Imagine: a government doing something to help poor people get access to the internet.
The way to help the poor is not to raise taxes from the producers of wealth, and slow the entire economy. If a government wants to help its people, the best thing it can do is nothing at all.
Nuclear weapons: Require refined radioactive elements. Hard to acquire and dangerous to handle.
Or acquire one from a newly independent nation which has inherited them from the former Soviet Empire. It's documented that Moscow has actually lost track of a number of nuclear warheads. They could be sitting in a guarded depot somewhere that failed to submit a proper inventory, which the the best case, but really they could be anywhere.
The actual device has to be reasonably precisely machined, and is most likely suspicious looking on an X-Ray machine, making it harder to get in the country.
Or if you're attacking Europe, just load it onto a fishing boat or cruise barge and sail up the Thames or the Seine, or into Europort. If you're attacking the US, remember that the border guards can't even keep half-witted drug barons out, what chance realistically is there of stopping a determined and trained infiltrator driving up to Dallas?
The West is going to have to start taking its security a lot more seriously. Western armies like set-piece battles fought between uniformed armies in designated theatres with international law on POWs upheld - witness the Gulf War and the Falklands War. Historically, we do very, very badly against terrorists and guerillas for example Northern Ireland and Vietnam.
Re:If they do it at all, it has to be soon
on
OS X on x86?
·
· Score: 2
SPARC was always going to be the preferred platform, and Intel was always very much a second rate citizen in the Solaris world.
As far as I know, Solaris x86 was always targeted towards academic users and home users, rather than the enterprise. It's performance on x86 was never as good, relative to other Unix implementations, presumably because of the need to conform to the specs of Solaris for SPARC, but it is a very high quality product. It served its purpose in making Solaris knowledge/affinity more widespread. If it had been free (beer) from the start and had a bigger HCL, it would probably be most of the places that Linux is today. I don't think Sun ever entertained the idea of migrating their products from SPARC to Intel - like Apple, Sun make their money by selling hardware, with Solaris, Java, SPARCworks et al as loss leaders to drive sales.
I can with good confidence state that there will never be any real Open Source systems relating to the revenue stream of any major banking institution
Agreed. Let me give you an example. There are web servers that run within kernel space, and are hence very fast. They're open source and available to whoever wants them.
Now let's say an investment bank codes their bond pricing engine into kernel space (the faster you can price bonds, the better). Are they going to be happy that their rivals on the opposite side of The Street can download this technology from RedHat.com? Of course not.
Face it, bankers are old fashioned and play things in a very old school manor.
Lots of banks like perl, of course, but not because it's open source, but because it allows them to write very bad code, very quickly that nevertheless gets the job done. But that's how it works in the Front Office, where short development cycles are everything. On the back office, you'll be seeing the big iron, and I can't see that changing.
P.S. The whole BIND thing won't have made The Street any more trusting of Open Source. Many eyes only make bugs shallow if they're all a) qualified and b) looking, and the Open Source community as a whole has a long way to go on both of those.
When the Dreamcast market collapses and you can pick them up for 20 UKP at CEX, and the good folk over at NetBSD get their port ready for primetime, this will be a great source of cheap, powerful hardware. I won't say the B word, but you know that you can build a parallel supercomputer in your shed...
I've long wanted a computer in which the processor / motherboard / memory were as easily removed and replaced as a hard drive, this sounds quite close to that ideal.
Once the language can do everything in a sense that it was meant to do (everything but operating systems, pretty much) do you discontinue development?
Well, how fast is C evolving? Not at all since the ANSI specification superseded K&R as far as I can tell. So the answer is yes, but that doesn't mean that the language will lose any popularity.
Other languages, such as SQL, evolve very slowly, some languages such as Pascal find niches, and some, such as Java have yet to be tested by time. Others, such as COBOL and FORTRAN have relatively little new development done, but a great deal of existing code that is maintained.
I'd say that Perl falls somewhere in between all of these:0)
I really don't think that for example Intel hardware is designed for mission-critical situations.
