Re:You can't force people to keep salaries secret.
on
Google's Evil NDA
·
· Score: 3, Informative
Having been through this one before a few times, it's not just in the company's best interest to keep people in the dark, it's in the employees' best interest as well. No good can ever come from discussing your compensation with your coworkers. It will always turn into chaos because everyone feels important enough to be compensated more, but not every employee is equally important. When any group of employees starts getting pissed about money, it impacts everyone.
That's the party line, but it's wrong. What makes employees mad is being surprised by hearing through unofficial channels of huge pay imbalances. They're rightfully angry that this information has been concealed from them.
I used to work for a hospital that was part of a state university. Like all government-run organizations, everyone there knows what everyone else is paid. Salaries are printed in the local newspaper every year. There's even a searchable website. And yes, some people are paid a lot more than others. Yet somehow, the whole system does not come crashing down. The difference is universal, official disclosure. I sure wouldn't want to be the one guy whose salary everyone knows.
In the case of "hearing WiFi" the tests would need to include comparing regular access points with those of the exact same model which have been modified to emit no RF.
You don't even need to physically modify them to do that. Most wifi access points are also Ethernet switches and NAT-enabled routers, so it's not uncommon for them to have a "radio disabled" mode. You can do it programmatically.
Here's my proposed experiment: set up a computer program that sets the radio to a random state every minute, recording the states into a file for later analysis. Have the wireless access point in one room and the test subject in another, with his clothes (no electronic devices), chair, clipboard, pencil, paper, and clock synchronized in advance to the computer's. Have the test subject [*] know when each interval starts and stops and have them record whether they think the radio is on or off. Arrange the number of trials so that you can achieve 5% significance if the test subject is 75% successful. Try as many combinations of test subject and access point as desired. (Keep in mind, though, that at 5% significance roughly one in twenty will seem to be successful when it's not. So it might not be a bad idea to repeat the "successful" experiments if you try many combinations, in order to achieve greater significance.) You can be in same room as the test subject if you like, or add a video camera, or just go by the clipboard. If you allow anyone in the same room as the access point (seeing the radio status LED) or using a computer, they must not enter the test room, make sounds audible through the wall, or whatever. It's double-blind: no one who knows whether the radio is on or not inteacts with the test subject until after the test subject's observations are recorded, so the test subject can't be know the radio state unless the test is successful.
[*] - or, in the case of the autistic boy, an "interpreter". I'll leave the ethical considerations of a potentially somewhat-painful experiment on a subject who can never give "informed consent" as an exercise to the reader. I admit I'm biased by my near certainty that the experiment would show nothing.
Urban legend - and quite a silly one. Hint: AM stands for amplitude modulated. An antenna is not enough to get to encoded the audio signal.
AM is dirt-simple, actually. I looked up this urban legend, and there are a number of people who claim it's true. Keep in mind the classic line that "the plural of anecdote is not data", but they at least provided a semi-plausible theoretical basis for this happening.
I can't say the same for arivanov's claims of detecting low-power 2.4 GHz 802.11[bg] transmissions. I find the idea that several people in his group of friends can do this to be incredible given the prevalence of wifi and lack of other reports, and due to the missing theoretical basis. While I myself know a number of people who find wifi painful, it's more in a metaphorical sense. And while a particular pattern of 2.4 GHz signals can have a dramatic heating effect on water molecules - deadly for living creatures - the effect from wifi would have to be negligible. A typical microwave oven radiates 700 W. A wifi hotspot is restricted to at most 100 mW [*]. So it's not as powerful by four orders of magnitude. What's more, objects in a microwave are maybe a half meter from the transmitter, so they'll get a significant fraction of that 700 W. Flux follows an inverse square law, so the power passing through a small kid three rooms away from the wifi transmitter will be much less than 100 mW. The antenna should be anisotropic, and by design the kid should be in a relatively high-gain region, but...still...much less than 100 mW.
[*] - exact limit varies by regulatory domain, and the restriction may not be on total radiated power. In any case, I think I have the right order of magnitude.
[Noticing wifi without electronic equipment] is a well known phenomenon. While quite rare, it exists and some people really cannot stand it.
I don't believe you. Extraordinary claims require extraordinary evidence. Show me the results of your double-blind trial. If you personally know "a number of people" who can do this, it should be quite easy to perform. After performing it, you reasonably claim that you have evidence. After getting your study published in a peer-reviewed journal and your results reproduced elsewhere, you can reasonably claim that it is well-known. Until then, stop saying crazy things.
This is just basic CYA. If they promise that the data will come back, then they're legally obligated to restore it.
Under what law? IANAL, but I believe making a hopeful statement in a press release is rather different than signing a legal contract. I think it would be poor public relations to overpromise and underdeliver, but illegal? That sounds crazy.
Lo and behold, what do I find but report after report (mostly peer-reviewed) of the allergic reactions that have been reported from cochineal extract. (Here's just one of several I pulled up.)
