"SIM cards don't do any processing, they just store info." Nope, they're active processing devices, it's just the processing they do isn't user-visible, it's related to authentication. (See this for example - the algorithms are implemented in the SIM, not the phone.)
"You can take the SIM card out of one and use it to swap your phone book into a new phone." Yes you can, if your phone book is on the SIM. (Typically phones store phone book information on the phone these days as you have much greater storage space; usually they have a utility to copy from/to the SIM and the phone. Older / simpler phones purely use the SIM.) I've personally done this several times.
"I've never tried swapping them out and making calls, not sure if that would work." That is the main point of SIMs, and yes, I've personally done exactly that dozens of times. (The SIM is the phone number, moving the SIM to a new phone moves the phone number).
"The SIM Cards can be programmed at your local hole-in-the-wall cell phone store." Aah, well, you mean one of a few things there.
* Firstly, you could mean transferring phone books from SIM to SIM. Yes, easily done - this is transferring part of the passive data on a SIM from one to another. But this only transfers the phone book - the destination SIM does not take the identity of the source SIM (this doesn't allow you to make calls using the destination SIM on the source SIM's account). Not a cellphone clone at all.
* Secondly, if by that you mean associating a particular SIM with a particular cellphone account, you don't even have to go to a cellphone store to do that. SIMs don't actually have your phone number on them, they have their own number (IMSI) that is linked to the phone number by data stored in your provider's Home Location Register. (See here for example.)
Associating a particular phone number with a "blank" SIM is thus just ring up your provider, telling them the phone number and IMSI (which is printed on the SIM) and they add / edit the entry on the home location register/mobile switching centre. No actual programming of the SIM occours at all - hardly hacking anything. Been there, done this dozens of times!
* Thirdly, you could be referring to reading the private key from a SIM and programming that into a blank or a SIM emulator. (This is the only true cloning that is possible). That takes an hour to crack it out of the SIM or so, give or take luck and the SIM technology in use. (For example, there are "complaints" on the web that "COMP128V2" SIMs are not so attackable.)
The private key, "Ki", is actually 16 bytes long. More than enough for every SIM to be unique. The "A5 stream cypher" you refer to is the cypher used to encrypt your actual phone call over the air, done by the phone using encryption keys provided by the SIM. You are correct that this is dynamically keyed - the phone requires the SIM to provide the A5 keys; which it does by decrypting it from information shared with the network.
The information about the public key for each phone isn't shared anywhere; what happens is a network can ask a SIM's home network whether a particular phone is authenticated
Cloning GSM phones is not that easy. Old analogue phones were (which is all the situation in the article was about anyway.)
In my opinion, as soon as you're reasonably sure. Most cellphone providers can do a simple block on your SIM (block outgoing calls) that is fairly easy to put on and take off - so as soon as you think it's stolen, I recommend doing that. Just contact their customer service line. This will protect you from this lady's situation of someone running up big bills on your account.
If you find the phone again, ring up the customer services and get the block removed. Not usually a big deal; takes only a few minutes.
If it really seems lost/stolen, blocking the IMEI number (ie: the phone's unique ID, not the SIM card's) is a good idea if your provider can do that. While this is often a lot harder to undo (providers often state that it is impossible to undo or refuse to do so), it means that your theif cannot use their ill-gotten cellphone. (If they steal your cellphone and swap the SIM, they'll have your phone but they'll be using their own account for outgoing calls. Blocking the IMEI will stop them using your phone even if they swap the SIMs.)
This is obivously GSM flavoured advice. I'm unfamilar with other network technologies; some of it may carry over, some may not.
Yes, the phone does transmit some identifying information once authorised - but identification is not authentication!
To authenticate and authorise the phone/SIM pair to the network, the phone is just a go-between, shuttling information from over-the-air to the SIM and back again. (In case you're not aware, the SIM is a physical chip. In the old days, it was a smart card; these days it's just the chip of a smart card on a piece of plastic just a little larger than the chip.)
The network sends an unique challange to the SIM (via the phone) and the SIM has to respond approproately using shared-secrets and techniques not too dissimilar from private-key / public-key cryptography. Replaying this is of no value to you because next time you want to authenticate, the challange will be different! (And I believe the Network is also authenticated to the SIM as well - I don't know the details that well).
