seriously, apple: do cost-benefit analysis of a radio tuner... how much does the circuitry cost? what kind of new listening choices do you receive in return?... how much money can you make by selling music downloads to people who listen to the radio?
I find all four of the issues listed to be somewhat concerning, but I find the lack of innovation to be the greatest cause for alarm. People regularly ridicule the USPTO for awarding patents for "[something which has been done for years]... over the Internet!", yet it seems that the vast majority of open source software operates on a model of "[rewrite a piece of existing software]... and give it away for free!", which is equally uninnovative.
This isn't to say that there is a complete lack of innovation in open source software -- if nothing else, I like to think that some of my own contributions qualify as innovative -- but I can't see how (to take some well-known projects as examples) OpenOffice is better than Microsoft Office, or Mozilla is any better than Microsoft Internet Explorer in any way other than its license.
On the newegg link they list the MTBF as 1 million hours. Google tells me that that is about 114 years. How can it have such high mtbf?
MTBF is defined as [short time period] * [number of drives tested] / [number of drives which failed within that time period]. An MTBF of 114 years doesn't mean that half of the drives will survive for 114 years without a failure; it means that if you run 114 drives for a year, you should expect to have 1 failure.
A more intuitive way of conveying the same information is to say that the drives have an expected failure rate of no more than 1E-6 per hour.
The entire story is laughable, but the most obvious problem is this:
Firefighters took possession of Clewer's jacket and stored it in the courtyard of the fire station, where it continued to give off a strong electrical current.
How does a statically charged jacket "give off an electric current" -- and why would firefighters take possession of it anyway? All they'd need to do to discharge it is pour a bucket of water over it.
Yes, this might be the best approach; but it's hard to say without knowing more details.
I think the right solution for the submitter is "talk to someone with experience in this area" -- ideally, me. I'm no longer looking for a job, but I'd still be happy to hear details about a problem and offer my opinion on how best to attack it.
What are the privacy implications if the study only uses anonymized location data, i.e. "in this field of 100m x 100m", there is a cell phone which now moves to this field etc.?
Not very much reduced. The set of mobile phones which frequently move between my home and the corner of the university where I work is very small.
Apparently, 'Running the majority of web servers worldwide' doesn't count as mainstream.
Does Linux run the majority of web servers worldwide? I know that Apache does (around 70%, according to netcraft), but the only data I've seen on Linux usage (again, from netcraft) puts it at 25% of the ssl web server market -- considerably lower than Microsoft's 40%.
It's a public library, paid for with public funds, but it distributes midia (sic) based on a Microsoft-only DRM plan. [...] Unless the libraries also offer the same media in some form that is available to Linux users, then I would fight this when it rears it's ugly head at my libbrary (sic).
In other news, many public libraries distribute books which can only be read by English speakers, even though those libraries are supported by tax revenues from people who do not speak English.
The goal of libraries is to make content available to as many people as possible, not to make exactly the same content available to absolutely everybody.
Dan Brown's book addresses this very issue. The one line that echoes in my head when reading this story is a line from the novel.
"Who will guard the guards?"
That line may have appeared in Dan Brown's book, but he didn't write it. He quoted the famous phrase ("quis custodiet ipsos custodes") from Juvenal's sixth satire.
Perl is designed to mimic many aspects of natural language
I suppose that if you're a modem, Perl might look like natural language to you. To the rest of us, it is questionable whether it can be called a language at all (isn't the essence of language the trait of facilitating communication?), and it certainly isn't a natural language.
We need to re-think we way we apply security patches. The patches for this problem were available several days ago; why weren't they applied?
The answer is that Microsoft security patches have a reputation for causing things to break. Why this happens, I don't know -- Microsoft certainly has the resources necessary to test their patches before releasing them -- but for whatever reason, patches from Microsoft have developed that reputation. As a result, administrators of large networks have learned to not apply security patches immediately to all systems, but instead to test them on a few machines for some time first -- exactly the same way as other patches are handled.
The decreasing window between patch publication and widely distributed exploit code means that this approach simply doesn't work any more. Security patches must be applied to all affected systems immediately. Don't stop to test them; just apply the patches and reboot if necessary.
Of course, this means that vendors need to do a good job of testing security fixes before releasing them. I'm proud of the fact that in my time on the FreeBSD security team, we have never released a security patch which has caused new problems. While we don't officially recommend this, I know several people who have their systems automatically download and install FreeBSD security patches -- because they trust us to make sure that our security patches will never break anything.
