Well, all I know is that whenever I submit articles to Slashdot exposing Intuit's dirty dealings or pointing out linux problems (OTHER THAN SECURITY PROBLEMS - Slashdot does a fine job of publicising those, thank the gods) they don't get posted. Of course, my writing skills suck, so that might have more to do with it...
OpenSSH runs great on my Red Hat boxen. The source and executable.rpms are downloadable .
FiSSH is being turned over to MIT, and as soon as they unscramble their (currently hosed) distribution and apply the known patch for Win98 compatibility (thot Win95/98 ran the same apps? think again) there will be a freely available SSH client for Winblows lamers, um, I meant mainstream users, built from True Free Open Source! Yay!
TeraTerm SSH is another Win32 client, but not really open source, because Teranishi-san has disappeared and the license is oddly written, but it does work for most purposes.
I've said it before, I'll say it again, riflip mapping is bunk. This so-called "genome" is a VERY rough aproximation of a subset of human DNA. Have you ever wondered where the restriction enzymes come from? Go look it up. What we need is a decompiler, not munged binaries. --Charlie
Don't forget the racist maunderings... anyway, if there were an easy way to admin linux (which is, incidentally, easier to admin than unix because of the file system standard) I'd use it. Y'see, I am often called on to admin our 2 HPUX, 2 Solaris, 1 SCO, 1 MVS (mainframe to you kiddies), 4 NT, 10 Netware, and 10 linux boxen. (In an earlier life I was a VMS guru, but I was actually good at that) and mostly what I'm concerned with is a good, solid, reliable system. Obviously I can't achieve that with NT; equally obviously Linuxconf blows chunks. Like a typical admin, I rarely have time to do any hard-core coding - just jamming scripts in where necessary - so I'm unlikely to write a linux managment tool myself. Nor will I pay for a proprietary one. But an OSS linux management tool that actually works? Damn, I'll pay for a couple CDs of that. Especially if it runs off a curses interface, but I'd settle for a web GUI. --Charlie
Does it suddenly delete the entire contents of the/etc/group file for no apparent reason? Does it introduce lines consisting of nothing but commas into the/etc/aliases file? Does it put things that belong in/etc/rc.d/init.d into oddly named files in the/etc/sysconfig tree?
If it doesn't do these things, it is a VAST improvement over linuxconf. I once made the mistake of letting the sysadmins here use linuxconf to administer our linux farm, and the company barely survived. --Charlie
Yes. Hang a couple of miles of wire into the Earth's magnetosphere and beam the power generated back down as microwaves. Major hurdles to be overcome with safety and environmental issues, not to mention a thorny strength-of-materials problem, but all solvable given unlimited funds. --Charlie
Sticks and Stones may break my bones but FUD will never concern me.
Well, you and most of the others commenting on this issue are sure willing to spread the FUD around....
1) Car battery disposal is not a major pollution problem (manufacture being another issue). Those little ever-readies that you're tossing blithely into the trash are one of the most pressing ecological issues of our time, but people driving electric cars recycle ALL their batteries (the spent cores are quite valuable) and most gas vehicle batteries are also recycled.
2) Point source pollution (i.e. power plants) is easier to control/prevent than distributed pollution (cf. privately operated internal combustion engines). Gas lawn mowers are one of the principal causes of air pollution in the US, incidentally.
3) Many people are supplied power from hydro, wind, or photovoltaic sources. If you actually become a part of the electric vehicle underground you will find that many people are generating their own power, or use power from commercial "green" providers.
Your statement "yes the energy does come from some coal or oil burning plant" is thus incorrect through overgeneralization, which makes it relatively accurate compared to most of what's being posted here. Your comments on ethanol and car prices are similarly FUDular.
The gas-electric hybrid car is what everyone who is not a hopeless idiot should be driving. That accounts for about 2% of the population, unfortunately.
