It seems as though you're setting up a straw man, and I'm not surprised that you succeeded in knocking it down.
You're absolutely correct. However, I was only able to draw so much from a legal paper. My judgement of the simplicity of their security system was based on the facts. They intentionally left a back door open on their fancy security system (which is based on a 36-bit key, judging from their 100-billion number figure) -- and when someone found and used (not exploited) their back-door, they are try to sue. This is all indicitative of the poor encryption (and political/legal tactics) that the MPAA used going after DeCSS.
You're also right that it could be DES, RSA, AES, etc that they're using. And XOR is freaking fantastic for encryption -- if used properly -- its very fast and effective in stream ciphers...especially symmetric stream cipkers like RC4. In any case, the point that I originally set out to make with the XOR supposition (but never got around to) was that their security/encryption model seems to be built around obscurity -- we don't know exactly what it is, but it may as well be rot-13 if the security of their scheme is dependant on us not knowing what it is. (and they certianly don't mention it in any of the legal breifings or any other whitepapers I could find online).
They say they spent tons of money building this Rolling Code system, and that homeowners absolutely depend on its security.
I sure hope that they did not spend too much on that rolling code system. It sounds like a freaking joke:
The rolling code changes with each actuation of the transmitter and increases by three. The computer program in the transmitter encrypts the identification code and rolling code by a scrambling algorithm that scrambles the binary digits representing the identification code and the rolling code.
OK, so let's assume that the rolling code is a 6-digit number. It only changes when the garage door is opened, and the only change is that the rolling code is incremented by three. I'd bet dollars to dimes that the scrambling algorithm is simply an xor of the identification code and the rolling code. Meaning that only one known value is necessary (your identification code) to derive the other (the current state of the rolling code).
Keep in mind that I'm no cryptographer (IANAC), but judging from their description of the cryptosystem, its only a half-step up from rot-13.
That's not encryption...its a slight mathematical obfuscation. Maybe the DMCA would be a bit less unfair if there were a distinction made on this one.
It's well hashed out how easy it to to fool fingerprinting biometrics, so let's not have at that again. It's a neat concept, but flawed system. To easy to fool and not bulletproof enough to allow for every day accidents that happen in the kitchen (heaven help me if i cut my finger cutting veggies AND burn it on the stove..)
I've read the documentation that you speak of. Yes -- its not invulnerable, but is it better than our current system? I'm sure that its easier to fool a credit card reader with a piece of casette tape than to contruct a gelatin finger. My point is that our current system is far from perfect, as is the alterntive, but maybe its a step in the right direction. Maybe if we used fingerprinting biometrics instead of a signature for credit card purchases it would weed out some of the fraud.
To address the non-bulletproofness of the fingerprint biometric scanning...why not keep more than one fingerprint on file? What is to stop you from making a quickie phone call to have your fingerprint re-scanned? Its not like sirens will blow and the FBI special operations team will descend from the ceiling when there's an error.
Most of these cities score reasonably high on quality of living surveys
Yep -- they're pretty nice places to live. (Chicago is also a very livable city)...but have you ever tried living in a Madison, WI winter? Think about how it'll fly for a Californian. Far, far too cold.
..I'll let you argue with the Naderites if the only people on the public roads without ABS should be licensed... ...You're on your own, and now I think you're an idiot.
You are one of the Naderites if you feel that everyone who buys a car has to buy ABS -- that's my whole point with all of this shit -- personal safety laws are stupid. Whose body is it anyway?
Now who the fuck do you think you are? Would you talk like that to my face, or is it OK to talk shit like that because you're posting on Slashdot? I was never rude to you like that. If you had something nasty to say to me, you should have just kept it to yourself.
You may think that I'm an idiot -- but I am certain that you're a cowardly putz.
There are 2 exceptions that I can think of...drums won't warp like discs...and they're easier to work on until you get into a drum-in-a-disc like alot of parking brakes are set up. Man, what a pain in the ass those are to work on...take apart the disc brake (disassemble & remove caliper, then remove disc/drum) so you can deal with all the crap in the stupid drum (can you guess what I have waiting at home for me to fix?).
