...because we do provide secure (as encrypted in the transport, network and the storage layer) . Spanish judges. You have to love them how people that know the law know few things about technology.
No, I am sorry to say that your assumptions are not true. I have started working on the Internet in 1998, and I worked on core TCP/IP protocols and Ethernet device drivers, which is what drives today most of the corporate networks.
1)Your assumption that one has to petition corporations and governments and eventually suck it up is totally wrong. It's not only Tor. If you want to safeguard your own communications, you could setup an SSH tunnel between two BSD/Linux hosts and as long as you (or somebody you trust) can control these hosts, governments will have hard time to break you in the middle (I hope you do not start with the theories that encryption algorithms are tapped. They are not, and you are free to choose, and you have the source code to prove that). No corporation can stop you from doing that to establish who you wish to talk to, when and how. They might make it difficult, but not impossible and certainly within the feasibility of a capable IT person(s).
2)On the other hand, the assumption that the guy who sits on NSA/GCHQ has the will to listen to your personal communications one morning is also wrong. If you are an intelligence analyst, you are looking for needles in a haystack and you have specific problems to solve. Yes, there is data mining. Yes, there are ways to tap into your personal communications. Yes, you could be a bystander and accidentally tapped into in an attempt to locate someone, but this is less probable than you being the victim of a phishing/zero day exploit of some bad arse that wants your machine for a botnet, or is after your bank account, etc.
3)If you have something to hide (aka you are someone's enemy), the problem is not the technology, but the position you bring yourself into. Have the most advanced protection, they will get you, not by means of technology, but also by other means. If you have nothing to hide and you are just concerned that they might listen to you, take your measures. As I said in 1), technologies do exist to ensure that you keep whatever you wish to keep amongst few people (family, partners).
Personally, I have nothing to hide. If NSA/GCHQ want to listen to how I talk to my partners (sometimes swearing into IT problems) or what I ate in the evening, or when I need to go to the toilet, or what I order for pizza, they are welcome. Because, first I do not have a troubling position and secondly, when I talk to my family for something serious, I won't do it via the phone or facebook or twitter. I will do it in person.
So, I wish that people would spare all that crap about NSA/GCHQ listening to them. This is paranoia in the same way that you expect from Snowden and Assange to tell you that Governments around the world are playing dirty. Do you really need them to figure out that they do this? Do you really think that the big news networks are really concerned with your privacy, or rather with the advert they are going to air just before they give the latest on snowden's Moscow hotel/airport status?
Enough with this s***! Sorry, I would rather be cynical and pragmatic rather than conformant and naive.
I'll take truth-telling officials over what we've got here in the the States. As best as I can tell, they've got 100% of the lines tapped and just aren't listening to them here.
Nahhh! If they had the tech to get 100% of the lines tapped AND listen to it, the US cash flow would be different. It's good to develop good DPI, lots of nice HPC tech is generated with the idea as the basis.
Oh dear. In Europe, we are so advanced that we do not need people like Snowden to be heroes (the process of deciding to work for NSA directly or through contracting, thinking that you never go against people's privacy and one day you discover that is not the case and you go and leak info, wow!) and leak the info. Ministers do it instead!:-)
You should also mention the multi Petabyte paradigm of life scientists and the Next Generation Sequencing applications. This is just another frontier in data intensive computing paradigms.
I use it to SSH to my systems and I browse the web using Lynx. Bandwidth efficient and secure. Even the default Maemo from Nokia is more secure than most of the Android derivatives. I am not going to use an Android phone if I SSH to my servers anytime. Never failed me security-wise and I think it never will.
GM
There is nothing wrong with doing business in the middle east. What is wrong is to rely so much on the Middle East. This creates contention and undesirable situations, especially for Middle East folk. The very fact that most of them export their resources to oil feed the rest of the world, when very little money returns to them is indicative of most of the geopolitical problems that rose, are rising and will rise in the area.
Oil is not the only example. Manufacturing and outsourcing is another. If only 20% of the Asian manufacturers of integrated circuit/assembly lines decided to close tomorrow for whatever reason, the implications for the US and the rest of the electronic consumer's world would be at least worrying and at most catastrophic for the market.
