...Is that you cannot make sure your users are careful.
...Or, you enforce password rotation, minimal password lengths, past histories, and minimum times between changes so they can't recycle between a few.
Yes, this is a pain to users, but interestingly enough they can actually handle it. Using a standing policy, locking out default password accounts that are not changed in a set period of time, and running password crackers against the database looking for weak passwords is minimal when you allow shell level access to machines.
After reading the article though, the idea that some have been compromised by NFS shares not ip restricted that allowed root... I find it very hard to have any sympathy for the admins in that case.
OpenAFS is a great solution to a problem, just not this one. It doesn't work in a detached state. On the other hand, the caching is quite aggressive, and if it's an option, you could set up two cells that trust each other and access files that way.
I'll be happier once the stable versions have two things though... >2gb file support, and support for 2.6 series kernels. Disconnected operation would be nice as well.
All of those are proposed projects, but not currently in the developement version (at least not in the changelogs).
Here's your oil. It can be processed from bio waste, tires, plastic, etc to produce light crude oil. The plant can also run off of the oil produced, needing under a fifth of the processed oil for operation.
There's a pilot plant outside Philly, and another in Montana or Missouri (don't remember).
With this available, I just wish we were far sighted enough to pop these up all over the country to process any and all recoverable waste. With this as an option, the need to drill for oil becomes greatly reduced if not eliminated.
It has absolutely nothing to do with being spoiled children, it's that our taxes on fuel use are not at the obsurd levels applied in many parts of the world. Just how much better would it be if the mostly hidden tax on gas wasn't there. Federal gas tax is 18.4 cents a gallon, MD tax rate is 23.5 cents a gallon. Someone come up with a single reason why gas should have a 26% tax on it?
If you stop the knee jerk reaction, why are fuel prices in Europe so much higher than the US three times in some cases? Taxes. $2.82 out of every $4.07 gallon in France is tax. It's just insane.
I've never understood this argument. In a corporate developement environment, $2400 is trivial, especially if it nets you cross-platform, integrated DB access, and a host of other base capabilities.
In the land of $100k for a DB, $70k servers, etc, $2400 is nothing. Now if you want to make the case that $2400 is too steep for a single developer, I've spent that much for Enterprise versions of JBuilder. Maybe it's too much for a shareware developer, or a budget strapped startup, but it's certainly not out of reach.
Not a flame, but given any reasonably supported card (X hardware acceleration) I find XP to be slower than KDE on the same hardware. Even when ratcheting up the geewiz effects of KDE. I can't speak to Gnome as I prefer KDE, so stick to using that.
Right now I'm working on a 2600+ AthlonXP box. It has a SIS VGA controller onboard and yes, XP or 2000 is faster on it by far. Yet on the box next door, it has a low end Nvidia, and KDE is faster than XP on that box.
Now whether all the features are needed, yep, that's preference. I personally find it makes me more productive.
Used to be simple. KDE was based on evil closed source libraries, and Gnome wasn't. KDE now is GPL'd, but to Gnome folks that's just as bad as companies can't sell commercial products without paying.
Just uncomfortable with the direction Gnome is going. I for one don't want.Net in any flavor on my boxes. Some part of me suspects Miguel drank from the same poisonous well as MS.
Note that as we're in the Styx, prices would be a bit higher.
AT&T (Tier 1) is costing us $698 per month for 2 year contract. Flat rate T1 (unmetered bandwidth) with AT&T providing the router (Cisco 2620) and managing it.
Sprint just started a sale in the same price range with a preconfigured but unmanaged 2620 thrown in.
Gentoo works fine at the server level. You tend to be more restrictive of your build flags, you preset your USE flags. If you're smart, you build for servers on a separate machine in chroot jail image while producing build-pkg's, then just install the builds on as many servers as you have.
Ditto for the desktop. As I slowly roll out Gentoo to desktops and servers, I'm finding it easier to work with than other systems.
