100' diameter ==> 15m radius ==> around 15000 m^3 ==> somewhere around 5x10^7 kg if it's rock.
26500 miles is around 4000 times further away from the surface of the earth than the 35,000 feet at which planes fly.
So the gravitational effect this rock will have at the surface of the earth is around the same as the effect from a 3kg bag inside a plane flying overhead. Probably not noticable.:)
Okay, so if myself, 997 other innocent users and two criminals are all connected to a single IM server, and all are encrypting their traffic, then which two users are the criminals?
The people running the IM server, of course. Only terrorists encrypt their traffic, and if you're not with us, you're against us.
You really think they have time to look at the data contents of your packets? That takes time and human resources... what they're interested in watching is your packet headers, which aren't going to be encrypted.
This is all about traffic analysis. They can work out who is talking to whom over the air via the NSA's listening network (or rather, GCHQ's network, via reciprocal "let's get around domestic spying laws" deals), but they need hardware on the wires to look at those packets.
Sure, if you're under investigation, they might use this hardware to log the contents of your traffic; but they'd do that anyway. These changes are about identifying possible suspects based on who they associate with.
What's the primary requirement of a utility? It has to work. If you turn the water faucet on, you expect to get water; if you plug a lamp into a wall socket, you expect electricity; when you pick up your phone, you expect to hear a dial tone.
Computing simply hasn't reached that point. When people choose web hosting, they don't choose on the basis of how many dollars each GB of bandwidth costs; they choose on the basis of security, reliability, customer service, and generally reputation.
Utility computing would be nice, but we're simply not ready yet.
Batteries can leak acid and give off explosive hydrogen.
Making hydrogen explode is difficult. The danger of it happening by accident is probably less than the danger of an earthquake knocking over a stack of batteries and causing injury by spilling acid on the floor.
In Canada, the unwritten constitutional conventions left by the British require the sitting government to never lose a parliamentary vote on a money bill or a vote of confidence, else the Governor-General is obliged to ask the prime minister to call an election.
Backwards. The Governor General calls the election.
Recall again Mulroney adding 3 extra senators (!!!!) so he could pass his GST bill.
Can you imagine what the American's whould do to a president that violated the constitution to ram a fucking 7% sales tax bill.... ???
There was no constitutional violation. Mulroney had to get special permission from the Queen, but everything was entirely constitutional. (Anyway, if the GST was that bad, why is it still around?)
Err... what? Canada's problem has always been the opposite -- our Prime Minister is too powerful. He appoints supreme court judges, and can invoke the "notwithstanding clause" to make legislation immune from judicial review anyway; he appoints senators; and he's the leader of the majority party in the house of commons, so they never vote against him, either.
Out of the so-called democracies of the world, Canada is about as close to an absolute monarchy as they get.
Don't forget the Canadian version: Stop fighting, all of you, right now, or we'll send in some peacekeepers!... (whispered conversation)... oh, sorry, it looks like we don't have anyone we can send. Go ahead and carry on with killing each other then.
Only if you do things wrong. I'm not talking about a pick-your-own-subset-of-linux-kernel-patches situation here; I'm talking about using patching to update everyone to the same official release. You'd have exactly the same files on disk as you get by downloading the entire package; the only difference is that by using binary patches you can reduce the bandwidth requirement by a factor of 50.
It's called debug code. Just look at FreeBSD: fafnir# ls -l/boot/kernel/kernel -r-xr-xr-x 1 root wheel 5940286 Feb 26 00:52/boot/kernel/kernel fafnir# ls -l/usr/obj/usr/src/sys/GENERIC/kernel.debug -rwxr-x r-x 1 root wheel 30170033 Mar 7 21:31/usr/obj/usr/src/sys/GENERIC/kernel.debug
Enabling debugging options makes the FreeBSD kernel five times as large; if anything, I'd expect Microsoft to have even more debugging code in their pre-release builds.
Release three patches, and QA three different things, or release 1.0.3 as a complete package, so everyone who does update now has the exact same thing?
No. Build 1.0.3. Build binary patches for each of (1.0 -> 1.0.3), (1.0.1 -> 1.0.3), (1.0.2 -> 1.0.3). Provide a simple shell script which looks at the MD5 hashes of files on disk and downloads the appropriate patch. Everyone who upgrades ends up with exactly the same files; no need to QA anything more than once.
(This assumes that you trust the binary patch tool to work properly; but you can check the MD5 hashes of the files post-patch to ensure that everything worked, and download the complete file if anything went wrong. My experience with FreeBSD Update is that around 1% of systems -- usually from AMD -- have heat-induced problems during the patching process, so at least for commodity hardware, this final verification is necessary.)
I believe the study that found that once the bug leaves the development shop to go to consumers it costs $9000 per line to fix.
That figure depends largely upon how many customers you have and how sophisticated your patch-distribution system is. In pre-internet days, a critical problem might have meant shipping a floppy disk to each of your customers (of course, this reduced the chance of problems being classified as "critical"). Now, most security problems in FreeBSD can be fixed in two minutes using 50kB of bandwidth and binary patches. Most operating systems fall somewhere in the middle, distributing entirefiles, or even completepackages, every time a one-line security fix is necessary, with the effect of requiring a 50-fold (or more, in the case of packages) increase in bandwidth (and, over slow connections, time).