I believe this is a general trend of globalization, which is mainly driven by us, because we want the cheapest and then someone has to produce that cheapest product by pushing outsourcing to the point where we rely on few places. Personally, if I knew that a product is REALLY only made in the US/UK/Europe etc, I would buy it, even if it was more expensive. Not because I dislike Asia or whatever distant part of the world, but because I want with my behavior to enforce resilience, the very opposite of absolute reliance. Do you really think that the world has resilience today in terms of energy?
I would agree with you but... I don't. The oil monopoly is supported by some large car driving populations. For most of this folk, it is really a big thing to get on the bike and/or use fuel efficient cars or rationalize the use of the car. This is why the US started considering fuel efficient cars only recently. If you compare the average GM/Ford/whatever gas guzzler they used to chunk out of their production lines (which was cheap for the average Joe to buy) to the average European car there was no comparison. Extrapolate this behavior to the growing middle class of India and China and you get the idea. Power is given to monopolies by people, it does not come by itself. In the absence of realizing the consequences, the majority of the people will use the more readily available and cheapest solution. And that I am afraid is petrol:-( . Not necessarily because they do not have the extra money to pay for an alternative. But because they are sold to the idea of horse power, acceleration, when the most they do on their motorway is 30-40 miles an hour just before the rush hour!:-)
In our world there are innovators and there are also people that will vow to re-use existing suboptimal solutions with all their pros and cons until it is absolutely necessary to adopt something else. Unfortunately, the second type is the majority, even if it is completely obvious that the dependency of the West on the Middle East is one of its largest weaknesses. I wonder how many slaps does it take for some people to wake up from their deep oily sleep.
Good question. Well, LUARM does not have mechanisms to perform actions (apart of course from getting valuable user environment data). Pseudonymizers and accountability might get into the game. Multi-party authentication is not a panacea, but it makes it more difficult for a rogue person.
Hi,
This is one of the classic questions of insider misuse mitigation "who watches the guards". One way to deal with this is to use very good logging using a third audit party. Traditional audit/logging engines are not well suited to this task. You might like to take a look at LUARM (http://luarm.sourceforge.net/). It is an effort to provide very fine grained logging into your systems. The idea is you setup engines like that and your logs are then placed off-site and managed by a third party auditor, away from a potentially rogue sysadmin. Thus, if something happens, you have the means to prove what your bad techie did.
Preventing this to happen is another story. Some people say that the knowledge of being monitored deters people from doing stuff. I do not support that view. Simply, my experience in dealing with sysadmins is that they are often underpaid, not appreciated and take all sorts of crap for other people. Make sure you pay them well, support them and listen to what they have to say.
(a sysadmin):-)
I wonder if "poor" is everything you do not agree with. For me, poor is something that is not well justified. You should also look into the very reason openleaks will come online.
OK, recently (8.3?) I have tried to test postgres with bulk query loading. Something similar to this, not exactly identical:
http://forums.pentaho.org/showthread.php?t=72863
To make the long story short, the performance was not the best I have seen. Why do I need the bulk loader? Well, we have an app where people like to load large amount of numbers and text. So, it is the easiest way.
Maybe I should blog them one day...but where can I find time?
I have worked on projects that have thrown out Oracle in small/medium business setups (before the acquisition) in favor of MySQL. And yes, I do believe that MySQL clustering can be a well performing product. Now, the mistake started with the reliance of the InnoDB engine. What I will miss is the skill of the core MySQL developers (?) to work on non standard engines (like the Federated engine). Oracle makes the big money from large installations. Small to Medium sized demanding businesses have still a lot of ground to cover....And no, unfortunately, I have seen Postgres going horribly wrong, so it is not an option for my production environment.
and the year 2000, when IBM decided to acquire Sequent and Sequent under the pressure of investors gave in. Although they had a good product line, sales were questionable compared to a global competitor. I think that Sun is undervalued in that price. They can certainly push the envelope a lot higher, but will they given the tough times and the sales of their chipset flagship. The thing is, I hate to see Solaris having the faith of DYNIX PTX:-( , as a technologist/engineer.