Keep in mind two things: (1) few of those reports are describing exposure solely through food, and (2) pick any food, someone's allergic to it or has some reason to avoid it. My girlfriend has a mild allergy to cilantro and sensitivity to wheat gluten (Celiac disease). My dad tries to avoid sodium because of some genetic disease I hopefully don't have. I know a man who is allergic to garlic, and several who are allergic to peanuts or tree nuts. Many are intolerant to lactose, some to fructose. I've heard of one person who has about five things she can safely eat, none of them flavorful. It would be crazy for the rest of us to avoid all these things just because they are dangerous to a few. Accurate labelling is sufficient for those few to avoid harm - "cochineal extract" is fine. If I have a legitimate problem with "cochineal extract", I'll know what it is.
And yes, it is in fact made from crushed female beetles. I suppose that part doesn't bother me as much as industry trying to hide the fact from consumers. (Remember all those Consumer Reports articles about insect parts and droppings in your canned food, like tuna and what not? Now it's legitimate!)
Is it the FDA's job to tell consumers that one of the listed ingredients is kind of gross? I say not, so the industry's beef with "contains crushed pregnant beetles" is legitimate. Panicking consumers unnecessarily might force the industry to find other, less well-tested dyes. (Or change the color of their food, but that would spook consumers even more.)
By the way, I think the stories about insect parts in canned food are true, even when it's not a deliberate part of the dye. That doesn't bother me as much as the heavy metals, which are proven to be harmful to everyone in sufficient quantity. I used to eat tuna every day for lunch, and now only occasionally because of that. It's otherwise much healthier than beef (my fallback), but what can you do?
Knowing slashdot, I feel obligated to point out that yes, I do realize frank_adrian314159 was probably not expecting anyone to take his suggestion. (And was being facetious about the surge going so well.) Nevertheless, this whole idea that this is how you pitch in is a strange one that I have seen proposed seriously, thus my post.
So come on, right-wing types! Where's your "support the troops" spirit?
Maybe due to my left-wing political views, I don't understand this question. You seem to be talking about something entirely different than supporting our troops. It seems like there are several different actions you can take, including
what you're suggesting - strapping on body armor and do similar things as our troops, with shrinked-wrapped bricks of hundred-dollar bills replacing training, "semper fidelis", and command structure. This is what I call "being a mercenary".
joining the military yourself. Not as lucrative as mercenary work, but much more respected, at least historically. (The popularity of euphemisms like "private security" seems to indicate a recent change to that attitude.)
participating in our democracy to keep our troops as safe as possible - ensure they're not sent anywhere they don't need to be, and ensure they are well-equipped when they are sent there. This is what I think of when people say "support our troops".
Re:Does anyone even use this OS?
on
CentOS 5 Released
·
· Score: 2, Informative
We use Cent where I work. There's a special "Server" CD that strips out pretty much everything that's not a major requirement. I think they're taking the same path that Microsoft has with Windows: you put one version on the server, and another version on the client, and it's all tested to work very well together. In that respect, Compiz on the client might be considered a feature.
I think that "Server" CD is something your company created. RedHat split RHEL5 into "Server" and "Client" repositories, but CentOS 5 combined them into a single repository, as CentOS 4 did before. So "Server" or "Client" is just a choice of which packages you install.
Where I work, we've created kickstarts for several configurations - development workstations for a couple different teams, basic server, server with RAID. They're minor differences, and in fact I'm switching our configs to be all generated from one file through gpp. As of last night, you can get a CentOS 5 machine by booting our CD, typing workstation-x86_64 name=foo, and waiting half an hour. At some places, you don't even need to put in a CD - you can use pxelinux to boot off the network.
One city in CA got smacked down for a lesser problem -- insufficient "yellow time" -- and had to refund over $1M
That's not a lesser problem. Citing people improperly is badly enough, but it's a miracle they didn't kill anyone by illegally reducing the yellow time. I'm surprised they got off so lightly. Criminal charges against the responsible parties wouldn't be unreasonable.
This kind of pisses me off. People who are functional programming ethusists are always telling other people that they should be using functional languages but they never write anything significant in these languages.
I think that's true of all people who claim to have a silver bullet. For example, I'll be impressed when the "eXtreme Programming 100% test coverage, no checkins without a new test passing" crowd actually manage to write a kernel like that, including tests demonstrating complex race conditions and hardware interactions. Until then, I'll achieve maybe 60% test coverage (maybe even integration tests, not unit tests! horror!), I'll consider it good, and I'll assume that people who say otherwise are bragging about writing toy systems.
Re:Gee, why is no one switching to IPv6?
on
IPv6 Tested in Space
·
· Score: 2, Informative
I've done work on their devices more than once and can attest that they are running IPv6 - a separate address for each interface on the device: bandwidth, video, phone. I have been told by their installers that this is typical and that their internal equipment is all running IPv6, though I have no proof of that myself.
That doesn't mean they're running it. My MacBook right now says this:
IPv6 auto-assigns link-local addresses, much like the IPv4 169.255.0.0/16 addresses you see when no DHCP is running. I did nothing to set up that "%en1" address, I have never used it, and in fact it can't actually be used anywhere but on that network segment. All this means is that their equipment supports it, which is much more likely than them having upstream IPv6 connectivity and actually learning to use it.