Jeff, the coolest thing about nanotubes is their potential as a lightweight alternative to solid metal storage of hydrogen. As you know, vehicles with hydrogen propulsion systems need to carry fuel, and simple pressure bottles are essentially unsafe at any speed - even if the walls are thick enough to withstand collisions, failures of the valve assembly could be catastrophic. Safer methods have until recently centered around metallic storage, jamming the hydrogen atoms into palladium and/or various metal hydrides. Most of the research on this, incidentally, is being done by Germans. Unfortunately, Nelly Rodriguez of Northeastern University is said to have patented the concept of nanotube hydrogen storage, so don't hold your breath waiting for it to reach your driveway any time soon. These guys are trying to figure out exactly how/where the hydrogen is absorbed. --Charlie
Having engaged in various forms of sport combat for nearly 25 years I might actually have some valid input here... how unusual! The sword that put the scar in my right shoulder weighed less than 10 pounds. To get to my body it hacked a notch at least a half inch deep into a rawhide covered, laminated wood shield. This particular blade was not case-hardened, damascene, or pattern-welded, and was roughly 21 inches long. Oliver Cromwell's sword, on display in an English museum, is said to weigh in at 90 pounds. Although I have my doubts, and I haven't any information on whether the sword was simply the Lord Protector's parade piece or a weapon actually used in combat, it's not impossible. I have used a six-foot landesknecht sword that must have weighed at least 45 pounds and it was quite handy if used with appropriate technique. I've spent many a firelit night arguing this topic, and Burton's "Book of the Sword" (and probably Fox and Oakeshott as well) deals with it somewhat scientifically, but it comes down to personal taste. I like a 30 inch sword balanced roughly a palm's width forward of the quillons, weighing between 4 and 8 pounds, with a nice series of grooves in the blade to add stiffness without excessive bulk. My modern keyboard-jockey hands require a larger grip than I've ever found on a bronze-age or eastern weapon, about the size of the largest medieval european grips. In conclusion, there isn't really any such thing as a "traditional" broadsword, and sword weights used in actual combat vary widely in weight (2.5 to 100 pounds - anything lighter is a knife, anything heavier is some kind of pandybat or romphia) depending on cultural biases and personal taste. --Charlie
ERP is used by zaibatsus (large multi-national corporations) to ensure that multiple contracts are not entered into for the same products or services. For example, if your corporation is so large that they can negotiate a sweetheart deal with AT&T for telephones, you don't want individual site managers purchasing phones from Westinghouse because they haven't read every single contract the central office failed to send them. ERP is also used by companies that have fallen for the usual big software house hype (our software makes you sexier and gets the chinchbugs out of your lawn!) or who think they are bigger and more important than they really are. Most software of this genre is incredibly poorly coded. The source was accreted over many years in response to market surveys and customer feedback, and if it runs on the operating system for which it was originally developed it's because that operating system is very feature-stable (Hello MVS and HPUX!) and therefore essentially antiquated. The coders were typically wage slaves, usually poorly motivated Wallies and Dilberts, and often punished if they looked beyond the scope of their immediate assignment. So, if they opened the source there would be great embarassment (from Baan) and horror (from their customers). Just like any major CA product. --Charlie
Idiot. VMS can run the Internet just fine without any *nix at all. And VMS was the first POSIX compliant system while *nix was splintering into the fractious and fractured community it is today (huh? a non-unix system was the most unix-compliant system at one time? That's right, kid, now go suck your pacifier). Just because DEC stabbed itself in the heart by firing Olsen, just because the drones that ran him out couldn't sell ice in the Gobi desert, doesn't mean that VMS wasn't technically superior. I have personally built an Internet node using nothing but VMS and a single Cisco router (didn't need the router, either - it was just easier that way). And it was fundamentally more secure than any *nix system can be, because there is no concept of a "root user" on VMS. When the Morris worm blew down two thirds of the *nix variants, the VMS-driven portions of the Internet did not crash, did not become unuseable, did not fail from lack of "*nix glue" they kept right on running. And I still got my Email. Linux & the BSDs are better because they are free, and open source. That's the whole ticket. They are technologically imperfect, flawed at the root so to speak (and hey, don't take my word for it - ask Denis Ritchie and he'll tell you the same thing) but they are useful and nearly free. Punk kids think they know everything.... long live free open source! --Charlie
Ahemm..... I already have a linux-based network in my living room. Also in my basement, soon in the kids rooms, etc.
But, anyway, PnP has worked, and worked well, right out of the box in the past. The machine was called the Apple Macintosh, remember that one? (I should note here that although I've spent a lot of time with macs, I hate the interface. Why should I trashcan diskettes to eject them? Stupid paradigm) Every Apple peripheral I ever hooked up worked right off the bat just fine. Some 3rd party stuff took a little finagling, but nothing comparable to trying to get a non-PnP Sound Blaster to work in a 386.
In a Novell environment NDS is the *Cloud* (for lack of a better term) in which the network lives.
Pretty image. NDS is a database. It is a variant of the LDS Church's (the "Mormons") genealogy database and inherits some shortcomings from that.
It is a self replicating, distributed, self repairing (to a greater/lesser extent) database.
You forgot to mention "self-breaking". Heh. I would have said it is a large database composed of small chunks (less than 108 bytes, usually much less except in the overflow file BLOCK.NDS) which can be configured to automatically update replicas stored on physically diseparate servers. One replica is always the master, and in early versions (prior to "transitive updating") it was easy to set up large WAN-linked NDS trees that spent all their time trying unsuccessfully to sync.
NDS is lame. Having said that, it is easily the most mature, dependable, and useful directory service on the market. Microsoft's AD will probably never catch up with the lead Novell has established, and there are no comparable Open Source directory services that I am aware of (if I'm just iggernant, somebody PLEASE enlighten me!).
Incidentally - in general, you should avoid extending your schema. Novell used to do it quite casually, and now the base schema is incredibly unwieldy and difficult to fathom. The ZenWorks extensions are a particularly egregious example.
Oh, and the management tools suck unbelievably. You are not allowed to type fully qualified object names into many fields, you MUST click on a list, even if you have a list that is comprised of millions of objects and you need to make a couple hundred changes. Large shops often have to give people a few days off after a major NDS change because their wrists have been fragged from too much mousing in too short a time period. There are third-party tools that address this problem, but in general Novell has gone down a very bad path for the management interface. GUIs are not the solution to every problem.
