IPv6 does not allow packet fragmentation by the routers. You also have the issue that if a single fragment is dropped, the entire packet must be retransmitted.
On my old AMD 2500xp with an integrated 100Mb nvidia NIC, I was getting over 11MiB/s via windows SMB on WinXP and with my current home computers, I get 114MiB/s over my 1Gb/s network.
There was a report some long time ago about how kids who concerned themselves with being politically correct took longer to convey and idea than those who didn't care what words they used, because they used less offensive but also less concise words. Being politically correct seems to come at the cost of communication. At the same time, don't be a jerk.
OpenSSL issues weren't language issues, they were willful fundamental decisions made. Blindly accepting lengths claimed from the client, writing their own memory allocator, using the the raw private key for random data, creating their own RNG.
A 64KiB packets on a 10Mb/s connection is about 5ms. That's a huge amount of jitter. 64KiB packets may be acceptable for 10Gb connections, but I like to keep my connection below 1ms of jitter. To give an idea of how horrible 5ms of jitter is, I get about 2ms of jitter from Midwest USA to Frankfurt Germany.
The two are highly related in this context. Latency is caused by additional copying which is directly proportional to the amount of work being done. Additional work means increased latencies which means reduced throughput.
You over-simplified throughput. There are latency issues that reduce the effective throughput well below the maximum. Zero-copy along with reducing context switching is very important to 10Gb+ rates. Netmap is one such project. It allows userland to send packets 7x faster single theaded than kernel mode with the old network stack, and even better multi-threaded.
FreeBSD is working on a new API to allow the network stack to work along with the network card such that the CPU-core that gets interrupted by the NIC will also be the core that processes the packet in the firewall and also to notify the userland on that same core. Once userland, kernel, and NIC all use the same cpu-core, less inter-core data-copying will occur. Right now it's up to the thread scheulder to decide where the packets get processed. The NIC may interrupt Core 0, then Core 1 processes the packet, the Core 2 is where the userland reads the packet. That's a ton of copying, and that's not even including the 3-4x copying within the network stack.
And why isn't gravity enough to hold the atmosphere in? Or is the gravitational field too weak?
Solar winds are very high velocity particles. While the average pressure isn't enough to strip the atmosphere, the individual particles are slamming the atmosphere to accelerate them to escape velocities.
According to my switch a 64byte frame is 0.0023ms(2.3us) port to port
According to a research paper, 1Gb Ethernet over 1km of fiber is 0.01476ms(14.67us) and 10Gb Ethernet is 0.0056ms(5.6us), one way, not RTT
Desktop to Router through switch 0.12ms(120us) as measured in Windows via hrping
Akamai CDN in ISP 1.25ms
ISP DHCP server 1.5ms
Chicago 6ms
Slashdot 6ms
Minneapolis 7ms
New York City 30ms
Atlanta 30ms
Miami 40ms
Houston 45ms
San Jose 60ms
San Francisco 65ms
Seattle 70ms
London 90ms
France 90ms
Frankfurt 110ms
Stockholm 120ms
Hawaii 140ms
Tokyo 160ms
Moscow 160ms
Sydney 180ms
A 10x difference in performance is not only attainable, but even faster is being done.
At 10Gb/s, the amount of data getting shuffled around in a normal network stack is enough to push the limits of the databuses. Most network stacks copy the data something like 4 times. That works as a multiplier and changes 10Gb/s into 40Gb/s. Context switching causes cache trashing and can consume more cycles than the actual data getting processed. A single context switch can consume about 1,000 cycles on a modern CPU.
What? FreeBSD supports master-master(only one drive writes at a time per blockdevice, which is negotiated) shared physical HDs over SAS. You just need a high speed link between the two masters and FreeBSD figured out the current master at the CAM layer allowing for it to work with all filesystems. ZFS is nice in that you can simply do asynchronous constant ZFS replication to a remote pool. Not real back-up, since data lost will replace the loss to the remote machine.
I think the point is finding a collision that will pass both MD5 and SHA1 is harder than find a collision that only passes SHA1. Even if you're pessimistic, you're at least as strong as your strongest link in this situation.
even if you can manufacture a hash collision, there really isn't a good way to use it to attack a (remote) git repository.
