Wouldn't it be best to issue a statement like "sendmail has an exploitable vulnerability, we recommend that you switch to your standby alternate mail system until we release a fix"? There is no way that blackhats would figure out where to look from a statement like that, and those of us with really good security could switch to our exim-based solution if we really feared to be hacked. Basically, do we trust the homeland security dept to determine our security policy?
That being said, good to see a well coordinated patch release. I just wish the paranoids would get advance warning.
If you think about it, creating a lot of unneeded DNS queries does the internet a favor. When everyone wastes resources, that means that the systems are designed to handle so much traffic that it will be extremely difficult to initiate a DOS attack. Your thousand boxes will simply drown in the noise from the rest. At least that's a theory:)
If you have a clue, you'll know not to let your users use windows update. Rather, you should have a separate system for distributing updates. That way, you get better control of what is on their machines, so that you'll get less random breakage. You'll also be able to distribute updates for non-microsoft applications within the same framework. In theory.
Exactly. Microsoft could sell everything at half price and still make a solid profit.
If someone can wield Linux properly, it will potentially wipe out Microsoft desktops from the enterprise. In the enterprise, they care about TCO and productivity. The lack of fundamental productivity gains (to my knowledge) in new versions of Microsoft applications tells us that the problem domain is probably "solved", or at leas t that Microsoft has stopped innovating. Now, someone just need to produce something interoperable at a lower price.
In the homes, we will need a different strategies. I'm thinking fixed fee remote administration will be the killer app in the homes. The "technologically disadvantages" constitute the majority. If you can convince them it's safe and easy, they won't blink at giving you remote access to fix their petty problems rather than spending hours on the phone with you doing things they don't understand. It's kinda like having the car repair guy coming home to you, rather than telling you how to repair your car over the phone.
Interestingly, 300-400 mhz is still relatively OK as long as you have enough ram (what is that - 4 years old techology?), a fast enough disk system and you stay away from gaming. I bet 3ghz will last you even longer, given enough RAM.
Uglifying nature? Heh. If you think aestethics should matter in envirommental issues, I hereby ridicule you. Would you rather have a devasted environment in 20 years, than ugly elements in 2 years? You must be stupid.
That aside, I quite like your push for nuclear technology. Given sufficient security measures, it is one of the cleanest energy source we got.
However, we also have technology that reduces our power consumption. Efficient heating solutions, smart homes that saves energy when you don't need it (lower temperature at night and when you're at work), efficient light solutions.
Sadly, people only bother to be environmental when there's an economic incentive. High energy prices will make people become more conscious about their energy consumption.
They chose the TCP/IP stack. That is almost certainly the best tested of all the components in Linux. It is used by everyone, so the eyeball count is particularily enormous.
If they would compare the implementations of something less popular, the numbers MIGHT be different. x.25 or something.
Serve up over P2P protocols, and tell people what filename to look for. If the file becomes very popular, you'll only need to serve up the page giving directions on how to download it:)
(yes, yes, I know, requiring people to use spyware-laden software is not nice, but it's a good idea in an ideal world)
Frankly, I believe there is a lot of bad project management going on. That also applies to software development, not just integration projects. Usability issues much too often arise out of not spending enough time in prototyping and usability testing.
When it comes to seeing the big picture, well, let's face it - in the corporate world, having an open source-like eyeball count on everything kills productivity. However, the people who do the initial design REALLY should spend some time making sure that their design will work. They also should be kind enough to give the programmers a slight briefing on what sort of project they are part of.
I agree. If you wish to make a more general increase in national security, you probably want to put a lot of effort into processing and distributing intelligence information properly. Weren't the findings about the 911 intelligence surprise that the signals picked up by the intelligence services were so strong that they could have / should have investigated further?
Then again, by developing a "cyber warfare" program, you also hopefully gain important insight into how to protect yourself. There might be a nice trickle-down effect of gained insights that can help the rest of us make better security policies. I wouldn't say the resources totally wasted, but possibly suboptimal in terms of return of investment.
Our system is developed in-house. That has some phenomenal advantages. We have access to the end users, and can show them early drafts of planned features and changes. We have REAL data, not just scrappy test data.
But - I agree. There is a lot of software with a really shitty ROI. Not just that, but there are some really shitty managers who cannot put up well qualified requirements documentation and business cases that hold water.
Of course, you've got some really good managers that know how to breed good, usable apps. Let's develop a breeding program for those managers.
There is a movement towards bytecode in some form. Java, C#, Parrot (Perl, Python, Ruby). That improves portability. So - if cost of porting and retesting combined with Itanium 2 hardware is less than sticking with your current architecture, you will see Itanium 2 succeed to some degree.
Anyhow, Intel has the advantage that it stands on two feet in the processor market - desktop computing and server computing. If Itanium 2 fails, I doubt it will break their back.
