who you are and how long you browse in each aisle.  Bastards.
 - Being reminded how quantum computing works.
 - Being reminded about some cryptography stuff, including how to break it
 - Some funky python stuff, and dizzle on the Internet of Things and HTTP v2.
 - Interesting stuff about some projects we've been launching, that I'm not allowed to talk about

All in all, a rather funner couple of days than normal work!