It's nearly midnight here, but if I get a chance in the morning, I'll post up some more info including the code I used to replicate the Warmest 100's methods, and some scatterplots showing how the accuracy of the predictions got better the closer things got to number one, similar to the tableau link from diodegod.
You have an inflated opinion of the quality of 'enterprise' software.
When something breaks in an enterprise app, you can go to the vendor and say 'fix this'... only to have them ignore you because you're not one of the top 20 accounts. You have to wait until the next patch release, if the vendor decides your problem is important enough to make it into the development schedule. Which is only practical when you're a commercial vendor with limited resources.
As for 'definitive' tech-support, you need to be a top account if you want access to the top engineers. Even then, think you'll be able to talk to the guys who write the code? Think again. The documentation is superficial, and doesn't cover your problem (it's never happened before, after all). You can't get access to the engineer who might be able to help you. Definitive support in a specified time frame? Hah! Try waiting while the vendor tries time and time again to figure out what's wrong.
The number of times I've had to design around flaws in vendor products because of bugs, misfeatures, or missing features.. well, it's made me a rich man. We didn't have time to wait for the vendor to fix things, because we had a product to ship, or a project burning through its budget. And we certainly didn't have the time or money to sue anyone. It took the EU 10 years to get Microsoft to release protocol documentation. Think you can do better?
If software 'x' dies and it's a vendor product, you can't fix it yourself. You have to wait. If software 'x' is open source, you have the option of fixing it yourself, or buying someone who can.
You're right that enterprise software is about more than the code. It's certainly possible to make the wrong choice of open source software for a large company. But don't kid yourself that sticking to 'enterprise' vendors is the lowest risk solution.
I'll have to dig up the details on what was sub-optimised in Postgres. Not being a guru DBA, I was simply comparing the same SQL in Postgres vs. what I thought the most intelligent query would be. From memory it was something about using appropriate indexes on a multi-table join. We've sinced fixed the database design so that the join isn't necessary. PostgreSQL arrays rock!
It is entirely possible that it was sub-optimal database tuning, as mentioned by another poster. I'll be sure to check out the new optimizer when I get back to the SQL side of the project. Also, it wasn't enough of a problem for us to log a bug, since we assumed that the appropriate wizards were probably already working on such things. We're not on such a tight release schedule that we need such things fixed ASAP.
Having read all the replies to my post (wow) I realise I've only scratched the surface of Postgres. I look forward to delving more into its depths.
Some of us who compare OSS databases to commercial ones have experience that extends past address books. And no, I'll pass on the DSW if you don't mind.
My main problem with PostgreSQL is the query optimiser. Oracle's query optimiser is definitely superior as Postgres occasionally comes up with some peculiar query plans. In a product I'm involved with, we hand tune our SQL from the ground up, so this is less of a problem for us. I find the two products to be pretty comparable in other aspects, though I haven't tried Postgres-R yet.
I haven't played with MySQL since back when you couldn't do sub-SELECTS, so I have no idea how much it's progressed since then.
At this stage, I'd suggest you stick with a commercial product for replication or clustering for high end work. Clustering and replication is still the bleeding edge for OSS, so use it with caution on non-critical tasks. Having said that, these are complex tasks you're talking about, and even the commercial products have their own peculiarities at times. High volume replication using Oracle materialized views over database links comes to mind.
The difference is quite simple: it costs me money to receive email from you. If you send email to 1 million people, the total cost for you is much less than the total cost for the 1 million recipients.
I agree. As an author of a Python library, I was operating under the belief that the LGPL provided the terms I wanted; use my library however you like, but any changes to it have to be made available. The GPL wasn't suitable, and the BSD license was a bit too much.
If the LGPL is interpreted as applying to code someone else writes by making use of my library, not cutting&pasting the code, then I'm going to change the license I use. Simple as that.
As someone else has already said, I don't believe this interpretation of Section 6 is in the spirit of the LGPL as I understand it. I believe the license should be changed so that Section 6 adheres to that spirit.
Based on the descriptions given in the original article and the Reg article, I think this scheme is doomed to fail because of the very architecture it employs... unless M$ simultaneously use their monopoly position as leverage to get it installed, their relationship with chipmakers to get it on the latest and greatest mobos and their marketing skill to spin the hell out of it and convince the clueless that it's a great idea. It will still take a phased approach over at least a 5 year timeframe.
Even then, there are numerous flaws in the idea, IMHO, simply based on the way Jo Public uses her PC. Check out my more lengthy response to this article here.
Just a quick finale as I think we've just about reached the end of this particular thread. You mention that you suspect it has very few sites on it. Doesn't that bother you? Wouldn't you like to know that it has only a few? If that were the case I'd be pretty upset that all this money has been spent on something that censors a handful of sites. The cost/benefit analysis on that looks pretty unattractive to me.
What if, as I suspect, a lot more sites are being censored? I want to be sure that those sites are being censored in accordance with the existing censorship laws. By keeping the list secret it is not possible for community review of what decisions the ABA is making, and as a publicly funded body, I believe I have the right to know and I disagree with the AAT's reasons for refusing to disclose this information.
Lastly, you are entitled to your opinion that there are more worthwhile issues. I consider this particular issue part of a larger battle and worth expending effort on. "All that is required for evil to triumph is for good men to do nothing" after all. You may not have heard of it being used, but I have, though I don't have references close to hand. Check EFA's website and I'm sure you'll find some. I believe someone has to do something about it.
