We're sorry to hear you've experienced issues with the malware/penetration attempts coming from Amazon cloud computing servers.
The symptoms you've reported are consistent with malicious software (malware), such as a virus or spyware, installed on your computer. If your computer has been infected with this type of software, it can replace images in the Amazon.com advertisement slots or generate pop-up ads with images that are not intentionally inserted by Amazon or our advertising partners.
followed by a bunch of stuff relevant to delousing Windows desktops...
I'm seeing attempts to access a bunch of non-existent but suspicious files on my server (most recent at 12:32 EST today)
mydomain.com/
install.txt , cart, zencart, zen-cart, zen, shop, bulk, zcart, shop2, catalog, mobile, iphone, mobi, m, boutique, cart, store
None of these things exist on my server, and it -might be the case- that a legitimate web crawler would look for mobile web customizations in mobile, mobi, iphone or even m, the rest of these make absolutely no sense for anything other than nefarious purposes...
I'm also seeing attacks against
phpMyAdmin, phpmyadmin, mysql, ok.txt
(There are some significant advantages to running a "dumb" webserver without ASP, PHP, JSP, etc:-)
I need to figure out a way to have a 'blacklist file', such that any attempt to access these files adds the requester to a blacklist.
Well, I think there is a difference (albeit a bit fuzzy at times) between the kinds of things I've done for my career, most of it very large scale embedded, some real-time, some safety-critical, and what we used to call "Management Information Systems" and now seem to call "IT". The skill set is a bit different, the tools are most certainly different, the engineering and deployment characteristics are different.
In particular, what bothers me is when people hear I do software development, assume "he's an IT guy" and then "can you fix my computer?" My answer to that is usually, "No, go buy a Mac. I don't do Windows." (I don't mean to start the Mac vs Windows debate, but I will point out that most of my development experience has been on Unix systems, and one reason I like Macs is that I can load the developer tools, pop open a shell, launch Emacs - Aquamacs is an amazing port to the Mac - and be back in my developer comfort zone.)
Oh, and my current job title is "Chief Software Architect", although I do not draw any distinction between "software architecture" and "system architecture." (A lot of what I see called 'software architecture' I'd call 'top-level design'.) Much of what I know about large scale software-intensive systems architecture is in IEEE Std 1471:2000 / ISO/IEC 42010:2007, "Recommended Practice for Architecture Description of Software Intensive Systems". I'm working on the revision of this standard, which among other things generalizes its scope to 'systems' in general, including software-only systems and even software services.
Quick update: after about 4 hours, my Kill-o-Watt is reporting average usage of 0.05 KWh, consistent with what I saw over the first 5-10 minutes after I put it on the meter and booted it up.
Newer (not newest) 2.0ghz, 120gb hard drive, 4gb RAM, plus an attached FW800 drive. This is running Snow Leopard Server providing a couple of relatively low-demand websites (about 1 request/sec) and it's also doing some active firewall for my local network. (I have another Mini that's acting as the file/LDAP server).
According to my Kill-o-Watt meter, booting up it drew about 25-33 w, and right now it's drawing about 17-25 watts steady-state with a load average of about.5 and running about 10%-15% CPU utilization.
What that shows is a Mini that isn't doing much isn't consuming much power. I'll report back more results tomorrow once the machine has run with the Kill-o-Watt for a day. Then I'll put the Kil-o-Watt on the other server.
A DLink Fast Ethernet USB 2.0 DUB-E100 adapter (among others) works without any driver installation under Snow Leopard (same chipset as used in the MacBook Air's ethernet adapter, apparently...) See http://www.sustworks.com/ for a discussion of using Ethernet USB adapters on MacOS.
I'm running Sustworks' IPNetRouter on my new Mini right now. Onboard GigE talks to the local LAN and the USB 2 Ethernet adapter talks to the firewall router and the outside world.
Somewhere around MacOS X.5.6 Server they introduced a new low configuration option that I used on this latest server. As mentioned in an earlier post, I had my new server and its 3 websites up and running in about 10 minutes total time (given an external DNS & Open Directory server on my network. I did not test a completely standalone installation.)