If you have $150k to drop on creating a hash-collision, you can afford someone to hack the remote system. Most systems are not properly secured.
Even then, if someone has a "clean" copy of the file you're colliding with, makes a modification to that and re-commits, your malicious file will be overwritten wholesale by the new version of the non-malicious file
What are you talking about? You can get wifi amps that are certified a/b/g/n/ac compatible. And quite high wattage. They're meant for long distance directional antenna, but there is nothing stopping you from plugging that coax into a regular antenna. And MIMO is only common for recent hardware, a lot of people still use very old hardware.
One of their main concerns is an out of spec antenna power. There is nothing stopping a SoC from having a hardware limit on the power output. There is also nothing stopping someone from hooking up an AMP and relaying the signal a much higher power. Of course anyone trying to disrupt wireless signals can easily do so. What the FCC wants to stop is the ability for the home user to change their router to run out of spec. some opensource projects open up the ability for the end user to select much higher signal strengths. Since they can't run a law stopping opensource from doing this, they want to write a law to stop router manufactures from allowing opensource to work on their devices.
Actually, they do want to mess with the firmware. Much of the research on improving wifi is being done by Universities or private individuals modifying the firmware. Of course the amp could be closed source, but the rest of the radio shouldn't be locked down. Eric had an example were a widely popular, but later unsupported wifi router had a bug in the protocol that got trigger regularly after support was done. This bug could cause the router to spam broadcast announcement packets and lock down most of the spectrum. The only reason it got fixed is because of opensource. Of course the average user probably would not have gotten the opensource fix, but it is an example where fix was made available.
Passion is born, not taught. The only thing teaching does is destroy passion. I knew what I loved and would not let anyone else persuade me to not program. I love solving hard problems that only logic can overcome. Programming gives me that.
Slashdot Mirror
IPv6 does not allow packet fragmentation by the routers. You also have the issue that if a single fragment is dropped, the entire packet must be retransmitted.
Pfft, FreeBSD. That's for SysAdmins, not DevOps. Dev Ops for life!
A 900mhz single core x86 CPU can handle 14 mil pps, but if using Netmap or some other decent network API/stack.
On my old AMD 2500xp with an integrated 100Mb nvidia NIC, I was getting over 11MiB/s via windows SMB on WinXP and with my current home computers, I get 114MiB/s over my 1Gb/s network.
If a parent process forks too much, you need to kill some of the children.
There was a report some long time ago about how kids who concerned themselves with being politically correct took longer to convey and idea than those who didn't care what words they used, because they used less offensive but also less concise words. Being politically correct seems to come at the cost of communication. At the same time, don't be a jerk.
C++ is great for masking what is actually happening in the background, which is the opposite of what you want for a kernel.
OpenSSL issues weren't language issues, they were willful fundamental decisions made. Blindly accepting lengths claimed from the client, writing their own memory allocator, using the the raw private key for random data, creating their own RNG.
sexconker's argument was that the Internet should have jumbo frames. Grats on changing the context of the argument.
A 64KiB packets on a 10Mb/s connection is about 5ms. That's a huge amount of jitter. 64KiB packets may be acceptable for 10Gb connections, but I like to keep my connection below 1ms of jitter. To give an idea of how horrible 5ms of jitter is, I get about 2ms of jitter from Midwest USA to Frankfurt Germany.
The two are highly related in this context. Latency is caused by additional copying which is directly proportional to the amount of work being done. Additional work means increased latencies which means reduced throughput.
You over-simplified throughput. There are latency issues that reduce the effective throughput well below the maximum. Zero-copy along with reducing context switching is very important to 10Gb+ rates. Netmap is one such project. It allows userland to send packets 7x faster single theaded than kernel mode with the old network stack, and even better multi-threaded.
FreeBSD is working on a new API to allow the network stack to work along with the network card such that the CPU-core that gets interrupted by the NIC will also be the core that processes the packet in the firewall and also to notify the userland on that same core. Once userland, kernel, and NIC all use the same cpu-core, less inter-core data-copying will occur. Right now it's up to the thread scheulder to decide where the packets get processed. The NIC may interrupt Core 0, then Core 1 processes the packet, the Core 2 is where the userland reads the packet. That's a ton of copying, and that's not even including the 3-4x copying within the network stack.
