Just because your big valuable database has a large loss potential doesn't mean that you get a worse insurance rate.
The difference is in the amount you pay, not the rate.
The article says that a hacking policy costs about $4,000 for $1,000,000 of coverage per year. That means that if you pay them $4000 a year, and get hacked, costing you 15 billion in revenue, they pay you 1 million. If you get hacked and you loose $1.75 in revenue as a result, you get paid $1.75. If you feel that your losses are likely to be on the order of 1 billion, then you can buy 1 billion dollars of coverage for 4 million a year. That 4 million isn't exact, but will be more or less based on risk factors including but not necessarily limited to operating system choice.
So repeat after me, insurance rates and insurance costs are not the same. Indeed, simply because they have more to loose, a big site is likely to be better protected than a small one. Now, the insurance company can measure this in different, more direct, ways, so they probably don't charge you different rates based on sheer size alone. But just because a site has a lot to loose doesn't change the rate.
I know of one project at the local uni to do realtime monitoring of massive quantities of data. The twofold purpose is to monitor the communications of military personel to guard against accidental leaks, and to aid in identifying copyrighted material.
It more or less comes down to semi-dedicated hardware that can grep at insane speeds. Most of the parts necessary are comercially available (even some GPLed software components), needing just a little bit of glue to tie everything together. The professor heading the project was looking for somebody to help him do the implementation. He described how it works, and claimed that it should be trivially easy. And except for some problems with self-similarity in the data stream (finding "bb gun" in "bbb gun"), it has been. Even so, this problem can be trivially solved by throwing more hardware at it, or by putting just a little bit of effort into the software.
If an undergraduate research assistant can do a damn good job of it with 3 weeks coding and under $10K in hardware, just think about what the NSA could do. I'd rather put my trust into good crypto, rather than the firehose effect.
Some of them gave production of something like
2000/2000/2000 or something. I remember that you couldn't irrigate it or it would wrap around to negative, or something.
I still remember beating the game by starving the rest of the world to death, rather than military conquest. Laying siege to a whole continent is quite entertaining, especially if you convinced them that you had a valid treaty. The AI would just sit there and starve to death.
they're suggesting that they should use Outlook & Exchange
Actually, I think most of the posts are saying that sticking with Outlook/Exchange is better than moving.
Personally, I think that a UNIX mail server (sendmail, or qmail for those nervous about security) with Eudora on the client side is the best choice. MS's mail servers have serious problems with resource use/responsiveness under moderate to heavy loads. The mail server here goes up and down like a yo-yo (probably due to a memory leak in the shiny new MS kerberoes mail authentication). On the other hand, because many people here use pine as their client, I've recieved one email worm (from an external source).
Recently (after yet another Outlook Email virus), a friend asked me what client he should use. He wanted something that would run in windows, and more user-friendly than pine in a telnet session (my initial reccomendation). For people who don't like pine, Eudora is probably the best client out there. It's much more secure than MS's offerings, but a lot easier to use than pine/mutt.
UNIX server with Eudora client is the way to go (of course, if you're 'leet enough for pine...).
I don't know about any particullar ones, but you may even be able to find one that will pay you 2/3 or so the amount owed themselves, in exchange for selling the debt to them.
That is, they will take on all of the risk that the debt won't be settled, and just pay you some fixed portion of it. Collection agencies have a huge absolute advantage on collecting on bad debt. A lot of times all it takes is a letter from the collection agency to convince somebody to pay up. They know about all of the legal options there are to getting your money (liens on property/future income, small claims, whatever), and can do it quickly and cheaply.
If you don't think it's worth a lawyer, contact a collection agency. If nothing else, they should be able to tell you the likelyhood of collecting.
A lot of work went into making the UNIX schedular automagically give programs that are currently interacting with the user get a higher priority. Reducing the latency to an interactive program makes the system seem very snappy, and makes users more happy. A slow boat to china job doesn't need to be given high priority because it's gonna take forever anyway. Letting an interactive job run before it won't hold it up long, especially since most interactive jobs do only 1 or 2 timeslices of work before sleeping on the keyboard again.
In a single-user environment, this can be done well with the focus-boosting MS uses. There is a problem, however, with MS's implementation. The UNIX priority system was designed to make interactive jobs responsive without starving CPU-intensive jobs. MS doesn't do this. Focus boosting is a good idea, but MS's priority scheme is hostile to low-priority jobs. UNIX doesn't have such a thing since a UNIX box is usually multi-user/remote-user, so ID'ing the right process to boost the priority of is more difficult.
Interesting note, but in Win2K, if you set a CPU-intensive job to a high enough priority on a single-CPU system, it will use 100% of that processor's time, without letting ANYTHING else run. Talk about starving low-priority jos.
A brief consultation session would probably cost you very little (if anything), and you might learn about options that you did not know you had.
A decent rule of thumb when shopping for a lawyer is that the good one's don't charge to browse. An initial consultation that's along the lines of "Is there any chance of a happy legal outcome/what can you do for me?" is always free. A good, honest lawyer will hear the basics of your issue, and then tell you that either 1) they can take your case, and the odds are whatever, 2) they won't take the case because the odds blow, and here's why they blow, or 3) they won't take it because they don't feel qualified, but let me call up my friend who specializes/is better at this sort of thing.
And yes, this is the sort of thing where you really should talk to a lawyer. It's a huge burden of your time/money, and you should at least investigate what can be done. And if you have money to spare, then please fight the good fight to keep this sort of thing from becoming the norm. A small amount of favorable precident can go a long way, and the mearest possibility of a successful legal action scares most public institutions shitless. The school district is acting like assholes because they are afriad of getting sued when there is a disaster and somebody gets it in their head that the district didn't do enough and is liable. They need to be more afraid of getting sued for violating student's human rights.