First they came for the Jews
and I did not speak out
because I was not a Jew.
Then they came for the Communists
and I did not speak out
because I was not a Communist.
Then they came for the trade unionists
and I did not speak out
because I was not a trade unionist.
Then they came for me
and there was no one left
to speak out for me.
- Pastor Martin Niemöller
It would appear I didn't express myself clearly enough. I'll give it another go.
First up you accuse me of generating noise. I take great pains to add more signal to slashdot and any other online forum, so if I have failed, I apologise. I am simply seeking to clarify the reasons why this decision is poor. I disagree that the reasons given for the denial of the FOI request were sufficient. Of greater import is the bit towards the end of that paragraph. The AAT found that the Internet censorship regime would be ineffective if it operated under the same conditions as offline censorship, ie: books, movies etc. That is broken. It is a fatally flawed system if it can only operate in secrecy while the standard censorship process is apparently good enough for everything else.
You say the system was never secret, and yet it is the secrecy of the system that the AAT has upheld. The list of blocked sites is secret. That's the problem. If a movie or book is censored (think Lolita or Baise Moire) the Australian public are able to know that it was censored. Not so for online content. It is this discontinutity of standards that is at issue.
You also say that you don't care because nothing you want to access is blocked. Yay for you. What about everyone else? What if a site I want to get access to is blocked? How many of them are there? Specifically, which sites are blocked and why? Are those reasons good enough or was the decision purely arbitrary? Maybe dissenting opinions are being blocked and we don't know.
Your argument citing sites breaching hate crime legislation is a strawman. There are already laws in place for dealing with illegal conduct. However, just because something is against the law here doesn't mean that a site hosted offshore can't publish it. Observe the actions of China. That said, material that is illegal in the country where the site is hosted can be reported to the appropriate authorities in that country for them to deal with. The fact of the matter is that we have no idea what sites are being blocked and for what reason. That is unacceptable. The blocking may be justified, but how do we know?
The big problem I have is that the AAT themselves recommended a review of the legislation due to the very reason they gave for denying the FOI request. That's just weird logic, and I take offence to the fact that my tax dollars have to pay for this dog's breakfast when they could be paying for something more useful.
Lastly, I agree with you that Australian censorship has traditionally been relatively relaxed. We're trying to keep it that way.
That said, I'm disappointed in the quality of responses to this article here on slashdot. Had I known, I'd have posted a link to EFA's press release on this issue earlier:
http://www.efa.org.au/Publish/PR020613.html
Now, the problem here is that EFA attempted to get access to the blocklist being implemented by the ABA by using the Freedom of Information Act. Not the content, just the blocklist. In much the same way that censorware publishers won't allow anyone to view their blocklists, the AAT refused, but cites highly suspects reasons, to wit:
The Administrative Appeals Tribunal yesterday ruled that the
Commonwealth Government's Internet censorship regime would be
ineffective if it did not operate under a veil of secrecy, unlike
offline censorship laws.
[...]
Therefore, the AAT ruled that the information requested by EFA was
exempt from disclosure on the ground that "disclosure would, or could
reasonably be expected to, have a substantial adverse effect on the
proper and efficient conduct" of the ABA's operations (s.40(1)(d) of the
FOI Act) and that the public interest in disclosure (s.40(2)) was
outweighed by the adverse effect on the ABA's operations they considered
would result from disclosure.
So, basically, they were saying that if people were able to see what was being blocked, the system wouldn't work. Excuse me? What sort of dodgy system is that? If it can't work with disclosure of the blocklist, then I would say the system is fundamentally flawed. Indeed, that's what EFA and numerous others were saying when this system was first proposed. Now that those concerns have been borne out, will the system be scrapped? No, it will continue to operate under a veil of secrecy, wasting my tax dollars on something that is inherently broken.
That is the problem the EFA, and I, have with this thing. That is the reason we're unimpressed with this decision.
This is more a perception problem on the part of end-users of software, which has come about due to the poor marketing practices of companies selling computers and computer software. People have been convinced that computers are easy to use, when they are not. Whether or not they should be is debatable and I won't go into it, but it is unreasonable to assume that a general purpose computing device should be as easy to use as a special purpose appliance like a microwave, or a car, or a VCR, and we all know how much trouble people have with these devices.
Now, ratifying this unreasonable expectation of software in law is misguided. There are already sufficient principles in law to handle the situation. People should be educated to understand what 'use at own risk' means. If you wish to have a piece of software that absolutely must work (and has been proven to do so) then you will need to pay the price to have such software developed. The fact that you desire mission critical software should not prevent me from obtaining and using 'at risk' software for my own use.
People sue too much as it is. Grow a spine and take responsibility for your own actions for once. You bought and installed the software. You have taken the risk and the responsibility. If that's unacceptable, cough up the dough to get someone to write a bulletproof webbrowser. Or use a typewriter.
I think you've got the right idea here, though it'll take a little while as serious bandwidth gets rolled out to handle all the traffic. I personally love the idea of being able to issue a request such as your example: I want to watch episode 47 of the Simpsons, or some obscure movie, or a particular foreign film. My local videostore doesn't have it, and I don't really like it enough to buy a full copy, but I want to watch it right now.
Imagine being able to wander over to your PC in the corner and enter in the search and play it via streaming video? Now instead of pure P2P which would serve this audience best, imagine the concept of cable television on an Internet scale:
Imagine a multitude of multicast networks, each with a specific server and/or mirrors (aka repeaters) serving a particular set of content. Instead of only having access to what the local broadcast companies decide to show, you've got access to a worldwide choice of channels.
