Re:Be wary of Athlon for games
on
The New Athlons
·
· Score: 2
Unfortunately, most new Asus boards use VIA chipsets, which have a reputation for stablity problems and serious hardware compatability issues. (SBLive owners know what I'm talking about!)
Spectre, which was released a few years later for the PC under the name Spectre VR, was a wire-frame tank simulation, but you played it from the first-person perspective: as if you were sitting in the tank itself. The Mac version was released in late 1991 or early 1992.
Does nobody else remember Battlezone? 3D wireframe tank game, first-person perspective. I think it's from the early 1980s.
There were probably others too... I've heard of old arcade games that used vector-based graphics to do wire-frame 3D, with a special CRT that had a programmable electron gun instead of the common raster/scanning one. Maybe the battlezone I played was a C64 port of an arcade version?
In any event, the wire-frame games impressed me at the time. I had written optimized asm line-drawing code and could see that those capabilities for just drawing all the lines for a 3D wire-frame scene in real-time were barely within the reach of a 1MHz CPU. The fact that they could do that, plus the 3d perspective calculations and gameworld stuffs, was really quite something.
But where will it all lead? It's possibly worth remembering at this juncture that Mr Tony himself is a complete, self-confessed and unabashed technoklutz. He is, furthermore, total jail-bait when it comes to photo-opps with the rich and famous. Which is a disastrous and expensive combination when it runs up against Bill Gates at the head of Microsoft's government sales Spetsnaz.
Well I have news for them: No consumer will choose to eat shit over cake.
Most folks out there don't know how to rip MP3s. They either need to get help from a friend, or they need apps bundled with Windows. Otherwise they're just left wondering "what is a ripper?" For them, shit vs. cake is going to be a question of crippled MP3 or full-quality WMA. With the scales so tipped, MP3 is not the cake!
In B.C., Telus has the last-mile monopoly. Telus shall be your local telephone provider and you shall have no other local telephone provider before Telus. I believe this is a government-ordained monopoly, and that they keep fairly tight reigns on the telco. We have gotten local calls free for as long as I can remember, although they do seem to like to play with the cost of basic service. Long distance can be from any provider; you get two bills unless you stick with Telus for LD. You can also DSL service from companies other than Telus, but it is Telus that actually provides the DSL ports at the exchange/central office/whatever.
Then there is cable. We only have one cable provider here; used to be Rogers but they did a customer swap with Shaw so we get Shaw out here in BC now. You can only get cable TV or cable internet by going through Shaw.
How about BIOS support for large IDE devices? Do any of you remember the disappointment when your onboard controller couldn't handle a drive larger than 8 gigs?
<cheap anti-MS shot>
Just create a small partition, small enough to fit on the recognized portion of the drive. Put your root filesystem there. 128 megs is plenty for a root fs. Put/usr,/var,/tmp etc. on the rest of the disk (one/usr partition with/var and/tmp on it is fine for a home box; servers should have more separation). The BIOS can access the small root partition well enough for the boot blocks to load the kernel from it, then the kernel can take over and mount the rest of the disk.
I've never had a problem with BIOS limitations since switching to a decent operating system.
</cheap anti-MS shot>
Re:Two things that alone is enough to use zsh
on
To Z Or Not To Z
·
· Score: 2
for i in *; do echo $i; done
Seems pretty much as short.
Blech. I find "{... }" much nicer than "do...; done". Besides, if you've got more than one command to do, you have to type "do {... }; done". In that case, why not drop the do/done and just use the braces?
Do/done bothers me, because all of the other languages I write code in just use the braces without superfluous do/done keywords (okay, maybe the occasional "do").
Re:Two things that alone is enough to use zsh
on
To Z Or Not To Z
·
· Score: 2
and I don't know if it removes features that are strictly a superset of sh's features,
It doesn't. If you write a script, and test it with #!/bin/sh where sh == bash, without taking special care to limit yourself to standard sh, don't expect it to work with other/bin/sh's. You'll end up with a script that only works with bash in sh comatability mode. In that case you're better off just using #!/bin/bash (or whatever shell you use), so whoever installs your script knows what shell they actually need.
I would say write for whatever shell you want. Bash is a good bet, as it's available on all linux systems (but be careful; you might inherit an old box with only bash-1!). Zsh is not nearly as common, but it is trivial to install, and has some really nice conveniences to make it worth the effort.