Your question has three blocks of scope in programming terms:
1)The philosophical one: No, you should not suck it up and unlearn what you have learnt. Scripting and esoteric languages are here to stay. And if it wasn't the fact that some 'academic' environments tend to snob them, the situation would be better (the academic in quotes is meant as a criticism).
2)The toolkit enabling one: Apart from higher level architectures that support multi language development (Mono.Net, etc), the multi language programmer needs more effective IDEs for support. I tend to use the Eclipse platform, but a tool that handles the 'pipeline' aspect of multi-language programming integgrated in such an IDE is a must.
3)The language glue aspect:Many popular languages such as Python and Perl have specific dedicated mechanisms to use/call C++/Java.
Number 3 means that using C++/Java from Python/Perl and perhaps other languages has never been out of the question.
For more info, shout and I shall discuss details.
Come on! Be a little bit inventive. They assume that the people who pay the cash to buy such a thing will find solar recharge stations that give multiple 55 KW plugs in the middle of nowhere!:-)
"To say that Shelby Supercars are trying to beat Tesla would be an understatement."
Ahmm! For the amount of money they ask for the Tesla, ANYTHING will beat the Tesla in terms of reliability. What was in "Top Gear"; Ehmm, structural panel failure, break failure, and then a short circuit..... I sincerely hope that Shelby will make something better than the Tesla.
Slashdot Mirror
...because we do provide secure (as encrypted in the transport, network and the storage layer) . Spanish judges. You have to love them how people that know the law know few things about technology.
No, I am sorry to say that your assumptions are not true. I have started working on the Internet in 1998, and I worked on core TCP/IP protocols and Ethernet device drivers, which is what drives today most of the corporate networks.
1)Your assumption that one has to petition corporations and governments and eventually suck it up is totally wrong. It's not only Tor. If you want to safeguard your own communications, you could setup an SSH tunnel between two BSD/Linux hosts and as long as you (or somebody you trust) can control these hosts, governments will have hard time to break you in the middle (I hope you do not start with the theories that encryption algorithms are tapped. They are not, and you are free to choose, and you have the source code to prove that). No corporation can stop you from doing that to establish who you wish to talk to, when and how. They might make it difficult, but not impossible and certainly within the feasibility of a capable IT person(s).
2)On the other hand, the assumption that the guy who sits on NSA/GCHQ has the will to listen to your personal communications one morning is also wrong. If you are an intelligence analyst, you are looking for needles in a haystack and you have specific problems to solve. Yes, there is data mining. Yes, there are ways to tap into your personal communications. Yes, you could be a bystander and accidentally tapped into in an attempt to locate someone, but this is less probable than you being the victim of a phishing/zero day exploit of some bad arse that wants your machine for a botnet, or is after your bank account, etc. 3)If you have something to hide (aka you are someone's enemy), the problem is not the technology, but the position you bring yourself into. Have the most advanced protection, they will get you, not by means of technology, but also by other means. If you have nothing to hide and you are just concerned that they might listen to you, take your measures. As I said in 1), technologies do exist to ensure that you keep whatever you wish to keep amongst few people (family, partners).
Personally, I have nothing to hide. If NSA/GCHQ want to listen to how I talk to my partners (sometimes swearing into IT problems) or what I ate in the evening, or when I need to go to the toilet, or what I order for pizza, they are welcome. Because, first I do not have a troubling position and secondly, when I talk to my family for something serious, I won't do it via the phone or facebook or twitter. I will do it in person.
So, I wish that people would spare all that crap about NSA/GCHQ listening to them. This is paranoia in the same way that you expect from Snowden and Assange to tell you that Governments around the world are playing dirty. Do you really need them to figure out that they do this? Do you really think that the big news networks are really concerned with your privacy, or rather with the advert they are going to air just before they give the latest on snowden's Moscow hotel/airport status?
Enough with this s***! Sorry, I would rather be cynical and pragmatic rather than conformant and naive.