Add to this the lower cost of entry for indie films, community access TV, etc. and watch the level of content online explode. Sure, large tracts of it will be complete crap, just like the rest of the net. But there will be islands of quality, or special interest material, that rarely makes it to air currently.
I just hope it doesn't end up mirroring the current state of play: hundreds of channels and there's nothing on.
It's not quite as simple as you appear to believe.
There is a lack of competition in the Australian marketplace. The encumbent has no reason to provide reasonably priced wholesale and expedient access to the local loop. Just try getting a bank of DSL modems co-lo in a Telstra PoP. They own the only access point for broadband to the majority of potential customers. Laying cable/fibre/whatever is expensive.
Ok, so we use wireless to get around local loop issues, and take on the issues that come with using wireless (range, fresnel zones, interference, etc). Cool. Now I can talk to a wedge of other people in the same city as me. As soon as I want to send or receive content outside the local net you need longhaul upstream pipes. Guess who owns them?
I still think it'd be a fantabulous idea. Get a local WLAN ISP set up and buy wholesale longhaul pipes from whoever has them. There is slightly more competition in the PoP-to-PoP wholesale business. Sooner or later you're going to need to connect to the rest of the 'net though, and that's where you'll get slugged.
Building your own network is fine if you're a UUnet or a Sprint or just want to talk to the other WLAN people within line-of-sight. As soon as you start needing PoP-to-PoP connectivity, you're going to start needing wads of cash to pay the big boys.
So basically, if you want broadband you have to either jump through all the Happy Fun Hoops of setting up a small ISP or just embrace the BOHICA principle and hand over the cash.
Either way, I don't relish the idea of going back to dialup.
This is slashdot, so I'm using more relaxed language than I would in, say, a board meeting. Well, depending on the board.;-)
I guess it boils down to my reputation. If I allow other people to adversely affect my reputation, that hurts me. Financially and otherwise. That annoys me and so, by extension, do the people causing the problem. That is why I have a low tolerance for people who are decidedly unhelpful in getting the job done.
It's not just management, either. I've had to deal with just as many techos who really shouldn't have been in the role they were. Sometimes that's not their fault, and the better people know and admit it. It's the others that bother me. I'm sure most people have been in similar situations before. I consider it part of my job to minimise those occasions and give my clients the best value for money I can. It's a lot more fun that way, too.
I am not interested in starting a management vs. IT cascade. Both groups of people have different jobs to do that are equally necessary. I'm involved in both activities, depending on the role I'm filling at the time. I am aware of the attitude required when dealing with others in a work environment.. etc.
My point was that a security policy is broken if it is a) necessary to make lots of exceptions or b) lots of exceptions are made because of the egos of those involved. This goes for everyone. I just chose middle management because I've observed a greater occurance of the problem stemming from there. I am aware this is not statistically valid.
Do not assume I am a management hating l33t h4x0r. I am a professional. I treat others that way and expect to be treated that way. It is when this process breaks down that I become frustrated. My clients pay me far too much money to suffer fools lightly.
First off, it seems to be security and anti-virus firms that are advocating this strategy, which rings my 'vested interest' alarm bells straight off. The subtext is 'invest more money in security and anti-virus technology to solve this massive problem you're not aware of'. FUD for upper management.
Having said that, there is indeed a need for increased security awareness in many companies. Buying more gear isn't really that cost effective though. Educating your people and letting them know the expected behaviour is better. This includes increasing the Cluedness of manglement so that they are aware of what their people are doing. If someone feels a need to surf pr0n all day instead of doing their job, your problem is not giving them access to pr0n. Why not find out why people are doing it instead of working?
If you've got people using decent passwords that they don't put on PostIt notes on their monitor; if your network techs are using ssh instead of telnet to configure routers; if every two bit middle manager stops demanding to be an exception to all the rules; and if you still have security issues, then maybe you can start looking at more drastic solutions. Security must be holistic, and more often than not it's more a business process issue, not a purely technical one.
Lastly, I've been at sites with really tight access policies that were easy enough to bypass for someone in the know. If there's any outbound access permitted, there's a way to bypass the security. So go ahead and implement this stuff. If I really want to get past it, I probably can.
But then, I've got better things to do with my time than surf pr0n at work, so when I say I need ssh access outbound, I actually do. Don't stop me doing my job by implementing some half-assed pseudo-security solution. Better yet, hire me to do it right!;-)
You appear to have failed to grasp the true meaning of this paper. It is not saying "Scrap all that Gnutella is! It's a load of $EXCREMENT!" It is providing an alternative internetworking topology based on mathematical theory that provides a higher theoretical bandwidth utilisation than is currently enjoyed when the network scales to a large number of nodes.
To simplify: If the Gnutella network used a different node addressing (and associated routing) scheme, total aggregate bandwidth of the entire network would be increased, even as the network scaled upwards of a million nodes.
The underlying physical wiring is exactly the same for this method as for the existing Gnutella topology. That's the whole point. By simply changing the way Gnutella nodes connect to one another you can increase the aggregate network efficiency. It isn't manufacturing bandwidth out of thin air, it is making more efficient use of what is already there. Read over sections 4 and 5 again perhaps.