I don't seem to be a moderator today (must be all that ranting I did earlier) or I'd moderate weefle's reply WAY UP. Yes, NDS is a DATABASE and LDAP is a DATABASE ACCESS METHOD. Fundamentally different animals, joined at the genitalia (a colorful image for you bestiaphiles out there). In current releases of Netware, the base protocol is IP, the directory is NDS, and the directory access protocol is LDAP. NDAP is on the way out (IPX has already been shown the door). There are a (very) few problems with Netware's LDAP standards compliance that were caused by the the original NDAP design. Novell has been refreshingly open about these bugs, in fact there were tutorials at Brainshare showing ways to deal with these conflicts; basically, though, if you don't have to be backwards compatible with an existing NDS installation you can easily modify currently shipping versions of NDS to be 100% LDAP read/writable. If you are already sitting on a large NDS-based Novell net things are a little trickier. --Charlie PS- NDS is not particularly stable, but it has redundant linking that allows it to be rebuilt using the DSrepair software. The more third-party NDS-interactive software you have (particularly IBM software like IWSAA) the more often you will have to run DSrepair. --C
So you would prefer an operating system that (1) denies they have security problems (old Digital VMS party line) (2) makes you pay for the patch for their security hole (old IBM party line) (3) is so screwed up, they can't patch their security holes (Micro$oft today).
Beg to differ. I was a VMS sysadmin in an earlier incarnation, and as a DEC customer I received warnings of security holes well before those holes became public knowledge. Quite often I received a patch in the mail, then a week or so later saw notices of the vulnerability hit the BBSes (the Internet not being the primary cracker media in those days). The problem with VMS was/is the excessive cost, not performance, reliability, or security.
As for IBM, they will patch problems if A) you have a support contract and B) you are extremely persistent. Case in point - in order to get TCP/IP for MVS (version 3 release 1) to work on my IBM mainframe (I've got 12 linux boxen too, so mainframe bashers can save their breath) we had to load 1549 software patches. That is not a typo. 1549 patches, and the LPD still doesn't accept a zero-length hostname field from an LPR (IBM insists that they are RFC-compliant on this issue, which is another rant entirely) despite the fact that many LPRs do not fill this field. I have to route Novell's LPRs through linux and dummy up a hostname field in order for MVS TCP/IP to print jobs submitted with the Novell LPR.
As for Microsoft, well, you're basically right. They try quite hard to patch the flaws, but since the design of their system is fundamentally screwed up (as, in some ways, linux is - the superuser concept is just plain foolish) it's an impossible task. They'd have to have thousands of developers with no profitability constraints to stay on top of the bugs. In other words, they'd have to be like linux or BSD.
Thanks to BoLean for the timely information on the lawerly meaning of libel.
From the rest of what I read here, nobody commenting has READ what the kid WROTE. So most of you are spouting off on hearsay (a few are actually addressing larger issues, but most are taking Jon's second-hand description of events as gospel) which is a Grand American Tradition but also immoral and unethical (suprising how many GATs are like that - I hear the Puritans used to beat up Quakers for fun).
Let's see the site!! If what the kid wrote was untrue, there's no harm in it, right? This furor reminds me of the kind of flak that results when TRUE allegations of alcoholism & promiscuity are made... what's really being hidden from view here?
>Backbone routers do not, in general, filter packets.
Mine do. But the place these filters are needed is where your business hits your ISP/ISC(s), not in the ISP's backbone. Everyone needs to do it.
>It takes processor power to filter, and a lot of it, especially at very high traffic levels.
Yes. Build for it. You need bigger routers.
>In any case, it doesn't matter one whit whether you are doing local filtering or not when it comes to a DDoS attack. The packets still come to the firewall, still consume bandwidth, and (at this point who cares)if they are illegally addressed, get dropped.
Only if you're the only person filtering. If everybody filters as I described, problem solved.
> The point is that the bandwidth is still used on the line(s) from the ISP router(s) to the Slashdot firewall/load balancer/whatever.
Yes, you've got a good point. For sites that rely on external communication to make money (as opposed to sites that use external communication to make it easier to make money) this is a big issue. EVERYONE has to have simple, fast filtering in place to prevent spoofing from getting out of a particular network, and to make tracing simple an quick so that the affected sites can get back on line.
> From what I know, right now anti-DDoS efforts revolve around getting people further up-stream to block the traffic, before it gets to Slashdot's ISP and Slashdot itself. The DDoS systems were designed to defeat this by, of course, using so many different hosts that upstream blocking is only partially useful.
Yes, there is a bigger problem that security at many sites is so lame that trinoo/tribe etc. hosts are easy to find. Decriminalizing hacking might solve that problem, but we don't really know yet.
--Charlie
Re:Ewww...can u explain the append line?
on
Linux Failover?
