Currently, as the CTO of a small software company, I've had some experience dealing with coordinating millions of records per day, in a dynamically load-balanced, auto-failover variably sized computing cluster. It's been working amazingly well, and developing the ability to deliver performance at this level has been hugely rewarding on a very personal level.
If you were hosting an application, how could you actually provide 100x your current hosting capacity in 30 days?
The problem requires very careful consideration of just about every assumption, all the way down to the location of a temp file. Sure, you can write to a temp file if you need to, and then read it back on the next hit if it's appropriate, but what happens when the next hit is routed to a completely different machine?
Simple things become complicated, especially when you factor in the need to scale near-linearly. There are many, many wrinkles that are introduced as the number of potential cross-connections increase.
Designing an ATC system is a project that I think I would find amazingly fun and interesting!
And, as a private pilot, I have many times experienced the frustrations from the current system, which feels to me like a hodge-podge of technologies rooted in antiquity. I would *love* the challenge. (But not until I've finished taking my existing company to its logical conclusion!)
Really, are they gonna put the effort into this thing to keep it current for the next decade? To foster the type of developer and add-on community that Firefox has? I just don't see it happening. I think they really just hope that Firefox, Safari, and Opera et. al. incorporate all the new ideas in Chrome into their own products.
If they have structure their code properly (and initial feedback indicates that they have) it will take perhaps a dozen reasonably qualified software engineers to keep Chrome relevant. Compared to the size and resources of Google, this is a fairly small investment.
But the result is likely to be rather dramatic for Google: if they provide a simple, rapid, quality browser for a reasonable price that takes browsers to a whole new level, where the browser is very literally more like an operating system, this can have tremendous benefits for Google with its significant and growing number of online applications like google maps, gmail, calendar, and more by the day.
Unlike IE, Chrome developers only have to build a browser that works. They don't have to integrate with some ActiveX or Cocoa API, they don't have to maintain retro-compatibility with a bazillion intranet applications. They just have to make a browser that's cross-platform and implements O/S features in the 80 MB or so of its download size that were common in early Unix Operating Systems that were 10 MB or so.
While I have my doubts as to whether Chrome is everything claimed in their introductory comic, Chrome represents a good step forward, and the fact that it's open source and open license means that it's likely to spread far, wide, and deep within a few years.
It's a double-plus sign to the KDE team; Chrome is based on webkit which is based on Konqueror which was written for KDE. Open-source cross-polinization at work!
Did you read the comic announcing Chrome? I did. You should, too!
Sure, standard processes can share memory. Sure, they can share cookies. And I don't mind them doing so in a derivative fashion. EG: If I open Tab B from Tab A, it should get Tab A's cookies. But cookies in Tab B shouldn't "backport" to tab A.... The point is that if different processes can communicate with each other, that significantly increases the likelyhood of cross-tab / cross-process vulnerabilities. The attack footprint just grew, rather sharply, in size.
I have no problem with cookies being shared. I do have a problem with NEW cookies being shared across processes in an obviously shmop-type environment. Suddenly, tab A can theoretically access session cookies running in tab B, and worse, can even set them.
But that's not what the comic described! What I read sounded more like a description of a JVM or a chroot-jail. Each process would run in its own highly protected space. There were pictures of bars on the comic. And that sounds very different than the idea that the tabs all share a memory space that contains (among other things) security sensitive session cookies!
If I'm trolling, I sure don't mean to be. But it's pretty clear that the whole "each tab is a different process running in its own jail" is crap. Sorry. It may be significantly better than the "everything runs in a single process" model that FF uses. I don't want to imply that this isn't a significant improvement. But it's certainly less than claimed, and it's certainly less than their comic announcement led me to expect.
BTW: I've just noticed that the "process per tab" concept in Chrome is bullshit. If each tab truly represents its own process with its own address space, how come I can log in in one tab, and then use that login information in another?
I expect that behavior in FF - it's all the same process. But supposedly, tabs in Chrome are each their own process, a la Unix. This provides "protection" from each other, better browser stability, etc. But it's just not so. When looking at a tab, I can create a new tab, login in the new tab, and suddenly my login takes effect in the original tab.
So the whole "each tab is a process" is bullshit. They're talking to each other, and the "protection" offered to a tab from its neighbors is weak at best.
So here we have the Moz FF team saying: "We ain't dead yet!".
With IE as the undisputed champion, nothing happened. FF brought the "browser war" back, and suddenly IE starts getting new features.
Google's Chrome brings the browser war to a white heat - suddenly FF is being given a run for its money as the undisputed browser feature champion!
Here's what I'd like to see:
1) Process-per-tab. It sucks when some JS in some tab gets hung up, bringing everything else in the browser to its knees! Chrome is the only game in town here.
2) Fast (native-speed) JS execution. (Chrome? FF?)
3) Excellent plugin compatibility. Both FF and IE have this down.
4) Cross Platform support. I'm a Win/Mac/Linux guy, I expect my software to work equally on all three. FF is the clear winner here.
4) Ubiquity. For me, this is FF, because it's the first thing I download after a fresh OS install, regardless of the OS. But for most people, this is still IE.
What am I going to use? Firefox has my money, still. I type this in Chrome, but I usually am not using Windows, so Chrome, Safari, and IE are non-starters for me.
But Chrome makes it obvious: the browser is the next O/S.
Around the corner, and down a mile or so from my house is a wrecking yard. They seem to focus on late-model passenger cars. They *always* have a couple of Saturns for sale, and they sell a TON of them, for between $2,000 and $5,000 each.
For this, you usually get:
1) Midrange mileage. ~50,000 to 75,000 miles.
