Do the database abtraction yourself (I'll tell you why later..).
the code should be compartmentalised so there's a switch somewhere (either runtime of compile time) thats says - for this database do that to get the data I need in the datastructure (or put the data into the ddb).
Now as to why....
most RDBMS's have wonder extentions to SQL and difference ways of doing this. In order to optimise a certain query or insert/update you'll have to to mangle the SQL accordingly. Also some make heavy used of stored procedures for optimising techniques and others have no idea of a SP.
It's like porting to code from one language to another - SQL isn't generic enough IMHO to make you RDBMS perform at a consistent rate of knots.
Also many Big Iron RDBMS (Oracle, DB2) assume you access to a Database Administor who can monitor the database and keep things ticking over. Others, eg SQL-Server, don't assume this (which can or cannot be helpful) etc etc.
There's a whole gammet of copyright and patent stuff in the SecurID tokens and ACE/Servers.
This is where RSA-Security make their money and they are hardly about to open this stuff up. Yes I know the big money spinner are the tokens (you have to buy an ew one every 3 or 5 years as the battery dies after that period), but they are hardly going to open up their algorithm for inspection by 'the world at large'. IF their where a problem with the problem I don't thing they'd take take lightly to people exposing it (can we say DCMA).
Of course these things have been out there for many years and no-one has yet reverse engineering the algo and the algo has some very repected people look at it (they boought RSA a few years ago).
But there's very very little chance of you replicating this stuff with 'free' software.
let me see I've on 12 mailing lists that I know of right now (plus others that mail less han one a month).
Plus all those register sites(like/.) that mailmy my passwd etc when I forget...
Not to mention all my 'internet' buddies that drop a line once a year or so, to check if I'm still alive...
no it's not easy to change addr's for people that actually rely on email quite heavily like I do..
Like virus's, put the solution where the problem is . For virus's it's the windows desktop so you need a solution there beside gateways etc. For spammers it's the 'sender'. There needs to be a body that has legal powers to track them down and prosecute - a UN agency for policing the internet perhaps?
Right now I'm trapping approx 50% of all incoming email at work with my anti-spam tools. Now thats just a small company with 200 email addresses, God only knows the length and resoources the IBM's of this world must be apply to the problem.
IMHO CC fraud is still happening as its always done, manually. Ie you give you card to pay for something and a tellor then swipes the card on the till and also his small collector under the desk. They then sell on the details...
The problem is ALL the details for the CC are on the mag stripe. Until we can make sure that smart card readers are available everywhere (including computer keyboards for on-line stuff) you'll always be able to snarf to details and make a duplicate card.
Also check your statements carefully everytime you have one. Then you'll spot any misuse ASAP and be able to report it.
Because private comms is going outside your company and could possibly be open to sniffing by the IM host. _IE company confidential material if leaving the company network in clear text.
Of course should you wish to run the IM server 'in-house' you don't havbe these data privacy concerns.
1. Document what you've got. Make the doumentation standard. 2. Move the 'primes' around every couple of months so you all get exposure. 3. Common install base. make sure you can automagically install from scratch the O/S's and applications (ge jumpstart on SOlaris, HPUX and AIX have their variants). If at any stage you need to type anything you've failed. 4. Read, digest and implement "The Practice of System and Network Administration" by Limoncelli and Hogan ISBN: 0201702711. This is a great book for any admin and for me is the K&R of its subject.
yeah right, have you seem the actual stuff thats gets executed in a totally inefficient manner? I know very few programmers you use speed tricks (apart from maybe RDBMS guys who usually have to rely on their database admin to sort the SQL out anyhow).
Gone are the days when programmers actually wrote stuff (esp in the Visual studios purported by M$). You don't program you drag and drop and let the GUI do the rest - hence total crap gets written. This also applies to the GUI web page generators. Give me vi/an editor anyday.
The reason why Unix is more stable is 'cos its modular to a greater degree then 'doze. Plus 30 years of design have gone into the thing.
That'll be expectations (set by us the developers then).
People expect software to do everything, but it's got all flashy with features etc. Remember back at Uni with the 80/20 rule...