OK, you're skeptical. But I've done it. I installed Snow Leopard Server on a Mini, and set-up time, given a proper DNS entry and connecting to an existing Open Directory LDAP server was under 10 minutes, including configuring my 3 websites that are hosted on a total of 10 different domains (through the IP address assigned by my external ISP)
Additionally I'm running a 3rd party software router/security solution and so far this has been rock-solid, with a few minor link errors I introduced when I followed a new convention on where I located each webserver's files.
I've been running OS X Server in a SOHO situation for several years, including hosting some websites, LDAP-based network login, OS X Mobile accounts on laptops (laptop synchs when it's back in the home network) and file sharing.
Last week I got a new low-end Mini and a copy of Snow Leopard Server, at about the same cost as the new product. My Mini is only 2.0ghz, compared to 2.5ghz, and has only 1, 120gb, disk drive vs the 2x 500gb drives. But those drives are 5400rpm, and you give up the optical drive for the second hard drive. My big disappointment with this (besides it coming out a week after I bought something a bit less capable) is that I think they should have added at least one and preferably 2 eSATA ports (and given up 2 USB ports.)
I'm looking forward to trying out the Wiki server, and also the new 'connect to home' facility that is something like a very simplified VPN, that's new in Snow Leopard Server.
Administering Snow Leopard Server is very little like handling Unix servers, with one exception. You still need to pore through logfiles for security issues, etc. But the late Leopard Server (X.5.6 or so) and now Snow Leopard server "server preferences" are likely to provide a relatively knowledgeable user with the ability to set up a functional server in, literally, 10 minutes (voice of experience...) That's assuming you have a DNS that provides domain name/IP mapping, and you're doing simple LDAP or already have an LDAP server (including Active Directory, but I don't have any experience with AD or mixed Windows/Mac integration.)
Clearly this is not for someone who needs computational power in a server. But a pair of servers, using a shared (NAS) disk, and some sort of mechanism that can do hot-backup/rollover at the edge, could be a very workable relatively high-reliability situation for someone. But more importantly, I think this is a very attractive product for small offices, particularly with some sort of FW800 or NAS RAID mirrored/redundant disk enclosure.
Oh, and someone asked how you do an install without an optical drive in the server: "There's more than one way to do this." MacOS provides remote disk (this was developed for the MacBook Air), so you slide your install DVD into another Mac with an optical drive and active remote disk. OR, you can use Firewire Target mode (one of the great Mac tricks of all time.) This is how I loaded my Leopard server double-density DVD onto an old G5 that did not have a double density DVD drive. I stuck it in my MacBook Pro, then rebooted the MBP into Firewire Target mode. I used a (FW800 - great performance) cable to plug that machine into the G5. All of the MBP's drives, including the DVD in the optical drive, mounted on the G5. Basically Target mode turns your Mac into the equivalent of an external disk enclosure for all drives/volumes on that machine. This is also super-cool for backup. I have an eSATA enclosure and a ExpressCard34 eSATA adapter for the MBP. I can do drive-dump level backups by putting the Mini into Firewire Target mode and then disk-dumping drive images onto my eSATA enclosure. (The eSATA enclosure is left over from that G5, which had a hardware RAID eSATA card in it. I was sorry to give that particular card up, it worked pretty well.)
And under POSIX pathname interpretation rules, "///" is the same as "/" (so this works exactly as you want.) It's the special case of exactly -2- slashes that POSIX identifies for special treatment.
Don't forget that the POSIX standard permits the interpretation of an absolute pathname that starts with exactly 2 slashes as a special case. So a pathname of//some.site.com/a/path/to/file can (and often is) interpreted as/a/path/to/file on the machine some.site.com
This convention started with the Apollo Domain system, if I remember my ancient history correctly:-)
So starting URLs with exactly 2 slashes made sense to me, as it implied a big world-wide-virtual-file-system...
Of course, what really pisses me off are people who say "haich tee tee pee colon forward-slash forward-slash", or even worse "haich tee tee pee colon backward-slash backward-slash", as if "\" were a legal character in an URL.
If we're mobilizing the torch and pitchfork mob, I'd rather send them after the person (Bill Gates???) who decided in MS-DOS to substitute backward slashes where convention for a long time had been forward slashes as the separator in pathnames. Yet another gratuitous change that the world did not need. (At least when Apple did its gratuitous change, it used colons instead of backslashes...)
