Slashdot Mirror

Forgot to add that the only reason the HD-DVD is of that capacity is because they added a layer, so now they are at 3. The Blu-Ray disk is still the same amount of layers (2). So the overall capacity of the disks is unchanged. Blu-Ray smokes HD-DVD.

Comparing 2 layers to 3 layers and saying it's the same is flat out misinformation. Source

no this is not a standard x86 chipset

http://www.techworld.com/opsys/features/index.cfm? FeatureID=1204

"We managed the cache to increase performance by introducing what we call XL4 server accelerator cache -- the L4 cache in our 445. Now we've removed the need for it because the chipset helps the processor to run faster. It actually reduces latency -- the L3 cache gets in the way of four-way processing.

At design time, there was a maniacal focus on latency reduction. When you can cut the time it takes it gets from one point to the next you can increase performance, so chipset latency has been cut by two and half times -- down from 265 nanoseconds to 108 nanoseconds.

The way we do that is through snoop bus filtering. It looks across to the other bus -- because the system uses two buses, two per CPU -- and the snoop filter does intelligent caching. It can see what's in the other cache without having to send traffic across the FSB to find out. Other chipsets cannot do that and need the L3. And if you don't need L3 cache you shouldn't have to pay the premium to buy it.

We've done nothing different than others could do, we've just been smarter. It's a technique that's been in other IBM server products for a long time -- its taking mainframe-inspired technology and bringing it down to an industry standard server."

• releasing a patch after the report of said vulnerability
• buying an antivirus company
• buying an anti-spyware company

Techworld did a followup on this story here almost a year ago, and mentioned the impact it had on MS*. Is this from the archives?

*(MS is the same thing as M$, for those of you who never read anything but slashdot commments.)

• Air Force notifies over 33 thousand Airmen that their personal information is comprimised
• Serious flaw in CPAINT allows hackers the run malicious code on servers, including Google, MSN, AOL, and more.

• Hackers steal your phones to ring up bills
• New improved spyware tactics that behave like trojans
• Latest court rulings on hackers who use keyloggers
• Huge ID Theft Ring Affects at least 50 banks
  
  

It's basically low powered wifi over a modulated(fm) type signal.

http://www.techworld.com/mobility/features/index.c fm?RSS&FeatureID=1570

If I am wrong then tell me why.

Actually Security updates are exempt! (for now anyway...)

The language Tutorial-D in the article you refer to is yet another language for relational databases! Darwen and Date are critics of SQL implementations; they are NOT critics of the relational database as you imply. They are instead the strongest relational database proponents.

Indeed the relational model is the only model with logically provable underpinnings. In ON DOCUMENT- VS. DATA-BASES Chris Date explains:

Types are things we can talk about. Relations are sets of statements that we can utter about those things. What can you do without the latter? The problem of OO is that they have just types, no relations.

And about "document databases" (this would include HTML & XML):

A document mixes data with layout (presentation). Databases deal with the former, intentionally leaving the latter to applications. Furthermore, the structure of the document is not such that it lends itself to the kind of inferences that are made from databases. What is the atomicity, selectivity, and correctness for a document base?

There is only one complete data model: the relational model.

• A data model is a collection of descriptions of data structures and their contained fields, together with the operations or functions that manipulate them.
• A data model is the structure in which a computer program stores persistent information.
• A method for describing data structures and a set of operations used to manipulate and validate that data
• A data model is a description of the organization of data that is stored in a computer system.
• A description of a specification and representation paradigm for data. (I really like this one personally)
• The logical means of organization of data for use in an information system.

We covered this a week ago at Techworld, from an interview with Joe Bobier, who invented the technology.

There are a couple of interesting things about this. On one level, it's a UWB-like system that promises to do longer distance, by the use of a narrowband licenced channel for a timing signal.

So far, it's only been demonstrated indoors (and that's the basis of its support by Stuart Schwartz, the Princeton professor). The people involved have a history that I am still disecting.

All of which makes me want to wait and see how it works in the proposed wide-area demonstration. Peter Irrelevantly to this discussion, I had a Slashdot post on xMax accepted over the 4 July weekend, that never appeared on Slashdot.

