Slashdot Mirror

IBM has been saying this for a long time, but I still haven't been able to go to their website and download linux drivers or tools for my thinkpad hardware.

A search on the website for T30 drivers with linux gives only 9 hits. Some of them are XP drivers and the rest are general tools like bios updates, etc.

granted, everything works with generic drivers, but writing a doc to suggest which generic drivers or how to configure, for example, their dual-head video card (nice feature) is the least they could do.

IBM has a good set of guidelines.

http://www-306.ibm.com/ibm/easy/eou_ext.nsf/publis h/561

Copy code, slightly modify, provide for free. Not a term commercial software companies would agree with.

Perhaps you've never heard of IBM, Apple, or RedHat. More likely, you've confused the word "commercial" with "proprietary," especially since using "commercial" and "company in the same sentence is redundant.

The total number of people worldwide who would even know what that sentence means, much less be interested in doing it themselves, is so small as to round down to zero.

Of course but then the same applies to Linux, Java and almost every other technology discussed on slashdot. The % of people worldwide who understand the above vs the available population will always round down to 0.

Sadly this truism doesn't actually help your point does it.

OpenOffice XML file formats are the basis of the OASIS XML Office document format So?

http://en.wikipedia.org/wiki/Open_Office_XML
http://www-106.ibm.com/developerworks/xml/library/ x-think15/
http://www-106.ibm.com/developerworks/xml/library/ x-matters33/

Lets hope these references help !!

LOL. Just making up statistics isn't going to get you anywhere.

Gartner, IDC and Bloor research have all concluded that Openoffice/StarOffice currently occupies 2and place in the Office Suite market behind MS-Office they all also conclude that OO/SO is the most complete competitior to MS-Office.

The total number of people worldwide who would even know what that sentence means, much less be interested in doing it themselves, is so small as to round down to zero.

Of course but then the same applies to Linux, Java and almost every other technology discussed on slashdot. The % of people worldwide who understand the above vs the available population will always round down to 0.

Sadly this truism doesn't actually help your point does it.

OpenOffice XML file formats are the basis of the OASIS XML Office document format So?

http://en.wikipedia.org/wiki/Open_Office_XML
http://www-106.ibm.com/developerworks/xml/library/ x-think15/
http://www-106.ibm.com/developerworks/xml/library/ x-matters33/

Lets hope these references help !!

LOL. Just making up statistics isn't going to get you anywhere.

Gartner, IDC and Bloor research have all concluded that Openoffice/StarOffice currently occupies 2and place in the Office Suite market behind MS-Office they all also conclude that OO/SO is the most complete competitior to MS-Office.

2. Quantum entanglement communication. It's a high end research idea which they aren't sure if can ever be realized.
Not quite. Through the use of quantum teleportation, scientists are currently able to transport beams of light over several feet. This is partially due to quantum entanglement. If you used this to send morse code signals, you've got quantum entanglement communication... or, more seriously, you could use it to transmit data.

You'll need a chassis for that blade, of course. Luckily, they're half-off through the end of March. Buy the entry model and get change back from your $1000 bill. Oh, and you'll want a rack to put the chassis in. But at $1489 for the rack, check the local surplus store first. And while you there pick up a display, mouse and keyboard.

You'll need a chassis for that blade, of course. Luckily, they're half-off through the end of March. Buy the entry model and get change back from your $1000 bill. Oh, and you'll want a rack to put the chassis in. But at $1489 for the rack, check the local surplus store first. And while you there pick up a display, mouse and keyboard.

Well, the info is right here for quantity 1, and there a button that says "Configure and order a JS20," so if you're willing to order a few thousand of them (they're about $4K/ea with 2.5G RAM), you can build your own.

Actually, that's a reasonable price, considering it's IBM, who aren't usually considered a bargain brand.

Well, assuming they're loaded up, they're running 4GB/blade = 9.182 TB. The power blades support up to 4 GB of RAM apiece.