I was pretty religious about forwarding all the phishing emails I got purporting to be from Bank of America to BOA's fraud line.
Lately I'm getting swamped by IRS phishes "notice of underreported income" (perhaps 100 of them so far), that I've been sending to the phishing mailbox at irs.gov. Hopefully that'll help close that particular scheme.
How about capital punishment for widespread internet fraud???
Not sure what your measure of "unable to compete" is. Firewire is not dead, in fact I think the number of FW800 devices has increased. This is much less than the number of USB devices, but "unable to compete" overstates the current situation. FW800 is sufficiently fast enough for a file server in my home office (but I'm not swapping to those drives, rather it's for shared files.) So Firewire has a nice niche market, generally sustained by its advantages and widespread use for Macs in their niche market:-)
The comments about cables providing power are also apropos, I use an FW charger to charge up my (3rd gen) iPod because it delivers more juice and charges faster than USB. A standard that includes sufficient power to reduce/eliminate wall warts would have substantial traction, I think.
How about a comparison with Light Peak and eSATA. Could eSATA be expanded to handle more than just external disk drives?
And isn't SGML in part something IBM contributed to? So we can hope IBM will contribute to defending "prior art". Without actually reading the patent (I just read the patent abstract), what seems to be "unique" is the XML encoding along with the XSD style sheet; document markup languages are -really old hat- (Scribe's still my personal favorite:-). So "attacking" the patent based on the documented derivation of XML from SGML would seem to me to be a viable strategy, and many mark-up word processors of the previous millennium (including Scribe, if I remember right) had the concept of a 'document style sheet'.
This patent is -particularly stupid- based on the patent abstract. (Hey, if the President can make snap judgements without doing full research, why can't I do it, too???)
What does that make me? Boomer-Y?;-) In my case it might be due to lack of hand-eye coordination, but I suspect in part it's due to being too impatient to write when I can type faster...
John McCormick (http://www.cs.uni.edu/~mccormic/) has published several papers comparing Ada to other languages and documenting his successes using Ada in undergraduate programming classes. So there are some published studies, and McCormick's results are pretty impressive for first-year programming classes.
Some of the advantages include: * unforgiving syntax - preventing confusions like "=" and "=="; * compile-time type checking; * easy to bring in support components ("packages" in Ada) to provide complex operations (such as I/O formatting) that otherwise would get in the way of the problem at hand; * a concurrency model that is easy to reason about (OK, maybe not for a beginner programmer, but still a huge advantage as we look at a multi-core future...); * a pretty large collection of reusable components; * an integrated exception handling model, so behavior when a runtime problem is detected is a lot easier to understand (particularly with stack traces).
Java has some of these same benefits, particularly the ability to bring in existing packages, but Java is handicapped by its C syntax which makes it easy for beginners to make mistakes, and the type model (particularly weakly-typed scalars) doesn't provide as much compile-time diagnosis.
A big part of Ada's success is the amount of things that the compiler can check for you. It's a lot easier to find and work off compiler errors (even more so when the compiler provides good error messages) than it is to try to debug a program at runtime.
dave
p.s. I really believe learning to read code, and having a language that is easy to read, is really important. I learned more about programming by reading, taking apart and modifying the old "Star Trek" BASIC program (in the mid 70s) than I did in my introductory programming classes.
When I look for developers, I will not hire anyone who knows only one programming language, because frankly that's likely evidence that person doesn't know how to -think- about problems in more than one way. (Sapir-Whorf, http://en.wikipedia.org/wiki/Sapir-whorf)
Languages come and go, we're far away from the 'ultimate language' . What's important is (a) ability to think about the problem; (b) ability to do good design based on understanding underlying things such as complexity theory/Big O notation/concurrency, etc.; (c) learn and apply the appropriate technology for the problem; (d) ability to write coherently; (e) ability to work within a team; (f) ability to understand and apply methods and techniques to write correct code (I am -not- impressed by debugging skills. I am impressed by people who treat the debugger as an admission they don't know what their code is doing!); (g) ability to learn on-the-job, including identifying problems and researching/analyzing potential solutions. Ability to write little programs in some currently popular programming language doesn't make my list.
