Slashdot Mirror

Great! Just in time as the forecast doesn't look too great.....

http://itmanagement.earthweb.com/columns/entad/art icle.php/3598831

Which seems to imply at least some backlash and return to 'on premise' models of software.

with siteadvisor nobody went to disreputable* sites, so only major commercial sites and personal blogs exist now!!! (*sites that did not pay for a good rating)

This is a valid concern, however SiteAdvisor does not remove bad listings, it only provides additional information. Care must be taken on how that information is used, but doesnt warrant the same level of concern as solutions that utilise filtering.

For example, I will be using this information to avoid sites that are known to infect users computers or engage in bad email practices, unless I really need to visit that page. I wont be avoiding untested sites, because I use Adblock & NoScript, so I have very little to fear. However, I will be advising novices that Untested means they should avoid those sites unless they have good reason to follow the link. i.e. think twice before entering the site.
Hopefully with novices exercising a little more caution, I will spend less time rebuilding computers for friends.

Oh wait! this is NOT going to fix the problems with malware.

There is no magic bullet for any problem that involves to humans. Site Advisor is an elegant tool that may be used to reduce the problem.

Seriously, this just sends every URL you go to to the siteadvisor servers, and checks to see if they are "okay" as dictated by a specific corporation with no accountability.

How is this different from typing in a search term into Google?

it wouldn't surprise me if this WAS the next generation of malware. Hidden right in plain sight.

It might surprise you to learn that their Firefox extension source code IS hidden right in plain sight.

Download their XPI file, unzip it, unzip chrome/safe.jar, and scan the code. The first thing you should notice is that there are no DLL files -- it is implemented in standard Mozilla technology: XUL + JS. As such, the source code will be vetted by hundreds of people, and any attempt to do the wrong thing WILL be noticed.

Opt-in lists are required to comply with this law too if they have any kind of content that minors are prohibited from consuming. An article from august that explains this in detail: http://itmanagement.earthweb.com/columns/executive _tech/article.php/3526181Think about the newsletter from your favorite winery?

This law is NOT about protecting the children.

It's about putting money in the pockets of the 3rd-party registry compliance company (https://www.registrycompliance.com/). They have a patent on the screening process and lobbied heavily for the Utah and Michigan laws. They are busy in other states right now and stand to make A LOT of money ... much more than the states who are "tricked" into passing the law without fully understanding the consequences.

See for example this article from when FF hit 50M: "the foundation says the 50 million is strictly version downloads and doesn't count upgrades."

"... court documents claim, Burst.com has evidence that Microsoft followed a policy of deliberately destroying e-mail that could be used as evidence against it."

Anybody know what is this "reward" they mail you? I'm curious.

If a person is the first to submit a link to a new phishing site, the user receives a free prize, such as a coffee mug. Miller said other offerings are in the works as well. An e-mail appears in users' inboxes asking them to return a postal address for the prize, which takes 28 days to deliver.

What did you expect, when the researchers are measuring the speed in units of DVDs! Here they boast about transfering a DVD in 4 seconds

The concept is interesting, although I hardly see this type of thing ever getting very big. Unfortunately, especially in the U.S., too many people will be against this kind of alternative teaching, probably likening it to getting kids to stay off drugs by encouraging them to try them first. I doubt there'd be much support for this outside the ISECOM, even though this type of experience would benefit anyone going into the network administration sector.

FTA: "The school believes there could be jobs out there for this new breed of ethical hacker."

There are, and have been for quite some time. The FBI employs at least one former hacker, that I know of. There is an article that explores this a bit more, though it's a little dated.

Besides, high school kids already have too many freedoms: open campus lunches, driver's licenses, free thinking. We need to put an end to this now! ;)

While China and Korea are notorious as sources of spam, some reports suggest that the United States is the largest single source. While, as a Westerner, I agree the ham:spam ratio from these IP address blocks is likely to be lower than those from North American addresses (those managed by ARIN), I was just making the point that blocking entire IP address blocks might have been excessive, considering it is bound to block some legitimate traffic. DNS based blacklists are likely to be nearly as effective while having a much lower false positive rate. Boycotts against an ISP or a country might be effective in some instances, but I don't think blocking it some levels higher at the geographical IP address authority is likely to be a useful tactic in altering the behavior of some providers or clients in that region.

