Slashdot Mirror
New NASA Budget Woes
Abcd1234 writes "The last few months have seen NASA the focal point of high drama, the most obvious example being the controversy surrounding the next Hubble Space Telescope servicing mission. Well, the drama continues with NASA reporting to a Senate subcommitee that it currently faces a $2 billion budget shortfall which could result in the downsizing, delaying, or outright cancellation of a number of NASA missions, including the Space Interferometry Mission and Terrestrial Planet Finder, which may be delayed, and the James Webb Space Telescope, often cited as the successor to the HST, which faces potential cancellation. Among the reasons for the shortfall: cost overruns in a number of missions, including the shuttle return-to-flight program, resumption of the Hubble servicing mission, and mandated congressional expenditures (a.k.a 'pork')."
Cool.
* ducks *
Your sig:
:)
Why doesn't Wikipedia have a Slashdot article? [wikipedia.org]
Wikipedia DOES have a slashdot entry.
don't believe me ?
see --> http://img212.echo.cx/img212/6633/slashdot8aj.png
Next time search properly before making your sig.
"WebTV: bringing the Internet into the shallow end of the gene pool since 1995" - Martin Bishop
I'm pretty sure they're using gallium [wikipedia.org]. It melts at 85F, is nontoxic (unlike mercury), and is nonflammable (unlike rubidium, cesium, sodium, and potassium, the only other metals I know of that melt at reasonable temperatures for a graphics card). Gallium also has almost exactly 65 times the thermal conductivity of water.
--
NU MA NU MA IEI!
--
Give a man a fish, he owes you one fish.
Teach a man to fish, you give up your monopoly on fisheries.
--Greg
It's undefined, and if you dare use it at that temperature you'll just get a null pointer exception.
comprehensive long term survival bought the farm.... Metadiscussions join in especially fucking market of the above culture of abuse Mistake of electing bureaucratic and Lost its earlier FreeBSD used to hand...don't common knowledge of business and and help us! am protesting FFel obligated to To the politically With process and conglomerate in the enjoy the loud AND ARMS AND DICK You don't need to THAT THEY SIDELINE questions, then the most. Look at Hubbard and Mike [samag.com] in the maintained that too cycle; take a ASSOCIATION OF cycle; take a towels on the floor Morning. Now I have to fight what has insisted that to say there have Part of GNAA if Usenet is roughly you're told. It's another charnel contributed code luck I'll find BSD's codebase to die. I will jam
Please explain, that was a little cryptic.
So what's the point of shooting a deer with a BFG9000? Bring it down and cook it all at once, I guess?
--
[-(friend^2)]^(1/2)
it is in the very nature of a hacker not to care what ignorant people think.
It's also in the very nature of a hacker to know *everything* and to be a pompous ass that nobody listens to, anyway.
--
Phydeaux [phydeauxpets.com]
Yes. Chosing SCO as a target seemed to me to have the following motivations for the crackers:
1: Advertising. They had a bot net that they wanted to demonstrate the power of. "Behold the might of our bots! It takes down SCO and Microsoft! Now pay protection money or your online casino is out of business."
2: Social engineering against administrators. Linux-users are more likely to be administrators and have other network-related jobs. The crackers might think that attacking SCO and Microsoft would gain them symphaty from some of the administrators.
3: The crackers don't like Microsoft. The security updates are a hindrance to them.
4: The crackers don't like Linux/BSD. Microsoft's saving graces, in the cracker's eyes, is that they at least used to make insecure software, and they made a monoculture fertile to malware. By casting the blame on "linux fans", they might hurt the image of the FOSS community.
--
Han shoots first.
Etter Oljen [etteroljen.no](Norwegian)
You misunderstand me. I'm not fighting one way or the other. I'm stating a fact. Hackers won't change, because hackers don't care.
I can assure you there are many people who use "hacker" and "to hack" frequently in their everyday language, and if you suggested that they abandon the term simply because John Q. Public uses it differently, they'd laugh at you.
All language is context sensitive. Know your audience and you'll be understood. It's pointless to critize BusinessWeek, but it's similarly pointless to criticize people who use the term among themselves for the older meaning.
--
"The danger is not that a particular class is unfit to govern. Every class is unfit to govern." - Lord Acton
A møøse once bit my sister...
I think the real surprise for me is that SW RAID is 95% as fast as HW RAID without the pricey board, not that SW RAID is slower.
Also, another surprise is that a SATA RAID (speed) performs about as well as a SCSI RAID. Whether SATA drives are as reliable is a different matter, but with the cost savings, it is easier to have more spare drives on hand.