If you really think that Gentoo is more bleeding edge than any other distribution out there, you're fooling yourself. Someone find one singular non-plural distribution that has automated testing of every aspect of the distribution? You're just as likely to get a gimpy openssh in Fedora as in Gentoo. The one exception possibly being Debian Stable as they are ultraconservative.
Linux on the Desktop is happening. It's just happening in the corporate world the exact same way that Linux snuck into the server room. It started replacing machines, and hiding the fact it's there from the user.
Case in point, LTSP 3 with Willey or LTSP 4 configured to point to a Terminal Server. Admittedly this isn't a "Linux Desktop" but it's a start.
Given a howto and 15 minutes, I can get basically any number of supported printers running under Cups. For the proverbial Aunt Tillie? Why should she know how? Set it up and go away.
Reality check. Aunt Tillie doesn't know how to set up a printer under Windows or OS X either. If you're lucky, you get a printer that supports Rendezvous, and maybe, MAYBE she might be taught to select the Rendezvous menu from the printer drop down to auto select something.
Having just bought a 400 disc Sony I faced a similar issue.
I got mine from Circuit City (instant gratification, no real price shopping) for $399 and splurged for the 5 year replacement.
The other solution would require a server pc with minimally 3 320 gig drives ($254 on pricewatch), and a media pc to play.
VLC will let you rip/decode.vobs to HD and let you use the menus.. So that would cover that.
Still thinking about doing something like this, but I think I'm going to try to come up with a reason to build a storage server besides just ripping DVDs. Don't think the wife would go for "Video on Demand" research.
Sure it takes time to compile/tweak/get it just right.
However may I submit... Both machines will take about as long to bring up from scratch. Linux from compiling, Windows from install plus all the associated patching and reboots.
Anyone who thinks that graphical configurations actually saves you time hasn't had to do much mucking with Exchange Server. There are parts of that that can only be touched with Microsoft's ADS editor. A black box tool they flat out tell you is dangerous in the extreme. Yet no other options exist.
Updating boxes is another thing. We have Windows 2000 servers and clients, 4 linux servers, and around a dozen LTSP based Windows Terminal Services linux client boxes. It's a lot faster for me to update the entire linux side than it is to update Windows. MS offers SUS, however it's buggy, and has a couple of known issues that cause it to just break. I still end up visiting the clients for updates.
My time is not free, and Linux is still cheaper relating to my time costs.
Sad part is that spending on military is one of the few valid, authorized duties of the federal government as per the constitution. In no way was social security, welfare, education, etc supposed to be performed on the federal level.
I keep hoping to wake up and find out "No child left behind," "Amnesty for illegals," etc are just bad dreams. Until cuts are really cuts and not just reductions in growth, the debt will never be fixed.
See others for why hydrogen really isn't that dangerous.
As to a tank getting hit by a nasty projectile... If it's a big enough hit to ignite the fuel, then odds are very good that tank will suffer ammunition cookoff, where the rounds of ammo it carries burns off it's propellant.
That is a thousand times worse than any fuel burn off you might have. Even if you have blow off armor over the ammo cache. Besides, nothing stopping you from doing the same with the fuel storage.
Let's not even consider the projectiles that'd be in the compartment from impact or spraying molten metal.
Exploding hydrogen would be such a small concern at that point...
Until/unless you're willing to send sufficient people (100 or more?) and sufficient manufacturing capabilities to actively convert local resources into meaningful material, a one way ticket is idiotic.
Never mind that if we were going to spend that much on sending that many one way with all supplies, we'd certainly be able to send a smaller team round trip with a duration of months on site.
It's not just that. When I first heard this report, I was really excited. But then I read this report [petroleumnews.com]
If there is life on Mars, it would probably be microorganisms in water deep below the surface of the planet. Dr. Geoffrey Briggs, director, Center for Mars Exploration at the NASA Ames Center, told "Meet Alaska" that NASA is looking at ways to drill on Mars to look for water -- and the life it might contain.