In lecture just this week, a professor was telling us how wonderful the old Sun workstations were. He said that so long as they were running the drives were great, but if you powered them down
and let them cool off, it wouldn't spin up again.
He said that the solution was to pop open your case, take the drive out of its mount but leave it connected. Then power on and hit the drive. Supposedly when the drive got cold the viscosity of the oil was too high for the motor to get it going again. You'd loose a sector or two, but if it wasn't the boot sector or root inode the damage usually wasn't too bad.
Now what does this give us? K&R is all one needs to recreate C. The Schildt books gives us C++. Funny thing, but my BSD 4 manual more or less describes ext2, the schedular, and virtual memory. I have gate-level designs of all of the standard components, and from these, a design of a (simple) CPU between the 2 digital logic books. Javadoc gives us almost everything except the garbage collector (which Ron Cytron upstairs and down the hall could re-write better in his sleep). And of course the dragon book tells us how to write a compiler.
Now, surprise surprise, my office is probably the WORST place to go in the building to get references for recreating CS/CoE. The conference room across the hall has 10 years of IEEE transactions. It has copies of the 1980's/early 90's Motorolla chip specs (some w/circuit diagrams, others with enough that any grad student should be able to rework it). I know of no fewer than 3 copies of The Art of Computer Programming (Knuth) within walking distance. And I'm not even trying.
So, is anybody willing to donate millions of dollars to make sure that the CS dept. is well guarded against terrorist attacks and the rioting populace? 'cause we got everything you need. Seriously, any university worth it's salt has the paper, monetary, and human resources to restart from scratch. A giant expensive bunker is not necessary.
but is it ethical? I mean, is it moral to dump your valuable IP just before being bought up? If the purchasing company values your IP, and you give it away, aren't you cheating your investors?
On the other hand, if you are a little gaming company, and you want to maintain your independence, but don't stand a chance, then this is a very good "escape pod," if you want, if nothing else, to make sure that your products remain available to people who respect the concepts behind them, rather than allowing them to be hidden away by a Goliath who sees only monetary potential.
It could also be a good poison pill. A poison pill (in market talk) is when a company has a plan to do something to make it more difficult for them to be bought up, even though it (usually) results in some harm coming to the company. If nobody has exclusive right to the rights to Marathon, that makes bungie look that much less attractive as a buyout opportunity, and could perhaps be viewed as an attempt to maintain independence.
In either case, it is very cool that they did this, ethics be damned.
My understanding is that gcc does not do as good a job optimizing as some other compilers. Furthermore, even if this stuff did get optimized out, I don't see how it would change the outcome of this comparison.
GCC will get rid of something like that. I've seen it get rid of things a lot more complex, too, simply because they didn't effect the output (although how GCC figured it out is beyond me). That can, however, change the result of the benchmark, since the floating point makes it more compute-intensive rather than IO/mem intensive. Also, if the compilation for Linux and the compiliation for BSD didn't both do the optimization correctly, one would have to do the math and the other wouldn't, skewing the results.
There is a darned good reason why people write almost nothing in assembler any more. It's because optimizing compilers have gotten just as good as doing it by hand in assembly. Usually. If it's a RISC architecture, then the optimizing compiler can probably beat any human into a pulp for a program of any size. If it is a more feature rich instruction set, a human may be able to push enough into hardware that the compiler would miss. Don't bet on it, though.
They all have their strong points, and their weak points. MS's various offerings are easier for people with little experience to use/admin. You can buy excellent support for Solaris. OpenBSD is very secure. NetBSD will run on just about anything.
Both FreeBSD and Linux are attempting to fill the niche of "fast feature-full Unix". FreeBSD (at least by these benchmarks) is a bit better at the fast part, but I think that Linux is more feature-full, and has better commercial support.
It really doesn't matter, anyway. Having two free Unixes that run well on PC hardware is better than just one. If every box out there was a Linux box, when (when, not if) somebody finds a new remote exploit, then everybody would be vulnerable. Similarly, an all-FreeBSD world isn't good either. A mix of different operating systems, all slightly better at their own little tasks, is more robust than a homogeneous environment. It was poor performance compared to NT that spurred many of the improvements in 2.4. It will be a wonderfull thing if 2.6 becomes better because FreeBSD's VM kicked the 2.4 VM's ass. It will also be a wonderful thing if FreeBSD can benifit from friendly competition with Linux (those mail scores seem a bit low. tsk. tsk. tsk.).
Competition and cooperation between the free OS's will lead to better free OS's. Encourage both as much as you can. Just remember that FUD spreading or any other pissing contest is not healthy competition.
True, but then, isn't DirecTV also entitled to broadcast whatever they want? If you just happen to be foolish/1337 enough to be running a hacked card, well, thanks for coming out, better luck next time.
I don't know how it applies to a satilite broadcast, but isn't there an FCC rule along the lines of:
This device complies with part 15 of the FCC rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) This device must accept any intereference received, including intereference that may cause undesired operation.
Certainly their transmission counts as harmful.
DirecTV didn't physically destroy the cards, so I don't think the hackers have any grievance in that respect...
I believe the article clearly states that the cards themselves were likely permanently destroyed
It sounds like a pretty cool escalating technology war though. Reminds me of the thumb in the Hitchhikers Guide.
