Your assertion the Jesus is "NOT" God is incorrect, from a Roman Catholic perspective. The dogma of the Holy Trinity holds that God, Jesus, and the Holy Spirit, are one, and indivisible in nature. They are all God.
I'm pretty sure even the protestant faiths (at least the ones I'd call mainstream) hold the same beliefs.
Did you even stop to think for one second that maybe they went with a larger, passive cooling solution?
"Disabled the fan", my ass.. the article says they removed it. So they must have found a way to passively cool the chip sufficiently, or maybe they have a more efficient rev of the chip..but there's no way they would slow the chip down, as that could cause compatibility problems with the existing games, which were coded for a box that offers uniform performance across the board.
Actually, witness mainframes for a real-world example of this design mentality... Using VLIW and optimizing compilers, it is easy to abstract dedicated I/O processors as nothing more than opcodes of the CPU you are targeting. And since your compiler looks after the optimizations, you basically get a free lunch.
This is confusing to me...a long time ago, I watched Jurrasic Park on an IMAX screen, and was disappointed - the image was not IMAX size (didn't fill the whole screen)nor aspect ratio. The only benefit was the better sound system.
But recently, I went to the local mega theater to see SpiderMan, and was suprised to learn they were showing it on the IMAX screen. I expected the same thing, but it wasn't - it was a full sized IMAX image, and the image quality seemed fine to me.
So if this technology in the article is some new innovation, how are they doing it right now, and what are the disadvantages of the current approach?
I'm not sure if the USPS does anything like this, but Canada Post runs epost.ca, which is like their version of Hotmail. It's free, and the upshot is that you can configure your account so that the various companies that you interact with, such as the phone company, the cable company, your bank, etc, send emails via epost.ca rather than printed bills or notices.
I guess it works because in some sense email from epost.ca is "official", since it's run by the Post Office. Sort of a neat concept, I guess.
Whatever...ask any Domino developer what happened when SP6 for NT4 was released..that's one of the major reasons we now have SP6a
Re:If a hotfix breaks an app, kick the developer.
on
Happy Birthday Code Red
·
· Score: 3, Insightful
You are assuming that all web apps are written using MS technologies...how about ColdFusion, Lotus Domino, etc? We have quite a mix of stuff, as our environment has evolved over the years...and there have definitely been hotfixes that have broken Domino.
I think you've missed the point of my post. Whether it's IIS, Apache, WU-FTP, SSH, BIND, SendMail, whatever, if you don't keep on top of the current issues for the services you run, and if you don't have an effective plan to handle the management, oversight and timely maintenance of those systems, you will end up getting burned at some point.
It's not about how frequently exploits and/or fixes arise for the particular services you run - it's all about how quickly and effectively you can deploy defensive measures, and that ultimately comes down to the human element.
Well, at least it was good pizza that night...
on
Happy Birthday Code Red
·
· Score: 5, Interesting
It really was good pizza...and it was quite a bit of fun riding skateboards around the corporate HQ at 2:30am in the morning...
Seriously, though, it also taught the company I work for a serious lesson about staying on top of this kind of stuff. We had just finished a 2 month project to secure our web servers, but we were still bound by our traditional change management processes - 7 days notification for an outage, and testing of all changes documented and submitted for approval in advance. At the time Code Red hit, I had sent a note saying "we've really got to get this hotfix applied", but we were bound by the process, and we got burned.
Needless to say, when an urgent hotfix comes out now, it takes almost no convincing to get it applied ASAP. If it breaks a web app or two, well, that's the risk we take. We'd rather look for signoff from the business to unapply a hotfix that breaks something, than spend a few days trying to secure the approval beforehand. It's a lot cheaper in the long run to troubleshoot the effects of a hotfix that has unintended side effects than it is to watch your entire web farm get demolished by a worm.
Yes, we run IIS, and I suppose you could harp about how this could all be avoided by running Apache, but the point is that without a policy, strategy, and process for rapidly deploying defenses against net-born attacks, no system is invulnerable.
