Slashdot Mirror


User: jd

jd's activity in the archive.

Stories
0
Comments
13,841
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,841

  1. Re:Perspective on Intel Core 2 'Penryn' and Linux · · Score: 1, Informative
    The greatest gains are to be made where there are the greatest latencies and least bandwidth. The CPU has not been a significant bottleneck for some time. PCI Express 2.x (which works at 5 GT/s and supports multiple roots) and HyperTransport 3 (which works at 20.8 GB/s) are obvious candidates for improving performance over the busses usually used in computers.

    RAM is another area that needs work. I mean, RAM speeds are getting very slow and caches aren't big enough to avoid being saturated by modern software. The result is that there is a lot of inefficiency in extracting things from RAM. It's better than it would be with no cache at all, but it's nowhere near what it could be.

    Hard drives could also be improved. If you had intelligent drives, you could place the filesystem layer in an uploadable module and have that entirely offloaded to the drive. Just have the data DMAed directly to and from the drive, rather than shifted around all over the place, reformatted a dozen times and then DMAed down.

    I'm sure there are a million other adjustments that could be made that would be as good or better than these, but I don't see many of those being in the CPU itself. SSE4, perhaps, but it's not clear to me that a maths core in the CPU is any longer of any real value. With multiple roots to the bus, you can have a maths core in a different root with equal access to all resources and you would not need the main CPU to govern it or operations within it. The same could be true of graphics, of course. If you did that, the MPU and GPU could be truly independent compute nodes and therefore could be doing their own stuff with less CPU intervention. You'd then use barrier operations when synchronization was required.

    All in all, Intel's latest offering doesn't impress me, given everything else that is transpiring in the computing world.

  2. Well, yes... on End-to-End Network Security · · Score: 2, Interesting
    ...but Cisco IOS supports more than firewalls - which seems to be the only focus of the book. IPSec in certificate-based router-to-router mode should be a fundamental consideration in business-to-business connections over the public Internet. Duplicating the endpoint would be essentially impossible.

    Active NIDS is usually discouraged when placed in serial with the network, as it usually can't block the network when in parallel. But if the NIDS server can log onto the managed switch or router, it can disable the connection on an intrusion being detected. If it's sniffing the packets on the regular network only (ie: not providing any service to the network), it can't be seen or disabled.

    If servers on the network aren't intended for outside use, make them IPv6-only and either make the router an IPv4/IPv6 gateway or use IPv6 tunnels to the extranets of interest. You can't crack what you can't connect to, putting those servers out of reach.

    PAM supports OPIE and S/KEY, so you can always make passwords MUCH harder to obtain or crack. Kerberos V is also good for that.

    Banning open protocols and .rhosts, requiring SSH or SSL/TLS-based protocols would likely do wonders for security as well. Even if passwords are technically encrypted, you can learn a huge amount from the rest of a session if it's not encrypted. Ergo, mandate encryption.

    Next, as far as possible, servers should use mandatory access controls (to limit the use of any bugs for escalation) and software that has been as audited as possible (to minimize the risks of such bugs existing in the first place). The greater the risk of holes, the less the value of protecting all the other avenues that could be used for attack.

    Finally, password files and other authentication data should be protected by means of strong encryption or strong cryptographic hashes according to requirements. That way, if a service ends up proving exploitable or some other hole is discovered, an attacker can't use such data to access the system with greater rights.

    Sure, this is (a) imperfect, (b) clock-cycle expensive and (c) costly if done right, but it WILL be better than any firewall on its own, no matter how good the firewall.

  3. Re:Better solution on First Use of RIPA to Demand Encryption Keys · · Score: 4, Interesting

    Most are. There again, the former British Home Secretary changed the UK law to allow plausible denial when he got bombarded with encrypted files, followed by demands he turn over the decryption key. Has this been tried in the US? If not, why not? Seems like if it worked once, it should work other times. Might also try claiming that handing over the key would violate the DMCA and that you can't be ordered to commit a crime. (Not sure if that's strictly the case, but unless that event has been specifically covered, it might create enough doubt that the sentence is partially or entirely suspended, or even - unlikely as it is - the case thrown out. That's not perfect but it would be better than the pre-trial misery of Kevin Mitnick.)