Ask your closest co-worker is he knows how to apply trail-braking in emergency avoidance stituations... I doubt they will have any idea of what you are talking about. Trail braking is not as simple as you think.
Yes, ABS is a huge advantage for autocrossers and novice time trial-ers/track drivers. No, ABS is not threshold braking...its a pulsing wheel lock. There's a difference. No, trail-braking and left-foot braking are certianly not simple techniques, and take time to master. I do not believe that I overlooked that in my post. However, postings like this tend to elicit a response from me. Should my car have to be equipped with ABS brakes? The post that I responded to sounded like the typical Nater-like propaganda where, if widespread enough, we will all be required to have these contraversial "safety devices" in our cars. Like those stupid automatic shoulderbelts. Or, more to the point, mandatory airbags. (Don't get me started on seatbelt and helmet laws for adults.) Do you want mandatory ABS? Its your money, and you should be able to decide what safety features you want in your car. I'll decide what I want in my car. I'd think that as a fellow enthusiast, you would share some of that sentiment.
Finally, OT: Why in hell do car manufacturers still put drum brakes on the back of cars? They suck, and they can't be that much cheaper than disc brakes at this point. I don't see how a drum could be cheaper than a rotor except that it's got less metal in it... I guess that's my answer? That's not even true of some of the teensy rear discs I HAVE seen, though rarely.
Interestingly enough -- I just had a conversation about this. There are a few reasons. Typically, on heavier vehicles (like a sport ute or truck) drum brakes are more resistant to fading, and tend stop those vehicles a little better. Also, drum brakes are less suseptible to water damage, so when you back your trailer (with boat) into the landing, the water won't cause warpage. Disc brakes are typically on sports(y) and race cars because they tend to save unsprung weight over drums. Finally, rear brakes don't need to be nearly as effective as front brakes since the weight shift of the car is naturally towards the front under braking -- making the front wheels do most of the stopping.
As far as the tiny rear brake discs go, again, it's because of the weight transfer under braking. Most cars don't really need big rear brakes -- and if they have big discs in the rear, they're largely for show and the brake bias will be tuned towards the front by the manufacturer (lest you want the rears to lock up under heavy braking). Where you see an exception to this rule is in cars with a heavier rear end. Examples of tail heavy cars are (the quintessential rear-engined car) -- the Porsche 911. Its also seen in mid-engined cars (like the Porsche Boxster & 914, Toyota MR2, & Lotus Elise) and in front engined, rear transaxle cars (like the C5 Corvette, Alfa Romeo GT-V6, Ferrari 456/550, and Porsche 944 & 928). The brake sizes in these cars tend to be a little larger in the rear (especially in the 911's, many of which used the same size disc, front and rear).
Damnit, I'm a computer geek and a car geek...does it get any worse?
There is *nothing* in there that would lead anyone to conclude that removing ABS would be an advantage. Quite the opposite. The only time it increases your stopping distance is a) driver misuse (letting up on the brake due to feedback), b) snow covered road where the "piling up" of snow in front of the wheel helps.
...People like you will keep propogating this myth and disinformation, and it must stop here...
OMG, what an arrogant comment. Do you work for the IIHS, NHTSA, or a major insurance carrier?
In this case, I picked the first reference from your google search and read the second paragraph that contained this line:
It isn't entirely clear that antilock braking will reduce stopping distance for the skilled driver
A skilled driver can stop better without ABS brakes (particularly on dry pavement) using a technique called threshold braking. Essentially, threshold braking is when a driver applies the maximum amount force on the brakes to slow the car without locking the wheels. If executed properly, the wheels will not lock, but actually move slower than the rotational speed required to maintain speed on the pavement. It tends to work best in an open-wheeled race car, but the technique also applies to roadgoing cars. Anti-lock brakes will hinder this technique. Check racing literature -- using this technique yields shorter stopping distances then punching the brake on an ABS-equiped vehicle.
ABS brakes also tend to limit the ability of a driver to use another technique called trail-braking (and left-foot braking). These are braking techniques used to offset the balance of the vehicle in a corner and tighten up the line through a corner. This is used in both racing situations and emergency avoidance manuvers.
Additionally, having ABS tends to make drivers over-confident -- many tend to steer during heavy braking, which unloads the rear tires of a car and can easily cause a vehicle to spin out of control...or cause a sport-ute to roll.
