Well they did say they were okay with ActiveX, and the Flash plugin for IE is an ActiveX control, so it's possible they at least have that installed. The real WTF though is considering ActiveX controls to be somehow different from "some shady.exe".
Well, thank you for setting me straight. My next question was of course going to be "what about bulb longevity?" but that's also answered on the same page, though I'm having trouble parsing it in a way that supports their "busted" conclusion:
They tested one final element of this myth: frequently turning lights on and off decreases their life span, thus leading to greater costs. Grant setup a timer and relay to turn the bulbs on and off repeatedly every 2 minutes. After six weeks, only the LED bulb was still working. Based on this test, they extrapolated that it would take five years of ordinary usage to cause the bulbs to burn out.
* busted *
So by setting up a test in which turning the lights on and off every two minutes caused nearly all of them to die within 6 weeks they were able to extrapolate that more "normal" usage patterns would make them last for much, much longer? And their conclusion is that turning them and on off doesn't affect their longevity?
I suppose the real conclusion is "yes it does affect their life, but it's only a very small factor and unless you're really abusing the light it won't make a difference compared to the other factors".
Yet we seem to have no problem with obliterating from view the equally stunning 180 degrees of view above us. Why?
I think it's more likely just to be that most people don't care. You want to look at the night sky, go on vacation somewhere that lacks light pollution. Just like how people who live near the great natural wonders of the world don't go and gawp at them every day because they get old fast, the night sky only holds interest to most people for a very short while. So while we could go to heaps of trouble to have cities only lit as much as they absolutely need to be, very few people would sit around marvelling at the night sky because they'd be used to it after the first few nights.
I'm not up to date on my lighting technology, so I wonder if this would actually be more efficient. Doesn't turning things on usually require a fairly significant burst of energy, comparable to simply leaving it on for quite a long time?
Not to mention the cost of all those motion detectors; keeping in mind that street lighting isn't only useful for cars.
Plus how do you know what IP address is a printer without special tools such as a sniffer.
It's pretty rare for people to change the MAC address of their devices, even on devices that allow it. And since each vendor is allocated its own prefix(es) it's pretty straightforward to narrow your search to e.g. Xerox MAC addresses. With a bit of research it's likely you'd be able to find even narrower prefixes that the vendor has allocated to particular types of printers.
don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tables
I think that's what the installation of the wireless router is for.
Also, don't forget that all your criticisms are implying that the bank has implemented good security practices across the board. We like to think they do, but in reality they're probably only a little bit better than the majority of companies. Very few people require authentication before providing an address via DHCP, for example, or do MAC filtering on every port (or even enough ports to make it meaningful).
Finally, the post you responded to didn't say the guys just walked in out of the blue without any prior research. That seems unlikely. Also why would you need to give your wireless router an IP on their network if it's sitting in the network path? Ideally you wouldn't be using an off-the-shelf one, but I think that'd be fine on most networks, particularly since most people consider their internal cabling to be pretty trustworthy.
Your other main criticism is they'd need to take down the network in order to patch into it, but that would only take a few minutes. If you lose a part of your network are you going to go "everyone quick, to the restroom!" to find the culprit? Very improbable. Most likely it would take a minute or two before the network admins even identified the switches/routers that were having problems, then it'd take another few minutes for them to physically go to the devices and check the cables are plugged in (the first place most people would start looking once they established that the link was down). And by this time it's probably come back up again.
Now if their security guys are really hardcore they might decide to go through the roof and check out the entire length of the network cable to make sure it hasn't been tampered with, but 99% of people are just going to "monitor it and see if it happens again" -- which it wouldn't. Then it'd be forgotten about.
True enough, but my main point was that getting to actual gigabit speeds in the first place is actually pretty difficult. Plus, I couldn't find an easy way to copy only X amount of "random" data via scp which was the point of the article. Regardless, copying data is rarely if ever a useful thing to do with scp, anyway.
Have you measured your actual throughput on the file transfer? It tends to take a crapload of tuning to get anywhere near saturating gigabit, even if you're not using encrypted transfers.
I wrote the bit below which I'll keep because it might be interesting to someone, but dm(Hannu) already mentioned the claw flaw in the logic behind the PP and article summary: if the CPU is the bottleneck, how could adding more threads possibly help?
Just for a laugh I used scp to copy a 512 MB file from my file server to itself, an Athlon 3700+ running at 2.2ghz. I got about 18 megabytes / second out of it. I took a snapshot of top's output right at the end (97% complete) and the CPU usage was as follows:
So this system was pretty much pegged by this copy operation, and it achieved less than a fifth the capacity of a gigabit network link. Obviously the system is capable of transferring data much faster than this; the source was a RAID-5 set of 5 new 500 GB drives, and the destination was a stripe across two old 40 GB drives. I'd also repeated the experiment a few times (and this was the fastest transfer I got) so it's likely the source file was cached, too.
I do agree that there's probably more interesting and useful things to optimise (and make easy to optimise) than scp's speed, but I know for sure that scp'ing iso images to our ESX servers in a crapload slower than using Veeam's copy utility or the upload facility in the new version of Infrastructure Client (at least I think it's new, never noticed it before).
It's not that strange, if you define "strange" as meaning something similar to "unusual". It is a bit of a worry though -- my general impression of Spore has been of a "it's done when it's done" type of project, and aiming for an arbitrary release date seems contrary to that.