I wholeheartedly approve of yanking the connection of problem machines. Especially if they are a problem because they were insecure
You really can't blame a person for being attacked, but if the reason they are causing trouble is that they've been rooted, go ahead and pull them. It should be a given that if you don't want your ethernet cable pulled, you don't get cracked. I'd give the person who admins the fallen machine a really hard time about letting them go back on. Remind them in a not so gentle manner that their box needs to be secure, or else network cables have a way of becomeing insecure and falling out...
and any moron can have his shitty unsecured Linux box hosted at a lousy datacenter with a fat pipe to the Internet
Absolutely not true. The people who run the datacenters do not appreciate it when boxen hosted on them get attacked and then used to attack others. The local network admin has made it abundently clear that if there is *any* problem originating from boxen I administer, they are all going to be yanked at the switch (as such I run tight boxes). I get weekly emails reporting other people who got hit, reminding me that Linux is not his problem, and am I sure I don't want to switch to Solaris?
Now, Dave is a bit nasty about it, but he has every right to be. If I fuck up and my boxes get cracked, I make a big headache for him. And if I do fuck up, he is going to give me an impossible time about reconnecting the machines. So would any other self-respecting network admin. Sure, any fool can run an insecure box, but only until they get caught (either by kiddies or an aggressive admin trying to weed out trouble before it starts).
Eventually I wouldn't be surprised if similar policies crept up with DSL providers
Such lawsuits are commonly called SLAPP's, for
Strategic Litigation Against Public Participation.
Common targets for such lawsuits are public interest groups such as the Consumer's Union (the publishers of Consumer Reports).
Some states have anti-SLAPP statutes by which a case can be thrown out simply by demonstrating that it is a SLAPP. I'm pretty sure California has one, but I'm not sure who else. Since corporations have started taking on high-profile organizations like the Consumer's Union, they have gotten more attention, and hopefully more state legislatures will be induced to act.
If you really think that such suits should be illegal, you could perhaps write your state rep (representative for state, not US, legislature). Politicians tend to listen if a large portion of their constituents tell them that they want something, and state government is not as easily corrupted/influenced by big business. If my state rep sold us out, he'd hear about it, given that most of the people he represents live walking distance from his house.
Has the next MS product you plan to buy already been compromised? This I think is where the concern should really lie...
I think the WSJ article mentioned that the breakin happened several months ago. They pointed out that a new version of Outlook and MediaPlayer have both been released in the vulnerable timeframe.
So, forget about the next MS product you buy. How about the one that you have...
There really isn't that much wrong with x86 chips at all. Really.
What is worrysome is the instruction set architecture. Assembler for the x86 is ugly compared to PPC, for example. This is a result of having to be backwards compatable with all of the old x86's.
However, I believe ever since the 486, there has been a lot of hocus pocus going on behind the scenes. The CPU takes this ugly assembler, and generates micro-code. It just translates all of the add, mov, pop, and so on, into some hidden set of assembler instructions which I would bet money resemble what you get with a PPC. The translated instructions then get sent along their merry way to the CPU proper. The CPU proper, then, given this much nicer assembler, does all sorts of fancy things like out of order execution, issuing multiple instructions at a time, and so on.
Now, the biggest problem with this is that most of the fancy reordering and what not has to be done by the CPU. In pure hardware. Therefore, the algorithms they use cannot be too fancy. (Transmeta, BTW, has stepped away from this, and uses signifigently fancier algorithms, but at the cost of eating CPU time to run them). It would be much much better if the instruction set architecture very very closely matched what the CPU itself actually runs. This could be a nightmare for people who want to write on the bare metal. The advantage to that, is that much of the fancy reordering can be done ahead of time by the compiler. Right now, the compiler can try to reorder some, but it is limited to the 'macrocode'. Given more direct access to the microcode, some extrodinarily fancy algorithms can be applied to the code, to give the hardware optimization the best possible chance of keeping the CPU busy.
That's another thing. Much of modern CPU's are composed of hardware that has the sole purpose of keeping the rest of the hardware busy, and much of the design time is spent on this. If you read the Ace's article, he mentions the branch predictor and whatnot. These are CPU components that didn't even exist until after the 486.
Now, about replacing the old x86 ISA. The good news is is that they are taking steps in that direction. The new Intel chip (Itanium, Merced, whatever they're calling it today), is supposed to use a VLIW architecture (very long instruction word). The basis of this is that the CPU is given instructions that are really packets of instructions (sometimes called atoms), which it is supposed to split up, schedule, and branch predict in one large happy bundle. In theory, the compiler has already taken care of most of the reordering, and the CPU doesn't have to worry about it at all. There are exceptions, but it puts a lot of the work on to compiler. The bad news is is that Intel had cold feet about it (I think). So they didn't go quite all the way. A real (IMHO) VLIW chip hardly has to worry about scheduling and branch prediction at all. If the compiler didn't produce machine code that has already taken care of all of that, then it won't run nearly so well. Intel (it seems) has taken a half-way approach. The Itanium will be VLIW, but it won't require that the compilers be quite as stringent as would be optimal. It gives the compiler makers a break, and it means that Intel has an easier time making the Itanium run 'legacy code'. That's right, Itanium runs old-style x86 code in a different mode. Itanium is 64 bit, and old 32 bit code has to be put through the blender to run.
I haven't heard any recent news, but waaay back when Itanium was still Merced, it was said that there would be a performance hit when running 32 bit code, because of the extra translation phase, and because the chip would have to rely on it's hardware optimizer rather than the code being compiled correctly. Itanium is a break, however small, from the old 386 instruction set. It will still run 386 code, but only in a sort of 'emulation mode'. It's own native ISA is probably quite different from the familiar old 386 assembler everything is compiled to today.
A lot of space junk has just been left up there, creating a navigation nightmare, and a hazard for the ISS.
At least the Russians are resposible enought to spend the money to down Mir properly. They are really squeezed, and it says something that they are going to blow a bunch of cash when they don't really _have_ to clean up.
Also, this is one less chance for the producers of those awful voyeristic TV shows. I know a lot of people may have liked Survivor, but I'd rather watch something else, thank you...