And why isn't gravity enough to hold the atmosphere in? Or is the gravitational field too weak?
Solar winds are very high velocity particles. While the average pressure isn't enough to strip the atmosphere, the individual particles are slamming the atmosphere to accelerate them to escape velocities.
1.2b years and start digging now? Why? Tectonics will destroy whatever hole I make by then.
Of course I just re-ran hrping against my router and got a min ping of 0.029ms(29us) with a std dev of 0.229ms(229us)
My pings on home connection
According to my switch a 64byte frame is 0.0023ms(2.3us) port to port
According to a research paper, 1Gb Ethernet over 1km of fiber is 0.01476ms(14.67us) and 10Gb Ethernet is 0.0056ms(5.6us), one way, not RTT
Desktop to Router through switch 0.12ms(120us) as measured in Windows via hrping
Akamai CDN in ISP 1.25ms
ISP DHCP server 1.5ms
Chicago 6ms
Slashdot 6ms
Minneapolis 7ms
New York City 30ms
Atlanta 30ms
Miami 40ms
Houston 45ms
San Jose 60ms
San Francisco 65ms
Seattle 70ms
London 90ms
France 90ms
Frankfurt 110ms
Stockholm 120ms
Hawaii 140ms
Tokyo 160ms
Moscow 160ms
Sydney 180ms
A 10x difference in performance is not only attainable, but even faster is being done.
At 10Gb/s, the amount of data getting shuffled around in a normal network stack is enough to push the limits of the databuses. Most network stacks copy the data something like 4 times. That works as a multiplier and changes 10Gb/s into 40Gb/s. Context switching causes cache trashing and can consume more cycles than the actual data getting processed. A single context switch can consume about 1,000 cycles on a modern CPU.
What? FreeBSD supports master-master(only one drive writes at a time per blockdevice, which is negotiated) shared physical HDs over SAS. You just need a high speed link between the two masters and FreeBSD figured out the current master at the CAM layer allowing for it to work with all filesystems. ZFS is nice in that you can simply do asynchronous constant ZFS replication to a remote pool. Not real back-up, since data lost will replace the loss to the remote machine.
I think the point is finding a collision that will pass both MD5 and SHA1 is harder than find a collision that only passes SHA1. Even if you're pessimistic, you're at least as strong as your strongest link in this situation.
SHA3 is faster than the individual algorithms of MD5, SHA1, and SHA2.
even if you can manufacture a hash collision, there really isn't a good way to use it to attack a (remote) git repository.
If you have $150k to drop on creating a hash-collision, you can afford someone to hack the remote system. Most systems are not properly secured.
Even then, if someone has a "clean" copy of the file you're colliding with, makes a modification to that and re-commits, your malicious file will be overwritten wholesale by the new version of the non-malicious file
Same could be said about the malicious file.
What are you talking about? You can get wifi amps that are certified a/b/g/n/ac compatible. And quite high wattage. They're meant for long distance directional antenna, but there is nothing stopping you from plugging that coax into a regular antenna. And MIMO is only common for recent hardware, a lot of people still use very old hardware.
One of their main concerns is an out of spec antenna power. There is nothing stopping a SoC from having a hardware limit on the power output. There is also nothing stopping someone from hooking up an AMP and relaying the signal a much higher power. Of course anyone trying to disrupt wireless signals can easily do so. What the FCC wants to stop is the ability for the home user to change their router to run out of spec. some opensource projects open up the ability for the end user to select much higher signal strengths. Since they can't run a law stopping opensource from doing this, they want to write a law to stop router manufactures from allowing opensource to work on their devices.
Actually, they do want to mess with the firmware. Much of the research on improving wifi is being done by Universities or private individuals modifying the firmware. Of course the amp could be closed source, but the rest of the radio shouldn't be locked down. Eric had an example were a widely popular, but later unsupported wifi router had a bug in the protocol that got trigger regularly after support was done. This bug could cause the router to spam broadcast announcement packets and lock down most of the spectrum. The only reason it got fixed is because of opensource. Of course the average user probably would not have gotten the opensource fix, but it is an example where fix was made available.
Passion is born, not taught. The only thing teaching does is destroy passion. I knew what I loved and would not let anyone else persuade me to not program. I love solving hard problems that only logic can overcome. Programming gives me that.