Why don't you write him and ask for an answer. You will probably get it. After that, you will never be alone in your phone/internet conversations :-) .
I'll take truth-telling officials over what we've got here in the the States. As best as I can tell, they've got 100% of the lines tapped and just aren't listening to them here.
Nahhh! If they had the tech to get 100% of the lines tapped AND listen to it, the US cash flow would be different. It's good to develop good DPI, lots of nice HPC tech is generated with the idea as the basis.
Oh dear. In Europe, we are so advanced that we do not need people like Snowden to be heroes (the process of deciding to work for NSA directly or through contracting, thinking that you never go against people's privacy and one day you discover that is not the case and you go and leak info, wow!) and leak the info. Ministers do it instead! :-)
The only painful thing you have to do is to decide how to increase threading in your code.
http://sourceforge.net/projects/luarm/ and for more info have a look at my PhD thesis:
http://folk.uio.no/georgios/MagklarasPhDThesisv3.pdf
Just to get a few ideas. The paper that describes LUARM can be found here:
http://folk.uio.no/georgios/papers/LUARM-WDFIAfinal.pdf
Some of the things in LUARM have been modified since the paper was written but the idea is the same.
GM
Use LUARM as one of the counter measures: http://sourceforge.net/projects/luarm/
Yes, once more, all those COBOL programmers there must have an income. Who are you Mr. State to decide that you can just upgrade everything.
You should also mention the multi Petabyte paradigm of life scientists and the Next Generation Sequencing applications. This is just another frontier in data intensive computing paradigms.
I use it to SSH to my systems and I browse the web using Lynx. Bandwidth efficient and secure. Even the default Maemo from Nokia is more secure than most of the Android derivatives. I am not going to use an Android phone if I SSH to my servers anytime. Never failed me security-wise and I think it never will.
GM
There is nothing wrong with doing business in the middle east. What is wrong is to rely so much on the Middle East. This creates contention and undesirable situations, especially for Middle East folk. The very fact that most of them export their resources to oil feed the rest of the world, when very little money returns to them is indicative of most of the geopolitical problems that rose, are rising and will rise in the area.
Oil is not the only example. Manufacturing and outsourcing is another. If only 20% of the Asian manufacturers of integrated circuit/assembly lines decided to close tomorrow for whatever reason, the implications for the US and the rest of the electronic consumer's world would be at least worrying and at most catastrophic for the market.
I believe this is a general trend of globalization, which is mainly driven by us, because we want the cheapest and then someone has to produce that cheapest product by pushing outsourcing to the point where we rely on few places. Personally, if I knew that a product is REALLY only made in the US/UK/Europe etc, I would buy it, even if it was more expensive. Not because I dislike Asia or whatever distant part of the world, but because I want with my behavior to enforce resilience, the very opposite of absolute reliance.
Do you really think that the world has resilience today in terms of energy?
I would agree with you but... I don't. The oil monopoly is supported by some large car driving populations. For most of this folk, it is really a big thing to get on the bike and/or use fuel efficient cars or rationalize the use of the car. This is why the US started considering fuel efficient cars only recently. If you compare the average GM/Ford/whatever gas guzzler they used to chunk out of their production lines (which was cheap for the average Joe to buy) to the average European car there was no comparison. Extrapolate this behavior to the growing middle class of India and China and you get the idea. Power is given to monopolies by people, it does not come by itself. In the absence of realizing the consequences, the majority of the people will use the more readily available and cheapest solution. And that I am afraid is petrol :-( . Not necessarily because they do not have the extra money to pay for an alternative. But because they are sold to the idea of horse power, acceleration, when the most they do on their motorway is 30-40 miles an hour just before the rush hour! :-)
In our world there are innovators and there are also people that will vow to re-use existing suboptimal solutions with all their pros and cons until it is absolutely necessary to adopt something else. Unfortunately, the second type is the majority, even if it is completely obvious that the dependency of the West on the Middle East is one of its largest weaknesses. I wonder how many slaps does it take for some people to wake up from their deep oily sleep.