Still, I have hope. Even all those years ago when it was first demonstrated it appeared pretty gamey, even if the different phases weren't linked. And I've been seeing various hands-on previews that say the game is virtually complete. So it might be they've given themselves heaps of time for polishing (I imagine you could spend forever polishing this sort of game) but it's already pretty much done.
The new thing here is the internet, and people becoming used to the idea that you don't need to look at ads in order to make use of it. How many of us AdBlock? How many people have switched to Firefox after seeing how wonderfully effective it is?
You use radio, newspapers and TV as examples of ad-supported media that has stood the test of time. As a single data point, I can tell you that I haven't listened to commercial radio since early high school (around '95 or so). After I started listening to Triple J (government-funded station with no ads) I found commercial radio to be almost painful in comparison, what with the constant obnoxious loud adverts, and annoying promos crowing about how they're doing an ad-free hour or whatever. Now that my and JJJ's music taste have diverged I mostly listen to my own collection. I stopped watching TV a long time ago too; I download any programmes I want to watch because it's more convenient and don't constantly interrupt my viewing with ads. I've never even bought a newspaper; if I want news I can find it online.
The big thing is that once you stop watching or hearing ads for a while, when you do encounter them you find them really, really annoying -- and this just makes you want to avoid them even more, even if it requires a bit of extra effort in order to do so. Any company that relies on ads is in a very scary position because the fact is the vast majority of people don't simply "not like" advertising, they actually dislike it. When your primary product is something people not only don't want but actively seek to avoid, you're going to have problems.
Just to add to QuantumRiff's sentiments, calling spam "solved" by spam filters is like calling world wide conflicts "solved" by the arms race. Spam is only a trickle for you because many people spend a lot of time/money (and I mean, a lot) developing and purchasing anti-spam software and hardware. This stuff is under constant development to keep up with the latest techniques used by the spammers. This is similar to how the current state of superpower militaries keeps the peace; large-scale wars of aggression aren't viable at the moment. But this balance of power could shift pretty quickly, for example if someone has a major technological breakthrough that they're able to exploit before anyone else.
Even if we are able to keep up the pace of anti-spam technological improvements indefinitely, it's still a massive waste of resources. The spam problem just shouldn't exist. Sure we do get some dividends in terms of research into natural language parsers and the other techniques being used to automatically classify messages, but most of the people doing this could be doing more productive things with their time.
In the end I think it will only be solved when we solve the botnet problem, but it doesn't look like that's going to happen any time soon.
P.S. If you're trying to argue that something is "solved", it's usually a bad idea to also admit that there's only one provider of a viable solution (i.e. pop3/imap spam-free email) in the entire world. That's not a "solution", that's "an invitation to charge us whatever you wish for your service". Also free providers are a bad fit for businesses: using gmail or other free providers for your corporate email address makes your company look a bit cheap; not to mention the privacy issues.
P.P.S. You might find a trickle of spam not to be annoying, but plenty of others do, especially those who are responsible for implementing your so-called solution.
I know where I am, 10mbits of bandwidth was going to cost me over $20k per month but we do get overcharged here (UK).
You do indeed get thoroughly overcharged. I'm in Perth, and at work we pay about 5,000 AUD per month for an unmetered 10mbit full-duplex fibre link to our office. Data into and out of the UK surely must be a lot less expensive than data in/out of Australia.
It's a very compelling theory, but I have to wonder: why are they only tapping them now?
I think it's a bit naive to think that they haven't been tapping these lines for an awfully long time. Of course that brings up a related possibility: the taps were discovered and are being removed.
I also think it's pretty unlikely that anyone would transmit anything sensitive over the internet without strong encryption.
I think this "gaming the search results" thing is a big reason why it's unhealthy to have such a dominant player, and the Hitwise stats that fictionpuss linked to say that Microsoft's share of the US search engine market is less than 6%. I'm not sure if search.msn.com and live.com are basically the same engine or not; it makes sense that they would be, but if not then it implies live.com has an insignificant market share (i.e. they didn't bother listing it).
So I think the reason Live.com's results aren't gamed is because there's so little to gain from it, relative to Google's. It probably also explains why Google's results were so amazing during their early years compared to AltaVista.
Yes, but saying that people can avoid using MSN without being punished, or that they can avoid Yahoo! if it's bought by Microsoft without being punished, isn't a particularly compelling statement.
In fact, I think it may be the opposite of what you're trying to imply.
Yeah, it seems really strange to me, too. Yesterday we received an email about Heroes Happen {2008}, and the whole concept (and especially the banner) immediately struck me as being stupid and childish. Are there really that many businesses who think things like this are entertaining or clever? To me it just seems like a really inappropriate way to communicate with a corporate customer. If it was say Debian or another organisation/company that I actually liked and "identified with", I'd be embarrassed if they were doing stuff like this.
That's because smashing windows and stealing physical items isn't considered socially acceptable behaviour, so very few people do it. Just like internet file sharing was ignored for a long time before Napster made it cool.
That's why the RIAA is kicking up such a fuss: they want to make copying stuff for your friends and strangers socially unacceptable. They haven't quite grasped the fact that most members of society don't really give a rats ass about corporate profits, but do get upset when people they know (or even strangers who seem kind of like people they know) are getting sued into oblivion.