No one uses IPv6. Your other example is equally bogus. The hospital you mentioned is probably just asking for experience with it because someone saw it in a trade magazine, similar to the people who were asking for "10 years Java experience" when Java had only existed outside of Sun for three years. Or because they know a particular person with IPv6 on his/her resumé and have made the job requirements so (s)he will be the only one who matches them. In a university- or government-run institution, that's how you get around the affirmative action people when you want to hire from within. I have seen it happen at a hospital.
You dont need their support. Use 6to4. Or a tunnel.
You need their support even for 6to4. In one facility, I sent out 6to4 packets to the anycast address (192.88.99.1) and no packets came back. I don't know exactly what happened to the packets, but it works fine on machines elsewhere, but there tcpdump shows proto=ipv6 packets going over my real network interface to 192.88.99.1 and never coming back, so I can't access true IPv6 (non-2002::) sites. Even where the anycast address does work, 6to4 doesn't work over NAT without an alg no one's written or deployed, so you can't just get at your IPv6-only machines by using your hotel or airport's wireless connection, which is inevitably NATted and IPv4-only.
And tunnels? To where? If you have two specific sites you want to connect, sure it will work but so will an IPv4-only tunnel with reserved addresses. If you want to not have to do setup for each address pair, the tunnel would have to go to a host with IPv6 already set up that isn't too slow and is willing to forward all your traffic. Where would that be? The 6bone test network closed down, and even when it was running, their sites were high-latency, high-loss, and inconsistently available.
The problem is the ISPs. Applications are easy to fix - in fact, if you tell me how I could practically take advantage of IPv6, I pledge I will add IPv6 support for every Linux network application I use. I did it for CVS the other day - it took me about half an hour. I think much of the core router equipment has IPv6 support. In fact, some ISPs are even asking for IPv6 support in the DSL routers they bundle to consumers with the service. Not sure why...it's not like they're going to actually flip the switch and turn it on...that's not how they roll. They just like demanding features from their vendors that they'll never actually use. (Disclaimer: I work for one of those vendors. We have all kinds of features that real consumers never see, and it annoys me.)
Well, if you want to be a red hat beta tester, that's up to you. I mean, I want to be a Ubuntu beta tester, but in order to become one I had to edit my apt-sources and s/edgy/feisty/ and do a dist-upgrade. All Fedora users are beta testers.
If you don't like Fedora, don't forget that it's not the only free-as-in-beer RedHat system. My servers run CentOS, which is essentially RHEL recompiled. I don't have "shitpiles of money", but I still use a solid system that RedHat built. The only practical difference is that I don't have a guaranteed support channel. Are you suggesting that I should get that without paying them money? How would RedHat be able to pay the engineers who write so much software? And Ubuntu doesn't have that sort of support - should they be held to a different standard?
All of the people I know who use Gentoo use it because of the amazing build toolset and customizability. I can compile everything with "-g" and debug anything on the system through glibc... and see source listings at any stack frame. That's incredibly valuable
You should try a more mainstream distro again. They've anticipated this need, so you don't need to rebuild anything. RedHat-based systems (and I believe SuSE and Debian/Ubuntu as well) all have a build system which extracts debugging symbols from binaries, placing them in -debuginfo packages along with the source code. gdb has been modified to look for debugging info in this location. You can run gstack on a coredump, realize you don't have the right debugging symbols, do a yum install foo-debuginfo, run it again, and get the right information. (And even have list do the right thing.) You can audit exactly how much disk space these packages use with a simple du -sk/usr/lib/debug and remove them without rebuilding. There's more information on the Fedora wiki.
CFLAGS customization makes Gentoo users (particularly ricers) feel superior, but in practice, I don't see any advantages. (I've never seen a situation where it made a worthwhile performance boost. There was an interesting thread about this on pgsql-performance a while back.) One major disadvantage is obvious: long compile times. A couple less so: it's harder to reproduce bugs affected by compiler options, and you need a separate scheme for updating systems which can't do the compile themselves.
I used to recompile the kernel with flags for my hardware. Now the system has been modularized, so unless I'm writing kernel code myself, I just use the RedHat vendor kernel which has been extensively QAed. In time, the same thing will happen to userspace binaries with optional dependencies: instead of detecting at configure time that I have support therefore modifying the base package's code, we'll move toward add-in modules that get dlload()ed in to provide the external functional that dependencies are needed for.
Odd... I've never met anyone who was actually fanatical about RedHat. Or even really liked it. It usually comes down to either "we can buy support for it" or "it installs and is hands-off after that." Back when I still used Fedora, I fell into the latter category... tolerating it, because it worked.
RedHat makes a good system, and they make contributions that benefit everyone. That you don't know anyone fanatical about it is not surprising. You're a Gentoo guy who hasn't used any other system in a while, so your sample's pretty skewed. And it's rare for people to get fanatical about the dominant system, particularly people who have an irrational fear of companies with working business models.
But nobody (or not many people) use DNSSEC to encrypt zone transfers, and almost everybody hits a recursive nameserver run by your ISP or perhaps local to your company's network, which means that the end-user is never going to know whether the DNS query they issued returned a signed response or was forged from the authoritative DNS server.