Briggs said NASA has been working with Halliburton, Shell, Baker-Hughes and the Los Alamos National Laboratory to identify drilling technologies that might work on Mars.
and now I'm afraid that this is just another ploy to give multi-billion dollar no-bid contracts to Halliburton.
Do you really have any idea what/who Halliburton is besides some dark evil that Bush prefers?
Halliburton is one of the world's largest providers of oil drilling EQUIPMENT. They don't drill it themselves, nor do they sell oil. Why did they get a nod in Iraq? Well, perhaps it could have been they did the original work. Or maybe it's because there's maybe 3 companies in the world that could do that level/amount of work, and one of them is French.... I'm not sure if they are valid bidders yet or not.
Just love knee jerk reactions.
Actually, I'm quite comfortable with the performance numbers Python turned in. I use Python quite a bit, and for the things the benchmark was run on, it's the kind of area I'd find looking for bottlenecks, and in turn implement in C or C++.
Python's huge win is not in speed, but in the ability to express the program in a very concise and easy to understand way.
The fact that Psyco can provide huge speed ups via a simple import is just icing.
If it's like our software here, it uses MS Office through calls to perform basic functions like printing reports, generating labels and such.
Now if somehow OpenOffice could be a drop in replacement to programs that do that, I'd switch about 40 machines tomorrow. Not one of those users use Office directly, but a vertical market app that needs Word to function.
I'm just curious, as I really would like to know. What about the violation to a person's right to a timely trial? Aren't there a fair number currently jailed thanks to the Patriot Act that have yet to have their day in court?
Yep. Been looking at both Coda and OpenAFS recently. Finally settled on OpenAFS. The strong points of CODA (disconnected operation) also tend to blow apart your consistency. Seems like one of the most common problems is partitioning due to RW replica volumes getting out of sync.
Other major issue to me was a limit on the number of files (due to metadata). Basically means that you need a server process running on the server for approximately every 25 gig you add to the CODA share.
OpenAFS didn't have RW replicas, or disconnected operation, but seems to scale to much larger storage sizes without shredding itself.
Never mind that AFS has been in production for literally years, serving terabytes of data for 10 thousand + clients (in several installations of AFS).
The Windows client did have some notable slowness issues, performance with Linux is excellent, and scales much better than NFS. Clients are available for a large number of OSs. Doesn't matter if it's the right time, just A time. So setup NTP on one machine as a primary, and the others can use ntpdate to set time once a day.
AFS started around 1986 as a commerical offering, IBM made it opensource in 2001. It can be a serious pain to set up at first, documents are indeed very outdated. Other limitations are no support for >2gig files. You can have readonly duplicates of data on multiple machines. Administration can be a dream once it's running.
You will need to have ext2 partitions available for storage (OpenAFS uses its own transaction system, and you WILL have race conditions if you put it on a journalling filesystem).
Also note that as of right now, 2.6 kernels are not supported, though 2.4/2.2 are fine.
www.openafs.org
CODA which was a start at an open source answer to AFS way back when, has even more out of date documentation, has never been used in production (that I know of), and basically is not nearly as ready for prime time as OpenAFS.
I have to use Earthlink for a dialup at this point. My company also cohosts at a location for email services. Earthlink (pinheads) allow you to fetch email from pop3 servers but NOT send email (they block port 25 excepting to their own).
So for earthlink to send email: 1) Must be on their network (fair enough) 2) Must NOT try to send mail through another smtp server (bogus) 3) The from addy must be a valid account on their system (so no using their smtp servers for work email).
Solution? A shell account with ssh ability. A quick:
Point the email servers to be localhost (or the machine ip you ran it on) and email away. The -C compression also makes a big difference if you're over slow dialups.
Maybe... JUST Maybe.. Those developers are using APIs that Apple has not made public because they haven't settled down yet?