What makes you so sure that they received the complete source? Is the source even buildable? What makes you sure the Windows binaries don't include backdoors in source files Microsoft doesn't distribute?
The Secure path in NT is Control-Alt-Delete. There is a very sane reason for this, it's not allowed to be intercepted by ANY application running under NT. Thus, you can ALWAYS know that the OS is in control when you do Control-Alt-Delete.
You're missing the point. The operating system can trap whatever key sequence it wants - it is the operating system, so all keypresses are processed by it first. Of all the key combinations available on a keyboard, MS chose to use the combination traditionally associated with rebooting the system.
Instead of seeing PC's being broken into several different devices based upon function, I forsee a future where the PC is combined with several other devices to form an entire home entertainment hub.
You, Sir, are a geek. I also prefer a PC combined with several other devices to form an entire home entertainment hub, but I'm a geek too.
Who uses their computer with a CDROM drive and Napster to play music, a TV decoder card to watch their favorite shows, a DVD drive to watch movies, and a kick-ass video card with the latest drivers to play games? Geeks.
Who connects a CD changer to their stereo system for tunes, plugs their big screen TV into the cable outlet for shows, plugs a DVD player into their TV for movies, and plugs a Nintendo/Playstation/Whatever into the TV to play games? Everyone else.
There are still a few "killer apps" that people use PCs for. Mainly: word processing, spreadsheets, and surfing the web / accessing Hotmail. Once those functions are integrated into toaster-type devices most people will no longer want to deal with big, ugly, space-hogging, frustrating to use, and expensive to maintain/upgrade PCs.
Think about it: Why was it even necessary to create a program like DeCSS?
On a side note, I teach people to write web applications. My students are generally not programmers to begin with. When we were writing shopping carts, not a single one of my students stored pricing on the client side.
Having a good teacher helps a lot. You probably explained to them the way a web browser communicates with the server. Not everyone in web dev understands that, even though it is the basic foundation, which is why these problems pop up. If you look at some of the web dev forums you'll see people asking why their static/global variables aren't preserved between invocations of their code, not understanding the stateless nature of http connections.
So people often do stupid things like this, not knowing any better. Then they notice (either of their own discovery, advice from a peer, or the hard way) that they can save the web page to their local disk and edit the price and submit the altered form. So they "fix" the problem by implementing a referrer check! Then they try the save-and-edit thing and it doesn't work, and figure they're secure, not understanding the way HTTP actually works.
It's sad, really. I hope you can produce a few more cluefull ones and raise the average out there.
Trusting data passed by hidden form variables is probably just the tip of the iceburg, though... I suspect there are a lot of database-driven sites that insert user-supplied data into SQL query strings without proper validation, allowing remote users to execute arbitrary SQL. It's like the shell metacharacter thing all over again. I've even encountered a page that did the input validation on the client side in javascript (I had js disabled so I discovered the problem entirely by accident).
Re:Oracle/Java on FreeBSD
on
Is BSD Dying?
·
· Score: 2
big kernel lock is not reasonable SMP support. if you deploy that, you're wasting half your hardware.
You're only "wasting half your hardware" if your system is in kernel mode 100% of the time.
If your system spends the vast majority of its time executing userland code (and this is the case for most servers) then the kernel lock is not a big issue. Your server will happily run one userland process per CPU. The kernel lock is only an issue in the kernel.
What is the difference for the typical dual-CPU web server running php/perl/whatever? Five percent? Maybe ten?
It's only an issue because that 5-10% is wasted and doesn't have to be. It's not "wasting half your hardware". Really, the real issue is the "[OS A] has feature [foo] and [OS B] doesn't" factor, which can get massively blown out of proportion as demonstrated by your post.
From the Netcraft site:
The relatively static market share for Microsoft on the web as a whole contrasts sharply with its progress in our companion SSL Server Survey where Microsoft makes consistent and relentless gains, month after month, and now accounts for 49% of the sites performing encrypted transactions on the internet.
I wonder how many of these were given a small fortune's worth of hardware and software by MS.
I suspect they've been doing that a lot lately. There is a start-up I am close to, hasn't even received funding yet, is getting offers of free hardware and software from MS. Six figures worth! The condition is that they re-write all the unix-based stuff to become a pure W2K shop.