It's a crazy tech, supposedly outside the FCC regulations. More info available here

"Our technology uses a narrowband channel, and places a carrier there for an extremely precise clock in the receiver," says Bobier. "The transmitter also transmits information in side bands, at levels lower than ultra-wideband. We are able to get performance comparable to a wideband licensed trasmission."

The low-power channel it uses can overlap with other users, because it is below the noise floor, creating "dual use" for the radio spectrum, claims Mooers.

More information about "Evil twin": http://www.techworld.com/mobility/features/index.c fm?featureid=1147. Yes, basically it's a man-in-the-middle attack.

You're right that "Wireless fidelity" is cringe-inducing.

What's wrong with "AES encryption standard"? AES (Rijndael) is one of the ciphers you can use with WPA.

> Very few people and companies customize the software or utilize the source code in any way.

According to a study in Western Europe, you (and he) are quite wrong! While one might expect that the zero-dollar price tag would be the big incentive, companies are actually quite willing to pay for software if they think they're getting value for their dollar, and it's the quality and flexibility of Free/Libre/Open Source Software that is the real attraction among those who are actually installing and deploying it.

From the article I linked: "industries that treated software as a commodity were less likely to have open-source deployments." (Emphasis mine.)

I can't speak for your motivations, but I certainly didn't replace the software that came with my computer with a copy of Debian because I wanted to save money! I already had the opaque, insecure, virus-ridden monstrosity known to the world as MS Windows right there! And as for applications, well, I know where to get tons of free Winapps, and have for years and years. No, money was not at all a factor in my decision.

Lufthansa are putting picocells on their aircraft so you will be able to connect to it and pay them a hefty fee to use your own GSM/GPRS enabled cellphone As for you being a mechanic, well, if you tried to establish a position of authority you failed miserably. Phones in the air Mobile phones could soon be following Wi-Fi into the stratosphere. WirelessCabin, an EC-funded consortium led by the German Aerospace Centre with members including Airbus, Siemens and Ericsson, will this summer trial a system that puts a short-range mobile phone "picocell" on board aircraft. Phones transmit to the picocell at very low power, eliminating interference with on-board avionics and terrestrial base stations. WirelessCabin's system is compatible with any infrastructure, so it could be added on to Tenzing or Connexion's offerings; the consortium is planning trials with Lufthansa. http://www.techworld.com/features/index.cfm?featur eID=512&printerfriendly=1 The mobile phone option could prove popular by allowing business travellers to remain available to receive calls, just as they do when roaming on international networks. "That sort of thing could be more usable (on planes) than the Internet, and would be likely to bring in more revenue," says Mark Darby, managing director of Aviation Strategy. "People might want the option to take their calls."

The article states that Linux experienced the strongest growth, leading someone to publish an article entitled "Windows wipes the floor with Linux" where they give their expert opinion that although Linux's growth was triple that of Windows', they can't imagine Linux ever ousting Windows as the leading server, despite that NetCraft thinks Linux took the lead many years ago.

According to an article on Techworld, "More than a third of all packaged software loaded on PCs in the world is now pirated, a new study conducted by analysts IDC for the Business Software Alliance (BSA) has concluded."

Since this has become a KDE/Gnome thread, notice that KDE has SERIOUS security flaws in ALL current implementations!

http://www.techworld.com/security/news/index.cfm?N ewsID=3691

----------
Linux users still at risk from KDE flaw
Patch and patch again.

By Matthew Broersma, Techworld

Linux users who patched their systems for a serious security vulnerability in KDE last month will have to patch once again, due to errors in the original patch, according to the KDE project.

The vulnerability affects kdelibs, specifically an error in the kimgio component when processing PCX image files. Kimgio is used in KHTML-based Web browsers as well as KDE imaging applications such as kpresenter and ksnapshot, meaning that if an image crafted to exploit the flaw were viewed in any of these applications, they could allow an attacker to execute malicious code and take over a system. The flaw affects KDE versions 3.2 to 3.4, according to KDE.

The patches issued last month fixed most of the problems, but still allowed local users to exploit the bug by serving files from the /tmp directory, KDE said in an advisory. They also introduced a new bug, breaking kimgio's compatibility with .rgb images.

The problems will mean a fresh round of patching for Unix-derived systems using KDE, one of the two most popular desktop environments for Unix and Linux. KDE released a new patch fixing the problems with the original patch, and operating system vendors such as Red Hat and Suse have followed suit this week.