If you compare with auto engineering there are versions out there of the product. The no-frills product with no Anti-lock brakes, electric windows (cheap, but functional) then the version with all the toys on it electric everything (more expenensive). It's very rare to find software like this - only Visio springs to mind.
Also 'traditional' engineering can make use of 'stock' parts (brake shoes, radiators etc) that are well known and easy to slightly customise. How much of today's software industry follows to code re-use model????
Today's programs (and O/S's) are horrendously complex so this in it self is a problem. Sure there are other problems, but the more complex a system the more likely it is to fail.
Well if the do this AND drop the price of the things they'll cut back priracy. Why would I pay a few pounds down the market for a dodgy pirate copy when I can have the same thing from the original source with guaranteed quality for the same price??
Same applies to CD's. I'd buy more IF they were alot cheaper. The cost to maufacture is the same, but they'd make more profit by selling more....
Pity us poor Brits - not only do we have to put up with Star Trek months after you guys see it, we also get duff laws through that have been bounced once and this time they are even more duff.
Slashdot Mirror
I think I'll approach the USPTO with a patent for the wheel - no prior art there
Do the database abtraction yourself (I'll tell you why later..).
the code should be compartmentalised so there's a switch somewhere (either runtime of compile time) thats says - for this database do that to get the data I need in the datastructure (or put the data into the ddb).
Now as to why....
most RDBMS's have wonder extentions to SQL and difference ways of doing this. In order to optimise a certain query or insert/update you'll have to to mangle the SQL accordingly. Also some make heavy used of stored procedures for optimising techniques and others have no idea of a SP.
It's like porting to code from one language to another - SQL isn't generic enough IMHO to make you RDBMS perform at a consistent rate of knots.
Also many Big Iron RDBMS (Oracle, DB2) assume you access to a Database Administor who can monitor the database and keep things ticking over. Others, eg SQL-Server, don't assume this (which can or cannot be helpful) etc etc.
Nice to see one who is so respected to be humble enough to say 'I was wrong'.
Of course this is old news as his book "Secret & Lies" discusses all this in detail.
#include "I_used_to_work_for_RSA_security.h"
There's a whole gammet of copyright and patent stuff in the SecurID tokens and ACE/Servers.
This is where RSA-Security make their money and they are hardly about to open this stuff up. Yes I know the big money spinner are the tokens (you have to buy an ew one every 3 or 5 years as the battery dies after that period), but they are hardly going to open up their algorithm for inspection by 'the world at large'. IF their where a problem with the problem I don't thing they'd take take lightly to people exposing it (can we say DCMA).
Of course these things have been out there for many years and no-one has yet reverse engineering the algo and the algo has some very repected people look at it (they boought RSA a few years ago).
But there's very very little chance of you replicating this stuff with 'free' software.
yeah right.
/.) that mailmy my passwd etc when I forget...
let me see I've on 12 mailing lists that I know of right now (plus others that mail less han one a month).
Plus all those register sites(like
Not to mention all my 'internet' buddies that drop a line once a year or so, to check if I'm still alive...
no it's not easy to change addr's for people that actually rely on email quite heavily like I do..
Like virus's, put the solution where the problem is . For virus's it's the windows desktop so you need a solution there beside gateways etc. For spammers it's the 'sender'. There needs to be a body that has legal powers to track them down and prosecute - a UN agency for policing the internet perhaps?
Right now I'm trapping approx 50% of all incoming email at work with my anti-spam tools. Now thats just a small company with 200 email addresses, God only knows the length and resoources the IBM's of this world must be apply to the problem.
With all the suppliers desperately trying to justify the 3G licences they've bought.
Now the only thing that is pointed at as a money spinners is pron (Virgin have signed with Penthouse or somesuch already).
Perhaps if the openGL takes off 3D mapping, gaming etc will be another revenue stream.
Do a google search for PXE boot and add the O/S of your choice. Or even diskless boot.
There's loads of stuff out there for Windows (Intel Landesk), Linux FreeBSD etc.
So tell me IF they hadn't got flash ROM's in them how the heck would the software upgrade to enable GPRS work then?
:-)
Answers on post card
Yes the Visors don't have flash ROM's but the treos have. That;s one of the nice things about them.
