Doctorow's gripe is NOT about cloud computing, but Software as a Service setups, where the software is externally hosted.
"Cloud Computing" is a very nebulous term, ranging from online apps in the browser (Google Apps) to high level compute APIs (Map-Reduce etc) to low level VM hosting and storage (Amazon EC2/S3).
The interesting things, IMO, from the cloud point of view are the compute side, which is a windfall (we used EC2 to great effect with Netalyzr), and the reliability/infrastructure offloading.
And let's do a puzzle here. Yes, a cheap computer is just that, CHEAP, which implies unreliable. Gmail, for all its griping, has pretty much 99.99% uptime. Does Doctorow realize how much even that level of reliability costs when done in-house?
Design patents are for very distinctive but not functional items.
EG, Apple has tons, TONS of design patents on the iMac, as they had on the NeXT cube and pizza boxes, as so on and so forth...
That google did NOT already have a design patent on their home page is strange and noteworthy, not that they just got one now.
Most SHOULD NOT think about security...
on
The Myths of Security
·
· Score: 4, Interesting
It is a great failing in our industry that its viewed as a problem that "most don't think about security".
Rather, the problem is that we haven't constructed systems such that people don't have to think about security. The best security systems are so unobtrusive and unnoticable that people should not think about them.
EG, a good succes story is the modern car key. 10-20 years ago, it was trivial to steal a car. You break the steering lock, put two wires together, and drive off. We had horrible cludges like "the Club", and people had to think all the time about it, in theory.
Now our carkeys have RFID transponders which are cryptographically keyed to the car's computer. It is vastly harder to steal a modern car (either bring a tow truck or swap the computer), but the actual cognitive load for most people is vastly less. You do the same thing you did before, but now your new car is far more secure.
I'm afraid people do that all the time, each one new and different.
But why do they bother? We already have the ultimate "parameterize and tweak the theory to match reality" theory in String Theory, so why bother with anything else?
Back in 2000, when Win2K was out and happy but the proles were stuck with Win98/ME, I decided I wanted a laptop.
There was a cheap Sony laptop with Win98/ME on it that looked good to me and was on sale. I checked, there was a version of the same laptop with Win2K available, but it was a few hundred dollars more if you could FIND it, and the UC CS dept had a site liscence/arrangement for Win2K.
So I figured, why not? Buy it at fry's, reinstall with a remotely tolerable Windows OS, be happy.
Get the laptop, blow away the Win98/ME crap, put on Win2K, only to find out that Sony locks all the drivers with BIOS strings and the like so the drivers from the Win2K version won't install on any other notebook, even when the chipsets and everything are identical!
Fortunately, Fry's had a good return policy. So rather than going hunting for manufacturer sites for drivers, I said, screw it, popped in the reimage disk, and restored it and returned it.
A few weeks later, I bought an IBM notebook off a friend with PowerBook envy, much prefering the IBM site wher you put in the model # on the bottom and you get every driver for every OS variant, including Linux, in a nice neat grid...
But even nearly a decade ago, Sony was gimping their laptops badly. Glad to see they are keeping THAT tradition alive...
The biggest is because Comcast gives very long DHCP leases, and the change doesn't propagate to your system until your access device gets a new DHCP lease.
The second is they probably batch updates to the DHCP server to say who's opted-out.
If you want to have it go faster, after going to the opt-out site, reset your cable modem and your NAT box and it will probably take effect right away. If that doesn't work, wait an hour and try again.
b: IF you had manually set your DNS resolver to a Comcast server, you are unaffected (they added new resolver addresses to do this), per previous discussions by the Comcast folks over at Broadband Reports.
c: It does NOT get *.whatever, only www.*.(TLD), thus even when you don't opt out, it is at least limited to web-related typos. This is actually a big deal, as I think Comcast is the first one NOT to do it for everything.
I don't like NXDOMAIN wildcarding (it was one of the motivations behind building the ICSI Netalyzr), but if an ISP is going to do it, Comcast's is actually well constructed to both limit collateral damage (it only gets www.*) and be able to be bypassed with a real opt-out.
I'm not a fan of OpenDNS because they also do NXDOMAIN wildcarding.
However, they do have a working opt-out in the OpenDNS dashboard, however you need to use their notification mechanism so they can track where you are to maintain the opt-out.
