Do you have any idea what GFS is? Or are you just basing your comment on its name. It is most certainly not intended to be an internet file system. It is intended to be a very high performance filesystem for clusters and linux supercomputers. It doesn't even work with IDE harddisk drives. If your are dumb enough to not firewall or completely isolate a super computer or cluster then you get what you deserve. Much like NFS, SMB/CIFS, NWFS, and Appletalk filesharing, it is not designed to be used across the internet. It is much better suited for gigabit ethernet, fibrechannel, or Miranet LANs. Runing it across even a T3 would mostly be a waste of the GFS (and your expensive Fibrechanel and SCSCI RAID systems).
NOTE/DISCLAIMER:
I used to work for Dr. O'Keefe (the CTO and founder of Sistina) when I was a student at the University of MN. I did not work on the GFS project, and had little contact with it, as it had mostly become Sistina at that point and had it's own offices outside of the Univesity.
I worked on the Secure Filesystem Project which was financed soley by StorageTek.
My opinions do not reflect those of Sistina, the UofMN, or StorageTek.
No, so long as Sistina has the copyright for all the code in the new version (I don't know, I haven't looked) they can release it under as many different licesnces as they want. They would however need to remove code copyright by other parties including the University of Minnesota. Or they could acquire licensces from the other parties.
NOTE/DISCLAIMER:
I used to work for Dr. O'Keefe (the CTO and founder of Sistina) when I was a student at the University of MN. I did not work on the GFS project, and had little contact with it, as it had mostly become Sistina at that point and had it's own offices outside of the Univesity.
I worked on the Secure Filesystem Project which was financed soley by StorageTek.
My opinions do not reflect those of Sistina, the UofMN, or StorageTek.
Re:Why Symantec says that Code Red is medium.
on
Code Redux
·
· Score: 2
Please...
Give me a break.
Go search google yourselft!
The Morris worm hit less then 6000 computers
for a period of time, Code Red was infecting that many computes every three minutes.
As of July 19th, 359,000 computers were infected
http://www.cs.berkeley.edu/~srhea/morris-interne t- worm.html
http://www.caida.org/analysis/security/code-red/ Microsoft is worse than unix for the following reasons.
1) it is a monoculture, one web server runing on one operating system, runing on one CPU type. Compare to *nix which has about three popular webservers runing on about 20 OS's runing on about 10 CPU types. For the OS's and webservers, there are hundreds of different builds. This makes building a worm with good penetration very difficult.
2.) Most windows admins no almost nothing about there systems. Nuf said.
This is getting boring and long winded. I have better things to do than explain why windows has such poor security.
Why Symantec says that Code Red is medium.
on
Code Redux
·
· Score: 2, Troll
It is very emberassing for Microsoft to be responsable for the biggest true worm (as opposed to email worms which can be blocked at a small number of points) in internet history.
It is well known that Microsoft could easily crush Symantec. Almost all of Symantec's products fill holes in the Windows Family Line that do not exist in other operating systems. According to reports that I have read, the Windows XP betas have, firewall software, remote access software, older operating systems have also hurt the viablity of Symantec products.
It is clearly in Symantec's best interest to ensure that Microsoft does not add to many of these new features, and when it does to water them down or license Symantec technology. It would be very easy for microsoft to include a powerfull firewall system based on one of the BSD firewall systems. But instead they have included a weak fire wall that most security consciuos users would find lacking. Microsoft Scan Disk and Defrag are also both examples of code that have been watered down. The code for defrag is even licensed from symantec.
In the past, companies that have made Microsoft look bad have been crushed. Symantec does not want to suffer the same fate
Not Likely...
If memory serves, it is believed that only women are capable of having tetracromatic vision. Which (if memory serves) is normally seen as an extra shade of red. Tetracromatic people can often tell that items, which seem to match to ordinary people, don't. ie they can tell the difference between a true black ink and a cheap black ink made of cyan magenta and yellow inks.