Actually, there aren't any memory specs on the article, neither on the top500 summary. On IBM page http://www-1.ibm.com/servers/eserver/bladecenter/j s20/more_info.html here we see that those machines are up to 4GB of RAM. Maybe memory was too expensive and they are running with the enough to boot on? :)

Except that rather than taking 15 seconds to compute a digest, even an imperfect Python implementation will compute over 150,000 digests per second. Which means that 2^32 digests can be computed in under 8 hours, with just a desktop PC.

Feel better now? If I really got mixed up, and was wrong about the size, then just multiply all the listed times by 2^32, and wake me in 8 trillion AD.

Luckily your math was wrong and SHA-1 is a 160-bit cipher. But this is still not particularly good news.

Uhhh... Lotus Notes has sametime messaging which is built into Notes 6.5 upwards. There's also something similar in Lotus Workplace

I've heard too much about Extreme Programming stifling and frustrating good developers to want to use it with a "kick ass team", and I have yet to see a client able to field a Customer Representative that can do what XP demands of them. I would consider it if I had a large inexperienced team, or a team already used to XP. I'd especially consider it if I had a client who couldn't be nailed down on a project scope, and who could be thus tricked into not nailing me down on what gets delivered by the deadline.

Most of the time in my experience (both in and out of software) a project manager is handed the scope, manpower, budget and deadline, already decided by pointy haired people, and told "make it so". I really can't see how this can be done with any confidence with XP.

I'm less familiar with "Rational Unified Process", but a quick glance looks more makes it look more like expensive and flexible project management software than methodology for managing anything. Software can be a useful tool, but it cannot be the management itself.

RunTime: Context switching, Part 1
High-performance programming techniques on Linux and Windows

RunTime: Context switching, Part 2
High-performance programming techniques on Linux and Windows

COMPARISON BETWEEN QNX RTOS V6.1, VXWORKS AE 1.1 AND WINDOWS CE .NET
PDF DOCUMENT

RunTime: Context switching, Part 1
High-performance programming techniques on Linux and Windows

RunTime: Context switching, Part 2
High-performance programming techniques on Linux and Windows

COMPARISON BETWEEN QNX RTOS V6.1, VXWORKS AE 1.1 AND WINDOWS CE .NET
PDF DOCUMENT

You might start with the IBM ES/9000 series, which was the last of the ECL mainframes. See Fault-tolerance design of the IBM Enterprise System/9000 Type 9021 processors. Later systems were based on CMOS microprocessor technology. See here for an issue of the IBM Journal of R & D devoted to the IBM S/390 Server G5/G6 systems. Automated failure analysis has been an important feature of IBM's large systems for many years. IBM has a great amount of information on their web sites.

You might start with the IBM ES/9000 series, which was the last of the ECL mainframes. See Fault-tolerance design of the IBM Enterprise System/9000 Type 9021 processors. Later systems were based on CMOS microprocessor technology. See here for an issue of the IBM Journal of R & D devoted to the IBM S/390 Server G5/G6 systems. Automated failure analysis has been an important feature of IBM's large systems for many years. IBM has a great amount of information on their web sites.

True, true. However, when combined with a source of entropy, you can get a nice bell shape. Typical pure pseudo algorithms are seeded with a clock value. Instead, what we can do is seed a good pseudo generator with our entropal value once we have enough entropy bits. We then take the first number that the pseudo generator returns, and start over when we have enough entropy bits again.

(c) Who says that getting a gaussian distribution satisfies each and every possible criterion for randomness? Maybe it is good enough for you, but I'm not that easily convinced. Perhaps you should spend some time thinking/reading what "random" means

Let's not have a peeing contest about who has read more about the subject. I've read plenty. Yes, I know that a gaussian distro is not the only criteria for evaluation of randomness. However, you seemed to be laboring under the impression that a chip can only produce random numbers with a pseudo-RNG. I'm giving you information that apparently you were unaware of. There are sources of entropy even on a deterministic machine. Examples include interrupt timings, and IO timings. In linux, these numbers can be found at /dev/random. Read about it here:. If you accuse everyone who tries to educate you an idiot, people are going to be a bit shy of helping you. How about you learn something instead?

before rushing to post you comments i warmly recommed you to complete your reading of the mentioned article

and in particular, please pay your attention to

Listing 17. Equivalent Linux sample code Process 1

and after that i might consider to discuss the issue with you.