Many drivers prefer ABS brakes -- which is fine. Its their choice. In fact, for most drivers, ABS is better...but the absolute mentality you have is just wrong.
Search for "sgi" and you'll find even more silicon graphics machines. Most auctions don't have "workstation" in the title.
There were far too many listed -- I wanted to narrow down the search by removing the newer, more expensive machines (it sounds like this guy doesn't have much of a budget for the newer SGI's anyway).
You have a couple of options -- you could just call the vendors and tell them that you're a VC funded software startup and you want to evaluate thair systems. They'll send you a demo unit, and you'll be able to build on their systems (for a short time). Sure, its dishonest, but I leave the ethics up to you. You could also tell them the truth -- maybe some of these struggling Unix vendors would give you a free workstation (or a deep discount on one) if you're selling 3rd party software that will enhance their platform (though its a longshot).
An alternative would be to start looking for ISP's who will sell you shell accounts on a month-to-month basis. If any of your employees are alumni of colleges and universities, some may still have accounts on legacy Unix systems...these may help too.
The downside of using shell accounts on other folks' systems for building commercial software is that you run the chance of building on inconsistent environments. This can lead to a host of problems that you will not want to deal with.
The final alternative is to go out and buy the systems (I recommend this one). It may be cheaper than you think...although the affordable systems may not be so cutting edge, I'd recommend eBay. There are tons of old SGI, HP-UX, Digital Unix, Sun, and AIX stations out there for very cheap...probably as cheap as a year's worth of shell hosting (and you'll own the machines). You'll also have the security of knowing that you're building on a "clean" environment.
RAID is not a backup solution. RAID improves reliability in the face of drive failure, meaning that it will ensure that your rm -fr / will execute even if you lose a drive in the process.
You are correct in this assertion.
However, if I were to (make the mistake of) look(ing) into RAID as a backup solution, I would not use RAID 5. I would set a RAID 1+0 solution with snapshot mirroring. This way, I can lose up to half of the physical drives in the array before losing my data (rather than losing my data if I lose one drive and a parity drive). RAID 1+0 is also far faster than RAID 5...and with the snapshots, the system would not be prone to rm -rf / issues. However, this would still be vulnerable to filesystem problems.
Actually, I think this should be exactly what IT is in place to do. Some of the worst messes I've ever had the displeasure of walking into have been the result of an overly permissive "yeah, sure, whatever you need, go ahead and get it and plug it in" policy.
While you may have a point fundamentally -- I think that you're wrong in this instance. First of all -- this is not the latest whiz-bang gadgetry -- its the latest version of Microsoft's OS -- the most widely used and supported operating system in the world. Corporate EU's shouldn't have to learn your propritary technology (different from what 90% of the coroporate world uses) to get their job done...especially considering that these people are lawyers (they don't have time to learn how to use a different OS). Look at it this way: Your CEO wants to run an SGI Octane2. Do you say "I won't support it -- you can't have it. I'm going to firewall your shit off" or do yo say "OK, we can do that...but I neither have the budget for that workstation, nor the staff to support it. Here's how much it will cost, and here's the skillset we'll need if you want support."?
Also, this poster's attitude is pretty poor:
We have a couple users who think that they know more than the IT department and therefore insist that they maintain WinXP boxes on their desks.
What if one of these XP people is a partner in the firm, is saying no the right thing to do, or will saying no find his ass out on the street? If I were a partner in the firm, I'd fire his ass in a heartbeat for taking that attitude.
My point is, is that saying hell no and being inflexible is the wrong way to run an IT department -- and this crappy attitude tends to be very commonplace in IT. If this guy actually cares and wants to do the right thing here (instead of hearing a bunch of self-congratulatory Mac users suck each others dicks), what he should do is to explain the situation to his EU's, and offer a couple of alternatives...such as one of the company's old PC's running Win2K running alongside of the Apple -- or (like I said before) let them have it, and tell them that you simply don't have the budget to support a small minority and they're on their own...also tell them what services that they're missing out on by using the alternative OS.
