I don't see what people's problem is. People keep using outdated tech, just because whole segments of the economy are based on older, less efficient technology.
Nevermind that fuel cells and alternatives cost a fortune these days (in *theory* they shouldn't, but they *do* because it's young tech).
Nevermind that not everyone is willing to scrap hige investments in existing tech.
Nevermind that new technology almost always goes through a phase of unreliability, inefficiency, and debugging.
Nevermind all that -- people should drop everything and change from the tested, reliable, (relatively) cheap, and ubiquitous to the new, experimental, unproven, expensive stuff... because it's better!
...at least about two, very major technical issues:
More technically astute readers may take exception to this idea of private Carnivore boxes since there are ways to isolate ISP traffic and keep one box from seeing all the packets on the ISP network. But at most ISPs, THOSE TECHNIQUES AREN'T USED
Every ISP uses switches. Show me an ISP, let alone a Tier 1 colocation facility, that's using hubs, and I will laugh myself to death. Not only that, but even the smallest ISPs have more than one broadcast domain. Therefore, not every client sees every packet on the network.
"From a network architecture standpoint, the best location for Carnivore is right after the ISP's router"
I'm sorry, I may die laughing from this. The guy thinks Earthlink has "a router"? Let alone AboveNet, Exodus, GlobalCenter... Most decent sized ISPs have tens or hundreds of connections to the internet. There is no one spot that every packet goes through, which is a good thing. Maybe at the smallest dialup POPs, but even if the government could take out every dialup connection, it would hardly count as "shutting down the internet."
This article seems like fearmongering at its least informed, from someone who doesn't understand how ISPs or colocation facilities work. I'm against Carnivore as much as anyone, but let's at least be technically accurate in our paranoia, shall we?
It sounds like a good idea, but it won't work. Here's why:
The adult internet industry is made up primarily of four companies: IEG, CEN, Cyberotica, and iGallery. Those four often work in concert, and cross promote each others' sites. Not coincidentally, they also have the most money.
If there is a.xxx or.sex launched, I can almost guarantee that those four companies will lock up every remotely desirable name (and quite likely be the registrars, too, depending on how that's decided).
Which makes.xxx or.sex really a single brand, not a new TLD. What's the point?
And migration will never happen, because people won't be able to get the same domain names under.xxx without incredible luck (or lots of money). In fact, it will probably open up tons of litigation as people snap up the names of existing adult sites (persiankitty, etc).
With all due respect to Mr. Pike, I think this is a case of old-school mentality. Like when your parents claim that Elvis was the last real music, and complain that that horrible stuff on the radio "isn't really music, it's just a bunch of noise".
Systems software, in the sense of low level API's for controlling disk drives or performing DNS queries, has been solved... it's down to boring implementation and tiny incremental improvements. And I say Hooray for that. Do you want to write that stuff?
But as far as I'm concerned, systems software encompasses everything that supports the top level application. When you look at it that way, there are all sorts of exciting things going on with application servers, Java, object models, and so on.
All of that stuff will be just as critical for tomorrow's applications as the "Read Sector" API.
So I say development of systems software hasn't stagnated or died, it's just moved into new areas and new challenges. Like modern music. And I think that's a good thing.
As for agents knowing the transmission is for them, I would also think that any given agent would only be able to decode messages that were intended for him/her -- otherwise one traitor compromises every single bit of communications.
I wouldn't be surprised if each agent's message was encoded using a different cryptographic technique -- between all the varieties out there, there are a large number of permutations that would make it virtually impossible for one turncoat's information to even help in decoding other messages ("My messages were 3DES512 on top of an eliptic curve, using every forth number mentioned during even seconds").
It's an interesting challenge, but man would it be difficult. For my money, the best hope of solving it is with a leak from inside.
It is definitely different, and I'm one of those nay-sayers who read and loved the article while thinking "ugh, I could never work there." Obviously, they do things the right way, and the only way it can be done in those circumstances. It's also like the difference between the pioneers who moved west in the US, traversing difficult trails, versus modern yuppies who contract a moving company. Both ways work, and the latter is infinitely safer, saner, easier, smoother, and faster -- but it's also less fun. Like Harry Tuttle said, "I got into this business for the excitement and adventure; get in, get out, move on. Now, your entire place could be on fire and I couldn't turn on a tap without filling out a form 27B stroke 6." I, for one, like working on a million things at once, and seeing a ton of stuff grow quickly (with bugs). If I was the kind of perfectionist these people have to be, I'd still be working out the bugs in the BBS system a friend and I wrote in Pascal in 1984. Hmm... I think I'll go apply for a job at writing software for hospitals.