Well, your common or garden variety PC desktop or "server" (in most cases, a desktop PC with more drive bays, if you buy it from someone like Gateway) certainly isn't. But that's a function of the whole system, not the CPU, as Sequent show.
And now somebody want to spend a bunch of money porting it to an - to my knowledge - ancient machine, why?
Don't you get it? Let me give you an example. TWM is a perfectly good window manager. Why would anyone use anything else, and why waste developers time working on anything else? Perl is a perfectly good programming language, why are people wasting their time with Python? FreeBSD is a perfectly good OS, why waste time on Linux?
Because it's fun. There's no better reason to do something, and of all people, I would expect the Slashbots to understand this.
Unless of course MS got some inside information about what they DO do, and know that it is serious competition
More likely, they just want to get some publicity for the fact that they do have competitors. Dubya will be in the white house soon, and he has the power to be a good friend to large corporations.
The question I have is who is going to use a machine with an IDE drive an only 128 megs of RAM in a production environment? Normal users probably won't use it since it's only rack-mountable, and it's pretty low end to be a business server.
Many n-tier system architectures use machines that are almost pure CPUs connected to networks. The machine would receive a request from a client application on the tier "above", make it's own requests for data from servers on the tier "below", perform some processing and then send a reply upwards and logging information down. You only really need a disk in these things for convenience sake, if they've been properly configured they won't even need to hit the pagefile during normal operation. You'd have real servers for your data storage, and you would be able to hot swap and/or add entire nodes to the system whenever you felt like it, because as long as they complete whatever they're working on before you disconnect them, they have no state on them at all. Very scalable, very easy to maintain, and quite cheap.
And face it a room full of servers use a lot of power.
That's true, but not for the reason you are thinking. The reason the Internet uses so much power is because air conditioning large data centers is very expensive. I know one major hosting provider who is actively considering buying a utility company because it will be cheaper than buying power on the open market. They pay more for power than they do for real estate, and they're in Manhattan!
I advised them to relocate to Alaska (seriously!) and staff their sysadmins on the same model that oil companies use for their Engineers. But that's not feasible because the average server isn't nearly so reliable that the customer is willing to give up easy hands-on access. But we'll have to re-evaluate in 2-5 years.
But it takes even more effort to exclude them than it would to simply let them in and see the crap that you couldn't be bothered to clean up.
It's actually much worse to let them see a broken site. If a user with both browsers comes in and sees it not accept Netscape, they'll just switch and try again.
Get some decent tools, then. You know, one that produce valid HTML 4.01 Strict, and valid CSS2 to go along with it.
Reminds me of a project I worked on recently. We spent literally weeks debugging and testing to make sure everything that worked perfectly in MSIE would also work in Netscape. When the site went live, we checked the access logs... and there were more AvantGo users that Netscape users!
In the real (i.e. commercial) world, in most cases it is not worth supporting Netscape or MacOS. MSIE 4+ on Win32 is the de facto standard, and that's all that you can justify developing for in terms of revenue generation.
Of course, we need to develop applications that work on browsers on PCs, WAP phones, STBs and suchlike, but no-one can afford to support every possible platform and configuration.
I once heard ESR say in regards of controlling your business "if you own a piece of software that is crucial to running your business, and you don't control that software, you don't control your business."
Which is why serious software users get escrow licenses from their vendors, and have done so for decades.
Of course Apple's preference will differ. See, you don't spend any ca$h money on software, and are probably going to keep running on x86 anyway. Any software you write you are going to insist on open sourcing, and you're going to write it for other programmers, not artists and secretaries. And when I say artists, I don't mean web page geeks running GIMP, I mean people who spent 6 years at Fine Art school and think that computers are either at best a necessary evil, or of no more importance than an easel and a paintbrush, like many of the Mac users I know.
From a commercial perspective, you don't exist to them.