The theory is that the shared secret (Ki) is never transmitted over the air - it's known to the network and to your SIM and that is all - it was designed to it was impossible to retreive it directly from the SIM.
It is an active process involving bidirectional communication, not a passive "this is my number".
Firstly, Rogers appears to be running a GSM network, so cloning the phone means NOTHING WHATSOEVER and is actually quite unnecessary -- any 'ol GSM phone will work.
What you need to clone is the SIM - the little chip that is associated with your number. Stick it in any GSM phone (more or less) and off you go, you have that subscriber's identity.
While it is possible to clone a SIM, you need access to the SIM and a smart card reader for several hours to crack the encryption. (At least in the earlier SIMs, they may have improved the situation since, I hope so.) This isn't a matter of reading an identification number off, you need to read off the private key from the SIM - something that was supposed to be imposssible but there are weaknesses in certain versions of the encyption algorithm.)
Anyway, this particular case is not about SIM cloning, merely boring old cellphone being stolen. (It's admitted as such when the article states, "Ms. Drummond quickly determined what had happened: Someone had stolen her phone while she was away. She called Rogers Wireless, which told her there was nothing it could do, and she would have to pay the entire amount".)
The whole misleading piece about phone cloneing is mostly sensational journalism - it seems some employees claimed that some terrorist groups cloned the CEO of the cellphone's company's cellphone. (And remember that the person at the centre of the story - one Ms Drummond - merely had her phone stolen, a much more boring case.)
Anyway, Ms Drummond failed to notify her cellphone provider that her cellphone was stolen and then complained that the theif used it. The fraud detection system didn't detect it and it seems she therefore argues that it's not her fault. Even though I'd guess the cellphone company doesn't owe you anything when it comes to detecting fraudlant use of your phone.
Moral of the story: As soon as you know your SIM is stolen, CONTACT YOUR CELLPHONE COMPANY! They can block outgoing calls on it saving you a lot of money.
(GSM cellphone companies can also block phone IMEI's - stopping a theif from using that phone in the future - but only do this once the phone is known stolen as it's a real pain to get that undone.)
If her phone/SIM had been cloned, then yes, the cellphone company would have an issue on its hands. As it is, all that's happened is silly girl didn't report a stolen phone. Happens all the time, nothing to see here, move along.
Oh, and it's easy for a cellphone company to transfer a number to a new SIM.
No, you've not been entirely confused. The catch is that not all of Australia is involved - this wired article talks about A.C.T. using electronic voting in the federal elections.
(For other readers: this is only a single one of Australia's eight states and territories, and it's one of the smaller states.)
As I understand it, a lot of the changes are changes only to the Application *Binary* Interface, not the Application *Programming* Interface.
In other words, a lot of changes are still source code compatable meaning all that's needed is a recompile.
(A classic example is changing C compiler. This may change how the structures in memory are laid out - not a problem if everything's compiled with the same compiler, but a big issue if you need to maintain a stable binary interface.)
Or perhaps a driver may deal with an "opaque type" (ie: a type provided by another kernel subsystem) like a handle to a resource. Exactly what this handle is may change from version to version of the kernel (it could be a pointer to void, pointer to int, it could be a struct) but since it is opaque, the author of the driver need not (and should not) care. Such a change affects the binary interface but not the source code interface needing only a recompile.
You're quite correct. I recall reading in an article republished in the NZ Herald, the first version of work as H.G. Wells originally wrote it, the martians *won*. Humanity was destroyed - everyone, irrespective of your socio-econonmic class.
It was only after his publisher balked at this that H.G. Wells changed the plot so that humanity survived. However, note that humanity didn't save itself.
Yeah -- Outlook isn't perfect but it's better than any OSS stuff. (Personally, I couldn't *stand* using a website for my calendar! Besdies, how does that synch with my phone?)
I quite agree with your points. There is a unsupported team calendar add-in to Outlook - it queries a number of calendars and then fakes up calendar view.