Imagine a smart shell: I type 'ls -' and it shows me all the options to ls. There should be another keystroke, so that if I type 'ls -alR' it would explain what those options do, then return my command line in the same state for further editing.
What you are describing is programmable completion. Zsh has features that could be used to do what you describe, although you will probably need to write your own functions that spit out the information because the unix man page system doesn't have a mechanism for bringing up specific sections. You could make zsh do everything you want if you are prepared for a learning curve and a lot of work (think of all those commands you'll have to write completion functions for), but you could do it fairly easily if you take it one command at a time. You'll probably also want to do the usual zsh completion stuff (eg. "tar -xvzf foo<tab>" brings up foo.tar.gz and foobar.tgz but not foobaz.html) so there's more work there. But once it's done you can share the results with everyone else.
Zsh is a nice shell for other reasons too. I use it exclusively even though I haven't yet bothered to figure out the programmable completion (I just use completion controls other people have written).
Netscape stagnated however, not really coming up with anything new. Internet Explorer won out and the W3C had to conform to it. And this is not necessarily a bad thing. Think about how far behind web technologies would be if NS was the dominant browser? Sure, NS and IE can do a lot of the same things - problem is, IE does them more cleanly whereas equivalent NS implimentations are essentially big ugly hacks. And well, of course, there's a plethora of useful features that are in IE that you could never do with NS. And when is the last time NS introduced anything new?
s/stagnated/suffocated/. The reason NS was stuck at version 4.x for so many years is because MS "cut off their air supply". They couldn't afford to develop a new version because there was no longer any way to recoup the development costs.
That is why we have the situation we have today. A lot of people liked (and still like) Netscape but were stuck with the 4.x browser because of MS's illegal business practices. So a lot of web developers had to develop for a bitrotten browser instead of making use of new standards like CSS (yes, NS4 had some sucky CSS support (so did IE 4)). Finally, everyone said "fuck it" and developed for IE 5.
If the browser war hadn't been "won", I'm sure we would have seen a lot more innovation from both NS and MS over the past few years. NS and MS would still be creating their cute little tags to one-up each other, and W3C, following their leads, would design an elegant solution to do the same things (and then some) The Right Way. I suspect we would've seen much more interesting developments from that competition than the relatively trivial things we have seen without it.
Since the end of the browser war, what sort of developments have we seen? IMHO, the most significant developments in the web browser have been: HTML (duh:), client-side scripting (Javascript), integrated VM (Java applets), and style sheets (W3C CSS). How many of those happened after the browser war ended? Have we seen anything of comparable signifigance since? I mean, "hover"? Give me a break! CSS came about just as the browser war was ending, and that is where the real innovation stopped. I don't think that is a coincidence.
When MS won the browser war, it wasn't just NS who lost. We all did.
Yes, there is a security problem with running suidperl. As is there with anything that has the capability to be run suid root. So what?
Just don't do it. It's bad practice to use suidperl.
If you need to create files on the local filesystem (this can usually be avoided but not always), would you rather do it in a directory that is world writable (or writably by the web server process, which may as well be the same thing if you have lots of CGI/mod_perl/whatever) or would you rather have a Perl script that is setgid to some special group and only give that group write access?
This is largely a moot issue with the proliferation of scripting languages running within the web server process, although sometimes it is worth taking the hit of a fork+exec(+perl startup (ugh)) in order to restrict access to important files.
If you must support FTP through your firewall, make your users use passive FTP. Every modern FTP client and every modern FTP server that I've seen all support passive FTP. Of course, a better approach is to encourage secure communications, like scp or SSL.
Bottom line, the best firewall design is the simplest one possible that gets the job done. Adding neato features like payload monitoring to poke extra holes in the firewall is diametrically opposite this philosophy.
Even worse, payload monitoring and encryption (SSL, IPSec) prevent each other from working. If you're using payload monitoring, encrypted packets will be un-monitorable and things like the "port" command will never be seen, thus preventing the connection from being allowed through the firewall. So in cases where payload monitoring is in place it discourages the deployment of crypto. Likewise, when crypto is deployed it discourages stateful filtering, but that seems to be a relatively good thing because proper encryption should be considered more important than filtering hacks IMHO.
You seem to describe linux NOT using ipfilter, but making their own, iptables, as a bad idea.