If our guesses here are right about their higher intelligence
I don't think that it's valid to assume anything at this point about intelligence of aliens, particularly since if they evolved in an environment very different than our own, their thought processes are also likely to be very different, and may not correspond to our ideas about what intelligence is. Even amongst different cultures on Earth, it's difficult to administer an objective IQ test.
It would be safe to assume that any aliens that are able to initiate contact with us are more technologically advanced, but that's all. For example, it's entirely possible that even if they possess that technology, they took much longer to develop it that we would have.
Requests from recently seen IP addresses should go behind requests from new ones.
In what way is that fair? In fact, it would be fairer to give regular/frequent/recent users higher priority because they're the ones doing whatever it is you want them to do (like, viewing banner ads, if you're/., and completing transactions if you're a brokerage).
Load-sharing boxes for server farms ought to have this feature. And it should go into Apache.
There are better solutions already in the marketplace for allocating resources for network services.
I'm having a hard time understanding how you could have a firm grasp on C++ & OO theory yet not know Java.
It depends what you mean by know. I'm a business/system analyst, and I can architect you an application that you can implement in C++ or Java (for example), and I know enough about the characteristic strengths and weaknesses of each language that, if you express a preference, my design will be better suited for that language. So, from that perspective, I know them both.
But a real Java programmer will know the API well enough to spend most of their time writing code, and not much time paging through reference books, they will know the pitfalls of their preferred JVM, they will know all the tips and tricks that you can only get through experience. A real C++ programmer will be happy with the STL, with a major class library such as Rogue Wave, and so forth.
Learning OO and learning a language are different things, and neither is trivial even if you have lots of relevant experience. There's a lot more to learning a language that memorizing the syntax and main keywords.
It takes at least 6 months solid coding in any language to advance to the stage where you could reasonably say to a professional "I know this language" and not risk being laughed at.
Because the Matrix isn't about plot or characterisation, its always been about making its audience slack-jawed with amazement at the quality of the effects, and has been very enjoyable for doing so.
I disagree. At the risk of offending assorted slashbots, if you make a film with lots of special effects without worrying about plot or characters, you get rubbish like The Phantom Menace. I went to the Premiere and left feeling I'd just sat through a 2 hours SGI showreel.
The Matrix, OTOH, was an intelligent film (I remember/. posts on how philosophy professors were impressed enough with it to mention it on their courses). It bears repeated watchings, and leaves the audience thinking.
The abscence of the actors is no big deal
Again, I disagree. Keanu isn't a great actor, but he was perfectly suited to the role of Neo. And the film wouldn't have been nearly as good without Morpheus' charisma, etc.
On the contrary, there is a huge difference. The default passwords are documented, and easily changed. This backdoor was undocumented and would require a recompile to change.
Of course, any computer is only as secure as its administrator.
Vulnerability Note VU#247371
Borland/Inprise Interbase SQL database server contains backdoor superuser account with known password
Overview
I. Description
Interbase is an open source database package that is distributed by Borland/Inprise. The server contains a compiled-in backdoor account with a known password.
In the following interbase code, references are made about a LOCKSMITH user:
It turns out the LOCKSMITH is an entity needed to allow "authorized" interaction with the security accounts database between services. This LOCKSMITH is the user account in question compiled into the code with full-access to the security accounts database by default. The compiled-in code can be found in the jrd/pwd.h header which defines the macros in question:
While it appears the password is transmitted over the wire encrypted, since the password is hard-coded, the security afforded is negligible.
Once the LOCKSMITH account is compromised, the SYSDBA account priviledges can be used to gain control of all database objects (tables, records, fields, stroed procedures, etc). Once database access is gained, user defined functions (UDFs) can be used to implant trojan horses and programs which can be used to gain root (system) privileges on the system hosting the server.
This vulnerability was not introduced by unauthorized modifications to the original vendor's source. It was introduced by maintainers of the code within Borland. The back door account password can not be changed using normal operational commands, nor can the account be deleted from existing vulnerable servers. The best solution at this time is to upgrade vulnerable binaries and source code with fixes that are being distributed by Borland and the Firebird Project (IBPhoenix).
