>>* Unbuffered queries > Sounds like a cursor. It's as buffered as you want it to be.
Sounds promising - thanks. Unfortunately, it doesn't seem as though php supports cursors yet.. Though there are indications that the 'dbx' facility in php5-cvs may make use of it. (sorry, should probably have mentioned php earlier).
>> * MYSQL's optimised count() function. > When I've needed this, I've just determined the > count in a more optimized way.
Any hints would be welcome. Unfortunately, I can't _easily_ maintain an internal counter anywhere (many threads adding and removing data from a table - usually a couple of thousand additions a minute, and one big removal every 24 hours.. but it varies), and I need a reasonably accurate total count.
>> * Insert LOW_PRIORITY > I have no idea what this could mean.
Internal mysql stuff that deprioritises inserts in favor of selects. Based on the fact that pg does row-level locking (as opposed to table locking), this isn't really an issue I suspect.
>> * phpmyadmin > Have you compiled a list of what's required to > make it acceptable for you?
Yup. It's a low priority item though - it wouldn't stop me from migrating.
>> * mysqldiff > That sounds rather seductive, but not terribly > useful.
We're in a situation where it's difficult to know any installations DB 'state' (ie: Whether a particular table exists or not, if it has the correct fields). Our options are to either: * Maintain a 'upgrade script' for each and every version released, and cycle through each of them (from installed to current), or * Use the script, and automagically convert the installed DB to the most recent version.
At the moment, the second option makes things NICE and simple.
> This does seem like a nice tool to get such a > script started, though.
Absolutely.:) The actual prog is called 'sqlupdate' - Link here for those that are interested: http://bisqwit.iki.fi/source/sqlupdate.html
> why would anyone chose MySQL over PostgreSQL if they had to pay for it?
Good question. At the moment, the things that are keeping me from switching over, are: * Unbuffered queries
- When you're returning a result set that might be (literally!) gigabytes in size, storing the results in RAM is unfortunately, not an option.
* MYSQL's optimised count() function.
- "Select Count(*) from table" is very fast on mysql due to internal jiggery-pokery. Postgres is a touch slower unfortunately.
* Insert LOW_PRIORITY - No equivalent in PG
* phpmyadmin
- phppgadmin is nice, but still missing a few nice things (renaming table fields, or changing data types, for example)
* mysqldiff
- An application that takes one database structure, compares it against the current database structure, and outputs the SQL statements required to 'upgrade' the current DB structure to the 'new' DB structure.
A few of these are enough for me to stick with MySQL at the moment, even at a reasonable price.
If you're a little more in touch with PG than I am, and any of the above are no longer valid, please let me know!
If you were a new computer user I'd suggest trying gnome. Of the several computer newbies I've introduced to Linux thus far, Gnome seems to be 'easier' for them to get around.
Although both the Gnome and KDE teams seem to be equally interested in usability, Gnome has been lucky enough to snare some external companies who put a fair bit of time, money and effort into the task (most notably, Sun & Redhat).
As you're a XP user though, I suspect KDE might be closer to what you're used to, and might be worth trying first. Perhaps, grab knoppix (which is KDE), and have a play.
Just a thought, what about a combination of this, and those plastic '3d simulating' gimicks that you quite often see in snack-foot packs (ie: The ones that show a slightly different picture depending on what angle you view them from).
I suspect that the computational/camera requirements for this sort of thing would be prohibitive at the moment, but maybe down the track, with quantum dot photoreceptors, and laser emitters, there may be options..
I've heard from some inside sources that Apple are looking to adopt something very similar to Solaris BSM auditing for OSX.
This doesn't help you much at the moment, but maybe sometime down the track, this may help you diagnose what was changed on your system.. (Subject, of course, to your logs being pushed off the compromised system as soon as they're generated, and maybe the attacker not noticing the auditing capability).
You may want to consider establishing a basic auditing policy, to back up any access controls you put in place.
Depending on what operating system you are using, you could turn on execve / set*id auditing. This functionality is available in a variety of unix implementations (BSM for Solaris, Snare for Linux,/dev/audit for AIX, Irix, Unicos, etc.).
Alternatively, many OSs provide 'sulog' or equivalent.
