Slashdot Mirror

Here's something that Montavista has contributed to the Linux kernel - PRAMFS. A quote (emphasis mine):

Many embedded systems have a block of non-volatile RAM seperate from normal system memory, i.e. of which the kernel maintains no memory page descriptors. For such systems it would be beneficial to mount a fast read/write filesystem over this "I/O memory", for storing frequently accessed data that must survive system reboots and power cycles. An example usage might be system logs under /var/log, or a user address book in a cell phone or PDA.

[...]

2. If the backing-store RAM is comparable in access speed to system memory, there's really no point in caching the file I/O data in the page cache. Better to move file data directly between the user buffers and the backing store RAM, i.e. use direct I/O.

They've described that they want to use this stuff in a cell phone or PDA, yet have described an NVRAM technology that does not exist (as fast as system memory?). Methinks that they're working with Intel on some new fangled NVRAM, (hint, look for Ovonic). Samsung appears to be working with PRAM as well.

So this MontaVista file system is a PRAM-File System, maybe...

Wouldn't be surprised if he can add an age discrimination suit in to boot. 63 is pretty old for a programmer and he was 2 years from retirement and getting on Medicare. I wonder if he was screwed out of retirement benefits too.

Not sure if the propensity for age discrimination is as high in civil service as the private sector. In the private sector it would be a near certainty that his age played in to the decision. With the sky rocketing cost of health insurance alone private employers have developed a strong incentive to get rid of older employees, especially those with health problems, and they will use the first convenient excuse available to do it.

It reminds me of the case of Brian Reid, the 54 year old exec at Google who was fired right before the IPO was announced, and was screwed out of millions in stock options, because he didn't fit in Google's "youthful culture". The person firing him was stupid enough to say that.

It kind of sad trend especially in high tech, that you are pretty much used up and expendable when you hit 30, and are certainly done for by 40, unless you've brown nosed your way in to a VP position or start your own company. When you hit 50 or 60, people like this asshat boss are looking for any excuse they can you to ax you and hire someone young and pretty, who is less likely to complain, has no seniority and will work for peanuts.

" The IT industry is just another industry with shares, stockholders, filings, profits and losses. Money is what counts."

Actually the IT industry is different in that it has probably least amount of regulation of any large industry. Your typical pen or lighter has more regulations that apply to it then your code. The product is not regulated, the people who design or produce the product do not have to be licensed or even degreed. The people who implement don't need to be bonded or insured in any way.

All this despite the fact that a simple error by a coder or a network engineer can cause massive damage like shutting down the communications systems of the FAA.

If you ask me the IT industry needs to grow up and be like all other industries. That means making sure the people who write and implement code have proper training and insurance. In short it means being held responsible for your actions like any plumber or doctor would be.

BTW why hasn't anybody sued MS for malpractice yet?

If you want to learn more about future memory technologies which could replace today's SDRAM and flash-memory try searching for "MRAM", "FeRAM" and "PCRAM". The latter is probably the most promising one due to the (expected) ease of design and manufacturing ("Samsung says that it will enter full-scale production with the technology in 2006").

More information about phase-change (->PCRAM) materials can be found at E*PCOS website.

No, it's because even Stanford University has more IP addresses than China. North America has 5% of the worlds population and 70% of the IP address space. Is this fair? See here.

Not all nuclear reactors. I'm afraid China is going to be the one who shows the west how it's done. I guess we'll let China whip us for the next ten years or fifteen years, then adopt what pans out.

Well, assuming we aren't still whining about 'Intellectual Property' and draining our resources fighting 'Rouge Dictators' when they have beaten us in cloning, stem cell treatments, computer science, computer hardware, and space exploration. Energy production almost seems small by comparison.

BT faces fines over local loop unbundling

"In short sir, your entire argument is full of shit. You make a quite poor representitive of the open source community, and as a member of the open source community, I invite you to leave the debates to those who are more qualified to engage in them."
I'll go out back and shoot myself. Will this satisfy you?