It might not neassesarely be a bad idea.
I will write a few analogies, but basicaly my response is
Competition is good
What competition? Iptables has a monopoly on stateful filtering under Linux.
It's not about competition. It's about NIH. That's the only reason I can see why Linux went so long without a stateful firewall instead of doing the maintainence on IPF. Would you suggest that not having stateful firewall should "win the competition" over having a stateful firewall? Apparently it did for over two years, only because the terms of that competition made it counter-productive at best.
I wonder... How many firewalls were left configured to allow all UDP access as long as the sender claimed source port 53, because most mortals didn't know how to permit DNS responses in a stateless config without opening such a wide hole? (FreeBSD's default/etc/rc.firewall used to have just such a hole when ipfw was stateless, but at least ipf was available as an alternative (that's competition)).
Stateful firewalling isn't exactly new technology, and it's even been with the rest of the open source world (BSDs) in the form of ipf for quite a long time- it's gotten so ubiqutious, for example, that FreeBSD's ipfw is now stateful as well.
Darren Reed's IP Filter ("ipf") is very cross-platform and not exclusive to BSD. It works with several other *nixes as well.
What's really interesting is that linux used to have stateful firewall support, via ipf! That's right, IPF used to work with Linux. But somewhere along the way with all of the changes to the Linux kernel IPF stopped working and nobody bothered to do the maintainence.
Instead of doing the required work on the mature stateful firewall package that is ipf, the linux folks put up with stateless ipchains for the longest time before finally adding state to ipchains. Shame!
This isn't exclusive to Linux though. FreeBSD's IPFW was made stateful even though IPF has always worked under FreeBSD. Reason? IPFW supports ethernet bridging, while IPF doesn't. No doubt there are similar reasons for ipchains over ipf: filtering based on MAC addresses was mentioned (although the desired results have always been do-able with static ARP).
Instead of re-inventing the square wheel, why didn't these people enhance IPF with the desired functionality? Isn't that what open source is all about? Must NIH prevail???
Yer fulla crap, the Logitech Marble Mouse doesn't need cleaning.
It's a ball that sits in a cup and rides on three tiny points. Off to the side is a window for the optics, at the bottom of the cup is a drain hole.
It doesn't need cleaning, but it does benefit from it. Lift the ball out and wipe the gunk off the three points. The ball will glide with unbelievable smoothness.
Takes a couple days to get used to it, very precise, good for skipping across page and placing boxes for deskptop publishing.
Try cleaning it some time. I think you'll be even more happy with the device than you are now.
The only fault I find in this device is the tracking sensors cannot handle very high speed movements (blurred dots) and is not a viable device for playing 3d games that involve mousing (ala Descent 1 2 or 3 or quake). But it's a natural problem.
I have the same device. In my experience, the resolution and/or sample rate settings matter a lot.
Pointing XF86 4 at the PS2 mouse port gives bad results. It's like the opposite of acceleration - after a certain point moving the ball faster makes the pointer move slower. I can't find any way to change the resolution or sample rate in XF86 4 either.
What I've done is run moused (this is the FreeBSD equivalent of gpm) with the flags "-r high -F 200" for high resolution, 200 samples per second. X opens/dev/sysmouse. This makes a huge difference. I no longer hits the slowdown in normal use; I have to really push it to see the slowdown.
Under Linux there may be similar options for gpm. They may or may not accomplish the same result - the options in XF86Config certainly don't. YMMV. Good luck.
is there ANY benefit whatsoever from having a trackball be optcall, since its still relying on a ball?
It's very beneficial, except when the ball spontaneously transforms itself into a cube or a pyramid or a dodecahedron. I'm just happy to be rid of that awful mousepad that kept BSODing several times a day.
Seriously though, the benefit of optical is that it gets rid of those damn rollers. With my Logitech Marble Mouse (two-button finger-operated optical trackball) the ball itself rests on three tiny points. Only the ball moves (and the buttons. and my fingers). After a few rounds of Q3A gunk builds up on the points and increases friction on the ball but it literally only takes about five seconds to lift the ball out and wipe the points clean. Trackballs tend to get dirty more quickly than mice because your hands are in direct contact with the mechanism, so being optical is actually more important for trackballs than it is for mice.
Slashdot Mirror
Reportedly, the new crop of KT266 boards are much better than the first.