Note though, that auditing root suers is an inherently risky process, as a root user can cover their tracks quite easily by removing audit log data; as such, you might want to consider real-time forwarding of audit data to a central server, getting it off the host machine, and away from the administrative influence of the root-level user. For basic log files, this is effectively a tail -f | send across the network. For OS-level auditing, it's generally a little more complex.
Red.
Re:Relocation would be nice...
on
Koalas Gone Wild
·
· Score: 2, Interesting
Relocation would be nice...
on
Koalas Gone Wild
·
· Score: 2, Informative
.. though I'm not sure it would be particularly cost-effective.
Here in Canberra, we recently had some fairly significant bushfires (Brushfires to US readers.. though I agree with a slashdot poster of a few months back, who thought that brushfire sounded like a problem caused by overactive grooming...).
As part of the fires, one of our wonderful nature parks ( Tidbinbilla) has lost all but one of their Koalas. Now that leaves are starting to come back onto the trees once more, it might be a good time to try and acquire some more koalas.. This would seem to be an ideal opportunity to bring back a koala population into the area.
I suspect though, that the costs might be somewhat prohibitive, and I'm not really sure about territorial habits of Koalas, so there might be other factors that would make transferrel difficult.
It's a little like using a tactical nuke to take out a mosquito, but turning on Windows auditing, and using something like 'Snare for Windows' to set file auditing, would probably accomplish the task. (Disclaimer: Snare developer).
Slightly more realistically, there are a few tripwire derivitives that may be of some use to you - though these often require a fair bit of administrative overhead, so probably are not appropriate for a parental PC.
But perhaps the easiest way is to use the windows 'search' utility - it will tell you which files have been modified in the last (x) days. Alternatively, there's a port of the unix 'find' command available (both under cygwin, and native). Note though that if the trojan/virus modifies the mtime back to original state, these approaches are not too useful.
Nice in theory. I've been following plex86 off-and-on for many years, but the project hasn't done much since mid 2002.
It was taken over by someone else, and did actually release some stuff in mid 2003, but seems to have died again since then. However, a bit of the plex86 technology seems to be migrating into Bochs.
I have a P3-700 box that currently has three Linux, a Win2k, a WinXP and a Win2003 partition running under VMWare.
Heck of a lot nicer than having to worry about the noise, heat and space requirements for the 6 physical systems I would require.
May be worth considering.. Disk space can be managed reasonably well, and as I am only actively using one (or perhaps two) systems at any one moment in time, each box claws it's way out of swap into real-memory pretty quickly and provides pretty reasonable interactive performance.
I'd have to agree here. One particular agency (which I think you're a part of, based on your comments:) was recommended websphere by their outsourcer, when an overwhelming majority of the developers had experience with another platform.
I remember commenting at the time, that although the solution was probably in the best interests of the outsourcer, it was probably not in the best interests of the agency (despite the fact that it used an open source component).
* Department of Veterans Affairs: Ditched a bunch of NT4 file servers for a big samba box running on an existing s390 machine. * Northern Territory Department of Education: Open Source focussed for many years. * NSW Department of Transport: Moving down the open source (particularly, open-office) path. * Aust Department of Defence: LOTS of open source here, regardless of lack of any official position om the issue. * About a dozen other government departments: Using open source security auditing agents (Snare, Snort) to comply with national security requirements. * ACT open-source legislation will probably mean a heightened open-source focus for the ACT government IT provider, InTACT. * Several small DB projects in quite a few agencies, using postgres/mysql. * Websphere (which has a apache backend) being used in a bunch of organisations, including the DVA. * many more examples...
However, I'm not certain that the ATO are converting just yet, they're just not excluding it any more (ie: Allowing prospective bidders to NOT take into account the current (windows) SOE when developing proposals). I also suspect that the tax records will not be affected by this change - from memory, they're on a bunch of big-iron machines.
Probably a little out of your way, but I've heard that Wollongong University in Australia has a computer security degree that allows a specialisation in forensics.
The Internet Top 100 SF/Fantasy List: http://www.geocities.com/Area51/Cavern/6113 /top100.html
I'm currently working my way through this list. One or two of the authors are a bit hard to find, but trawling the 2nd-hand book shops nets quite a few of the more 'specialist' books.