-M

Per-cpu licensing has been around a long time, and has been a retarded idea a long time. Hopefully, this will spell the death-knell for per-cpu licensing.

Licensing should be per-computer. Or possibly per-user in some cases. The number of cpus/cores in your computer shouldn't drive up the cost of the license.

Oracle, MS, et. al were able to get away with per-cpu licensing as long as the only really multi-cpu machines were corporate 'big-iron' that had 8 processors. But now that cpu makers are trying to shove multiple cores into the cpu, and multi-cpu systems are gradually becoming more mainstream, it's not gonna wash. Home users will never agree to pay microsoft $1200 for licensing an 8-cpu copy of windows for their 8-core computer.

Granted, the immediate thing in question, Oracle, isn't a home-user situation, but even companies are going to get fed up with it. If Oracle gets too greedy, companies may just choose from among a few other alternatives. And if they are really smart, and as long as it can do what they need, they might choose a free software database, like PostgreSQL or the ever-popular-on-slashdot MySQL.

Parallelize Linux system services to improve boot speed

I dont even think that you could argue that the poster implicitly tried to pass of the summary as his own work. Slashdot summaries of single articles generally dont add anything new (and frequently get it wrong). It is an abstract of the article. Since a well written introduction should itself be an abstract of the rest of the article, what makes a better abstract then a polished intro?

The problem is one of attribution. By using the phrase, "Donna writes," Slashdot is attributing the written summary to her. She obviously made some attempt at not copying the abstract verbatim, but it was half-assed and wouldn't stand up to scrutiny. Compare that with this article summary:

Saint Aardvark writes "Here's a page on the fun you can have with a remote control Abrams tank and a wireless video camera. "I really wanted a way to look for under house leaks and stuff and, in the manner of a responsible home owner, get early warning so I could increase the effectiveness of... Ok, that's a lie. In reality, I wanted an excuse to put a camera on my R/C tank and drive it around scary tunnels, and this just happened to fit my purposes perfectly." Movies included!"

The second article in a series on migrating Linux from x86 to PowerPC has been posted on IBM developerWorks. "This installment of "Migrating from x86 to PowerPC" discusses detailed similarities and differences between booting Linux on an x86-based platform (typically a PC-compatible SBC) and a custom embedded platform based around PowerPC, ARM, and others. It discusses suggested hardware and software designs and highlights the tradeoffs of each. It also describes important design pitfalls and best practices."

I dont even think that you could argue that the poster implicitly tried to pass of the summary as his own work. Slashdot summaries of single articles generally dont add anything new (and frequently get it wrong). It is an abstract of the article. Since a well written introduction should itself be an abstract of the rest of the article, what makes a better abstract then a polished intro?

The problem is one of attribution. By using the phrase, "Donna writes," Slashdot is attributing the written summary to her. She obviously made some attempt at not copying the abstract verbatim, but it was half-assed and wouldn't stand up to scrutiny. Compare that with this article summary:

Saint Aardvark writes "Here's a page on the fun you can have with a remote control Abrams tank and a wireless video camera. "I really wanted a way to look for under house leaks and stuff and, in the manner of a responsible home owner, get early warning so I could increase the effectiveness of... Ok, that's a lie. In reality, I wanted an excuse to put a camera on my R/C tank and drive it around scary tunnels, and this just happened to fit my purposes perfectly." Movies included!"

The second article in a series on migrating Linux from x86 to PowerPC has been posted on IBM developerWorks. "This installment of "Migrating from x86 to PowerPC" discusses detailed similarities and differences between booting Linux on an x86-based platform (typically a PC-compatible SBC) and a custom embedded platform based around PowerPC, ARM, and others. It discusses suggested hardware and software designs and highlights the tradeoffs of each. It also describes important design pitfalls and best practices."