If this is a true description of the opt-out, it is SERIOUSLY broken.
Simply put, any opt-out mechanism MUST enable the user's computer to properly receive an NXDOMAIN response. Because the problem is NOT the advertising web page on a web browser typo for http, but all the other things that do DNS lookups.
For example, NXDOMAIN wildcarding even snagged and confused Dark Tangent into thinking that someone was trying to MitM the Defcon forums!
I can accept an ISP doing this only under the following conditions:
a) The opt-out is a one-click item on the page
b) The opt-out is perminent and for all connected through that IP/customer link
c) The opt-out is a real opt-out which will cause NXDOMAIN responses to be properly returned as NXDOMAIN.
I did the same rough pencil and paper calculations, and the efficiency claim they are making is 10%+, which really would be amazingly outstanding if possible, but is so high I'd find it highly doubtful.
I'd be happy with 2-5% efficiency with such a scheme.
He should contact the James Randi foundation for their 1M prize for paranormal proof, as they might very well consider "WiFi sensitivity" paranormal behavior.
Front Running is when the broker or market maker (eg, Nasdaq) does such behavior.
Although the high frequency trading is slightly different, it is almost electronic front-running, especially with the ability to PULL the orders unfufiled after a few milliseconds.
A crowbar which can be used to whack anyone who writes programs in C or C++ which take untrusted input (like, oh, web browsers, word processors, PDF readers, etc etc etc etc etc) until they give up and use a language that is typesafe and memory safe.
But you can't be kept "alive" without tons and tons of support equipment....
The infrastructure cost for humans in space is staggering. Look at just how many tons of shit needed to be put in orbit to build the ISS and keep people alive and supplied: there have been 48 manned flights and 37 unmanned flights. And thats to sustain 3 people continuously in low earth orbit.
Do you realize just how many sattelites and autonomous scientific experiments you could put up with that much launch capability?
And the current manned space program produces alomst NO science. Lets take the columbia's final mission, which cost 7 lives. For a pure science mission, all the scientific research could have been conducted by automated in-orbit devices (all the non-biological experiments, and most of the bio experiments on non-humans) or are predicated on human spaceflight (the bio experiments on people).
Seven lives were sacrificed for nothing of value: they never needed to be there.
Face it, space, for now, is not meant for fragile organic bags of mostly water.
All of the proposed plans are based on the arguably flawed assumption that humans can add significant value in flexibility over current robotic explorers. Which is clearly not the case based on experiences with the mars rovers and similar devices.
Why can't we just admit the unpleasant: Yes, in 1969, if you wanted to explore the moon you needed a person. Now, 40 years later, you need robots and let the people sit comfortably back at JPL and Houston, safe and sound and cheaper.
They could have just stripped the GPL'ed code out completely, its a small part of the total code dump...
Rather, it really is legitimate but for a different sort of evil. Microsoft wants to rule the virtualization world over VMWare and Xen, and one of the things they need to support is Linux well for this market. By getting the necessary support into the kernel, even under the dreaded GPL, this furthers Microsoft's own objectives.
These days, the model is very much based on some really funky group keying and key revocation, which allows the sattelite provider to revoke individual keys because each receiver has a unique key rather than a group sharing a common key.
Among other things, this makes piracy MUCH harder, because the sattelite providers can buy pirated receivers, take them to the lab, find out the key used, and revoke it, disabling that entire batch of pirated receivers without affecting normal customers.
Slashdot Mirror
Doctorow's gripe is NOT about cloud computing, but Software as a Service setups, where the software is externally hosted.
"Cloud Computing" is a very nebulous term, ranging from online apps in the browser (Google Apps) to high level compute APIs (Map-Reduce etc) to low level VM hosting and storage (Amazon EC2/S3).
The interesting things, IMO, from the cloud point of view are the compute side, which is a windfall (we used EC2 to great effect with Netalyzr), and the reliability/infrastructure offloading.
And let's do a puzzle here. Yes, a cheap computer is just that, CHEAP, which implies unreliable. Gmail, for all its griping, has pretty much 99.99% uptime. Does Doctorow realize how much even that level of reliability costs when done in-house?
Design patents are for very distinctive but not functional items.