The EU's don't necesarily think that they know more than IT -- they're most likely more comfortable with the Windows environmant than that of the Apple (and likely more productive with it). The fact that this manager is taking the "I know what's best because I'm an IT manager and this is the easiest thing for you to use...damnit" stance is just a bad attitude, and I hope he doesn't really talk down to his users like that...but then again, as much as I hate IT, I'm looking for a different job, and his firm sounds like a nice place to work as a IT manager/admin (after all, I really like the new MacOS).
Frankly, I think it's bad juu-juu to let users define policy unless it is already mandated by corporate policy.
I'm not sure that I agree with you here...and I think that this may show the crux of the problem with IT in many companies.
Managers tend to forget that IT exists to serve the employees. IT is not in place to tell the users what they can't do. Its important to keeps this in mind when writing IT policy. In fact, without hte employees, IT wouldn't exist -- there would just be operations.
...firewall them onto their own segment and be very, very tight about what gets in and out from their segment.
This is just plain wrong. This totally prevents employees from communicating/filesharing with other employees. Remember, if IT is there for the employee, and IT is preventing the employee from doing their job, then IT is not doing their job and IT deserves to be fired.
I'm not saying that this manager should bend over backwards for these folks -- on the contrary -- tell your users that the department doesn't have the resources to support that minority and they're on their own (after all -- that's what Mac users have been hearing for years in the workplace). Mandate that they use proper virus protection and that they stay up to date with the latest Windows updates...this shuold keep your network pretty safe.
I think that Slashdot is playing too much xbill and starting to believe its real.
Uh, when was the last time you saw a PC running Mac OS?
OK...I hate to get into a troll-y, flamebait, off-topic post...but I'll bite...only because the modern, popular nomenclature is just plain wrong.
What do you think that the term "PC" means? Does a PC have to be running an Intel 80x86 processor, or just x86 compatible? Can it be any box using commodity x86 hardware? Does it have to run a Microsoft operating system, or can it be running Linux, Solaris, or a BSD? Whaddabout if its running NeXTstep or BeOS? Is a four-way Xeon running Linux and Apache a PC?
How is a Mac not a PC? It is, in every sense of the term, a Personal Computer. If a Macintosh does not fall into the category of a personal computer, what category does it fall into? A minicomputer? A workstation? An appliance? A microcomputer with expensive, propritary hardware?
That being said: To answer your question, the last time I saw MacOS running on a PC was the last time I saw a Mac.:)
If you're going to share a disk/fs between multiple machines, you will need a filesystem capable of performing proper file locking in order to avoid data corruption and race conditions.
Global File System (aka GFS) can do this. I believe that it was originally developed under a OSS license, but eventually went commercial. There's rumors of a GNU/GPL GFS (called OpenGFS) but I don't have many details as to the maturity of the project, or any experience with it at all.
I found GFS's learning curve to be pretty steep, but if I was able to set it up, I'm sure that you can work through it.
Lastly, I have only used GFS with a SAN cluster, connecting multiple machines via fabric fibre channel (you might want to consider into using a third box as a RAID host). I know that you are using a very different solution than I did, on a different budget -- so YMMV.
I hope that this is helpful to you.
--Turkey
Servers more expensive than desktops/workstations?
on
Nosy Vendors?
·
· Score: 4, Informative
I know that this doesn't quite answer your question, but I believe that your question has a fundamental flaw.
Dell's servers are not necessarily more expensive than their desktops. They have a wide range of servers, the lowest end are far cheaper than any desktop that they sell.
See this page for their introductory range of PowerEdgeSC servers -- which start at $349 (probably closer to $5-600 for something usable with a good warranty). Try to get a Dell desktop for that little. (Yeah -- I know their higher-end systems can get pricey fast...)
As far as dealing with the vendor -- how difficult is it to tell hime that he is out of line? Maybe get his name and his manager's number. You are the customer, aren't you?
I buy Dell computers for a small business almost daily, and I've never had a bad experience with them. Maybe its because I don't volunteer more information than they need. In any case, the bottom line is you are the customer, and you can tell your vendor to fuck off -- however, they will not do that to you...they need your business.