...my solution for europe was to just bring a notebook and digital camera, store pics on the notebook, and use the plentiful net kiosks at train stations to check email and perform system maintenance. Many nicer hotels also have ethernet connections, so in a pinch you could use that approach (and expense it!)
It beat fussing around with compatibility issues every day.
...Microsoft releases a port which is mostly compatible but which adds special, windows-only features... and all the game developers flock to it, thereby making the whole thing moot. Sure, maybe there will be lawsuits, but by the time it's settled, the whole thing will be dead.
Ok, call me a pessimist. I prefer to think that I learn from history.
...I've had mostly good experiences, with only one technical glitch. One of the checks they mailed (yes, they use actual paper and mail it to the payee) was malformed; it had extraneous digits across the bottom, *below* the ABA routing information.
The credit card I was paying sent it through the ABA system, and got it back with a cryptic error message; something like "Invalid draft". They promptly sent me a note saying that they'd revoke my credit card if I bounced another check (!). It took about two months of faxes, xeroxes, letters, and phone calls to convince them that it was not indeed a bounced check.
Other than that, the one thing I'd caution people about is that it makes it more difficult to balance your checkbook. If you've got infinite money in the account, it's perfect. But if you get into scheduling recurring payments or payments a month or two in advance, it's hard to know what your true balance is without finding web access and checking out the pending payments. A minor annoyance, but it does complicate life.
...come on people. I hate Microsoft and Gates as much as anyone, but let's have some degree of accuracy here. It's this wild disregard for truth that gives open source types a bad name. Admittedly, corporate types are just as bad, but it's expected from them. This community claims to be better and then engages in the same sordid spin, distortion, and baldface lies.
So here are the corrections: 1) It's not really a beta of "windows 2001" -- it's Whistler, which will probably be marketed under a name even dorkier than "Windows Me". It's based on Win2K, but will be a consumer oriented release with all sorts of annoying features (http://news.cnet.com/news/0-1006-200-1579963.html )
2) As someone else noted, nobody in their right mind said Win2k had 65,000 "bugs". By Microsoft's count, about 20,000 of the issues are actual bugs, and about 17,000 of those are cosmetic in nature. Even disregarding that, 20,000 is a serious number and makes Microsoft look bad. So why not be accurate?
3) Of course nobody is upgrading production systems to Win2K. Come on -- how many of you upgrade to the latest Linux "stable" kernel within a motnh of its release? On production systems where downtime costs thousands of dollars an hour? Any smart sysadmin stays with what works until there's a compelling reason to switch. You can't blame Win2K for that.
It's only an operating system, folks. Admittedly a fairly crappy one, but it's not actually the antichrist, AIDS, and a stubbed toe rolled into one.
And if you're going to bash it, your words will carry more weight if you at least give a token nod in the general direction of honesty.
I've done a few high volume sites, using a number of different technologies (mod_perl, PHP, ASP). There are unique tips and pitfalls for each one, but there are some design issues that apply to all of them.
Abstract Everything Never build HTML or graphic design right into the code. Use standard include libraries for common things like changing fonts, starting/ending tables, building the body tag, etc. Any kind of frequently used design elements should be programmatically generated from a central location. That way graphic design changes can be made in one place and propagate across the entire site.
Also abstract common database functions, either in include files or by using stored procedures if you're running a real SQL backend. Never put the SQL query right in the code -- I guarantee you'll have multiple copies of it around, and when it comes time to adjust the schema, you'll hate yourself.
Do logging at the app level Your application knows a heck of a lot more about what's going on than the web server does. And if you're running a real database, logging to the database is infinitely more scalable and manageable than having hundreds of flat files sitting on the filesystem somewhere.
Depending on the nature of the application and how you handle privacy concerns, it may make sense to log the username, date and time, pagename, and application state for each pageview. Or any number of other things. Logging in the application is the only way to go.
Have flexible debugging code! Use a central "debug" procedure and call it frequently. Use a querystring value, session value, or something to determine whether "debug" prints the info or keeps quiet; normal users can continue to use the site while developers can get detailed info about what's going on in the app.