Software vendors are under pressure to deliver timely patches, but faulty updates are not unknown as a result, say security experts. Last week, for instance, Microsoft re-released a critical security update - - after it caused networking problems for many users.

Such problems can mean a major headache for system administrators, but they seem to be on the wane, according to Thomas Kristensen, CTO of Danish security firm Secunia. "Generally speaking I'd say that most vendors have improved significantly over the last two years when it comes to quality testing of their security fixes," he said.
----------------

Wow, I guess the 'K' really does stand for 'Krappie'!

(eat that)

fak3r

"However, industry observers have long warned that the browser is more secure partly because of its relatively small user base. As Firefox's profile grows, attackers will increasingly target the browser."

-----Original Message-----
From: Will Dunn
Sent: Wednesday, May 11, 2005 8:47 AM
To: All
Subject: RE: [ISN] Firefox suffers first 'extremely critical' security hole

If you use the built-in update feature in firefox, which is enabled by default (the little up-arrow in the top right corner), there's already a temporary fix being pushed down from the modzev group.

Not to mention, you're still more secure than if you use internet explorer - a search on Secunia returns 49 results for firefox, with 29 of those being for firefox 1.x versus 139 for internet explorer, 80 of which are for 6.x and 19 of which are unpatched.

-----Original Message-----
From: [name removed to protect the ignorant]
Sent: Wednesday, May 11, 2005 8:11 AM
To: All
Subject: FW: [ISN] Firefox suffers first 'extremely critical' security hole

-----Original Message-----
From: isn-bounces@attrition.org [mailto:isn-bounces@attrition.org%5D On Behalf Of InfoSec News
Sent: Tuesday, May 10, 2005 3:18 AM
To: isn@attrition.org
Subject: [ISN] Firefox suffers first 'extremely critical' security hole

http://www.techworld.com/security/news/index.cfm?N ewsID=3619

By Matthew Broersma
Techworld
09 May 2005

Firefox has unpatched "extremely critical" security holes and exploit
code is already circulating on the Net, security researchers have
warned.

The two unpatched flaws in the Mozilla browser could allow an attacker
to take control of your system.

A patch is expected shortly, but in the meantime users can protect
themselves by switching off JavaScript. In addition, the Mozilla
Foundation has now made the flaws effectively impossible to exploit by
changes to the server-side download mechanism on the
update.mozilla.org and addons.mozilla.org sites, according to security
experts.

[.....rest of article.....]

A slightly more scientific survey (slightly) run by IDC (as reported in Techworld) also indicated that price was not the main factor driving businesses to open source. This survey focused on Western Europe, and had a few interesting points, such as: only 25% of the companies surveyed used Linux, but 33% use OSS database products.

One thing I found curious: "industries that treated software as a commodity were less likely to have open-source deployments." Again, a bit backwards from what one might expect. There were also, reportedly, a surprising number of respondents who said that the ability to customize the software was important. This may be related.

Not for long:

Microsoft server crash nearly causes 800-plane pile-up

I didn't read that in the article or press release about Virtual Server 2005 Service Pack 1.

Virtual PC and Virtual Server are two different products. Virtual Server can run on XP, but (a) not as a production machine and (b)it's a pain in the ass on slower systems, and creates more security problems if it's your personal workstation, considering Virtual Server requires IIS be installed on XP. VMWare Workstation is more stable and secure on XP.

This Tech Republic Article:
Understanding the difference between Microsoft Virtual Server 2005 and Virtual PC 2004 lists an overview of the differences. I'd love to see Virtual PC 2005 support Linux and perhaps even Solaris 10, but I doubt it will be added until the end of next year.

Enjoyed my fun little christmas hoax - help me do it for real in 2005! ;-)

You're getting 2GB. And Google have added a raft of new features.

I like this:

Gmail turns 1 today. And we've always loved a good joke. We know we won't reach infinity, but check out what we will do ...

Ah, Google, that endearingly rascally but ultimately inoffensive jokester!

Read the Techworld article. It does give the voting figures. It also says the vote "failed to provide an outright winner". What it also reports is that an Airgo statement gives a strong reason to hope for a merger of the proposals - something in contrast with the UWB deadlock.

In my original Slashdot submission, I believe I wrote "end-game" rather than "end-point", which seems fair. It either got changed or I mis-typed (in which case I apologise) - I can't check which here.