Being a little more serious, you say "your entire argument is full of shit." What argument? I said quit whining and point out the flaws in someone else's arguments. I also asked a question (or two). For example,
"Has Microsoft been a "good citizen" or continued using its monopoly on the desktop to bully game developers?"
I do not think there is any need for you to answer (but feel free to do so if you like); the answer is obviously "Microsoft has continued using its monopoly on the desktop to bully game developers (and everyone else)." Of course, it is funny how you argee with me
"How about this: FOSS supporters and Linux fanboys attack Microsoft on it's technical merits rather than on it's business practices?"
at the beginning and then say "your entire argument is full of shit" at the end. I take it that logic and math are not your strong suits?

You write:
"And since you're so ready to tell people how they should complain, how about Linux fanboys carry on some kind of technical discussion about Microsoft and Linux's merits without saying M$, Micro$oft, Microsloth, etc etc etc.
I guess either using MS for Microsoft is objectionable to you or reading is not your strong suit either; I do not see "M$, Micro$oft, Microsloth" or anything else offensive in my post. Are you complaining about some other post which is not even part of this discussion?
If you want to talk about the technical merits of DirectX, be sure to include ALL of them, including the security holes related to DirectX.

Everyone on here seems to be thinking inside the box. Let's leap outside, and see what we can do. Bluetooth headsets for audio are available now (monaural, at least). I wear glasses anyway, so I'd like a Bluetooth video monitor with eye tracking. With fast eye tracking, a small monitor resolution can provide a large visual space.

Then, add a Bluetooth inertial sensor on a finger or several to replace keyboard and mouse, especially if the sensor system provides tactile feedback.

Now the processing system can remain "comfortably" and safely in a pocket, bag, or briefcase, or even strapped on the arm like the "Predator". Shape and other parameters can be freed from the handheld form factor constraints. (It might even include a flexible heatpipe to an external radiator, for hi-pro versions, though that does seem excessive for most users.)

Gratuitous geekjokes:
"Is that a banana in your pocket, or are you just surfing Slashdot?"
"Geeks are like bikers - they both have hot metal between their legs."

[Old SF story, from the 40's or 50's concerned how the very first portable wire-recorder, called Poo-Bah (Gilbert and Sullivan) start out as the first audio note-taker and gradually expanded in capability and power, providing expert advice and eventually getting wired right into the user's brain - and then, via radio links, sharing data and becoming the "Evil Computer Network That Takes Over The World - BWAHAHAHAHA!!" Interesting, this story included all the major concepts of modern mobile tech, some 50 years ago - before magnetic tape. Talk about prior art!!]

The processor and other components could even scream bloody murder if anything is separated too far from its partner components. The screamer's a good idea, which I should patent - every bluetooth component should include the ability to complain audibly, e.g. a piezoelectric tweeter, to help prevent misplacement or theft. Of course headwear will also have to not be too loud when it's attached to the head... This could also be triggered by a bluetooth signal, so when you do misplace it, you can have it squeal [and/or light up, why not?] so you can find it. If someone else patents this, consider this as prior art. Actual implementation, via vibrator, piezo transducer, trad. speaker, etc. is straightforward. Does Bluetooth include a standard command for this, like "alarm" or "findme"?

Isn't that what M$ is calling palladium.

http://news.zdnet.co.uk/software/developer/0,39020 387,39116902,00.htm

M$ in my bios thats all we need.

Similar to the way that H.264 is known by multiple names by submitters and multiple standards bodies (H.264, MPEG-4 AVC, MPEG-4 Part 10), "VC-9" and "VC-1" refer to the same codec.

While there have been many StarOffice (or OpenOffice) "reviews", I don't think any have talked about how transparently you can work with documents,

False. All major reviewers cover that topic.

But a dual-core Itanium with 24 MB of on chip cache is much harder to make than an Opteron with 2 MB of cache. AMD will pass through 10,000 chips/month well ahead of Intel.

Please mod the parent up.