Really? That might surprise IBM . Guess they better stop selling them then...
And if by likes you mean designed and fabbed the 970 for Apple at their request then yes they likes it fine. And while you think it hasn't taken over the world the core design is going to be used in (to varying degrees) in all 3 next gen gaming systems. Since IBM is simply actiing as chip fabricator that ain't bad for them at all. (How many millions of units is that in year 1?)

IBM has Power server line (current performance champ) which is where their real interest lies and they currently have chip fab market mindshare bringing the vast majority of chip fab innovations (copper, SOI, etc) to market first and best and they're willing to work with AMD, Sony, Toshiba or whoever to bring their PowerPC to market in whatever form you might want it in.

It's not taking over the world but they'll settle for getting PPC into as many non-desktop spaces as possible. And IF Apple's OSX work and their Linux efforts happen to make inroads into the desktop space - especially as they push from the top down with Power server pressure - then that's all gravy for them.

=tkk

I use this keyboard instead of a keyboard and mouse. The nub is at the center of the home row and the mouse buttons right underneath the space bar.

As I recall, Lou Gerstner didn't much tech experience prior to IBM, and he's widely credited with saving IBM in the 90's.

http://www.ibm.com/lvg/bio.phtml

An IBM 7094 sang "Daisy" in 1961. Google.

And the Theremin was patented in 1929. Wiki.

Read about IBM's Websphere MQ:

http://www-306.ibm.com/software/integration/wmq/

XLC is actually available for MacOS/X.

It works relatively well but I've found the XLC code to be less reliable than the FSF GCC one (i.e more compiler-related bugs). The code it produces is not very much better than the one produced by Apple's GCC. Apple's GCC also has reliability problems.

You mean, apologies to Pete Seebach, who wrote the original article on disappearing cycles??!?

Why wait?

They zoomed in on this press photo of an engineer holding a die.

While we're doing Cranky User columns, I wrote about this long ago:

Pigeonholed!

I even used Dell as an example (either here or in the book I'm working on) of a company I won't buy from because I don't like being asked to pick a customer type before I can buy products.

VINDICATED!

Say whatever you want to about the article, the author's HOT.

I wonder what the "p" stands for... Patricia? Petunia?

m-

p.s. yes, yes i know. it's a joke. laugh.

You mispelled IBM.

The designers and implementers of IDNA knew this. I implemented IDNA in ICU and ICU4J. Please see the demo [oss.software.ibm.com]. This demonstrates a way to alert the users of possible spoofing.

Next thing you've got to look at is processor cache. It's expensive anywhere you put it, so most low-end Intel processors have around 1 to 2 megabytes of it. A 30 grand OpenPower machine is likely to have double or triple that (he said not knowing).

To run Intel Linux / Windows on i5 (ex AS400/iseries) you need to purpose either card with intel cpu/memory (like blade) or special kit which can be used to connect i5 box to the intel (xseries) server. The main benefit of running intel apps on i5 is single-level storage.
Anyway it is a great box - i'm happy having one near my desk for two weeks. It is black, heavy, and rather quiet (for server) :)

The system running the Intel Linux and Windows is an i5 520, that's not the same system as an OpenPower 710. iSeries servers have optional integrated Intel servers http://www-1.ibm.com/servers/eserver/iseries/integ ratedxseries/

While you're patching your lovely Windows box and doing the reboot parade, why not switch over to your Mac Mini and catch up on some Ruby tutorials? =)

IBM still has OS/2 to push, but Microsoft pushed Windows 3.0 for $$ reasons rather than technical ones. If there had been no protected mode applications on Windows 3.0, Microsoft probably would have just trumpeted that as a feature. The US DOJ vs Microsoft antitrust trial "Findings of Fact", based on some very compelling testimony by IBM executive, revealed for all time that the only reason that IBM backed away from OS/2 was due to pressure from Microsoft. Here are some relevant quotes:

These are from the section on IBM under 'The Similar Experiences of Other Firms in Dealing with Microsoft.' Here's some quotes:

"Of course, accepting the terms would have required IBM, as a practical matter, to abandon its own operating system, OS/2."