Either way, your accusation is out of line. If you want to beat on someone, beat on Unstrung or PC Magazine.

I'm pretty sure that the numbers will even further increase when Longhorn comes out with a working Digital Restrictions Management.

Is that even really an issue anymore?

Here it says "the software maker stressed that Longhorn will work regardless of whether the Next Generation Secure Computing Base (NGSCB) is enabled."

Also
Has Microsoft killed off its secure computing architecture?

Perhaps someone who knows more about this than I do can comment.

is full of horsesh!t,

this is exactly what makes Linux so great, you can install & run Linux on anything from imbedded devices as small as wristwatchs & PDAs to IBMs Big Blue, Linux can scale just fine if Big Blue can run it..

http://www.forbes.com/home/enterprisetech/2005/03/ 15/cz_dl_0315linux.html

http://www.techworld.com/opsys/news/index.cfm?News ID=3295

and secureing Linux is not a problem...

http://www.techworld.com/opsys/features/index.cfm? fuseaction=displayfeatures&featureid=467&page=1&pa gepos=0

"Google's architecture is home-grown. Its PC servers are supplied by two specialist server builders. There is no great case study material here for Sun or IBM or HP, none whatsoever. The only well-known supplier is Red Hat for Linux, and much of its distribution is discarded as not needed." ...i know...i know......i need to register

There have been reports http://www.techworld.com/mobility/features/index.c fm?featureid=1178of Exxon's Speedpass being exploited by John's Hopkins http://www.rfidanalysis.org/ . I'd have to agree that this sin't ready for prime time.

Techworld has hilariously biased coverage of this:

"Apple shames itself again over security: Critical hole in Mac OS X patched three months late."

And it's interesting to look at Secunia's site (Secunia being the source of a lot of recent Microsoft apologism and Apple-bashing):

Macintosh OS X issues

Windows XP Professional Issues

(Microsoft is "Vendor 1" in their database, you'll be pleased and amused to learn.)

I'm guessing Secunia likes to drum up publicity for itself by making press releases that run counter to the general wisdom, but their conclusions and announcements don't actually match their data.

E.g. on the Windows XP page, they show a pie graph that states XP Pro as having 0% (out of 67) severe issues, but then list several severe issues immediately below, one of which ("Windows Explorer / Internet Explorer Long Share Name Buffer Overflow") has not been patched (by their reckoning) in nine months. Maybe their Excel graphing skills are lacking...

The only mention of ActiveX states that Microsoft has fixed a problem whereby web pages can install arbitrary ActiveX plugins. As far as I know, it simply requires the user to click the "OK" button, which they're quite likely to do, given that they may well have to click it for legitimate reasons in the course of their daily job.

Linky: http://www.techworld.com/applications/news/index.c fm?NewsID=3179
Foiled ;)

From the Techworld article:
Polish MEP and former prime minister Jerzy Buzek called the group leaders' move to request a restart of the legal process a "very good decision". He called for a real debate to start about the patents directive but stressed that the EU should set a limit of one year for agreeing to legislation on patents because Europe needs the rules to help foster innovation.

So maybe we can actually see some closure on this issue in 2006 :)

Every year, Microsoft has made this claim (read more at Techworld). Usually after a major Windows security issue, or a big PR campaign about security.

This year's one is not as good as last year's classic, Days of Risk.

Every year, Microsoft has made this claim (read more at Techworld). Usually after a major Windows security issue, or a big PR campaign about security.

This year's one is not as good as last year's classic, Days of Risk.

q: as windows based solutions are infamous for their lack of long term stability ( Microsoft server crash nearly causes 800-plane pile-up [ . . . ] the servers are timed to shut down after 49.7 days of use in order to prevent a data overload ) and general poor design ( Software glitches leave Navy Smart Ship dead in the water [ . . . ] The Yorktown's Standard Monitoring Control System administrator entered zero into the data field for the Remote Data Base Manager program. That caused the database to overflow and crash all LAN consoles and miniature remote terminal units ), how do you justify promoting them as superior to unix based solutions which are famous for their long term stability with uptimes measured in months to years, not days?

Instead you could be rebooting until Easter. Such convenience. (-:

Ladies and gentlemen of the jury, do we have a case of complying with the letter of the law but crapping on the spirit of the law?