  4. Re:Not a problem on Intel Launches Power-Efficient Penryn Processors · · Score: 1

    The Beatles might be able to sue them, along with Blackburn, Lancashire.

  5. Really, on US Internet Control To Be Topic #1 In Rio · · Score: 4, Insightful

    I'd hope that control of the Internet was taken out of the control of any non-representative body. I don't care who is not getting represented, the important thing is that the Internet is a federation of networks and you cannot have a federation that is run by a theocracy. If it's a federation, it cannot have anyone in overall charge, which is the way the Internet should be run. Particularly if it is supposed to be resilient to damage (cyber attacks, nuke attacks, etc).

  6. Re:Give it to the UN? FU! on US Internet Control To Be Topic #1 In Rio · · Score: 1

    The US invented IPv0 (which nobody uses any more) and DARPAnet (which nobody uses any more either). How this differs from Europe's X.25-based International Packet Switch Stream, I don't know. Other than IPSS was routinely subscribed to by members of the public long before Compuserve provided an Internet gateway, of course. Did I mention that IPSS was also available for multimedia systems (CAS Online was fully graphical, for example) and computer games (eg: Essex University's MUD-1)? These sorts of systems existed in the US via bulletin boards such as TBBS and FIDONet, sure. And doors-based games were none too shabby. Many a poor soul got lost in massively multiplayer online turn-based games. In comparison, can you name me the truly massive game engines of DARPAnet? No, 16-player X11 games don't begin to get close to some of the stuff out there.

  7. Re:So essentially on Fedora 8 Released · · Score: 1

    Oh, as for advanced audio, Windows does indeed have fairly sophisticated sound. I am impressed by some of the features of it and by the performance of some of the 5.1 and 7.1 drivers. However, remote sound (useful on remote desktops) isn't as good under Windows as it is under Linux. The Linux kernel can be made hard real-time, which Windows' kernel cannot, which should also improve the quality.

  8. Re:So essentially on Fedora 8 Released · · Score: 1

    Since when has Windows had Mandatory Access Controls? ACLs, yes, but MACs? Although Linux has them, I'm not sure if Fedora 8 has MAC on memory, packets, etc, but Linux in general does. Microsoft does not and from Vista's retraction of security measures due to breaking software (as, indeed, happened with XP Service Pack 2), it seems clear that Microsoft will not introduce security. This is NOT, repeat NOT, the fault of Microsoft (for the most part) but the fault of software vendors who have utilized holes to the point where those holes CANNOT be fixed - the cost of fixing all of the consequential bugs is prohibitive.

  9. Re:Does it have to be Flash? on What Are The Best Free Games Online? · · Score: 1
    Ok, if we include non-Flash games, there are always:

    1. Freciv
    2. Empire
    3. BZFlag
    4. Net Panzer
    5. XConq
    6. Netrek
    7. XTrek
    8. Torcs
    9. XTank
    10. Conquer
    11. XPilot-ng
    12. LP MUD
    13. MUDOS
    14. TinyMUSH
    15. PennMUSH
    16. LambdaMOO
    17. FreeRails
    18. Liquid War
    19. WorldForge
    20. Wesnoth

    Damn. That's 20 truly superb games, not 10. There really needs to be a better ranking of Internet-based games.

  10. Re:Genome Hotspots on Study Suggests Genome Instability Hotspots · · Score: 1
    Far as I know, you're correct, which is why only very specific markers are usable for genealogy, other specific markers are usable for ancient ancestry, and yet others are totally useless for either. Nor is this restricted to "junk" DNA - apples don't breed true, no matter what. The only way to copy an apple tree is to graft a cutting onto a root stock.

    The only possibility I can think of is that the region(s) are abnormally variable for a lifeform as complex as a mouse - apples are hardly as sophisticated as a mammal. But even that doesn't sound right, as plenty of animals have truly strange genetic characteristics (the Platypus has ten sex chromosomes, for example) and only a tiny, tiny handful have ever had their chromosome mapped. We can't tell if something is unusual if we have almost no examples to compare the mouse genome with.