Finally, I have to admit to being somewhat boggled by your last paragraph. Are you suggesting that in order to become part of a network you must be part of the network already? Various routing protocols have solutions for how to dynamically insert a new node into a topology. STP, OSPF and EIGRP have differing methods, not particularly analagous to Gnutella, but useful nonetheless. A 'closed cycle' as you refer to it could also be thought of as a routing loop. It is possible to have multiple paths and not have a routing loop, something routing protocols are generally designed to prevent. What you're talking about here is that you have to have connectivity into a network in order to become a part of the network, which is somewhat obvious. I mean, it does generally work better if you plug it in.
It was an interesting read, but the author is a little off base with the analogy. I believe an analogy with more direct correlation to the real world would be more like this:
Semi-permeable membranes, aka firewalls. A person's skin acts as a pretty good firewall, allowing certain substances in or out and is mostly successful. It is possible to exploit it through making harmful substances appear to have the signature of allowed substances, in the same way that allowing inbound connections of any kind permits other connection types to mimic it: eg, hijacking a terminated telnet connection and sending traffic in the reverse direction. I can't think of a skin analogy for access-list allow host port established syntax, but I'm sure one exists. Firewalls thus play an important part of a biological system.
Complex system interactions. If one were to use an individual cell as an analogy for a computer network and pathways into and out of the cell as the routes through the firewall then you come close to the biological analogy proposed in the article. Note that cells do not in fact advertise that they are under attack from viruses. Other cells notice that a virus attack in underway and react accordingly, with varying degrees of success. It is this approach that would be more useful to take by analogy from biological systems and apply to the computer/network security field. The same problems exist.
Firstly there is the problem of the existing IDS not noticing an intrusion or failing to take sufficient action, such as for any biological infection which causes the death of the host. The biological solution to this is to immunise the system by exposing it to a non-lethal form of the pathogen to educate it for what to look for. A virus-scanner is a good example: Virus signature updates are the computer/network security version of immunisation.
Then there is the problem of overreaction. In a biological system this is equivalent to the so-called '20th Century Syndrome' of boy-in-bubble fame. The biological system's IDS incorrectly registers normal operations as an intrusion and acts as it would for a normal intrusion, causing illness or death. This is a 'false-positive' reaction and is even more likely in a poorly designed IDS. As an example, reference the number of false positives generated by end users who install ZoneAlarm or equivalent personal firewalls. This is the same 'Microsoft is DoS-ing me!' argument mentioned by another respondent.
So, the analogy has merit, but is poorly expressed in the article. I wish to point out that the main advance in IDS and security in general is not the establishment of a new analogy, paradigm or any other buzzword. I believe there are two key aspects that become increasingly important:
1. Correctness of implementation. This is fixing inherent security problems that allow infection to occur. This requires hardening of software, systems and networks. Most people in the field acknowledge this to be true.
2. Greater correlation. This is the ability to more correctly diagnose likely causes from symptoms. The security administrator becomes the highly trained doctor, using knowledge gained from analysis of known pathogens, methods of attack and problems inherent in existing symptoms and uses this knowledge to faster and more accurately diagnose root causes, and prescribe a solution. The use of tools, preferably automated, greatly increase the effectiveness of this approach. I believe it is in this area that the greatest advances have yet to occur.
Quite a few people appear to object to companies making profits beyond what they feel is "fair", highly dependant on their own notion of what "fair" is. It's that attitude that I challenge.
I'm curious as to what you mean by "make available at zero additional cost". Software is somewhat unique in that manufacture of additional units can be done at extremely low cost, but you still have to decide on the initial price point to make back the R&D costs of building the thing in the first place. It's a huge gamble: Too high a price and you won't sell enough units. Too low and you don't make enough money on each one. In either of these cases you go bankrupt and can't improve your product or create any others. I've only recently become truly aware of just how complex the whole thing is, and I still don't know the half of it.
There's always a tradeoff between complete freedom by giving it all away and actually making some money. So far free software models have proven very difficult to make work. It appears to be because of the existing culture of both businesses and consumers combined. I think it will change, but incrementally. Every little step is beneficial, so support those who make steps in the right direction rather than punish those who don't go the whole hog straight away.
This article was of particular interest to me for reasons I won't go into here, but I agree with you about its poor quality. There are other bits I disagree with too:
What's this "One movement with two factions" nonsense? I don't belong to any faction, or movement. They are two viewpoints shared by two separate groups of people who seem to spend a hell of a lot of time bickering about who has the moral high ground. I don't have an affiliation with either of them. I happen to use some of their software is all.
I've seen some pretty reasonable explanations of the costs of software development too, which surprised me. To summarise: R&D costs, equipment costs, legal fees, rent, wages, etc. Now, if you're running a not-for-profit type charitable organisation, that's basically it and all you have to do is cover costs. If you're a commercial business with shareholders, you have to make profit. This is usually codified in the corporations law of whatever country you're in. The shareholders want to make money on their investment too.. otherwise they'll take their money and go somewhere else. That's why a company, no matter what it does, needs to make money.
People seem to have an issue with this concept.. particularly if the company makes lots of money. Sure, they've made back the development costs on the original software project.. but now what do they do? Improve the software or add new products to their portfolio. It's a rare company that will survive for long by sitting on their laurels after a single successful project.
And while we're at it, what's wrong with making a lot of money by doing a great job? You make a piece of really useful software and a lot of people part with their hard earned cash to use it to make their lives easier in some way. I just don't see why that's a bad thing.
After reading both articles and various posts here, I find that I have to agree that open sourcing all code in publicly funded research would be a bad thing. There is some confusion as to what this actually means and people have, as usual, not really read the articles and started posting about what they think the articles said.