Of course, laws aren't created and enforced by "most members of society", so the majority viewpoint is pretty much moot.
Yes, the 'net access was down for an hour, but after that it came back up as before.
Guess TCP was able route the packets through alternate gateways after detecting the problem.
1. TCP has nothing to do with routing packets. 2. IP also has nothing to do with selecting an "alternate gateway" after "detecting a problem". 3. If it was down for an hour, then I don't think this was anything to do with magical routing protocols. Human interaction was required to either repair the broken link or set up an alternate path.
According to the article:
Reports suggested that the lack of alternative routes for internet traffic meant only a small proportion of surfers were managing to get online. Egyptian officials said that around 70% of the country's online traffic was being blocked, while officials in Mumbai said that more than half of India's internet capacity had been erased, which could have potentially disastrous consequences for the country's burgeoning hi-tech industry.
"There has been a 50% to 60% cut in bandwidth," Rajesh Charia, president of the Internet Service Providers' Association of India told Reuters.
So it sounds like not every ISP was able to use the alternate path, and the alternate path didn't have sufficient bandwidth for those that could, anyway.
Mind you, the article then comes out with this astonishing "fact":
The shutdown highlighted the often frail nature of international communications: despite the vast number of individuals who have access to the web, nearly all internet traffic is routed through a small number of cables submerged deep below the oceans. It is then forwarded through an internet backbone consisting of just 13 servers which handle and direct all online requests.
Is this the new version of the Majestik 12 that run the world?
I'm guessing this is a reference to [A-M].root-servers.net, but I'm pretty sure none of those are actually a single server, and several have multiple physical locations. Even so, the vast majority of even remotely popular sites will have their nameserver entries cached at a bazillion ISP DNS caches.
though from what I can gather parts of OOXML are not that much better
This may have just been a typo, but just in case it might be worth pointing out that "OOXML" is Microsoft's "Office Open XML" specification, while the OpenOffice.org specifications are called "Open Document Format". You appeared to be referring to the latter, ODF.
I'm 99.9% sure that Microsoft chose that name in order to sow confusion.
I was thinking the same, but I think the N800 would be considered an extremely high-end smart phone if it was in fact a phone. It's not; it's more of a PDA, aka "a real computer, only small". I suspect my N73 wouldn't cope with a mobile Mozilla nearly so well as it copes with Opera's browser.
I also found the browsing experience on my N800 better with Opera's browser than with Mozilla, but I'm hoping that it'll improve with time. In particular the text input doesn't work as nicely; the on screen keyboard frequently pops up over the top of the text entry field so I can't see what I've entered, and it doesn't overtype text that you've highlighted (you can just hit backspace to delete it and then start typing, but it's annoying until you work that out).
Also I've found the drag-the-screen-to-scroll thing doesn't work on some pages, and that's really irritating.
Given that virtually all domain registrations are instant, I'd say no. The only exception I'm aware of is.travel, which is a real pain in the arse to register under.
The.au space is pretty tightly governed. For example, for a.com.au you need to be an Australian registered business and provide your Australian Business Number or similar identification; and the domain name needs to either be close or exact match for your business name or "substantially related".
I'm pretty sure it used to be that registrations were vetted by humans in order to ensure the information you provided was accurate, and there was some delay between submitting your registration and actually getting the domain. I guess that doesn't scale so well because now.au domains are instantly registered just like.com and so on. The rules still apply, but it's only there so people can challenge registrations. This does function as a good disincentive for abusing the DNS though; if you do something dodgy enough to get someone's attention, they can complain to auDA and if your registration info is invalid / bogus, you can lose your domain and your money. At least in theory.
Isn't this merely habit, as opposed to thinking of the watch as being an extension of yourself? This study is looking into tools that are directly manipulated by the hands (pliers) in order to accomplish a task that could normally be accomplished with your hands (grasping food). I would think that telling the time by looking at your wristwatch is on a much higher level.
I used to wear a watch too, and would also "instinctively" look at my wrist whenever I wanted to know the time for quite a while after I stopped wearing it (I think it broke and I couldn't be bothered getting a new one). I haven't worn one for probably at least 6 or 7 years, so I no longer do that. I do however automatically look to the bottom right corner of the screen if I'm at a computer, or reach for my mobile phone in my left pocket if I'm not. I don't think this because I think of either as being an extension of myself though; it's just because over the years I've determined that in most cases, that's the quickest way to determine the time. Even if there is a clock nearby, it's usually quicker to get my phone out to look at the time than to look around for a clock. Plus, I know my phone is correct.
Another thing is that since I've stopped wearing a watch, I care a lot less about what the time is. It's possible that having easy access to the current time makes it seem as if it's important to always know the exact time, leading to something of a feedback loop. It could just be changed personal circumstances though; I think I stopped wearing it shortly after finishing high school.
If it's really not that hard, then why don't you tell us to how to create such a system then? What you described certainly doesn't match what paeanblack suggested.
In addition to being pretty much trivial to write a script for, you're also forgetting that many people are a lot less intelligent than computers and will actually fail at even simple maths. For an elitist site like/. it's probably okay to say "we don't want people who can't do simple sums to be able to sign up, anyway". If you're a big player like Yahoo! that's not really an option. Failing at CAPTCHAs is very frustrating for most people, and doubly so if they make the user feel stupid in the process.