I blame both hiring managers/HR departments and academia for reducing much of computer science/software engineering to mere programming-in-the-small vocational training.
This is a valid point, and I'd be interested to hear from Slashdotters with experience on what they think it would take to start from Ground Zero to produce a "production quality" (including IA/North Korea DDOS attack-proof) infrastructure & content, including hosting facility costs for, let's say, 5 years.
Actually, in the best tradition of the "dog at midnight" (http://en.wikipedia.org/wiki/Silver_Blaze), what's most significant are the sites that are NOT reporting problems, including *.mil, dhs.gov and state.gov. Thus it seems to me that some parts of government have much better/more hardened infrastructures than others.
A couple of posts below this "Pull the Gdamn plug!" and some of the responses, lay down thoughts on shutting down DDOS attacks.
My first thought was "OK, was this attack targeted to anything besides WIndows Servers." My current thought is "what -is- the point of vulnerability for this attack, and why does it seem that some organizations were able to recover better than others?"
I'm with him. I have a bunch of external FW800 RAID enclosures (for both SATA and older IDE drives.) Advantages include not using/depending on the computer for RAID drivers (in my case, Mac OS X software RAID), independence from computer failures (e.g. bad power supply), cooling (less hot drives in the case). Disadvantages include performance (unless you have a good eSATA RAID case) and Size, Weight & Power (more than for drives within the computer case).
I've been happy with the enclosures I've bought from Other World Computing (http://www.macsales.com). Although this is -primarily- a Mac dealer, their stuff works on Windows too, and it's high-quality hardware.
Slashdot Mirror
Hello from Amazon.com.
We're sorry to hear you've experienced issues with the malware/penetration attempts coming from Amazon cloud computing servers.
The symptoms you've reported are consistent with malicious software (malware), such as a virus or spyware, installed on your computer. If your computer has been infected with this type of software, it can replace images in the Amazon.com advertisement slots or generate pop-up ads with images that are not intentionally inserted by Amazon or our advertising partners.
followed by a bunch of stuff relevant to delousing Windows desktops...
I'm seeing attempts to access a bunch of non-existent but suspicious files on my server (most recent at 12:32 EST today)
mydomain.com/
install.txt , cart, zencart, zen-cart, zen, shop, bulk, zcart, shop2, catalog, mobile, iphone, mobi, m, boutique, cart, store
None of these things exist on my server, and it -might be the case- that a legitimate web crawler would look for mobile web customizations in mobile, mobi, iphone or even m, the rest of these make absolutely no sense for anything other than nefarious purposes...
I'm also seeing attacks against
phpMyAdmin, phpmyadmin, mysql, ok.txt
(There are some significant advantages to running a "dumb" webserver without ASP, PHP, JSP, etc :-)
I need to figure out a way to have a 'blacklist file', such that any attempt to access these files adds the requester to a blacklist.
> - although no one appears to have mentioned UFOs yet
It's no fun buzzing Earth if there's no panic calling to authorities and calls for investigation of the subsequent coverup.
Bleezarp (from Alpha Centauri...)
Well, I think there is a difference (albeit a bit fuzzy at times) between the kinds of things I've done for my career, most of it very large scale embedded, some real-time, some safety-critical, and what we used to call "Management Information Systems" and now seem to call "IT". The skill set is a bit different, the tools are most certainly different, the engineering and deployment characteristics are different.
In particular, what bothers me is when people hear I do software development, assume "he's an IT guy" and then "can you fix my computer?" My answer to that is usually, "No, go buy a Mac. I don't do Windows." (I don't mean to start the Mac vs Windows debate, but I will point out that most of my development experience has been on Unix systems, and one reason I like Macs is that I can load the developer tools, pop open a shell, launch Emacs - Aquamacs is an amazing port to the Mac - and be back in my developer comfort zone.)
Oh, and my current job title is "Chief Software Architect", although I do not draw any distinction between "software architecture" and "system architecture." (A lot of what I see called 'software architecture' I'd call 'top-level design'.) Much of what I know about large scale software-intensive systems architecture is in IEEE Std 1471:2000 / ISO/IEC 42010:2007, "Recommended Practice for Architecture Description of Software Intensive Systems". I'm working on the revision of this standard, which among other things generalizes its scope to 'systems' in general, including software-only systems and even software services.