If you're brave, you can comment out the calls to debug once you're confident that a section of code is working. I never do, though -- it's a fairly minor performance hit, and it allows customer support reps to provide developers with information on hard to repeat problems.
A good, well written and well reasoned piece. I think I almost entirely agree with it.
And if you look at the comments here, you can already see that its point is being missed (by some at least). Look at the "What? Port AOL to Linux? Never!" posts.
I know there is no one "Linux Community," as people have different ideas about OSes in general and Linux in particular. But reading over the posts here, it's clear that in general, people want it both ways.
1) Everyone should use Linux because it's cool/stable/free/fast/whatever. 2) Linux is *ours*, and we don't want stupid apps like AOL on it.
The reason (well, one of the reasons) Microsoft has been successful is because they studied what consumers want and delivered it. To some degree, anyways.
Before I get flamed as pro-MS, let me rephrase that in a way that hopefully even the most rabid anti-MS types will let slide: At the *very* least, they pretended to care about what consumers want and set about marketing windows as if it met those wants.
But many in the Linux crowd revel in the elitism of an OS that is by and for smart, computer savvy people. And then they don't understand when the masses don't rush to embrace it. That was the whole point of this very good article. As long as that attitude prevails, Linux is going to have a hard time with nontechnical people.
...I manage a few (smaller than yahoo) sites. We've seen a drastic increase in smurf and other packet flood type attacks over the past 6 months or so. You should see my MRTG graph:)
We've seen traffic as high as 40mbps for as long as 5 hours. For a site that averages 2mbps and peaks around 5mbps, that's pretty huge.
Filtering spoofed packets on routers isn't the whole answer, either. All you do when you filter spoofs is confiugure the router not to allow incoming packets that claim to be from inside (obviously enough). If someone sends hundreds of megabits that claim to be coming from *somewhere else* outside, it doesn't help.
I guarantee this has been done...
on
Sex in Space
·
· Score: 2
...nevermind all the comments about the married couple and the various women who've been on the shuttle.
Most astronauts come from the military. And the gay population in the military is far higher than in the general population.
I'd be very surprised if the first sex in space had been heterosexual:)
Slashdot Mirror
I don't see what people's problem is. People keep using outdated tech, just because whole segments of the economy are based on older, less efficient technology.
Nevermind that fuel cells and alternatives cost a fortune these days (in *theory* they shouldn't, but they *do* because it's young tech).
Nevermind that not everyone is willing to scrap hige investments in existing tech.
Nevermind that new technology almost always goes through a phase of unreliability, inefficiency, and debugging.
Nevermind all that -- people should drop everything and change from the tested, reliable, (relatively) cheap, and ubiquitous to the new, experimental, unproven, expensive stuff... because it's better!
This seems like a pretty naive topic, no?
-b
...at least about two, very major technical issues:
More technically astute readers may take exception to this idea of private Carnivore boxes since there are ways to isolate ISP traffic and keep one box from seeing all the packets on the ISP network. But at most ISPs, THOSE TECHNIQUES AREN'T USED
Every ISP uses switches. Show me an ISP, let alone a Tier 1 colocation facility, that's using hubs, and I will laugh myself to death. Not only that, but even the smallest ISPs have more than one broadcast domain. Therefore, not every client sees every packet on the network.
"From a network architecture standpoint, the best location for Carnivore is right after the ISP's router"
I'm sorry, I may die laughing from this. The guy thinks Earthlink has "a router"? Let alone AboveNet, Exodus, GlobalCenter... Most decent sized ISPs have tens or hundreds of connections to the internet. There is no one spot that every packet goes through, which is a good thing. Maybe at the smallest dialup POPs, but even if the government could take out every dialup connection, it would hardly count as "shutting down the internet."
This article seems like fearmongering at its least informed, from someone who doesn't understand how ISPs or colocation facilities work. I'm against Carnivore as much as anyone, but let's at least be technically accurate in our paranoia, shall we?
-b
I was ubterested once... how embarassing.
-b
It sounds like a good idea, but it won't work. Here's why:
.xxx or .sex launched, I can almost guarantee that those four companies will lock up every remotely desirable name (and quite likely be the registrars, too, depending on how that's decided).
.xxx or .sex really a single brand, not a new TLD. What's the point?
.xxx without incredible luck (or lots of money). In fact, it will probably open up tons of litigation as people snap up the names of existing adult sites (persiankitty, etc).