Sadly Tetracromatic women generally will have color blind male children.
I don't know, It seems to me that Symantec is not very good company either. While they aren't as big about FUD as say trendmicro, they sell their biggest products (Norton AV) primaily though FUD. Lets face it, virus scanners are not a very good fix to the virus problem, and virus are easy to avoid.
Additionly most of Symantec's products exist only to fix defficiencies in Windows and MacOS, namely that they don't have any kind of real file protection and they don't have adaquate filesystem management utilities.
ie
Norton AV (ugly patch for lack of file protection)
Norton Utilities (ugly patch for the fact that windows has ugly file and data sturcuites, ie FAT32 and the registry)
Norton Internet Security (ugly patch for the fact that windows has no access control)
Norton Ghost (expensive dd clone)
Basicly their is nothing that Symantec sells that doesn't come with, or isn't needed by Linux or *BSD)
Thats the 20,000franc fine in US Dollars. I don't know about france but in the US disputes of that magnitude are usually settled in small claims court without a lawyer because legal fees almost would certainly exceed the amount of the claim.
If Yahoo cared enough about the matter to go to court over (instead of settling) I can't see how the threat of any judgement less than say $10M is going to change their actions.
In my understanding, Germany, is if anything, harder on Nazi propoganda than France.
The first link is to an article about about the Germans trying to get US isps to refuse to host any nazi material. France kind of seems reasonable in comparision.
How do you think people copy GD-ROMs? As far as I know, Sony doesn't make a special GD-ROM drive for PCs, nor would it likely be simple to attach a DC to a PC.
The simple fact is that a standard PC CDROM drive is normally able to read CD with a capacity upto about 1.3 GB (Double Density CD) Just because few companies make CDs with capacities that high doesn't mean that they are impossible to make or read.
The main reason that Sega chose a 1GB size for their media was so that the titles could not be simply copied to CDRs like happened to the Playstation. They also selected GD-ROM because industry standard CDROM hardware could be used with slighty better tolerances.
I seriously doubt that any MultiRead DAE CDROM (one capable of reading CDRW and Digital Audio Extraction) would have any problem with a GDROM.
Some how I just don't see people buying SRAM (QDR is SRAM) of any kind for main system ram anytime soon. To make something like that pay off, Rambus would need to charge royalties of about $2 a megabyte. SRAM needs 4 transistors per memory cell, while DRAM (including SDRAM RDRAM etc) needs only 1 transistor and a capacitor. Thus DRAM is about 4 times as dense and 1/4 the price of SRAM.
In modern applications, SRAM is only used for very high speed applications (L1,2,3 caches for CPUs, Supercomputers, high speed networking hardware) and for very small (8kbyte) amounts of memory where the cost of the extra transistors in the circuit is offset by not needing circuitry for refreshing the memory (smart cards, microcontrollers) and low power devices (graphing calculators) (SRAM which is not being accessed disipates almost no power, while DRAM needs to be rewritten constally)
In general DRAM is the memory of choice for PCs. In addition to main memory, it is used on video cards (SGRAM, VRAM, WRAM, DDRSDRAM etc are all DRAM), hard disk drive, hdd controllers, cdrom drives etc. SRam is typically found only in the L1 and L2 caches.
It has been observed in many posts in this discussion that one can use various analog encoding techniques (like those used by a modem) to increase bit rate at the expense of tolerable Signal to Noise ratio.
This has the effect of requiring an increase in transmitter power proporational to the increase in the minimum tolerable S/N ratio, for reception at the same distance. This means that a radio using complex encoding (like a modem would) will create interference at distances much greater than a simple on/off binary coding would. Because of this, I would think that it would be preferable to use multiple chanels instead of fancier modulation to gain increased capacity
It seem like there is a redudant story post every day or two these days.