.. who works in the office of hearing services for the Dept of health here in Australia:
There are two 'components' to a cochlear implant - generally characterised as 'the outside bits' and 'the inside bits'.
The outside bits are changed on a moderately regular basis as technology improves. The inside bits (which are implanted), obviously don't get changed all that much.
Her recommendation is to choose the technology that makes it easiest (and cheapest) to change the outside bits - as although there are minimal technical differences between the two options at the moment, if one is much easier to 'upgrade' than the other, you'll get much better service long term on that one.
Dunno about you.. but there's something wierd about the concept of booking your mum in for an upgrade...;)
My friend recommends having a look at the web site of the Australian National Acoustics Labs. They're a research arm of Australian Neuroservices, and have a fair bit of info on this sort of stuff.
The mythtv crew are looking at tivo-like functionality for radio.. Not sure it's exactly what you're after, and I suspect it won't be around for a while.. but it might be a useful starting point for your research:
Google for 'mythradio'. Here's a starter-link: http://mythtv.org/pipermail/mythtv- dev/2002-Octobe r/000753.html
About 1600 Australian, which probably equates to about five bucks US.;)
For this I probably could have got a dozen VCR's, or a few tivo's (taking into account the PAL conversion costs)... but this gives the significant other a fully functional computer for 90% of her computer requirements, plus tivo-like functionality, plus all the other stuff that mythtv brings into the mix.
I overspecced the machine a bit I think. I suspect 256meg would be adequate, a DVD burner is not a requirement, and I also suspect that the Athlon speed can go down a notch or two - so somewhere around $1,200 is probably reasonable for a basic setup using the same core components.
Slashdot Mirror
Excellent! Much appreciated.
Red.
>>* Unbuffered queries
:) The actual prog is called 'sqlupdate' - Link here for those that are interested: http://bisqwit.iki.fi/source/sqlupdate.html
> Sounds like a cursor. It's as buffered as you want it to be.
Sounds promising - thanks. Unfortunately, it doesn't seem as though php supports cursors yet.. Though there are indications that the 'dbx' facility in php5-cvs may make use of it. (sorry, should probably have mentioned php earlier).
>> * MYSQL's optimised count() function.
> When I've needed this, I've just determined the
> count in a more optimized way.
Any hints would be welcome. Unfortunately, I can't _easily_ maintain an internal counter anywhere (many threads adding and removing data from a table - usually a couple of thousand additions a minute, and one big removal every 24 hours.. but it varies), and I need a reasonably accurate total count.
>> * Insert LOW_PRIORITY
> I have no idea what this could mean.
Internal mysql stuff that deprioritises inserts in favor of selects. Based on the fact that pg does row-level locking (as opposed to table locking), this isn't really an issue I suspect.
>> * phpmyadmin
> Have you compiled a list of what's required to
> make it acceptable for you?
Yup. It's a low priority item though - it wouldn't stop me from migrating.
>> * mysqldiff
> That sounds rather seductive, but not terribly
> useful.
We're in a situation where it's difficult to know any installations DB 'state' (ie: Whether a particular table exists or not, if it has the correct fields). Our options are to either:
* Maintain a 'upgrade script' for each and every version released, and cycle through each of them (from installed to current), or
* Use the script, and automagically convert the installed DB to the most recent version.
At the moment, the second option makes things NICE and simple.
> This does seem like a nice tool to get such a
> script started, though.
Absolutely.
Thanks,
Red.
> why would anyone chose MySQL over PostgreSQL if they had to pay for it?
Good question. At the moment, the things that are keeping me from switching over, are:
* Unbuffered queries
- When you're returning a result set that might be (literally!) gigabytes in size, storing the results in RAM is unfortunately, not an option.
* MYSQL's optimised count() function.
- "Select Count(*) from table" is very fast on mysql due to internal jiggery-pokery. Postgres is a touch slower unfortunately.
* Insert LOW_PRIORITY
- No equivalent in PG
* phpmyadmin
- phppgadmin is nice, but still missing a few nice things (renaming table fields, or changing data types, for example)
* mysqldiff
- An application that takes one database structure, compares it against the current database structure, and outputs the SQL statements required to 'upgrade' the current DB structure to the 'new' DB structure.
A few of these are enough for me to stick with MySQL at the moment, even at a reasonable price.