Europe's ministers are planning to push ahead with controversial patent legislation despite a vote on Wednesday by MEPs to restart the process. The decision will set the two decision-making bodies of the EU at loggerheads.

The original news

Clickable link Unfortunately, the restart isn't a reality yet...

There are many security issues in OS-X, however why would spyware and virus writers care about 1%.

A simple search reveals one such study.

What are you holed up? Or do you just get your information from Slashdot which only reports on negative Microsoft stories and positive everything else.

But I'll give you some links to show there is more to life then reading 2-3 day old stories where the submitter spins reality to show their ignorance as is the case with this story:

Mac OS X holes

Linux Security Patches

Microsoft Patches

All recent patches/holes and all came out about the same time. So please don't tell me your shit don't stink every operating system has their flaws it's the nature of software development.

I would rather use loads of desktops, each with a local RAID array.

Zigbee could care less about Bluetooth. It's after a much bigger area (sensors) that Bluetooth doesn't touch.

If Bluetooth dies of its own accord, Zigbee could take up some of the slacek according to Bob Heile of the Alliance (did I mention my interview with him too many times already?)

Peter Judge
Techworld

Exactly. The IEEE publishes the standard. The Zigbee Alliance publishes a specification which makes sure that products that meet the standard work together (there's usually some grey areas in the standard).

It's a standard, alright. Whether it gets into widespread use is another question (anyone remember OSI?) and that depends on having products quickly.

But it seems like Zigbee is onto this one, with some pretty aggressive plans (interview with the Zigbee chair I mentioned earlier).

Peter Judge
Techworld

Zigbee chips will be available for $5 in the first quarter of 2005, according to Bob Heile of the Zigbee Alliance. I had a long interview with him about Zigbee's prospects. He clearly enjoys his work.

Zigbee will be big in phones, and he reckons it's on target for 5 million units by the end of 2005.

Peter Judge. Techworld

When you install winamp an option to install a component into the machine's MBR may have been chosen in the default full install. This enables a WinAmp [Boot] Agent to load itself before calling the ntldr, thus allowing the machine to be configured to play a MIDI, AU or MP3 stream at the splash while the machine boots. Also, there was a security advisory for WinAmp 5.03, if that has anything to do with it.

Cheers, HTH

Apple has not described these as "highly critical" to my knowledge.

That label has been applied by Secunia, the Danish security company that has, in the past, gotten press for indicating that Windows is secure and OS X isn't, no matter what tests might show.

The browser fixes are potentially significant, but the bulk of the others involve services that aren't even on by default, or things that most users wouldn't deal with.

Sky falling, next 10 miles.

Journalists tend to be ignorant, so a little education can come in useful. Here's my letter to the editor:

Re: Is Linux about to fork?

Dear Kieren McCarthy,

I cannot believe this article:
http://www.techworld.com/opsys/news/index.cfm?News ID=2648&Page=1&pagePos=2

The Linux kernel has historically alternated between stable
(even-numbered) sets: 2.0, 2.2, 2.4, 2.6, and odd-numbered development
sets. For this to be cast as a major disaster now that the next
development kernel is expected to be starting up is extremely odd. If
this is forking, it is forking only in the most pedantic sense, and yet
Paul Krill's article paints this as a major problem. This portrays a
simple lack of understanding of the Linux development process. The
article is therefore more confusing than informative.

Yours sincerely,

The MBOA SIG published its specifications for the physical layer. This means that standardisation is going full-speed ahead despite the deadlock in the IEEE, and there should be a full protocol stack by Christmas. It's covered in Techworld by (ahem) yours truly. And here's the MBOA SIG a href"http://www.multibandofdm.org/press_111004.htm l">press release. Peter Judge http://www.techworld.com/mobility

According to an official statement, Stone has left "to pursue other opportunities". It is rather more likely however that he has become a victim of his own political manoeuvering.

He returned again though when Eric Schmidt stepped down as CEO and was replaced by Jack Messman.

Messman appears to be just as keen to retain his CEO role as Schmidt was however.

Cornett wrote that the $2 million severance package, plus health care, given to Stone "suggests that Mr. Stone was asked to resign." The severance details were unveiled in a filing with the U.S. Securities and Exchange Commission.