DNSSEC doesn't encrypt anything, just authenticate. And it fits into the DNS design of caching and recursive nameservers - believe your ISP's server will give you something that proves the answer came from the authoritative server at some time less than $TTL seconds ago. Now, I don't remember if your ISP's nameserver has to have special DNSSEC support or not to pass that information to you...probably yes, which is another infrastructure hurdle.
Right now, you have to dig deep into the bowels of BIND to even notice whether a zone has been signed, and there is pretty much zero feedback about that status which propogates back to a client like a web browser or your platform-specific software update mechanism. Until that changes, I don't see DNSSEC doing anything really useful to solve the genuine problems which it might be useful to solve. If all you wanted was a way to encrypt zone transfers, using rsync over SSH is a lot easier to deal with.
I'd take advantage of DNSSEC if the infrastructure were there - including a public key in a DNSSEC-authenticated zone would be a good way to authenticate a host. There are two other ways in common use by the clients you mentioned, and neither is quite satisfactory:
web browsers - they use PKI with trusted third-party roots to verify the site is who it claims to be. Disadvantage: you have to manage that list of trusted third parties, and typically the widely-trusted ones require cash to authenticate a server. Takes time to get the certificate, too.
ssh - it doesn't validate the key initially, unless you do so manually. How many times have you seen this message, and how many times have you actually checked the fingerprint before typing "yes"?
The authenticity of host 'foo' can't be established. RSA key fingerprint is.... Are you sure you want to continue connecting (yes/no)?
subsequent connections from the same client are at least verified against your local known hosts. This would be an excellent candidate for retrofitting - the client could retrieve the key from DNSSEC if it's there, and present you with this message otherwise. Over time, people would become more suspicious on seeing it.
In fact, I just googled for "ssh dnssec" and it looks like someone has already written the code for this.
New protocols could rely on DNSSEC instead, and there are probably other protocols like ssh that could be retrofitted easily.
I'm not holding my breath on the infrastructure, though. It's been a while since I've looked at DNSSEC, but IIRC most of the benefits don't come until it's deployed from the root on down. Until.org uses DNSSEC, I can't really use it for slamb.org. I could manually add slamb.org's key into my client software maybe, but that's really not much better than creating my own root certificate for existing PKI mechanisms.
The only thing that bothers me is the reiserfsck that appears to be doing nothing for about 5s.
The second one? Yeah, that's weird. Simultaneously, the first fsck has finished, and logsave doesn't reap it until that five seconds is up! logsave's so simple that I couldn't understand how that could happen. I downloaded the source, and it must be in this loop:
while (!(waitpid(pid, &status, WNOHANG ))) { do_read(fds[0]); }
So it will try to reap again as soon as do_read returns. These are the only ways I could see do_read being slow to return:
some hardware detection or something has locked your whole system for five seconds, or caused the clock to jump ahead five seconds.
the scheduler's keeping it down - not allowing logsave to run for five full seconds after fsck died. (Maybe fsck closed its stdout/stderr significantly before exiting, logsave was busy-looping for a while, and it got penalized for that? Maybe...there is a CPU spike at that time, though the chart doesn't show what process caused it. but five seconds? that's a long time to be on the runnable queue...and nothing else's running. I don't buy it.)
something other than fsck still has the pipe open...but since fsck/reiserfsck didn't have any more children and has no code for anything weird like transferring its stdout to another process over a UNIX Domain Socket...that seems unlikely, to say the least
it's blocked in send_output, which gets called from do_read. Either on the write to console or (if the destination filesystem was already up before it called fsck, which seems unlikely) to the logfile. (If the destination filesystem wasn't up, it won't try again to open it until after the child's been reaped.) It would have to be the write to console, in fact, or the process's state would be "uninterruptible sleep" rather than normal sleep.
It would be interesting to get stack traces of the logsave and reiserfsck processes during that mysterious five seconds. Is this reproducible? Seems like there are a bunch of ways you could get those, like OProfile or SystemTap, or even just rigging some gstack shell script to run based on bootchart's instrumentation.
Thanks for the correction - an unthinking attempt at hyperbole on my part.
I'll try again - by the time you boot Vista under this emulation, the Sun will have become a red giant, Earth's seas will have boiled away, and its atmosphere will have escaped into space, or at least you'll feel that way... If you were play back a time-lapse of the boot process so that Vista appeared at normal speed, you would look like the villain in Indiana Jones and the Last Crusade after he drank from a false chalice.
More specifically, You can take a virus and run in it a way to compromise the virtual machine without compromising the machine itself. This means your output is not likely to be damaged in any ways as well as you can monitor the activity from a removed setting while maintaining a presence.
Well, that's great, but you can already do that with VMware, Parallels, QEMU, or other virtualization tools. Sure, virtualization requires the same host and guest architecture, but we all have plenty of x86 machines sitting around, and near-native speeds are necessary to actually boot Windows Vista before the sun goes supernova. So while this is neat software, it's not as suitable for malware researchers as what they are already using. The JPC project needs to find a different niche.
Keep in mind when looking at the images on bootchart's webpage that they're two years old. The best boot chart for your system is one you've made yourself. The project's about the tool to make charts, not the sample results.
The "bootchart" tool mentioned in the article looks promising. But it's mostly unlabeled bars. Until they figure out how to correctly identify all the processes running during boot, it's not too helpful.