After all... if you can't trust the security team of the operating system you're running, why are you running that operating system?
Calculating pi is a series of mathematical operations where you can't do the next one without the prior because you need the remainders.
Leaving aside the BBP algorithm which several other people have mentioned, you're mostly correct here.
How exactly do you break a series of operations that depend on the priors into chunks for a supercomputer to rip through?
But you're going a bit astray here. Large classical computations of Pi are exercises in performing big Fast Fourier Transforms; and there are very good algorithms for doing those in parallel. Using the AGM or a Borwein iteration, computing a million digits of Pi requires approximately 200 full-length FFTs plus some additional linear-time trivially parallelizable work.
So anyway, it looks like this calculating pi is a record in general, not for just a PC.
Give me a 4 processor 3.8GHz Pentium 4 system, and I can beat the reported time by a factor of two. If you can do parallel FFTs, you can do a parallel classical computation of Pi.
Quoth McBride: We also believe in quickly responding to the latest security threats. In CNET's, May 27, 2005 article entitled "OS Makers Slow to Fix Flaw," a vulnerability was discovered affecting Intel's hyperthreading and allows a local hacker to steal sensitive information. A notification was given to all operating system vendors in March. "FreeBSD security team member Percival has received formal responses to the issue from the makers of the BSD family of open-source operating systems, as well as SCO and Ubuntu Linux. However, Linux vendors Red Hat, Novell and Mandriva have been slow to act, as has Microsoft," he said. SCO was first to respond to the security threat.
As I commented in a recent interview, I was quite surprised at how professionally SCO responded to this security issue.
However, SCO was not the first to respond: That distinction goes to FreeBSD, which released patches at 00:01:20 UTC on May 13th and sent out an advisory at 00:38:35 UTC. SCO's advisory followed almost a day later.
they really changed their update mechanism in the newest version (9.3 I think) and now use deltarpms
Oops. You're right, they are using binary diffs now. In fact, they're using my code, and even emailed me some patches several months ago which I've been too busy to look at./me makes mental note: Check that facts haven't changed if more than a few months have passed...
IIRC the latest Suse already uses binary diffs for updating.
Not unless it has changed recently. Suse's approach always used to be "well, out of this package of two hundred files, only these ten have changed, so we'll send out a cut-down package with only those ten files instead of including all two hundred". This is certainly an improvement over the RedHat and Debian approach (which sends out complete packages, including duplicates of unmodified files), but is far worse than using actual binary diffs, which can provide another 50-fold reduction in bandwidth.
My favourite statistic about the usefulness of good binary diffs: All of the binary diffs needed to update a two-year-old copy of FreeBSD to patch all known security issues fit quite easily onto a 3.5" floppy disk.
If you want to convince closed-source software developers to consider writing open source software -- or, for that matter, if you simply want to make closed-source software developers aware of open source software -- then what better approach is there than saying "here's some code; go ahead and use it" and waiting until they notice that the code is both useful and high quality?
People don't just become open source software developers overnight; there's a gradual process involved, and it almost always includes a stage of starting to recognize the virtues of open source software while still writing closed-source software -- a stage which the GPL makes extremely difficult.
they might not be C, O or even Al, but most know sodium better than technetium, praseodimiun or some transition metal forgotten somewhere in the limbo of rare earths.
Praseo-what? Oh, you mean praseodymium. I guess you just proved your point about people not knowing it very well...
Yes they are... they're taking a bunch of protons and putting them together with a bunch of electrons.
They're just gathering the stuff that was formed at the start of the universe
There wasn't any hydrogen in the early universe; it didn't form until about half a million years later, once the temperature of the universe had dropped to around 3000K.
Slashdot Mirror
seriously, apple: do cost-benefit analysis of a radio tuner... how much does the circuitry cost? what kind of new listening choices do you receive in return? ... how much money can you make by selling music downloads to people who listen to the radio?
I find all four of the issues listed to be somewhat concerning, but I find the lack of innovation to be the greatest cause for alarm. People regularly ridicule the USPTO for awarding patents for "[something which has been done for years]... over the Internet!", yet it seems that the vast majority of open source software operates on a model of "[rewrite a piece of existing software]... and give it away for free!", which is equally uninnovative.