·
· Score: 1
Yup, sure... append lines in lilo.conf are unformatted strings passed to the kernel. The kernel then passes them to the appropriate routine (or module, if you're modular) which does whatever the module-specific commands are telling it to do. In this case I'm telling Donald Becker's network drivers not to stop looking for 3com cards until all four have been found. For more details see the documentation. --Charlie
Red Hat rewrites/etc/issue at boot to contain the host name and operating system version and then copies the rewritten version to/etc/issue.net. Comment out the last stanza of/etc/rc.d/rc.local to remove this horrible brain-dead code. rc.local gets executed after the rest of the runlevel-specific code. /etc/issue is sent to the console and any other directly attached devices such as serial links (modems, dumb terminals, whatever) that use a getty. If you don't have any modems, this is kind of nice - I leave it in so that I get this info off the system console. /etc/issue.net is sent to telnet connections - this is a Very Bad Idea (tm) because you will not survive a 3rd-party security audit. Why not? Because the US Gubmint, and most security consultants, require that pre-login banners contain NO INFORMATION. It's only a help to crackers anyway. You can get away with having the IP address and/or host name because anyone connecting to you should already know at least one of those, and can thus look up the other in DNS. But really anal types (such as your boss) don't want ANYTHING in there. Other unices (for example, that horrible piece of antiquated cruft HP-UX 11.00) may use telnet daemons that automagically generate the hostname/opsys version header to telnet; these can be fixed by adding a switch to the telnet invocation line in/etc/inetd.conf that specifically tells telnetd to use/etc/issue.net. You can use the same trick in inittab if you have a getty that behaves poorly, or you can rip out your lame proprietary getty and use the excellent copylefted mgetty+sendfax instead. --Charlie
Yah, VMS isn't in C, I think it might be in Bliss in fact. But VMS is a wonderful example of a better mousetrap that priced itself out of the market. If DEC had made VMS, the layered utilities, and TCP/IP for VMS all free with the purchase of Alpha hardware when the Alpha was first introduced, Microsoft would be a bit player and Linux would probably still be a hobbyist toy. The VMS system I genned in 1990 is still running today with no crashes since that time. One SCSI disk (it's a 3100e box) burnt out, and the system had to be taken down for replacement - other than that it's been continuously up for 10 years. And even though VMS's file protection & ACL mechanisms aren't quite as clean as Novell's, their privilege and memory protection system is better (and we won't even get into the absurdly primitive rwx protection and all-or-nothing suid privilege mechanisms of Unix-derived systems). VMS could've ruled the world, but the same DEC management drones that tossed Ken Olsen out on his ear flushed the corporation down the toilet with their small-minded policies and failure to protect and market key hardware technologies. --Charlie
Chompz ranted: >Programming is more than... kludging your way along...
HAHAHAHAHAHAHAHAHAHAHAHAHAHA! You must work for a software design house, or engineering firm, and probably not a particularly profitable one. Here's a few cars for your clue train: 1) If it works now, and it needs to work now, it doesn't matter if it's elegant. How many $$$ (or lives, in some industries) need to be wasted while you plan your properly designed code? As far as your management is concerned, the process as a whole needs to work, and don't bother us with your intellectual pipe dreams. 2) The guy who can come in and hack the bug out of existence before the company haemorraghes its entire cashflow is the guy who gets the bonus. The guys writing the bonus checks don't read the code, so it doesn't matter how well designed it is as long as it gets the job done. 3) No program that is truly useful in the wired economy lives by itself. It is dependent on opsystem, web server, the users, the programs that feed its inputs and outputs. If you want the best possible program, you need to be intimately familiar with the internals of all the related programs - which is hardly practical. You're going to have to settle for what works, in the so-called "real world". 4) Saying that IDEs should not be used because they make it easy to produce bad code is like saying that the Internet should not be used because it lets morons post bad pr0n (wait, maybe that's true;^). Tools don't make people idiots, they were idiots before they picked up the tools. 5) Companies buy lots of stuff, and they hire people to make it interoperate. The stuff is capital expenditure that can be amortized, depreciated, etc. The people are a monthly drain on the company coffers - operating budget - and thus it's cheaper for a corporation to run bad code on awesome hardware than good code on crappy hardware. Why do you think NT is still selling? Why do you think W2K is selling? Pretend you are the smiling man for a moment and look at the economics of it.
Only free, open source software can save us from this situation - software that is written and/or improved from non-commercial motives. We're still at least 5 years away from an OSS world, though.
I don't use IDEs because I work on too many platforms simultaneously for an IDE to be useful to me - but if I had an IDE that could make code simultaneously for the mac, VMS, OS/390, Solaris, Linux, Win98, and WinNt you better believe I'd use it - even though the output from such an IDE would probably be suboptimal on most if not all of those platforms.
>Don't piss me off about this, I'm planning a huge research study on it..
"Be still my beating heart." --Charlie
Fire the consultant and hire a hacker
on
Linux Failover?
·
· Score: 2
When the consultant installs a network that is clearly not designed for the needs of the company (i.e. supposedly requires special hardware and drivers that the consultant doesn't know how to integrate with your core product) you are being taken for a ride by people with little knowledge and less moral backbone. If you need multiple ethernet interfaces on a machine they should be separate cards for robust redundant failover. I run 12 linux boxes with 4 ethernet cards in each; my/etc/lilo.conf files look sort of like this:
The append line activates my additional ethernet cards, all of which are 3com 100bTs using Donald Becker's excellent open-source drivers. Combining this with round-robin DNS using the latest ISC BIND code, you can get incredible fault tolerance at a very low cost. You can even do IDE RAID (hard or soft) if you are too cheap for SCSI, and you can use rsync to keep your servers clones. Unless your application is extremely unusual and non-wwwebby, you can accomplish what you need without any expensive Cisco stuff or fancy double-headed cards at all. The consultant is taking you to the cleaners due to greed or a total lack of competence. --Charlie
Slashdot Mirror
Well, all I know is that whenever I submit articles to Slashdot exposing Intuit's dirty dealings or pointing out linux problems (OTHER THAN SECURITY PROBLEMS - Slashdot does a fine job of publicising those, thank the gods) they don't get posted.
Of course, my writing skills suck, so that might have more to do with it...