2) Clean body, paint, interior. They look nice, but usually have some kind of blemish on them. Everything "works" - A/C, lights, radios, heater, power windows, etc.
3) Excellent mechanical condition. They'll sail through smog check, and my local mechanic always gives them two thumbs up.
What are they? Salvage cars. They've been in an accident, they've been written off by the insurance company, and they piece them back together. Both of my sons drive them, they are excellent cars.
They get decent fuel economy - about 30 MPH freeway. They seat five people. They'll last 100,000 miles after your purchase, if you take care of them. (I have a Saturn with just shy of 200,000 miles on it, original engine and transmission) They go fast enough to be fun, they have a good record for safety, and you can invest the other $15,000 in something useful, so that in three years, you have earned almost $5,000! (%10 annual interest for 3 years)
Re:But we can already crash EVERY tab at once
on
Chrome Vs. IE 8
·
· Score: 1
Don't confuse architecture with implementation.
The architecture of chrome is that each tab works as a separate process, much like an operating system. The implementation of that architecture is obviously not 100% complete.
A good parallel is Java's runtime engine. Java applications run inside a jail that limits what a java application can do to your system. This makes a Java application natively more secure than a.exe just about any day of the week. However, over the years, a number of faults have been found in the implementation of the JRE architecture.
Bugs in implementation usually have little effect on the applications that depend on the architecture - because they fall outside the design goals of the architecture, most applications wouldn't care about the bug, except those that you want to prevent in the first place.
Chrome is a good set of ideas that Netscape was getting dangerously close to stumbling upon before Microsoft distracted them in 1997 or so. You have to respect Microsoft for delaying anything like Chrome from developing for a good 10 years or so.
Re:BloatWare Continues....
on
Chrome Vs. IE 8
·
· Score: 3, Insightful
I read a comparison made by Bill Gates back in about 1995 or so, in response to a question about bloat. He compared the cost of the software based on the cost to store the software on a new HDD, and the price to run the software on the price of memory.
Like all simplifications, it's an imperfect and incomplete answer, but it does make it pretty clear: the cost of software bloat is paled by the power and size of new computing platforms.
I remember spending over a thousand dollars for a measley 10 MB HDD. It was worth every penny, but you can bet that I zipped up everything I possibly could! A 1 MB program cost $100 to store!
Today,a copy of MS Office might consume a full 5 GB, when you install every possible option, clip art library, and language translation. (I'm wild-ass guessing here) But a 1 TB drive costs just $200, so even with everything, it's actually costing you about $1 to save that copy of MS Office with every option, clip art package, and bloatware feature enabled.
A 1.2 MB floppy disk from the early 80s cost 100x as much to store as today's horrifically bloated copy of MS Office. And, whatever program you could run on that 1.2 MB floppy disk isn't something you would care about.
Now, let's turn the argument around: You are a software developer. It's your job to write software and get people to buy it. Are you going to:
A) optimize your software, auditing every single file to the last degree, so that it consumes as little space as possible, removing every non-essential feature, at an average savings to each of your customers of $0.10 or so in saved disk space, or
B) Make sure that your product does more, is more capable, and has more features on the box than your competitor?
As CTO of a small, rapidly-growing software company, I really do try to write and develop elegant code. Code that's easy to read, with consistent variable names, code layout strategies, lots of comments, that avoids kick-yourself-in-the-head lame-brained algorithms, etc. I can sit down and read the code written by any of the developers working for me and read it instantly - the names are consistently agreed upon, the application architecture is clear and consistent, etc.
But none of this is geared towards saving the customer disk space, or reducing bloat - only adding new features at the lowest possible long-term cost!
Customers don't buy absence - they buy STUFF. They want the nicest one, and that means the one that has the most whirlygigs, that does the most, that is the shiniest or coolest, or sometimes, runs the fastest, or has the best security.
Don't think you'll get anywhere with "but mine's the most elegantly written!", unless you are able to translate that fact into "mine does the most/best/coolest stuff!".
Which begs the question: If a truth fell down in the middle of a forest, and nobody heard it, would your wife want to have sex with you?
Or, put another way, if truth were a car traveling down the highway, and were to suddenly be attacked by a mac fanboi in one of Balmer's thrown chairs, would the bad car analogy still allow this post be modded +4 insightful?
I find gmail almost perfect at classifying spam as such.
My first thought is that the rest of your post disproves this very first statement. But after careful consideration, I'm realizing that you are saying that "if it's spam, gmail will see it as such" but this says nothing about non-spam. To which, I offer the following as perhaps the perfect SPAM filter. It will categorically mark all spam as such, and will even delete it for you. Perfect detection!
Just put the following into a file called ".forward" in your home directory, on a UNIX mail server:
For a month at least, or more...texting was the only way you could get through on a cell phone from NOLA. I wonder why they can do text, but, not voice?
A voice call is a continuous 20,000 bit-per-second stream of data. A text message is, at its longest, about 10,000 bits of data, usually much shorter. So you can send hundreds of text messages in the data stream of a single, short "I'm OK" phone call.
Also, since text messages aren't continuous, they can be "packed in" between calls without bugging anybody. If your text message is delayed 30 seconds or so, nobody notices.
As long as it was a *LOW HUMIDITY* 65 degrees. 65 degrees at high humidity may be just as expensive to make into 65 degrees at low humidity as cooling dry, 95 degree air down to 65.
I pay good money to host my cluster in some of the finest hosting available on the West Coast. Along with the dual/redundant power, dual/redundant network feeds, and 24x7 tech support, the air is clean, ultra-pure, very dry, and cool. Fans last *forever* in this environment; after 3 years of 24x7 duty, there is no visible dust on the blades.There is not a lick of rust.