The articles are not talking about simply the results of publicly funded research. I agree that the results of publicly funded research, be they new drugs, funky mathematical algorithms, etc should be released into the public domain. Not copyrighted. The public at large funded the research and so the public should have access to the results to do with as they will. This includes selling stuff based on the research, and doesn't exclude the team that created it.
But that's not what the articles were getting at. They were talking about the tools used internally to get those results. A lot of those tools are proprietary though some have the good old "free for private or non-commercial use" clause in them. It also covers modifications to those bits of software that are kept purely internal.
There is nothing wrong with that, since these are merely tools used to make getting the research results easier. What you're paying for is not a little tweak to the tools your research team have made, but the actual deliverable which is the purpose of the research.
I operate exactly the same way in the real commercial world. When I do a gig for a client, they get the deliverables. A configured system, doco, maybe a specific program. They don't get copies of all my funky helper scripts that I use to get the job done. They don't get a copy of my.muttrc file because I sent project related email. They don't get my perl script that automatically uploads the newest versions of config files via ssh. That's not what they've paid me for.
So at the end of the day, making all tools used by publicly funded research GPL is not what people really mean. What they really mean is to have the results of publicly funded research be made public.
So... you agree with me? I was making a distinction between the example you've given and the ones listed in the article. Having said that, corporations and other people have rights too. Free speech doesn't mean you can just mouth off whenever and whatever you feel like. In the cases listed in the original article, the companies in question had every right to seek legal redress. In the example I included, the person was spamming. I thought everyone on/. thought spammers were evil and should be shot at birth?;)
Note that I'm not saying companies, and indeed individuals, don't use legal threats when someone writes or says something they don't like. I agree that that is bad. My point was to recognise when it's a real threat to freedom of speech versus a case when the law is actually being used as intended, despite the fact that it happens to be a corporation in the right. Treating every case of a company suing an individual as Evil Corporations On The Rampage is misguided.
Slashdot Mirror
So yeah. Hi.
I wrote some more detailed commentary on my blog, if you want more details than would fit in a short news article.
http://www.eigenmagic.com/2013/01/24/will-the-warmest-100-prove-a-scorcher/ and http://www.eigenmagic.com/2013/01/26/warmest-100-updates/
It's nearly midnight here, but if I get a chance in the morning, I'll post up some more info including the code I used to replicate the Warmest 100's methods, and some scatterplots showing how the accuracy of the predictions got better the closer things got to number one, similar to the tableau link from diodegod.
Statistics is the new black. :)
It appears we are in violent agreement. Excellent. :)
You have an inflated opinion of the quality of 'enterprise' software.
When something breaks in an enterprise app, you can go to the vendor and say 'fix this'... only to have them ignore you because you're not one of the top 20 accounts. You have to wait until the next patch release, if the vendor decides your problem is important enough to make it into the development schedule. Which is only practical when you're a commercial vendor with limited resources.
As for 'definitive' tech-support, you need to be a top account if you want access to the top engineers. Even then, think you'll be able to talk to the guys who write the code? Think again. The documentation is superficial, and doesn't cover your problem (it's never happened before, after all). You can't get access to the engineer who might be able to help you. Definitive support in a specified time frame? Hah! Try waiting while the vendor tries time and time again to figure out what's wrong.
The number of times I've had to design around flaws in vendor products because of bugs, misfeatures, or missing features.. well, it's made me a rich man. We didn't have time to wait for the vendor to fix things, because we had a product to ship, or a project burning through its budget. And we certainly didn't have the time or money to sue anyone. It took the EU 10 years to get Microsoft to release protocol documentation. Think you can do better?
If software 'x' dies and it's a vendor product, you can't fix it yourself. You have to wait. If software 'x' is open source, you have the option of fixing it yourself, or buying someone who can.
You're right that enterprise software is about more than the code. It's certainly possible to make the wrong choice of open source software for a large company. But don't kid yourself that sticking to 'enterprise' vendors is the lowest risk solution.
It is entirely possible that it was sub-optimal database tuning, as mentioned by another poster. I'll be sure to check out the new optimizer when I get back to the SQL side of the project. Also, it wasn't enough of a problem for us to log a bug, since we assumed that the appropriate wizards were probably already working on such things. We're not on such a tight release schedule that we need such things fixed ASAP.
Having read all the replies to my post (wow) I realise I've only scratched the surface of Postgres. I look forward to delving more into its depths.
Some of us who compare OSS databases to commercial ones have experience that extends past address books. And no, I'll pass on the DSW if you don't mind.
My main problem with PostgreSQL is the query optimiser. Oracle's query optimiser is definitely superior as Postgres occasionally comes up with some peculiar query plans. In a product I'm involved with, we hand tune our SQL from the ground up, so this is less of a problem for us. I find the two products to be pretty comparable in other aspects, though I haven't tried Postgres-R yet.
I haven't played with MySQL since back when you couldn't do sub-SELECTS, so I have no idea how much it's progressed since then.
At this stage, I'd suggest you stick with a commercial product for replication or clustering for high end work. Clustering and replication is still the bleeding edge for OSS, so use it with caution on non-critical tasks. Having said that, these are complex tasks you're talking about, and even the commercial products have their own peculiarities at times. High volume replication using Oracle materialized views over database links comes to mind.
The difference is quite simple: it costs me money to receive email from you. If you send email to 1 million people, the total cost for you is much less than the total cost for the 1 million recipients.