To paraphrase... I have never understood why Linux device driver developers and users of devices tolerate Linus screwing them over every couple of years by changing kernel internals...
Actually, OO on OS X is pretty painless whether you know anything about X11 or not.
As a second point... Right now, on my Mac Ti Powerbook, I'm running OOffice 1.1.0 which not a major revision behind as you claim. The Mac site still says it's 1.0.3, but all the mirrors have both the rc3 1.1 candidate, and 1.1.0 final.
Slashdot Mirror
...Or, you enforce password rotation, minimal password lengths, past histories, and minimum times between changes so they can't recycle between a few.
Yes, this is a pain to users, but interestingly enough they can actually handle it. Using a standing policy, locking out default password accounts that are not changed in a set period of time, and running password crackers against the database looking for weak passwords is minimal when you allow shell level access to machines.
After reading the article though, the idea that some have been compromised by NFS shares not ip restricted that allowed root... I find it very hard to have any sympathy for the admins in that case.
OpenAFS is a great solution to a problem, just not this one. It doesn't work in a detached state. On the other hand, the caching is quite aggressive, and if it's an option, you could set up two cells that trust each other and access files that way.
I'll be happier once the stable versions have two things though... >2gb file support, and support for 2.6 series kernels. Disconnected operation would be nice as well.
All of those are proposed projects, but not currently in the developement version (at least not in the changelogs).
There's a pilot plant outside Philly, and another in Montana or Missouri (don't remember).
With this available, I just wish we were far sighted enough to pop these up all over the country to process any and all recoverable waste. With this as an option, the need to drill for oil becomes greatly reduced if not eliminated.
It has absolutely nothing to do with being spoiled children, it's that our taxes on fuel use are not at the obsurd levels applied in many parts of the world. Just how much better would it be if the mostly hidden tax on gas wasn't there. Federal gas tax is 18.4 cents a gallon, MD tax rate is 23.5 cents a gallon. Someone come up with a single reason why gas should have a 26% tax on it?
If you stop the knee jerk reaction, why are fuel prices in Europe so much higher than the US three times in some cases? Taxes. $2.82 out of every $4.07 gallon in France is tax. It's just insane.
The sample songs are not DRM'd. It wouldn't be until you actually bought a song you'd find out it wouldn't work.
I've never understood this argument. In a corporate developement environment, $2400 is trivial, especially if it nets you cross-platform, integrated DB access, and a host of other base capabilities.
In the land of $100k for a DB, $70k servers, etc, $2400 is nothing. Now if you want to make the case that $2400 is too steep for a single developer, I've spent that much for Enterprise versions of JBuilder. Maybe it's too much for a shareware developer, or a budget strapped startup, but it's certainly not out of reach.
Not a flame, but given any reasonably supported card (X hardware acceleration) I find XP to be slower than KDE on the same hardware. Even when ratcheting up the geewiz effects of KDE. I can't speak to Gnome as I prefer KDE, so stick to using that.
Right now I'm working on a 2600+ AthlonXP box. It has a SIS VGA controller onboard and yes, XP or 2000 is faster on it by far. Yet on the box next door, it has a low end Nvidia, and KDE is faster than XP on that box.
Now whether all the features are needed, yep, that's preference. I personally find it makes me more productive.
Used to be simple. KDE was based on evil closed source libraries, and Gnome wasn't. KDE now is GPL'd, but to Gnome folks that's just as bad as companies can't sell commercial products without paying.
.Net in any flavor on my boxes. Some part of me suspects Miguel drank from the same poisonous well as MS.
Just uncomfortable with the direction Gnome is going. I for one don't want
Good... I'm not the only person with an image of William Hung in mind going, "C bang! C bang! C move! C move!" /shudder
As we just priced it..
Note that as we're in the Styx, prices would be a bit higher.
AT&T (Tier 1) is costing us $698 per month for 2 year contract. Flat rate T1 (unmetered bandwidth) with AT&T providing the router (Cisco 2620) and managing it.