This is actually also a problem with paenblack's first question, "What colour are buses in London?" Offhand I think they might be red, but I'm not sure and unless your site is the best thing since sex it's unlikely I'd take even the few seconds it would require to do a Google search to find out the answer. However the reason this is a good question is precisely because it's somewhat obscure; there is no algorithm to work out that buses in a particular city are a particular colour; the only way to popular such a database is by manually entering a whole bunch of information. Things like the maths questions are trivially easy to parse and therefore easy for a computer to answer. In fact, it's easier for a computer to answer them than for many humans, so it's likely if such a scheme became widespread there'd be Firefox plugins to answer such CAPTCHAs for you.
In addition, having to answer three questions that actually require some amount of thought and comprehension is going to piss people off. There's a lot of people (including myself) who find even simple "type the letters in this image" CAPTCHA annoying, and those I don't even need to think about. Having to read and parse a sentence and then do a calculation -- unless the site's super special, I'm likely not to bother.
I think a lot of people creating these things forget that most websites aren't unique and special, and if you make it too much of a nuisance people will go elsewhere. For your personal site that doesn't matter, but for people who are actually trying to make a living from their websites that's completely unacceptable.
Just yesterday I bought some stuff from an online store, and during the signup process they requested my home telephone number for credit card verification purposes. Since I don't know my home phone number and my bank certainly doesn't either, this posed a bit of a problem. If I hadn't used this store before (years ago; my old account was apparently deleted, which is actually pretty nice considering how many sites seem to never remove your info) I would have gone to a competitor's site and bought from them instead.
As it happens, they accept other methods of payment and so the "telephone number for verification" field is optional. I left it blank, and was able to make the purchase with my credit card without any issue; but had it said "you must supply your phone number for verification purposes!" then I would have just gone elsewhere and they would've lost a sale.
Now this isn't a CAPTCHA, and it's actually a security feature to protect people and themselves from credit card fraud; but it's a good example that if you make things even slightly inconvenient for your (potential) customers/visitors, they can very easily decide not to bother with you.
Combine this with a temp IP lockout after 3-5 failures, and now the spammer not only needs to constantly update his software, but he needs to control a huge botnet with a massive IP range. A spammer faced with that is simply going to move onto an easier site.
Again, this sort of strategy might work for your pissweak tiny site that nobody reads anyway, but for targets with actual value to a spammer they're not even a speed bump. Firstly ask yourself: why would a spambot submit an answer to a CAPTCHA that it wasn't able to p
It's about the same, only my phone doesn't have any integration with the telco. Hence, they send an SMS when a message is left. After that, I hold "1" to call the voicemail service (just the standard Nokia quick call thing). No PIN needed for mine, either. But in the time it takes to call the service and have it say "You have one new message." I could have opened the SMS and already be reading it.
My voicemail provider does have an option to return the call, but using it costs slightly more than returning the call directly from my phone does. It's also only useful if you're wanting to call back the person who called. That is often the case so it's a useful option there, but if the reason for the call was that I needed to call someone else then I'm stuck transcribing numbers. Same if it's about a server that's down (hostname or IP address or website URL etc.). My point is that often there's information I need to refer back to, and when it's left as voice mail (or a direct phone call) I have to go out of my way to write it down. If it's a text, then it's already written down. It also has the added advantage of not being dependent on the caller speaking clearly and being in a quiet place and all that.
How does your phone make it a hassle to get into a text message and delete it? It's three keypresses for me, and one of them is to confirm I want to delete it (which isn't too bad an idea, since phone keypads are kind of small, but it would be better to have an undelete option instead).
I usually find voicemail much less convenient, at least to receive it. Partly this is the interface; I get notified that someone's left a message via an SMS. So first I need to read the SMS to see I have a voice message. Then I need to call up my voice mail service and listen to the robot woman tell me when the call was missed (which I usually already know because my phone previously notified me that I missed a call). Then I have to listen to the message, and if there's anything important in it I normally need to listen to it again so I can write stuff down (assuming I'm at a location where I can write). And if there's a phone number or it's not clear enough I may have to listen to it several times before I can fairly sure I've transcribed it correctly.
Compared to an SMS, it's a lot more hassle. Although you sometimes have to deal with strange abbreviations, most important details (phone numbers, addresses, names) will be written in full and with no ambiguity.
Also, if the message is worth keeping around for a while "just in case", voice mail provides a much more cumbersome interface than an SMS mailbox. "Visual voicemail" and similar would help with that aspect though.
I wasn't exactly expecting a flood of praise for Microsoft on slashdot, but you're completely spot on. Not one of the posts seems to be non-critical. We (as in, "people who know anything about computers") have been begging Microsoft to design their products with security in mind for a long long time now - rather than their usual practice of making grandiose statements about how security is job #1 and turning out the same old schlock as always.
With Vista, they actually seem to have done this. Even though they've added a lot of crap nobody wanted along with the crap that some people wanted, they've managed to do it without introducing loads of security problems. Remember, this is a mainstream product from a commercial software company where everything is subject to a cost/benefit analysis.
So it seems that the cost/benefit analysis has actually come down in favour of writing safer code even though it probably takes longer. This is great news for everybody who has to, in one way or another, deal with the problems caused by exploited PCs.