How long has this reputation existed? I'd be interested to know if it's related to the high penetration of broadband in Canada (primarily Sympatico DSL and Rogers cable). If so, it's more than just disappointing that entire countries are being penalized for adopting high speed access and we should expect to see more of this (both script kiddie problems and overzealous blocking) as broadband is more widely adopted.
I've never heard of this reputation -- but sympatico.ca was one of the first domains that I've ever summarily banned from any network.
I've detected repeated hack attempts and port scans coming from sympatico.ca. After sending abuse reports via email to sympatico and receiving no response, I just decided that I'd be beter off not allowing any traffic from sympatico.
A few professors speak Latin, too, does that mean the language isn't dead?
Bad analogy.
The reason why its a bad analogy is because Latin was, at one time, used as a mainsteam cultural language. Minix was not built as an OS for the masses. It was developed specifically as a teaching tool. So if a few professors use it, it means that it is alive and kicking in exactly the way it was intended to exist in the first place (in fact, you proved my point -- thanks). Now, it just happens to be useful in ways that it was not originally intended -- it runs Apache and some other useful tools, which for the sake of this argument, is a bonus. Is Linux as good of a teaching tool as Minix? No -- for several reasons that I won't get into...or even answer of you choose to argue it with me
(read the rest of the posts on this/. topic and I'm sure you will find an convicing answer). Is there a better OS to be used as a teaching tool? Not that I know of. Do some professors still use Minix to teach with? Most likely -- so it is decidedly not dead.
-Turkey
Minux still alive and well
on
The End Of Minix?
·
· Score: 3, Insightful
Minix is not dead.
Al Woodhull's Minux box is still alive, well, and running here, in the third floor of Cole Science center at Hampshire College, in Amherst, MA. Al Woodhull is the co-author of the Minix operating system, and I believe that he still helps maintain it (occasionally).
The fact that it is still up and running an Apache server is a testament that it is still a functional operating system...more than just an educational toy. Here is a quote from the site:
To the best of our knowledge, minix1.hampshire.edu is the oldest web site based upon standard Minix. The site actually began operation in April 1994, offering anonymous ftp access using Michael Temari's Tnet system on Minix 1.5 on an 80286 system. In February 1996 the web site was added to the site, then operating under Minix 1.7.0 on an 80386. The mirror site at turing.oit.umass.edu was added in 1998, and changed its name to minix1.bio.umass.edu in October 2001.
So what if XF86 isn't being written for it? Does X make it a real OS? Is an OS not functional without X11R6? Does that make all of those X-less servers that I built and maintain toys?
So here's the solution. Like any badly run buearacracy, the college administration will fold, give in to your demands, and bend over for you, if you give them enough grief. Don't do anything that they can kick you out for, but give them a truck-load of pain through all the official channels possible. And if you run out of official channels, make some up.
OK -- while I don't agree with all the crap the preceeded the above quote -- the above is right on the money. What you need to do is to escelate the problem up the buearocracy. Make a stink, and make their admins looks bad -- real bad.
I remember years ago, when I was just starting college, my friend wrote a little C app to periodically scan wtmp (or was it utmp?) on our SunOS system to see when his friends logged on and off. He sent it out to all of his friends to test. While he was testing, he experimented by including all 1500 users for about 5 mins and ate a big chunk of memory and CPU and one of the student admin's ZSH processes wouldn't fork. Our student-admin did a find in the/student/ directory and sent a nasty-gram to everyone who had the app in their homedirectories. The reaction was appropriate, but the content of the letter was so abusive and out of line that it provoked a response from me similar to what I think that you should do. His letter was so amazingly BOFH-like, I had to keep it around for humor's sake...I'll include here:
Date: Sat, 13 Apr 1996 14:28:11 -0400 (EDT)
From: (BOFH's name withheld)
To: (withheld)
Subject: void is NOT
void is NOT to be run on hamp any longer.
Period.
I have noticed the load average go up as I note void processes going
out of control. When I kill void processes the load average goes down
and the system is happy again. That makes me happy again.
I do not like seeing:
zsh: fork failed.
it makes me unhappy.
You don't like it when I'm unhappy. Even if you don't know it or not.
If you want to continue running void on hamp, then do two things.
1)
Send me the source code and if I have time I will see if I can spot
any bad monkeys in the code causing this problem. 2) run a profiler on
your code to see how badly it can tax the system.