EG, Apple has tons, TONS of design patents on the iMac, as they had on the NeXT cube and pizza boxes, as so on and so forth...
That google did NOT already have a design patent on their home page is strange and noteworthy, not that they just got one now.
It is a great failing in our industry that its viewed as a problem that "most don't think about security".
Rather, the problem is that we haven't constructed systems such that people don't have to think about security. The best security systems are so unobtrusive and unnoticable that people should not think about them.
EG, a good succes story is the modern car key. 10-20 years ago, it was trivial to steal a car. You break the steering lock, put two wires together, and drive off. We had horrible cludges like "the Club", and people had to think all the time about it, in theory.
Now our carkeys have RFID transponders which are cryptographically keyed to the car's computer. It is vastly harder to steal a modern car (either bring a tow truck or swap the computer), but the actual cognitive load for most people is vastly less. You do the same thing you did before, but now your new car is far more secure.
And then tweak it to match reality.
I'm afraid people do that all the time, each one new and different.
But why do they bother? We already have the ultimate "parameterize and tweak the theory to match reality" theory in String Theory, so why bother with anything else?
This is just the same problem Noted in XKCD.
Good battery life is not cool. Open source software, especially a mutt like linux, is all about cool.
Good battery life requires annoyingly huge amounts of microoptimizations and chipset-dependent tricks. Which is most definatly NOT cool.
This is a GOOD thing: it strikes a blow against John Gabriel's Greater Theory of Internet Fuckwads.
If you are a fuckwad online, and get outed for it, good. Perhaps this will discourage fewer anonymous fuckwads in the future.
1: Pay content providers for any infringing file
2: ???
3: Profit!
Back in 2000, when Win2K was out and happy but the proles were stuck with Win98/ME, I decided I wanted a laptop.
There was a cheap Sony laptop with Win98/ME on it that looked good to me and was on sale. I checked, there was a version of the same laptop with Win2K available, but it was a few hundred dollars more if you could FIND it, and the UC CS dept had a site liscence/arrangement for Win2K.
So I figured, why not? Buy it at fry's, reinstall with a remotely tolerable Windows OS, be happy.
Get the laptop, blow away the Win98/ME crap, put on Win2K, only to find out that Sony locks all the drivers with BIOS strings and the like so the drivers from the Win2K version won't install on any other notebook, even when the chipsets and everything are identical!
Fortunately, Fry's had a good return policy. So rather than going hunting for manufacturer sites for drivers, I said, screw it, popped in the reimage disk, and restored it and returned it.
A few weeks later, I bought an IBM notebook off a friend with PowerBook envy, much prefering the IBM site wher you put in the model # on the bottom and you get every driver for every OS variant, including Linux, in a nice neat grid...
But even nearly a decade ago, Sony was gimping their laptops badly. Glad to see they are keeping THAT tradition alive...
A lot of web browsers when you ask for foo.com, if that fails, will look up www.foo.com
Try checking with netalyzr:
Netalyzr.icsi.berkeley.edu, as that does the lookups directly.
The latency comes from two factors.
The biggest is because Comcast gives very long DHCP leases, and the change doesn't propagate to your system until your access device gets a new DHCP lease.
The second is they probably batch updates to the DHCP server to say who's opted-out.
If you want to have it go faster, after going to the opt-out site, reset your cable modem and your NAT box and it will probably take effect right away. If that doesn't work, wait an hour and try again.
Comcast's version is an order of magnitude better than everybody else's.
a: There is a REAL opt-out, that puts your DHCP lease to point to a DNS resolver that doesn't do this. I'll have to do this when I get home. Compare this with, eg, Verizon's pitiful opt-out instructions involving manually changing DNS settings.
b: IF you had manually set your DNS resolver to a Comcast server, you are unaffected (they added new resolver addresses to do this), per previous discussions by the Comcast folks over at Broadband Reports.
c: It does NOT get *.whatever, only www.*.(TLD), thus even when you don't opt out, it is at least limited to web-related typos. This is actually a big deal, as I think Comcast is the first one NOT to do it for everything.
I don't like NXDOMAIN wildcarding (it was one of the motivations behind building the ICSI Netalyzr), but if an ISP is going to do it, Comcast's is actually well constructed to both limit collateral damage (it only gets www.*) and be able to be bypassed with a real opt-out.