It isn't really WAP that sucks. WAP's biggest problem is that browser support for WAP sucks. If you don't have compliance - or consistant non-compliance - there's no way to create WAP that will work properly for users of more than one network. (Hell, you can't write content for users of more than one PHONE!) Add to the mix slow, buggy servers and a lack of commitment from the consortium participants and you have the mess that WAP is now.

Neither the FA nor the A referenced by the FA says anything about what version of WAP is being used, or whether the WAP being used is compliant or not, just that GPRS is making it easier to serve it. My guess is that Orange and Sony/Ericson are using their own extended versions and are probably tieing the users to WAP served over their own networks. They control the tagset, the server, and the content. What incentive is there for content creators outside of the wireless companies to get involved?

First they say they will 'buy Linux' (i.e. SuSe)

Linux came out of the terminal app linus was developing on his minix system, he didn't build it on top of Minix. Even Tannenbaum, creator of Minix denies this

The best thing is to attack it from both ends, the suppy and the demand. I don't understand some of the "it won't supply 100% of my needs" negativity by some people (not yourself). If someone came and showed me how I could lower my electricity bills by eg 50% then I'd be interested.

nokia admits that some of their phones are vulnerable to bluesnarfing.

Security Focus also has some good information.

or blue stumbler or bluejackQ might interest you.

Marge: "It's on your 'To Do' pile"

Homer: "I have a TO DO pile???"

Microsoft has already said it'll be spending north of seven billion dollars a year on its patent program. It's also beens settling old lawsuits and doing licensing deals like they're going out of fashion.

If you don't have a licensing deal with Microsoft, you won't be able to write software.

That's the gameplan.

This is not a new as you may think. I know that I had been hearing about Netscape 7.2 for at least the last couple of months. Just before the whole "kick IE" glut of articles started to run.

As they say on the TV news, here is that story in full.

this one?

http://news.zdnet.co.uk/software/0,39020381,391479 17,00.htm

Software supplied to run a Russian pipeline was deliberately planned to go haywire, causing the biggest non-nuclear explosion the world had ever seen...

as I recall, this wasn't a case of sabotaging legitimately acquired software for the hell of it. The CIA became aware of the Soviet's intent to steal western technology, including control software for their pipeline project, through an agent recruited by the French.

Reagan was aware of, and approved the plan. The CIA managed to get inside the deal, and instead of stopping the transaction, sabotaged the code so that the pump speeds and valve settings would go haywire after some period of time.

I'm certainly not excusing the sabotage that, while not causing any loss of life, caused immense damage to the Soviet economy. I won't argue wether it was justified... but the US government made it illegal for them to import certain technology. They circumvented this ban, and paid a heavy price.

First: That's not what you said. You said that reverse engineering was only illegal when it was actually used to make infringing copies, not that it simply allows one to do so

The primary purpose, was to make a copy of a DVD. The movie studio lawyers spent a lot of time arguing this point. In fact, it was difficult to use DeCSS without making a copy.

Second: DeCSS is the result of reverse engineering.

Indeed it was. This is not, in itself, the reason it is illegal though.

Incorrect. The charges were dropped with restrictive agreements by Sklyarov and Elcomsoft.

Did zdnet get it wrong then

Not due to the weakness of their case so much as due to the bad publicity of suing a professor (as well as fear that they could lose the case).

They had no case! Not only was it reverse engineered with permission from the creators, it was not actually used for protection of any copyrighted work.

The case is still pending. However the copyright office can say whatever it wants with no effect. It's the court that matters.

Don;t you think the court may consider the copyright office's opinion on the matter as fairly significant?

The fact is, some instances of reverse engineering that would otherwise be legal are illegal under the DMCA.

Well, that is true. I'm sorry if my statements were misleading. Perhaps I was a little too vague in my general statement about where reverse engineering was illegal, but the basic point still stands. Most of the time, it is perfectly legal.

FYI, the Royal Bank of Canada (RBC) is the Canadian investor you're thinking of. They originally bought in for $30 million, while Baystar's stake was $20 million. RBC sold their stake to Baystar for a substantial loss.