I was running a script to test if a benchmark I'm trying to add to a benchmark suite (it's an Ogg-Vorbis encoder, btw) is portable enough yet (nope).
I would have liked to see the output of the later tests. However, the script was already 2 hrs. in and had only done the simplest of 2 out of 5 compiles. When I fix the problems causing the early errors, I'll have to wait about 5 hours to find out that I still need to tweak the code a bit, and then run it again.
The professor I'm working has a different benchmark (prototype MPEG-4 encoder) that he's been itching to try out. He can't find a machine with enough ram/swap to do it. I configured his machine with 2 gig of swap (1/2 gig physical memory), and the benchmark will eat all of it about 3 hours in.
Now, it's true that a home consumer doesn't need a big monster of a machine. But any sort of engineering (cad/cam, flow simulations, circuit simulation, etc) can easily eat any current CPU you throw at it. If you give me a faster CPU, then, yes, I'll be very happy that I don't have to wait 15 min. to do a simple compile. I'll also be very happy that I can do thing foo in a bigass overnight run, that before would have taken too long. Or the guy down the hall will be happy he can go from a design change to a verification simulation in 2 weeks instead of 3, letting him get 33% more done.
There is a very large market for fast workstations in industry and in academia. If you give me a machine that is 50% faster, I can probably promise 33% more productivity, and I can do things that before I wouldn't do, simply because it would take too long. So I get the fastest machine that the department can afford, and next year's equipment budget will go to as much of the same as can be gotten.
It being the watermark. If you have an ideal watermark (it cannot be heard) and an ideal lossy encoder (it dumps everything you can't hear), well, your watermark should go bye bye.
Of course, given that watermarks are far less than perfect (you can hear them) in order to be a bit more robust, you could D-to-A-to-D several distinct copies of the secure music, 'average' them, and then encode. With a sufficiently high number of sufficiently different copies of the music, the watermark will eventually be destroyed. This has the added benefit that the noise from the D-A-D conversion will tend to neither add nor cancel, but the signal will tend to add during the recombination phase, improving quality.
In any case, so long as I can buy my digital music anonymously with cash (at a brick+mortar store), what do I care if the watermark is still there? So the music has a serial number? That doesn't necessarily correlate with anything in the real world.
I also helped admin machines at a public library. Our policy on the internet access terminals had four simple parts:
1) No porn / violence / whatever_offends_the_librarian_who happens_to_look_over on the kiddie machines,
2) Internet use only.
3) If somebody is waiting, there is a 30 min. limit.
4) Kiddies need parental permission.
This worked quite well. #2 was mostly because we didn't have enough copies of productivity software (MS Office) to go around, and was a big hassle to secure (we had enough unauthorized software getting installed with just web browsers allowed anyway). #3 meant that you could check email, research a report, or whatever, and the machines weren't hogged by people addicted to their email. #1 was simple an extension of our already implemented policy of dirty books - they are set off by themselves, and the librarians try to make sure kids don't get into them.
There was no censorware, no usage limit, nothing except some words on paper posted above the machines, and the threat that the little old ladies at the desk would call the big bad janitor to kick you out. It worked quite well, although there was talk of putting very loose censorware on the kiddie machines before I left. The last time censorware was installed, the big boss had it done by the head IT guy, on threat of termination. It lasted under a week, by which time the big boss realized it looks really bad when you have massive staff turnovers (a few people actually quit, it was mostly just threats).
I don't know about other libraries, but every librarian I've talked to has taken that little first amendment thingy to heart. I know it doesn't seem like it sometimes, but there are a lot of institutions that will fight tooth and nail over the silliest little threat to the 1st, and the American Library Association is one of them.
Think about it. There is nothing legally requiring Sun to deal with problems in the order that they are informed about them. There is nothing wrong with Sun implementing a high priority queue, of people who sign NDAs, and a low priority queue, of people who don't.
Taken from the Sun website:
(3) CUSTOMER-DEFINED PRIORITY AND RESPONSE TIME:
When Customer's designated Contact calls for support assistance, Contact will assign a priority rating to the call: URGENT, SERIOUS, or NOT CRITICAL:
URGENT (system unusable) - Live transfer of service request. Personnel arrive at the installation site within an average of two (2) hours of service request for on-site hardware support assistance.
SERIOUS (system seriously impaired) - Callback within an average of two (2) hours of service request. Personnel arrive at the installation site within an average of one (1) business day for on-site hardware support assistance.
NOT CRITICAL - Callback within an average of four (4) hours of service request. Personnel arrive at the installation site within an average of one (1) business day or at a later mutually convenient time for on-site hardware support assistance.
...
(17) SYSTEM AVAILABILITY GUARANTEE: For properly configured, maintained and administered systems, Sun will commit to maintain certain levels of System Availability. System Availability Guarantees require a separate contract addendum which will contain the specific terms of the Guarantee.
This is from the Platinum Warrenty, which is standard with a E10K (what EBay runs). They have a contractual agreement with everybody that they sell such a standard configured E10K to have an average response time on urgent calls, and even on the most minor problems, within an average of one day, if no other time is convienient.
In addition, if your web site is that important to your business, you can have a separate system availability guarantee. If Sun has agreed to provide five 9's, then they get 5 minutes 15 seconds of downtime a year. Even if they only have to provide three 9's, that's still only ~ 8 hours downtime a year.
Sun makes their money by providing very reliable hardware, guaranteeing obscene quantities of uptime, charging an arm and a leg, and then delivering on all of their promises. If they don't deliver, then they will get their asses handed to them in a breach of contract lawsuit. If people agreed to an NDA, it was either Sun doing a very good job of talking fast, or promising better service than what they had contracted for. Any business which had to sign that NDA in order to stay afloat should have invested the extra money in a better warranty agreement, because if your web site is that important to you, you should spend the extra cash to get your uptime guaranteed and contracted.