It works.. but there's a reason it's unsupported. It's free though.
WHY there were no contributions:
on
Nessus Closes Source
·
· Score: 4, Interesting
At least one person - Dana Epp - alleges that there is a REASON why there are no ouside contributions to the scanning core engine:
Dana alleges there wasn't much give and take between Nessus and "the community" which discouraged any contributors.
[In 2002] "I was about a quarter of the way complete the port [to windows] when I ran into some issues with the NASL scripting and I tried to contact Renaud and his crew to point out some issues I found. The help I got? Squat. Nothing. Barely even communicated with me. I only ever got a couple of email responses saying "I was free to do it" when I asked if I could do it in the first place, and a follow up to an issue I found with a quick thanks."
It's definitely there on my XP Pro Box at work! I think it's there by default on Domain Member computers - but hidden by default on Workgroup computers.
Anyway, you need to turn off "Simple File Sharing" - see this page.
(XP Home only supports Simple, 2K3 only supports "full", XP Pro can do either.) That whole article walks you through the whole process.
Right click on the file. Properties. Security Tab. Or just look it up in the online help.
Umm.. really, you perhaps shouldn't be trying to admin a Windows box if you haven't found where in the GUI the NTFS permissions are set.
Okay, so I just dug into it, I think it's delibrately hidden from the GUI if you're using XP Home (or XP Home is jammed into "Simple file sharing/security mode" or something.) But believe me, it's easy to find on 2000 and 2003; and I think XP Pro.
Well, if you're copying whole directories, may I recommend ROBOCOPY. Produced by Microsoft themselves, it's part of the Windows 2000 and Windows 2003 resource kit tools.
The syntax is slightly different (very slightly) - robocopy source-directory destination-directory [optional wildcard]. But it's free, fast, console, has a percentage counter (optional ETA as well), can mirror one tree into another. (ie: only copy files that have different dates/times/sizes, deleting files in the target that no longer exist in the source), and can copy NTFS Security while it's at it.
It may have originally been a demo for the Win32 API "FileCopyEx" call.
Seriously, if you do much file copying at all (especially as an automated/scheduled task), check this tool out.
I would recommend the Google approach - cluster cheap computers. Clustering ASP can be easy (depends if you use the Session varaible) - look into Microsoft's Network Load Balancing; which while it load balances HTTP applications, also provides clustering and failover (I think - you'd have to check) without setting up a formal Windows cluster.
As for SQL, you could have two installations of SQL 2000 and use NLB to share among them; so long as you either manually take care of write transactions or use replication. (I'm not sure what the potential for lost information is if one SQL server goes down taking all data on its discs with it.)
You should obivously also read about MS's own clustering support and look into that. It tends to be bigger systems than you're talking about. Certain configurations use shared discs - you will have to research.
The ideal in my book is multiple "share nothing" servers where any can take the load of the whole - protects against disc failure too!
The idea of manually swapping in a spare server suggests you don't need 99.9% uptimes, otherwise you'd be looking into clustering systems to make that swap automatically.
Oh, and one thing I did saved my bacon at work once: Every two hours have your SQL Server backup (dump) the transaction log to another computer entirely accross the network - I use the SQL Server Maintainence plans. If you loose the server entirely, you've still got most of today's data! (Adjust frequency to taste.)
Recent promise RAID cards have a "gigabyte boundrary" mode, where they round the size of the array down to the nearest whole gigabyte.
This allows for minor variations in replacement disc sizes, at the cost of wasting some disc space. (It'd make a 250 gb array instead of a 250.23 GB one.)
See, is this High Availablity clustering or performance clustering. The asker doesn't state, and it's a rather important distinction.
If it's HA, you'd get 10 cooks each to make a roast. Sure, you'd end up with cooking extra meat but that doesn't matter - the goal here is to guarentee that a roast will be cooked no matter what. (I can imagine two copies of bochs running on seperate physical machines but linked to run in absoulte lock-step. Performance might be impared, but relability will be there.)
If it's performance, then you're right, you can't magically glue two computers together and get twice the performance.
This is Longhorn SERVER we're talking about; and edition of Windows that hasn't seen much attention until now.