Sprint just started a sale in the same price range with a preconfigured but unmanaged 2620 thrown in.
Gentoo works fine at the server level. You tend to be more restrictive of your build flags, you preset your USE flags. If you're smart, you build for servers on a separate machine in chroot jail image while producing build-pkg's, then just install the builds on as many servers as you have.
Ditto for the desktop. As I slowly roll out Gentoo to desktops and servers, I'm finding it easier to work with than other systems.
If you really think that Gentoo is more bleeding edge than any other distribution out there, you're fooling yourself. Someone find one singular non-plural distribution that has automated testing of every aspect of the distribution? You're just as likely to get a gimpy openssh in Fedora as in Gentoo. The one exception possibly being Debian Stable as they are ultraconservative.
Linux on the Desktop is happening. It's just happening in the corporate world the exact same way that Linux snuck into the server room. It started replacing machines, and hiding the fact it's there from the user.
Case in point, LTSP 3 with Willey or LTSP 4 configured to point to a Terminal Server. Admittedly this isn't a "Linux Desktop" but it's a start.
Given a howto and 15 minutes, I can get basically any number of supported printers running under Cups. For the proverbial Aunt Tillie? Why should she know how? Set it up and go away.
Reality check. Aunt Tillie doesn't know how to set up a printer under Windows or OS X either. If you're lucky, you get a printer that supports Rendezvous, and maybe, MAYBE she might be taught to select the Rendezvous menu from the printer drop down to auto select something.
Having just bought a 400 disc Sony I faced a similar issue.
.vobs to HD and let you use the menus.. So that would cover that.
I got mine from Circuit City (instant gratification, no real price shopping) for $399 and splurged for the 5 year replacement.
The other solution would require a server pc with minimally 3 320 gig drives ($254 on pricewatch), and a media pc to play.
VLC will let you rip/decode
Still thinking about doing something like this, but I think I'm going to try to come up with a reason to build a storage server besides just ripping DVDs. Don't think the wife would go for "Video on Demand" research.
Sure it takes time to compile/tweak/get it just right.
However may I submit... Both machines will take about as long to bring up from scratch. Linux from compiling, Windows from install plus all the associated patching and reboots.
Anyone who thinks that graphical configurations actually saves you time hasn't had to do much mucking with Exchange Server. There are parts of that that can only be touched with Microsoft's ADS editor. A black box tool they flat out tell you is dangerous in the extreme. Yet no other options exist.
Updating boxes is another thing. We have Windows 2000 servers and clients, 4 linux servers, and around a dozen LTSP based Windows Terminal Services linux client boxes. It's a lot faster for me to update the entire linux side than it is to update Windows. MS offers SUS, however it's buggy, and has a couple of known issues that cause it to just break. I still end up visiting the clients for updates.
My time is not free, and Linux is still cheaper relating to my time costs.
Sad part is that spending on military is one of the few valid, authorized duties of the federal government as per the constitution. In no way was social security, welfare, education, etc supposed to be performed on the federal level.
I keep hoping to wake up and find out "No child left behind," "Amnesty for illegals," etc are just bad dreams. Until cuts are really cuts and not just reductions in growth, the debt will never be fixed.
See others for why hydrogen really isn't that dangerous.
As to a tank getting hit by a nasty projectile... If it's a big enough hit to ignite the fuel, then odds are very good that tank will suffer ammunition cookoff, where the rounds of ammo it carries burns off it's propellant.
That is a thousand times worse than any fuel burn off you might have. Even if you have blow off armor over the ammo cache. Besides, nothing stopping you from doing the same with the fuel storage.
Let's not even consider the projectiles that'd be in the compartment from impact or spraying molten metal.
Exploding hydrogen would be such a small concern at that point...
Seemed rather idiotic to me.
Until/unless you're willing to send sufficient people (100 or more?) and sufficient manufacturing capabilities to actively convert local resources into meaningful material, a one way ticket is idiotic.