As for #1, I probably won't get around to fixing your code. I have
plenty of other more useful and interesting things to do. I would be
interested in seeing the code, though.
As for #2, If you don't know how to profile your code, then don't ever
run void or similar programs again. Profile your code and figure out
how to stop causing so many problems with the system, such as filling
up the process table, &c, and, pending that you fix it, you can runI would advise you to run the program on your own machines. Port your
code to whatever platform(s) you have in your own room and crash and
mangle your own machines. I don't have time to track down all the
little problems that users want to cause for their own petty fun &
excitement - whatever those may be. There are a good number of folks
who use hamp for academic purposes. Academic purposes have the first
priority over anything else (including banter over e-mail, news, irc,
&c).
I don't give a wet slap about supporting the system for
miscreants that use the system for more than an Academic purpose.
Personally, I'm all for fun and games and pettiness, but I'm not
going to spend time SUPPORTing it. And when it actively causes
problems with the system, I'm going to grab the problem 'round the
neck and throttle it with quite some fierceness.
So, the solution here is simple and straightforward as I've outlined
above. If you have questions or comments, send them to me by all
means. I am very firm on this point. It is the end of the semester
and I want as few problems with the system as possible. If I see you
running void, I will kill the process immediately, unless you
otherwise e-mail me telling me you are profiling or attempting to fix
the problems with the program at the time I see void running. Period.
Thank you for your cooperation.
(name withheld to protect the BOFH)
I wrote a nasty-gram back, telling him that it was an independant, academic project and the college should be supporting that kind of activity. I also CC'ed it to Academic Computing and various other administrative folks. It got results. Had we just rolled over and let this guy abuse us, he would have got the impression that it was OK to talk to people like that in his job function (alot of SA's do) and continued to run his system with an iron fist. Remember -- the network, and its associated staff is there for you to make use of.
The right thing to do is to write your SA a letter, write IT a letter, write one to academic computing, and write one to your dean of student affairs. Also, figure out who the SA works for, and who they work for. It wouldn't hurt to talk to a CS prof and get them on your side (professors have a lot more pull with the administration than you).
You didn't do anything wrong. Put those bastards in their place. If Shawn Fanning found his way to a brief geek-rockstardom from a project (and innovative way of thinking) similar to yours...this kind of thing should be rewarded.
As an addendum to the story, the guy who wrote "void" went on to work for a number of video game shops, eventually landing at Bungie, writing much of Halo's 3D engine..which, from where I sit, is quite successful. Experiment, fuck around, push the limit of the rules, and if anyone gets in your way -- don't back down. It may take you very far.
Woah, woah...back up there a second. That's the politics of the situation. That's how it all works. Did the US need to give foreign aid to Yemen in the first place? Does the US not reserve the right to revoke their foreign aid for any reason?
I think that there is some feeling that since the US is in such a powerful position, the rest of the world deserves the US's assistance. This kind of thinking is just plain wrong.
Let's put it in persoective. Hypothetically, let's suppose that for some reason, I'm supporting you financially. Now, let's say that we have a falling out and I find out that you've been talking smack about me behind my back. Am I not allowed to stop hooking you up with a check every month to support your livelyhood? If you owe some money to a loanshark and he's going to break your bones when he doesn't get money...is it my responsibilty because I stopped sending you money? Hell no! Now, how is the Yemen situation in the Gulf War any different?
I fail to see any logic in your argument, because the US is not mandated (by any stretch of the imagination) to give foreign aid to anyone. The US reserves the right to cancel those dollars at any time, for any reason. Now that includes cessation of foreign aid for a country's UN vote against what the US feels is in its best interests. Period.
Maybe I'm missing something -- but this seems to be a case of "life is not fair"...but insidous? I seriously doubt it.
Sorry, but that's just dumb (I mean using a visible laser as a gunsight). It's been shown in movies, probably because it looks cool or whatever, but if you want to shoot someone, you don't want to be seen, and you don't want to give them an advance warning.
I'm going to have to (conditionally) disagree with the above point. Police officers will typically want people to know that they have their gun on a person. That person is more likely to be subdued when they know where the first one is going.