I think the point'n'click mentality is the problem. I only allow incoming traffic with the SYN bit set - unless I explicitly open for that port later on in my chain.
The only sad thing about consoles is that you can't download games for free to try them out before you buy 'em. So, you have a higher risk of buying something crappy. Other than that, I have a good time with my PS2.
Ever read "unsafe at any speed"? Mr. Nader was able to defeat the Detroit mafia in telling consumers how their automobiles were far more dangerous than they needed be. If we credit Nader for automobile safety being taken seriously, this guy has saved tens of thousands of lives.
Of course, the way things were developing, someone was BOUND to write something like that.
These applications/systems will improve the reliability of your system - at least that is the justification. Since we're focusing on TCO, the free part is not too interesting. It's the part about "how good is it?" that's interesting.
Also, Microsoft has a tradition for a forced upgrade policy. That rubs many companies the wrong way. You'll find systems developed and put into production in the 80s and 70s still running, at less cost that reimplementing them with current technology. But those systems usually do not run on a Microsoft platform.
Not at all. Citrix Metaframe is allegedly gaining ground - simply because the idea is a good one. You don't use all the resources on your computer - so running several on a large box makes sense. Application/patch rollout becomes easier.
Occam's razor is never ever to be used for proof. It is a guiding principle when you perform research in that it guides you towards researching the more likely solutions first, but nothing more.
I know this is off topic, but Birgitte Teng's cousin was acquitted in a criminal court, but judged to pay reparations to the family in a civil court. Isn't that double jeapordy?
Whooha. That's a mighty interesting service. I just wonder whether it is remotely safe to test our software on there. Perl-based, uses database and a web browser. I reckon everything we do can in fact be set up and compiled within a shell account - except running on standard ports:) But how safe is the service?
Simply put, you'll need two or more processes consuming all available CPU power before you'll see some real benefits from HT. If you're severely IO-bound, running a high-end FC SAN solution on an old P2 server will outperform a 5ghz machine with a mediocre disk.
So - yes, not all people and applications will benefit from this. But no - it is not try and see.
Slashdot Mirror
So it doesn't apply to you. However, it would probably apply to a financial institution, a nuclear power plant, etc etc.
Wouldn't it be best to issue a statement like "sendmail has an exploitable vulnerability, we recommend that you switch to your standby alternate mail system until we release a fix"? There is no way that blackhats would figure out where to look from a statement like that, and those of us with really good security could switch to our exim-based solution if we really feared to be hacked. Basically, do we trust the homeland security dept to determine our security policy?
That being said, good to see a well coordinated patch release. I just wish the paranoids would get advance warning.
If you think about it, creating a lot of unneeded DNS queries does the internet a favor. When everyone wastes resources, that means that the systems are designed to handle so much traffic that it will be extremely difficult to initiate a DOS attack. Your thousand boxes will simply drown in the noise from the rest. At least that's a theory :)
If you have a clue, you'll know not to let your users use windows update. Rather, you should have a separate system for distributing updates. That way, you get better control of what is on their machines, so that you'll get less random breakage. You'll also be able to distribute updates for non-microsoft applications within the same framework. In theory.
Exactly. Microsoft could sell everything at half price and still make a solid profit.
If someone can wield Linux properly, it will potentially wipe out Microsoft desktops from the enterprise. In the enterprise, they care about TCO and productivity. The lack of fundamental productivity gains (to my knowledge) in new versions of Microsoft applications tells us that the problem domain is probably "solved", or at leas t that Microsoft has stopped innovating. Now, someone just need to produce something interoperable at a lower price.
In the homes, we will need a different strategies. I'm thinking fixed fee remote administration will be the killer app in the homes. The "technologically disadvantages" constitute the majority. If you can convince them it's safe and easy, they won't blink at giving you remote access to fix their petty problems rather than spending hours on the phone with you doing things they don't understand. It's kinda like having the car repair guy coming home to you, rather than telling you how to repair your car over the phone.
Interestingly, 300-400 mhz is still relatively OK as long as you have enough ram (what is that - 4 years old techology?), a fast enough disk system and you stay away from gaming. I bet 3ghz will last you even longer, given enough RAM.
Uglifying nature? Heh. If you think aestethics should matter in envirommental issues, I hereby ridicule you. Would you rather have a devasted environment in 20 years, than ugly elements in 2 years? You must be stupid.
That aside, I quite like your push for nuclear technology. Given sufficient security measures, it is one of the cleanest energy source we got.
However, we also have technology that reduces our power consumption. Efficient heating solutions, smart homes that saves energy when you don't need it (lower temperature at night and when you're at work), efficient light solutions.
Sadly, people only bother to be environmental when there's an economic incentive. High energy prices will make people become more conscious about their energy consumption.