I should not have to pay for your speech.
If the LGPL is interpreted as applying to code someone else writes by making use of my library, not cutting&pasting the code, then I'm going to change the license I use. Simple as that.
As someone else has already said, I don't believe this interpretation of Section 6 is in the spirit of the LGPL as I understand it. I believe the license should be changed so that Section 6 adheres to that spirit.
Even then, there are numerous flaws in the idea, IMHO, simply based on the way Jo Public uses her PC. Check out my more lengthy response to this article here.
What if, as I suspect, a lot more sites are being censored? I want to be sure that those sites are being censored in accordance with the existing censorship laws. By keeping the list secret it is not possible for community review of what decisions the ABA is making, and as a publicly funded body, I believe I have the right to know and I disagree with the AAT's reasons for refusing to disclose this information.
Lastly, you are entitled to your opinion that there are more worthwhile issues. I consider this particular issue part of a larger battle and worth expending effort on. "All that is required for evil to triumph is for good men to do nothing" after all. You may not have heard of it being used, but I have, though I don't have references close to hand. Check EFA's website and I'm sure you'll find some. I believe someone has to do something about it.
First up you accuse me of generating noise. I take great pains to add more signal to slashdot and any other online forum, so if I have failed, I apologise. I am simply seeking to clarify the reasons why this decision is poor. I disagree that the reasons given for the denial of the FOI request were sufficient. Of greater import is the bit towards the end of that paragraph. The AAT found that the Internet censorship regime would be ineffective if it operated under the same conditions as offline censorship, ie: books, movies etc. That is broken. It is a fatally flawed system if it can only operate in secrecy while the standard censorship process is apparently good enough for everything else.
You say the system was never secret, and yet it is the secrecy of the system that the AAT has upheld. The list of blocked sites is secret. That's the problem. If a movie or book is censored (think Lolita or Baise Moire) the Australian public are able to know that it was censored. Not so for online content. It is this discontinutity of standards that is at issue.
You also say that you don't care because nothing you want to access is blocked. Yay for you. What about everyone else? What if a site I want to get access to is blocked? How many of them are there? Specifically, which sites are blocked and why? Are those reasons good enough or was the decision purely arbitrary? Maybe dissenting opinions are being blocked and we don't know.
Your argument citing sites breaching hate crime legislation is a strawman. There are already laws in place for dealing with illegal conduct. However, just because something is against the law here doesn't mean that a site hosted offshore can't publish it. Observe the actions of China. That said, material that is illegal in the country where the site is hosted can be reported to the appropriate authorities in that country for them to deal with. The fact of the matter is that we have no idea what sites are being blocked and for what reason. That is unacceptable. The blocking may be justified, but how do we know?
The big problem I have is that the AAT themselves recommended a review of the legislation due to the very reason they gave for denying the FOI request. That's just weird logic, and I take offence to the fact that my tax dollars have to pay for this dog's breakfast when they could be paying for something more useful.
Lastly, I agree with you that Australian censorship has traditionally been relatively relaxed. We're trying to keep it that way.
That said, I'm disappointed in the quality of responses to this article here on slashdot. Had I known, I'd have posted a link to EFA's press release on this issue earlier:
http://www.efa.org.au/Publish/PR020613.html
Now, the problem here is that EFA attempted to get access to the blocklist being implemented by the ABA by using the Freedom of Information Act. Not the content, just the blocklist. In much the same way that censorware publishers won't allow anyone to view their blocklists, the AAT refused, but cites highly suspects reasons, to wit:
So, basically, they were saying that if people were able to see what was being blocked, the system wouldn't work. Excuse me? What sort of dodgy system is that? If it can't work with disclosure of the blocklist, then I would say the system is fundamentally flawed. Indeed, that's what EFA and numerous others were saying when this system was first proposed. Now that those concerns have been borne out, will the system be scrapped? No, it will continue to operate under a veil of secrecy, wasting my tax dollars on something that is inherently broken.
That is the problem the EFA, and I, have with this thing. That is the reason we're unimpressed with this decision.
Now, ratifying this unreasonable expectation of software in law is misguided. There are already sufficient principles in law to handle the situation. People should be educated to understand what 'use at own risk' means. If you wish to have a piece of software that absolutely must work (and has been proven to do so) then you will need to pay the price to have such software developed. The fact that you desire mission critical software should not prevent me from obtaining and using 'at risk' software for my own use.
People sue too much as it is. Grow a spine and take responsibility for your own actions for once. You bought and installed the software. You have taken the risk and the responsibility. If that's unacceptable, cough up the dough to get someone to write a bulletproof webbrowser. Or use a typewriter.
Imagine being able to wander over to your PC in the corner and enter in the search and play it via streaming video? Now instead of pure P2P which would serve this audience best, imagine the concept of cable television on an Internet scale:
Imagine a multitude of multicast networks, each with a specific server and/or mirrors (aka repeaters) serving a particular set of content. Instead of only having access to what the local broadcast companies decide to show, you've got access to a worldwide choice of channels.
Add to this the lower cost of entry for indie films, community access TV, etc. and watch the level of content online explode. Sure, large tracts of it will be complete crap, just like the rest of the net. But there will be islands of quality, or special interest material, that rarely makes it to air currently.
I just hope it doesn't end up mirroring the current state of play: hundreds of channels and there's nothing on.