Is also a great tool, not just risk management.
there are subtle differences between the two.
Birds, snow, rain fog etc...
Can fun to work around...
Well the guys over at Swatch already tried this with the Swatch time and now Internet time idea
hardly caught on has it???
Many swiches now incorporate VLAN technology which a good application for this kind of problem.
(Assuming you are in fully switched network with everything going straight into VLAN capable switches of course.
typical US gas gusler
IMHO CC fraud is still happening as its always done, manually. Ie you give you card to pay for something and a tellor then swipes the card on the till and also his small collector under the desk. They then sell on the details...
The problem is ALL the details for the CC are on the mag stripe. Until we can make sure that smart card readers are available everywhere (including computer keyboards for on-line stuff) you'll always be able to snarf to details and make a duplicate card.
Also check your statements carefully everytime you have one. Then you'll spot any misuse ASAP and be able to report it.
Just my 2 pence worth
No - but it's easier with IM to do this without thinking about it. Why do think Reuters and developed their own 'secure' IM system?
Because private comms is going outside your company and could possibly be open to sniffing by the IM host. _IE company confidential material if leaving the company network in clear text.
Of course should you wish to run the IM server 'in-house' you don't havbe these data privacy concerns.
1. Document what you've got. Make the doumentation standard.
2. Move the 'primes' around every couple of months so you all get exposure.
3. Common install base. make sure you can automagically install from scratch the O/S's and applications (ge jumpstart on SOlaris, HPUX and AIX have their variants). If at any stage you need to type anything you've failed.
4. Read, digest and implement "The Practice of System and Network Administration" by Limoncelli and Hogan ISBN: 0201702711. This is a great book for any admin and for me is the K&R of its subject.
Super fast??????
yeah right, have you seem the actual stuff thats gets executed in a totally inefficient manner? I know very few programmers you use speed tricks (apart from maybe RDBMS guys who usually have to rely on their database admin to sort the SQL out anyhow).
Gone are the days when programmers actually wrote stuff (esp in the Visual studios purported by M$). You don't program you drag and drop and let the GUI do the rest - hence total crap gets written. This also applies to the GUI web page generators. Give me vi/an editor anyday.
The reason why Unix is more stable is 'cos its modular to a greater degree then 'doze. Plus 30 years of design have gone into the thing.
That'll be expectations (set by us the developers then).
People expect software to do everything, but it's got all flashy with features etc. Remember back at Uni with the 80/20 rule...
If you compare with auto engineering there are versions out there of the product. The no-frills product with no Anti-lock brakes, electric windows (cheap, but functional) then the version with all the toys on it electric everything (more expenensive). It's very rare to find software like this - only Visio springs to mind.
Also 'traditional' engineering can make use of 'stock' parts (brake shoes, radiators etc) that are well known and easy to slightly customise. How much of today's software industry follows to code re-use model????
As the army boys (and gals) say...
Keep It Simple Stupid
Today's programs (and O/S's) are horrendously complex so this in it self is a problem. Sure there are other problems, but the more complex a system the more likely it is to fail.
Well if the do this AND drop the price of the things they'll cut back priracy. Why would I pay a few pounds down the market for a dodgy pirate copy when I can have the same thing from the original source with guaranteed quality for the same price??
Same applies to CD's. I'd buy more IF they were alot cheaper. The cost to maufacture is the same, but they'd make more profit by selling more....
Just a thought..
And you guys thought thatthe DCMA was bad!!
Pity us poor Brits - not only do we have to put up with Star Trek months after you guys see it, we also get duff laws through that have been bounced once and this time they are even more duff.
:-)
Have you tried moving this from Mac to PC to Linux - won't work without messing with the files with Perl or something.
I've done this with Netscape (4.7x and 6/7) and moved all the files etc easily from platform to platform with no problems...
D'oh getting confused with real and reported cruft.
:-)
(where's the recall message button
I'll go back to shooting myself in the foot...
According to Sophos (www.sophos.com) there are two vesions out.
the first one just attempts the 'default' null passwd and 'sa' username (the administrator).
The second tries a brute force attack on the passwd.
So no change from trying to telnet into a *nix box as root then....