Were these systems ever actually configured to do anything?
I mean that half flip, half serious. Early RH releases tended to change the system organization, boot scripts and so on (I gave up after 4-something and went FreeBSD) to such an extent that any system that was configured to do anything meaningful would have broken rather seriously.
To be fair to RH, it wasn't all their fault, the Linux OS structure was on shifting sand at the time. But I did find it rather annoying that each new incremental version change of RH at the time was often different for what seemed to me to be different's sake, not for some meaningful (to me anyway) purpose.
More common designs involve the biometrics info as a symmetric (key-wrapping) key to protect the private key as it is stored on the smartcard. This means the biometrics never leave the smartcard if the smartcard can collect the biometrics directly itself.
This is exactly what I had in mind.
The mechanics of it would be something like this, say at an ATM machine: I put my thumb on the biometric reader, which then issues a signed request for my bank account number. The biometric authentication unlocks my private key in the card, and my request is signed by both my biometric private key and my stored private key.
At the bank end my request is validated against their records of my public key and my biometric public key. Any mismatch and the transaction is rejected.
Any response I get can also be validated by the card as matching the card's stored version of the banks public keys.
The ATM machine is merely a transmission point for my signed requests and reciept of signed replies. All of the signing and validation is done in the card or at the bank, not in the machine (although the machine will probably rely on validating a second, parallel reply from the bank to spit out dollar bills).
In this scenerio, how can someone have a 'cloned' card? Unless they have totally cloned my card and my thumb, they're out of luck.
Perhaps this seems so strong to me because its possible to distribute my public keys and let each individual institution keep their own local copies, mitigating a single-source compromise. This could even be coupled with a cross-validation with a third party key server to be sure that someone else agrees with the keys being presented (ie, you can't just alter the keys at the bank). As long as the remote end validates the signed request, a cloned card would be worthless since the requests for my account wouldn't have the right signer and would be rejected.
Although now that I've managed to design a card with LCD display, biometric authenticator and computational power to calculate keys and validations, I might have to design a back pocket big enough to carry it.
Thanks for the informative discussion. I've at least learned that even complicated systems can have simple faults, and this is much more complicated than an armchair security expert can design!
Re:Old Apple ][ Ads...
on
Baked Apple
·
· Score: 1
Finally there's an old BMUG article about "hanging your disks out to dry" after their shareware library was flooded. They opened the floppy disks, washed the disks gently with detergent, air dried them, and put them back in new cases. Voila they were readable.
Apple ][ 5.25 floppies were industructable. We used to pull them out of the jackets, play frisbee in the physics lab and then put them into the drives and they'd work just fine. The only problems occured when they got bent and couldn't integrate mechanically with the drive.
Once the forger has his own fake keypair for you, that is signed by the government Certificate Authority (CA) his keypair are legally binding as proof that he is you, until it is proven in a court of law that the card, keypair, and peronsal details have been forged.
But my biometric identity is part of my keypair, and if the keypair is validated with each transaction, how does he fake my biometric identity? If your argument is based on the fact that the computer system is compromisable and my entire identity record (public keys) is replaced with a fake identity record, I'll notice within the day and/or hour that this has taken place and can quickly stop it. Plus I don't believe that a public keyserver that stores biometrically authenticated data would necessarily be so easily compromisable. Not impossible, but very difficult.
Like cheque forgers; who don't break into banks, they withdraw the money by asking the bank tellers nicely. The smartcard forgers don't break the cryptography, they attack the system.
If the system is never perfectable, is that a reason not to try improve on it with systems that depend more highly on cryptographic identity verification?
This is where I get lost in all this. The system is always attackable, always will be, but shouldn't the parts of the system make those attacks far more expensive, complicated and difficult? I'll accept that the system can be compromised by Mitnick, but right now we have a system that's compromisable by any street thug with a fourth-grade education.
Upgrading the "system" so that it is highly reliant on cryptographic verification increases the difficulty of scamming it by at least an order of magnitude. What's wrong with that?
Q1 is traditionally the slowest month in business spending, especially on IT and other capital or infrstructure projects, particularly in these trying economic times. Financial management wants to get some kind of projection on this year's recievables before they release a lot of overhead spending.
Which means that software companies, which for several years running had been selling "updates" to their software at a huge clip are now facing major shortfalls in Q1 and Q2 due to a purchasing pattern that starts to resemble retail sales -- some spending Q2, better in Q3 & Q4, but little or none in Q1.
So they get the BSA to send these letters out in January to help beef up Q1 numbers. It's an extortion racket, plain and simple.