Slashdot Mirror
Well they did say they were okay with ActiveX, and the Flash plugin for IE is an ActiveX control, so it's possible they at least have that installed. The real WTF though is considering ActiveX controls to be somehow different from "some shady .exe".
Well, thank you for setting me straight. My next question was of course going to be "what about bulb longevity?" but that's also answered on the same page, though I'm having trouble parsing it in a way that supports their "busted" conclusion:
They tested one final element of this myth: frequently turning lights on and off decreases their life span, thus leading to greater costs. Grant setup a timer and relay to turn the bulbs on and off repeatedly every 2 minutes. After six weeks, only the LED bulb was still working. Based on this test, they extrapolated that it would take five years of ordinary usage to cause the bulbs to burn out.* busted *
So by setting up a test in which turning the lights on and off every two minutes caused nearly all of them to die within 6 weeks they were able to extrapolate that more "normal" usage patterns would make them last for much, much longer? And their conclusion is that turning them and on off doesn't affect their longevity?
I suppose the real conclusion is "yes it does affect their life, but it's only a very small factor and unless you're really abusing the light it won't make a difference compared to the other factors".
Don't be lazy. Google before you post!ObYouMustBeNewHere.
I think it's more likely just to be that most people don't care. You want to look at the night sky, go on vacation somewhere that lacks light pollution. Just like how people who live near the great natural wonders of the world don't go and gawp at them every day because they get old fast, the night sky only holds interest to most people for a very short while. So while we could go to heaps of trouble to have cities only lit as much as they absolutely need to be, very few people would sit around marvelling at the night sky because they'd be used to it after the first few nights.
I'm not up to date on my lighting technology, so I wonder if this would actually be more efficient. Doesn't turning things on usually require a fairly significant burst of energy, comparable to simply leaving it on for quite a long time?
Not to mention the cost of all those motion detectors; keeping in mind that street lighting isn't only useful for cars.
It's pretty rare for people to change the MAC address of their devices, even on devices that allow it. And since each vendor is allocated its own prefix(es) it's pretty straightforward to narrow your search to e.g. Xerox MAC addresses. With a bit of research it's likely you'd be able to find even narrower prefixes that the vendor has allocated to particular types of printers.
don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tablesI think that's what the installation of the wireless router is for.
Also, don't forget that all your criticisms are implying that the bank has implemented good security practices across the board. We like to think they do, but in reality they're probably only a little bit better than the majority of companies. Very few people require authentication before providing an address via DHCP, for example, or do MAC filtering on every port (or even enough ports to make it meaningful).
Finally, the post you responded to didn't say the guys just walked in out of the blue without any prior research. That seems unlikely. Also why would you need to give your wireless router an IP on their network if it's sitting in the network path? Ideally you wouldn't be using an off-the-shelf one, but I think that'd be fine on most networks, particularly since most people consider their internal cabling to be pretty trustworthy.
Your other main criticism is they'd need to take down the network in order to patch into it, but that would only take a few minutes. If you lose a part of your network are you going to go "everyone quick, to the restroom!" to find the culprit? Very improbable. Most likely it would take a minute or two before the network admins even identified the switches/routers that were having problems, then it'd take another few minutes for them to physically go to the devices and check the cables are plugged in (the first place most people would start looking once they established that the link was down). And by this time it's probably come back up again.
Now if their security guys are really hardcore they might decide to go through the roof and check out the entire length of the network cable to make sure it hasn't been tampered with, but 99% of people are just going to "monitor it and see if it happens again" -- which it wouldn't. Then it'd be forgotten about.
True enough, but my main point was that getting to actual gigabit speeds in the first place is actually pretty difficult. Plus, I couldn't find an easy way to copy only X amount of "random" data via scp which was the point of the article. Regardless, copying data is rarely if ever a useful thing to do with scp, anyway.
Have you measured your actual throughput on the file transfer? It tends to take a crapload of tuning to get anywhere near saturating gigabit, even if you're not using encrypted transfers.
I wrote the bit below which I'll keep because it might be interesting to someone, but dm(Hannu) already mentioned the claw flaw in the logic behind the PP and article summary: if the CPU is the bottleneck, how could adding more threads possibly help?
Just for a laugh I used scp to copy a 512 MB file from my file server to itself, an Athlon 3700+ running at 2.2ghz. I got about 18 megabytes / second out of it. I took a snapshot of top's output right at the end (97% complete) and the CPU usage was as follows:
ssh: 48.6%
sshd: 44.9%
scp: 3.7%
scp: 1.3%
pdflush: 0.7%
So this system was pretty much pegged by this copy operation, and it achieved less than a fifth the capacity of a gigabit network link. Obviously the system is capable of transferring data much faster than this; the source was a RAID-5 set of 5 new 500 GB drives, and the destination was a stripe across two old 40 GB drives. I'd also repeated the experiment a few times (and this was the fastest transfer I got) so it's likely the source file was cached, too.
I do agree that there's probably more interesting and useful things to optimise (and make easy to optimise) than scp's speed, but I know for sure that scp'ing iso images to our ESX servers in a crapload slower than using Veeam's copy utility or the upload facility in the new version of Infrastructure Client (at least I think it's new, never noticed it before).
It's not that strange, if you define "strange" as meaning something similar to "unusual". It is a bit of a worry though -- my general impression of Spore has been of a "it's done when it's done" type of project, and aiming for an arbitrary release date seems contrary to that.