Here's a link to a ZDnet article about RBC fleeing the SCO fiasco.

Maybe this is a threat to Google, but I don't think the competitors are far behind. Nat Friedmans Dashboard and Sideboard have been mentioned elsewhere, and it seems like Microsoft is planning a similar application themselves.

Apparently Google is planning local hard drive searches as well, in a pre-emptive move against improved search techologies that will be a part of Windows/Longhorn.

So I guess Blinx won't be left alone for long. However, when it comes to search, the more players the better. Google is well on its way to become the new Microsoft, and I don't think it's in anybodys best interest to get a search monopolist.

CSharpMinor's Recent Submissions
Title Datestamp
Japanese Primary Schools to Tag Students with RFID Sunday July 11, @09:12PM Rejected

Methinks I dislike Michael.

I had more links, to boot.
http://news.zdnet.co.uk/hardware/emergingtech/0,39 020357,39160027,00.htm
http://www.nbr.co.nz/home/column_article.asp?id=95 31&cid=5&cname=Asia+%26+Pacific

I think CNN had a story, too, but I can't find it.

Mainstream? Like Forbes, BusinessWeek , Ziff-Davis (and here and here too), CBS News, USA Today, and most have heard of PC Magazine, plus a lot of papers like The Houston Chronicle, The Detroit News, the Syracuse Post-Standard, The Baltimore Sun, and the St. Louis Post-Standard. I have all those links plus others in a list I just send to people. I keep adding to it as I find more. Usually gets the message across that I'm not making stuff up.

You had me worried for a bit there. No, that was not what I was describing. Nor is this although it is related. It is also a couple of years old.

This appears to be what I was thinking of although it is not my original source. Sorry, can't find it now, it was probably in German anyhow.

I wonder how long it will be before the first worms show up probagating via bluetooth interfaces, turning cellphones into bots sending out mass SMS spam...oh, wait a minute...Why only cell phones, why not as well printers or any other bluetooth device? Next thing you know, your printer starts printing all that pr0n spam!

After all having the most fixes makes you the most secure, right?

Funny.

If you try to google Bagle assembler "source code"

you'll get

Microsoft shares source code with students - ZDNet UK News

MS might be on their way out generally, but they still have plenty of Grima Wormtounge equivalents busily trying to convince people otherwise.

It would be highly interesting how the courts will sort our all the IP obtained through aquisition of employees, technology, etc.
Colorado used to be a hot bed of storage technology but somewhere along the lines the 90s saw a consolidation and only the big guys seem to have a chance to play in the field. Surprisingly many of these companies got much of their talent from IBM Boulder refugees or high tech families in the area typically often related to IBM.

Here is an article from the Boulder paper showing the high tech companies that often get over looked in the area; look at #1,2,4,7, and 12.

It's amazing that in a world where employees in Japan have the balls to sue former employees for shafting them over huge profits -- that American companies actually think that they can totally own an Idea and not share the wealth with the inventor beyond a simple paycheck.

Corporations enjoy an overly indulgent privilage of being treated as a person by the law -- companies can NOT come up with an idea of their own -- humans do.

It will all be tracked down to an employee that came over and used what he/she knew from a former postion or way of doing things. How sad is that for the advancement of science and technology.

Thank goodness dupont didn't patent the use of beakers and tubes in science experiments.

The article says, and I quote:

Meanwhile Linux, noted Russinovich, owes a great deal to the work of Andrew Tanenbaum, who created the Unix-like Minix operating system for educational purposes. Although Linux creator Linux Torvalds readily admits that he based his work on Minix, both he and Tanenbaum refute claims that Torvalds borrowed more than he admitted.

The link to 'readily admits' points to another ZDNet article which says nothing of the kind. I take it that the AdT institute's FUD is spreading rapidly for some reason. People have to understand that just because someone spreads FUD, that does not turn an undisputed fact into a contested issue. Jesus.