OK, so someone gets a virgin card. My public key is signed by me and the government, and on file in some public public keyserver. How do they manage to fake my public key? It's much harder, and while OF COURSE its not wholly immune to tampering its far more secure than the present system, which is neither secure, nor a system, nor useful for anything other than getting traffic tickets.
And its not meant to eliminate other security mechanisms, but to provide a very secure base crypto element so that people can more easily crypto in every day life.
I'm not sure it would be that easy to clone the cards. Not impossible, but not easy.
The problem right now is that there's so much bitching about how any new system wouldn't be 100% secure that we're forced to live with a system we know right now is 100% INSECURE and offers ZERO protection; or we duplicate it with layers of complicated stuff that no one users, or neutralizes with post-it notes on monitors.
but the problem of getting my clients to understand that the extra clicks when they send an email, the remebering a pass phrase, and the extra clicks to read incoming email is not only advisable but absolutly necessary.
The PHB and I were discussing this the other day. I have a little keychain password tool (since I can't remember aysh7aAS3 x 10 systems), but its worthless for passphrases or other more complex authentication systems.
What I'd advocate, and I'm sure that privacy nuts and other security wonks would hate, would be government-issued smart cards that contain a user's private key. The passphrase would biometrically authenticated (small thumbpad) and have an LCD screen that would display an alphanumeric fingerprint which would match a printed fingerprint and a small B&W version of a printed photo, making it difficult to counterfeit.
Since these would be government issued, they would be *universal* and could be used as an access token for encryption systems. They would also have an open implementation so that anyone could interface with them.
Encryption is complicated now because the key management systems are either proprietary or too complex for ordinary users, or just involve too many steps. Authenticating yourself with your biometric ID to your desktop would make it far easier for businesses to use such systems and would make them ubiquitous. Nobody is born knowing how to lock their house or car, but since everyone does it from an early age it becomes trivial. If public/private key crypto could be implemented universally, people would learn it and get used to it quickly.
The bonus is with an open implementation of the card's interface, it could be used everywhere. Your public key could be used on your hotel door, your car, your office, your house. Want to give the neighbor access to your house while you're gone? Don't give them a key, have them swipe their biometric authcard in your lock -- grant access to that public key for X days and you don't have to worry about the key getting lost or copied.
The big challenge is universality. I'm sure privacy nuts would chafe at this, but I don't think it would work without being a federal ID system. You wouldn't have to have one, but like a bank account or a credit card life might be a little awkward. The bonus would be you wouldn't need a passport or any other government issued ID and it would be a huge fraud deterrent. A government system could also be an open standard.
I still get to travel on my company's dime, but its always to do real work in field offices; server upgrades and the like. What sucks about this kind of travel is that I have to be there and do work both during the day (which generally amounts to help-desk work, since the offices have no IT support), and then at night or on weekends if its a big job (which is all the sysadmin work).
I get to stay in decent hotels, but I swear I eat 80% of my meals as either fast food or room service, which sucks. I usually find time to squeeze in one $100 meal, but thats it. And since I travel alone, any "spare" time I have is usually kind of a wash -- I'm either too tired or have little interest in roaming around by myself. I've done a lot of Slashdot in hotel rooms!
I always assumed they were a total boondoggle; an excuse for employees that generally didn't travel to go out once per year and get liquored up in some other city at their employers expense.
I've found that convention booths are almost universally staffed with marketing drones who parrot the marketing slogans and know little about their products and even less about the actual technolgies they implement. The better sales people (am I actually saying this?) are usually out on some golf course or at a whorehouse with their top customers.
Plus, even when I get something out of a booth, it's hard to take that knowledge back to the office unless you're working on a current project proposal and immediately get resellers in and work on quotes. Otherwise its kind of like intellectual flotsam you lose six months later.
The only time I can see it being valuable is if you were involved in a virtual community and the yearly get together involved a lot of panels or other kinds of interactivity you couldn't get otherwise. I don't count Comdex and their ilk in that, they're not specific enough.
Is it possible to have a motherboard with two processors, a P4 and an Itanium? The core OS could run on the Itanium and non-Itanium stuff could get executed on the P4 processor(s).
I'm sure this is a stupid idea that many other posters will point out the weaknesses of, but I'm wondering why it couldn't be done.
I think the most important thing would be for hardware and software vendors to re-think the whole idea of multiprocessor systems, both from a memory allocation and bus access perspective and from a process creation and CPU time allocation perspective.
It'd be almost more interesting to look at a 4 CPU system as multiple systems with varying processors depending on the needed configuration, with hardware shared or dedicated on an as-needed basis. Cluster-in-a-box or partitionable or NUMA on a motherboard or what have you.