Someone from Microsoft explained this to me as "we've got huge amounts of bandwidth, so we really don't need to save bandwidth by using patches"... it doesn't surprise me that Microsoft ignores the fact that delta compression would benefit their customers, but I expected better from Apple or the Linux community.
Yes, more critical... in the sense that an easily detected (just look at the packets), non-spoofable (you can't do this without having finished a TCP handshake first), denial of service attack is more serious than a root exploit.
CD-RWs are hardly cost efficient, especially if we are dealing with something where we only rarely make changes.
True, but a red herring. With a system which costs >$100, it doesn't matter if you boot off a $0.15 disk or a $0.50 disk. A CD-RW has one major advantage: When you need to re-image, you've got a disk available at hand. The last thing you want to do when updating systems for security fixes is worry about if you've got enough CDRs or if you need to drive off to the store to buy another spindle.
Yes, of course you *should* always keep enough spare CDRs on hand to re-image all your CD-boot machines, but there's a reason why "should" and "do" are different words.:)
If there's a remote root exploit, rebooting is merely going to make an attacker wait five minutes and then re-run the exploit. A better solution is a CD-RW disk in a CD-ROM drive -- you can always reboot into a clean system, but if there are security issues, you can remove the disk, fix the necessary bits, and then reboot.
It sure looks to me like there's a significant upturn in transfer rates starting shortly after the article's posting (at 1:21 PM) on about 8 out of 16 of those graphs
And in one graph, there's a sharp dip at that time. For some reason the TW link failed, and traffic was rerouted.
though I'm not sure what time zone the stats are from
Central time, I think? Whatever they use in Texas, anyway.
Slashdot Mirror
100' diameter ==> 15m radius ==> around 15000 m^3 ==> somewhere around 5x10^7 kg if it's rock.
:)
26500 miles is around 4000 times further away from the surface of the earth than the 35,000 feet at which planes fly.
So the gravitational effect this rock will have at the surface of the earth is around the same as the effect from a 3kg bag inside a plane flying overhead. Probably not noticable.
because I wonder how many musicians today can actually read music
All of them.
I'd wager the vast majority of rock musicians can't...
In other news, most popular singers can't sing, most popular guitarists can't play guitar...
Okay, so if myself, 997 other innocent users and two criminals are all connected to a single IM server, and all are encrypting their traffic, then which two users are the criminals?
The people running the IM server, of course. Only terrorists encrypt their traffic, and if you're not with us, you're against us.
You really think they have time to look at the data contents of your packets? That takes time and human resources... what they're interested in watching is your packet headers, which aren't going to be encrypted.
This is all about traffic analysis. They can work out who is talking to whom over the air via the NSA's listening network (or rather, GCHQ's network, via reciprocal "let's get around domestic spying laws" deals), but they need hardware on the wires to look at those packets.
Sure, if you're under investigation, they might use this hardware to log the contents of your traffic; but they'd do that anyway. These changes are about identifying possible suspects based on who they associate with.
What's the primary requirement of a utility? It has to work. If you turn the water faucet on, you expect to get water; if you plug a lamp into a wall socket, you expect electricity; when you pick up your phone, you expect to hear a dial tone.
Computing simply hasn't reached that point. When people choose web hosting, they don't choose on the basis of how many dollars each GB of bandwidth costs; they choose on the basis of security, reliability, customer service, and generally reputation.
Utility computing would be nice, but we're simply not ready yet.
Tell that to the people who were on board the Hindenberg...
Why? The Hindenberg didn't explode.
Batteries can leak acid and give off explosive hydrogen.
Making hydrogen explode is difficult. The danger of it happening by accident is probably less than the danger of an earthquake knocking over a stack of batteries and causing injury by spilling acid on the floor.
In Canada, the unwritten constitutional conventions left by the British require the sitting government to never lose a parliamentary vote on a money bill or a vote of confidence, else the Governor-General is obliged to ask the prime minister to call an election.
Backwards. The Governor General calls the election.
Recall again Mulroney adding 3 extra senators (!!!!) so he could pass his GST bill.
Can you imagine what the American's whould do to a president that violated the constitution to ram a fucking 7% sales tax bill.... ???
There was no constitutional violation. Mulroney had to get special permission from the Queen, but everything was entirely constitutional. (Anyway, if the GST was that bad, why is it still around?)
invisible and powerless prime minister
Err... what? Canada's problem has always been the opposite -- our Prime Minister is too powerful. He appoints supreme court judges, and can invoke the "notwithstanding clause" to make legislation immune from judicial review anyway; he appoints senators; and he's the leader of the majority party in the house of commons, so they never vote against him, either.
Out of the so-called democracies of the world, Canada is about as close to an absolute monarchy as they get.
Don't forget the Canadian version: Stop fighting, all of you, right now, or we'll send in some peacekeepers! ... (whispered conversation) ... oh, sorry, it looks like we don't have anyone we can send. Go ahead and carry on with killing each other then.