This is not to suggest the original poster condoned the actions he was reporting, nor that it addresses precisely the same actions (he was not suggesting that preexisting IP address blocks delegated by APNIC would be blocked), I just think it's an interesting point to raise, given there are many people doing this sort of blocking.

And how many patent lawsuits has Microsoft been involved in:

Microsoft, Tiscali sued over European download patent

Sun, Microsoft settle suit in billion dollar pact

Microsoft settles Intertrust patent lawsuit

Microsoft settles suit with Immersion

Microsoft settles 1999 Patent Infringement Case

You sir are talking out of your ass.

IBM, for one, is hiring like mad.

Perhaps your coworkers don't begrudge your position because they take pity on you. Just for the record, no one is impressed that you don't belive in yourself enough to take on debt to invest in your future - especially with the current cost of money so low.

IM services have tried repeatedly to block third-party apps. Both AIM and Yahoo have tried to block third-party clients.

Yahoo blocking

AIM blocking

"AOL made changes to their proprietary protocol (called OSCAR) that would ferret out anyone who wasn't using the official client."

I am quite sure that someone was Eric S. Raymond.

Moll.

Don't compare Clam w/ McCoffee... Almost nothing can beat McCoffee techs in terms of slowness. It's proven!

Once one realizes that Blockbuster makes somewhere between 15% and 20% of its revenues from late fees, it's hard to believe that they're going to embrace a business model like this that eliminates those fees.

those annoying late fees -- which account for a full 15 percent of Blockbuster's $4.96 billion in revenues (Industry Standard)

One of the dirty little secrets of the home-video business, writes Lary Gerbrandt, a senior analyst at Paul Kagan Associates, is that their largest profit generator is actually late fees. (Factbook)

late fees, a revenue source that accounts for between 18-20 percent of Blockbuster's overall profits (Earthweb)

Hrm, i must be confused about the term 'spatial'. Steve Jobs thinks it makes users janitors, but... i always thought the whole spatial concept was invented by Apple. The whole the-directory-is-a-folder-on-your-screen thing...? Am i confused, or has Jobs changed his tune, or what? :/

Here's the background on what Steve Jobs said.

UDF is the Universal Disk Format. Although generally used for DVD+-RW disks, it can be used for harddisks too. All the modern operating systems support it, including Microsoft Windows (apparently since win95b).

Random Article link.

The only bright spot for UNIX is the fact that Oracle scales better on UNIX than on Windows.

In another article he talks about how with the introduction of intels ia64 chip UNIX will be regulated to the back room running a Database and will basically die out.

In article "Wintel Vendors: Data Center Addition?" Sorry no public link.
He opens saying that the impact of Linux on the data center is negligable compared to Windows which growth is expanding faster than anything else.

Looking through this information it also strikes me that he has always help product marketing positions, but has no listed experience actually having implemented and designed any of this.

He is also one of metagroups leading open source knowledgeable people without ever having worked with Linux. link

In this article
he states "anything but Linux on Intel is niche." and seems to poo-poo any thought of running linux on non-intel equipment... Which doesn't speak well for his Linux experience... He claims that they only look at what his clients are doing, so it seems that he won't know about it unless they are doing it and his job is to advise them on what to do... Make your own conclusions...

In this article dated April 20th, 2004 so it should reflect his current position, he seems to be promoting Linux. Definately worth a read through.

And this article back in dec 09th 2002 he states he see's in 5 years windows at the low end and linux at the high end of computing.

Meta Group's position
2001 Linux not on their roadmap
2002 Linux is immature and should not be used in mission critical applications
2003 - current not sure

Overall it looks like he isn't a techie, just a manager that overlooks what consultants in the field are do and provides a "face" for the UNIX department. Doesn't look like he's a Microsoft shrill especially considering the last two articles I left on him.

Hopefully this helps, going to sleep.

• I once had high hopes for Linux. I felt sure it could make a real contribution to the success of humanity, now more and more I have my doubts. I have a real and growing fear that if the Mr. Smith's of Linux have their way, in the future they will look back and say: "Wasn't it nice that so many smart people worked to hard for free to forge their own chains."

(actually, it looks a lot like ethereal, so maybe it's not total rubish)

Couldn't find any articles about cyberterrorism towards the U.S. However, the U.S. government bestowed the right on the U.S. military to conduct cyber-attacks that would otherwise constitute cyberterrorism if perpetrated on the U.S. Neat thing power is, huh?