It already exists in the mainframe/enterprise system level for IBM or Sun systems, but it'd be interesting to see a similar flexibility built into a single 4 CPU board.
I have never experienced the phenomenon you describe, and it goes against the grain of how I understand the scheduler works, at least in 2K.
I have seen a heavily loaded single-threaded process on a dual-CPU machine "ping-pong" between processors on a 2K machine. When you show the load of each processor in performance monitor you see a peak and valley for each CPU and exactly opposite on each CPU.
I've seen slightly asymetric loading in the task manager view, but generally it follows the same pattern. The asymmetry I've written off to task manager not having as much granularity as performance monitor.
This is exactly what I'd expect. The system is capable of running two processes or threads concurrently; the processes are scheduled round-robin onto CPUs as they are free, and the 'busy' process jumps from CPU to CPU as it becomes available and never stays on a single CPU, unless of course you force a processor affinity.
But you'd think that forcing an affinity would actually hinder process execution, since unless you told all the other processes to stay off of a given CPU, the affinitied task will get less work done as there will be fewer timeslots available to it.
The reason I'm somewhat skeptical of the value (beyond the its-still-a-smooth-UI-when-a-single-task-is-at-100 % reason) of this is my direct experience at home/work.
At work I have (because I'm too cheap) a 1.xx GHz PIII and at home I have a dual PIII 667 (actually 650 overclocked a tiny amount). I think the work PC is faster overall and just as responsive, even though its only a single CPU system.
I realize that much of the advantage is 133 vs 103Mhz bus, but that's part of the point -- if you stick with cheaper, simpler single CPU systems you can get a new one faster and take advantage of other improvements on the motherboard faster than you can with a more expensive (and hence kept longer) dual CPU system.
I've always thought that exploiting parallelism would be the next step after we hit some kind of practical performance wall in desktop systems. However, I've been saying that for 7 years and the wall just keeps moving, although I kind of think its gotten a little closer.
It's probably a question of economics more than anything else. A 2 CPU system for most end-user applications probably delivers less percentage increase in performance than its percentage increase in cost right now. But up till now its been cheaper to replace a single CPU with a faster single CPU than to invest more upfront in a multi-CPU system -- you have to keep it longer, which means you fall farther behind the current performance curve.
If it became 'standard' to have them, OS and App vendors would be able to deliver a performance jump out of 2 CPUs through better parallelism that would outweigh the increased hardware costs associated.
In the PC world, there's also the historical problem of lack of mainstream OS support for multiple CPUs -- I can't remember if XP consumer even supports it, now that I think about it -- which creates that chicken-and-egg problem. NT4 was a highly marginal 'consumer' OS, Win2k had more reach but still not what the 9x series had and XP adoption has been slower due to people just keeping PCs longer.
I've had a dual CPU system at home for 3 years and I'm not entirely sure I'd replace it with another one once I looked at the economics of it. The biggest single benefit I can think of is that it doesn't bottleneck the way a single CPU can when a single process pigs out at 100%, I still have a nearly-idle CPU to work with -- which is the problem with 2 CPUs, one's nearly idle.
There's oceans full of it just wating to be desalinized. If they can find a economical process for desalinization, then most water problems could be solved.
I think that's the crux of the problem. IANAWaterExpert but I think I've read the freshwater problem is basically that we're converting to saltwater the existing supply of non-saline water faster than the natural processes (evaporation, precipitation, ground filtration) can re-create it.
I think from an energy perspective its far cheaper to convert dirty freshwater into potable water than it is to convert saline water into freshwater, and even non-human drinkable freshwater is used for much more than drinking and bathing.
This kind of 'cos there's no right or wrong answers, humanities must be easy' crap is just illiterate carping.
Is it? I think it's half right, but it misses the point. In liberal arts I'd argue that in many cases there isn't a right or wrong answer from a factually provable perspective. The 'answer' is an assertion, theory or other kind of speculative statement that is explained, argued and justified better or worse.
The grades in many liberal arts classes reflect that; its possible for 10 people to argue 10 different solutions to a given problem ("Why did Hamlet act like he did?" or "Why wasn't communism successful?"). In many cases the professor isn't looking for a RIGHT answer, they're looking for a GOOD answer.
In fact, the biggest problem facing liberal arts right now is that in many cases they've lost sight of this and are instead looking for the "RIGHT" answer, the one that correctly satisfies the appropriate political sensibilities.
I was a PoliSci grad, and it was mostly fun -- I got great grades quite often by great arguments that ran counter to a lot of conventional wisdom that someone might have marked as "wrong".