I'm not a fan of OpenDNS because they also do NXDOMAIN wildcarding.
However, they do have a working opt-out in the OpenDNS dashboard, however you need to use their notification mechanism so they can track where you are to maintain the opt-out.
If this is a true description of the opt-out, it is SERIOUSLY broken.
Simply put, any opt-out mechanism MUST enable the user's computer to properly receive an NXDOMAIN response. Because the problem is NOT the advertising web page on a web browser typo for http, but all the other things that do DNS lookups.
For example, NXDOMAIN wildcarding even snagged and confused Dark Tangent into thinking that someone was trying to MitM the Defcon forums!
I can accept an ISP doing this only under the following conditions:
a) The opt-out is a one-click item on the page
b) The opt-out is perminent and for all connected through that IP/customer link
c) The opt-out is a real opt-out which will cause NXDOMAIN responses to be properly returned as NXDOMAIN.
This clearly fails B and C.
I wish I noticed it. I would have gotten a starbucks card and see if I could withdraw some cash...
IIRC, the apple developer agreement basically specifices that your code is effectively under NDA, because you are under an NDA to access the API etc.
Thus you can't legally do GPL code for the iPhone: you can't release the source under Apple's liscence, but you must under the GPL.
WHY can't lkml.org's mailing list retriever handle a slashdotting?
Its not like the flashcrowds are all THAT big.
I did the same rough pencil and paper calculations, and the efficiency claim they are making is 10%+, which really would be amazingly outstanding if possible, but is so high I'd find it highly doubtful.
I'd be happy with 2-5% efficiency with such a scheme.
He should contact the James Randi foundation for their 1M prize for paranormal proof, as they might very well consider "WiFi sensitivity" paranormal behavior.
Front Running is when the broker or market maker (eg, Nasdaq) does such behavior.
Although the high frequency trading is slightly different, it is almost electronic front-running, especially with the ability to PULL the orders unfufiled after a few milliseconds.
A crowbar which can be used to whack anyone who writes programs in C or C++ which take untrusted input (like, oh, web browsers, word processors, PDF readers, etc etc etc etc etc) until they give up and use a language that is typesafe and memory safe.
But you can't be kept "alive" without tons and tons of support equipment....
The infrastructure cost for humans in space is staggering. Look at just how many tons of shit needed to be put in orbit to build the ISS and keep people alive and supplied: there have been 48 manned flights and 37 unmanned flights. And thats to sustain 3 people continuously in low earth orbit.
Do you realize just how many sattelites and autonomous scientific experiments you could put up with that much launch capability?
And the current manned space program produces alomst NO science. Lets take the columbia's final mission, which cost 7 lives. For a pure science mission, all the scientific research could have been conducted by automated in-orbit devices (all the non-biological experiments, and most of the bio experiments on non-humans) or are predicated on human spaceflight (the bio experiments on people).
Seven lives were sacrificed for nothing of value : they never needed to be there.
Face it, space, for now, is not meant for fragile organic bags of mostly water.
All of the proposed plans are based on the arguably flawed assumption that humans can add significant value in flexibility over current robotic explorers. Which is clearly not the case based on experiences with the mars rovers and similar devices.
Why can't we just admit the unpleasant: Yes, in 1969, if you wanted to explore the moon you needed a person. Now, 40 years later, you need robots and let the people sit comfortably back at JPL and Houston, safe and sound and cheaper.
They could have just stripped the GPL'ed code out completely, its a small part of the total code dump...
Rather, it really is legitimate but for a different sort of evil. Microsoft wants to rule the virtualization world over VMWare and Xen, and one of the things they need to support is Linux well for this market. By getting the necessary support into the kernel, even under the dreaded GPL, this furthers Microsoft's own objectives.
The Chinese Communist party got tired of people taking their candles.
These days, the model is very much based on some really funky group keying and key revocation, which allows the sattelite provider to revoke individual keys because each receiver has a unique key rather than a group sharing a common key.
Among other things, this makes piracy MUCH harder, because the sattelite providers can buy pirated receivers, take them to the lab, find out the key used, and revoke it, disabling that entire batch of pirated receivers without affecting normal customers.