Snippet from article linked below:

"It has been widely reported that President Bush signed a directive last summer, ordering the government to develop a cyber-warfare guidance plan. The strategic doctrine would detail when the U.S. would use cyber attacks, who would authorize it, what constitutes legitimate targets, and what kinds of attacks -- Denial of Service, hacking, worms -- could be used. Bush signed the order, the National Security Presidential Directive 16, last July.

http://itmanagement.earthweb.com/secu/article.php/ 1856001

Um.... Windows 98 isn't 9. anything.

If anything, it's 'Win4.1'. Take a really close look at the installer the next time it runs. [I know I saw 'win4.0' flash by when I installed Windows 95 for the first time.]

In the same way, Win2000 is is 'NT5.0' I'm not sure if XP is the fabled 'NT6' or jut considered to be 'NT5.1' as I've never used it.

Here is Steve Jobs stoty saving 58 lives every year by speeding booting time on mac by 5 s. Imagine how many peopple's last words were "why did't I save my document..." before they got a stroke when the system crashed...

VoodooPC has been doing this for over three months already.

As a ten year stockholder in Micron, I may be able to add a bit to this...

Sure Micron slashed job in Manassas (I live 5 miles away)...everyone was slashing jobs back then. The Hynix purchase was not shot down by the Korean govt. In fact, they were pushing for it. The government had bailed Hynix out of bankruptcy a couple of times already (via the state controlled creditors), and the company was pouring money down the toilet. Hynix was over $6B in debt, and threatening to take its creditors down with it. The deal was ultimately shot down by the Hynix board of directors despite severe pressure from their creditors. The pressure to abort came mainly from Korean unions who didn't want to be working for Americans (I could tell you alot more about this, having lived there for six years!).

As for what Micron's goal was, well your speculations about moving jobs outside the US or gobbling up competition may be correct. But, I'd speculate that when you're the world's #2 producer, and you've got a chance to become the world's #1 producer, you just take the shot...simple as that. Anyway, there's a good summary of the outcome here.

In an attempt to compete with companies that are able to sell memory at below cost prices because they don't have to make a profit (why bother when you're constantly bailed out?), it's hard to blame Micron for raising the memory dumping problem. That said, if they colluded to fix prices, they should pay the penalty too.

so now we're teaching college students how to hack?

Yes, an article from a few months ago has some info.

As far as I know the problem isn't so much with Apache2 but with the changing API and modules because they haven't been rewritten /debugged to the specs of A2 to take advantage of it's architecture. Apache 2: Improvements Are Obvious, But Upgrade Choices Aren't

Look at articles like this and this and decide carefully before you invest your time and money into what is rapidly becoming a dead-end career.

Some VAIOS have numeric keypads. I tried one, it is ok, but as I dont use the one on my regular keyboard, I didnt find much use for it.

No, I don't work for them, but Linuxcare has a professional looking website using the CEO-lingo that might comfort the big-wigs you need to convince. There are other companies that support Free Software too, check out Red Hat's Support Services. A site called OpenEnterprise looks to have a ton of resources on exactly what you're asking for.

Also, take a look at IT Management's special report on Linux. It offers a lot of ammo to you in making a presentation. You can point to the other heavy-hitters that are using Free solutions and have concrete examples of success.

The same site even has an article entitled Selling the 'Suits' on your IT project which looks to have some good advice for you.

No, I don't work for them, but Linuxcare has a professional looking website using the CEO-lingo that might comfort the big-wigs you need to convince. There are other companies that support Free Software too, check out Red Hat's Support Services. A site called OpenEnterprise looks to have a ton of resources on exactly what you're asking for.

Also, take a look at IT Management's special report on Linux. It offers a lot of ammo to you in making a presentation. You can point to the other heavy-hitters that are using Free solutions and have concrete examples of success.

The same site even has an article entitled Selling the 'Suits' on your IT project which looks to have some good advice for you.

However, one can't dismiss that Microsoft's NT has been making huge strides into the server market as well. This article provided a keen insight into a possible evolutionary path of the current situation. It has good news for Linux but it also predicts Windows holding 51% of the server market (other stories when googling ("data center" server "operating system" research windows linux unix solaris)). It's really anybody's guess at this point.