Business types don't really mind really expensive hardware/service agreements. Those are nice, fixed, predictable costs, especially if you have contracted with a reliable vendor (Sun). What they hate is having to lay out a bunch of money that they didn't plan for, because something unpredictable went wrong, and they didn't have their risks hedged. Hedging other people's risks is Sun's bread and butter.
Slashdot Mirror
Just because your big valuable database has a large loss potential doesn't mean that you get a worse insurance rate.
The difference is in the amount you pay, not the rate.
The article says that a hacking policy costs about $4,000 for $1,000,000 of coverage per year. That means that if you pay them $4000 a year, and get hacked, costing you 15 billion in revenue, they pay you 1 million. If you get hacked and you loose $1.75 in revenue as a result, you get paid $1.75. If you feel that your losses are likely to be on the order of 1 billion, then you can buy 1 billion dollars of coverage for 4 million a year. That 4 million isn't exact, but will be more or less based on risk factors including but not necessarily limited to operating system choice.
So repeat after me, insurance rates and insurance costs are not the same. Indeed, simply because they have more to loose, a big site is likely to be better protected than a small one. Now, the insurance company can measure this in different, more direct, ways, so they probably don't charge you different rates based on sheer size alone. But just because a site has a lot to loose doesn't change the rate.
I know of one project at the local uni to do realtime monitoring of massive quantities of data. The twofold purpose is to monitor the communications of military personel to guard against accidental leaks, and to aid in identifying copyrighted material.
It more or less comes down to semi-dedicated hardware that can grep at insane speeds. Most of the parts necessary are comercially available (even some GPLed software components), needing just a little bit of glue to tie everything together. The professor heading the project was looking for somebody to help him do the implementation. He described how it works, and claimed that it should be trivially easy. And except for some problems with self-similarity in the data stream (finding "bb gun" in "bbb gun"), it has been. Even so, this problem can be trivially solved by throwing more hardware at it, or by putting just a little bit of effort into the software.
If an undergraduate research assistant can do a damn good job of it with 3 weeks coding and under $10K in hardware, just think about what the NSA could do. I'd rather put my trust into good crypto, rather than the firehose effect.
Some of them gave production of something like
2000/2000/2000 or something. I remember that you couldn't irrigate it or it would wrap around to negative, or something.
I still remember beating the game by starving the rest of the world to death, rather than military conquest. Laying siege to a whole continent is quite entertaining, especially if you convinced them that you had a valid treaty. The AI would just sit there and starve to death.
they're suggesting that they should use Outlook & Exchange
Actually, I think most of the posts are saying that sticking with Outlook/Exchange is better than moving.
Personally, I think that a UNIX mail server (sendmail, or qmail for those nervous about security) with Eudora on the client side is the best choice. MS's mail servers have serious problems with resource use/responsiveness under moderate to heavy loads. The mail server here goes up and down like a yo-yo (probably due to a memory leak in the shiny new MS kerberoes mail authentication). On the other hand, because many people here use pine as their client, I've recieved one email worm (from an external source).
Recently (after yet another Outlook Email virus), a friend asked me what client he should use. He wanted something that would run in windows, and more user-friendly than pine in a telnet session (my initial reccomendation). For people who don't like pine, Eudora is probably the best client out there. It's much more secure than MS's offerings, but a lot easier to use than pine/mutt.
UNIX server with Eudora client is the way to go (of course, if you're 'leet enough for pine...).
I don't know about any particullar ones, but you may even be able to find one that will pay you 2/3 or so the amount owed themselves, in exchange for selling the debt to them.
That is, they will take on all of the risk that the debt won't be settled, and just pay you some fixed portion of it. Collection agencies have a huge absolute advantage on collecting on bad debt. A lot of times all it takes is a letter from the collection agency to convince somebody to pay up. They know about all of the legal options there are to getting your money (liens on property/future income, small claims, whatever), and can do it quickly and cheaply.
If you don't think it's worth a lawyer, contact a collection agency. If nothing else, they should be able to tell you the likelyhood of collecting.
A lot of work went into making the UNIX schedular automagically give programs that are currently interacting with the user get a higher priority. Reducing the latency to an interactive program makes the system seem very snappy, and makes users more happy. A slow boat to china job doesn't need to be given high priority because it's gonna take forever anyway. Letting an interactive job run before it won't hold it up long, especially since most interactive jobs do only 1 or 2 timeslices of work before sleeping on the keyboard again.
In a single-user environment, this can be done well with the focus-boosting MS uses. There is a problem, however, with MS's implementation. The UNIX priority system was designed to make interactive jobs responsive without starving CPU-intensive jobs. MS doesn't do this. Focus boosting is a good idea, but MS's priority scheme is hostile to low-priority jobs. UNIX doesn't have such a thing since a UNIX box is usually multi-user/remote-user, so ID'ing the right process to boost the priority of is more difficult.
Interesting note, but in Win2K, if you set a CPU-intensive job to a high enough priority on a single-CPU system, it will use 100% of that processor's time, without letting ANYTHING else run. Talk about starving low-priority jos.
A brief consultation session would probably cost you very little (if anything), and you might learn about options that you did not know you had.
A decent rule of thumb when shopping for a lawyer is that the good one's don't charge to browse. An initial consultation that's along the lines of "Is there any chance of a happy legal outcome/what can you do for me?" is always free. A good, honest lawyer will hear the basics of your issue, and then tell you that either 1) they can take your case, and the odds are whatever, 2) they won't take the case because the odds blow, and here's why they blow, or 3) they won't take it because they don't feel qualified, but let me call up my friend who specializes/is better at this sort of thing.