I wonder, does Microsoft have a problem getting good employees? I would think that most developers worth their salt would work anywhere rather than for M$.

From an earlier article:

Microsoft says about half of eligible employees have sold their underwater stock options, in the culmination of changes to its compensation methods

...

Employees in the United States who are due to receive less than $20,000 from the program will be paid in one instalment later this month, while those due more money will be paid in two or three instalments over the next three years.

Staggering the payments is designed to increase retention, as employees need to remain with Microsoft to receive the payout.

I would suspect that these folks could *easily* develop a plugin adaptor for MSIE.

Geez, everyone else seems to be able to! ..Can't be that hard... ;o)

--J

My understanding is that Microsoft has patented this technology - so you might have a difficult time finding a version other than that in Outlook...

In every case where there has been a problem with Windows security, it's been AFTER they released a patch for the vulnerability. Every one!

- "Microsoft issued a software patch, MS03-032, on Aug. 20 that was supposed to fix the problem. However, that patch failed to close the hole on Windows machines running Internet Explorer Versions 5.01, 5.5 or 6.0.
On Sept. 8, Microsoft acknowledged problems with the MS03-032 patch and promised to issue a fix as soon as possible. Since that time, no changes have been made to the MS03-032 patch. In the succeeding weeks, hackers moved quickly to take advantage of the company's slow response." ( Computerworld.com )

- "Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.
1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files. ...
2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.
Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access.
Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document.
NOTE: The vulnerabilities are actively being exploited in the wild to install adware on users' systems." ( Secunia )

- "The flaw, which is different from RPC DCOM flaw that spawned the Blaster and Nachi worms, makes Windows XP and 2000 servers vulnerable to denial-of-service attacks because of a multi-threaded race condition that exists. A remote attacker could crash the RPC service simply by sending multiple RPC requests. The vulnerability occurs if two threads process the same request, thereby corrupting memory.
Microsoft still has not released a patch for the flaw, leaving nearly every Windows XP and 2000 system exposed to potential exploits. Microsoft may, however, be preparing an all-encompassing RPC patch that would address this issue and previous flaws surrounding the network service, said Gerhard Eschelbeck, chief technology officer with Qualys Inc., at RSA Conference 2004. RPC is a protocol that one program can use to request a service from another program located elsewhere on a network." - ( searchsecurity.com )

- "Attackers are taking advantage of a security hole in Internet Explorer not immediately patched by Microsoft
Security experts have warned that a vulnerability that has apparently been left un-patched by Microsoft is being exploited by attackers "in the wild".
The "object type" vulnerability, which was first acknowledged publicly by Microsoft on 20 August this year, allows an attacker to take control of a system by embedding malicious code in a Web-page. If the Web page is viewed by an Internet Explorer browser - even a fully patched browser - the malicious code embedded in the Web-page will execute, experts say. Despite Microsoft acknowledging the patch doesn't work, it evidently has not yet issued a working fix for the vulnerability.
US-based information security company iDefense released a statement over the weekend claiming the vulnerability is being actively exploited "in the wild".
"Whether you are patched or not, attackers can execute code on your computer at will when you visit a hostile website when using vulnerable versions of Internet Explorer," the statement read.
The relevant Microsoft bulletin was issued on 20 August and last updated on 8 September." - ( ZDnet - but then again, you didn't say "...after

Like Java, C# is compiled to an intermediate code for a "virtual machine" that is typically JIT compiled for the target processor. I've been amazed at the speed. I'm doing graphics applications where I'm moving bits around manually, and C# is plenty fast! And it's nice to have garbage collection and modern features.

C# also has some other advantages over Java: it's a standard language (it has been submitted to the ECMA standardization committee), and has advanced features like "generic types" (similar to templates), pointers, and good XML serialization support.

* Responsiveness: On average, Microsoft had a fix available 25 days after a security issue was publicly disclosed.