Might I sugest that some kind of story warning system be implemented wherein the story would be showen to say 100 randomly selected readers, who loaded the main slashdot page at the right time, before it is actually posted. I would suggest a system where the main page is randomly replaced with just the prospective new story. Comment posting would be disabled. There would also be several options for moderating the story. I would suggest:
Redudant
Ancient
OT (Not relevent to slashdot)
Great story
It would also have a box for explantion (forinstance to link to the older story)
The results of the moderation would be fed to a real time display shown to the poster of the story. This would allow them to cancel or delay unneeded redudant/otherwise bad postings.
Does no one read the errata for books before quoting them as truth. See:
http://www.counterpane.com/ac2errv30.html
* Page 157: The section on "Thermodynamic Limitations" is not quite correct. It requires kT energy to set or clear a single bit because these are irreversible operations. However,
complementing a bit is reversible and hence has no minimum required energy. It turns out that it is theoretically possible to do any computation in a reversible manner except for copying
out the answer. At this theoretical level, energy requirements for exhaustive cryptanalysis are therefore linear in the key length, not exponential.
My school (the University of Minnesota) banned napster last year when everyone was banning it. Now they have (without any anouncement) allowed napster again. The really barzar part is that they anounced a new policy banning all peer to peer file transfer while reenabling napster.
Re:IMHO: Most interesting Slashdot typo site
on
Typosquatting
·
· Score: 1
Yes certainly trust is a good thing but would you trust 1100 people even if you worked with them with.
1) sensitive data
2) write permission on system executables/conf files.
3) read or write access to/etc/shadow
Even the best hiring practices and background checks are likely to miss maybe %1 of the bad apples. So I would be willing to bet that there are at least 2 or 3 people in the organiztion that would be willing to use the info naughtily or use bad permisions to gain root.
It doesn't seem like a terribly bad idea from SEGA's point of view.
Option 1: Fight the pirates (who they may not be able to identify) with expensive lawyers and no hope of winning any signifant monitary reward (the pirates are most likely broke anyhow).
Result: Pirates continue because they are even more broke and have even less incentive to stop, SEGA is out >$50k for legal costs.
Option 2: Give the broke pirates a financial incentive to not pirate your games. Additionally, if the pirates accept stock options, they are no longer anonymous, if they continue to pirate SEGA's games they will almost certainly be punished.
Result: Sega is out maybe $10k for stock options, can hit pirates next time if they don't behave, and are guanteed to win atleast what they gave the pirates should it be nesscary to sue.
On the whole, this system (except for naughty ideas it may give some pirates) probably has a band for the buck of atleast 10 times what legal action would cost.
Of course it is, so is the current CueCat. That isn't really relevent though. My point was that the hardware could have been done (from DC's POV) right.
No, thats what public key cryptography (RSA, ElGamel, ECC etc) is all about, the CueCat hardware has the Public Key, the great database in the sky has the Private Key.
Thus only the great database in the sky can find out what the barcode actually is.
There is no need for the front end software to actually know what the real barcode is.
A few enterprising individualls might change their own Public key to decrypt to their own private key, but such a hack is significantly more difficult than simply decoding the output like in the present case.
There is no particular reason for their software to know the real barcode anyways. All that really needs to know is the backend systems. Such a system would not prevent someone elses front end software from being used, but it would effectivly prevent the scanner from being used with any other database. (which really seems to be the intent of these letters anyhow)
Also, I really don't see any point at all in signing the data, I don't think that DC would care if you used a $300 barcode scanner instead their free model, so long as you used their database.
Note that you could use ElGamel or ECC instead of RSA, its just that ElGamel is painfull in small hardware and ECC is patented up the wazoo.