Quick update: after about 4 hours, my Kill-o-Watt is reporting average usage of 0.05 KWh, consistent with what I saw over the first 5-10 minutes after I put it on the meter and booted it up.
Newer (not newest) 2.0ghz, 120gb hard drive, 4gb RAM, plus an attached FW800 drive. This is running Snow Leopard Server providing a couple of relatively low-demand websites (about 1 request/sec) and it's also doing some active firewall for my local network. (I have another Mini that's acting as the file/LDAP server).
According to my Kill-o-Watt meter, booting up it drew about 25-33 w, and right now it's drawing about 17-25 watts steady-state with a load average of about .5 and running about 10%-15% CPU utilization.
What that shows is a Mini that isn't doing much isn't consuming much power. I'll report back more results tomorrow once the machine has run with the Kill-o-Watt for a day. Then I'll put the Kil-o-Watt on the other server.
A DLink Fast Ethernet USB 2.0 DUB-E100 adapter (among others) works without any driver installation under Snow Leopard (same chipset as used in the MacBook Air's ethernet adapter, apparently...) See http://www.sustworks.com/ for a discussion of using Ethernet USB adapters on MacOS.
I'm running Sustworks' IPNetRouter on my new Mini right now. Onboard GigE talks to the local LAN and the USB 2 Ethernet adapter talks to the firewall router and the outside world.
Somewhere around MacOS X.5.6 Server they introduced a new low configuration option that I used on this latest server. As mentioned in an earlier post, I had my new server and its 3 websites up and running in about 10 minutes total time (given an external DNS & Open Directory server on my network. I did not test a completely standalone installation.)
"...call me skeptical on that one."
OK, you're skeptical. But I've done it. I installed Snow Leopard Server on a Mini, and set-up time, given a proper DNS entry and connecting to an existing Open Directory LDAP server was under 10 minutes, including configuring my 3 websites that are hosted on a total of 10 different domains (through the IP address assigned by my external ISP)
Additionally I'm running a 3rd party software router/security solution and so far this has been rock-solid, with a few minor link errors I introduced when I followed a new convention on where I located each webserver's files.
dave
I've been running OS X Server in a SOHO situation for several years, including hosting some websites, LDAP-based network login, OS X Mobile accounts on laptops (laptop synchs when it's back in the home network) and file sharing.
Last week I got a new low-end Mini and a copy of Snow Leopard Server, at about the same cost as the new product. My Mini is only 2.0ghz, compared to 2.5ghz, and has only 1, 120gb, disk drive vs the 2x 500gb drives. But those drives are 5400rpm, and you give up the optical drive for the second hard drive. My big disappointment with this (besides it coming out a week after I bought something a bit less capable) is that I think they should have added at least one and preferably 2 eSATA ports (and given up 2 USB ports.)
I'm looking forward to trying out the Wiki server, and also the new 'connect to home' facility that is something like a very simplified VPN, that's new in Snow Leopard Server.
Administering Snow Leopard Server is very little like handling Unix servers, with one exception. You still need to pore through logfiles for security issues, etc. But the late Leopard Server (X.5.6 or so) and now Snow Leopard server "server preferences" are likely to provide a relatively knowledgeable user with the ability to set up a functional server in, literally, 10 minutes (voice of experience...) That's assuming you have a DNS that provides domain name/IP mapping, and you're doing simple LDAP or already have an LDAP server (including Active Directory, but I don't have any experience with AD or mixed Windows/Mac integration.)
Clearly this is not for someone who needs computational power in a server. But a pair of servers, using a shared (NAS) disk, and some sort of mechanism that can do hot-backup/rollover at the edge, could be a very workable relatively high-reliability situation for someone. But more importantly, I think this is a very attractive product for small offices, particularly with some sort of FW800 or NAS RAID mirrored/redundant disk enclosure.