The adult internet industry is made up primarily of four companies: IEG, CEN, Cyberotica, and iGallery. Those four often work in concert, and cross promote each others' sites. Not coincidentally, they also have the most money.
If there is a
Which makes
And migration will never happen, because people won't be able to get the same domain names under
-b
With all due respect to Mr. Pike, I think this is a case of old-school mentality. Like when your parents claim that Elvis was the last real music, and complain that that horrible stuff on the radio "isn't really music, it's just a bunch of noise".
Systems software, in the sense of low level API's for controlling disk drives or performing DNS queries, has been solved... it's down to boring implementation and tiny incremental improvements. And I say Hooray for that. Do you want to write that stuff?
But as far as I'm concerned, systems software encompasses everything that supports the top level application. When you look at it that way, there are all sorts of exciting things going on with application servers, Java, object models, and so on.
All of that stuff will be just as critical for tomorrow's applications as the "Read Sector" API.
So I say development of systems software hasn't stagnated or died, it's just moved into new areas and new challenges. Like modern music. And I think that's a good thing.
-b
An interesting and good post.
As for agents knowing the transmission is for them, I would also think that any given agent would only be able to decode messages that were intended for him/her -- otherwise one traitor compromises every single bit of communications.
I wouldn't be surprised if each agent's message was encoded using a different cryptographic technique -- between all the varieties out there, there are a large number of permutations that would make it virtually impossible for one turncoat's information to even help in decoding other messages ("My messages were 3DES512 on top of an eliptic curve, using every forth number mentioned during even seconds").
It's an interesting challenge, but man would it be difficult. For my money, the best hope of solving it is with a leak from inside.
-b
It is definitely different, and I'm one of those nay-sayers who read and loved the article while thinking "ugh, I could never work there." Obviously, they do things the right way, and the only way it can be done in those circumstances. It's also like the difference between the pioneers who moved west in the US, traversing difficult trails, versus modern yuppies who contract a moving company. Both ways work, and the latter is infinitely safer, saner, easier, smoother, and faster -- but it's also less fun. Like Harry Tuttle said, "I got into this business for the excitement and adventure; get in, get out, move on. Now, your entire place could be on fire and I couldn't turn on a tap without filling out a form 27B stroke 6." I, for one, like working on a million things at once, and seeing a ton of stuff grow quickly (with bugs). If I was the kind of perfectionist these people have to be, I'd still be working out the bugs in the BBS system a friend and I wrote in Pascal in 1984. Hmm... I think I'll go apply for a job at writing software for hospitals.
...my solution for europe was to just bring a notebook and digital camera, store pics on the notebook, and use the plentiful net kiosks at train stations to check email and perform system maintenance. Many nicer hotels also have ethernet connections, so in a pinch you could use that approach (and expense it!)
It beat fussing around with compatibility issues every day.
-b
...Microsoft releases a port which is mostly compatible but which adds special, windows-only features... and all the game developers flock to it, thereby making the whole thing moot. Sure, maybe there will be lawsuits, but by the time it's settled, the whole thing will be dead.
Ok, call me a pessimist. I prefer to think that I learn from history.
-b
...I've had mostly good experiences, with only one technical glitch. One of the checks they mailed (yes, they use actual paper and mail it to the payee) was malformed; it had extraneous digits across the bottom, *below* the ABA routing information.
The credit card I was paying sent it through the ABA system, and got it back with a cryptic error message; something like "Invalid draft". They promptly sent me a note saying that they'd revoke my credit card if I bounced another check (!). It took about two months of faxes, xeroxes, letters, and phone calls to convince them that it was not indeed a bounced check.
Other than that, the one thing I'd caution people about is that it makes it more difficult to balance your checkbook. If you've got infinite money in the account, it's perfect. But if you get into scheduling recurring payments or payments a month or two in advance, it's hard to know what your true balance is without finding web access and checking out the pending payments. A minor annoyance, but it does complicate life.
-b
...come on people. I hate Microsoft and Gates as much as anyone, but let's have some degree of accuracy here. It's this wild disregard for truth that gives open source types a bad name. Admittedly, corporate types are just as bad, but it's expected from them. This community claims to be better and then engages in the same sordid spin, distortion, and baldface lies.
l )
So here are the corrections:
1) It's not really a beta of "windows 2001" -- it's Whistler, which will probably be marketed under a name even dorkier than "Windows Me". It's based on Win2K, but will be a consumer oriented release with all sorts of annoying features (http://news.cnet.com/news/0-1006-200-1579963.htm
2) As someone else noted, nobody in their right mind said Win2k had 65,000 "bugs". By Microsoft's count, about 20,000 of the issues are actual bugs, and about 17,000 of those are cosmetic in nature. Even disregarding that, 20,000 is a serious number and makes Microsoft look bad. So why not be accurate?