Regardless, I think that a lot of people are mis-informed about the porting of C# over to other platforms. The Mono compiler can compile any code in the C# syntax, but the *Standard Libraries* are where the battle is. Who knows, maybe Microsoft will come out with a set of libs that run on *nix and then charge for use of them.

Personally, I am a developer of desktop products mainly, so I don't really have a good view of whats happening in the server market. You've got to root for the home team though ;)

Thanks for a thoughtful reply, sorry if my post seemed trollish (it was :)

Instead of concentrating on these things, we get a meningless comparative, as if it was a normal desktop. Better review at hardware central (IMHO).

I'm reading this book now. Surprisingly, it isn't so much about technology and security. Instead, it is more about understanding humans. Despite the sterotype that geeks have for being socially incompetent, to be a truly good hacker using social engineering, you have to be good socially. Maybe not great, but pretty good. And, you need to know the right language and the right people to communicate with. Mitnik does a great job with this stuff and I am really enjoying the book. (However, I'm not so sure his tactics will work as well as they did a few years ago.)

Here are some pretty good resources for learning more about social engineering:

Social Engineering: What is it, why is so little said about it and what can be done?

Social Engineering Fundamentals, Part I: Hacker Tactics

Social Engineering: The Human Side Of Hacking

Look at Western Digital now, though. Their reputation has been buffed to a shine, and the newer ones still fetch a good price on the open market. Let's just hope Fujitsu learns from their mistakes (if any have been made).

If you remember back in September 1999 they announced the biggest purchase yet of linux stations for Retail. This event is on the LinuxTimeline

This and the telia win in Sweden was one of the first major linux wins. Anyone knows how the latter is doing? From the Datamation article article.

"We (Burlington)have been very aggressive about moving toward Linux, mostly on small servers or combination server/desktops," says Prince. "The stores all use Linux."

It looks to be *identical* to the Dell Inspiron 5000e that I'm typing this on. Some pics of the Dell. Funny how companies do that sort of thing...

Here is a link to an article that says how winnebago successfully used bynari on IBM mainframes as an exchange substitute.

This guy is a troll!!

In his article The Myth of Open Source Security Revisited v2.0 he doesen't even mention that he works for Microsoft. This conflict of interest should not be left un noticed. Here is the blurb where he attemps to pass himslef off a security expert mainly by mentioning his track record on Slashdot.

About the Author
Dare Obasanjo is a recent graduate of the Georgia Institute of Technology, with a degree with honors in computer science. (This article was written there.) The author is a vigorous participant in discussion forums such as Slashdot, Kuro5hin, and Advogato, on various aspects of software development. He has written numerous articles on the subject. /I.

Don't you realize, this is the best business model of all? But of course, now that the nerds, geeks and generally intelligent people are widely blaming microsoft they want to quickly sidestep widespread scrutiny by (you guessed it) telling us security is their highest priority.

As someone who's actually inside the Borg cube I can tell you that security is currently our highest priority. Thousands of people across various product teams have attended security lectures, new development has been stopped, old code and new code has been stringently reviewed, an emphasis on secure defaults is beginning to occur, and new functionality is designed with security in mind before all else.

Of course some people will complain about why this has taken so long while others will probably say "better late than never" but either way it should be noted that a code review/security audit on this scale is probably unprecedented in software development history. Some may chime in about how Open Source is supposedly a constant large scale code review but I've previously written on the fallacy of this kind of thinking.

Now on to counter the main claims of your post that releasing software with security issues is a good business model. This may have been true in an un-networked world where the most a compromise could do was allow another user on your system perform some mischief but in a world where some kid in Asia can tie up mail servers on most of the planet by using a GUI virus toolkit, security becomes very important. Unfortunately across the entire software development spectrum from *NIX to Windows, from Open Source to proprietary we as developers are failing and clinging to panaceas and silver bullets (Open Source - the with many all bugs are shallow myth, safe programming languages, just use crypto, etc) when in truth there is more to security than just applying a buzzword technology or software development style. I outlined some of the practices and techniques that lead to more secure software in my The Myth of Open Source Security Revisited v2.0 article. Having done some more research into security issues I should probably do a followup article and focus on other fallacies and problems which lead to complacency in software development and from there insecure software.

Disclaimer: This post is my opinion and does not reflect the opinions, intentions, strategies or plans of my employer.

mozilla, if you are using it, has by-site image blocking, which can cut down on bloat a lot. I don't use it much, on a school-provided (LAN) line, but on dialup from home it's great.