Still, I have hope. Even all those years ago when it was first demonstrated it appeared pretty gamey, even if the different phases weren't linked. And I've been seeing various hands-on previews that say the game is virtually complete. So it might be they've given themselves heaps of time for polishing (I imagine you could spend forever polishing this sort of game) but it's already pretty much done.
Here's a review from August 2007: http://www.eurogamer.net/article.php?article_id=82007
We're being shown a full build of Spore, and told that right now, "You can play through the entire game from the very beginning to the very end."The new thing here is the internet, and people becoming used to the idea that you don't need to look at ads in order to make use of it. How many of us AdBlock? How many people have switched to Firefox after seeing how wonderfully effective it is?
You use radio, newspapers and TV as examples of ad-supported media that has stood the test of time. As a single data point, I can tell you that I haven't listened to commercial radio since early high school (around '95 or so). After I started listening to Triple J (government-funded station with no ads) I found commercial radio to be almost painful in comparison, what with the constant obnoxious loud adverts, and annoying promos crowing about how they're doing an ad-free hour or whatever. Now that my and JJJ's music taste have diverged I mostly listen to my own collection. I stopped watching TV a long time ago too; I download any programmes I want to watch because it's more convenient and don't constantly interrupt my viewing with ads. I've never even bought a newspaper; if I want news I can find it online.
The big thing is that once you stop watching or hearing ads for a while, when you do encounter them you find them really, really annoying -- and this just makes you want to avoid them even more, even if it requires a bit of extra effort in order to do so. Any company that relies on ads is in a very scary position because the fact is the vast majority of people don't simply "not like" advertising, they actually dislike it. When your primary product is something people not only don't want but actively seek to avoid, you're going to have problems.
Just to add to QuantumRiff's sentiments, calling spam "solved" by spam filters is like calling world wide conflicts "solved" by the arms race. Spam is only a trickle for you because many people spend a lot of time/money (and I mean, a lot) developing and purchasing anti-spam software and hardware. This stuff is under constant development to keep up with the latest techniques used by the spammers. This is similar to how the current state of superpower militaries keeps the peace; large-scale wars of aggression aren't viable at the moment. But this balance of power could shift pretty quickly, for example if someone has a major technological breakthrough that they're able to exploit before anyone else.
Even if we are able to keep up the pace of anti-spam technological improvements indefinitely, it's still a massive waste of resources. The spam problem just shouldn't exist. Sure we do get some dividends in terms of research into natural language parsers and the other techniques being used to automatically classify messages, but most of the people doing this could be doing more productive things with their time.
In the end I think it will only be solved when we solve the botnet problem, but it doesn't look like that's going to happen any time soon.
P.S. If you're trying to argue that something is "solved", it's usually a bad idea to also admit that there's only one provider of a viable solution (i.e. pop3/imap spam-free email) in the entire world. That's not a "solution", that's "an invitation to charge us whatever you wish for your service". Also free providers are a bad fit for businesses: using gmail or other free providers for your corporate email address makes your company look a bit cheap; not to mention the privacy issues.
P.P.S. You might find a trickle of spam not to be annoying, but plenty of others do, especially those who are responsible for implementing your so-called solution.
You do indeed get thoroughly overcharged. I'm in Perth, and at work we pay about 5,000 AUD per month for an unmetered 10mbit full-duplex fibre link to our office. Data into and out of the UK surely must be a lot less expensive than data in/out of Australia.
It's a very compelling theory, but I have to wonder: why are they only tapping them now?
I think it's a bit naive to think that they haven't been tapping these lines for an awfully long time. Of course that brings up a related possibility: the taps were discovered and are being removed.
I also think it's pretty unlikely that anyone would transmit anything sensitive over the internet without strong encryption.
I think this "gaming the search results" thing is a big reason why it's unhealthy to have such a dominant player, and the Hitwise stats that fictionpuss linked to say that Microsoft's share of the US search engine market is less than 6%. I'm not sure if search.msn.com and live.com are basically the same engine or not; it makes sense that they would be, but if not then it implies live.com has an insignificant market share (i.e. they didn't bother listing it).
So I think the reason Live.com's results aren't gamed is because there's so little to gain from it, relative to Google's. It probably also explains why Google's results were so amazing during their early years compared to AltaVista.
Yes, but saying that people can avoid using MSN without being punished, or that they can avoid Yahoo! if it's bought by Microsoft without being punished, isn't a particularly compelling statement.
In fact, I think it may be the opposite of what you're trying to imply.
Yeah, it seems really strange to me, too. Yesterday we received an email about Heroes Happen {2008}, and the whole concept (and especially the banner) immediately struck me as being stupid and childish. Are there really that many businesses who think things like this are entertaining or clever? To me it just seems like a really inappropriate way to communicate with a corporate customer. If it was say Debian or another organisation/company that I actually liked and "identified with", I'd be embarrassed if they were doing stuff like this.
http://img223.imageshack.us/my.php?image=heroeshappen01md6.png
That's because smashing windows and stealing physical items isn't considered socially acceptable behaviour, so very few people do it. Just like internet file sharing was ignored for a long time before Napster made it cool.