As another poster said, the article's image was cropped. bootchart generates one line per process, and it tells you what the process is. It's a really nice tool. It's more aimed at distribution developers than end users, of course - silly to recommend to people that they change their whole system's init system without sharing the changes with everyone else. Neat educational exercise, but it'll break every time you download an updated RPM. Why not collaborate to make it last?
The CPU utilization during booting is much higher than I would have expected. That's interesting, and unexpected. For most of the first ten seconds of post-kernel startup, the system is CPU bound, while the disk is idle more than half the time. Where is all that CPU effort going?
I'm not sure since they've cropped it. In the full images, you can drill down more - the bar for each process shows CPU usage over time.
Anyway, you must mean 5-15 seconds after init starts, not 0-5. I want to know what's happening in 0-5. There's no CPU utilization, no disk utilization. That's wasted time! I see the same thing in the two-year-old example on bootchart's webpage, and I would have expected it to be fixed by now. Is it probing hardware or something? Can't it be doing something else in parallel? Surely there's something that doesn't need the full hardware list to run.
That's somewhat correct. BMR is pretty much heat and general housekeeping (replacing old proteins, powering your brain). Excretion doesn't usually come into play because most people who don't have malabsorption syndromes (dysentery, celiac sprue) absorb nearly all their food. TEF isn't pure heat. It's also involved in producing digestive enzymes, muscle contractions that move your food along the digestive tract, etc. It's really not important for all intents and purposes; I just included it for completion.
I'm talking about what energy actually leaves the body. The housekeeping, muscles contractions, and the like are internal and don't qualify, except that the conversion of energy must be less than 100% efficient - the remainder goes into heat, which does leave.
BMR = Basal metabolic rate
This is proportional to the lean body mass, not the BMI (which is a really bad measure of obesity
Hmm...very little about this on wikipedia. You seem knowledgeable - how is the lean body mass defined, and why is basal metabolic rate proportional to it? Where do the mass and energy go?
I'm a solid believer in conversation laws, and I don't really know what it means for someone to have a higher metabolism than someone else. There are only so many ways for mass and energy to leave the body. These are the major ones I can think of:
mass and energy - excretion - even ignoring what you call the TEF, I'm sure different amounts of energy can be absorbed from the food depending on how your digestive system's doing. If you have diarrhea, you're probably getting much less of the energy printed on the label than you would otherwise.
energy - heat
mass - perspiration
energy - mechanical work
It seems like what you describe as "BMR" (60-70%) must be heat and excretion, "PA" (20%) must be heat and mechanical work, and "TEE" (10%) pure heat.
How does heat vary from person to person? Is there some reason that with similar amounts of exercise (i.e., ignoring your 20% PE) and similar surrounding temperatures, two people's heat output would be significantly different? We all maintain roughly the same core temperature, right? I suppose our surface areas and the clothes we wear would affect the efficiency of maintaining that temperature. Are some people inherently more insulated than others? (I suppose fat is more insulating than muscle?) Do some people sweat a lot more, causing more loss? Where do the genetics come into play?
Likewise, are some people's digestive systems inherently more efficient? I.e., do they extract significantly more of the available chemical energy before excreting the rest?
Virtualization is great, but it's not perfect solution here:
Installing a dozen operating systems is a lot of work. It was nice to be able to take advantage of work someone else has already done.
If you use continuous integration tools like buildbot to test after every checkin, it's best to leave the systems running all the time. I don't have enough RAM to have a dozen operating systems running on my machine at once. VMware at least has some ability to be started and stopped programmatically, but that's more work and is obviously slower.
Virtualization tools don't target other architectures, and emulation tools (like QEMU) are generally slow. Not everything is x86.
I used to use SourceForge's Compile Farm (in addition to HP's Test Drive) to test sigsafe. I need to write assembly for the cross-product of supported processors and operating systems. Without the ability to log in, compile, run my automated tests, and use a debugger, I can't support a platform. This decision means I'll have to drop sparc support. It's a shame - I learned a lot from writing assembly for these different platforms.
Slashdot Mirror
That's the party line, but it's wrong. What makes employees mad is being surprised by hearing through unofficial channels of huge pay imbalances. They're rightfully angry that this information has been concealed from them.
I used to work for a hospital that was part of a state university. Like all government-run organizations, everyone there knows what everyone else is paid. Salaries are printed in the local newspaper every year. There's even a searchable website. And yes, some people are paid a lot more than others. Yet somehow, the whole system does not come crashing down. The difference is universal, official disclosure. I sure wouldn't want to be the one guy whose salary everyone knows.
You don't even need to physically modify them to do that. Most wifi access points are also Ethernet switches and NAT-enabled routers, so it's not uncommon for them to have a "radio disabled" mode. You can do it programmatically.