Preferences >> Privacy and Security>> Images

let's you configure stuff like when to load an image, Site image permissions, ask before downloading images, and accept images from original site only.

on another note, it's great for blocking ad's, but i only visit sites i like and I do read their ads.

PS- if you know that a site blows and you never want to go there, find "/etc/hosts" on your machine (yes even windows) and play with it some. This page might help. Set all the lousy hosts (like if you wanted to block all of ebay.com, "*.ebay.com") to a particular IP, like 127.0.0.1 which is local host.

The article originally appeared here last week. Sheesh. Don't pretend it's an original Slashdot article if it's not.

184 square mm die size (prior to Athlon 800)

102 square mm die size (Athlon 800) ... source

Note that this article also states that: Intel has also incorporated a substantial amount of redundant circuitry in the processor, Krewell said. Chipmakers often use redundant circuitry to boost yields. Sometimes, circuits come out scrambled on a finished chip. If the manufacturer has put in two sets of the same circuits, the chip will function properly because it can use the second set.

You could have a dual Pentium machine and not even know it :)

I guess this redundancy is why the chip has gone up 10% in size in the last couple of months ... (see this article) which quotes: One of the reasons for McKinley's bigger price tag, Krewell said, is that it will cover nearly 440 square millimeters in area--or more than twice that of the Pentium 4.

Additional articles related to this topic:

SecurityFocus home news: Will Microsoft's Trustworthy Computing Sell?
Gates: Security is top priority - Tech News - CNET.com
Earthweb IT Management: Security Guard: Is Bill Gates Sincere About Security?

TELNET SESSION?!??!!!

Have you been hacked or sniffed lately?

You might be lucky that your connection stopped!

--jeff

SOI refers to placing a thin layer of silicon on top of an insulator, such as silicon oxide or glass. The transistors (switches that are used in microprocessors) are then built on top of this thin layer of SOI. The basic idea is that the SOI layer reduces the capacitance of the switch, so it operates faster.

IBM has built and tested SOI-based chips that have 20-35 percent (frequency) performance gain or 2-3X lower power at the same frequency as bulk CMOS technology. This is equivalent to about two years of progress in bulk CMOS technology.

The ultimate goal is to use SOI as the substrate for mainstream CMOS technology used in the manufacturing of microprocessor chips that power computers and other emerging electronic devices.

This is a really important debate right now, and there are no good answers. The debate comes down to how much do we need to do to the Web as we have it today to be able to create an environment where programs can be as interoperable as web browsers and servers are today?

There are growing criticisms of the consensus vision of web services -- http / SOAP / WSDL / UDDI -- largely on the grounds that its complexity is un-web-like, and that there are uninvented and possibly uninventable layers required above UDDI for any two arbitrary applications to be able to find each other in the dark.

Dave Winer of Userland, inventor of XML-RPC and co-designer of the SOAP spec, advocates an embrace of these two protocols by the Open Source movement as a lightweight way to advance the battle for interoperability. (Dave's ideas in many ways answer the Will Open Source Lose the Battle for the Web? article form earlier this month.)

Another group, in line with your "Apache is all we need" idea, has taken Roy Fielding's idea of the REST (REpresentational State Transfer) architecture as a way to extend existing web semantics furhter into the domain of applications. They have started a RESTWiki to expand on those ideas.

This is all a big mess right now, with no obvious clarity coming any time soon, but two things we can be certain of are that experiments with application-to-application traffic is going to increase dramatically in the next 12 months, whatever the framework, and that with MSFT driving this idea as part of .NET, even if a lot of it is hype, it will affect our world a great deal.

-clay

Because they can't outperform Via. Thus... just like their partner, Rambus, counter attack with lawsuit. What a classic. Meanwhile, Via has a very strong case, too.

Some bits here and here at Anandtech, and there is another one at Hardware Central. Then, here and here at Tom's Hardware.

All says: Via Rocks, Intel sucks. I'll leave it to you to judge.

Because they can't outperform Via. Thus... just like their partner, Rambus, counter attack with lawsuit. What a classic. Meanwhile, Via has a very strong case, too.

Some bits here and here at Anandtech, and there is another one at Hardware Central. Then, here and here at Tom's Hardware.

All says: Via Rocks, Intel sucks. I'll leave it to you to judge.