Now the case is likely very different for a military sniper, assassin, or a rampage-style serial killer...IANAGF (I am not a gun freak), so YMMV.
Slashdot Mirror
You're absolutely correct. However, I was only able to draw so much from a legal paper. My judgement of the simplicity of their security system was based on the facts. They intentionally left a back door open on their fancy security system (which is based on a 36-bit key, judging from their 100-billion number figure) -- and when someone found and used (not exploited) their back-door, they are try to sue. This is all indicitative of the poor encryption (and political/legal tactics) that the MPAA used going after DeCSS.
You're also right that it could be DES, RSA, AES, etc that they're using. And XOR is freaking fantastic for encryption -- if used properly -- its very fast and effective in stream ciphers...especially symmetric stream cipkers like RC4. In any case, the point that I originally set out to make with the XOR supposition (but never got around to) was that their security/encryption model seems to be built around obscurity -- we don't know exactly what it is, but it may as well be rot-13 if the security of their scheme is dependant on us not knowing what it is. (and they certianly don't mention it in any of the legal breifings or any other whitepapers I could find online).
I sure hope that they did not spend too much on that rolling code system. It sounds like a freaking joke:
OK, so let's assume that the rolling code is a 6-digit number. It only changes when the garage door is opened, and the only change is that the rolling code is incremented by three. I'd bet dollars to dimes that the scrambling algorithm is simply an xor of the identification code and the rolling code. Meaning that only one known value is necessary (your identification code) to derive the other (the current state of the rolling code). Keep in mind that I'm no cryptographer (IANAC), but judging from their description of the cryptosystem, its only a half-step up from rot-13.
That's not encryption...its a slight mathematical obfuscation. Maybe the DMCA would be a bit less unfair if there were a distinction made on this one.
I've read the documentation that you speak of. Yes -- its not invulnerable, but is it better than our current system? I'm sure that its easier to fool a credit card reader with a piece of casette tape than to contruct a gelatin finger. My point is that our current system is far from perfect, as is the alterntive, but maybe its a step in the right direction. Maybe if we used fingerprinting biometrics instead of a signature for credit card purchases it would weed out some of the fraud.
To address the non-bulletproofness of the fingerprint biometric scanning...why not keep more than one fingerprint on file? What is to stop you from making a quickie phone call to have your fingerprint re-scanned? Its not like sirens will blow and the FBI special operations team will descend from the ceiling when there's an error.
Just an idea
Yep -- they're pretty nice places to live. (Chicago is also a very livable city)...but have you ever tried living in a Madison, WI winter? Think about how it'll fly for a Californian. Far, far too cold.
You are one of the Naderites if you feel that everyone who buys a car has to buy ABS -- that's my whole point with all of this shit -- personal safety laws are stupid. Whose body is it anyway?
Now who the fuck do you think you are? Would you talk like that to my face, or is it OK to talk shit like that because you're posting on Slashdot? I was never rude to you like that. If you had something nasty to say to me, you should have just kept it to yourself.
You may think that I'm an idiot -- but I am certain that you're a cowardly putz.
Yeah, you're right.
There are 2 exceptions that I can think of...drums won't warp like discs...and they're easier to work on until you get into a drum-in-a-disc like alot of parking brakes are set up. Man, what a pain in the ass those are to work on...take apart the disc brake (disassemble & remove caliper, then remove disc/drum) so you can deal with all the crap in the stupid drum (can you guess what I have waiting at home for me to fix?).
Yes, ABS is a huge advantage for autocrossers and novice time trial-ers/track drivers. No, ABS is not threshold braking...its a pulsing wheel lock. There's a difference. No, trail-braking and left-foot braking are certianly not simple techniques, and take time to master. I do not believe that I overlooked that in my post. However, postings like this tend to elicit a response from me. Should my car have to be equipped with ABS brakes? The post that I responded to sounded like the typical Nater-like propaganda where, if widespread enough, we will all be required to have these contraversial "safety devices" in our cars. Like those stupid automatic shoulderbelts. Or, more to the point, mandatory airbags. (Don't get me started on seatbelt and helmet laws for adults.) Do you want mandatory ABS? Its your money, and you should be able to decide what safety features you want in your car. I'll decide what I want in my car. I'd think that as a fellow enthusiast, you would share some of that sentiment.