They chose the TCP/IP stack. That is almost certainly the best tested of all the components in Linux. It is used by everyone, so the eyeball count is particularily enormous.
If they would compare the implementations of something less popular, the numbers MIGHT be different. x.25 or something.
Serve up over P2P protocols, and tell people what filename to look for. If the file becomes very popular, you'll only need to serve up the page giving directions on how to download it :)
(yes, yes, I know, requiring people to use spyware-laden software is not nice, but it's a good idea in an ideal world)
Of course it doesn't. Click here, and set the funny reason modifier down. That will help you.
Frankly, I believe there is a lot of bad project management going on. That also applies to software development, not just integration projects. Usability issues much too often arise out of not spending enough time in prototyping and usability testing.
When it comes to seeing the big picture, well, let's face it - in the corporate world, having an open source-like eyeball count on everything kills productivity. However, the people who do the initial design REALLY should spend some time making sure that their design will work. They also should be kind enough to give the programmers a slight briefing on what sort of project they are part of.
I agree. If you wish to make a more general increase in national security, you probably want to put a lot of effort into processing and distributing intelligence information properly. Weren't the findings about the 911 intelligence surprise that the signals picked up by the intelligence services were so strong that they could have / should have investigated further?
Then again, by developing a "cyber warfare" program, you also hopefully gain important insight into how to protect yourself. There might be a nice trickle-down effect of gained insights that can help the rest of us make better security policies. I wouldn't say the resources totally wasted, but possibly suboptimal in terms of return of investment.
Our system is developed in-house. That has some phenomenal advantages. We have access to the end users, and can show them early drafts of planned features and changes. We have REAL data, not just scrappy test data.
But - I agree. There is a lot of software with a really shitty ROI. Not just that, but there are some really shitty managers who cannot put up well qualified requirements documentation and business cases that hold water.
Of course, you've got some really good managers that know how to breed good, usable apps. Let's develop a breeding program for those managers.
There is a movement towards bytecode in some form. Java, C#, Parrot (Perl, Python, Ruby). That improves portability. So - if cost of porting and retesting combined with Itanium 2 hardware is less than sticking with your current architecture, you will see Itanium 2 succeed to some degree.
Anyhow, Intel has the advantage that it stands on two feet in the processor market - desktop computing and server computing. If Itanium 2 fails, I doubt it will break their back.
I think the point'n'click mentality is the problem. I only allow incoming traffic with the SYN bit set - unless I explicitly open for that port later on in my chain.
The only sad thing about consoles is that you can't download games for free to try them out before you buy 'em. So, you have a higher risk of buying something crappy. Other than that, I have a good time with my PS2.
Ever read "unsafe at any speed"? Mr. Nader was able to defeat the Detroit mafia in telling consumers how their automobiles were far more dangerous than they needed be. If we credit Nader for automobile safety being taken seriously, this guy has saved tens of thousands of lives.
Of course, the way things were developing, someone was BOUND to write something like that.
These applications/systems will improve the reliability of your system - at least that is the justification. Since we're focusing on TCO, the free part is not too interesting. It's the part about "how good is it?" that's interesting.
Also, Microsoft has a tradition for a forced upgrade policy. That rubs many companies the wrong way. You'll find systems developed and put into production in the 80s and 70s still running, at less cost that reimplementing them with current technology. But those systems usually do not run on a Microsoft platform.
Not at all. Citrix Metaframe is allegedly gaining ground - simply because the idea is a good one. You don't use all the resources on your computer - so running several on a large box makes sense. Application/patch rollout becomes easier.
:)
However, web applications are even cheaper
Occam's razor is never ever to be used for proof. It is a guiding principle when you perform research in that it guides you towards researching the more likely solutions first, but nothing more.
I know this is off topic, but Birgitte Teng's cousin was acquitted in a criminal court, but judged to pay reparations to the family in a civil court. Isn't that double jeapordy?
Links would do. I don't need to run my browser on my own machine in a term environment :)
Whooha. That's a mighty interesting service. I just wonder whether it is remotely safe to test our software on there. Perl-based, uses database and a web browser. I reckon everything we do can in fact be set up and compiled within a shell account - except running on standard ports :) But how safe is the service?
Simply put, you'll need two or more processes consuming all available CPU power before you'll see some real benefits from HT. If you're severely IO-bound, running a high-end FC SAN solution on an old P2 server will outperform a 5ghz machine with a mediocre disk.
So - yes, not all people and applications will benefit from this. But no - it is not try and see.
Let's go on.
Torturing suspects until they confess to crimes they didn't commit - early retirement in Florida
Defrauding investors and business relations and employees by cooking the books - Enron and Worldcom executives.
The problem with hacking laws is that the impact of the crime varies from minimal to substantial.