Does nobody else remember Battlezone? 3D wireframe tank game, first-person perspective. I think it's from the early 1980s.
There were probably others too... I've heard of old arcade games that used vector-based graphics to do wire-frame 3D, with a special CRT that had a programmable electron gun instead of the common raster/scanning one. Maybe the battlezone I played was a C64 port of an arcade version?
In any event, the wire-frame games impressed me at the time. I had written optimized asm line-drawing code and could see that those capabilities for just drawing all the lines for a 3D wire-frame scene in real-time were barely within the reach of a 1MHz CPU. The fact that they could do that, plus the 3d perspective calculations and gameworld stuffs, was really quite something.
From the Register article:
Translation: The country is being run by a PHB.
I wonder how difficult it would be to add the feature to Mesa?
I'm sure that would result in a large increase in Linux usage. There are a lot of llamas out there.
Most folks out there don't know how to rip MP3s. They either need to get help from a friend, or they need apps bundled with Windows. Otherwise they're just left wondering "what is a ripper?" For them, shit vs. cake is going to be a question of crippled MP3 or full-quality WMA. With the scales so tipped, MP3 is not the cake!
In B.C., Telus has the last-mile monopoly. Telus shall be your local telephone provider and you shall have no other local telephone provider before Telus. I believe this is a government-ordained monopoly, and that they keep fairly tight reigns on the telco. We have gotten local calls free for as long as I can remember, although they do seem to like to play with the cost of basic service. Long distance can be from any provider; you get two bills unless you stick with Telus for LD. You can also DSL service from companies other than Telus, but it is Telus that actually provides the DSL ports at the exchange/central office/whatever.
Then there is cable. We only have one cable provider here; used to be Rogers but they did a customer swap with Shaw so we get Shaw out here in BC now. You can only get cable TV or cable internet by going through Shaw.
<cheap anti-MS shot>
Just create a small partition, small enough to fit on the recognized portion of the drive. Put your root filesystem there. 128 megs is plenty for a root fs. Put /usr, /var, /tmp etc. on the rest of the disk (one /usr partition with /var and /tmp on it is fine for a home box; servers should have more separation). The BIOS can access the small root partition well enough for the boot blocks to load the kernel from it, then the kernel can take over and mount the rest of the disk.
I've never had a problem with BIOS limitations since switching to a decent operating system.
</cheap anti-MS shot>
Blech. I find "{ ... }" much nicer than "do ...; done". Besides, if you've got more than one command to do, you have to type "do { ... }; done". In that case, why not drop the do/done and just use the braces?
Do/done bothers me, because all of the other languages I write code in just use the braces without superfluous do/done keywords (okay, maybe the occasional "do").
Here's another one: short-form loops...
for i (*) { echo $i }
Useless example, but you get the idea.
It doesn't. If you write a script, and test it with #!/bin/sh where sh == bash, without taking special care to limit yourself to standard sh, don't expect it to work with other /bin/sh's. You'll end up with a script that only works with bash in sh comatability mode. In that case you're better off just using #!/bin/bash (or whatever shell you use), so whoever installs your script knows what shell they actually need.
I would say write for whatever shell you want. Bash is a good bet, as it's available on all linux systems (but be careful; you might inherit an old box with only bash-1!). Zsh is not nearly as common, but it is trivial to install, and has some really nice conveniences to make it worth the effort.
I would bet that it is buildable. But see Reflections on Trusting Trust.
That paper applies to GCC too, of course.
You're missing the point. The operating system can trap whatever key sequence it wants - it is the operating system, so all keypresses are processed by it first. Of all the key combinations available on a keyboard, MS chose to use the combination traditionally associated with rebooting the system.
You, Sir, are a geek. I also prefer a PC combined with several other devices to form an entire home entertainment hub, but I'm a geek too.
Who uses their computer with a CDROM drive and Napster to play music, a TV decoder card to watch their favorite shows, a DVD drive to watch movies, and a kick-ass video card with the latest drivers to play games? Geeks.
Who connects a CD changer to their stereo system for tunes, plugs their big screen TV into the cable outlet for shows, plugs a DVD player into their TV for movies, and plugs a Nintendo/Playstation/Whatever into the TV to play games? Everyone else.