Hey, I'm supposed to be the holistic thinker around here... Oh, wait, you're me anyway. Cool, never mind.
--Charlie
OpenSSH runs great on my Red Hat boxen. The source and executable .rpms are downloadable .
FiSSH is being turned over to MIT, and as soon as they unscramble their (currently hosed) distribution and apply the known patch for Win98 compatibility (thot Win95/98 ran the same apps? think again) there will be a freely available SSH client for Winblows lamers, um, I meant mainstream users, built from True Free Open Source! Yay!
TeraTerm SSH is another Win32 client, but not really open source, because Teranishi-san has disappeared and the license is oddly written, but it does work for most purposes.
For file transfer, don't use FTP, use rsync.
--CharlieI've said it before, I'll say it again, riflip mapping is bunk.
This so-called "genome" is a VERY rough aproximation of a subset of human DNA.
Have you ever wondered where the restriction enzymes come from? Go look it up.
What we need is a decompiler, not munged binaries.
--Charlie
Don't forget the racist maunderings... anyway, if there were an easy way to admin linux (which is, incidentally, easier to admin than unix because of the file system standard) I'd use it. Y'see, I am often called on to admin our 2 HPUX, 2 Solaris, 1 SCO, 1 MVS (mainframe to you kiddies), 4 NT, 10 Netware, and 10 linux boxen. (In an earlier life I was a VMS guru, but I was actually good at that) and mostly what I'm concerned with is a good, solid, reliable system. Obviously I can't achieve that with NT; equally obviously Linuxconf blows chunks. Like a typical admin, I rarely have time to do any hard-core coding - just jamming scripts in where necessary - so I'm unlikely to write a linux managment tool myself. Nor will I pay for a proprietary one. But an OSS linux management tool that actually works? Damn, I'll pay for a couple CDs of that. Especially if it runs off a curses interface, but I'd settle for a web GUI.
--Charlie
Does it suddenly delete the entire contents of the /etc/group file for no apparent reason? Does it introduce lines consisting of nothing but commas into the /etc/aliases file? Does it put things that belong in /etc/rc.d/init.d into oddly named files in the /etc/sysconfig tree?
If it doesn't do these things, it is a VAST improvement over linuxconf. I once made the mistake of letting the sysadmins here use linuxconf to administer our linux farm, and the company barely survived.
--Charlie
Ssh. Don't tell anyone.
Yes. Hang a couple of miles of wire into the Earth's magnetosphere and beam the power generated back down as microwaves. Major hurdles to be overcome with safety and environmental issues, not to mention a thorny strength-of-materials problem, but all solvable given unlimited funds.
--Charlie
Well, you and most of the others commenting on this issue are sure willing to spread the FUD around....
1) Car battery disposal is not a major pollution problem (manufacture being another issue). Those little ever-readies that you're tossing blithely into the trash are one of the most pressing ecological issues of our time, but people driving electric cars recycle ALL their batteries (the spent cores are quite valuable) and most gas vehicle batteries are also recycled.
2) Point source pollution (i.e. power plants) is easier to control/prevent than distributed pollution (cf. privately operated internal combustion engines). Gas lawn mowers are one of the principal causes of air pollution in the US, incidentally.
3) Many people are supplied power from hydro, wind, or photovoltaic sources. If you actually become a part of the electric vehicle underground you will find that many people are generating their own power, or use power from commercial "green" providers.
Your statement "yes the energy does come from some coal or oil burning plant" is thus incorrect through overgeneralization, which makes it relatively accurate compared to most of what's being posted here. Your comments on ethanol and car prices are similarly FUDular.
The gas-electric hybrid car is what everyone who is not a hopeless idiot should be driving. That accounts for about 2% of the population, unfortunately.Alternative Energy Engineering
Electro Automotive
Energy Conversion Devices, Inc.
Greenpeace International Homepage
Home Power Magazine
innEVations
Jerry Halstead's Car
Low Rolling Resistance Tires
Phoenix EAA
Roofing Systems
Unique Mobility
Wilde EVolutions catalog
United Solar Systems Home Page
--CharlieJeff, the coolest thing about nanotubes is their potential as a lightweight alternative to solid metal storage of hydrogen.
As you know, vehicles with hydrogen propulsion systems need to carry fuel, and simple pressure bottles are essentially unsafe at any speed - even if the walls are thick enough to withstand collisions, failures of the valve assembly could be catastrophic.
Safer methods have until recently centered around metallic storage, jamming the hydrogen atoms into palladium and/or various metal hydrides. Most of the research on this, incidentally, is being done by Germans.
Unfortunately, Nelly Rodriguez of Northeastern University is said to have patented the concept of nanotube hydrogen storage, so don't hold your breath waiting for it to reach your driveway any time soon.
These guys are trying to figure out exactly how/where the hydrogen is absorbed.
--Charlie
Having engaged in various forms of sport combat for nearly 25 years I might actually have some valid input here... how unusual!
The sword that put the scar in my right shoulder weighed less than 10 pounds. To get to my body it hacked a notch at least a half inch deep into a rawhide covered, laminated wood shield. This particular blade was not case-hardened, damascene, or pattern-welded, and was roughly 21 inches long.