We're not talking about Vista; precisely what the marketing name of Longhorn Server will be hasn't yet come out of MS. Ship dates for Longhorn Server haven't been set either - I'm betting a fair while after Vista ships; similar to the lag from Windows XP (a desktop os) to Windows Server 2003 being released.
(MS produce Server and Desktop versions of their OS's. XP and Vista are desktop; 2003 is server. 2000 came out in "Professional" and "Server" editions.)
As far as I know, Longhorn Server is still called exactly that.
I'm more or less an admin for a corporate in New Zealand. And, yes, I've had to convince a website administrator for a site in.ca.gov that we were not a source of viruses, spyware and spam.
(Yep, they'd blocked all of APNIC.)
Please, people that do, don't lump Aussie and NZ in the same category as Korea and China. Judge us on our own merits and reputation, not because we're "sort of in the Asia Pacific Region." Heck, the problematic countries really are "Asia" rather than "Pacific".
This is insane; in New Zealand, I set the PIN by visiting the bank. Nowhere is the PIN ever printed out on anything (we're warned that that writing it down anywhere is a very stupid idea!); I only ever type it in a keypad at the bank to set it. If my credit card is reissued, it carries my previous PIN (without ever being told what it is). If I don't know what that PIN is, I vist the bank and reset it in person. IN PERSON.
If my previous credit card didn't have a PIN, my new one doesn't either.
ATM/Debit cards are only reissued in the physical bank itself and have no expiry (they're not routienly reissued) and so I set the PIN then and there when I get a new one (because I lost the old one or something). (They're live instantly)
(In New Zealand, all ATM cards are also debit cards[1] - we don't have seperate debit cards - and are usable to purchase at the overwhelming majority of retailers. It is a shock to find a retailer that won't accept "EFTPOS" as we call it.)
I guess the difference is we are in mantainece mode - we're not deploying to everyone, just maintaining new accounts and people that loose their cards. And we've taken this stuff for granted since 1984. (Yes, New Zealanders have been paying for things using electronic card based transactions at stores since the mid 80's.)
Err, yeah, we've had PINs for transactions for the LAST *TWENTY* YEARS. We've been wondering when the rest of the world will catch up!
[1] Well, sort of. Unlike a US debit card, the transactions are instanious; the money is debited from our account right then and there, there's no qubbiling.
LOOK, you lot have missed one critical point. The guy is a committer to the apache httpd project itself. He's on the INSIDE. He knows more about apache than YOU.
He's just pointing out some of the sillyness to his own teammates that apache has that people that are involved with and use apache get used to. (And, even if it is documented, that doesn't mean it's not silly.)
mod_imap? Why is that still on by default, for example.
As for the PDF complaints, THIS IS A PRESENTATION AT A CONFERENCE. What would you have perferred? A PPS file? Those that complain about the fonts? Get over yourselves.
I'm confused - are you saying that RADAR uses doppler effects to measure speed?
Secondly, both RADAR and LIDAR would measure closing speed to the RA/LI DAR, which isn't the same as speed along the road, right? Similar, yes, but it'd depend on the angle of the *DAR line to the road.
I remember in NZ there were problems with speed cameras pointed at the wrong angle (apparently speed camera software assumed a 40 degree angle to the road or somesuch, and thus would over-read speeds if the true angle was shallower. The cops got into trouble - and lost a lot of tickets - for not knowing the correct procedure about all this!)
I'm curious - and thinking about lip-synch - what if the buffer was relatively small? Wouldn't only two or three samples be sufficent to filter out most, if not all, jitter artifacts without significantly delaying the audio? (Or even just a single sample?)
Given that SPDIF is serial and would have to be reconstructed to 16 (or 24) bit samples anyway, there *has* to be some buffering.
Slashdot Mirror
MirrorDot. Although not all the pictures, it give some details.
"SIM cards don't do any processing, they just store info." Nope, they're active processing devices, it's just the processing they do isn't user-visible, it's related to authentication. (See this for example - the algorithms are implemented in the SIM, not the phone.)