... is FreeBSD Update. 700 lines of shell code to fetch, install, and rollback security updates to an entire operating system.
Of course, no one said it has to be turned on all the way. Wouldn't a room even that size at maximum output be kind of blinding?
That too. Point is, however useful these might be for lighting purposes, they're a bit too powerful to be used as wallpaper.
The 24 inch square panel emits 1200 lumens with a power consumption of about 80 watts ... This would make great wallpaper.
Let's see, 20W per square foot... 160W per foot of wall (assuming 8' ceilings)... that's around 5kW just for an 8' x 8' room.
They'll need to get the power consumption way down before this is useful for wallpaper.
Only if you do things wrong. I'm not talking about a pick-your-own-subset-of-linux-kernel-patches situation here; I'm talking about using patching to update everyone to the same official release. You'd have exactly the same files on disk as you get by downloading the entire package; the only difference is that by using binary patches you can reduce the bandwidth requirement by a factor of 50.
It's called debug code. Just look at FreeBSD:
/boot/kernel/kernel /boot/kernel/kernel /usr/obj/usr/src/sys/GENERIC/kernel.debugx r-x 1 root wheel 30170033 Mar 7 21:31 /usr/obj/usr/src/sys/GENERIC/kernel.debug
fafnir# ls -l
-r-xr-xr-x 1 root wheel 5940286 Feb 26 00:52
fafnir# ls -l
-rwxr-
Enabling debugging options makes the FreeBSD kernel five times as large; if anything, I'd expect Microsoft to have even more debugging code in their pre-release builds.
Release three patches, and QA three different things, or release 1.0.3 as a complete package, so everyone who does update now has the exact same thing?
No. Build 1.0.3. Build binary patches for each of (1.0 -> 1.0.3), (1.0.1 -> 1.0.3), (1.0.2 -> 1.0.3). Provide a simple shell script which looks at the MD5 hashes of files on disk and downloads the appropriate patch. Everyone who upgrades ends up with exactly the same files; no need to QA anything more than once.
(This assumes that you trust the binary patch tool to work properly; but you can check the MD5 hashes of the files post-patch to ensure that everything worked, and download the complete file if anything went wrong. My experience with FreeBSD Update is that around 1% of systems -- usually from AMD -- have heat-induced problems during the patching process, so at least for commodity hardware, this final verification is necessary.)
So where _is_ that patch to fix these mremap bugs?
The patch is here.
I believe the study that found that once the bug leaves the development shop to go to consumers it costs $9000 per line to fix.
That figure depends largely upon how many customers you have and how sophisticated your patch-distribution system is. In pre-internet days, a critical problem might have meant shipping a floppy disk to each of your customers (of course, this reduced the chance of problems being classified as "critical"). Now, most security problems in FreeBSD can be fixed in two minutes using 50kB of bandwidth and binary patches. Most operating systems fall somewhere in the middle, distributing entire files, or even complete packages, every time a one-line security fix is necessary, with the effect of requiring a 50-fold (or more, in the case of packages) increase in bandwidth (and, over slow connections, time).
Someone from Microsoft explained this to me as "we've got huge amounts of bandwidth, so we really don't need to save bandwidth by using patches"... it doesn't surprise me that Microsoft ignores the fact that delta compression would benefit their customers, but I expected better from Apple or the Linux community.
Yes, more critical... in the sense that an easily detected (just look at the packets), non-spoofable (you can't do this without having finished a TCP handshake first), denial of service attack is more serious than a root exploit.
You know, I'm really not sure WordOfMouthResearch.com is legit..
I'm pretty sure it isn't.
CD-RWs are hardly cost efficient, especially if we are dealing with something where we only rarely make changes.
:)
True, but a red herring. With a system which costs >$100, it doesn't matter if you boot off a $0.15 disk or a $0.50 disk. A CD-RW has one major advantage: When you need to re-image, you've got a disk available at hand. The last thing you want to do when updating systems for security fixes is worry about if you've got enough CDRs or if you need to drive off to the store to buy another spindle.
Yes, of course you *should* always keep enough spare CDRs on hand to re-image all your CD-boot machines, but there's a reason why "should" and "do" are different words.
If there's a remote root exploit, rebooting is merely going to make an attacker wait five minutes and then re-run the exploit. A better solution is a CD-RW disk in a CD-ROM drive -- you can always reboot into a clean system, but if there are security issues, you can remove the disk, fix the necessary bits, and then reboot.
Now the BSD world has an answer to Knoppix
Err... This may be "Stuff that matters", but it shouldn't be "News for Nerds". FreeBSD has had live CDs since at least 2002.
... does anyone ever wonder what we /.'ers will ever do once SCO finally succumbs(sp?) to their demise?
/.ers would do if SCO won.
No, but I do wonder what
(I'm not saying that it's likely to happen, but it would be amusing to watch the bleating.)
It sure looks to me like there's a significant upturn in transfer rates starting shortly after the article's posting (at 1:21 PM) on about 8 out of 16 of those graphs
And in one graph, there's a sharp dip at that time. For some reason the TW link failed, and traffic was rerouted.
though I'm not sure what time zone the stats are from
Central time, I think? Whatever they use in Texas, anyway.