This isn't to say that there is a complete lack of innovation in open source software -- if nothing else, I like to think that some of my own contributions qualify as innovative -- but I can't see how (to take some well-known projects as examples) OpenOffice is better than Microsoft Office, or Mozilla is any better than Microsoft Internet Explorer in any way other than its license.
On the newegg link they list the MTBF as 1 million hours. Google tells me that that is about 114 years. How can it have such high mtbf?
MTBF is defined as [short time period] * [number of drives tested] / [number of drives which failed within that time period]. An MTBF of 114 years doesn't mean that half of the drives will survive for 114 years without a failure; it means that if you run 114 drives for a year, you should expect to have 1 failure.
A more intuitive way of conveying the same information is to say that the drives have an expected failure rate of no more than 1E-6 per hour.
Any authoritative debunkings yet?
The entire story is laughable, but the most obvious problem is this:
Firefighters took possession of Clewer's jacket and stored it in the courtyard of the fire station, where it continued to give off a strong electrical current.
How does a statically charged jacket "give off an electric current" -- and why would firefighters take possession of it anyway? All they'd need to do to discharge it is pour a bucket of water over it.
Yes, this might be the best approach; but it's hard to say without knowing more details.
I think the right solution for the submitter is "talk to someone with experience in this area" -- ideally, me. I'm no longer looking for a job, but I'd still be happy to hear details about a problem and offer my opinion on how best to attack it.
I said and also meant anonymized and not pseudonymized.
Depending upon how many phones are in any cell at once, that might not make any difference.
What are the privacy implications if the study only uses anonymized location data, i.e. "in this field of 100m x 100m", there is a cell phone which now moves to this field etc.?
Not very much reduced. The set of mobile phones which frequently move between my home and the corner of the university where I work is very small.
Pterosaurs went extinct 65 million years ago, they left no descendants and we don't know quite what their closest relative was
I'm going to go out on a limb, and guess that the closest relative to a Pterosaur would be another Pterosaur.
Either that, or a Spitfire.
Apparently, 'Running the majority of web servers worldwide' doesn't count as mainstream.
Does Linux run the majority of web servers worldwide? I know that Apache does (around 70%, according to netcraft), but the only data I've seen on Linux usage (again, from netcraft) puts it at 25% of the ssl web server market -- considerably lower than Microsoft's 40%.
It's a public library, paid for with public funds, but it distributes midia (sic) based on a Microsoft-only DRM plan. [...] Unless the libraries also offer the same media in some form that is available to Linux users, then I would fight this when it rears it's ugly head at my libbrary (sic).
In other news, many public libraries distribute books which can only be read by English speakers, even though those libraries are supported by tax revenues from people who do not speak English.
The goal of libraries is to make content available to as many people as possible, not to make exactly the same content available to absolutely everybody.
Perhaps the employee traveled to Indonesia.
He might have travelled to Indonesia, but he was in France when he contracted measles.
I don't think that Microsoft off-shores many jobs to France.
Dan Brown's book addresses this very issue. The one line that echoes in my head when reading this story is a line from the novel.
"Who will guard the guards?"
That line may have appeared in Dan Brown's book, but he didn't write it. He quoted the famous phrase ("quis custodiet ipsos custodes") from Juvenal's sixth satire.
August 2003: Sobig
August 2004: Sasser
August 2005: Zotob
What's next?
I'm just guessing here, but... could "August 2006" be next?
Perl is designed to mimic many aspects of natural language
I suppose that if you're a modem, Perl might look like natural language to you. To the rest of us, it is questionable whether it can be called a language at all (isn't the essence of language the trait of facilitating communication?), and it certainly isn't a natural language.
We need to re-think we way we apply security patches. The patches for this problem were available several days ago; why weren't they applied?
The answer is that Microsoft security patches have a reputation for causing things to break. Why this happens, I don't know -- Microsoft certainly has the resources necessary to test their patches before releasing them -- but for whatever reason, patches from Microsoft have developed that reputation. As a result, administrators of large networks have learned to not apply security patches immediately to all systems, but instead to test them on a few machines for some time first -- exactly the same way as other patches are handled.
The decreasing window between patch publication and widely distributed exploit code means that this approach simply doesn't work any more. Security patches must be applied to all affected systems immediately. Don't stop to test them; just apply the patches and reboot if necessary.