"You can take the SIM card out of one and use it to swap your phone book into a new phone." Yes you can, if your phone book is on the SIM. (Typically phones store phone book information on the phone these days as you have much greater storage space; usually they have a utility to copy from/to the SIM and the phone. Older / simpler phones purely use the SIM.) I've personally done this several times.
"I've never tried swapping them out and making calls, not sure if that would work." That is the main point of SIMs, and yes, I've personally done exactly that dozens of times. (The SIM is the phone number, moving the SIM to a new phone moves the phone number).
"The SIM Cards can be programmed at your local hole-in-the-wall cell phone store." Aah, well, you mean one of a few things there.
* Firstly, you could mean transferring phone books from SIM to SIM. Yes, easily done - this is transferring part of the passive data on a SIM from one to another. But this only transfers the phone book - the destination SIM does not take the identity of the source SIM (this doesn't allow you to make calls using the destination SIM on the source SIM's account). Not a cellphone clone at all.
* Secondly, if by that you mean associating a particular SIM with a particular cellphone account, you don't even have to go to a cellphone store to do that. SIMs don't actually have your phone number on them, they have their own number (IMSI) that is linked to the phone number by data stored in your provider's Home Location Register. (See here for example.)
Associating a particular phone number with a "blank" SIM is thus just ring up your provider, telling them the phone number and IMSI (which is printed on the SIM) and they add / edit the entry on the home location register/mobile switching centre. No actual programming of the SIM occours at all - hardly hacking anything. Been there, done this dozens of times!
* Thirdly, you could be referring to reading the private key from a SIM and programming that into a blank or a SIM emulator. (This is the only true cloning that is possible). That takes an hour to crack it out of the SIM or so, give or take luck and the SIM technology in use. (For example, there are "complaints" on the web that "COMP128V2" SIMs are not so attackable.)
The private key, "Ki", is actually 16 bytes long. More than enough for every SIM to be unique. The "A5 stream cypher" you refer to is the cypher used to encrypt your actual phone call over the air, done by the phone using encryption keys provided by the SIM. You are correct that this is dynamically keyed - the phone requires the SIM to provide the A5 keys; which it does by decrypting it from information shared with the network.
The information about the public key for each phone isn't shared anywhere; what happens is a network can ask a SIM's home network whether a particular phone is authenticated
Cloning GSM phones is not that easy. Old analogue phones were (which is all the situation in the article was about anyway.)
In my opinion, as soon as you're reasonably sure. Most cellphone providers can do a simple block on your SIM (block outgoing calls) that is fairly easy to put on and take off - so as soon as you think it's stolen, I recommend doing that. Just contact their customer service line. This will protect you from this lady's situation of someone running up big bills on your account.
If you find the phone again, ring up the customer services and get the block removed. Not usually a big deal; takes only a few minutes.
If it really seems lost/stolen, blocking the IMEI number (ie: the phone's unique ID, not the SIM card's) is a good idea if your provider can do that. While this is often a lot harder to undo (providers often state that it is impossible to undo or refuse to do so), it means that your theif cannot use their ill-gotten cellphone. (If they steal your cellphone and swap the SIM, they'll have your phone but they'll be using their own account for outgoing calls. Blocking the IMEI will stop them using your phone even if they swap the SIMs.)
This is obivously GSM flavoured advice. I'm unfamilar with other network technologies; some of it may carry over, some may not.
Yes, the phone does transmit some identifying information once authorised - but identification is not authentication!
To authenticate and authorise the phone/SIM pair to the network, the phone is just a go-between, shuttling information from over-the-air to the SIM and back again. (In case you're not aware, the SIM is a physical chip. In the old days, it was a smart card; these days it's just the chip of a smart card on a piece of plastic just a little larger than the chip.)
The network sends an unique challange to the SIM (via the phone) and the SIM has to respond approproately using shared-secrets and techniques not too dissimilar from private-key / public-key cryptography. Replaying this is of no value to you because next time you want to authenticate, the challange will be different! (And I believe the Network is also authenticated to the SIM as well - I don't know the details that well).
The theory is that the shared secret (Ki) is never transmitted over the air - it's known to the network and to your SIM and that is all - it was designed to it was impossible to retreive it directly from the SIM.