Check your facts before posting - In Canada, the airwaves are most definitely public property. The use of the airwaves, much like the use of public land such as national parks, is regulated, for obvious reasons of common good, but that doesn't mean that the government owns them.
Trust me, you didn't want HP to stick with the NetServer line of x86 servers. How would you like to be uncrating and installing 50 or more new blower fans (like I have to...), because the ones currently cooling your LP2000r dual PIII 1ghz systems are failing on average within 3 months of deployment?
Nevermind, I found a link: http://www.ing.unili.it/solaris/
BTW, don't flame me for posting a link to "warez"...Sun very definitely calls it "free"...you are only paying for the media and shipping costs (plus an exorbitant markup:)
Sun made Solaris 8 available for home/non-commercial use a while ago, and you could download.iso files. They subsequently removed the.iso files from their web site, and now you have to purchase a media kit.
Does anyone have a link to a mirror of the.iso files?
If you can come up with a brute force approach to common encryption schemes, could you not stay one step ahead of something like this by utilizing multiple layers of encryption, with differing methods of encryption at each level?
Give that a brute force attack is orders of magnitude more computationally intensive than the original encryption, would this allow you to stay ahead of the curve?
Also, although the papers seem to indicate that the proposed system could try multiple forms of attacks on the encrypted data, would modifying or customizing the encryption algorithm at each layer of encryption help? Computers are great at brute force attacks, but I highly doubt a system such as this proposed one can do much in the way of analysis or reverse engineering of the encryption algorithms used...at some point, you'd have to resort to good old (and slow) human deduction...
The kernel is still executing, as is IPChains (obviously)..If IPChains has any exploits, what is to stop a hacker from being able to modify the firewall configuration in memory, thus punching holes in the firewall?
What the heck are you talking about? YOU get to choose what gets installed when you are setting up the OS. IIS has never been required on a file and print server.
Who's to say that the message isn't somehow encoded in the filename, the file size, the MD-5 hash of the entire message, hell, even the Usenet group it was posted too. It's ironic that all that processing power was wasted on analyzing the image, when any of the aforementioned parameters might have constituted a public key or one time pad for the real message...
Basically, this kind of analysis constitutes an even weaker hypothetical effort than RC-56, or any of those distributed.net challenges, since it's not a given that the image is the sole medium for the message.
"Any online "communities" are usually formed by a group of people who know each other (at least to a minor degree), and not by the "next link on this webring."
You hit it on the head with this comment. The webrings were a useful tool for content providers, because it gave them a sense of community. Given the ratio of consumers to providers, though, that turns out to be a pretty small segment of the web population.
You all bashed Microsoft the last time around for not immediately and publicly notifying users of an exploit, they, prefering instead to ready a fix before the exploit was common knowledge.
So, once again use an occasion such as this to resoundingly denounce the fact the CERT, and major Linux distros other than Red Hat, have chosen to do the essentially same.
I suspect that the complaints of this type of behavior will be much less in the case of CERT, since Microsoft's disclosure policies simply allow slashdotters to take pot shots at MS, but we'll see...The shoe's on the other foot this time.
Transmeta simply failed to deliver sufficient innovation to be competitive. The code morphing was an interesting idea, but they didn't do anything groundbreaking with it. Similarly, Intel managed to narrow the power consumption gap, while still beating them on the benchmarks.
They designed a chip for a market that doesn't exist - on the embedded side, processors like the StrongARM, SH3, and even, at the very low end, stuff like Z80's are smaller, cheaper, and lower power. At the same time, on the high end, ie. laptops, speed is king. With 15" LCD's on laptops these days sucking down the batteries, the power savings of the Transmeta chips weren't worth the lower performance, and certainly weren't going to help boost sales to mhz-obsessed consumers.