II. Impact
This backdoor allows any local user or remote user able to access port 3050/tcp [gds_db] to manipulate any database object on the system. This includes the ability to install trapdoors or other trojan horse software in the form of stored procedures. In addition, if the database software is running with root (*NIX) or System (NT) privileges, then any file on the server's file system can be overwritten, possibly leading to execution of arbitrary commands as root or System.
III. Solution
Install the patch being distributed to change the backdoor server account password.
Block access to port 3050/tcp; this will not, however, prevent local users or users within a firewall's adminstrative boundary from accessing the backdoor account.
Systems Affected
Vendor Status Date Updated
Borland Vulnerable 10-Jan-2001
IBPhoenix Vulnerable 10-Jan-2001
Apple Not Vulnerable 10-Jan-2001
Fujitsu Not Vulnerable 10-Jan-2001
Other Information
Date Public 01/09/2001
Date First Published 01/10/2001 10:29:13 AM
Date Last Updated 01/10/2001
CERT Advisory CA-2001-01
CVE Name CAN-2001-0008
Metric 10.94
Document Revision 45
The answer is (and this is a bit of a rant) that almost all Unix implementations handle resources terribly.
Unix allocates CPU time clumsily, nice and pbind are about as much control as a sysadmin has over a running process, other than stopping it altogether and restarting it. Contrast this with OS/390 or VMS where the sysadmin can control exactly how much CPU a process gets, the size of its working set, migrate processes around between nodes in a cluster. IBM have a tool called the "Work Load Manager". It is able to configure your system based on what you want to do, not how you want to do it. For example, you say that this batch job must complete by this time in the morning, this class of transaction must complete within this time, and this group of users get mo more than 10% of CPU in the morning, and 30% in the afternoons, and WLM will configure your cluster, if it is physically possible, to do it. You can run a mainframe class OS at 90% of the machines capability consistently, a Unix system rarely exceeds 30% of its capacity when averaged over a period of time, it simply spends too much time either waiting for things or trying to manage its own workload. And what's worse, the CPU gets involved in every I/O in a Unix system, because of the way buffers work. Every disk block gets transferred by a CPU through an operating system buffer. When you edit on a UNIX box, every single character goes to the CPU and gets echoed back. And on the network, even character gets a packet sent back and forth. VMS deals with "record" - whole lines of text, even at the network protocol level.
And don't even get me started on the lost+found directory. You don't get that on an industrial grade file system, because it's journalled to ensure consistency.
Slashdot Mirror
The way to help the poor is not to raise taxes from the producers of wealth, and slow the entire economy. If a government wants to help its people, the best thing it can do is nothing at all.
Or acquire one from a newly independent nation which has inherited them from the former Soviet Empire. It's documented that Moscow has actually lost track of a number of nuclear warheads. They could be sitting in a guarded depot somewhere that failed to submit a proper inventory, which the the best case, but really they could be anywhere.
The actual device has to be reasonably precisely machined, and is most likely suspicious looking on an X-Ray machine, making it harder to get in the country.
Or if you're attacking Europe, just load it onto a fishing boat or cruise barge and sail up the Thames or the Seine, or into Europort. If you're attacking the US, remember that the border guards can't even keep half-witted drug barons out, what chance realistically is there of stopping a determined and trained infiltrator driving up to Dallas?
The West is going to have to start taking its security a lot more seriously. Western armies like set-piece battles fought between uniformed armies in designated theatres with international law on POWs upheld - witness the Gulf War and the Falklands War. Historically, we do very, very badly against terrorists and guerillas for example Northern Ireland and Vietnam.
As far as I know, Solaris x86 was always targeted towards academic users and home users, rather than the enterprise. It's performance on x86 was never as good, relative to other Unix implementations, presumably because of the need to conform to the specs of Solaris for SPARC, but it is a very high quality product. It served its purpose in making Solaris knowledge/affinity more widespread. If it had been free (beer) from the start and had a bigger HCL, it would probably be most of the places that Linux is today. I don't think Sun ever entertained the idea of migrating their products from SPARC to Intel - like Apple, Sun make their money by selling hardware, with Solaris, Java, SPARCworks et al as loss leaders to drive sales.