"The message was clear: IBM could resolve the impasse ostensibly blocking the issuance of a Windows 95 license -- the royalties audit -- by de-emphasizing those products of its own that competed with Microsoft and instead promoting Microsoft's products."

"In sum, from 1994 to 1997 Microsoft consistently pressured IBM to reduce its support for software products that competed with Microsoft's offerings, and it used its monopoly power in the market for Intel-compatible PC operating systems to punish IBM for its refusal to cooperate."

These were not opinions but were the conclusions of the court that were reached after all of the evidence was evaluated at trial. There were also findings on the application barrier to entry that prevented a non-Windows OS from gaining significant market share.

The result of the M$ vs IBM battle over OS/2 was probably a secret agreement that was likely similar in its effects on competition to the agreement that Sun recently reached with Microsoft. You can even hear Lou Gerstner, IBM's CEO at the time, describing his decision to stop fighting with Micosoft over OS/2 back in the mid-90s in this zipped up mp3.

no, not the gummint, maybe your boss though. The easiest-to-find example that is ready to deploy, comes, surprise, surprise, from that blue company and is described as a service that the sysadmin but maybe not the user would be aware of. Now suppose a company was having problems due to its employees using IE and bringing down spyware infections or such like problems. The management might just stick one of those engines in the pipeline and configure the sig.nefarious file any way they please to keep users from doing what the company doesn't want done. Yes, it would mean that an unauthorized user hitting xxx sites would set off alarms but the other side of the coin is that a list of just what sites your boss wants you [not the unauthorized user] to stay away from. Its a bit more intrusive than domain blocking and not very far from maintaining per-user lists of whats naughty and whats nice.

Is it right for you? I have no idea, but I know someone who can advise you :)

This means that the entire security of the boot process hangs on whatever data the CPU feels like sending to the chip for hashing. I could as well make a patch for GRUB that sends the "secure" version of GRUB down the SMbus and actually executes whatever nastiness I have in store.

That's a clever idea, but it doesn't work. The secret is that the trusted boot process uses a concept of "trust extension". We start off with the BIOS. That takes a hash of itself and sends it to the TPM. Then the BIOS will load and run the boot loader. But - and here is the key - before running GRUB, the BIOS take a hash of GRUB and sends it to the TPM. Then it runs GRUB.

The next step is that GRUB - or at least the TPM enabled version, performs a similar process for the OS kernel. It first takes a hash of the kernel and sends it to the TPM; then it runs the kernel. And the kernel can repeat the process with the various startup scripts and other programs that loads, a la tcgLinux or the Enforcer.

The key point is that before each component is loaded, it is "measured" (i.e. its hash is reported to the TPM). So you can create a bogus GRUB or a bad kernel, but this fact will show up in the TPM's configuration registers because your bad component got its hash reported before it ran.

The one exception is the BIOS, but TPM systems are supposed to have restricted BIOS flash capabilities so you can't re-flash the part of the BIOS which does the initial hash of itself. This is part of what they call the Core Root of Trust for Measurement (CRTM) and it is supposed to be inviolable.

Since the source is available for Linux, what would stop someone from sandboxing 'trusted' software by having the OS validate code before it's executed (slow, though a bit faster than emulation and without all the bugs), and then implenting the DRM hardware (or BIOS) instructions in software in a way that stores the keys (or plaintext information, if that is not doable) and allows access to any software to get the info.

This is one of the most commonly asked questions about the TPM. The answer is that the TPM implements what is called a "secure boot" sequence.

The first thing that happens in a TPM enabled computer is that the BIOS, on startup time, sends a hash of itself to the TPM. Then, when the BIOS goes to load the OS, it sends a hash of the boot loader (grub, in the case of Linux) to the TPM. The boot loader will be modified (see the Trusted Grub project) to take a hash of the OS kernel and send that to the TPM. And the OS itself will be modified (a la tcgLinux to take a hash of the various OS components, startup scripts, and programs as the computer boots.

The net result is that the TPM has a record of what OS was booted and what the software configuration is that is running. This allows it to distinguish between a "real" boot and an emulated one, because in the latter case it sees a hash of the emulator being loaded.