Never mind that if we were going to spend that much on sending that many one way with all supplies, we'd certainly be able to send a smaller team round trip with a duration of months on site.
Actually, I'm quite comfortable with the performance numbers Python turned in. I use Python quite a bit, and for the things the benchmark was run on, it's the kind of area I'd find looking for bottlenecks, and in turn implement in C or C++.
Python's huge win is not in speed, but in the ability to express the program in a very concise and easy to understand way.
The fact that Psyco can provide huge speed ups via a simple import is just icing.
Actually, no.
If it's like our software here, it uses MS Office through calls to perform basic functions like printing reports, generating labels and such.
Now if somehow OpenOffice could be a drop in replacement to programs that do that, I'd switch about 40 machines tomorrow. Not one of those users use Office directly, but a vertical market app that needs Word to function.
No violations?
I'm just curious, as I really would like to know. What about the violation to a person's right to a timely trial? Aren't there a fair number currently jailed thanks to the Patriot Act that have yet to have their day in court?
Yep. Been looking at both Coda and OpenAFS recently. Finally settled on OpenAFS. The strong points of CODA (disconnected operation) also tend to blow apart your consistency. Seems like one of the most common problems is partitioning due to RW replica volumes getting out of sync.
Other major issue to me was a limit on the number of files (due to metadata). Basically means that you need a server process running on the server for approximately every 25 gig you add to the CODA share.
OpenAFS didn't have RW replicas, or disconnected operation, but seems to scale to much larger storage sizes without shredding itself.
Never mind that AFS has been in production for literally years, serving terabytes of data for 10 thousand + clients (in several installations of AFS).
The Windows client did have some notable slowness issues, performance with Linux is excellent, and scales much better than NFS. Clients are available for a large number of OSs. Doesn't matter if it's the right time, just A time. So setup NTP on one machine as a primary, and the others can use ntpdate to set time once a day.
AFS started around 1986 as a commerical offering, IBM made it opensource in 2001. It can be a serious pain to set up at first, documents are indeed very outdated. Other limitations are no support for >2gig files. You can have readonly duplicates of data on multiple machines. Administration can be a dream once it's running.
You will need to have ext2 partitions available for storage (OpenAFS uses its own transaction system, and you WILL have race conditions if you put it on a journalling filesystem).
Also note that as of right now, 2.6 kernels are not supported, though 2.4/2.2 are fine.
www.openafs.org
CODA which was a start at an open source answer to AFS way back when, has even more out of date documentation, has never been used in production (that I know of), and basically is not nearly as ready for prime time as OpenAFS.
www.coda.org
I have to use Earthlink for a dialup at this point. My company also cohosts at a location for email services. Earthlink (pinheads) allow you to fetch email from pop3 servers but NOT send email (they block port 25 excepting to their own).
So for earthlink to send email:
1) Must be on their network (fair enough)
2) Must NOT try to send mail through another smtp server (bogus)
3) The from addy must be a valid account on their system (so no using their smtp servers for work email).
Solution? A shell account with ssh ability. A quick:
sudo ssh -g -C -L 25:servername.com:25 -L 110:servername.com:110 username@servername.com
Point the email servers to be localhost (or the machine ip you ran it on) and email away. The -C compression also makes a big difference if you're over slow dialups.
Maybe... JUST Maybe.. Those developers are using APIs that Apple has not made public because they haven't settled down yet?
To paraphrase... I have never understood why Linux device driver developers and users of devices tolerate Linus screwing them over every couple of years by changing kernel internals...
Actually, OO on OS X is pretty painless whether you know anything about X11 or not.
As a second point... Right now, on my Mac Ti Powerbook, I'm running OOffice 1.1.0 which not a major revision behind as you claim. The Mac site still says it's 1.0.3, but all the mirrors have both the rc3 1.1 candidate, and 1.1.0 final.