3) Of course nobody is upgrading production systems to Win2K. Come on -- how many of you upgrade to the latest Linux "stable" kernel within a motnh of its release? On production systems where downtime costs thousands of dollars an hour? Any smart sysadmin stays with what works until there's a compelling reason to switch. You can't blame Win2K for that.
It's only an operating system, folks. Admittedly a fairly crappy one, but it's not actually the antichrist, AIDS, and a stubbed toe rolled into one.
And if you're going to bash it, your words will carry more weight if you at least give a token nod in the general direction of honesty.
I've done a few high volume sites, using a number of different technologies (mod_perl, PHP, ASP). There are unique tips and pitfalls for each one, but there are some design issues that apply to all of them.
Abstract Everything
Never build HTML or graphic design right into the code. Use standard include libraries for common things like changing fonts, starting/ending tables, building the body tag, etc. Any kind of frequently used design elements should be programmatically generated from a central location. That way graphic design changes can be made in one place and propagate across the entire site.
Also abstract common database functions, either in include files or by using stored procedures if you're running a real SQL backend. Never put the SQL query right in the code -- I guarantee you'll have multiple copies of it around, and when it comes time to adjust the schema, you'll hate yourself.
Do logging at the app level
Your application knows a heck of a lot more about what's going on than the web server does. And if you're running a real database, logging to the database is infinitely more scalable and manageable than having hundreds of flat files sitting on the filesystem somewhere.
Depending on the nature of the application and how you handle privacy concerns, it may make sense to log the username, date and time, pagename, and application state for each pageview. Or any number of other things. Logging in the application is the only way to go.
Have flexible debugging code!
Use a central "debug" procedure and call it frequently. Use a querystring value, session value, or something to determine whether "debug" prints the info or keeps quiet; normal users can continue to use the site while developers can get detailed info about what's going on in the app.
If you're brave, you can comment out the calls to debug once you're confident that a section of code is working. I never do, though -- it's a fairly minor performance hit, and it allows customer support reps to provide developers with information on hard to repeat problems.
That's it for my secrets. Good Luck.
-b
A good, well written and well reasoned piece. I think I almost entirely agree with it.
And if you look at the comments here, you can already see that its point is being missed (by some at least). Look at the "What? Port AOL to Linux? Never!" posts.
I know there is no one "Linux Community," as people have different ideas about OSes in general and Linux in particular. But reading over the posts here, it's clear that in general, people want it both ways.
1) Everyone should use Linux because it's cool/stable/free/fast/whatever.
2) Linux is *ours*, and we don't want stupid apps like AOL on it.
The reason (well, one of the reasons) Microsoft has been successful is because they studied what consumers want and delivered it. To some degree, anyways.
Before I get flamed as pro-MS, let me rephrase that in a way that hopefully even the most rabid anti-MS types will let slide: At the *very* least, they pretended to care about what consumers want and set about marketing windows as if it met those wants.
But many in the Linux crowd revel in the elitism of an OS that is by and for smart, computer savvy people. And then they don't understand when the masses don't rush to embrace it. That was the whole point of this very good article. As long as that attitude prevails, Linux is going to have a hard time with nontechnical people.
-b
Sounds like a good idea. Good luck with it. I'd love to help, but I'm afraid I've got more important things to work on at the moment.
...I manage a few (smaller than yahoo) sites. We've seen a drastic increase in smurf and other packet flood type attacks over the past 6 months or so. You should see my MRTG graph :)
We've seen traffic as high as 40mbps for as long as 5 hours. For a site that averages 2mbps and peaks around 5mbps, that's pretty huge.
Filtering spoofed packets on routers isn't the whole answer, either. All you do when you filter spoofs is confiugure the router not to allow incoming packets that claim to be from inside (obviously enough). If someone sends hundreds of megabits that claim to be coming from *somewhere else* outside, it doesn't help.
...nevermind all the comments about the married couple and the various women who've been on the shuttle.
:)
Most astronauts come from the military. And the gay population in the military is far higher than in the general population.
I'd be very surprised if the first sex in space had been heterosexual