Yes, the market would be more fragmented and support would be more challenging. Yes, 3gHz is cool, but who needs it? Yes, XP is better than 95, but could we have gotten there in 2 upgrades instead of 5, and caught the security holes along the way. How cool would the Linux desktop be if KDE was built from the ground up not to be like Windows (flame retardent boxers activate!)?
I agree with most of your entire post, but isn't the reality that Microsoft really did just do two upgrades instead of five? I can't claim to be a Microsoft internals expert, but I see the *actual* Microsoft upgrades as only two steps from 95, not five. 98 and ME were largely marketing upgrades with cosmetic technological improvement over 95; NT4 is probably somewhat debatable, but it strikes me as a significant upgrade over 3.51, and that just leaves Win2k as the final upgrade, with XP as a largely cosmetic improvement over 2K.
It would have been nice if some more thoughtful attempt had been made to allow service-pack type upgrades to 95 to get it to the level of technology support that ME provided. It may be debatable whether the same could have been done for 2k to XP, XP might just have enough changes that this might not have been possible.
I suppose the full counter-argument to all of this is that much of it had to happen this way due to the broad changes in the whole computer industry that are somewhat independant of brute force/clockspeed aspect of it. The wait for decent support for USB on x86 was bad enough without having to REALLY wait for major OS upgrades.
Largely I do agree, but I also wonder if we were more thoughtful about it if I'd still be trying to daisy chain parallel port devices.
We called them polish cannons in the mid-70s. You duct-taped two tennis ball cans (back when they were sold in metal cans). The top can had the bottom cut out, the bottom can had a small hole in it for loading ligher fluide and for ignition.
Ask the average tivo owner what quality level they select for their seinfeld reruns.
Haha, too true. When I first got my Tivo (60Hr Series2), I recorded stuff at all the various quality levels. High quality was too disk-consuming, the level below that (good? I forget) was also too disk-hungry and not noticably different than high quality. Basic quality seemed kind of appalling on the first few programs I recorded -- even my wife, who's about as nontechnical as they come was noticing some artifacts.
So I stuck with medium quality for a while, but I noticed I just wasn't getting the retention I wanted when I had a lot of movies recorded, so I started switching to basic quality on some stuff, and lo and behold I noticed that it wasn't all that bad.
I've been sold on basic since then, but I've noticed its kind of all over the map. Some stuff I find indistinguishable from medium quality, some stuff is pretty appalling. Music videos, for example, have too many jump cuts and quick camera movements -- the quality there sucks. But a lot of other content appears just fine, especially content originally shot on film. Even old Rockford episodes are good, and especially good are recordings of filmed content shown on digital channels; analog noise from analog channels must hinder the compressor.
Anyway, you're right -- basic quality has become more than good enough, at least until a do a disk upgrade and get a DVD recorder to copy stuff too, but even then I may stick with the longest content length...
To borrow words from the X files, I want to believe. But I can't make myself believe.
From what we know about the vastness of space and the immense distances that UFOs would have to travel to get here, it would take some pretty amazing technology, especially if it was transporting biological entities.
Any civilization with that kind of technology:
(a) wouldn't care a whole lot about Earth, we're one foot out of the ectoplasm. We haven't done anything interesting that a highly evolved civilization hasn't already done.
(b) and if they did (hey, I still look at ant hills), why wouldn't their technology enable them to remain completely undetected? Or gather their information via remote sensing?
I just can't get past these things. I'd like someone to tell me why I should.
Have you been to a good local coffee shop? One with atmosphere, great coffee mixes, menu & good service?
Been to plenty with good coffee, good atmosphere and a few with decent sweets. But ABSOLUTELY NONE OF THEM have anything approaching good service. They all have the same orange-haired, pierced-nose alterna-whatever trendanistas "working" there. They're rude, slow and usually can't make change or do anything other than take breaks well.
It's no better at Starbucks or Caribou or any other chain -- its like you can't make coffee unless you're over 45 with "Flo" embroidered on your dress or under 30 with more safety pins in your lip than I have in my whole house and hair the shade of a warning sign.
Besides, buying coffee at the store is dumb to begin with. The markup is like 2000% or something. A pound of decent beans is $6 and makes enough coffee to keep me wired for a week. A single cup at any coffee place is like $3.
This was to silence those who rallied valiently to save the livings of coffee farmers the world over.
Hey, if the RIAA and MPAA don't deserve to get their stupid business models enshrined into law, why should the coffee growers or anyone else for that matter?
OPEC figured out how to run a cartel, so should the coffee people if they want a guaranteed high price for growing too much coffee. Blaming Starbucks isn't the right tactic.
Transportation advances. The car was a fix for the horse and buggy.
The horse and buggy was a fix for walking.