It is an active process involving bidirectional communication, not a passive "this is my number".
Firstly, Rogers appears to be running a GSM network, so cloning the phone means NOTHING WHATSOEVER and is actually quite unnecessary -- any 'ol GSM phone will work.
What you need to clone is the SIM - the little chip that is associated with your number. Stick it in any GSM phone (more or less) and off you go, you have that subscriber's identity.
While it is possible to clone a SIM, you need access to the SIM and a smart card reader for several hours to crack the encryption. (At least in the earlier SIMs, they may have improved the situation since, I hope so.) This isn't a matter of reading an identification number off, you need to read off the private key from the SIM - something that was supposed to be imposssible but there are weaknesses in certain versions of the encyption algorithm.)
Anyway, this particular case is not about SIM cloning, merely boring old cellphone being stolen. (It's admitted as such when the article states, "Ms. Drummond quickly determined what had happened: Someone had stolen her phone while she was away. She called Rogers Wireless, which told her there was nothing it could do, and she would have to pay the entire amount".)
The whole misleading piece about phone cloneing is mostly sensational journalism - it seems some employees claimed that some terrorist groups cloned the CEO of the cellphone's company's cellphone. (And remember that the person at the centre of the story - one Ms Drummond - merely had her phone stolen, a much more boring case.)
Anyway, Ms Drummond failed to notify her cellphone provider that her cellphone was stolen and then complained that the theif used it. The fraud detection system didn't detect it and it seems she therefore argues that it's not her fault. Even though I'd guess the cellphone company doesn't owe you anything when it comes to detecting fraudlant use of your phone.
Moral of the story: As soon as you know your SIM is stolen, CONTACT YOUR CELLPHONE COMPANY! They can block outgoing calls on it saving you a lot of money.
(GSM cellphone companies can also block phone IMEI's - stopping a theif from using that phone in the future - but only do this once the phone is known stolen as it's a real pain to get that undone.)
If her phone/SIM had been cloned, then yes, the cellphone company would have an issue on its hands. As it is, all that's happened is silly girl didn't report a stolen phone. Happens all the time, nothing to see here, move along.
Oh, and it's easy for a cellphone company to transfer a number to a new SIM.
No, you've not been entirely confused. The catch is that not all of Australia is involved - this wired article talks about A.C.T. using electronic voting in the federal elections.
(For other readers: this is only a single one of Australia's eight states and territories, and it's one of the smaller states.)
Prior to then, there were Golf Windows, so really, there is nothing new under the sun.
As I understand it, a lot of the changes are changes only to the Application *Binary* Interface, not the Application *Programming* Interface.
In other words, a lot of changes are still source code compatable meaning all that's needed is a recompile.
(A classic example is changing C compiler. This may change how the structures in memory are laid out - not a problem if everything's compiled with the same compiler, but a big issue if you need to maintain a stable binary interface.)
Or perhaps a driver may deal with an "opaque type" (ie: a type provided by another kernel subsystem) like a handle to a resource. Exactly what this handle is may change from version to version of the kernel (it could be a pointer to void, pointer to int, it could be a struct) but since it is opaque, the author of the driver need not (and should not) care. Such a change affects the binary interface but not the source code interface needing only a recompile.
You're quite correct. I recall reading in an article republished in the NZ Herald, the first version of work as H.G. Wells originally wrote it, the martians *won*. Humanity was destroyed - everyone, irrespective of your socio-econonmic class.
It was only after his publisher balked at this that H.G. Wells changed the plot so that humanity survived. However, note that humanity didn't save itself.
Yeah -- Outlook isn't perfect but it's better than any OSS stuff. (Personally, I couldn't *stand* using a website for my calendar! Besdies, how does that synch with my phone?)
I quite agree with your points. There is a unsupported team calendar add-in to Outlook - it queries a number of calendars and then fakes up calendar view.
It works.. but there's a reason it's unsupported. It's free though.
At least one person - Dana Epp - alleges that there is a REASON why there are no ouside contributions to the scanning core engine:
t ml
http://silverstr.ufies.org/blog/archives/000864.h
Dana alleges there wasn't much give and take between Nessus and "the community" which discouraged any contributors.