Slashdot Mirror
Your assertion the Jesus is "NOT" God is incorrect, from a Roman Catholic perspective. The dogma of the Holy Trinity holds that God, Jesus, and the Holy Spirit, are one, and indivisible in nature. They are all God.
I'm pretty sure even the protestant faiths (at least the ones I'd call mainstream) hold the same beliefs.
Did you even stop to think for one second that maybe they went with a larger, passive cooling solution?
"Disabled the fan", my ass.. the article says they removed it. So they must have found a way to passively cool the chip sufficiently, or maybe they have a more efficient rev of the chip..but there's no way they would slow the chip down, as that could cause compatibility problems with the existing games, which were coded for a box that offers uniform performance across the board.
Actually, witness mainframes for a real-world example of this design mentality... Using VLIW and optimizing compilers, it is easy to abstract dedicated I/O processors as nothing more than opcodes of the CPU you are targeting. And since your compiler looks after the optimizations, you basically get a free lunch.
This is confusing to me...a long time ago, I watched Jurrasic Park on an IMAX screen, and was disappointed - the image was not IMAX size (didn't fill the whole screen)nor aspect ratio. The only benefit was the better sound system.
But recently, I went to the local mega theater to see SpiderMan, and was suprised to learn they were showing it on the IMAX screen. I expected the same thing, but it wasn't - it was a full sized IMAX image, and the image quality seemed fine to me.
So if this technology in the article is some new innovation, how are they doing it right now, and what are the disadvantages of the current approach?
I'm not sure if the USPS does anything like this, but Canada Post runs epost.ca, which is like their version of Hotmail. It's free, and the upshot is that you can configure your account so that the various companies that you interact with, such as the phone company, the cable company, your bank, etc, send emails via epost.ca rather than printed bills or notices.
I guess it works because in some sense email from epost.ca is "official", since it's run by the Post Office. Sort of a neat concept, I guess.
And even more importantly, will they modify that funny Windows flag screensaver so that it's a nice shade of commie red?
Will it still bluescreen, or will they change that as well?
Whatever...ask any Domino developer what happened when SP6 for NT4 was released..that's one of the major reasons we now have SP6a
You are assuming that all web apps are written using MS technologies...how about ColdFusion, Lotus Domino, etc? We have quite a mix of stuff, as our environment has evolved over the years...and there have definitely been hotfixes that have broken Domino.
I think you've missed the point of my post. Whether it's IIS, Apache, WU-FTP, SSH, BIND, SendMail, whatever, if you don't keep on top of the current issues for the services you run, and if you don't have an effective plan to handle the management, oversight and timely maintenance of those systems, you will end up getting burned at some point.
It's not about how frequently exploits and/or fixes arise for the particular services you run - it's all about how quickly and effectively you can deploy defensive measures, and that ultimately comes down to the human element.
It really was good pizza...and it was quite a bit of fun riding skateboards around the corporate HQ at 2:30am in the morning...
Seriously, though, it also taught the company I work for a serious lesson about staying on top of this kind of stuff. We had just finished a 2 month project to secure our web servers, but we were still bound by our traditional change management processes - 7 days notification for an outage, and testing of all changes documented and submitted for approval in advance. At the time Code Red hit, I had sent a note saying "we've really got to get this hotfix applied", but we were bound by the process, and we got burned.
Needless to say, when an urgent hotfix comes out now, it takes almost no convincing to get it applied ASAP. If it breaks a web app or two, well, that's the risk we take. We'd rather look for signoff from the business to unapply a hotfix that breaks something, than spend a few days trying to secure the approval beforehand. It's a lot cheaper in the long run to troubleshoot the effects of a hotfix that has unintended side effects than it is to watch your entire web farm get demolished by a worm.
Yes, we run IIS, and I suppose you could harp about how this could all be avoided by running Apache, but the point is that without a policy, strategy, and process for rapidly deploying defenses against net-born attacks, no system is invulnerable.
Check your facts before posting - In Canada, the airwaves are most definitely public property. The use of the airwaves, much like the use of public land such as national parks, is regulated, for obvious reasons of common good, but that doesn't mean that the government owns them.