Oh, and someone asked how you do an install without an optical drive in the server: "There's more than one way to do this." MacOS provides remote disk (this was developed for the MacBook Air), so you slide your install DVD into another Mac with an optical drive and active remote disk. OR, you can use Firewire Target mode (one of the great Mac tricks of all time.) This is how I loaded my Leopard server double-density DVD onto an old G5 that did not have a double density DVD drive. I stuck it in my MacBook Pro, then rebooted the MBP into Firewire Target mode. I used a (FW800 - great performance) cable to plug that machine into the G5. All of the MBP's drives, including the DVD in the optical drive, mounted on the G5. Basically Target mode turns your Mac into the equivalent of an external disk enclosure for all drives/volumes on that machine. This is also super-cool for backup. I have an eSATA enclosure and a ExpressCard34 eSATA adapter for the MBP. I can do drive-dump level backups by putting the Mini into Firewire Target mode and then disk-dumping drive images onto my eSATA enclosure. (The eSATA enclosure is left over from that G5, which had a hardware RAID eSATA card in it. I was sorry to give that particular card up, it worked pretty well.)
What if Microsoft used Danger to store the images???
(Actually, it is good to see something from Microsoft Research make it to market, even if it's not Microsoft doing it...)
dave
And under POSIX pathname interpretation rules, "///" is the same as "/" (so this works exactly as you want.) It's the special case of exactly -2- slashes that POSIX identifies for special treatment.
Don't forget that the POSIX standard permits the interpretation of an absolute pathname that starts with exactly 2 slashes as a special case. So a pathname of //some.site.com/a/path/to/file can (and often is) interpreted as /a/path/to/file on the machine some.site.com
This convention started with the Apollo Domain system, if I remember my ancient history correctly :-)
So starting URLs with exactly 2 slashes made sense to me, as it implied a big world-wide-virtual-file-system...
Of course, what really pisses me off are people who say "haich tee tee pee colon forward-slash forward-slash", or even worse "haich tee tee pee colon backward-slash backward-slash", as if "\" were a legal character in an URL.
If we're mobilizing the torch and pitchfork mob, I'd rather send them after the person (Bill Gates???) who decided in MS-DOS to substitute backward slashes where convention for a long time had been forward slashes as the separator in pathnames. Yet another gratuitous change that the world did not need. (At least when Apple did its gratuitous change, it used colons instead of backslashes...)
Daniel Eran Dilger, unrepentant Mac Fanboy, provides a rather thorough and documented analysis here: http://www.roughlydrafted.com/2009/10/08/gartner-declares-android-a-second-place-winner-in-2012-why/ Worth the read, even if you don't agree with Dilger's alternate position.
I was pretty religious about forwarding all the phishing emails I got purporting to be from Bank of America to BOA's fraud line.
Lately I'm getting swamped by IRS phishes "notice of underreported income" (perhaps 100 of them so far), that I've been sending to the phishing mailbox at irs.gov. Hopefully that'll help close that particular scheme.
How about capital punishment for widespread internet fraud???
Not sure what your measure of "unable to compete" is. Firewire is not dead, in fact I think the number of FW800 devices has increased. This is much less than the number of USB devices, but "unable to compete" overstates the current situation. FW800 is sufficiently fast enough for a file server in my home office (but I'm not swapping to those drives, rather it's for shared files.) So Firewire has a nice niche market, generally sustained by its advantages and widespread use for Macs in their niche market :-)
The comments about cables providing power are also apropos, I use an FW charger to charge up my (3rd gen) iPod because it delivers more juice and charges faster than USB. A standard that includes sufficient power to reduce/eliminate wall warts would have substantial traction, I think.
How about a comparison with Light Peak and eSATA. Could eSATA be expanded to handle more than just external disk drives?
And isn't SGML in part something IBM contributed to? So we can hope IBM will contribute to defending "prior art". Without actually reading the patent (I just read the patent abstract), what seems to be "unique" is the XML encoding along with the XSD style sheet; document markup languages are -really old hat- (Scribe's still my personal favorite :-). So "attacking" the patent based on the documented derivation of XML from SGML would seem to me to be a viable strategy, and many mark-up word processors of the previous millennium (including Scribe, if I remember right) had the concept of a 'document style sheet'.
This patent is -particularly stupid- based on the patent abstract. (Hey, if the President can make snap judgements without doing full research, why can't I do it, too???)