[In 2002] "I was about a quarter of the way complete the port [to windows] when I ran into some issues with the NASL scripting and I tried to contact Renaud and his crew to point out some issues I found. The help I got? Squat. Nothing. Barely even communicated with me. I only ever got a couple of email responses saying "I was free to do it" when I asked if I could do it in the first place, and a follow up to an issue I found with a quick thanks."
It's definitely there on my XP Pro Box at work! I think it's there by default on Domain Member computers - but hidden by default on Workgroup computers.
Anyway, you need to turn off "Simple File Sharing" - see this page.
(XP Home only supports Simple, 2K3 only supports "full", XP Pro can do either.) That whole article walks you through the whole process.
Right click on the file. Properties. Security Tab. Or just look it up in the online help.
Umm.. really, you perhaps shouldn't be trying to admin a Windows box if you haven't found where in the GUI the NTFS permissions are set.
Okay, so I just dug into it, I think it's delibrately hidden from the GUI if you're using XP Home (or XP Home is jammed into "Simple file sharing/security mode" or something.) But believe me, it's easy to find on 2000 and 2003; and I think XP Pro.
Well, if you're copying whole directories, may I recommend ROBOCOPY. Produced by Microsoft themselves, it's part of the Windows 2000 and Windows 2003 resource kit tools.
The syntax is slightly different (very slightly) - robocopy source-directory destination-directory [optional wildcard]. But it's free, fast, console, has a percentage counter (optional ETA as well), can mirror one tree into another. (ie: only copy files that have different dates/times/sizes, deleting files in the target that no longer exist in the source), and can copy NTFS Security while it's at it.
It may have originally been a demo for the Win32 API "FileCopyEx" call.
Seriously, if you do much file copying at all (especially as an automated/scheduled task), check this tool out.
I would recommend the Google approach - cluster cheap computers. Clustering ASP can be easy (depends if you use the Session varaible) - look into Microsoft's Network Load Balancing; which while it load balances HTTP applications, also provides clustering and failover (I think - you'd have to check) without setting up a formal Windows cluster.
As for SQL, you could have two installations of SQL 2000 and use NLB to share among them; so long as you either manually take care of write transactions or use replication. (I'm not sure what the potential for lost information is if one SQL server goes down taking all data on its discs with it.)
You should obivously also read about MS's own clustering support and look into that. It tends to be bigger systems than you're talking about. Certain configurations use shared discs - you will have to research.
The ideal in my book is multiple "share nothing" servers where any can take the load of the whole - protects against disc failure too!
The idea of manually swapping in a spare server suggests you don't need 99.9% uptimes, otherwise you'd be looking into clustering systems to make that swap automatically.
Oh, and one thing I did saved my bacon at work once: Every two hours have your SQL Server backup (dump) the transaction log to another computer entirely accross the network - I use the SQL Server Maintainence plans. If you loose the server entirely, you've still got most of today's data! (Adjust frequency to taste.)
Recent promise RAID cards have a "gigabyte boundrary" mode, where they round the size of the array down to the nearest whole gigabyte.
This allows for minor variations in replacement disc sizes, at the cost of wasting some disc space. (It'd make a 250 gb array instead of a 250.23 GB one.)
See, is this High Availablity clustering or performance clustering. The asker doesn't state, and it's a rather important distinction.
If it's HA, you'd get 10 cooks each to make a roast. Sure, you'd end up with cooking extra meat but that doesn't matter - the goal here is to guarentee that a roast will be cooked no matter what. (I can imagine two copies of bochs running on seperate physical machines but linked to run in absoulte lock-step. Performance might be impared, but relability will be there.)
If it's performance, then you're right, you can't magically glue two computers together and get twice the performance.
This is Longhorn SERVER we're talking about; and edition of Windows that hasn't seen much attention until now.
We're not talking about Vista; precisely what the marketing name of Longhorn Server will be hasn't yet come out of MS. Ship dates for Longhorn Server haven't been set either - I'm betting a fair while after Vista ships; similar to the lag from Windows XP (a desktop os) to Windows Server 2003 being released.