Trust me, you didn't want HP to stick with the NetServer line of x86 servers. How would you like to be uncrating and installing 50 or more new blower fans (like I have to...), because the ones currently cooling your LP2000r dual PIII 1ghz systems are failing on average within 3 months of deployment?
Nevermind, I found a link:
:)
http://www.ing.unili.it/solaris/
BTW, don't flame me for posting a link to "warez"...Sun very definitely calls it "free"...you are only paying for the media and shipping costs (plus an exorbitant markup
Sun made Solaris 8 available for home/non-commercial use a while ago, and you could download .iso files. They subsequently removed the .iso files from their web site, and now you have to purchase a media kit.
.iso files?
Does anyone have a link to a mirror of the
If you can come up with a brute force approach to common encryption schemes, could you not stay one step ahead of something like this by utilizing multiple layers of encryption, with differing methods of encryption at each level?
Give that a brute force attack is orders of magnitude more computationally intensive than the original encryption, would this allow you to stay ahead of the curve?
Also, although the papers seem to indicate that the proposed system could try multiple forms of attacks on the encrypted data, would modifying or customizing the encryption algorithm at each layer of encryption help? Computers are great at brute force attacks, but I highly doubt a system such as this proposed one can do much in the way of analysis or reverse engineering of the encryption algorithms used...at some point, you'd have to resort to good old (and slow) human deduction...
There goes whatever remaining bandwidth they had...
The kernel is still executing, as is IPChains (obviously)..If IPChains has any exploits, what is to stop a hacker from being able to modify the firewall configuration in memory, thus punching holes in the firewall?
What the heck are you talking about? YOU get to choose what gets installed when you are setting up the OS. IIS has never been required on a file and print server.
Who's to say that the message isn't somehow encoded in the filename, the file size, the MD-5 hash of the entire message, hell, even the Usenet group it was posted too. It's ironic that all that processing power was wasted on analyzing the image, when any of the aforementioned parameters might have constituted a public key or one time pad for the real message...
Basically, this kind of analysis constitutes an even weaker hypothetical effort than RC-56, or any of those distributed.net challenges, since it's not a given that the image is the sole medium for the message.
"Any online "communities" are usually formed by a group of people who know each other (at least to a minor degree), and not by the "next link on this webring."
You hit it on the head with this comment. The webrings were a useful tool for content providers, because it gave them a sense of community. Given the ratio of consumers to providers, though, that turns out to be a pretty small segment of the web population.
Or perhaps they were smart enough to block incoming ping requests..Honestly, I'm suprised most web sites allow themselves to be pinged at all...
You all bashed Microsoft the last time around for not immediately and publicly notifying users of an exploit, they, prefering instead to ready a fix before the exploit was common knowledge.
So, once again use an occasion such as this to resoundingly denounce the fact the CERT, and major Linux distros other than Red Hat, have chosen to do the essentially same.
I suspect that the complaints of this type of behavior will be much less in the case of CERT, since Microsoft's disclosure policies simply allow slashdotters to take pot shots at MS, but we'll see...The shoe's on the other foot this time.
And don't forget MobyTurbo!
"To a college educated reader like myself"
I guess proof reading isn't one of the skills taught in college.
Transmeta simply failed to deliver sufficient innovation to be competitive. The code morphing was an interesting idea, but they didn't do anything groundbreaking with it. Similarly, Intel managed to narrow the power consumption gap, while still beating them on the benchmarks.
They designed a chip for a market that doesn't exist - on the embedded side, processors like the StrongARM, SH3, and even, at the very low end, stuff like Z80's are smaller, cheaper, and lower power. At the same time, on the high end, ie. laptops, speed is king. With 15" LCD's on laptops these days sucking down the batteries, the power savings of the Transmeta chips weren't worth the lower performance, and certainly weren't going to help boost sales to mhz-obsessed consumers.