Would I change any of this in order to save even 70% on my hosting bill?
Sorry. Not for me, not when a single outage costs thousands directly, and untold thousands more in lost good will. In this case, anything cheaper is just too expensive.
Your solution *sounds* nice, but in fact, may drive cooling bills UP.
Where I live, it's routinely over 100 degrees (Yup. Ima 'merkin!) outside, today is expected to hit over 110. In order to provide a net savings, the hot air coming out from your server rack has to be even hotter than that, otherwise you're venting 90 degree air outside, then having to compensate for this by cooling down 110 degree air as it gets sucked into your building.
And this problem is exacerbated if there is relatively high humidity. (EG: Florida) Then, not only are you cooling down the air, you're pumping water out of the air, and since OP mentioned water drains and "not flooding" the place, this may well be him.
Now, if you're in an area where high temps are the exception, this may not be much of an issue. But it sure wouldn't work where I live.
OP: Here's what you do: Go to three reputable contractors. Get three quotes for the job. Get references for each contractor. Present this information to your boss.
If he/she can't handle that, you need to move on anyway.
Everybody knows passwords. We're all used to them. But they suck rather miserably for real security. They are a vast improvement over nothing at all, but they just aren't good enough, anymore.
All it takes is one leak of your password, and you're hung. Worse, you don't know that you're hung. You can't let somebody else use your password. Ever. You can't ask a family member to enter it in for you while you're on the road while they look up your bank balance on the way to the airport without disclosing your password.
And lots of people can see your password. Techies. Poorly-paid tech support people in India. System administrators. Clerks, counters, janitors, and people who dig up your stuff out of the pile of computer hardware behind XYZ large firm.
Passwords are a terrible, terrible idea for security, and have left the social environment highly vulnerable to vast compromises.
On the other hand, dual-key cryptography is rather good for security.
It doesn't matter who sees the key exchange. If somebody else gets your public key, it doesn't weaken the strength of your private key. Nobody else can see your private key. You don't need to disclose your private key to anyone to use it.
Personally, I'd like to see a password-key machine. Basically, a weak form of dual-key cryptography (at least as effective as a password) stored in a small doohickey. It has your private key. Rather than type in a password, you are given a set of characters that you need to encrypt with your doohickey. You type the characters into your doohickey, and indicate which private key you want to use. (since it's private, you really only need one)
You enter in the passphrase for your private key. You enter the response back into your website, whatever.
Weaknesses? Not many.
1) You can lose your doohickey. At which point you need to get another one, regenerate a private key, and hand out new public keys to everybody. But even with the doohickey, $RandomBadGuy can't do much without the passphrase. Which is not a "password" in the usual sense because it's only stored there, in the doohickey and cannot be seen by anybody else.
2) You can use your doohickey thru the phone. Your son-in-law is checking your bank balance for you, and you want him to - this time. He sees the challenge, and tells it to you. You enter challenge into doohickey, give him the response, and he types it in. That gives him nothing more than a login that time, because next time, the challenge will be different, and without doohickey, he can't do anything more.
3) Nobody else sees your private key. It's yours. It's private. Websites and such will have your public key, but it won't help them any since they don't have the private key that matches.
Doohickey doesn't have to be much - it could easily fit into a cell phone. Processing a small, 32-bit key isn't difficult, and the challenges don't have to be very long to well exceed the security of your average password. (EG: Wife's middle name, the street you were born on, etc)
But there's a seed of real truth underneath, that this joke betrays: The beauty of digital media is that the physical media is largely irrelevant. The only real considerations are preserving sufficient accuracy/reliability, and some means to read the data.
This truth is why the Internet is ever-pervasive. You don't care if I'm using Ethernet, Wifi, token-ring, Modem, bi-directional serial, or parallel-port hack to connect to the Internet. IP can rest on all of these. Physical media is no different. A file can be stored on flash, CD, DVD, Magneto-Optical, magnetic, floppy disk, 8-track tape, scratchings zeros and ones on a piece of paper, or by carefully organizing old shoes laid out in your office parking lot.
The medium is irrelevant, so long as a means of re-obtaining a pattern of zeros and ones is possible.
The other day, I went to my Mother-in-law's 60th birthday. Our present to her was a collection of a few hundred photographs in an album, along with a preface and pictures to hang up on her wall. All of these were prints that we bought at the local Rite-Aid of digital photographs. I've had a digital camera since a 1 Mp camera was "affordable". (eg: under $1,000, I love you Kodak DC-210!) I've also digitized every photograph I can with a flatbed scanner.
The resulting image library has gone from hard drive to hard drive to CD/DVD and flash drives. They've been all over the place. I've long ago thrown away the HDD they were first stored on, as well as a number of CD-Rs and DVD-Rs. I keep them online so that all my family can enjoy them, and they do.
Countless T-shirts, albums, coffee mugs, DVDs, CDs, screen-savers, desktops, digital picture frames, etc. have been made from this now 10+ year old photo archive of photographs, some as old as 70 years. The medium doesn't matter as soon as you go digital. As old physical mediums are antiquated, data is transferred to new physical mediums, usually with almost no negative, real-world impact except a boost in performance and capacity.
In this environment, the lack of a durable physical medium isn't the problem, it's the point!
On the other hand, if you have the extra space, it invites the usual waste in the form of archive directories for closed-out years, development junk, etc. Spinning round and round, doing nothing.
Yep. That's exactly it. $200 today buys a 1 TB drive. $200 a few years ago bought a 1 GB drive. As the price has fallen the value of the HDD has risen relative to its cost. Those archive directories and development junk aren't being deleted because they have value. Sure, it's enough value to justify keeping them around when a 1 GB drive costs $200, but they are worth keeping around with a 1 TB drive costs that much.