Were these systems ever actually configured to do anything?
I mean that half flip, half serious. Early RH releases tended to change the system organization, boot scripts and so on (I gave up after 4-something and went FreeBSD) to such an extent that any system that was configured to do anything meaningful would have broken rather seriously.
To be fair to RH, it wasn't all their fault, the Linux OS structure was on shifting sand at the time. But I did find it rather annoying that each new incremental version change of RH at the time was often different for what seemed to me to be different's sake, not for some meaningful (to me anyway) purpose.
More common designs involve the biometrics info as a symmetric (key-wrapping) key to protect the private key as it is stored on the smartcard. This means the biometrics never leave the smartcard if the smartcard can collect the biometrics directly itself.
This is exactly what I had in mind.
The mechanics of it would be something like this, say at an ATM machine: I put my thumb on the biometric reader, which then issues a signed request for my bank account number. The biometric authentication unlocks my private key in the card, and my request is signed by both my biometric private key and my stored private key.
At the bank end my request is validated against their records of my public key and my biometric public key. Any mismatch and the transaction is rejected.
Any response I get can also be validated by the card as matching the card's stored version of the banks public keys.
The ATM machine is merely a transmission point for my signed requests and reciept of signed replies. All of the signing and validation is done in the card or at the bank, not in the machine (although the machine will probably rely on validating a second, parallel reply from the bank to spit out dollar bills).
In this scenerio, how can someone have a 'cloned' card? Unless they have totally cloned my card and my thumb, they're out of luck.
Perhaps this seems so strong to me because its possible to distribute my public keys and let each individual institution keep their own local copies, mitigating a single-source compromise. This could even be coupled with a cross-validation with a third party key server to be sure that someone else agrees with the keys being presented (ie, you can't just alter the keys at the bank). As long as the remote end validates the signed request, a cloned card would be worthless since the requests for my account wouldn't have the right signer and would be rejected.
Although now that I've managed to design a card with LCD display, biometric authenticator and computational power to calculate keys and validations, I might have to design a back pocket big enough to carry it.
Thanks for the informative discussion. I've at least learned that even complicated systems can have simple faults, and this is much more complicated than an armchair security expert can design!
Finally there's an old BMUG article about "hanging your disks out to dry" after their shareware library was flooded. They opened the floppy disks, washed the disks gently with detergent, air dried them, and put them back in new cases. Voila they were readable.
Apple ][ 5.25 floppies were industructable. We used to pull them out of the jackets, play frisbee in the physics lab and then put them into the drives and they'd work just fine. The only problems occured when they got bent and couldn't integrate mechanically with the drive.
Once the forger has his own fake keypair for you, that is signed by the government Certificate Authority (CA) his keypair are legally binding as proof that he is you, until it is proven in a court of law that the card, keypair, and peronsal details have been forged.
But my biometric identity is part of my keypair, and if the keypair is validated with each transaction, how does he fake my biometric identity? If your argument is based on the fact that the computer system is compromisable and my entire identity record (public keys) is replaced with a fake identity record, I'll notice within the day and/or hour that this has taken place and can quickly stop it. Plus I don't believe that a public keyserver that stores biometrically authenticated data would necessarily be so easily compromisable. Not impossible, but very difficult.
Like cheque forgers; who don't break into banks, they withdraw the money by asking the bank tellers nicely. The smartcard forgers don't break the cryptography, they attack the system.
If the system is never perfectable, is that a reason not to try improve on it with systems that depend more highly on cryptographic identity verification?
This is where I get lost in all this. The system is always attackable, always will be, but shouldn't the parts of the system make those attacks far more expensive, complicated and difficult? I'll accept that the system can be compromised by Mitnick, but right now we have a system that's compromisable by any street thug with a fourth-grade education.
Upgrading the "system" so that it is highly reliant on cryptographic verification increases the difficulty of scamming it by at least an order of magnitude. What's wrong with that?
I've noticed that this usually happens in Q1.
Q1 is traditionally the slowest month in business spending, especially on IT and other capital or infrstructure projects, particularly in these trying economic times. Financial management wants to get some kind of projection on this year's recievables before they release a lot of overhead spending.
Which means that software companies, which for several years running had been selling "updates" to their software at a huge clip are now facing major shortfalls in Q1 and Q2 due to a purchasing pattern that starts to resemble retail sales -- some spending Q2, better in Q3 & Q4, but little or none in Q1.
So they get the BSA to send these letters out in January to help beef up Q1 numbers. It's an extortion racket, plain and simple.