Oliver Cromwell's sword, on display in an English museum, is said to weigh in at 90 pounds. Although I have my doubts, and I haven't any information on whether the sword was simply the Lord Protector's parade piece or a weapon actually used in combat, it's not impossible. I have used a six-foot landesknecht sword that must have weighed at least 45 pounds and it was quite handy if used with appropriate technique.
I've spent many a firelit night arguing this topic, and Burton's "Book of the Sword" (and probably Fox and Oakeshott as well) deals with it somewhat scientifically, but it comes down to personal taste. I like a 30 inch sword balanced roughly a palm's width forward of the quillons, weighing between 4 and 8 pounds, with a nice series of grooves in the blade to add stiffness without excessive bulk. My modern keyboard-jockey hands require a larger grip than I've ever found on a bronze-age or eastern weapon, about the size of the largest medieval european grips.
In conclusion, there isn't really any such thing as a "traditional" broadsword, and sword weights used in actual combat vary widely in weight (2.5 to 100 pounds - anything lighter is a knife, anything heavier is some kind of pandybat or romphia) depending on cultural biases and personal taste.
--Charlie
ERP is used by zaibatsus (large multi-national corporations) to ensure that multiple contracts are not entered into for the same products or services. For example, if your corporation is so large that they can negotiate a sweetheart deal with AT&T for telephones, you don't want individual site managers purchasing phones from Westinghouse because they haven't read every single contract the central office failed to send them.
ERP is also used by companies that have fallen for the usual big software house hype (our software makes you sexier and gets the chinchbugs out of your lawn!) or who think they are bigger and more important than they really are.
Most software of this genre is incredibly poorly coded. The source was accreted over many years in response to market surveys and customer feedback, and if it runs on the operating system for which it was originally developed it's because that operating system is very feature-stable (Hello MVS and HPUX!) and therefore essentially antiquated. The coders were typically wage slaves, usually poorly motivated Wallies and Dilberts, and often punished if they looked beyond the scope of their immediate assignment.
So, if they opened the source there would be great embarassment (from Baan) and horror (from their customers). Just like any major CA product.
--Charlie
Have you priced the products you are referring to? How can they NOT make a profit? Are they gold-plating their entire office inside and out?
--Charlie
Idiot.
VMS can run the Internet just fine without any *nix at all. And VMS was the first POSIX compliant system while *nix was splintering into the fractious and fractured community it is today (huh? a non-unix system was the most unix-compliant system at one time? That's right, kid, now go suck your pacifier).
Just because DEC stabbed itself in the heart by firing Olsen, just because the drones that ran him out couldn't sell ice in the Gobi desert, doesn't mean that VMS wasn't technically superior.
I have personally built an Internet node using nothing but VMS and a single Cisco router (didn't need the router, either - it was just easier that way). And it was fundamentally more secure than any *nix system can be, because there is no concept of a "root user" on VMS.
When the Morris worm blew down two thirds of the *nix variants, the VMS-driven portions of the Internet did not crash, did not become unuseable, did not fail from lack of "*nix glue" they kept right on running. And I still got my Email.
Linux & the BSDs are better because they are free, and open source. That's the whole ticket. They are technologically imperfect, flawed at the root so to speak (and hey, don't take my word for it - ask Denis Ritchie and he'll tell you the same thing) but they are useful and nearly free.
Punk kids think they know everything.... long live free open source!
--Charlie
Ahemm..... I already have a linux-based network in my living room. Also in my basement, soon in the kids rooms, etc.
But, anyway, PnP has worked, and worked well, right out of the box in the past. The machine was called the Apple Macintosh, remember that one? (I should note here that although I've spent a lot of time with macs, I hate the interface. Why should I trashcan diskettes to eject them? Stupid paradigm) Every Apple peripheral I ever hooked up worked right off the bat just fine. Some 3rd party stuff took a little finagling, but nothing comparable to trying to get a non-PnP Sound Blaster to work in a 386.
--Charlie
Pretty image. NDS is a database. It is a variant of the LDS Church's (the "Mormons") genealogy database and inherits some shortcomings from that.
You forgot to mention "self-breaking". Heh. I would have said it is a large database composed of small chunks (less than 108 bytes, usually much less except in the overflow file BLOCK.NDS) which can be configured to automatically update replicas stored on physically diseparate servers. One replica is always the master, and in early versions (prior to "transitive updating") it was easy to set up large WAN-linked NDS trees that spent all their time trying unsuccessfully to sync.
NDS is lame. Having said that, it is easily the most mature, dependable, and useful directory service on the market. Microsoft's AD will probably never catch up with the lead Novell has established, and there are no comparable Open Source directory services that I am aware of (if I'm just iggernant, somebody PLEASE enlighten me!).
Incidentally - in general, you should avoid extending your schema. Novell used to do it quite casually, and now the base schema is incredibly unwieldy and difficult to fathom. The ZenWorks extensions are a particularly egregious example.
Oh, and the management tools suck unbelievably. You are not allowed to type fully qualified object names into many fields, you MUST click on a list, even if you have a list that is comprised of millions of objects and you need to make a couple hundred changes. Large shops often have to give people a few days off after a major NDS change because their wrists have been fragged from too much mousing in too short a time period. There are third-party tools that address this problem, but in general Novell has gone down a very bad path for the management interface. GUIs are not the solution to every problem.
--Charlie
I don't seem to be a moderator today (must be all that ranting I did earlier) or I'd moderate weefle's reply WAY UP.