Agreed. Let me give you an example. There are web servers that run within kernel space, and are hence very fast. They're open source and available to whoever wants them.
Now let's say an investment bank codes their bond pricing engine into kernel space (the faster you can price bonds, the better). Are they going to be happy that their rivals on the opposite side of The Street can download this technology from RedHat.com? Of course not.
Face it, bankers are old fashioned and play things in a very old school manor.
Lots of banks like perl, of course, but not because it's open source, but because it allows them to write very bad code, very quickly that nevertheless gets the job done. But that's how it works in the Front Office, where short development cycles are everything. On the back office, you'll be seeing the big iron, and I can't see that changing.
P.S. The whole BIND thing won't have made The Street any more trusting of Open Source. Many eyes only make bugs shallow if they're all a) qualified and b) looking, and the Open Source community as a whole has a long way to go on both of those.
Like Prozac and Viagra?
Drug companies are no more "immune" to the economic cycle than anyone else.
When the Dreamcast market collapses and you can pick them up for 20 UKP at CEX, and the good folk over at NetBSD get their port ready for primetime, this will be a great source of cheap, powerful hardware. I won't say the B word, but you know that you can build a parallel supercomputer in your shed...
Like a SPARCplug ?
Well, how fast is C evolving? Not at all since the ANSI specification superseded K&R as far as I can tell. So the answer is yes, but that doesn't mean that the language will lose any popularity.
Other languages, such as SQL, evolve very slowly, some languages such as Pascal find niches, and some, such as Java have yet to be tested by time. Others, such as COBOL and FORTRAN have relatively little new development done, but a great deal of existing code that is maintained.
I'd say that Perl falls somewhere in between all of these :0)
The entire Java industry is based on this assumption. Check back in 5 years or so to see whether it's correct or not.
Well, your common or garden variety PC desktop or "server" (in most cases, a desktop PC with more drive bays, if you buy it from someone like Gateway) certainly isn't. But that's a function of the whole system, not the CPU, as Sequent show.
Don't you get it? Let me give you an example. TWM is a perfectly good window manager. Why would anyone use anything else, and why waste developers time working on anything else? Perl is a perfectly good programming language, why are people wasting their time with Python? FreeBSD is a perfectly good OS, why waste time on Linux?
Because it's fun. There's no better reason to do something, and of all people, I would expect the Slashbots to understand this.
More likely, they just want to get some publicity for the fact that they do have competitors. Dubya will be in the white house soon, and he has the power to be a good friend to large corporations.
Many n-tier system architectures use machines that are almost pure CPUs connected to networks. The machine would receive a request from a client application on the tier "above", make it's own requests for data from servers on the tier "below", perform some processing and then send a reply upwards and logging information down. You only really need a disk in these things for convenience sake, if they've been properly configured they won't even need to hit the pagefile during normal operation. You'd have real servers for your data storage, and you would be able to hot swap and/or add entire nodes to the system whenever you felt like it, because as long as they complete whatever they're working on before you disconnect them, they have no state on them at all. Very scalable, very easy to maintain, and quite cheap.
That's true, but not for the reason you are thinking. The reason the Internet uses so much power is because air conditioning large data centers is very expensive. I know one major hosting provider who is actively considering buying a utility company because it will be cheaper than buying power on the open market. They pay more for power than they do for real estate, and they're in Manhattan!
I advised them to relocate to Alaska (seriously!) and staff their sysadmins on the same model that oil companies use for their Engineers. But that's not feasible because the average server isn't nearly so reliable that the customer is willing to give up easy hands-on access. But we'll have to re-evaluate in 2-5 years.
It's actually much worse to let them see a broken site. If a user with both browsers comes in and sees it not accept Netscape, they'll just switch and try again.