And yes, this is the sort of thing where you really should talk to a lawyer. It's a huge burden of your time/money, and you should at least investigate what can be done. And if you have money to spare, then please fight the good fight to keep this sort of thing from becoming the norm. A small amount of favorable precident can go a long way, and the mearest possibility of a successful legal action scares most public institutions shitless. The school district is acting like assholes because they are afriad of getting sued when there is a disaster and somebody gets it in their head that the district didn't do enough and is liable. They need to be more afraid of getting sued for violating student's human rights.
In lecture just this week, a professor was telling us how wonderful the old Sun workstations were. He said that so long as they were running the drives were great, but if you powered them down and let them cool off, it wouldn't spin up again.
He said that the solution was to pop open your case, take the drive out of its mount but leave it connected. Then power on and hit the drive. Supposedly when the drive got cold the viscosity of the oil was too high for the motor to get it going again. You'd loose a sector or two, but if it wasn't the boot sector or root inode the damage usually wasn't too bad.
Now what does this give us? K&R is all one needs to recreate C. The Schildt books gives us C++. Funny thing, but my BSD 4 manual more or less describes ext2, the schedular, and virtual memory. I have gate-level designs of all of the standard components, and from these, a design of a (simple) CPU between the 2 digital logic books. Javadoc gives us almost everything except the garbage collector (which Ron Cytron upstairs and down the hall could re-write better in his sleep). And of course the dragon book tells us how to write a compiler.
Now, surprise surprise, my office is probably the WORST place to go in the building to get references for recreating CS/CoE. The conference room across the hall has 10 years of IEEE transactions. It has copies of the 1980's/early 90's Motorolla chip specs (some w/circuit diagrams, others with enough that any grad student should be able to rework it). I know of no fewer than 3 copies of The Art of Computer Programming (Knuth) within walking distance. And I'm not even trying.
So, is anybody willing to donate millions of dollars to make sure that the CS dept. is well guarded against terrorist attacks and the rioting populace? 'cause we got everything you need. Seriously, any university worth it's salt has the paper, monetary, and human resources to restart from scratch. A giant expensive bunker is not necessary.
but is it ethical? I mean, is it moral to dump your valuable IP just before being bought up? If the purchasing company values your IP, and you give it away, aren't you cheating your investors?
On the other hand, if you are a little gaming company, and you want to maintain your independence, but don't stand a chance, then this is a very good "escape pod," if you want, if nothing else, to make sure that your products remain available to people who respect the concepts behind them, rather than allowing them to be hidden away by a Goliath who sees only monetary potential.
It could also be a good poison pill. A poison pill (in market talk) is when a company has a plan to do something to make it more difficult for them to be bought up, even though it (usually) results in some harm coming to the company. If nobody has exclusive right to the rights to Marathon, that makes bungie look that much less attractive as a buyout opportunity, and could perhaps be viewed as an attempt to maintain independence.
In either case, it is very cool that they did this, ethics be damned.
a/s/l?
Automatic Slashdot Looser?
My understanding is that gcc does not do as good a job optimizing as some other compilers. Furthermore, even if this stuff did get optimized out, I don't see how it would change the outcome of this comparison.
GCC will get rid of something like that. I've seen it get rid of things a lot more complex, too, simply because they didn't effect the output (although how GCC figured it out is beyond me). That can, however, change the result of the benchmark, since the floating point makes it more compute-intensive rather than IO/mem intensive. Also, if the compilation for Linux and the compiliation for BSD didn't both do the optimization correctly, one would have to do the math and the other wouldn't, skewing the results.
There is a darned good reason why people write almost nothing in assembler any more. It's because optimizing compilers have gotten just as good as doing it by hand in assembly. Usually. If it's a RISC architecture, then the optimizing compiler can probably beat any human into a pulp for a program of any size. If it is a more feature rich instruction set, a human may be able to push enough into hardware that the compiler would miss. Don't bet on it, though.
They all have their strong points, and their weak points. MS's various offerings are easier for people with little experience to use/admin. You can buy excellent support for Solaris. OpenBSD is very secure. NetBSD will run on just about anything.
Both FreeBSD and Linux are attempting to fill the niche of "fast feature-full Unix". FreeBSD (at least by these benchmarks) is a bit better at the fast part, but I think that Linux is more feature-full, and has better commercial support.
It really doesn't matter, anyway. Having two free Unixes that run well on PC hardware is better than just one. If every box out there was a Linux box, when (when, not if) somebody finds a new remote exploit, then everybody would be vulnerable. Similarly, an all-FreeBSD world isn't good either. A mix of different operating systems, all slightly better at their own little tasks, is more robust than a homogeneous environment. It was poor performance compared to NT that spurred many of the improvements in 2.4. It will be a wonderfull thing if 2.6 becomes better because FreeBSD's VM kicked the 2.4 VM's ass. It will also be a wonderful thing if FreeBSD can benifit from friendly competition with Linux (those mail scores seem a bit low. tsk. tsk. tsk.).
Competition and cooperation between the free OS's will lead to better free OS's. Encourage both as much as you can. Just remember that FUD spreading or any other pissing contest is not healthy competition.
True, but then, isn't DirecTV also entitled to broadcast whatever they want? If you just happen to be foolish/1337 enough to be running a hacked card, well, thanks for coming out, better luck next time.
I don't know how it applies to a satilite broadcast, but isn't there an FCC rule along the lines of:
This device complies with part 15 of the FCC rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) This device must accept any intereference received, including intereference that may cause undesired operation.
Certainly their transmission counts as harmful.
DirecTV didn't physically destroy the cards, so I don't think the hackers have any grievance in that respect...
I believe the article clearly states that the cards themselves were likely permanently destroyed
It sounds like a pretty cool escalating technology war though. Reminds me of the thumb in the Hitchhikers Guide.