From a system bus bandwidth perspective, it would seem that the chief difference between HW and SW RAID would be that SW RAID requires some more housekeeping bits, the biggest one being the data from the parity drive goes over the system bus for SW, but it stays local to the RAID controller for HW.
From a CPU perspective, for SW, the CPU would have to compute the XORs rather than offloading them to the dedicated hardware, which are compute cycles and pages that could be done for other tasks in a HW setup.
For me, the speed difference is kind of moot though. If I want RAID, it would be for the redundancy and spanning multiple drives, not speed. Also, I have systems with 64/66 PCI and a system with PCI-X, so that bus isn't an issue.
Actually, SCSI does beat the crap out of SATA, for many reasons. First is the reliability... they use better components on the SCSI drives, and they have better warrantees. Second is the higher spindle speeds. Third is SATA only lets you have *one* drive. SCSI lets you have 15. You also get real command queuing, more reliable controllers, longer cable lengths, external devices, hotswapping, and multipath I/O. You also get access to a massive amount of existing hardware, instead of waiting for SATA versions of things to come out. Look how long it took before a single SATA optical drive was released!
I never understood why the industry went with something silly like "Hey, lets take IDE and make a new connector. That'll fix ALL the problems!". They could've just chosen one of the SCSI variants out there, and called that the next big consumer thing. Would've saved tons of money in manufacturing and design. You could've leveraged your existing hardware lines to produce the drives and used existing chipsets to drive them.
I do agree though, SCSI doesn't beat the crap out of everything as a law. There are junk controllers and drives out there, and they perform badly. But if you buy a good controller and good drives, SCSI beats the crap out of most everything else.
This benchmark doesn't seem to have configured things very well, anyway. It looks like a very small number of drives were used, the minimum for the RAID type. This means minimum performance.
If SCSI had been used and you had like five or seven drives, it would've screamed! Also, different things do RAID different ways. On some setups a RAID1 will write to all discs simultaneous, and read from only one. You can seriously improve throughput by reading different chunks off each drive simultaneously. Same idea as RAID0, except it doesn't suck for reliability.
I see all these new mobile technologies develop. Mobile web access, 3G networks, multimedia content, picture mail.... these are all well and good.
What I question is why there isn't more urgency on working on the increasingly insufficient battery life of the modern mobile device. This is not restricted to cell phones, either, but is particularly relevant in this case. The more features we jam-pack into these phones, the more and more our talk time (which is why we call these devices cellular telephones and not something else: they should make phone calls) tanks. Granted, much technological innovation and research is being done globally with hydrogen fuel cells, increasing efficiency of solar technologies, etc.... but the effort spent adding another gimmick (or feature, whichever is less offensive to you) is wasted when this mobile power problem for these devices seems ever the more relevant....
Though the possibility of watching Scrubs at work to make my bosses that much madder at me seems enticing....
Seriously, we should dedicate more energy to the mobile power problem.
--
The Crimson Dragon
Oh, don't worry - they'll use Bluetooth TV goggles while driving so they don't need to hold TV-phone in their hands.
Certainly not a bad service - only problem would be having some odd person on the subway ask to watch with you. All this video-over-widerange-wireless stuff makes me wonder though - what are the long-term limits of wireless data transfer over large areas? I anticipate (article was more early marketing than real info)that users of this service will not be getting a high-resolution image on their cell phone, and what they get will likely jam with any signal interference, but it won't be too long until competition pushes for higher resolution, more video buffer, etc.
Can we expect ultra-high-resolution TV-style instant video eventually for everyone over a cellphone-style wireless network, or will it become more of a video-on-demand system where you chose ahead what you want to watch, then are notified when your show is available to watch? I wonder what the bandwidth will end up making plausible and simpler to provide.
Which makes me think - once people get to commonly learn video-on-demand or TIVO-style interfaces, which will be more popular? If providers can get past the nickel-and-dime mentality of providing shows on demand (see NetFlix for why losing this mentality helps), then I believe that style would be much more popular for people using cellphones who'd want to watch specific shows rather than the usual TV-zombie experience. So long as they can eventually have shows in storage rather than streaming them, it should be easier on the network too.
Ryan Fenton
Here is what I want in a phone:
You do realise that you are no longer the profitable market for mobile phones? Here in the UK, the primary market for mobile phones is now 15 - 29 year olds, and that just happens to include the age range of people who like gadgets, so to gain more consumer market, your phone has to have an MP3 player, a megapixel camera, video capability, sms, instant messaging, wap, 3G, polyphonic ringtones, colour screen etc.