They aren't "doing nothing" - they just aren't doing enough that it's worth keeping it until the price drops enough.
All of this is making the 1 TB drive considerably more valuable than the 1 GB drive, despite their original purchase price parity. This is long-tail economics at work. As the individual bits become worth less and less, the value in of the bits in total continues to rise, resulting in a completely new set of capabilities.
My DVR is an excellent example of this - it's a thorough change in the way that I watch television. Suddenly, it's a family event that we can all share, because when I want to comment, I can just hit pause, and share my thought. Nothing's lost, if needed we can just hit rewind a bit, and suddenly, instead of being annoyed at my daughter for wanting to comment on a point during a televised debate, I'm excited and interested! No more SHUSHSTing at my family, it's now a much more shared experience.
The price of nonlinear access media has dropped so incredibly that marginal-value bits (like video) are suddenly cheap enough to make it all possible.
Don't confuse a "feat" with a "record". Feats are what people do. Records are feats that can be proven to have happened. If an achievement is not properly documented, there's no way to know for sure whether it was done.
So it's not whether or not the feat was surpassed, it's whether the feat was surpassed in a way that can be verified. I can say to you that I've got a cure for cancer, or tell you that I can run 30 MPH barefoot, but neither claim means anything there's some verification of the process - some official body (EG: the American Medical Association in the United States) has performed testing to some standard process to verify that the cancer cure I claim actually works at least most of the time. (In medicine, almost nothing works 100% of the time, not even aspirin)
You and I have no particular doubt that they flew the time they're claiming. But if it has not passed the most widely recognized process for validating this record, the RECORD still stands, and will stand until the proper process has been followed to record the fact that the old record has been broken.
However, they have a plan, which entails aircraft like this flying for MONTHS ON END. So they probably don't much care about documenting the record, since their numbers are likely to improve dramatically over the next year or so. Why go through the effort of documenting what is, for them, a rather minor, incremental step, solely to prove a record?
Because keeping money on the dash of your unlocked car (in plain view) is just as secure as keep it in a hidden safe in your cellar. Any moron can tell that there's a world of difference between these two scenarios, why do so many people fall for this marketshare myth?
Your argument about marketshare ignores the fact that there are real differences in security policy between the two systems, and that these differences do result in differing security footprints. Just like the cash on the dash vs. the hidden safe, there will be differences in security.
Setting aside the fact that basically all oceans are outside national borders -- why they're called international waters -- have you heard of Enron and power "deregulation" in California a few years back. Yeah, that was fun.
Anything can be done wrong. That doesn't mean it shouldn't be done. On the other hand, even this fiasco has its benefits: deregulating power in California has allowed me to specify where my electricity "comes from". I pay a bit extra to have all my power come from windmills. (Yeah, it's a fiction, but it's' close enough to work) Are you interested? Here's more information if you live in California
In addition, are you aware of how large the US is? Do you know of any power lines that stretch over 1,000 miles between a power station and a home? Being a state away is by no means local. The prices may be regulated, but electrical loss and electrical resistance do not give a rat's ass about in-state vs. out-of-state vs. international.
There are three (yes, three) major power grids in the United States. East Coast, West Coast, and Texas. It's routine for (say) California to buy power during times of need from Oregon and Nevada, and a thousand mile stretch isn't hard to conceive of. Seriously, man, google is your friend...
And this is perhaps my biggest gripe: relying on others to solve our problems.
I see, I should be making the 'lectric cars all by lonesome? Did you build your computer yourself? No, I don't mean buying mobos and RAM sticks at Egghead, I mean fabricating motherboards from fiberglass boards you spun yourself? Etching the silicon you refined yourself?
Didna think so. We're all part of this thingie called an "economy". By buying things that we support, we support the things we buy. I work to promote alternative education. It's my contribution to society, and society seems to think what I do is a reasonably good idea, based on the pay I receive. If/when it makes sense to retire from software, I fully intend to do something in the field of alternative energy. I'd like to start a windfarm, myself, I've seen some really good numbers coming from vertical-shaft Savonius rotor designs, and I think this field could use some more exploration.
On the other hand, if you're sick of waiting for others to solve our problems, perhaps you could go and cook up your own Thorium nuke plants? If it's what you say it is, you'll become wealthier than Mr. Burns. Impetus is there, if you're serious.
Far more problems would be solved if some of those lazy social science majors would get off their collective asses and take some "hard" science and/or engineering courses. At least then it would dawn on people that hydrogen is not an energy source.
I'm a software engineer. I've spent plenty of time learning "hard" science. Don't waste my time with a vague straw man argument.
Since we're throwing around Wired links, try this one about thorium reactors [wired.com]. Not all "nukes" are trying to replicate Chernobyl contrary to popular belief, and I don't see us running out of thorium anytime soon. If we can't figure out fusion before then, maybe we as a species deserve to die. Who knows?
Thorium is not obtained locally. Most of it is found in India and Australia. Thus, it's non-local, and in limited supply, largely determined by the good graces of the Aussies and Indians. The social, political, and economic problems have just been shifted to benefit a different part of the world. Wow. Whoopee! Big change. (While I'm not exactly opposed to nukes, I think there's a better way)
Side Note: a friend of mine happens to work closely with some of the top researchers in the field of Thorium reactors - she's the chief administrator for one of the research firms
Slashdot Mirror
Currently, as the CTO of a small software company, I've had some experience dealing with coordinating millions of records per day, in a dynamically load-balanced, auto-failover variably sized computing cluster. It's been working amazingly well, and developing the ability to deliver performance at this level has been hugely rewarding on a very personal level.