Here's my proposed experiment: set up a computer program that sets the radio to a random state every minute, recording the states into a file for later analysis. Have the wireless access point in one room and the test subject in another, with his clothes (no electronic devices), chair, clipboard, pencil, paper, and clock synchronized in advance to the computer's. Have the test subject [*] know when each interval starts and stops and have them record whether they think the radio is on or off. Arrange the number of trials so that you can achieve 5% significance if the test subject is 75% successful. Try as many combinations of test subject and access point as desired. (Keep in mind, though, that at 5% significance roughly one in twenty will seem to be successful when it's not. So it might not be a bad idea to repeat the "successful" experiments if you try many combinations, in order to achieve greater significance.) You can be in same room as the test subject if you like, or add a video camera, or just go by the clipboard. If you allow anyone in the same room as the access point (seeing the radio status LED) or using a computer, they must not enter the test room, make sounds audible through the wall, or whatever. It's double-blind: no one who knows whether the radio is on or not inteacts with the test subject until after the test subject's observations are recorded, so the test subject can't be know the radio state unless the test is successful.
[*] - or, in the case of the autistic boy, an "interpreter". I'll leave the ethical considerations of a potentially somewhat-painful experiment on a subject who can never give "informed consent" as an exercise to the reader. I admit I'm biased by my near certainty that the experiment would show nothing.
AM is dirt-simple, actually. I looked up this urban legend, and there are a number of people who claim it's true. Keep in mind the classic line that "the plural of anecdote is not data", but they at least provided a semi-plausible theoretical basis for this happening.
I can't say the same for arivanov's claims of detecting low-power 2.4 GHz 802.11[bg] transmissions. I find the idea that several people in his group of friends can do this to be incredible given the prevalence of wifi and lack of other reports, and due to the missing theoretical basis. While I myself know a number of people who find wifi painful, it's more in a metaphorical sense. And while a particular pattern of 2.4 GHz signals can have a dramatic heating effect on water molecules - deadly for living creatures - the effect from wifi would have to be negligible. A typical microwave oven radiates 700 W. A wifi hotspot is restricted to at most 100 mW [*]. So it's not as powerful by four orders of magnitude. What's more, objects in a microwave are maybe a half meter from the transmitter, so they'll get a significant fraction of that 700 W. Flux follows an inverse square law, so the power passing through a small kid three rooms away from the wifi transmitter will be much less than 100 mW. The antenna should be anisotropic, and by design the kid should be in a relatively high-gain region, but...still...much less than 100 mW.
[*] - exact limit varies by regulatory domain, and the restriction may not be on total radiated power. In any case, I think I have the right order of magnitude.
I don't believe you. Extraordinary claims require extraordinary evidence. Show me the results of your double-blind trial. If you personally know "a number of people" who can do this, it should be quite easy to perform. After performing it, you reasonably claim that you have evidence. After getting your study published in a peer-reviewed journal and your results reproduced elsewhere, you can reasonably claim that it is well-known. Until then, stop saying crazy things.
Under what law? IANAL, but I believe making a hopeful statement in a press release is rather different than signing a legal contract. I think it would be poor public relations to overpromise and underdeliver, but illegal? That sounds crazy.
Keep in mind two things: (1) few of those reports are describing exposure solely through food, and (2) pick any food, someone's allergic to it or has some reason to avoid it. My girlfriend has a mild allergy to cilantro and sensitivity to wheat gluten (Celiac disease). My dad tries to avoid sodium because of some genetic disease I hopefully don't have. I know a man who is allergic to garlic, and several who are allergic to peanuts or tree nuts. Many are intolerant to lactose, some to fructose. I've heard of one person who has about five things she can safely eat, none of them flavorful. It would be crazy for the rest of us to avoid all these things just because they are dangerous to a few. Accurate labelling is sufficient for those few to avoid harm - "cochineal extract" is fine. If I have a legitimate problem with "cochineal extract", I'll know what it is.
Is it the FDA's job to tell consumers that one of the listed ingredients is kind of gross? I say not, so the industry's beef with "contains crushed pregnant beetles" is legitimate. Panicking consumers unnecessarily might force the industry to find other, less well-tested dyes. (Or change the color of their food, but that would spook consumers even more.)
By the way, I think the stories about insect parts in canned food are true, even when it's not a deliberate part of the dye. That doesn't bother me as much as the heavy metals, which are proven to be harmful to everyone in sufficient quantity. I used to eat tuna every day for lunch, and now only occasionally because of that. It's otherwise much healthier than beef (my fallback), but what can you do?
Knowing slashdot, I feel obligated to point out that yes, I do realize frank_adrian314159 was probably not expecting anyone to take his suggestion. (And was being facetious about the surge going so well.) Nevertheless, this whole idea that this is how you pitch in is a strange one that I have seen proposed seriously, thus my post.
Maybe due to my left-wing political views, I don't understand this question. You seem to be talking about something entirely different than supporting our troops. It seems like there are several different actions you can take, including
I think that "Server" CD is something your company created. RedHat split RHEL5 into "Server" and "Client" repositories, but CentOS 5 combined them into a single repository, as CentOS 4 did before. So "Server" or "Client" is just a choice of which packages you install.
Where I work, we've created kickstarts for several configurations - development workstations for a couple different teams, basic server, server with RAID. They're minor differences, and in fact I'm switching our configs to be all generated from one file through gpp. As of last night, you can get a CentOS 5 machine by booting our CD, typing workstation-x86_64 name=foo, and waiting half an hour. At some places, you don't even need to put in a CD - you can use pxelinux to boot off the network.