There are still a few "killer apps" that people use PCs for. Mainly: word processing, spreadsheets, and surfing the web / accessing Hotmail. Once those functions are integrated into toaster-type devices most people will no longer want to deal with big, ugly, space-hogging, frustrating to use, and expensive to maintain/upgrade PCs.
Think about it: Why was it even necessary to create a program like DeCSS?
Having a good teacher helps a lot. You probably explained to them the way a web browser communicates with the server. Not everyone in web dev understands that, even though it is the basic foundation, which is why these problems pop up. If you look at some of the web dev forums you'll see people asking why their static/global variables aren't preserved between invocations of their code, not understanding the stateless nature of http connections.
So people often do stupid things like this, not knowing any better. Then they notice (either of their own discovery, advice from a peer, or the hard way) that they can save the web page to their local disk and edit the price and submit the altered form. So they "fix" the problem by implementing a referrer check! Then they try the save-and-edit thing and it doesn't work, and figure they're secure, not understanding the way HTTP actually works.
It's sad, really. I hope you can produce a few more cluefull ones and raise the average out there.
Trusting data passed by hidden form variables is probably just the tip of the iceburg, though... I suspect there are a lot of database-driven sites that insert user-supplied data into SQL query strings without proper validation, allowing remote users to execute arbitrary SQL. It's like the shell metacharacter thing all over again. I've even encountered a page that did the input validation on the client side in javascript (I had js disabled so I discovered the problem entirely by accident).
You're only "wasting half your hardware" if your system is in kernel mode 100% of the time.
If your system spends the vast majority of its time executing userland code (and this is the case for most servers) then the kernel lock is not a big issue. Your server will happily run one userland process per CPU. The kernel lock is only an issue in the kernel.
What is the difference for the typical dual-CPU web server running php/perl/whatever? Five percent? Maybe ten?
It's only an issue because that 5-10% is wasted and doesn't have to be. It's not "wasting half your hardware". Really, the real issue is the "[OS A] has feature [foo] and [OS B] doesn't" factor, which can get massively blown out of proportion as demonstrated by your post.
I wonder how many of these were given a small fortune's worth of hardware and software by MS.
I suspect they've been doing that a lot lately. There is a start-up I am close to, hasn't even received funding yet, is getting offers of free hardware and software from MS. Six figures worth! The condition is that they re-write all the unix-based stuff to become a pure W2K shop.
What you are describing is programmable completion. Zsh has features that could be used to do what you describe, although you will probably need to write your own functions that spit out the information because the unix man page system doesn't have a mechanism for bringing up specific sections. You could make zsh do everything you want if you are prepared for a learning curve and a lot of work (think of all those commands you'll have to write completion functions for), but you could do it fairly easily if you take it one command at a time. You'll probably also want to do the usual zsh completion stuff (eg. "tar -xvzf foo<tab>" brings up foo.tar.gz and foobar.tgz but not foobaz.html) so there's more work there. But once it's done you can share the results with everyone else.
Zsh is a nice shell for other reasons too. I use it exclusively even though I haven't yet bothered to figure out the programmable completion (I just use completion controls other people have written).
s/stagnated/suffocated/. The reason NS was stuck at version 4.x for so many years is because MS "cut off their air supply". They couldn't afford to develop a new version because there was no longer any way to recoup the development costs.
That is why we have the situation we have today. A lot of people liked (and still like) Netscape but were stuck with the 4.x browser because of MS's illegal business practices. So a lot of web developers had to develop for a bitrotten browser instead of making use of new standards like CSS (yes, NS4 had some sucky CSS support (so did IE 4)). Finally, everyone said "fuck it" and developed for IE 5.
If the browser war hadn't been "won", I'm sure we would have seen a lot more innovation from both NS and MS over the past few years. NS and MS would still be creating their cute little tags to one-up each other, and W3C, following their leads, would design an elegant solution to do the same things (and then some) The Right Way. I suspect we would've seen much more interesting developments from that competition than the relatively trivial things we have seen without it.
Since the end of the browser war, what sort of developments have we seen? IMHO, the most significant developments in the web browser have been: HTML (duh :), client-side scripting (Javascript), integrated VM (Java applets), and style sheets (W3C CSS). How many of those happened after the browser war ended? Have we seen anything of comparable signifigance since? I mean, "hover"? Give me a break! CSS came about just as the browser war was ending, and that is where the real innovation stopped. I don't think that is a coincidence.