I wholeheartedly approve of yanking the connection of problem machines. Especially if they are a problem because they were insecure
You really can't blame a person for being attacked, but if the reason they are causing trouble is that they've been rooted, go ahead and pull them. It should be a given that if you don't want your ethernet cable pulled, you don't get cracked. I'd give the person who admins the fallen machine a really hard time about letting them go back on. Remind them in a not so gentle manner that their box needs to be secure, or else network cables have a way of becomeing insecure and falling out...
and any moron can have his shitty unsecured Linux box hosted at a lousy datacenter with a fat pipe to the Internet
Absolutely not true. The people who run the datacenters do not appreciate it when boxen hosted on them get attacked and then used to attack others. The local network admin has made it abundently clear that if there is *any* problem originating from boxen I administer, they are all going to be yanked at the switch (as such I run tight boxes). I get weekly emails reporting other people who got hit, reminding me that Linux is not his problem, and am I sure I don't want to switch to Solaris?
Now, Dave is a bit nasty about it, but he has every right to be. If I fuck up and my boxes get cracked, I make a big headache for him. And if I do fuck up, he is going to give me an impossible time about reconnecting the machines. So would any other self-respecting network admin. Sure, any fool can run an insecure box, but only until they get caught (either by kiddies or an aggressive admin trying to weed out trouble before it starts).
Eventually I wouldn't be surprised if similar policies crept up with DSL providers
Such lawsuits are commonly called SLAPP's, for Strategic Litigation Against Public Participation. Common targets for such lawsuits are public interest groups such as the Consumer's Union (the publishers of Consumer Reports).
Some states have anti-SLAPP statutes by which a case can be thrown out simply by demonstrating that it is a SLAPP. I'm pretty sure California has one, but I'm not sure who else. Since corporations have started taking on high-profile organizations like the Consumer's Union, they have gotten more attention, and hopefully more state legislatures will be induced to act.
If you really think that such suits should be illegal, you could perhaps write your state rep (representative for state, not US, legislature). Politicians tend to listen if a large portion of their constituents tell them that they want something, and state government is not as easily corrupted/influenced by big business. If my state rep sold us out, he'd hear about it, given that most of the people he represents live walking distance from his house.
Has the next MS product you plan to buy already been compromised? This I think is where the concern should really lie...
I think the WSJ article mentioned that the breakin happened several months ago. They pointed out that a new version of Outlook and MediaPlayer have both been released in the vulnerable timeframe.
So, forget about the next MS product you buy. How about the one that you have...
There really isn't that much wrong with x86 chips at all. Really.
What is worrysome is the instruction set architecture. Assembler for the x86 is ugly compared to PPC, for example. This is a result of having to be backwards compatable with all of the old x86's.
However, I believe ever since the 486, there has been a lot of hocus pocus going on behind the scenes. The CPU takes this ugly assembler, and generates micro-code. It just translates all of the add, mov, pop, and so on, into some hidden set of assembler instructions which I would bet money resemble what you get with a PPC. The translated instructions then get sent along their merry way to the CPU proper. The CPU proper, then, given this much nicer assembler, does all sorts of fancy things like out of order execution, issuing multiple instructions at a time, and so on.
Now, the biggest problem with this is that most of the fancy reordering and what not has to be done by the CPU. In pure hardware. Therefore, the algorithms they use cannot be too fancy. (Transmeta, BTW, has stepped away from this, and uses signifigently fancier algorithms, but at the cost of eating CPU time to run them). It would be much much better if the instruction set architecture very very closely matched what the CPU itself actually runs. This could be a nightmare for people who want to write on the bare metal. The advantage to that, is that much of the fancy reordering can be done ahead of time by the compiler. Right now, the compiler can try to reorder some, but it is limited to the 'macrocode'. Given more direct access to the microcode, some extrodinarily fancy algorithms can be applied to the code, to give the hardware optimization the best possible chance of keeping the CPU busy.
That's another thing. Much of modern CPU's are composed of hardware that has the sole purpose of keeping the rest of the hardware busy, and much of the design time is spent on this. If you read the Ace's article, he mentions the branch predictor and whatnot. These are CPU components that didn't even exist until after the 486.
Now, about replacing the old x86 ISA. The good news is is that they are taking steps in that direction. The new Intel chip (Itanium, Merced, whatever they're calling it today), is supposed to use a VLIW architecture (very long instruction word). The basis of this is that the CPU is given instructions that are really packets of instructions (sometimes called atoms), which it is supposed to split up, schedule, and branch predict in one large happy bundle. In theory, the compiler has already taken care of most of the reordering, and the CPU doesn't have to worry about it at all. There are exceptions, but it puts a lot of the work on to compiler. The bad news is is that Intel had cold feet about it (I think). So they didn't go quite all the way. A real (IMHO) VLIW chip hardly has to worry about scheduling and branch prediction at all. If the compiler didn't produce machine code that has already taken care of all of that, then it won't run nearly so well. Intel (it seems) has taken a half-way approach. The Itanium will be VLIW, but it won't require that the compilers be quite as stringent as would be optimal. It gives the compiler makers a break, and it means that Intel has an easier time making the Itanium run 'legacy code'. That's right, Itanium runs old-style x86 code in a different mode. Itanium is 64 bit, and old 32 bit code has to be put through the blender to run.
I haven't heard any recent news, but waaay back when Itanium was still Merced, it was said that there would be a performance hit when running 32 bit code, because of the extra translation phase, and because the chip would have to rely on it's hardware optimizer rather than the code being compiled correctly. Itanium is a break, however small, from the old 386 instruction set. It will still run 386 code, but only in a sort of 'emulation mode'. It's own native ISA is probably quite different from the familiar old 386 assembler everything is compiled to today.