There is a lack of competition in the Australian marketplace. The encumbent has no reason to provide reasonably priced wholesale and expedient access to the local loop. Just try getting a bank of DSL modems co-lo in a Telstra PoP. They own the only access point for broadband to the majority of potential customers. Laying cable/fibre/whatever is expensive.
Ok, so we use wireless to get around local loop issues, and take on the issues that come with using wireless (range, fresnel zones, interference, etc). Cool. Now I can talk to a wedge of other people in the same city as me. As soon as I want to send or receive content outside the local net you need longhaul upstream pipes. Guess who owns them?
I still think it'd be a fantabulous idea. Get a local WLAN ISP set up and buy wholesale longhaul pipes from whoever has them. There is slightly more competition in the PoP-to-PoP wholesale business. Sooner or later you're going to need to connect to the rest of the 'net though, and that's where you'll get slugged.
Building your own network is fine if you're a UUnet or a Sprint or just want to talk to the other WLAN people within line-of-sight. As soon as you start needing PoP-to-PoP connectivity, you're going to start needing wads of cash to pay the big boys.
So basically, if you want broadband you have to either jump through all the Happy Fun Hoops of setting up a small ISP or just embrace the BOHICA principle and hand over the cash.
Either way, I don't relish the idea of going back to dialup.
I guess it boils down to my reputation. If I allow other people to adversely affect my reputation, that hurts me. Financially and otherwise. That annoys me and so, by extension, do the people causing the problem. That is why I have a low tolerance for people who are decidedly unhelpful in getting the job done.
It's not just management, either. I've had to deal with just as many techos who really shouldn't have been in the role they were. Sometimes that's not their fault, and the better people know and admit it. It's the others that bother me. I'm sure most people have been in similar situations before. I consider it part of my job to minimise those occasions and give my clients the best value for money I can. It's a lot more fun that way, too.
My point was that a security policy is broken if it is a) necessary to make lots of exceptions or b) lots of exceptions are made because of the egos of those involved. This goes for everyone. I just chose middle management because I've observed a greater occurance of the problem stemming from there. I am aware this is not statistically valid.
Do not assume I am a management hating l33t h4x0r. I am a professional. I treat others that way and expect to be treated that way. It is when this process breaks down that I become frustrated. My clients pay me far too much money to suffer fools lightly.
Having said that, there is indeed a need for increased security awareness in many companies. Buying more gear isn't really that cost effective though. Educating your people and letting them know the expected behaviour is better. This includes increasing the Cluedness of manglement so that they are aware of what their people are doing. If someone feels a need to surf pr0n all day instead of doing their job, your problem is not giving them access to pr0n. Why not find out why people are doing it instead of working?
If you've got people using decent passwords that they don't put on PostIt notes on their monitor; if your network techs are using ssh instead of telnet to configure routers; if every two bit middle manager stops demanding to be an exception to all the rules; and if you still have security issues, then maybe you can start looking at more drastic solutions. Security must be holistic, and more often than not it's more a business process issue, not a purely technical one.
Lastly, I've been at sites with really tight access policies that were easy enough to bypass for someone in the know. If there's any outbound access permitted, there's a way to bypass the security. So go ahead and implement this stuff. If I really want to get past it, I probably can.
But then, I've got better things to do with my time than surf pr0n at work, so when I say I need ssh access outbound, I actually do. Don't stop me doing my job by implementing some half-assed pseudo-security solution. Better yet, hire me to do it right! ;-)
To simplify: If the Gnutella network used a different node addressing (and associated routing) scheme, total aggregate bandwidth of the entire network would be increased, even as the network scaled upwards of a million nodes.
The underlying physical wiring is exactly the same for this method as for the existing Gnutella topology. That's the whole point. By simply changing the way Gnutella nodes connect to one another you can increase the aggregate network efficiency. It isn't manufacturing bandwidth out of thin air, it is making more efficient use of what is already there. Read over sections 4 and 5 again perhaps.
Finally, I have to admit to being somewhat boggled by your last paragraph. Are you suggesting that in order to become part of a network you must be part of the network already? Various routing protocols have solutions for how to dynamically insert a new node into a topology. STP, OSPF and EIGRP have differing methods, not particularly analagous to Gnutella, but useful nonetheless. A 'closed cycle' as you refer to it could also be thought of as a routing loop. It is possible to have multiple paths and not have a routing loop, something routing protocols are generally designed to prevent. What you're talking about here is that you have to have connectivity into a network in order to become a part of the network, which is somewhat obvious. I mean, it does generally work better if you plug it in.
Semi-permeable membranes, aka firewalls. A person's skin acts as a pretty good firewall, allowing certain substances in or out and is mostly successful. It is possible to exploit it through making harmful substances appear to have the signature of allowed substances, in the same way that allowing inbound connections of any kind permits other connection types to mimic it: eg, hijacking a terminated telnet connection and sending traffic in the reverse direction. I can't think of a skin analogy for access-list allow host port established syntax, but I'm sure one exists. Firewalls thus play an important part of a biological system.
Complex system interactions. If one were to use an individual cell as an analogy for a computer network and pathways into and out of the cell as the routes through the firewall then you come close to the biological analogy proposed in the article. Note that cells do not in fact advertise that they are under attack from viruses. Other cells notice that a virus attack in underway and react accordingly, with varying degrees of success. It is this approach that would be more useful to take by analogy from biological systems and apply to the computer/network security field. The same problems exist.