Anyone who remembers the hoo-hah after Eeye had two critical security flaws in windows sitting on it's "unfixed" page for 100+ days [1] will raise an eyebrow at this - this got a mention in Schneier's Cyptogram newsletter (the reference escapes me). It also depends on what they mean by "disclosed" - did eEye disclose it when they said there's something wrong? Or does a bug only become "disclosed" when people exploit it? (If the second one is true, linux bugs have mostly never been disclosed!)

If one devastating critical bug remains unfixed for six months [2], maybe the rest make up for it - but that's still six months you could be hosed in (and probably will be - think nimda). That's assuming that (for example) they aren't just equating the really critical bugs with the "someone can find the first letter of your name if you're wearing a hat and it's a full moon" type of bugs. Also what stevey (64018) said - bugs that aren't exploitable (or maybe even commonly felt) in Microsoft products aren't exposed. Perhaps even some bugs are fixed over service packs without notification (info, anyone?)

[1] "Two of eEye's most dangerous flaws [...] fixes are overdue by 94 and 66 days respectively."

[2] "200 Days to fix a Broken Windows" - According to the list, two other serious flaws have yet to be patched, and it's been five months since the software giant was first notified of them.

This is supposed to be a speedy response? I mean, let's look at Microsoft's record with eEye:
(Dates are dates of patch, not report)
April 13, 2004: Windows Expand-Down Data Segment Local Privilege Escalation - 144 Days
April 13, 2004: Windows Local Security Authority Service Remote Buffer Overflow - 188 Days
April 13, 2004: Microsoft DCOM RPC Memory Leak - 216 Days
April 13, 2004: Windows Metafile Heap Overflow - 164 Days
April 13, 2004: Windows VDM TIB Local Privilege Escalation - 64 Days
April 13, 2004: Microsoft DCOM RPC Race Condition - 216 Days (Yes, this is seperate)
February 10, 2004: Microsoft ASN.1 Library Length Overflow Heap Corruption - 200 Days
February 10, 2004: Microsoft ASN.1 Library Bit String Heap Corruption - 138 Days

And it goes on!

The Math: (144 + 188 + 216 + 164 + 64 + 216 + 200 + 138) / 8 = 166.25

Average 166 days for important vulnerabilities! I think their accountant missed something along the way...

You all know this already. Now go make sure someone in charge of a major corperation or something knows as well. =]

the best password is to have no password

along the same line.... what's the shortest distance between two points?


the shortest distance is to have NO distance at all. (Try the folding paper trick)
If you said a straight line, that'll do for now.

Yes, Poenix plans on being even more a whore to microsoft?

IBM had revenue to the tune of $260 million from Linux servers in Q1 2004, according to ZD net.

This is thought to be the second case in the UK where a "Trojan defence" has been used to clear someone of such an accusation. In April, a man from Reading was found not guilty of the crime after experts testified that a Trojan could have been responsible for the presence of 14 child porn images on his PC.

Incidentally, do you happen to be Matt Loney from ZD UK?

Matt Loney of ZDNet UK is covering the story, including Andy Tanenbaum's two Euro-cents here. I don't think anyone at AdTI, least of all Ken Brown, is going to be living off royalties any time soon - "falls at the starting gate" indeed. ZD even mention AdTI's ties to Microsoft least there be any doubt, which is nice of them. :)

I believe the Logitech io Digital Pen is the only device that satisfies your requirements. I can't give you a recommendation because I haven't tried it myself. Epinions has a couple reviews as does ZDNet

It's about $160, plus the price of a compatible journal.

Maybe all is not as it seems?

Here in Canada, because of that point, there are already alot of legal grey areas and trade offs because of this.

Yep, we have some wonderul trade-offs such as downloading music for personal use is legal in Canada, and has been for some time. Uploading, we're still working on, but we have already have a consumer-favorable ruling (mostly due to the half-assed case presented by the CRIA)..

BTW: Media levy only applies to Audio CD-Rs.. so just buy normal, Data CD-Rs, and burn Audio on them! In case you're wondering who in their right mind would actually buy an Audio CD-R, most stand-alone professional Audio CD duplication/recording equipment requires it.