What does that make me? Boomer-Y? ;-) In my case it might be due to lack of hand-eye coordination, but I suspect in part it's due to being too impatient to write when I can type faster...
dave
John McCormick (http://www.cs.uni.edu/~mccormic/) has published several papers comparing Ada to other languages and documenting his successes using Ada in undergraduate programming classes. So there are some published studies, and McCormick's results are pretty impressive for first-year programming classes.
Some of the advantages include: * unforgiving syntax - preventing confusions like "=" and "=="; * compile-time type checking; * easy to bring in support components ("packages" in Ada) to provide complex operations (such as I/O formatting) that otherwise would get in the way of the problem at hand; * a concurrency model that is easy to reason about (OK, maybe not for a beginner programmer, but still a huge advantage as we look at a multi-core future...); * a pretty large collection of reusable components; * an integrated exception handling model, so behavior when a runtime problem is detected is a lot easier to understand (particularly with stack traces).
Java has some of these same benefits, particularly the ability to bring in existing packages, but Java is handicapped by its C syntax which makes it easy for beginners to make mistakes, and the type model (particularly weakly-typed scalars) doesn't provide as much compile-time diagnosis.
A big part of Ada's success is the amount of things that the compiler can check for you. It's a lot easier to find and work off compiler errors (even more so when the compiler provides good error messages) than it is to try to debug a program at runtime.
dave
p.s. I really believe learning to read code, and having a language that is easy to read, is really important. I learned more about programming by reading, taking apart and modifying the old "Star Trek" BASIC program (in the mid 70s) than I did in my introductory programming classes.
When I look for developers, I will not hire anyone who knows only one programming language, because frankly that's likely evidence that person doesn't know how to -think- about problems in more than one way. (Sapir-Whorf, http://en.wikipedia.org/wiki/Sapir-whorf)
Languages come and go, we're far away from the 'ultimate language' . What's important is (a) ability to think about the problem; (b) ability to do good design based on understanding underlying things such as complexity theory/Big O notation/concurrency, etc.; (c) learn and apply the appropriate technology for the problem; (d) ability to write coherently; (e) ability to work within a team; (f) ability to understand and apply methods and techniques to write correct code (I am -not- impressed by debugging skills. I am impressed by people who treat the debugger as an admission they don't know what their code is doing!); (g) ability to learn on-the-job, including identifying problems and researching/analyzing potential solutions. Ability to write little programs in some currently popular programming language doesn't make my list.
I blame both hiring managers/HR departments and academia for reducing much of computer science/software engineering to mere programming-in-the-small vocational training.
This is a valid point, and I'd be interested to hear from Slashdotters with experience on what they think it would take to start from Ground Zero to produce a "production quality" (including IA/North Korea DDOS attack-proof) infrastructure & content, including hosting facility costs for, let's say, 5 years.
Actually, in the best tradition of the "dog at midnight" (http://en.wikipedia.org/wiki/Silver_Blaze), what's most significant are the sites that are NOT reporting problems, including *.mil, dhs.gov and state.gov. Thus it seems to me that some parts of government have much better/more hardened infrastructures than others.
A couple of posts below this "Pull the Gdamn plug!" and some of the responses, lay down thoughts on shutting down DDOS attacks.
My first thought was "OK, was this attack targeted to anything besides WIndows Servers." My current thought is "what -is- the point of vulnerability for this attack, and why does it seem that some organizations were able to recover better than others?"
I'm with him. I have a bunch of external FW800 RAID enclosures (for both SATA and older IDE drives.) Advantages include not using/depending on the computer for RAID drivers (in my case, Mac OS X software RAID), independence from computer failures (e.g. bad power supply), cooling (less hot drives in the case). Disadvantages include performance (unless you have a good eSATA RAID case) and Size, Weight & Power (more than for drives within the computer case).
I've been happy with the enclosures I've bought from Other World Computing (http://www.macsales.com). Although this is -primarily- a Mac dealer, their stuff works on Windows too, and it's high-quality hardware.
Hey, if you don't like the restrictions, DON'T TAKE THE MONEY!
One Achmed to rule them all, One Achmed to find them, One Achmed to bring them all and to their camels bind them
I knew somewhere buried in the (300, when I read this post) comments, there would be something significantly funny. Please mod parent up.
You beat me to that punny post...
dave