Slashdot Mirror
Grokster and possible trojan
Clicktilluwin DLDER Trojan"
Do you have any idea what GFS is? Or are you just basing your comment on its name. It is most certainly not intended to be an internet file system. It is intended to be a very high performance filesystem for clusters and linux supercomputers. It doesn't even work with IDE harddisk drives. If your are dumb enough to not firewall or completely isolate a super computer or cluster then you get what you deserve. Much like NFS, SMB/CIFS, NWFS, and Appletalk filesharing, it is not designed to be used across the internet. It is much better suited for gigabit ethernet, fibrechannel, or Miranet LANs. Runing it across even a T3 would mostly be a waste of the GFS (and your expensive Fibrechanel and SCSCI RAID systems).
NOTE/DISCLAIMER:
I used to work for Dr. O'Keefe (the CTO and founder of Sistina) when I was a student at the University of MN. I did not work on the GFS project, and had little contact with it, as it had mostly become Sistina at that point and had it's own offices outside of the Univesity.
I worked on the Secure Filesystem Project which was financed soley by StorageTek.
My opinions do not reflect those of Sistina, the UofMN, or StorageTek.
No, so long as Sistina has the copyright for all the code in the new version (I don't know, I haven't looked) they can release it under as many different licesnces as they want. They would however need to remove code copyright by other parties including the University of Minnesota. Or they could acquire licensces from the other parties.
NOTE/DISCLAIMER:
I used to work for Dr. O'Keefe (the CTO and founder of Sistina) when I was a student at the University of MN. I did not work on the GFS project, and had little contact with it, as it had mostly become Sistina at that point and had it's own offices outside of the Univesity.
I worked on the Secure Filesystem Project which was financed soley by StorageTek.
My opinions do not reflect those of Sistina, the UofMN, or StorageTek.
Please...e t- worm.html
/
Give me a break.
Go search google yourselft!
The Morris worm hit less then 6000 computers
for a period of time, Code Red was infecting that many computes every three minutes.
As of July 19th, 359,000 computers were infected
http://www.cs.berkeley.edu/~srhea/morris-intern
http://www.caida.org/analysis/security/code-red
Microsoft is worse than unix for the following reasons.
1) it is a monoculture, one web server runing on one operating system, runing on one CPU type. Compare to *nix which has about three popular webservers runing on about 20 OS's runing on about 10 CPU types. For the OS's and webservers, there are hundreds of different builds. This makes building a worm with good penetration very difficult.
2.) Most windows admins no almost nothing about there systems. Nuf said.
This is getting boring and long winded. I have better things to do than explain why windows has such poor security.
It is very emberassing for Microsoft to be responsable for the biggest true worm (as opposed to email worms which can be blocked at a small number of points) in internet history.
It is well known that Microsoft could easily crush Symantec. Almost all of Symantec's products fill holes in the Windows Family Line that do not exist in other operating systems. According to reports that I have read, the Windows XP betas have, firewall software, remote access software, older operating systems have also hurt the viablity of Symantec products.
It is clearly in Symantec's best interest to ensure that Microsoft does not add to many of these new features, and when it does to water them down or license Symantec technology. It would be very easy for microsoft to include a powerfull firewall system based on one of the BSD firewall systems. But instead they have included a weak fire wall that most security consciuos users would find lacking. Microsoft Scan Disk and Defrag are also both examples of code that have been watered down. The code for defrag is even licensed from symantec.
In the past, companies that have made Microsoft look bad have been crushed. Symantec does not want to suffer the same fate
Not Likely...
If memory serves, it is believed that only women are capable of having tetracromatic vision. Which (if memory serves) is normally seen as an extra shade of red. Tetracromatic people can often tell that items, which seem to match to ordinary people, don't. ie they can tell the difference between a true black ink and a cheap black ink made of cyan magenta and yellow inks.
Sadly Tetracromatic women generally will have color blind male children.
High-Temperature Superconductors: http://slashdot.org/article.pl?sid=01/02/23/191222
I don't know, It seems to me that Symantec is not very good company either. While they aren't as big about FUD as say trendmicro, they sell their biggest products (Norton AV) primaily though FUD. Lets face it, virus scanners are not a very good fix to the virus problem, and virus are easy to avoid.