Nobody investigated me. :-)
http://epistolatory.blogspot.com/2011/01/piercing-through-egyptian-internet-void.html
Good question. Well, LUARM does not have mechanisms to perform actions (apart of course from getting valuable user environment data). Pseudonymizers and accountability might get into the game. Multi-party authentication is not a panacea, but it makes it more difficult for a rogue person.
Hi, This is one of the classic questions of insider misuse mitigation "who watches the guards". One way to deal with this is to use very good logging using a third audit party. Traditional audit/logging engines are not well suited to this task. You might like to take a look at LUARM (http://luarm.sourceforge.net/). It is an effort to provide very fine grained logging into your systems. The idea is you setup engines like that and your logs are then placed off-site and managed by a third party auditor, away from a potentially rogue sysadmin. Thus, if something happens, you have the means to prove what your bad techie did. Preventing this to happen is another story. Some people say that the knowledge of being monitored deters people from doing stuff. I do not support that view. Simply, my experience in dealing with sysadmins is that they are often underpaid, not appreciated and take all sorts of crap for other people. Make sure you pay them well, support them and listen to what they have to say. (a sysadmin) :-)
I wonder if "poor" is everything you do not agree with. For me, poor is something that is not well justified. You should also look into the very reason openleaks will come online.
http://epistolatory.blogspot.com/2010/12/julian-assange-theater-from-it-security.html worth thinking about these issues.
OK, recently (8.3?) I have tried to test postgres with bulk query loading. Something similar to this, not exactly identical: http://forums.pentaho.org/showthread.php?t=72863 To make the long story short, the performance was not the best I have seen. Why do I need the bulk loader? Well, we have an app where people like to load large amount of numbers and text. So, it is the easiest way. Maybe I should blog them one day...but where can I find time?
I have worked on projects that have thrown out Oracle in small/medium business setups (before the acquisition) in favor of MySQL. And yes, I do believe that MySQL clustering can be a well performing product. Now, the mistake started with the reliance of the InnoDB engine. What I will miss is the skill of the core MySQL developers (?) to work on non standard engines (like the Federated engine). Oracle makes the big money from large installations. Small to Medium sized demanding businesses have still a lot of ground to cover....And no, unfortunately, I have seen Postgres going horribly wrong, so it is not an option for my production environment.
and the year 2000, when IBM decided to acquire Sequent and Sequent under the pressure of investors gave in. Although they had a good product line, sales were questionable compared to a global competitor. I think that Sun is undervalued in that price. They can certainly push the envelope a lot higher, but will they given the tough times and the sales of their chipset flagship. The thing is, I hate to see Solaris having the faith of DYNIX PTX :-( , as a technologist/engineer.
Your question has three blocks of scope in programming terms: 1)The philosophical one: No, you should not suck it up and unlearn what you have learnt. Scripting and esoteric languages are here to stay. And if it wasn't the fact that some 'academic' environments tend to snob them, the situation would be better (the academic in quotes is meant as a criticism). 2)The toolkit enabling one: Apart from higher level architectures that support multi language development (Mono .Net, etc), the multi language programmer needs more effective IDEs for support. I tend to use the Eclipse platform, but a tool that handles the 'pipeline' aspect of multi-language programming integgrated in such an IDE is a must.
3)The language glue aspect:Many popular languages such as Python and Perl have specific dedicated mechanisms to use/call C++/Java.
Number 3 means that using C++/Java from Python/Perl and perhaps other languages has never been out of the question.
For more info, shout and I shall discuss details.
Come on! Be a little bit inventive. They assume that the people who pay the cash to buy such a thing will find solar recharge stations that give multiple 55 KW plugs in the middle of nowhere! :-)
"To say that Shelby Supercars are trying to beat Tesla would be an understatement." Ahmm! For the amount of money they ask for the Tesla, ANYTHING will beat the Tesla in terms of reliability. What was in "Top Gear"; Ehmm, structural panel failure, break failure, and then a short circuit..... I sincerely hope that Shelby will make something better than the Tesla.