Software which runs in un-emulated mode and uses the TPM features can distinguish that case from when it is running emulated. If it locked some data using the TPM in the first mode, it won't be accessible in the second mode.

Once remote attestation is possible, networked applications will be able to report their software configuration to each other. This will be unforgeable because the TPM will sign an attestation of the software configuration, and the TPM itself will have a certificate from the manufacturer attesting that it is a legit TPM. Your emulator will not have a certified TPM key (those stay on the chip) and so it won't be able to come up with a credible forged attestation. Programs running on emulators won't be able to take part in network security applications that use these features.

The "trusted" boot functions provide the ability to store in Platform Configuration Registers (PCR), hashes of configuration information throughout the boot sequence. Once booted, data (such as symmetric keys for encrypted files) can be "sealed" under a PCR. The sealed data can only be unsealed if the PCR has the same value as at the time of sealing. Thus, if an attempt is made to boot an alternative system, or a virus has backdoored the operating system, the PCR value will not match, and the unseal will fail, thus protecting the data.

At the very least, that sounds like "bye-bye multi-boot systems".

IBM also has a rebuttal to TCPA's detractors [PDF]. This one talks more about how the TCPA chip as currently designed "not been designed to resist local hardware attack, such as power analysis, RF analysis, or timing analysis." That's all well and good for the moment, and while the chip is (per the PDF) mounted on a presumably-removeable daughterboard, but how about the future? Is this how TCPA will stay, or is it the beginning of our worst fears??

At least these two whitepapers agree with most of us here on one thing -- DRM itself is stupid, for a variety of reasons.

The "trusted" boot functions provide the ability to store in Platform Configuration Registers (PCR), hashes of configuration information throughout the boot sequence. Once booted, data (such as symmetric keys for encrypted files) can be "sealed" under a PCR. The sealed data can only be unsealed if the PCR has the same value as at the time of sealing. Thus, if an attempt is made to boot an alternative system, or a virus has backdoored the operating system, the PCR value will not match, and the unseal will fail, thus protecting the data.

At the very least, that sounds like "bye-bye multi-boot systems".

IBM also has a rebuttal to TCPA's detractors [PDF]. This one talks more about how the TCPA chip as currently designed "not been designed to resist local hardware attack, such as power analysis, RF analysis, or timing analysis." That's all well and good for the moment, and while the chip is (per the PDF) mounted on a presumably-removeable daughterboard, but how about the future? Is this how TCPA will stay, or is it the beginning of our worst fears??

At least these two whitepapers agree with most of us here on one thing -- DRM itself is stupid, for a variety of reasons.

Trusted Computing Group (TCG) technology makes sense in the context of Linux. Microsoft refuses to implement it. They had their own conception, which was Palladium, then NGSCB, then was dropped. So if TCG is going to go forward at all, it has to be with Linux.

It's kind of ironic, because Ross Anderson's lying Anti-TCPA FAQ tries to claim that TC exists to kill Linux. And yet it is turning out that Linux is the salvation of Trusted Computing.

There are a number of research projects in TC on Linux, including TPM Device Driver, Trusted GRUB and Secure GUI, tcgLinux, TCPA Open Source Platforms, Enforcer, and more. All Linux based.

Don't believe the FUD about TC. When implemented in Linux using Open Source software, TC gives you new options for securing and expanding the capabilities of your computer.

Trusted Computing Group (TCG) technology makes sense in the context of Linux. Microsoft refuses to implement it. They had their own conception, which was Palladium, then NGSCB, then was dropped. So if TCG is going to go forward at all, it has to be with Linux.

It's kind of ironic, because Ross Anderson's lying Anti-TCPA FAQ tries to claim that TC exists to kill Linux. And yet it is turning out that Linux is the salvation of Trusted Computing.

There are a number of research projects in TC on Linux, including TPM Device Driver, Trusted GRUB and Secure GUI, tcgLinux, TCPA Open Source Platforms, Enforcer, and more. All Linux based.

Don't believe the FUD about TC. When implemented in Linux using Open Source software, TC gives you new options for securing and expanding the capabilities of your computer.