Firstly there is the problem of the existing IDS not noticing an intrusion or failing to take sufficient action, such as for any biological infection which causes the death of the host. The biological solution to this is to immunise the system by exposing it to a non-lethal form of the pathogen to educate it for what to look for. A virus-scanner is a good example: Virus signature updates are the computer/network security version of immunisation.
Then there is the problem of overreaction. In a biological system this is equivalent to the so-called '20th Century Syndrome' of boy-in-bubble fame. The biological system's IDS incorrectly registers normal operations as an intrusion and acts as it would for a normal intrusion, causing illness or death. This is a 'false-positive' reaction and is even more likely in a poorly designed IDS. As an example, reference the number of false positives generated by end users who install ZoneAlarm or equivalent personal firewalls. This is the same 'Microsoft is DoS-ing me!' argument mentioned by another respondent.
So, the analogy has merit, but is poorly expressed in the article. I wish to point out that the main advance in IDS and security in general is not the establishment of a new analogy, paradigm or any other buzzword. I believe there are two key aspects that become increasingly important:
1. Correctness of implementation. This is fixing inherent security problems that allow infection to occur. This requires hardening of software, systems and networks. Most people in the field acknowledge this to be true.
2. Greater correlation. This is the ability to more correctly diagnose likely causes from symptoms. The security administrator becomes the highly trained doctor, using knowledge gained from analysis of known pathogens, methods of attack and problems inherent in existing symptoms and uses this knowledge to faster and more accurately diagnose root causes, and prescribe a solution. The use of tools, preferably automated, greatly increase the effectiveness of this approach. I believe it is in this area that the greatest advances have yet to occur.
I'm curious as to what you mean by "make available at zero additional cost". Software is somewhat unique in that manufacture of additional units can be done at extremely low cost, but you still have to decide on the initial price point to make back the R&D costs of building the thing in the first place. It's a huge gamble: Too high a price and you won't sell enough units. Too low and you don't make enough money on each one. In either of these cases you go bankrupt and can't improve your product or create any others. I've only recently become truly aware of just how complex the whole thing is, and I still don't know the half of it.
There's always a tradeoff between complete freedom by giving it all away and actually making some money. So far free software models have proven very difficult to make work. It appears to be because of the existing culture of both businesses and consumers combined. I think it will change, but incrementally. Every little step is beneficial, so support those who make steps in the right direction rather than punish those who don't go the whole hog straight away.
What's this "One movement with two factions" nonsense? I don't belong to any faction, or movement. They are two viewpoints shared by two separate groups of people who seem to spend a hell of a lot of time bickering about who has the moral high ground. I don't have an affiliation with either of them. I happen to use some of their software is all.
I've seen some pretty reasonable explanations of the costs of software development too, which surprised me. To summarise: R&D costs, equipment costs, legal fees, rent, wages, etc. Now, if you're running a not-for-profit type charitable organisation, that's basically it and all you have to do is cover costs. If you're a commercial business with shareholders, you have to make profit. This is usually codified in the corporations law of whatever country you're in. The shareholders want to make money on their investment too.. otherwise they'll take their money and go somewhere else. That's why a company, no matter what it does, needs to make money.
People seem to have an issue with this concept.. particularly if the company makes lots of money. Sure, they've made back the development costs on the original software project.. but now what do they do? Improve the software or add new products to their portfolio. It's a rare company that will survive for long by sitting on their laurels after a single successful project.
And while we're at it, what's wrong with making a lot of money by doing a great job? You make a piece of really useful software and a lot of people part with their hard earned cash to use it to make their lives easier in some way. I just don't see why that's a bad thing.
The program in the previous reply calculates it as 27,000,001 and the following link shows the shortcut method I used: http://www.cpa.us.mensa.org/solutions.html
The sum of digits in the 6 and 7 digit numbers, aka sum of digits of natural numbers from 100000 to 9999999, inclusive, is 312749999.
Why am I replying to an abusive AC again?
A = /001 /002
B =
etc. Numbers, dates and punctuation not included.
Answer's 27,000,001 in case you were wondering.
The articles are not talking about simply the results of publicly funded research. I agree that the results of publicly funded research, be they new drugs, funky mathematical algorithms, etc should be released into the public domain. Not copyrighted. The public at large funded the research and so the public should have access to the results to do with as they will. This includes selling stuff based on the research, and doesn't exclude the team that created it.
But that's not what the articles were getting at. They were talking about the tools used internally to get those results. A lot of those tools are proprietary though some have the good old "free for private or non-commercial use" clause in them. It also covers modifications to those bits of software that are kept purely internal.
There is nothing wrong with that, since these are merely tools used to make getting the research results easier. What you're paying for is not a little tweak to the tools your research team have made, but the actual deliverable which is the purpose of the research.
I operate exactly the same way in the real commercial world. When I do a gig for a client, they get the deliverables. A configured system, doco, maybe a specific program. They don't get copies of all my funky helper scripts that I use to get the job done. They don't get a copy of my .muttrc file because I sent project related email. They don't get my perl script that automatically uploads the newest versions of config files via ssh. That's not what they've paid me for.
So at the end of the day, making all tools used by publicly funded research GPL is not what people really mean. What they really mean is to have the results of publicly funded research be made public.
Note that I'm not saying companies, and indeed individuals, don't use legal threats when someone writes or says something they don't like. I agree that that is bad. My point was to recognise when it's a real threat to freedom of speech versus a case when the law is actually being used as intended, despite the fact that it happens to be a corporation in the right. Treating every case of a company suing an individual as Evil Corporations On The Rampage is misguided.