Of course, this means that vendors need to do a good job of testing security fixes before releasing them. I'm proud of the fact that in my time on the FreeBSD security team, we have never released a security patch which has caused new problems. While we don't officially recommend this, I know several people who have their systems automatically download and install FreeBSD security patches -- because they trust us to make sure that our security patches will never break anything.
After all... if you can't trust the security team of the operating system you're running, why are you running that operating system?
Calculating pi is a series of mathematical operations where you can't do the next one without the prior because you need the remainders.
Leaving aside the BBP algorithm which several other people have mentioned, you're mostly correct here.
How exactly do you break a series of operations that depend on the priors into chunks for a supercomputer to rip through?
But you're going a bit astray here. Large classical computations of Pi are exercises in performing big Fast Fourier Transforms; and there are very good algorithms for doing those in parallel. Using the AGM or a Borwein iteration, computing a million digits of Pi requires approximately 200 full-length FFTs plus some additional linear-time trivially parallelizable work.
So anyway, it looks like this calculating pi is a record in general, not for just a PC.
Give me a 4 processor 3.8GHz Pentium 4 system, and I can beat the reported time by a factor of two. If you can do parallel FFTs, you can do a parallel classical computation of Pi.
As much as I dislike spammers, is 640 years appropriate for one man?
Remember that the US legal system likes the idea of consecutive sentences. 640 years would be roughly 12 seconds per customer record stolen.
Quoth McBride:
We also believe in quickly responding to the latest security threats. In CNET's, May 27, 2005 article entitled "OS Makers Slow to Fix Flaw," a vulnerability was discovered affecting Intel's hyperthreading and allows a local hacker to steal sensitive information. A notification was given to all operating system vendors in March. "FreeBSD security team member Percival has received formal responses to the issue from the makers of the BSD family of open-source operating systems, as well as SCO and Ubuntu Linux. However, Linux vendors Red Hat, Novell and Mandriva have been slow to act, as has Microsoft," he said. SCO was first to respond to the security threat.
As I commented in a recent interview, I was quite surprised at how professionally SCO responded to this security issue.
However, SCO was not the first to respond: That distinction goes to FreeBSD, which released patches at 00:01:20 UTC on May 13th and sent out an advisory at 00:38:35 UTC. SCO's advisory followed almost a day later.
they really changed their update mechanism in the newest version (9.3 I think) and now use deltarpms
/me makes mental note: Check that facts haven't changed if more than a few months have passed...
Oops. You're right, they are using binary diffs now. In fact, they're using my code, and even emailed me some patches several months ago which I've been too busy to look at.
IIRC the latest Suse already uses binary diffs for updating.
Not unless it has changed recently. Suse's approach always used to be "well, out of this package of two hundred files, only these ten have changed, so we'll send out a cut-down package with only those ten files instead of including all two hundred". This is certainly an improvement over the RedHat and Debian approach (which sends out complete packages, including duplicates of unmodified files), but is far worse than using actual binary diffs, which can provide another 50-fold reduction in bandwidth.
My favourite statistic about the usefulness of good binary diffs: All of the binary diffs needed to update a two-year-old copy of FreeBSD to patch all known security issues fit quite easily onto a 3.5" floppy disk.
Wrong guy, different case, and hell, different country even.
RTFA. The grandparent's summary is accurate.
It shoud also be noticed that they are simply using open source software instead of making contribution.
Today's users are tomorrow's contributors.
If you want to convince closed-source software developers to consider writing open source software -- or, for that matter, if you simply want to make closed-source software developers aware of open source software -- then what better approach is there than saying "here's some code; go ahead and use it" and waiting until they notice that the code is both useful and high quality?
People don't just become open source software developers overnight; there's a gradual process involved, and it almost always includes a stage of starting to recognize the virtues of open source software while still writing closed-source software -- a stage which the GPL makes extremely difficult.
they might not be C, O or even Al, but most know sodium better than technetium, praseodimiun or some transition metal forgotten somewhere in the limbo of rare earths.
Praseo-what? Oh, you mean praseodymium. I guess you just proved your point about people not knowing it very well...
They're not making hydrogen.
Yes they are... they're taking a bunch of protons and putting them together with a bunch of electrons.
They're just gathering the stuff that was formed at the start of the universe
There wasn't any hydrogen in the early universe; it didn't form until about half a million years later, once the temperature of the universe had dropped to around 3000K.