If you were hosting an application, how could you actually provide 100x your current hosting capacity in 30 days?
The problem requires very careful consideration of just about every assumption, all the way down to the location of a temp file. Sure, you can write to a temp file if you need to, and then read it back on the next hit if it's appropriate, but what happens when the next hit is routed to a completely different machine?
Simple things become complicated, especially when you factor in the need to scale near-linearly. There are many, many wrinkles that are introduced as the number of potential cross-connections increase.
Designing an ATC system is a project that I think I would find amazingly fun and interesting!
And, as a private pilot, I have many times experienced the frustrations from the current system, which feels to me like a hodge-podge of technologies rooted in antiquity. I would *love* the challenge. (But not until I've finished taking my existing company to its logical conclusion!)
I second this motion. Tiger direct sucks ASS if ever your order gets screwed up. And it will, eventually.
How much is your time worth to you?
Really, are they gonna put the effort into this thing to keep it current for the next decade? To foster the type of developer and add-on community that Firefox has? I just don't see it happening. I think they really just hope that Firefox, Safari, and Opera et. al. incorporate all the new ideas in Chrome into their own products.
If they have structure their code properly (and initial feedback indicates that they have) it will take perhaps a dozen reasonably qualified software engineers to keep Chrome relevant. Compared to the size and resources of Google, this is a fairly small investment.
But the result is likely to be rather dramatic for Google: if they provide a simple, rapid, quality browser for a reasonable price that takes browsers to a whole new level, where the browser is very literally more like an operating system, this can have tremendous benefits for Google with its significant and growing number of online applications like google maps, gmail, calendar, and more by the day.
Unlike IE, Chrome developers only have to build a browser that works. They don't have to integrate with some ActiveX or Cocoa API, they don't have to maintain retro-compatibility with a bazillion intranet applications. They just have to make a browser that's cross-platform and implements O/S features in the 80 MB or so of its download size that were common in early Unix Operating Systems that were 10 MB or so.
While I have my doubts as to whether Chrome is everything claimed in their introductory comic, Chrome represents a good step forward, and the fact that it's open source and open license means that it's likely to spread far, wide, and deep within a few years.
It's a double-plus sign to the KDE team; Chrome is based on webkit which is based on Konqueror which was written for KDE. Open-source cross-polinization at work!
Go Google!
Did you read the comic announcing Chrome? I did. You should, too!
Sure, standard processes can share memory. Sure, they can share cookies. And I don't mind them doing so in a derivative fashion. EG: If I open Tab B from Tab A, it should get Tab A's cookies. But cookies in Tab B shouldn't "backport" to tab A.... The point is that if different processes can communicate with each other, that significantly increases the likelyhood of cross-tab / cross-process vulnerabilities. The attack footprint just grew, rather sharply, in size.
I have no problem with cookies being shared. I do have a problem with NEW cookies being shared across processes in an obviously shmop-type environment. Suddenly, tab A can theoretically access session cookies running in tab B, and worse, can even set them.
But that's not what the comic described! What I read sounded more like a description of a JVM or a chroot-jail. Each process would run in its own highly protected space. There were pictures of bars on the comic. And that sounds very different than the idea that the tabs all share a memory space that contains (among other things) security sensitive session cookies!
If I'm trolling, I sure don't mean to be. But it's pretty clear that the whole "each tab is a different process running in its own jail" is crap. Sorry. It may be significantly better than the "everything runs in a single process" model that FF uses. I don't want to imply that this isn't a significant improvement. But it's certainly less than claimed, and it's certainly less than their comic announcement led me to expect.
And that leaves me disappointed.
BTW: I've just noticed that the "process per tab" concept in Chrome is bullshit. If each tab truly represents its own process with its own address space, how come I can log in in one tab, and then use that login information in another?
I expect that behavior in FF - it's all the same process. But supposedly, tabs in Chrome are each their own process, a la Unix. This provides "protection" from each other, better browser stability, etc. But it's just not so. When looking at a tab, I can create a new tab, login in the new tab, and suddenly my login takes effect in the original tab.
So the whole "each tab is a process" is bullshit. They're talking to each other, and the "protection" offered to a tab from its neighbors is weak at best.
So here we have the Moz FF team saying: "We ain't dead yet!".
With IE as the undisputed champion, nothing happened. FF brought the "browser war" back, and suddenly IE starts getting new features.
Google's Chrome brings the browser war to a white heat - suddenly FF is being given a run for its money as the undisputed browser feature champion!
Here's what I'd like to see:
1) Process-per-tab. It sucks when some JS in some tab gets hung up, bringing everything else in the browser to its knees! Chrome is the only game in town here.
2) Fast (native-speed) JS execution. (Chrome? FF?)
3) Excellent plugin compatibility. Both FF and IE have this down.
4) Cross Platform support. I'm a Win/Mac/Linux guy, I expect my software to work equally on all three. FF is the clear winner here.
4) Ubiquity. For me, this is FF, because it's the first thing I download after a fresh OS install, regardless of the OS. But for most people, this is still IE.
What am I going to use? Firefox has my money, still. I type this in Chrome, but I usually am not using Windows, so Chrome, Safari, and IE are non-starters for me.
But Chrome makes it obvious: the browser is the next O/S.
Is it really about cost?
Around the corner, and down a mile or so from my house is a wrecking yard. They seem to focus on late-model passenger cars. They *always* have a couple of Saturns for sale, and they sell a TON of them, for between $2,000 and $5,000 each.
For this, you usually get:
1) Midrange mileage. ~50,000 to 75,000 miles.
2) Clean body, paint, interior. They look nice, but usually have some kind of blemish on them. Everything "works" - A/C, lights, radios, heater, power windows, etc.