OK, so someone gets a virgin card. My public key is signed by me and the government, and on file in some public public keyserver. How do they manage to fake my public key? It's much harder, and while OF COURSE its not wholly immune to tampering its far more secure than the present system, which is neither secure, nor a system, nor useful for anything other than getting traffic tickets.
And its not meant to eliminate other security mechanisms, but to provide a very secure base crypto element so that people can more easily crypto in every day life.
I'm not sure it would be that easy to clone the cards. Not impossible, but not easy.
The problem right now is that there's so much bitching about how any new system wouldn't be 100% secure that we're forced to live with a system we know right now is 100% INSECURE and offers ZERO protection; or we duplicate it with layers of complicated stuff that no one users, or neutralizes with post-it notes on monitors.
but the problem of getting my clients to understand that the extra clicks when they send an email, the remebering a pass phrase, and the extra clicks to read incoming email is not only advisable but absolutly necessary.
The PHB and I were discussing this the other day. I have a little keychain password tool (since I can't remember aysh7aAS3 x 10 systems), but its worthless for passphrases or other more complex authentication systems.
What I'd advocate, and I'm sure that privacy nuts and other security wonks would hate, would be government-issued smart cards that contain a user's private key. The passphrase would biometrically authenticated (small thumbpad) and have an LCD screen that would display an alphanumeric fingerprint which would match a printed fingerprint and a small B&W version of a printed photo, making it difficult to counterfeit.
Since these would be government issued, they would be *universal* and could be used as an access token for encryption systems. They would also have an open implementation so that anyone could interface with them.
Encryption is complicated now because the key management systems are either proprietary or too complex for ordinary users, or just involve too many steps. Authenticating yourself with your biometric ID to your desktop would make it far easier for businesses to use such systems and would make them ubiquitous. Nobody is born knowing how to lock their house or car, but since everyone does it from an early age it becomes trivial. If public/private key crypto could be implemented universally, people would learn it and get used to it quickly.
The bonus is with an open implementation of the card's interface, it could be used everywhere. Your public key could be used on your hotel door, your car, your office, your house. Want to give the neighbor access to your house while you're gone? Don't give them a key, have them swipe their biometric authcard in your lock -- grant access to that public key for X days and you don't have to worry about the key getting lost or copied.
The big challenge is universality. I'm sure privacy nuts would chafe at this, but I don't think it would work without being a federal ID system. You wouldn't have to have one, but like a bank account or a credit card life might be a little awkward. The bonus would be you wouldn't need a passport or any other government issued ID and it would be a huge fraud deterrent. A government system could also be an open standard.
I still get to travel on my company's dime, but its always to do real work in field offices; server upgrades and the like. What sucks about this kind of travel is that I have to be there and do work both during the day (which generally amounts to help-desk work, since the offices have no IT support), and then at night or on weekends if its a big job (which is all the sysadmin work).
I get to stay in decent hotels, but I swear I eat 80% of my meals as either fast food or room service, which sucks. I usually find time to squeeze in one $100 meal, but thats it. And since I travel alone, any "spare" time I have is usually kind of a wash -- I'm either too tired or have little interest in roaming around by myself. I've done a lot of Slashdot in hotel rooms!
I always assumed they were a total boondoggle; an excuse for employees that generally didn't travel to go out once per year and get liquored up in some other city at their employers expense.
I've found that convention booths are almost universally staffed with marketing drones who parrot the marketing slogans and know little about their products and even less about the actual technolgies they implement. The better sales people (am I actually saying this?) are usually out on some golf course or at a whorehouse with their top customers.
Plus, even when I get something out of a booth, it's hard to take that knowledge back to the office unless you're working on a current project proposal and immediately get resellers in and work on quotes. Otherwise its kind of like intellectual flotsam you lose six months later.
The only time I can see it being valuable is if you were involved in a virtual community and the yearly get together involved a lot of panels or other kinds of interactivity you couldn't get otherwise. I don't count Comdex and their ilk in that, they're not specific enough.
Is it possible to have a motherboard with two processors, a P4 and an Itanium? The core OS could run on the Itanium and non-Itanium stuff could get executed on the P4 processor(s).
I'm sure this is a stupid idea that many other posters will point out the weaknesses of, but I'm wondering why it couldn't be done.
I think the most important thing would be for hardware and software vendors to re-think the whole idea of multiprocessor systems, both from a memory allocation and bus access perspective and from a process creation and CPU time allocation perspective.
It'd be almost more interesting to look at a 4 CPU system as multiple systems with varying processors depending on the needed configuration, with hardware shared or dedicated on an as-needed basis. Cluster-in-a-box or partitionable or NUMA on a motherboard or what have you.