  11. Re:Misread that.. on Study Suggests Genome Instability Hotspots · · Score: 1

    Gnome hotspots are unstable? I could have sworn that was one of the components that worked.

  12. Interesting. on DARPA Looks To Adaptive Battlefield Wireless Nets · · Score: 1
    First, ad-hoc networks are only one form of peer-to-peer networking system using wireless. There are over 250 wireless routing protocols, of which probably about half are capable of handling peer-to-peer networks where individual nodes can migrate through the network freely and randomly. This is also not the first attempt at such a network - they've been working on this for literally decades and have always encountered problems with overheads and security.

    Secondly, since the structure of warfare is hierarchical, it is not clear to me why they'd opt for ad-hoc peers in a mesh over an entire battle group, rather than having a local ad-hoc network that then uses NEMO (NEtwork MObility) protocols to allow any given segment (however large that is) to migrate as a single unit on the network. That would reduce overheads on routing traffic and would reduce the power needed for the bulk of the transmitters. It would therefore seem a very obvious solution to the whole problem.

    Now, I have to admit that the DoD has plenty of very intelligent people and that their solution is the product of their mental powers combined with maybe twenty years of wisdom and experience, whereas I don't have experience of network management on the front lines.

    On the other hand, they have failed spectacularly over that entire time in virtually all aspects. If that is the best their brightest can do, then maybe they need to find brighter people.

  13. Ah. on Claim of a Blu-ray BD+ Crack · · Score: 1

    That's ok, I'm bi-lingual - I speak English and American, so I get to use it. It's a common-enough word - usually in the contexts of dead-reckoning, reckoning on something, reckoning that something is true/false, etc, "Reckon so" and other linguistic perversions are a product of the Donner Party eating the dictionaries and thesaurus.

  14. Re:In other news... on Claim of a Blu-ray BD+ Crack · · Score: 1

    No, a person bought one but only returned 39/40ths of it to the store the next day.

  15. Re:Wikipedia on Citizendium After One Year · · Score: 4, Insightful
    Both encyclopedias would be wrong if that is the only definition, as that only defines one form of Tennis. There are actually multiple variants of the game - no great surprise given that it's actually quite an old sport. One of the problems with any "flat file" article within an encyclopedia is that it cannot possibly include all of the relevant context. It can only include a small fraction and refer/link to related information in the hope that the reader compiles all of the important links in their mind into one meta-article. This rarely happens - very few humans have the memory or time to create a world-view perspective on something, then eliminate the extraneous.

    Ideally, then, you'd want the encyclopedia to do this. You'd specify what you want to know and some information about what sort of context would matter. This would mean a system with far smaller article fragments, which could be compiled into actual articles on demand. It would also mean a system with far more sophisticated natural language processing ability and superior weak natural language AI than currently exists, so don't expect a meta-encyclopedia any time soon.

  16. Social Networking isn't a single concept on Breaking Open Facebook With FOSS · · Score: 3, Insightful
    There are many forms of social networking site, from the business-oriented LinkedIn to the meet-and-greet sites like Facebook to the blogging-oriented LiveJournal and MySpace. (And even those two attract very different users.)

    The "obvious" approach for an Open Source solution is to have a core component that is fairly generic, fairly light, permits data exchange between sites no matter how they specialize, and permits plug-ins to enable that specialization. (There's no shortage of object exchange and data exchange protocols, so I really can't think of anything in the core component that couldn't be slapped together from pre-existing Open Source code.)

    You want something that's generic, because you want a reason for people to use the Open Source solution besides politics. If a person can totally customize their space to suit the specific sort - or sorts - of social networking they want to do, then you have a reason. Instead of maintaining one account for each and every type of social networking you want to do, you have one account, one repository and an infinite ways to tailor and filter it for each social circle you're interested in.

    I really can't see anybody really leaping onto Facebook II or MySpace II - if they wanted to do social networking, they'd already have accounts on the originals. The only reason anyone might want a new system is if it can do something the existing systems can't. One thing the existing systems can't do is share data. Another thing they can't do is be polymorphic. Ergo, those are the two things a FOSS social networking site would need to do to offer anything new and exciting.