A lot of space junk has just been left up there, creating a navigation nightmare, and a hazard for the ISS.
At least the Russians are resposible enought to spend the money to down Mir properly. They are really squeezed, and it says something that they are going to blow a bunch of cash when they don't really _have_ to clean up.
Also, this is one less chance for the producers of those awful voyeristic TV shows. I know a lot of people may have liked Survivor, but I'd rather watch something else, thank you...
Right now I'm working on a PIII/700.
I was running a script to test if a benchmark I'm trying to add to a benchmark suite (it's an Ogg-Vorbis encoder, btw) is portable enough yet (nope).
I would have liked to see the output of the later tests. However, the script was already 2 hrs. in and had only done the simplest of 2 out of 5 compiles. When I fix the problems causing the early errors, I'll have to wait about 5 hours to find out that I still need to tweak the code a bit, and then run it again.
The professor I'm working has a different benchmark (prototype MPEG-4 encoder) that he's been itching to try out. He can't find a machine with enough ram/swap to do it. I configured his machine with 2 gig of swap (1/2 gig physical memory), and the benchmark will eat all of it about 3 hours in.
Now, it's true that a home consumer doesn't need a big monster of a machine. But any sort of engineering (cad/cam, flow simulations, circuit simulation, etc) can easily eat any current CPU you throw at it. If you give me a faster CPU, then, yes, I'll be very happy that I don't have to wait 15 min. to do a simple compile. I'll also be very happy that I can do thing foo in a bigass overnight run, that before would have taken too long. Or the guy down the hall will be happy he can go from a design change to a verification simulation in 2 weeks instead of 3, letting him get 33% more done.
There is a very large market for fast workstations in industry and in academia. If you give me a machine that is 50% faster, I can probably promise 33% more productivity, and I can do things that before I wouldn't do, simply because it would take too long. So I get the fastest machine that the department can afford, and next year's equipment budget will go to as much of the same as can be gotten.
It being the watermark. If you have an ideal watermark (it cannot be heard) and an ideal lossy encoder (it dumps everything you can't hear), well, your watermark should go bye bye.
Of course, given that watermarks are far less than perfect (you can hear them) in order to be a bit more robust, you could D-to-A-to-D several distinct copies of the secure music, 'average' them, and then encode. With a sufficiently high number of sufficiently different copies of the music, the watermark will eventually be destroyed. This has the added benefit that the noise from the D-A-D conversion will tend to neither add nor cancel, but the signal will tend to add during the recombination phase, improving quality.
In any case, so long as I can buy my digital music anonymously with cash (at a brick+mortar store), what do I care if the watermark is still there? So the music has a serial number? That doesn't necessarily correlate with anything in the real world.
I also helped admin machines at a public library. Our policy on the internet access terminals had four simple parts:
1) No porn / violence / whatever_offends_the_librarian_who happens_to_look_over on the kiddie machines,
2) Internet use only.
3) If somebody is waiting, there is a 30 min. limit.
4) Kiddies need parental permission.
This worked quite well. #2 was mostly because we didn't have enough copies of productivity software (MS Office) to go around, and was a big hassle to secure (we had enough unauthorized software getting installed with just web browsers allowed anyway). #3 meant that you could check email, research a report, or whatever, and the machines weren't hogged by people addicted to their email. #1 was simple an extension of our already implemented policy of dirty books - they are set off by themselves, and the librarians try to make sure kids don't get into them.
There was no censorware, no usage limit, nothing except some words on paper posted above the machines, and the threat that the little old ladies at the desk would call the big bad janitor to kick you out. It worked quite well, although there was talk of putting very loose censorware on the kiddie machines before I left. The last time censorware was installed, the big boss had it done by the head IT guy, on threat of termination. It lasted under a week, by which time the big boss realized it looks really bad when you have massive staff turnovers (a few people actually quit, it was mostly just threats).
I don't know about other libraries, but every librarian I've talked to has taken that little first amendment thingy to heart. I know it doesn't seem like it sometimes, but there are a lot of institutions that will fight tooth and nail over the silliest little threat to the 1st, and the American Library Association is one of them.
Sun's are a bitch to get back up.
M$ products may go down a lot, but usually getting them running again isn't a problem.
Sun's almost never go down, but when they go down you can bet your ass that it'll be a pain to fix it.
Taken from the Sun website:
This is from the Platinum Warrenty, which is standard with a E10K (what EBay runs). They have a contractual agreement with everybody that they sell such a standard configured E10K to have an average response time on urgent calls, and even on the most minor problems, within an average of one day, if no other time is convienient.
In addition, if your web site is that important to your business, you can have a separate system availability guarantee. If Sun has agreed to provide five 9's, then they get 5 minutes 15 seconds of downtime a year. Even if they only have to provide three 9's, that's still only ~ 8 hours downtime a year.
Sun makes their money by providing very reliable hardware, guaranteeing obscene quantities of uptime, charging an arm and a leg, and then delivering on all of their promises. If they don't deliver, then they will get their asses handed to them in a breach of contract lawsuit. If people agreed to an NDA, it was either Sun doing a very good job of talking fast, or promising better service than what they had contracted for. Any business which had to sign that NDA in order to stay afloat should have invested the extra money in a better warranty agreement, because if your web site is that important to you, you should spend the extra cash to get your uptime guaranteed and contracted.
Business types don't really mind really expensive hardware/service agreements. Those are nice, fixed, predictable costs, especially if you have contracted with a reliable vendor (Sun). What they hate is having to lay out a bunch of money that they didn't plan for, because something unpredictable went wrong, and they didn't have their risks hedged. Hedging other people's risks is Sun's bread and butter.