It already exists in the mainframe/enterprise system level for IBM or Sun systems, but it'd be interesting to see a similar flexibility built into a single 4 CPU board.
I have never experienced the phenomenon you describe, and it goes against the grain of how I understand the scheduler works, at least in 2K.
I have seen a heavily loaded single-threaded process on a dual-CPU machine "ping-pong" between processors on a 2K machine. When you show the load of each processor in performance monitor you see a peak and valley for each CPU and exactly opposite on each CPU.
I've seen slightly asymetric loading in the task manager view, but generally it follows the same pattern. The asymmetry I've written off to task manager not having as much granularity as performance monitor.
This is exactly what I'd expect. The system is capable of running two processes or threads concurrently; the processes are scheduled round-robin onto CPUs as they are free, and the 'busy' process jumps from CPU to CPU as it becomes available and never stays on a single CPU, unless of course you force a processor affinity.
But you'd think that forcing an affinity would actually hinder process execution, since unless you told all the other processes to stay off of a given CPU, the affinitied task will get less work done as there will be fewer timeslots available to it.
The reason I'm somewhat skeptical of the value (beyond the its-still-a-smooth-UI-when-a-single-task-is-at-100 % reason) of this is my direct experience at home/work.
At work I have (because I'm too cheap) a 1.xx GHz PIII and at home I have a dual PIII 667 (actually 650 overclocked a tiny amount). I think the work PC is faster overall and just as responsive, even though its only a single CPU system.
I realize that much of the advantage is 133 vs 103Mhz bus, but that's part of the point -- if you stick with cheaper, simpler single CPU systems you can get a new one faster and take advantage of other improvements on the motherboard faster than you can with a more expensive (and hence kept longer) dual CPU system.
I've always thought that exploiting parallelism would be the next step after we hit some kind of practical performance wall in desktop systems. However, I've been saying that for 7 years and the wall just keeps moving, although I kind of think its gotten a little closer.
It's probably a question of economics more than anything else. A 2 CPU system for most end-user applications probably delivers less percentage increase in performance than its percentage increase in cost right now. But up till now its been cheaper to replace a single CPU with a faster single CPU than to invest more upfront in a multi-CPU system -- you have to keep it longer, which means you fall farther behind the current performance curve.
If it became 'standard' to have them, OS and App vendors would be able to deliver a performance jump out of 2 CPUs through better parallelism that would outweigh the increased hardware costs associated.
In the PC world, there's also the historical problem of lack of mainstream OS support for multiple CPUs -- I can't remember if XP consumer even supports it, now that I think about it -- which creates that chicken-and-egg problem. NT4 was a highly marginal 'consumer' OS, Win2k had more reach but still not what the 9x series had and XP adoption has been slower due to people just keeping PCs longer.
I've had a dual CPU system at home for 3 years and I'm not entirely sure I'd replace it with another one once I looked at the economics of it. The biggest single benefit I can think of is that it doesn't bottleneck the way a single CPU can when a single process pigs out at 100%, I still have a nearly-idle CPU to work with -- which is the problem with 2 CPUs, one's nearly idle.
There's oceans full of it just wating to be desalinized. If they can find a economical process for desalinization, then most water problems could be solved.
I think that's the crux of the problem. IANAWaterExpert but I think I've read the freshwater problem is basically that we're converting to saltwater the existing supply of non-saline water faster than the natural processes (evaporation, precipitation, ground filtration) can re-create it.
I think from an energy perspective its far cheaper to convert dirty freshwater into potable water than it is to convert saline water into freshwater, and even non-human drinkable freshwater is used for much more than drinking and bathing.
This kind of 'cos there's no right or wrong answers, humanities must be easy' crap is just illiterate carping.
Is it? I think it's half right, but it misses the point. In liberal arts I'd argue that in many cases there isn't a right or wrong answer from a factually provable perspective. The 'answer' is an assertion, theory or other kind of speculative statement that is explained, argued and justified better or worse.
The grades in many liberal arts classes reflect that; its possible for 10 people to argue 10 different solutions to a given problem ("Why did Hamlet act like he did?" or "Why wasn't communism successful?"). In many cases the professor isn't looking for a RIGHT answer, they're looking for a GOOD answer.
In fact, the biggest problem facing liberal arts right now is that in many cases they've lost sight of this and are instead looking for the "RIGHT" answer, the one that correctly satisfies the appropriate political sensibilities.
I was a PoliSci grad, and it was mostly fun -- I got great grades quite often by great arguments that ran counter to a lot of conventional wisdom that someone might have marked as "wrong".