    Would that be enough, though? Probably not. Hence the plugins, to allow users to include webapps and other features. Each user would then be able to do more than just include photographs and text.

    Again, would this be enough? No idea. It would have novelty and personalizability, but it may be so flexible that it's unusable, people may be getting burned out on such networks, and existing systems have the edge just by being there first.

  17. Re:As much as I hate Microsoft... on AntiVirus Products Fail to Find Simple IE Malware · · Score: 3, Interesting

    The part Microsoft should answer for is having anything that can cause escalation of privileges and breakout from containment. Those are two big no-nos. The rest of the responsibility is entirely that of the anti-virus writers. If they cannot detect polymorphism as simple as adding no-ops, then how can they be relied upon to detect any polymorphic virus other than to have signatures for each and every single one of the forms the virus can take? (Which could, in principle, be damn-near infinite.)

  18. Re:Wireless on Know Any Hardware Needing Better Linux Support? · · Score: 2, Insightful

    CAM drivers suffer from exactly the same problem (a multitude of alternative frameworks and incompatible drivers exist). Lesser-used devices (PCI-to-VME bus converters, for example) are beyond fragmented - drivers are written uniquely to a card and usually without reference to anything else out there, producing a completely unique API for every single implementation. It's a total disaster of train-wreck proportions in some cases. If the kernel developers are getting idle, trust me - it's not from a lack of projects that need to be done, although it may be from a lack of people smacking them upside the head with things to do.

  19. Re:There's no shortage of stuff not in the kernel on Know Any Hardware Needing Better Linux Support? · · Score: 1

    Oh yeah, also added a driver for an ARINC avionics board and an out-of-tree PCI-to-VME adapter card. Yeesh.

  20. There's no shortage of stuff not in the kernel on Know Any Hardware Needing Better Linux Support? · · Score: 1
    I added on their wiki page a couple of Freescale's crypto chips, based on the S1 core. The newer Freescale stuff integrates that core into a full offload engine that is based on their PowerQUICC processor, but if the core is supported the core is supported and the offload engine should be a simple extension. As the value of network offload engines is debatable but the value of a crypto core is not, I'm not sure anyone will mind too much if the rest isn't done the first time round.

    The folks maintaining the PCI Express bus should really be updating to support the extensions in PCI-e 2.0, but I'll bet you they've not started yet. The wiki page has no section for bus support and they do say they're not wanting to discuss "better" support, only the lack of something, but damnit, this is an area Linux could overtake commercial OS', as there will be a delay between PCI-e 2.0 specs and chipsets, then from chipsets to actual marketed systems, and then from marketed systems to commercial OS updates. But you can code a generic handler for the extensions just from the specs and worry about vendor-specific variations down the road, when it comes to Open Source.

    I'm not sure if the current HyperTransport 3 is fully supported in Linux, but my guess would be that it is not, for the same reason PCI-e 2.0 is not - that kind of hardware just doesn't exist as far as the general user is concerned, and the high-end places that do use such high-end busses are quite capable of writing their own drivers if they need to.

    The COMEDI developers have an absurdly large number of CAM drivers out-of-tree. They invariably get out of phase with the mainstream kernel and should be merged in. There are other CAM driver systems out there, but none as comprehensive. However, the Linux developers have plenty of time and brainpower, they should be able to merge all that stuff in and update it as necessary.

  21. In other news... on Using Old Medications to Defeat Tuberculosis · · Score: 2, Interesting
    New Zealand researchers have shown that a (so-far unidentified) compound in Manuka honey kills MRSA and other drug-resistant bacteria. Honey in general has antibacterial properties, but there is an additional substance in Manuka honey which is exceptionally effective. Trials involving using it to treat cuts and abrasions have apparently shown it to be comparable to using more conventional antibacterial ointments. It has also been credited with impacting certain cancers, but people will say that about so many things that that's not one of the more credible claims.