When MS won the browser war, it wasn't just NS who lost. We all did.
If you need to create files on the local filesystem (this can usually be avoided but not always), would you rather do it in a directory that is world writable (or writably by the web server process, which may as well be the same thing if you have lots of CGI/mod_perl/whatever) or would you rather have a Perl script that is setgid to some special group and only give that group write access?
This is largely a moot issue with the proliferation of scripting languages running within the web server process, although sometimes it is worth taking the hit of a fork+exec(+perl startup (ugh)) in order to restrict access to important files.
Even worse, payload monitoring and encryption (SSL, IPSec) prevent each other from working. If you're using payload monitoring, encrypted packets will be un-monitorable and things like the "port" command will never be seen, thus preventing the connection from being allowed through the firewall. So in cases where payload monitoring is in place it discourages the deployment of crypto. Likewise, when crypto is deployed it discourages stateful filtering, but that seems to be a relatively good thing because proper encryption should be considered more important than filtering hacks IMHO.
What competition? Iptables has a monopoly on stateful filtering under Linux.
It's not about competition. It's about NIH. That's the only reason I can see why Linux went so long without a stateful firewall instead of doing the maintainence on IPF. Would you suggest that not having stateful firewall should "win the competition" over having a stateful firewall? Apparently it did for over two years, only because the terms of that competition made it counter-productive at best.
I wonder... How many firewalls were left configured to allow all UDP access as long as the sender claimed source port 53, because most mortals didn't know how to permit DNS responses in a stateless config without opening such a wide hole? (FreeBSD's default /etc/rc.firewall used to have just such a hole when ipfw was stateless, but at least ipf was available as an alternative (that's competition)).
Darren Reed's IP Filter ("ipf") is very cross-platform and not exclusive to BSD. It works with several other *nixes as well.
What's really interesting is that linux used to have stateful firewall support, via ipf! That's right, IPF used to work with Linux. But somewhere along the way with all of the changes to the Linux kernel IPF stopped working and nobody bothered to do the maintainence.
Instead of doing the required work on the mature stateful firewall package that is ipf, the linux folks put up with stateless ipchains for the longest time before finally adding state to ipchains. Shame!
This isn't exclusive to Linux though. FreeBSD's IPFW was made stateful even though IPF has always worked under FreeBSD. Reason? IPFW supports ethernet bridging, while IPF doesn't. No doubt there are similar reasons for ipchains over ipf: filtering based on MAC addresses was mentioned (although the desired results have always been do-able with static ARP).
Instead of re-inventing the square wheel, why didn't these people enhance IPF with the desired functionality? Isn't that what open source is all about? Must NIH prevail???
It doesn't need cleaning, but it does benefit from it. Lift the ball out and wipe the gunk off the three points. The ball will glide with unbelievable smoothness.
Try cleaning it some time. I think you'll be even more happy with the device than you are now.
I have the same device. In my experience, the resolution and/or sample rate settings matter a lot.
Pointing XF86 4 at the PS2 mouse port gives bad results. It's like the opposite of acceleration - after a certain point moving the ball faster makes the pointer move slower. I can't find any way to change the resolution or sample rate in XF86 4 either.
What I've done is run moused (this is the FreeBSD equivalent of gpm) with the flags "-r high -F 200" for high resolution, 200 samples per second. X opens /dev/sysmouse. This makes a huge difference. I no longer hits the slowdown in normal use; I have to really push it to see the slowdown.
Under Linux there may be similar options for gpm. They may or may not accomplish the same result - the options in XF86Config certainly don't. YMMV. Good luck.
It's very beneficial, except when the ball spontaneously transforms itself into a cube or a pyramid or a dodecahedron. I'm just happy to be rid of that awful mousepad that kept BSODing several times a day.
Seriously though, the benefit of optical is that it gets rid of those damn rollers. With my Logitech Marble Mouse (two-button finger-operated optical trackball) the ball itself rests on three tiny points. Only the ball moves (and the buttons. and my fingers). After a few rounds of Q3A gunk builds up on the points and increases friction on the ball but it literally only takes about five seconds to lift the ball out and wipe the points clean. Trackballs tend to get dirty more quickly than mice because your hands are in direct contact with the mechanism, so being optical is actually more important for trackballs than it is for mice.