3) Excellent mechanical condition. They'll sail through smog check, and my local mechanic always gives them two thumbs up.
What are they? Salvage cars. They've been in an accident, they've been written off by the insurance company, and they piece them back together. Both of my sons drive them, they are excellent cars.
They get decent fuel economy - about 30 MPH freeway. They seat five people. They'll last 100,000 miles after your purchase, if you take care of them. (I have a Saturn with just shy of 200,000 miles on it, original engine and transmission) They go fast enough to be fun, they have a good record for safety, and you can invest the other $15,000 in something useful, so that in three years, you have earned almost $5,000! (%10 annual interest for 3 years)
Don't confuse architecture with implementation.
The architecture of chrome is that each tab works as a separate process, much like an operating system. The implementation of that architecture is obviously not 100% complete.
A good parallel is Java's runtime engine. Java applications run inside a jail that limits what a java application can do to your system. This makes a Java application natively more secure than a .exe just about any day of the week. However, over the years, a number of faults have been found in the implementation of the JRE architecture.
Bugs in implementation usually have little effect on the applications that depend on the architecture - because they fall outside the design goals of the architecture, most applications wouldn't care about the bug, except those that you want to prevent in the first place.
Chrome is a good set of ideas that Netscape was getting dangerously close to stumbling upon before Microsoft distracted them in 1997 or so. You have to respect Microsoft for delaying anything like Chrome from developing for a good 10 years or so.
I read a comparison made by Bill Gates back in about 1995 or so, in response to a question about bloat. He compared the cost of the software based on the cost to store the software on a new HDD, and the price to run the software on the price of memory.
Like all simplifications, it's an imperfect and incomplete answer, but it does make it pretty clear: the cost of software bloat is paled by the power and size of new computing platforms.
I remember spending over a thousand dollars for a measley 10 MB HDD. It was worth every penny, but you can bet that I zipped up everything I possibly could! A 1 MB program cost $100 to store!
Today,a copy of MS Office might consume a full 5 GB, when you install every possible option, clip art library, and language translation. (I'm wild-ass guessing here) But a 1 TB drive costs just $200, so even with everything, it's actually costing you about $1 to save that copy of MS Office with every option, clip art package, and bloatware feature enabled.
A 1.2 MB floppy disk from the early 80s cost 100x as much to store as today's horrifically bloated copy of MS Office. And, whatever program you could run on that 1.2 MB floppy disk isn't something you would care about.
Now, let's turn the argument around: You are a software developer. It's your job to write software and get people to buy it. Are you going to:
A) optimize your software, auditing every single file to the last degree, so that it consumes as little space as possible, removing every non-essential feature, at an average savings to each of your customers of $0.10 or so in saved disk space, or
B) Make sure that your product does more, is more capable, and has more features on the box than your competitor?
As CTO of a small, rapidly-growing software company, I really do try to write and develop elegant code. Code that's easy to read, with consistent variable names, code layout strategies, lots of comments, that avoids kick-yourself-in-the-head lame-brained algorithms, etc. I can sit down and read the code written by any of the developers working for me and read it instantly - the names are consistently agreed upon, the application architecture is clear and consistent, etc.
But none of this is geared towards saving the customer disk space, or reducing bloat - only adding new features at the lowest possible long-term cost!
Customers don't buy absence - they buy STUFF. They want the nicest one, and that means the one that has the most whirlygigs, that does the most, that is the shiniest or coolest, or sometimes, runs the fastest, or has the best security.
Don't think you'll get anywhere with "but mine's the most elegantly written!", unless you are able to translate that fact into "mine does the most/best/coolest stuff!".
Which begs the question: If a truth fell down in the middle of a forest, and nobody heard it, would your wife want to have sex with you?
Or, put another way, if truth were a car traveling down the highway, and were to suddenly be attacked by a mac fanboi in one of Balmer's thrown chairs, would the bad car analogy still allow this post be modded +4 insightful?
No, they share 1 line.
#include<stdio.h>
I find gmail almost perfect at classifying spam as such.
My first thought is that the rest of your post disproves this very first statement. But after careful consideration, I'm realizing that you are saying that "if it's spam, gmail will see it as such" but this says nothing about non-spam. To which, I offer the following as perhaps the perfect SPAM filter. It will categorically mark all spam as such, and will even delete it for you. Perfect detection!
Just put the following into a file called ".forward" in your home directory, on a UNIX mail server:
"> /dev/null"
For a month at least, or more...texting was the only way you could get through on a cell phone from NOLA. I wonder why they can do text, but, not voice?
A voice call is a continuous 20,000 bit-per-second stream of data. A text message is, at its longest, about 10,000 bits of data, usually much shorter. So you can send hundreds of text messages in the data stream of a single, short "I'm OK" phone call.
Also, since text messages aren't continuous, they can be "packed in" between calls without bugging anybody. If your text message is delayed 30 seconds or so, nobody notices.
As long as it was a *LOW HUMIDITY* 65 degrees. 65 degrees at high humidity may be just as expensive to make into 65 degrees at low humidity as cooling dry, 95 degree air down to 65.
I pay good money to host my cluster in some of the finest hosting available on the West Coast. Along with the dual/redundant power, dual/redundant network feeds, and 24x7 tech support, the air is clean, ultra-pure, very dry, and cool. Fans last *forever* in this environment; after 3 years of 24x7 duty, there is no visible dust on the blades.There is not a lick of rust.
Would I change any of this in order to save even 70% on my hosting bill?
Sorry. Not for me, not when a single outage costs thousands directly, and untold thousands more in lost good will. In this case, anything cheaper is just too expensive.
Let's see... Large email provider, throwaway addresses, access until you don't want it anymore...