That's not a lesser problem. Citing people improperly is badly enough, but it's a miracle they didn't kill anyone by illegally reducing the yellow time. I'm surprised they got off so lightly. Criminal charges against the responsible parties wouldn't be unreasonable.
I think that's true of all people who claim to have a silver bullet. For example, I'll be impressed when the "eXtreme Programming 100% test coverage, no checkins without a new test passing" crowd actually manage to write a kernel like that, including tests demonstrating complex race conditions and hardware interactions. Until then, I'll achieve maybe 60% test coverage (maybe even integration tests, not unit tests! horror!), I'll consider it good, and I'll assume that people who say otherwise are bragging about writing toy systems.
That doesn't mean they're running it. My MacBook right now says this:
IPv6 auto-assigns link-local addresses, much like the IPv4 169.255.0.0/16 addresses you see when no DHCP is running. I did nothing to set up that "%en1" address, I have never used it, and in fact it can't actually be used anywhere but on that network segment. All this means is that their equipment supports it, which is much more likely than them having upstream IPv6 connectivity and actually learning to use it.
No one uses IPv6. Your other example is equally bogus. The hospital you mentioned is probably just asking for experience with it because someone saw it in a trade magazine, similar to the people who were asking for "10 years Java experience" when Java had only existed outside of Sun for three years. Or because they know a particular person with IPv6 on his/her resumé and have made the job requirements so (s)he will be the only one who matches them. In a university- or government-run institution, that's how you get around the affirmative action people when you want to hire from within. I have seen it happen at a hospital.
You need their support even for 6to4. In one facility, I sent out 6to4 packets to the anycast address (192.88.99.1) and no packets came back. I don't know exactly what happened to the packets, but it works fine on machines elsewhere, but there tcpdump shows proto=ipv6 packets going over my real network interface to 192.88.99.1 and never coming back, so I can't access true IPv6 (non-2002::) sites. Even where the anycast address does work, 6to4 doesn't work over NAT without an alg no one's written or deployed, so you can't just get at your IPv6-only machines by using your hotel or airport's wireless connection, which is inevitably NATted and IPv4-only.
And tunnels? To where? If you have two specific sites you want to connect, sure it will work but so will an IPv4-only tunnel with reserved addresses. If you want to not have to do setup for each address pair, the tunnel would have to go to a host with IPv6 already set up that isn't too slow and is willing to forward all your traffic. Where would that be? The 6bone test network closed down, and even when it was running, their sites were high-latency, high-loss, and inconsistently available.
The problem is the ISPs. Applications are easy to fix - in fact, if you tell me how I could practically take advantage of IPv6, I pledge I will add IPv6 support for every Linux network application I use. I did it for CVS the other day - it took me about half an hour. I think much of the core router equipment has IPv6 support. In fact, some ISPs are even asking for IPv6 support in the DSL routers they bundle to consumers with the service. Not sure why...it's not like they're going to actually flip the switch and turn it on...that's not how they roll. They just like demanding features from their vendors that they'll never actually use. (Disclaimer: I work for one of those vendors. We have all kinds of features that real consumers never see, and it annoys me.)
If you don't like Fedora, don't forget that it's not the only free-as-in-beer RedHat system. My servers run CentOS, which is essentially RHEL recompiled. I don't have "shitpiles of money", but I still use a solid system that RedHat built. The only practical difference is that I don't have a guaranteed support channel. Are you suggesting that I should get that without paying them money? How would RedHat be able to pay the engineers who write so much software? And Ubuntu doesn't have that sort of support - should they be held to a different standard?
You should try a more mainstream distro again. They've anticipated this need, so you don't need to rebuild anything. RedHat-based systems (and I believe SuSE and Debian/Ubuntu as well) all have a build system which extracts debugging symbols from binaries, placing them in -debuginfo packages along with the source code. gdb has been modified to look for debugging info in this location. You can run gstack on a coredump, realize you don't have the right debugging symbols, do a yum install foo-debuginfo, run it again, and get the right information. (And even have list do the right thing.) You can audit exactly how much disk space these packages use with a simple du -sk /usr/lib/debug and remove them without rebuilding. There's more information on the Fedora wiki.
CFLAGS customization makes Gentoo users (particularly ricers) feel superior, but in practice, I don't see any advantages. (I've never seen a situation where it made a worthwhile performance boost. There was an interesting thread about this on pgsql-performance a while back.) One major disadvantage is obvious: long compile times. A couple less so: it's harder to reproduce bugs affected by compiler options, and you need a separate scheme for updating systems which can't do the compile themselves.
I used to recompile the kernel with flags for my hardware. Now the system has been modularized, so unless I'm writing kernel code myself, I just use the RedHat vendor kernel which has been extensively QAed. In time, the same thing will happen to userspace binaries with optional dependencies: instead of detecting at configure time that I have support therefore modifying the base package's code, we'll move toward add-in modules that get dlload()ed in to provide the external functional that dependencies are needed for.
RedHat makes a good system, and they make contributions that benefit everyone. That you don't know anyone fanatical about it is not surprising. You're a Gentoo guy who hasn't used any other system in a while, so your sample's pretty skewed. And it's rare for people to get fanatical about the dominant system, particularly people who have an irrational fear of companies with working business models.