Yes, the market would be more fragmented and support would be more challenging. Yes, 3gHz is cool, but who needs it? Yes, XP is better than 95, but could we have gotten there in 2 upgrades instead of 5, and caught the security holes along the way. How cool would the Linux desktop be if KDE was built from the ground up not to be like Windows (flame retardent boxers activate!)?
I agree with most of your entire post, but isn't the reality that Microsoft really did just do two upgrades instead of five? I can't claim to be a Microsoft internals expert, but I see the *actual* Microsoft upgrades as only two steps from 95, not five. 98 and ME were largely marketing upgrades with cosmetic technological improvement over 95; NT4 is probably somewhat debatable, but it strikes me as a significant upgrade over 3.51, and that just leaves Win2k as the final upgrade, with XP as a largely cosmetic improvement over 2K.
It would have been nice if some more thoughtful attempt had been made to allow service-pack type upgrades to 95 to get it to the level of technology support that ME provided. It may be debatable whether the same could have been done for 2k to XP, XP might just have enough changes that this might not have been possible.
I suppose the full counter-argument to all of this is that much of it had to happen this way due to the broad changes in the whole computer industry that are somewhat independant of brute force/clockspeed aspect of it. The wait for decent support for USB on x86 was bad enough without having to REALLY wait for major OS upgrades.
Largely I do agree, but I also wonder if we were more thoughtful about it if I'd still be trying to daisy chain parallel port devices.
We called them polish cannons in the mid-70s. You duct-taped two tennis ball cans (back when they were sold in metal cans). The top can had the bottom cut out, the bottom can had a small hole in it for loading ligher fluide and for ignition.
Used to shoot a tennis ball pretty far, I forget.
Ask the average tivo owner what quality level they select for their seinfeld reruns.
Haha, too true. When I first got my Tivo (60Hr Series2), I recorded stuff at all the various quality levels. High quality was too disk-consuming, the level below that (good? I forget) was also too disk-hungry and not noticably different than high quality. Basic quality seemed kind of appalling on the first few programs I recorded -- even my wife, who's about as nontechnical as they come was noticing some artifacts.
So I stuck with medium quality for a while, but I noticed I just wasn't getting the retention I wanted when I had a lot of movies recorded, so I started switching to basic quality on some stuff, and lo and behold I noticed that it wasn't all that bad.
I've been sold on basic since then, but I've noticed its kind of all over the map. Some stuff I find indistinguishable from medium quality, some stuff is pretty appalling. Music videos, for example, have too many jump cuts and quick camera movements -- the quality there sucks. But a lot of other content appears just fine, especially content originally shot on film. Even old Rockford episodes are good, and especially good are recordings of filmed content shown on digital channels; analog noise from analog channels must hinder the compressor.
Anyway, you're right -- basic quality has become more than good enough, at least until a do a disk upgrade and get a DVD recorder to copy stuff too, but even then I may stick with the longest content length...
To borrow words from the X files, I want to believe. But I can't make myself believe.
From what we know about the vastness of space and the immense distances that UFOs would have to travel to get here, it would take some pretty amazing technology, especially if it was transporting biological entities.
Any civilization with that kind of technology:
(a) wouldn't care a whole lot about Earth, we're one foot out of the ectoplasm. We haven't done anything interesting that a highly evolved civilization hasn't already done.
(b) and if they did (hey, I still look at ant hills), why wouldn't their technology enable them to remain completely undetected? Or gather their information via remote sensing?
I just can't get past these things. I'd like someone to tell me why I should.
MS is always doing something creative with SMB, requiring Samba to play catch-up.
Have you been to a good local coffee shop? One with atmosphere, great coffee mixes, menu & good service?
Been to plenty with good coffee, good atmosphere and a few with decent sweets. But ABSOLUTELY NONE OF THEM have anything approaching good service. They all have the same orange-haired, pierced-nose alterna-whatever trendanistas "working" there. They're rude, slow and usually can't make change or do anything other than take breaks well.
It's no better at Starbucks or Caribou or any other chain -- its like you can't make coffee unless you're over 45 with "Flo" embroidered on your dress or under 30 with more safety pins in your lip than I have in my whole house and hair the shade of a warning sign.
Besides, buying coffee at the store is dumb to begin with. The markup is like 2000% or something. A pound of decent beans is $6 and makes enough coffee to keep me wired for a week. A single cup at any coffee place is like $3.
This was to silence those who rallied valiently to save the livings of coffee farmers the world over.
Hey, if the RIAA and MPAA don't deserve to get their stupid business models enshrined into law, why should the coffee growers or anyone else for that matter?
OPEC figured out how to run a cartel, so should the coffee people if they want a guaranteed high price for growing too much coffee. Blaming Starbucks isn't the right tactic.