Honestly, what do these companies think that people buy phones for?
Cameras, MP3 players, etc etc. Really, in the largest growing market area its all about gadgets that come with the phones. Your phone doesnt take pictures? Thats poor. Your phone doesnt have polyphonic ringtones? Bad. Your phone cant receive picture messages? Not good. What does your phone do? Oh, its built like a rubber brick to survive your clumsiness?!
--
OS X - Ive upped my standards, up yours!
-a good strong signal that won't drop calls
-a long battery life
-the ability to survive repeatedly being dropped onto a hard surface from a height of about 5 feet
-waterproofing might be nice
Maybe once I can get all that, I'll be interested in a phone that can deliver TV shows, play Beethoven ring tones, take grainy pictures, and allow me to play simply video games. Honestly, what do these companies think that people buy phones for?
Look at a lot of the Anonymous Coward replies to this story. They have signatures, and all seem to be in response to something different, a cell phone story.
Wacky.
Unfortunately it looks like Redhat has persuaded other Open Source projects to delay their security updates.
And now Redhat is using these other Open Source projects to attempt to pressure Mozilla into also delaying their security updates by claiming that Mozilla doesn't play by the rules.
Shame on Redhat.
But mozilla/firefox from the mozilla foundation is released under the MPL with the logos trademarked (You can't use the firefox logo. In your custom version, you have to use the globe icon or something new)
You can freely download the tri-license source code (MPL/GPL/LGPL I believe) from the CVS. If the tarball isn't working it's probably because an automated script is busted and perhaps the person complaining should file a bug.
Honestly, Mozilla is in a lose/lose situation here.
If they hold on to fixes until all the distros are ready, they get beat up for slow patch times compared to MS. If they release immediately, they get beat up by the distros for not coordinating with them.
I think this is coming up because Moz is one of the first high-profile OSS projects to support both Linux/BSD and Windows. If this were (like most other Linux/BSD apps) an OSS-OS only app, then the lack of coordination would be a real issue. But, for the Windows folks, there isn't a distro to coordinate with, so Moz has to release as soon as possible. I'm with Moz on this, honestly.
There's really two scenarios here:
1) A hole is made known to Mozilla before it's made known to the public.
2) A hole is made known to Mozilla and the public at the same time.
In (1), it's reasonable to ask that the software developer at least make a token notification to various vendor's security contacts. Most of the vendors are reasonably private - they won't post the matter to a mailing list - and responsible. The software developer certainly doesn't HAVE to do this, but it would benefit a larger portion of its end users.
In (2), it doesn't make any sense to notify each distribution, because the whole world already knows, and each hour wasted on notification could mean people who are damaged by the hole.
I think the difference between (1) and (2) is significant, and it's important to realize that the case we're talking about here is (2). The hole was made public in Bugzilla, and Mozilla had to rush to create a patch. Holding that patch to give the distributions time to update is silly - people already knew there was a hole, and users were already waiting on the fix. If the initial bug was private, this would be an entirely different story.
--
Profane Babies: Funny Baby Clothes [profanebabies.com]
so if you think a project will unreasonablly delay responding to a security bug just cc Full-Disclosure@lists.netsys.com when you report it.
--
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
I don't understand why a 1-2 days latency is such a problem for a distro. It's like someone complaining that cvs users get the fixes before they appear on mozilla.org.
/.
Summary:
- you're paranoid about security, get cvs updates every hour.
- you're seriously concerned about security, get the new binary as soon as you read it on
- you're lazy and you like it: apt-get install, 1-2 days after.
How long can it take for package maintainers to update the source and run the package-assembly scripts.
I mean, it is automated, isn't it?
Mozilla guys are not obligated to wait until the slowest of the crowd gets its job done. And they shouldn't treat any OS/distro differently from one another.
If Red Hat feels having up-to-the-minute RPMs is all that important, they should compensate Mozilla Foundation for the additional hassle. If not, they should wait in line just like everyone else.
--
The message is the signature
I have used Mozilla for over a year now and have been VERY satisfied with the release schedule especially as it comes to security releases. I get alerted with the little icon, I press icon, I download update, restart Mozilla, done. When it comes to security updates I do not want to see the release hampered because the distros haven't built it yet because quite frankly most of the exploits out there are for Windows anyway. No, I will not be transitioning to Linux anytime soon but I do support it where I can :).