Yes, NDS is a DATABASE and LDAP is a DATABASE ACCESS METHOD. Fundamentally different animals, joined at the genitalia (a colorful image for you bestiaphiles out there).
In current releases of Netware, the base protocol is IP, the directory is NDS, and the directory access protocol is LDAP. NDAP is on the way out (IPX has already been shown the door).
There are a (very) few problems with Netware's LDAP standards compliance that were caused by the the original NDAP design. Novell has been refreshingly open about these bugs, in fact there were tutorials at Brainshare showing ways to deal with these conflicts; basically, though, if you don't have to be backwards compatible with an existing NDS installation you can easily modify currently shipping versions of NDS to be 100% LDAP read/writable. If you are already sitting on a large NDS-based Novell net things are a little trickier.
--Charlie
PS- NDS is not particularly stable, but it has redundant linking that allows it to be rebuilt using the DSrepair software. The more third-party NDS-interactive software you have (particularly IBM software like IWSAA) the more often you will have to run DSrepair.
--C
Beg to differ. I was a VMS sysadmin in an earlier incarnation, and as a DEC customer I received warnings of security holes well before those holes became public knowledge. Quite often I received a patch in the mail, then a week or so later saw notices of the vulnerability hit the BBSes (the Internet not being the primary cracker media in those days). The problem with VMS was/is the excessive cost, not performance, reliability, or security.
As for IBM, they will patch problems if A) you have a support contract and B) you are extremely persistent. Case in point - in order to get TCP/IP for MVS (version 3 release 1) to work on my IBM mainframe (I've got 12 linux boxen too, so mainframe bashers can save their breath) we had to load 1549 software patches. That is not a typo. 1549 patches, and the LPD still doesn't accept a zero-length hostname field from an LPR (IBM insists that they are RFC-compliant on this issue, which is another rant entirely) despite the fact that many LPRs do not fill this field. I have to route Novell's LPRs through linux and dummy up a hostname field in order for MVS TCP/IP to print jobs submitted with the Novell LPR.
As for Microsoft, well, you're basically right. They try quite hard to patch the flaws, but since the design of their system is fundamentally screwed up (as, in some ways, linux is - the superuser concept is just plain foolish) it's an impossible task. They'd have to have thousands of developers with no profitability constraints to stay on top of the bugs. In other words, they'd have to be like linux or BSD.
--Charlie
Thanks to BoLean for the timely information on the lawerly meaning of libel.
From the rest of what I read here, nobody commenting has READ what the kid WROTE. So most of you are spouting off on hearsay (a few are actually addressing larger issues, but most are taking Jon's second-hand description of events as gospel) which is a Grand American Tradition but also immoral and unethical (suprising how many GATs are like that - I hear the Puritans used to beat up Quakers for fun).
Let's see the site!! If what the kid wrote was untrue, there's no harm in it, right? This furor reminds me of the kind of flak that results when TRUE allegations of alcoholism & promiscuity are made... what's really being hidden from view here?
MIRROR THE SITE!!
--Charlie
>Backbone routers do not, in general, filter packets.
Mine do. But the place these filters are needed is where your business hits your ISP/ISC(s), not in the ISP's backbone. Everyone needs to do it.
>It takes processor power to filter, and a lot of it, especially at very high traffic levels.
Yes. Build for it. You need bigger routers.
>In any case, it doesn't matter one whit whether you are doing local filtering or not when it comes to a DDoS attack. The packets still come to the firewall, still consume bandwidth, and (at this point who cares)if they are illegally addressed, get dropped.
Only if you're the only person filtering. If everybody filters as I described, problem solved.
> The point is that the bandwidth is still used on the line(s) from the ISP router(s) to the Slashdot firewall/load balancer/whatever.
Yes, you've got a good point. For sites that rely on external communication to make money (as opposed to sites that use external communication to make it easier to make money) this is a big issue. EVERYONE has to have simple, fast filtering in place to prevent spoofing from getting out of a particular network, and to make tracing simple an quick so that the affected sites can get back on line.
> From what I know, right now anti-DDoS efforts revolve around getting people further up-stream to block the traffic, before it gets to Slashdot's ISP and Slashdot itself. The DDoS systems were designed to defeat this by, of course, using so many different hosts that upstream blocking is only partially useful.
Yes, there is a bigger problem that security at many sites is so lame that trinoo/tribe etc. hosts are easy to find. Decriminalizing hacking might solve that problem, but we don't really know yet.
--Charlie
Yup, sure... append lines in lilo.conf are unformatted strings passed to the kernel. The kernel then passes them to the appropriate routine (or module, if you're modular) which does whatever the module-specific commands are telling it to do. In this case I'm telling Donald Becker's network drivers not to stop looking for 3com cards until all four have been found. For more details see the documentation.
--Charlie
Red Hat rewrites /etc/issue at boot to contain the host name and operating system version and then copies the rewritten version to /etc/issue.net. Comment out the last stanza of /etc/rc.d/rc.local to remove this horrible brain-dead code. rc.local gets executed after the rest of the runlevel-specific code.
/etc/issue is sent to the console and any other directly attached devices such as serial links (modems, dumb terminals, whatever) that use a getty. If you don't have any modems, this is kind of nice - I leave it in so that I get this info off the system console.