That's why the RIAA is kicking up such a fuss: they want to make copying stuff for your friends and strangers socially unacceptable. They haven't quite grasped the fact that most members of society don't really give a rats ass about corporate profits, but do get upset when people they know (or even strangers who seem kind of like people they know) are getting sued into oblivion.
Of course, laws aren't created and enforced by "most members of society", so the majority viewpoint is pretty much moot.
Guess TCP was able route the packets through alternate gateways after detecting the problem.
1. TCP has nothing to do with routing packets. 2. IP also has nothing to do with selecting an "alternate gateway" after "detecting a problem". 3. If it was down for an hour, then I don't think this was anything to do with magical routing protocols. Human interaction was required to either repair the broken link or set up an alternate path.
According to the article:
Reports suggested that the lack of alternative routes for internet traffic meant only a small proportion of surfers were managing to get online. Egyptian officials said that around 70% of the country's online traffic was being blocked, while officials in Mumbai said that more than half of India's internet capacity had been erased, which could have potentially disastrous consequences for the country's burgeoning hi-tech industry."There has been a 50% to 60% cut in bandwidth," Rajesh Charia, president of the Internet Service Providers' Association of India told Reuters.
So it sounds like not every ISP was able to use the alternate path, and the alternate path didn't have sufficient bandwidth for those that could, anyway.
Mind you, the article then comes out with this astonishing "fact":
The shutdown highlighted the often frail nature of international communications: despite the vast number of individuals who have access to the web, nearly all internet traffic is routed through a small number of cables submerged deep below the oceans. It is then forwarded through an internet backbone consisting of just 13 servers which handle and direct all online requests.Is this the new version of the Majestik 12 that run the world?
I'm guessing this is a reference to [A-M].root-servers.net, but I'm pretty sure none of those are actually a single server, and several have multiple physical locations. Even so, the vast majority of even remotely popular sites will have their nameserver entries cached at a bazillion ISP DNS caches.
This may have just been a typo, but just in case it might be worth pointing out that "OOXML" is Microsoft's "Office Open XML" specification, while the OpenOffice.org specifications are called "Open Document Format". You appeared to be referring to the latter, ODF.
I'm 99.9% sure that Microsoft chose that name in order to sow confusion.
I was thinking the same, but I think the N800 would be considered an extremely high-end smart phone if it was in fact a phone. It's not; it's more of a PDA, aka "a real computer, only small". I suspect my N73 wouldn't cope with a mobile Mozilla nearly so well as it copes with Opera's browser.
I also found the browsing experience on my N800 better with Opera's browser than with Mozilla, but I'm hoping that it'll improve with time. In particular the text input doesn't work as nicely; the on screen keyboard frequently pops up over the top of the text entry field so I can't see what I've entered, and it doesn't overtype text that you've highlighted (you can just hit backspace to delete it and then start typing, but it's annoying until you work that out).
Also I've found the drag-the-screen-to-scroll thing doesn't work on some pages, and that's really irritating.
Given that virtually all domain registrations are instant, I'd say no. The only exception I'm aware of is .travel, which is a real pain in the arse to register under.
The .au space is pretty tightly governed. For example, for a .com.au you need to be an Australian registered business and provide your Australian Business Number or similar identification; and the domain name needs to either be close or exact match for your business name or "substantially related".
I'm pretty sure it used to be that registrations were vetted by humans in order to ensure the information you provided was accurate, and there was some delay between submitting your registration and actually getting the domain. I guess that doesn't scale so well because now .au domains are instantly registered just like .com and so on. The rules still apply, but it's only there so people can challenge registrations. This does function as a good disincentive for abusing the DNS though; if you do something dodgy enough to get someone's attention, they can complain to auDA and if your registration info is invalid / bogus, you can lose your domain and your money. At least in theory.
Isn't this merely habit, as opposed to thinking of the watch as being an extension of yourself? This study is looking into tools that are directly manipulated by the hands (pliers) in order to accomplish a task that could normally be accomplished with your hands (grasping food). I would think that telling the time by looking at your wristwatch is on a much higher level.
I used to wear a watch too, and would also "instinctively" look at my wrist whenever I wanted to know the time for quite a while after I stopped wearing it (I think it broke and I couldn't be bothered getting a new one). I haven't worn one for probably at least 6 or 7 years, so I no longer do that. I do however automatically look to the bottom right corner of the screen if I'm at a computer, or reach for my mobile phone in my left pocket if I'm not. I don't think this because I think of either as being an extension of myself though; it's just because over the years I've determined that in most cases, that's the quickest way to determine the time. Even if there is a clock nearby, it's usually quicker to get my phone out to look at the time than to look around for a clock. Plus, I know my phone is correct.
Another thing is that since I've stopped wearing a watch, I care a lot less about what the time is. It's possible that having easy access to the current time makes it seem as if it's important to always know the exact time, leading to something of a feedback loop. It could just be changed personal circumstances though; I think I stopped wearing it shortly after finishing high school.
If it's really not that hard, then why don't you tell us to how to create such a system then? What you described certainly doesn't match what paeanblack suggested.
In addition to being pretty much trivial to write a script for, you're also forgetting that many people are a lot less intelligent than computers and will actually fail at even simple maths. For an elitist site like /. it's probably okay to say "we don't want people who can't do simple sums to be able to sign up, anyway". If you're a big player like Yahoo! that's not really an option. Failing at CAPTCHAs is very frustrating for most people, and doubly so if they make the user feel stupid in the process.