You mean, kinda like Mailinator??
There are others, Mailinator is the easiest.
Your solution *sounds* nice, but in fact, may drive cooling bills UP.
Where I live, it's routinely over 100 degrees (Yup. Ima 'merkin!) outside, today is expected to hit over 110. In order to provide a net savings, the hot air coming out from your server rack has to be even hotter than that, otherwise you're venting 90 degree air outside, then having to compensate for this by cooling down 110 degree air as it gets sucked into your building.
And this problem is exacerbated if there is relatively high humidity. (EG: Florida) Then, not only are you cooling down the air, you're pumping water out of the air, and since OP mentioned water drains and "not flooding" the place, this may well be him.
Now, if you're in an area where high temps are the exception, this may not be much of an issue. But it sure wouldn't work where I live.
OP: Here's what you do: Go to three reputable contractors. Get three quotes for the job. Get references for each contractor. Present this information to your boss.
If he/she can't handle that, you need to move on anyway.
A large portion of Spanish speakers (e.g. Latin America) live in extreme poverty, so I doubt they'll all be downloading IE8 Beta anytime soon.
Of course they will! IT'S FREE.
You seem to have a basic lack of understanding about dual key cryptography.
Everybody knows passwords. We're all used to them. But they suck rather miserably for real security. They are a vast improvement over nothing at all, but they just aren't good enough, anymore.
All it takes is one leak of your password, and you're hung. Worse, you don't know that you're hung. You can't let somebody else use your password. Ever. You can't ask a family member to enter it in for you while you're on the road while they look up your bank balance on the way to the airport without disclosing your password.
And lots of people can see your password. Techies. Poorly-paid tech support people in India. System administrators. Clerks, counters, janitors, and people who dig up your stuff out of the pile of computer hardware behind XYZ large firm.
Passwords are a terrible, terrible idea for security, and have left the social environment highly vulnerable to vast compromises.
On the other hand, dual-key cryptography is rather good for security.
It doesn't matter who sees the key exchange. If somebody else gets your public key, it doesn't weaken the strength of your private key. Nobody else can see your private key. You don't need to disclose your private key to anyone to use it.
Personally, I'd like to see a password-key machine. Basically, a weak form of dual-key cryptography (at least as effective as a password) stored in a small doohickey. It has your private key. Rather than type in a password, you are given a set of characters that you need to encrypt with your doohickey. You type the characters into your doohickey, and indicate which private key you want to use. (since it's private, you really only need one)
You enter in the passphrase for your private key. You enter the response back into your website, whatever.
Weaknesses? Not many.
1) You can lose your doohickey. At which point you need to get another one, regenerate a private key, and hand out new public keys to everybody. But even with the doohickey, $RandomBadGuy can't do much without the passphrase. Which is not a "password" in the usual sense because it's only stored there, in the doohickey and cannot be seen by anybody else.
2) You can use your doohickey thru the phone. Your son-in-law is checking your bank balance for you, and you want him to - this time. He sees the challenge, and tells it to you. You enter challenge into doohickey, give him the response, and he types it in. That gives him nothing more than a login that time, because next time, the challenge will be different, and without doohickey, he can't do anything more.
3) Nobody else sees your private key. It's yours. It's private. Websites and such will have your public key, but it won't help them any since they don't have the private key that matches.
Doohickey doesn't have to be much - it could easily fit into a cell phone. Processing a small, 32-bit key isn't difficult, and the challenges don't have to be very long to well exceed the security of your average password. (EG: Wife's middle name, the street you were born on, etc)
Yeah, it's a joke. Bah haw haw!
Haw haw.
But there's a seed of real truth underneath, that this joke betrays: The beauty of digital media is that the physical media is largely irrelevant. The only real considerations are preserving sufficient accuracy/reliability, and some means to read the data.
This truth is why the Internet is ever-pervasive. You don't care if I'm using Ethernet, Wifi, token-ring, Modem, bi-directional serial, or parallel-port hack to connect to the Internet. IP can rest on all of these. Physical media is no different. A file can be stored on flash, CD, DVD, Magneto-Optical, magnetic, floppy disk, 8-track tape, scratchings zeros and ones on a piece of paper, or by carefully organizing old shoes laid out in your office parking lot.
The medium is irrelevant, so long as a means of re-obtaining a pattern of zeros and ones is possible.
The other day, I went to my Mother-in-law's 60th birthday. Our present to her was a collection of a few hundred photographs in an album, along with a preface and pictures to hang up on her wall. All of these were prints that we bought at the local Rite-Aid of digital photographs. I've had a digital camera since a 1 Mp camera was "affordable". (eg: under $1,000, I love you Kodak DC-210!) I've also digitized every photograph I can with a flatbed scanner.
The resulting image library has gone from hard drive to hard drive to CD/DVD and flash drives. They've been all over the place. I've long ago thrown away the HDD they were first stored on, as well as a number of CD-Rs and DVD-Rs. I keep them online so that all my family can enjoy them, and they do.
Countless T-shirts, albums, coffee mugs, DVDs, CDs, screen-savers, desktops, digital picture frames, etc. have been made from this now 10+ year old photo archive of photographs, some as old as 70 years. The medium doesn't matter as soon as you go digital. As old physical mediums are antiquated, data is transferred to new physical mediums, usually with almost no negative, real-world impact except a boost in performance and capacity.
In this environment, the lack of a durable physical medium isn't the problem, it's the point!
I wish retarded were a strong enough word.
Sadly... it's deficient.
On the other hand, if you have the extra space, it invites the usual waste in the form of archive directories for closed-out years, development junk, etc. Spinning round and round, doing nothing.