    One thing I have done is made Manuka honey mead, which is interesting as it means that either I destroyed the antibacterial agent when using heat to dissolve the honey, or the agent has no significant ability to slow yeast cultures.

  22. Re:FEMA's next step? on FEMA Sorry for Faking News Briefing · · Score: 1

    They tried that, but the memo was mis-typed and they ended up with several miner disasters instead.

  23. Re:So... on FEMA Sorry for Faking News Briefing · · Score: 1

    I've heard rumors that that's not the only thing they fake, but I'm sure Britain's tabloids will verify that in due course.

  24. Re:You can - sometimes. on Paranormal Investigations and Belief in Ghosts · · Score: 1
    I like your thinking. However, I'm sufficiently sick and twisted that I'm going to offer two suggestions for the proof/disproof of God. Since your reasoning is excellent, I have no doubt you'll find a flaw in my suggestion. Which is how it should be - science is about building up theories, trying to knock them down, clearing away the debris from the weak spots, and building new theories based on the understandings and fresh data gathered.

    My first proposal requires that there be a clear demonstration of a counter-example to two or more of the more absolute laws in physics, if and only if the physical universe is assumed to be the whole of what exists. (In other words, the laws might not be violated if there was a realm of existence outside of the physical.)

    The first of the laws under consideration is the Second Law of Thermodynamics. If you can demonstrate a violation of this law, when accurately and correctly applied when considering only the physical realm of existence, but which may not be a violation if other planes of existence outside of our own not only exist but can interact with ours, then you have demonstrated the presence of a place in which the "supernatural" or "spiritual" could exist.

    The presence of a place doesn't say if anything sentient exists there, so we have to develop an additional test for that. I would suggest a clear, indisputable violation of causality that generates the mirror image of a prior violation of the Second Law of Thermodynamics. This has to be in a form that cannot be explained by means of quantum effects, the uncertainty implicit in information theory, the unpredictableness of chaos theory, any theorized wormholes or other exotic but purely physical-plane phenomena. The mirror image part means that we are seeing something that is intended to produce an effect in a plane of existence outside of our own.

    The third "law" that I'll throw in there is relativity. Relative time, relative mass and so on can all appear to be violated if the object in question exists only in part within the physical universe. Because interactions between different planes of existence would be necessarily extremely rare, if you can show a sustained interaction that sits between two or more planes, it would be suggestive of both the other two cases. Thus, any two of the three would make a case that would need to be answered.

    In all of recorded history, there are no definitive examples of violations of ANY of these three, even in religious texts, let alone two or more. A few maybes, but not even good ones at that. So, if a group could clearly and verifiably demonstrate violations, I'd be satisfied that they were showing sentient beings capable of acts that we would typically regard as paranormal.

    Ok, I said two cases. The first set dealt with clear violations of hard science. Are there any other violations of normalcy that could be acceptable as proof of supernatural goings-on?

    I'd say yes. The "Roman Ritual" for testing the presence of a spirit includes a person being able to speak and understand real-world languages that they could not have learned or have exposure to. "Speaking in tounges" - common in certain Christian denominations - doesn't remotely qualify as the language has never existed and nobody understands it, which is a clear violation of the definition given in their own religious texts.

    In the age of the Internet, exposure to languages - including long-dead ones - cannot be determined and therefore a much stronger sign of abnormal and inexplicable knowledge is needed. A non-mathematician - preferably a non-academic non-technical non-scientist as well - over the age of 30 solving and producing complete proofs for that solution of two or more totally unrelated Great Problems in mathematics in, say, a single year would be a reasonable demonstration of "impossible" knowledge. (The age is important, as the brain peaks in the mid 20s and very few people make one, let alone two, major achievements above that age. The year is also important,

  25. Re:This is why... on Paranormal Investigations and Belief in Ghosts · · Score: 1
    If strong AI is possible, then humans are computable. If humans are computable and humans are in God's image, God must be computable. :)

    Alternatively, if God knows everything, this includes the solution to NP-incomplete problems, which means God is non-computable as computers cannot know the solution to these. However, this either means God isn't Christian or strong AI is impossible (except possibly on a quantum computer).