/etc/issue.net is sent to telnet connections - this is a Very Bad Idea (tm) because you will not survive a 3rd-party security audit. Why not? Because the US Gubmint, and most security consultants, require that pre-login banners contain NO INFORMATION. It's only a help to crackers anyway. You can get away with having the IP address and/or host name because anyone connecting to you should already know at least one of those, and can thus look up the other in DNS. But really anal types (such as your boss) don't want ANYTHING in there. /etc/inetd.conf that specifically tells telnetd to use /etc/issue.net. You can use the same trick in inittab if you have a getty that behaves poorly, or you can rip out your lame proprietary getty and use the excellent copylefted mgetty+sendfax instead.
Other unices (for example, that horrible piece of antiquated cruft HP-UX 11.00) may use telnet daemons that automagically generate the hostname/opsys version header to telnet; these can be fixed by adding a switch to the telnet invocation line in
--Charlie
Yah, VMS isn't in C, I think it might be in Bliss in fact.
But VMS is a wonderful example of a better mousetrap that priced itself out of the market. If DEC had made VMS, the layered utilities, and TCP/IP for VMS all free with the purchase of Alpha hardware when the Alpha was first introduced, Microsoft would be a bit player and Linux would probably still be a hobbyist toy.
The VMS system I genned in 1990 is still running today with no crashes since that time. One SCSI disk (it's a 3100e box) burnt out, and the system had to be taken down for replacement - other than that it's been continuously up for 10 years.
And even though VMS's file protection & ACL mechanisms aren't quite as clean as Novell's, their privilege and memory protection system is better (and we won't even get into the absurdly primitive rwx protection and all-or-nothing suid privilege mechanisms of Unix-derived systems). VMS could've ruled the world, but the same DEC management drones that tossed Ken Olsen out on his ear flushed the corporation down the toilet with their small-minded policies and failure to protect and market key hardware technologies.
--Charlie
Chompz ranted: ... kludging your way along...
;^). Tools don't make people idiots, they were idiots before they picked up the tools.
>Programming is more than
HAHAHAHAHAHAHAHAHAHAHAHAHAHA! You must work for a software design house, or engineering firm, and probably not a particularly profitable one.
Here's a few cars for your clue train:
1) If it works now, and it needs to work now, it doesn't matter if it's elegant. How many $$$ (or lives, in some industries) need to be wasted while you plan your properly designed code? As far as your management is concerned, the process as a whole needs to work, and don't bother us with your intellectual pipe dreams.
2) The guy who can come in and hack the bug out of existence before the company haemorraghes its entire cashflow is the guy who gets the bonus. The guys writing the bonus checks don't read the code, so it doesn't matter how well designed it is as long as it gets the job done.
3) No program that is truly useful in the wired economy lives by itself. It is dependent on opsystem, web server, the users, the programs that feed its inputs and outputs. If you want the best possible program, you need to be intimately familiar with the internals of all the related programs - which is hardly practical. You're going to have to settle for what works, in the so-called "real world".
4) Saying that IDEs should not be used because they make it easy to produce bad code is like saying that the Internet should not be used because it lets morons post bad pr0n (wait, maybe that's true
5) Companies buy lots of stuff, and they hire people to make it interoperate. The stuff is capital expenditure that can be amortized, depreciated, etc. The people are a monthly drain on the company coffers - operating budget - and thus it's cheaper for a corporation to run bad code on awesome hardware than good code on crappy hardware. Why do you think NT is still selling? Why do you think W2K is selling? Pretend you are the smiling man for a moment and look at the economics of it.
Only free, open source software can save us from this situation - software that is written and/or improved from non-commercial motives. We're still at least 5 years away from an OSS world, though.
I don't use IDEs because I work on too many platforms simultaneously for an IDE to be useful to me - but if I had an IDE that could make code simultaneously for the mac, VMS, OS/390, Solaris, Linux, Win98, and WinNt you better believe I'd use it - even though the output from such an IDE would probably be suboptimal on most if not all of those platforms.
>Don't piss me off about this, I'm planning a huge research study on it..
"Be still my beating heart."
--Charlie
When the consultant installs a network that is clearly not designed for the needs of the company (i.e. supposedly requires special hardware and drivers that the consultant doesn't know how to integrate with your core product) you are being taken for a ride by people with little knowledge and less moral backbone. /etc/lilo.conf files look sort of like this:
If you need multiple ethernet interfaces on a machine they should be separate cards for robust redundant failover. I run 12 linux boxes with 4 ethernet cards in each; my
boot=/dev/sda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
image=/boot/vmlinuz-2.2.5-15smp
label=linux-smp
append="ether=0,0,eth1 ether=0,0,eth2 ether=0,0,eth3"
root=/dev/sda8
initrd=/boot/initrd-2.2.5-15.img
read-only
The append line activates my additional ethernet cards, all of which are 3com 100bTs using Donald Becker's excellent open-source drivers.
Combining this with round-robin DNS using the latest ISC BIND code, you can get incredible fault tolerance at a very low cost. You can even do IDE RAID (hard or soft) if you are too cheap for SCSI, and you can use rsync to keep your servers clones.
Unless your application is extremely unusual and non-wwwebby, you can accomplish what you need without any expensive Cisco stuff or fancy double-headed cards at all. The consultant is taking you to the cleaners due to greed or a total lack of competence.
--Charlie