Yep. That's exactly it. $200 today buys a 1 TB drive. $200 a few years ago bought a 1 GB drive. As the price has fallen the value of the HDD has risen relative to its cost. Those archive directories and development junk aren't being deleted because they have value. Sure, it's enough value to justify keeping them around when a 1 GB drive costs $200, but they are worth keeping around with a 1 TB drive costs that much.
They aren't "doing nothing" - they just aren't doing enough that it's worth keeping it until the price drops enough.
All of this is making the 1 TB drive considerably more valuable than the 1 GB drive, despite their original purchase price parity. This is long-tail economics at work. As the individual bits become worth less and less, the value in of the bits in total continues to rise, resulting in a completely new set of capabilities.
My DVR is an excellent example of this - it's a thorough change in the way that I watch television. Suddenly, it's a family event that we can all share, because when I want to comment, I can just hit pause, and share my thought. Nothing's lost, if needed we can just hit rewind a bit, and suddenly, instead of being annoyed at my daughter for wanting to comment on a point during a televised debate, I'm excited and interested! No more SHUSHSTing at my family, it's now a much more shared experience.
The price of nonlinear access media has dropped so incredibly that marginal-value bits (like video) are suddenly cheap enough to make it all possible.
Don't confuse a "feat" with a "record". Feats are what people do. Records are feats that can be proven to have happened. If an achievement is not properly documented, there's no way to know for sure whether it was done.
So it's not whether or not the feat was surpassed, it's whether the feat was surpassed in a way that can be verified. I can say to you that I've got a cure for cancer, or tell you that I can run 30 MPH barefoot, but neither claim means anything there's some verification of the process - some official body (EG: the American Medical Association in the United States) has performed testing to some standard process to verify that the cancer cure I claim actually works at least most of the time. (In medicine, almost nothing works 100% of the time, not even aspirin)
You and I have no particular doubt that they flew the time they're claiming. But if it has not passed the most widely recognized process for validating this record, the RECORD still stands, and will stand until the proper process has been followed to record the fact that the old record has been broken.
However, they have a plan, which entails aircraft like this flying for MONTHS ON END. So they probably don't much care about documenting the record, since their numbers are likely to improve dramatically over the next year or so. Why go through the effort of documenting what is, for them, a rather minor, incremental step, solely to prove a record?
Riiighhht.
Because keeping money on the dash of your unlocked car (in plain view) is just as secure as keep it in a hidden safe in your cellar. Any moron can tell that there's a world of difference between these two scenarios, why do so many people fall for this marketshare myth?
Your argument about marketshare ignores the fact that there are real differences in security policy between the two systems, and that these differences do result in differing security footprints. Just like the cash on the dash vs. the hidden safe, there will be differences in security.
Setting aside the fact that basically all oceans are outside national borders -- why they're called international waters -- have you heard of Enron and power "deregulation" in California a few years back. Yeah, that was fun.
Anything can be done wrong. That doesn't mean it shouldn't be done. On the other hand, even this fiasco has its benefits: deregulating power in California has allowed me to specify where my electricity "comes from". I pay a bit extra to have all my power come from windmills. (Yeah, it's a fiction, but it's' close enough to work) Are you interested? Here's more information if you live in California
In addition, are you aware of how large the US is? Do you know of any power lines that stretch over 1,000 miles between a power station and a home? Being a state away is by no means local. The prices may be regulated, but electrical loss and electrical resistance do not give a rat's ass about in-state vs. out-of-state vs. international.
There are three (yes, three) major power grids in the United States. East Coast, West Coast, and Texas. It's routine for (say) California to buy power during times of need from Oregon and Nevada, and a thousand mile stretch isn't hard to conceive of. Seriously, man, google is your friend...
And this is perhaps my biggest gripe: relying on others to solve our problems.
I see, I should be making the 'lectric cars all by lonesome? Did you build your computer yourself? No, I don't mean buying mobos and RAM sticks at Egghead, I mean fabricating motherboards from fiberglass boards you spun yourself? Etching the silicon you refined yourself?
Didna think so. We're all part of this thingie called an "economy". By buying things that we support, we support the things we buy. I work to promote alternative education. It's my contribution to society, and society seems to think what I do is a reasonably good idea, based on the pay I receive. If/when it makes sense to retire from software, I fully intend to do something in the field of alternative energy. I'd like to start a windfarm, myself, I've seen some really good numbers coming from vertical-shaft Savonius rotor designs, and I think this field could use some more exploration.
On the other hand, if you're sick of waiting for others to solve our problems, perhaps you could go and cook up your own Thorium nuke plants? If it's what you say it is, you'll become wealthier than Mr. Burns. Impetus is there, if you're serious.
Far more problems would be solved if some of those lazy social science majors would get off their collective asses and take some "hard" science and/or engineering courses. At least then it would dawn on people that hydrogen is not an energy source.
I'm a software engineer. I've spent plenty of time learning "hard" science. Don't waste my time with a vague straw man argument.
Since we're throwing around Wired links, try this one about thorium reactors [wired.com]. Not all "nukes" are trying to replicate Chernobyl contrary to popular belief, and I don't see us running out of thorium anytime soon. If we can't figure out fusion before then, maybe we as a species deserve to die. Who knows?
Thorium is not obtained locally. Most of it is found in India and Australia. Thus, it's non-local, and in limited supply, largely determined by the good graces of the Aussies and Indians. The social, political, and economic problems have just been shifted to benefit a different part of the world. Wow. Whoopee! Big change. (While I'm not exactly opposed to nukes, I think there's a better way)
Side Note: a friend of mine happens to work closely with some of the top researchers in the field of Thorium reactors - she's the chief administrator for one of the research firms