(MS produce Server and Desktop versions of their OS's. XP and Vista are desktop; 2003 is server. 2000 came out in "Professional" and "Server" editions.)
As far as I know, Longhorn Server is still called exactly that.
I'm more or less an admin for a corporate in New Zealand. And, yes, I've had to convince a website administrator for a site in .ca.gov that we were not a source of viruses, spyware and spam.
(Yep, they'd blocked all of APNIC.)
Please, people that do, don't lump Aussie and NZ in the same category as Korea and China. Judge us on our own merits and reputation, not because we're "sort of in the Asia Pacific Region." Heck, the problematic countries really are "Asia" rather than "Pacific".
Even WE block Korea!
This is insane; in New Zealand, I set the PIN by visiting the bank. Nowhere is the PIN ever printed out on anything (we're warned that that writing it down anywhere is a very stupid idea!); I only ever type it in a keypad at the bank to set it. If my credit card is reissued, it carries my previous PIN (without ever being told what it is). If I don't know what that PIN is, I vist the bank and reset it in person. IN PERSON.
If my previous credit card didn't have a PIN, my new one doesn't either.
ATM/Debit cards are only reissued in the physical bank itself and have no expiry (they're not routienly reissued) and so I set the PIN then and there when I get a new one (because I lost the old one or something). (They're live instantly)
(In New Zealand, all ATM cards are also debit cards[1] - we don't have seperate debit cards - and are usable to purchase at the overwhelming majority of retailers. It is a shock to find a retailer that won't accept "EFTPOS" as we call it.)
I guess the difference is we are in mantainece mode - we're not deploying to everyone, just maintaining new accounts and people that loose their cards. And we've taken this stuff for granted since 1984. (Yes, New Zealanders have been paying for things using electronic card based transactions at stores since the mid 80's.)
Err, yeah, we've had PINs for transactions for the LAST *TWENTY* YEARS. We've been wondering when the rest of the world will catch up!
[1] Well, sort of. Unlike a US debit card, the transactions are instanious; the money is debited from our account right then and there, there's no qubbiling.
"Would the upcoming MS Office support XML of any kind if OpenOffice hadn't gained the mindshare it has?"
Given that Word 2003 supports XML (albiet not in quite the same way) then the answer is a complete and resounding yes.
(You can save a Word 2003 file as XML. You can import XML files as data into a document. You can edit XML files. With Schema verification.)
And, even without that, you'd have to know nothing about MS to know they've been pushing XML for a while now.
YES.
Well, more accurately, the server, Windows Server Update Services, does. (You install WSUS and then point your clients - using AD/GP - to that.)
(Well, software installation is done through Active Directory and Group Policy.)
LOOK, you lot have missed one critical point. The guy is a committer to the apache httpd project itself. He's on the INSIDE. He knows more about apache than YOU.
He's just pointing out some of the sillyness to his own teammates that apache has that people that are involved with and use apache get used to. (And, even if it is documented, that doesn't mean it's not silly.)
mod_imap? Why is that still on by default, for example.
As for the PDF complaints, THIS IS A PRESENTATION AT A CONFERENCE. What would you have perferred? A PPS file? Those that complain about the fonts? Get over yourselves.
I'm confused - are you saying that RADAR uses doppler effects to measure speed?
Secondly, both RADAR and LIDAR would measure closing speed to the RA/LI DAR, which isn't the same as speed along the road, right? Similar, yes, but it'd depend on the angle of the *DAR line to the road.
I remember in NZ there were problems with speed cameras pointed at the wrong angle (apparently speed camera software assumed a 40 degree angle to the road or somesuch, and thus would over-read speeds if the true angle was shallower. The cops got into trouble - and lost a lot of tickets - for not knowing the correct procedure about all this!)
I'm curious - and thinking about lip-synch - what if the buffer was relatively small? Wouldn't only two or three samples be sufficent to filter out most, if not all, jitter artifacts without significantly delaying the audio? (Or even just a single sample?)
Given that SPDIF is serial and would have to be reconstructed to 16 (or 24) bit samples anyway, there *has* to be some buffering.