If you're a little more in touch with PG than I am, and any of the above are no longer valid, please let me know!
Red.
Caveat: I'm primarlly a gnome user.
If you were a new computer user I'd suggest trying gnome. Of the several computer newbies I've introduced to Linux thus far, Gnome seems to be 'easier' for them to get around.
Although both the Gnome and KDE teams seem to be equally interested in usability, Gnome has been lucky enough to snare some external companies who put a fair bit of time, money and effort into the task (most notably, Sun & Redhat).
As you're a XP user though, I suspect KDE might be closer to what you're used to, and might be worth trying first. Perhaps, grab knoppix (which is KDE), and have a play.
Red.
Just a thought, what about a combination of this, and those plastic '3d simulating' gimicks that you quite often see in snack-foot packs (ie: The ones that show a slightly different picture depending on what angle you view them from).
I suspect that the computational/camera requirements for this sort of thing would be prohibitive at the moment, but maybe down the track, with quantum dot photoreceptors, and laser emitters, there may be options..
Red.
I've heard from some inside sources that Apple are looking to adopt something very similar to Solaris BSM auditing for OSX.
This doesn't help you much at the moment, but maybe sometime down the track, this may help you diagnose what was changed on your system.. (Subject, of course, to your logs being pushed off the compromised system as soon as they're generated, and maybe the attacker not noticing the auditing capability).
Red.
You may want to consider establishing a basic auditing policy, to back up any access controls you put in place.
/dev/audit for AIX, Irix, Unicos, etc.).
Depending on what operating system you are using, you could turn on execve / set*id auditing. This functionality is available in a variety of unix implementations (BSM for Solaris, Snare for Linux,
Alternatively, many OSs provide 'sulog' or equivalent.
Note though, that auditing root suers is an inherently risky process, as a root user can cover their tracks quite easily by removing audit log data; as such, you might want to consider real-time forwarding of audit data to a central server, getting it off the host machine, and away from the administrative influence of the root-level user. For basic log files, this is effectively a tail -f | send across the network. For OS-level auditing, it's generally a little more complex.
Red.
Here's a picture of 'lucky' by the way: Here
Here in Canberra, we recently had some fairly significant bushfires (Brushfires to US readers.. though I agree with a slashdot poster of a few months back, who thought that brushfire sounded like a problem caused by overactive grooming...).
As part of the fires, one of our wonderful nature parks ( Tidbinbilla) has lost all but one of their Koalas. Now that leaves are starting to come back onto the trees once more, it might be a good time to try and acquire some more koalas.. This would seem to be an ideal opportunity to bring back a koala population into the area.
I suspect though, that the costs might be somewhat prohibitive, and I'm not really sure about territorial habits of Koalas, so there might be other factors that would make transferrel difficult.
Red.
It's a little like using a tactical nuke to take out a mosquito, but turning on Windows auditing, and using something like 'Snare for Windows' to set file auditing, would probably accomplish the task. (Disclaimer: Snare developer).
Slightly more realistically, there are a few tripwire derivitives that may be of some use to you - though these often require a fair bit of administrative overhead, so probably are not appropriate for a parental PC.
But perhaps the easiest way is to use the windows 'search' utility - it will tell you which files have been modified in the last (x) days. Alternatively, there's a port of the unix 'find' command available (both under cygwin, and native). Note though that if the trojan/virus modifies the mtime back to original state, these approaches are not too useful.
Red.
Nice in theory. I've been following plex86 off-and-on for many years, but the project hasn't done much since mid 2002.
It was taken over by someone else, and did actually release some stuff in mid 2003, but seems to have died again since then. However, a bit of the plex86 technology seems to be migrating into Bochs.
Red.
.. also keep in mind that bochs is getting better every day. (bochs.sourceforge.net)
Red.
I have a P3-700 box that currently has three Linux, a Win2k, a WinXP and a Win2003 partition running under VMWare.
Heck of a lot nicer than having to worry about the noise, heat and space requirements for the 6 physical systems I would require.
May be worth considering.. Disk space can be managed reasonably well, and as I am only actively using one (or perhaps two) systems at any one moment in time, each box claws it's way out of swap into real-memory pretty quickly and provides pretty reasonable interactive performance.