Additionly most of Symantec's products exist only to fix defficiencies in Windows and MacOS, namely that they don't have any kind of real file protection and they don't have adaquate filesystem management utilities.
ie
Norton AV (ugly patch for lack of file protection)
Norton Utilities (ugly patch for the fact that windows has ugly file and data sturcuites, ie FAT32 and the registry)
Norton Internet Security (ugly patch for the fact that windows has no access control)
Norton Ghost (expensive dd clone)
Basicly their is nothing that Symantec sells that doesn't come with, or isn't needed by Linux or *BSD)
Thats the 20,000franc fine in US Dollars. I don't know about france but in the US disputes of that magnitude are usually settled in small claims court without a lawyer because legal fees almost would certainly exceed the amount of the claim.
If Yahoo cared enough about the matter to go to court over (instead of settling) I can't see how the threat of any judgement less than say $10M is going to change their actions.
The first link is to an article about about the Germans trying to get US isps to refuse to host any nazi material. France kind of seems reasonable in comparision.
http://www.cnn.com/ 200 0/TECH/computing/08/29/hate.sites.idg/
http://www.cnn.com/2000/WORLD/europe/09/06/germany .neonazi.ap/
http://w ww. cnn.com/2000/WORLD/europe/08/12/germany.extremism/ index.html
How do you think people copy GD-ROMs? As far as I know, Sony doesn't make a special GD-ROM drive for PCs, nor would it likely be simple to attach a DC to a PC.
The simple fact is that a standard PC CDROM drive is normally able to read CD with a capacity upto about 1.3 GB (Double Density CD) Just because few companies make CDs with capacities that high doesn't mean that they are impossible to make or read.
The main reason that Sega chose a 1GB size for their media was so that the titles could not be simply copied to CDRs like happened to the Playstation. They also selected GD-ROM because industry standard CDROM hardware could be used with slighty better tolerances.
I seriously doubt that any MultiRead DAE CDROM (one capable of reading CDRW and Digital Audio Extraction) would have any problem with a GDROM.
Some how I just don't see people buying SRAM (QDR is SRAM) of any kind for main system ram anytime soon. To make something like that pay off, Rambus would need to charge royalties of about $2 a megabyte. SRAM needs 4 transistors per memory cell, while DRAM (including SDRAM RDRAM etc) needs only 1 transistor and a capacitor. Thus DRAM is about 4 times as dense and 1/4 the price of SRAM. In modern applications, SRAM is only used for very high speed applications (L1,2,3 caches for CPUs, Supercomputers, high speed networking hardware) and for very small (8kbyte) amounts of memory where the cost of the extra transistors in the circuit is offset by not needing circuitry for refreshing the memory (smart cards, microcontrollers) and low power devices (graphing calculators) (SRAM which is not being accessed disipates almost no power, while DRAM needs to be rewritten constally) In general DRAM is the memory of choice for PCs. In addition to main memory, it is used on video cards (SGRAM, VRAM, WRAM, DDRSDRAM etc are all DRAM), hard disk drive, hdd controllers, cdrom drives etc. SRam is typically found only in the L1 and L2 caches.
Logitech's "Mouse that Feels"
It has been observed in many posts in this discussion that one can use various analog encoding techniques (like those used by a modem) to increase bit rate at the expense of tolerable Signal to Noise ratio.
This has the effect of requiring an increase in transmitter power proporational to the increase in the minimum tolerable S/N ratio, for reception at the same distance. This means that a radio using complex encoding (like a modem would) will create interference at distances much greater than a simple on/off binary coding would. Because of this, I would think that it would be preferable to use multiple chanels instead of fancier modulation to gain increased capacity
It seem like there is a redudant story post every day or two these days.