Get some decent tools, then. You know, one that produce valid HTML 4.01 Strict, and valid CSS2 to go along with it.
There's a lot more to it than that.
Reminds me of a project I worked on recently. We spent literally weeks debugging and testing to make sure everything that worked perfectly in MSIE would also work in Netscape. When the site went live, we checked the access logs... and there were more AvantGo users that Netscape users!
In the real (i.e. commercial) world, in most cases it is not worth supporting Netscape or MacOS. MSIE 4+ on Win32 is the de facto standard, and that's all that you can justify developing for in terms of revenue generation.
Of course, we need to develop applications that work on browsers on PCs, WAP phones, STBs and suchlike, but no-one can afford to support every possible platform and configuration.
Which is why serious software users get escrow licenses from their vendors, and have done so for decades.
Of course Apple's preference will differ. See, you don't spend any ca$h money on software, and are probably going to keep running on x86 anyway. Any software you write you are going to insist on open sourcing, and you're going to write it for other programmers, not artists and secretaries. And when I say artists, I don't mean web page geeks running GIMP, I mean people who spent 6 years at Fine Art school and think that computers are either at best a necessary evil, or of no more importance than an easel and a paintbrush, like many of the Mac users I know.
From a commercial perspective, you don't exist to them.
I don't think that it's valid to assume anything at this point about intelligence of aliens, particularly since if they evolved in an environment very different than our own, their thought processes are also likely to be very different, and may not correspond to our ideas about what intelligence is. Even amongst different cultures on Earth, it's difficult to administer an objective IQ test.
It would be safe to assume that any aliens that are able to initiate contact with us are more technologically advanced, but that's all. For example, it's entirely possible that even if they possess that technology, they took much longer to develop it that we would have.
In what way is that fair? In fact, it would be fairer to give regular/frequent/recent users higher priority because they're the ones doing whatever it is you want them to do (like, viewing banner ads, if you're /., and completing transactions if you're a brokerage).
Load-sharing boxes for server farms ought to have this feature. And it should go into Apache.
There are better solutions already in the marketplace for allocating resources for network services.
It depends what you mean by know. I'm a business/system analyst, and I can architect you an application that you can implement in C++ or Java (for example), and I know enough about the characteristic strengths and weaknesses of each language that, if you express a preference, my design will be better suited for that language. So, from that perspective, I know them both.
But a real Java programmer will know the API well enough to spend most of their time writing code, and not much time paging through reference books, they will know the pitfalls of their preferred JVM, they will know all the tips and tricks that you can only get through experience. A real C++ programmer will be happy with the STL, with a major class library such as Rogue Wave, and so forth.
Learning OO and learning a language are different things, and neither is trivial even if you have lots of relevant experience. There's a lot more to learning a language that memorizing the syntax and main keywords. It takes at least 6 months solid coding in any language to advance to the stage where you could reasonably say to a professional "I know this language" and not risk being laughed at.
I disagree. At the risk of offending assorted slashbots, if you make a film with lots of special effects without worrying about plot or characters, you get rubbish like The Phantom Menace. I went to the Premiere and left feeling I'd just sat through a 2 hours SGI showreel.
The Matrix, OTOH, was an intelligent film (I remember /. posts on how philosophy professors were impressed enough with it to mention it on their courses). It bears repeated watchings, and leaves the audience thinking.
The abscence of the actors is no big deal
Again, I disagree. Keanu isn't a great actor, but he was perfectly suited to the role of Neo. And the film wouldn't have been nearly as good without Morpheus' charisma, etc.
Of course, any computer is only as secure as its administrator.
Overview
I. Description
Interbase is an open source database package that is distributed by Borland/Inprise. The server contains a compiled-in backdoor account with a known password.
In the following interbase code, references are made about a LOCKSMITH user:
It turns out the LOCKSMITH is an entity needed to allow "authorized" interaction with the security accounts database between services. This LOCKSMITH is the user account in question compiled into the code with full-access to the security accounts database by default. The compiled-in code can be found in the jrd/pwd.h header which defines the macros in question:
#define LOCKSMITH_USER "politically"
#define LOCKSMITH_PASSWORD "correct"
While it appears the password is transmitted over the wire encrypted, since the password is hard-coded, the security afforded is negligible.