This is actually also a problem with paenblack's first question, "What colour are buses in London?" Offhand I think they might be red, but I'm not sure and unless your site is the best thing since sex it's unlikely I'd take even the few seconds it would require to do a Google search to find out the answer. However the reason this is a good question is precisely because it's somewhat obscure; there is no algorithm to work out that buses in a particular city are a particular colour; the only way to popular such a database is by manually entering a whole bunch of information. Things like the maths questions are trivially easy to parse and therefore easy for a computer to answer. In fact, it's easier for a computer to answer them than for many humans, so it's likely if such a scheme became widespread there'd be Firefox plugins to answer such CAPTCHAs for you.
In addition, having to answer three questions that actually require some amount of thought and comprehension is going to piss people off. There's a lot of people (including myself) who find even simple "type the letters in this image" CAPTCHA annoying, and those I don't even need to think about. Having to read and parse a sentence and then do a calculation -- unless the site's super special, I'm likely not to bother.
I think a lot of people creating these things forget that most websites aren't unique and special, and if you make it too much of a nuisance people will go elsewhere. For your personal site that doesn't matter, but for people who are actually trying to make a living from their websites that's completely unacceptable.
Just yesterday I bought some stuff from an online store, and during the signup process they requested my home telephone number for credit card verification purposes. Since I don't know my home phone number and my bank certainly doesn't either, this posed a bit of a problem. If I hadn't used this store before (years ago; my old account was apparently deleted, which is actually pretty nice considering how many sites seem to never remove your info) I would have gone to a competitor's site and bought from them instead.
As it happens, they accept other methods of payment and so the "telephone number for verification" field is optional. I left it blank, and was able to make the purchase with my credit card without any issue; but had it said "you must supply your phone number for verification purposes!" then I would have just gone elsewhere and they would've lost a sale.
Now this isn't a CAPTCHA, and it's actually a security feature to protect people and themselves from credit card fraud; but it's a good example that if you make things even slightly inconvenient for your (potential) customers/visitors, they can very easily decide not to bother with you.
Combine this with a temp IP lockout after 3-5 failures, and now the spammer not only needs to constantly update his software, but he needs to control a huge botnet with a massive IP range. A spammer faced with that is simply going to move onto an easier site.
Again, this sort of strategy might work for your pissweak tiny site that nobody reads anyway, but for targets with actual value to a spammer they're not even a speed bump. Firstly ask yourself: why would a spambot submit an answer to a CAPTCHA that it wasn't able to p
It's about the same, only my phone doesn't have any integration with the telco. Hence, they send an SMS when a message is left. After that, I hold "1" to call the voicemail service (just the standard Nokia quick call thing). No PIN needed for mine, either. But in the time it takes to call the service and have it say "You have one new message." I could have opened the SMS and already be reading it.
My voicemail provider does have an option to return the call, but using it costs slightly more than returning the call directly from my phone does. It's also only useful if you're wanting to call back the person who called. That is often the case so it's a useful option there, but if the reason for the call was that I needed to call someone else then I'm stuck transcribing numbers. Same if it's about a server that's down (hostname or IP address or website URL etc.). My point is that often there's information I need to refer back to, and when it's left as voice mail (or a direct phone call) I have to go out of my way to write it down. If it's a text, then it's already written down. It also has the added advantage of not being dependent on the caller speaking clearly and being in a quiet place and all that.
How does your phone make it a hassle to get into a text message and delete it? It's three keypresses for me, and one of them is to confirm I want to delete it (which isn't too bad an idea, since phone keypads are kind of small, but it would be better to have an undelete option instead).
I usually find voicemail much less convenient, at least to receive it. Partly this is the interface; I get notified that someone's left a message via an SMS. So first I need to read the SMS to see I have a voice message. Then I need to call up my voice mail service and listen to the robot woman tell me when the call was missed (which I usually already know because my phone previously notified me that I missed a call). Then I have to listen to the message, and if there's anything important in it I normally need to listen to it again so I can write stuff down (assuming I'm at a location where I can write). And if there's a phone number or it's not clear enough I may have to listen to it several times before I can fairly sure I've transcribed it correctly.
Compared to an SMS, it's a lot more hassle. Although you sometimes have to deal with strange abbreviations, most important details (phone numbers, addresses, names) will be written in full and with no ambiguity.
Also, if the message is worth keeping around for a while "just in case", voice mail provides a much more cumbersome interface than an SMS mailbox. "Visual voicemail" and similar would help with that aspect though.
I wasn't exactly expecting a flood of praise for Microsoft on slashdot, but you're completely spot on. Not one of the posts seems to be non-critical. We (as in, "people who know anything about computers") have been begging Microsoft to design their products with security in mind for a long long time now - rather than their usual practice of making grandiose statements about how security is job #1 and turning out the same old schlock as always.
With Vista, they actually seem to have done this. Even though they've added a lot of crap nobody wanted along with the crap that some people wanted, they've managed to do it without introducing loads of security problems. Remember, this is a mainstream product from a commercial software company where everything is subject to a cost/benefit analysis.
So it seems that the cost/benefit analysis has actually come down in favour of writing safer code even though it probably takes longer. This is great news for everybody who has to, in one way or another, deal with the problems caused by exploited PCs.