Red.
Woohoo.. interplanetary takeover. If 'News limited' can have their own satellites, so can we.
Slashdot, your official lunar news source.
egrep "^[kdegnom]+$"
Some interesting ones:
doomed
ego
omen
However, on a more positive note:
mono (hmm!)
needed
mend
edge
good
keen
Red.
Or, based on the fact that this project is an offspring of freeswan, should that be "Cygnet style" ? ;) ... ok, back in my box.
Red.
Oh I think that's a bit harsh - my budgie (parakeet) is extremely happy with his copy of Caldera Openlinux 2.2-N.
The back of the CD functions extremely well as a mirror.
Red.
I'd have to agree here. One particular agency (which I think you're a part of, based on your comments :) was recommended websphere by their outsourcer, when an overwhelming majority of the developers had experience with another platform.
I remember commenting at the time, that although the solution was probably in the best interests of the outsourcer, it was probably not in the best interests of the agency (despite the fact that it used an open source component).
We have..
* Department of Veterans Affairs: Ditched a bunch of NT4 file servers for a big samba box running on an existing s390 machine.
* Northern Territory Department of Education: Open Source focussed for many years.
* NSW Department of Transport: Moving down the open source (particularly, open-office) path.
* Aust Department of Defence: LOTS of open source here, regardless of lack of any official position om the issue.
* About a dozen other government departments: Using open source security auditing agents (Snare, Snort) to comply with national security requirements.
* ACT open-source legislation will probably mean a heightened open-source focus for the ACT government IT provider, InTACT.
* Several small DB projects in quite a few agencies, using postgres/mysql.
* Websphere (which has a apache backend) being used in a bunch of organisations, including the DVA.
* many more examples...
However, I'm not certain that the ATO are converting just yet, they're just not excluding it any more (ie: Allowing prospective bidders to NOT take into account the current (windows) SOE when developing proposals). I also suspect that the tax records will not be affected by this change - from memory, they're on a bunch of big-iron machines.
Red.
Probably a little out of your way, but I've heard that Wollongong University in Australia has a computer security degree that allows a specialisation in forensics.
The Internet Top 100 SF/Fantasy List:3 /top100 .html
http://www.geocities.com/Area51/Cavern/611
I'm currently working my way through this list. One or two of the authors are a bit hard to find, but trawling the 2nd-hand book shops nets quite a few of the more 'specialist' books.
Red.
.. who works in the office of hearing services for the Dept of health here in Australia:
;)
There are two 'components' to a cochlear implant - generally characterised as 'the outside bits' and 'the inside bits'.
The outside bits are changed on a moderately regular basis as technology improves. The inside bits (which are implanted), obviously don't get changed all that much.
Her recommendation is to choose the technology that makes it easiest (and cheapest) to change the outside bits - as although there are minimal technical differences between the two options at the moment, if one is much easier to 'upgrade' than the other, you'll get much better service long term on that one.
Dunno about you.. but there's something wierd about the concept of booking your mum in for an upgrade...
My friend recommends having a look at the web site of the Australian National Acoustics Labs. They're a research arm of Australian Neuroservices, and have a fair bit of info on this sort of stuff.
Red.
The mythtv crew are looking at tivo-like functionality for radio.. Not sure it's exactly what you're after, and I suspect it won't be around for a while.. but it might be a useful starting point for your research:
- dev/2002-Octobe r/000753.html
Google for 'mythradio'. Here's a starter-link:
http://mythtv.org/pipermail/mythtv
About 1600 Australian, which probably equates to about five bucks US. ;)
For this I probably could have got a dozen VCR's, or a few tivo's (taking into account the PAL conversion costs)... but this gives the significant other a fully functional computer for 90% of her computer requirements, plus tivo-like functionality, plus all the other stuff that mythtv brings into the mix.
I overspecced the machine a bit I think. I suspect 256meg would be adequate, a DVD burner is not a requirement, and I also suspect that the Athlon speed can go down a notch or two - so somewhere around $1,200 is probably reasonable for a basic setup using the same core components.
Red.
Mine did (ie: with my hauppauge pvr350 tuner card).
It worked pretty-much out of the box, and the technophobe grandparents are having no problems with mythtv + the remote control.