DNSSEC doesn't encrypt anything, just authenticate. And it fits into the DNS design of caching and recursive nameservers - believe your ISP's server will give you something that proves the answer came from the authoritative server at some time less than $TTL seconds ago. Now, I don't remember if your ISP's nameserver has to have special DNSSEC support or not to pass that information to you...probably yes, which is another infrastructure hurdle.
I'd take advantage of DNSSEC if the infrastructure were there - including a public key in a DNSSEC-authenticated zone would be a good way to authenticate a host. There are two other ways in common use by the clients you mentioned, and neither is quite satisfactory:
In fact, I just googled for "ssh dnssec" and it looks like someone has already written the code for this.
New protocols could rely on DNSSEC instead, and there are probably other protocols like ssh that could be retrofitted easily.
I'm not holding my breath on the infrastructure, though. It's been a while since I've looked at DNSSEC, but IIRC most of the benefits don't come until it's deployed from the root on down. Until .org uses DNSSEC, I can't really use it for slamb.org. I could manually add slamb.org's key into my client software maybe, but that's really not much better than creating my own root certificate for existing PKI mechanisms.
The second one? Yeah, that's weird. Simultaneously, the first fsck has finished, and logsave doesn't reap it until that five seconds is up! logsave's so simple that I couldn't understand how that could happen. I downloaded the source, and it must be in this loop:
So it will try to reap again as soon as do_read returns. These are the only ways I could see do_read being slow to return:It would be interesting to get stack traces of the logsave and reiserfsck processes during that mysterious five seconds. Is this reproducible? Seems like there are a bunch of ways you could get those, like OProfile or SystemTap, or even just rigging some gstack shell script to run based on bootchart's instrumentation.
I'll try again - by the time you boot Vista under this emulation, the Sun will have become a red giant, Earth's seas will have boiled away, and its atmosphere will have escaped into space, or at least you'll feel that way... If you were play back a time-lapse of the boot process so that Vista appeared at normal speed, you would look like the villain in Indiana Jones and the Last Crusade after he drank from a false chalice.
Well, that's great, but you can already do that with VMware, Parallels, QEMU, or other virtualization tools. Sure, virtualization requires the same host and guest architecture, but we all have plenty of x86 machines sitting around, and near-native speeds are necessary to actually boot Windows Vista before the sun goes supernova. So while this is neat software, it's not as suitable for malware researchers as what they are already using. The JPC project needs to find a different niche.
Keep in mind when looking at the images on bootchart's webpage that they're two years old. The best boot chart for your system is one you've made yourself. The project's about the tool to make charts, not the sample results.
As another poster said, the article's image was cropped. bootchart generates one line per process, and it tells you what the process is. It's a really nice tool. It's more aimed at distribution developers than end users, of course - silly to recommend to people that they change their whole system's init system without sharing the changes with everyone else. Neat educational exercise, but it'll break every time you download an updated RPM. Why not collaborate to make it last?
I'm not sure since they've cropped it. In the full images, you can drill down more - the bar for each process shows CPU usage over time.
Anyway, you must mean 5-15 seconds after init starts, not 0-5. I want to know what's happening in 0-5. There's no CPU utilization, no disk utilization. That's wasted time! I see the same thing in the two-year-old example on bootchart's webpage, and I would have expected it to be fixed by now. Is it probing hardware or something? Can't it be doing something else in parallel? Surely there's something that doesn't need the full hardware list to run.
I'm talking about what energy actually leaves the body. The housekeeping, muscles contractions, and the like are internal and don't qualify, except that the conversion of energy must be less than 100% efficient - the remainder goes into heat, which does leave.
Hmm...very little about this on wikipedia. You seem knowledgeable - how is the lean body mass defined, and why is basal metabolic rate proportional to it? Where do the mass and energy go?
I'm a solid believer in conversation laws, and I don't really know what it means for someone to have a higher metabolism than someone else. There are only so many ways for mass and energy to leave the body. These are the major ones I can think of:
It seems like what you describe as "BMR" (60-70%) must be heat and excretion, "PA" (20%) must be heat and mechanical work, and "TEE" (10%) pure heat.
How does heat vary from person to person? Is there some reason that with similar amounts of exercise (i.e., ignoring your 20% PE) and similar surrounding temperatures, two people's heat output would be significantly different? We all maintain roughly the same core temperature, right? I suppose our surface areas and the clothes we wear would affect the efficiency of maintaining that temperature. Are some people inherently more insulated than others? (I suppose fat is more insulating than muscle?) Do some people sweat a lot more, causing more loss? Where do the genetics come into play?
Likewise, are some people's digestive systems inherently more efficient? I.e., do they extract significantly more of the available chemical energy before excreting the rest?
I used to use SourceForge's Compile Farm (in addition to HP's Test Drive) to test sigsafe. I need to write assembly for the cross-product of supported processors and operating systems. Without the ability to log in, compile, run my automated tests, and use a debugger, I can't support a platform. This decision means I'll have to drop sparc support. It's a shame - I learned a lot from writing assembly for these different platforms.