Once the LOCKSMITH account is compromised, the SYSDBA account priviledges can be used to gain control of all database objects (tables, records, fields, stroed procedures, etc). Once database access is gained, user defined functions (UDFs) can be used to implant trojan horses and programs which can be used to gain root (system) privileges on the system hosting the server.
This vulnerability was not introduced by unauthorized modifications to the original vendor's source. It was introduced by maintainers of the code within Borland. The back door account password can not be changed using normal operational commands, nor can the account be deleted from existing vulnerable servers. The best solution at this time is to upgrade vulnerable binaries and source code with fixes that are being distributed by Borland and the Firebird Project (IBPhoenix).
II. Impact
This backdoor allows any local user or remote user able to access port 3050/tcp [gds_db] to manipulate any database object on the system. This includes the ability to install trapdoors or other trojan horse software in the form of stored procedures. In addition, if the database software is running with root (*NIX) or System (NT) privileges, then any file on the server's file system can be overwritten, possibly leading to execution of arbitrary commands as root or System.
III. Solution
Install the patch being distributed to change the backdoor server account password.
Block access to port 3050/tcp; this will not, however, prevent local users or users within a firewall's adminstrative boundary from accessing the backdoor account.
Systems Affected
Vendor Status Date Updated
Borland Vulnerable 10-Jan-2001
IBPhoenix Vulnerable 10-Jan-2001
Apple Not Vulnerable 10-Jan-2001
Fujitsu Not Vulnerable 10-Jan-2001
References
https://www.kb.cert.org/vuls/id/247371
http://www.borland.com/interbase/
http://community.borland.com/interbase/
http://sourceforge.net/projects/interbase
http://sourceforge.net/projects/firebird
http://sourceforge.net/projects/firebirdashes
http://firebird.sourceforge.net
http://www.ibphoenix.com
http://www.ibphoenix.com/sec1.html
http://firebird.ibphoenix.com
http://www.interbase2000.com
http://sourceforge.net/cvs/?group_id=1962
[Borland Interbase]
http://sourceforge.net/cvs/?group_id=9052
[FirebirdAshes]
Credit
This document was written by Jeffrey S Havrilla.
Other Information
Date Public 01/09/2001
Date First Published 01/10/2001 10:29:13 AM
Date Last Updated 01/10/2001
CERT Advisory CA-2001-01
CVE Name CAN-2001-0008
Metric 10.94
Document Revision 45
Unix allocates CPU time clumsily, nice and pbind are about as much control as a sysadmin has over a running process, other than stopping it altogether and restarting it. Contrast this with OS/390 or VMS where the sysadmin can control exactly how much CPU a process gets, the size of its working set, migrate processes around between nodes in a cluster. IBM have a tool called the "Work Load Manager". It is able to configure your system based on what you want to do, not how you want to do it. For example, you say that this batch job must complete by this time in the morning, this class of transaction must complete within this time, and this group of users get mo more than 10% of CPU in the morning, and 30% in the afternoons, and WLM will configure your cluster, if it is physically possible, to do it. You can run a mainframe class OS at 90% of the machines capability consistently, a Unix system rarely exceeds 30% of its capacity when averaged over a period of time, it simply spends too much time either waiting for things or trying to manage its own workload. And what's worse, the CPU gets involved in every I/O in a Unix system, because of the way buffers work. Every disk block gets transferred by a CPU through an operating system buffer. When you edit on a UNIX box, every single character goes to the CPU and gets echoed back. And on the network, even character gets a packet sent back and forth. VMS deals with "record" - whole lines of text, even at the network protocol level.
And don't even get me started on the lost+found directory. You don't get that on an industrial grade file system, because it's journalled to ensure consistency.
Thankyou for listening.