Might I sugest that some kind of story warning system be implemented wherein the story would be showen to say 100 randomly selected readers, who loaded the main slashdot page at the right time, before it is actually posted. I would suggest a system where the main page is randomly replaced with just the prospective new story. Comment posting would be disabled. There would also be several options for moderating the story. I would suggest:
Redudant
Ancient
OT (Not relevent to slashdot)
Great story
It would also have a box for explantion (forinstance to link to the older story)
The results of the moderation would be fed to a real time display shown to the poster of the story. This would allow them to cancel or delay unneeded redudant/otherwise bad postings.
Does no one read the errata for books before quoting them as truth. See:
http://www.counterpane.com/ac2errv30.html
* Page 157: The section on "Thermodynamic Limitations" is not quite correct. It requires kT energy to set or clear a single bit because these are irreversible operations. However,
complementing a bit is reversible and hence has no minimum required energy. It turns out that it is theoretically possible to do any computation in a reversible manner except for copying
out the answer. At this theoretical level, energy requirements for exhaustive cryptanalysis are therefore linear in the key length, not exponential.
http://www.esat.kuleuven.ac.be/cosic/press/pr_aes_ english.html
My school (the University of Minnesota) banned napster last year when everyone was banning it. Now they have (without any anouncement) allowed napster again. The really barzar part is that they anounced a new policy banning all peer to peer file transfer while reenabling napster.
Well that site seems to have died a painful death, but you can still see the statistics at: http://ns2.asimov.net/~cricket/grapher.cgi?target= %2Fslashdot-m isspellers%2Fslsahdot-org&ranges=d%3Aw%3Am%3Ay
This site has graphs and statics for slashdot typos since Feb. http://slsahdot.org
Yes certainly trust is a good thing but would you trust 1100 people even if you worked with them with. /etc/shadow
1) sensitive data
2) write permission on system executables/conf files.
3) read or write access to
Even the best hiring practices and background checks are likely to miss maybe %1 of the bad apples. So I would be willing to bet that there are at least 2 or 3 people in the organiztion that would be willing to use the info naughtily or use bad permisions to gain root.
It doesn't seem like a terribly bad idea from SEGA's point of view.
Option 1: Fight the pirates (who they may not be able to identify) with expensive lawyers and no hope of winning any signifant monitary reward (the pirates are most likely broke anyhow).
Result: Pirates continue because they are even more broke and have even less incentive to stop, SEGA is out >$50k for legal costs.
Option 2: Give the broke pirates a financial incentive to not pirate your games. Additionally, if the pirates accept stock options, they are no longer anonymous, if they continue to pirate SEGA's games they will almost certainly be punished.
Result: Sega is out maybe $10k for stock options, can hit pirates next time if they don't behave, and are guanteed to win atleast what they gave the pirates should it be nesscary to sue.
On the whole, this system (except for naughty ideas it may give some pirates) probably has a band for the buck of atleast 10 times what legal action would cost.
Of course it is, so is the current CueCat. That isn't really relevent though. My point was that the hardware could have been done (from DC's POV) right.
No, thats what public key cryptography (RSA, ElGamel, ECC etc) is all about, the CueCat hardware has the Public Key, the great database in the sky has the Private Key.
Thus only the great database in the sky can find out what the barcode actually is.
There is no need for the front end software to actually know what the real barcode is.
A few enterprising individualls might change their own Public key to decrypt to their own private key, but such a hack is significantly more difficult than simply decoding the output like in the present case.
Well yes... That was the general idea.
There is no particular reason for their software to know the real barcode anyways. All that really needs to know is the backend systems. Such a system would not prevent someone elses front end software from being used, but it would effectivly prevent the scanner from being used with any other database. (which really seems to be the intent of these letters anyhow)
Also, I really don't see any point at all in signing the data, I don't think that DC would care if you used a $300 barcode scanner instead their free model, so long as you used their database.
Note that you could use ElGamel or ECC instead of RSA, its just that ElGamel is painfull in small hardware and ECC is patented up the wazoo.