Interestingly enough -- I just had a conversation about this. There are a few reasons. Typically, on heavier vehicles (like a sport ute or truck) drum brakes are more resistant to fading, and tend stop those vehicles a little better. Also, drum brakes are less suseptible to water damage, so when you back your trailer (with boat) into the landing, the water won't cause warpage. Disc brakes are typically on sports(y) and race cars because they tend to save unsprung weight over drums. Finally, rear brakes don't need to be nearly as effective as front brakes since the weight shift of the car is naturally towards the front under braking -- making the front wheels do most of the stopping.
As far as the tiny rear brake discs go, again, it's because of the weight transfer under braking. Most cars don't really need big rear brakes -- and if they have big discs in the rear, they're largely for show and the brake bias will be tuned towards the front by the manufacturer (lest you want the rears to lock up under heavy braking). Where you see an exception to this rule is in cars with a heavier rear end. Examples of tail heavy cars are (the quintessential rear-engined car) -- the Porsche 911. Its also seen in mid-engined cars (like the Porsche Boxster & 914, Toyota MR2, & Lotus Elise) and in front engined, rear transaxle cars (like the C5 Corvette, Alfa Romeo GT-V6, Ferrari 456/550, and Porsche 944 & 928). The brake sizes in these cars tend to be a little larger in the rear (especially in the 911's, many of which used the same size disc, front and rear).
Damnit, I'm a computer geek and a car geek...does it get any worse?
OMG, what an arrogant comment. Do you work for the IIHS, NHTSA, or a major insurance carrier?
In this case, I picked the first reference from your google search and read the second paragraph that contained this line:
A skilled driver can stop better without ABS brakes (particularly on dry pavement) using a technique called threshold braking. Essentially, threshold braking is when a driver applies the maximum amount force on the brakes to slow the car without locking the wheels. If executed properly, the wheels will not lock, but actually move slower than the rotational speed required to maintain speed on the pavement. It tends to work best in an open-wheeled race car, but the technique also applies to roadgoing cars. Anti-lock brakes will hinder this technique. Check racing literature -- using this technique yields shorter stopping distances then punching the brake on an ABS-equiped vehicle.
ABS brakes also tend to limit the ability of a driver to use another technique called trail-braking (and left-foot braking). These are braking techniques used to offset the balance of the vehicle in a corner and tighten up the line through a corner. This is used in both racing situations and emergency avoidance manuvers.
Additionally, having ABS tends to make drivers over-confident -- many tend to steer during heavy braking, which unloads the rear tires of a car and can easily cause a vehicle to spin out of control...or cause a sport-ute to roll.
Many drivers prefer ABS brakes -- which is fine. Its their choice. In fact, for most drivers, ABS is better...but the absolute mentality you have is just wrong.
There were far too many listed -- I wanted to narrow down the search by removing the newer, more expensive machines (it sounds like this guy doesn't have much of a budget for the newer SGI's anyway).
You have a couple of options -- you could just call the vendors and tell them that you're a VC funded software startup and you want to evaluate thair systems. They'll send you a demo unit, and you'll be able to build on their systems (for a short time). Sure, its dishonest, but I leave the ethics up to you. You could also tell them the truth -- maybe some of these struggling Unix vendors would give you a free workstation (or a deep discount on one) if you're selling 3rd party software that will enhance their platform (though its a longshot).
An alternative would be to start looking for ISP's who will sell you shell accounts on a month-to-month basis. If any of your employees are alumni of colleges and universities, some may still have accounts on legacy Unix systems...these may help too.
The downside of using shell accounts on other folks' systems for building commercial software is that you run the chance of building on inconsistent environments. This can lead to a host of problems that you will not want to deal with.
The final alternative is to go out and buy the systems (I recommend this one). It may be cheaper than you think...although the affordable systems may not be so cutting edge, I'd recommend eBay. There are tons of old SGI, HP-UX, Digital Unix, Sun, and AIX stations out there for very cheap...probably as cheap as a year's worth of shell hosting (and you'll own the machines). You'll also have the security of knowing that you're building on a "clean" environment.
I hope this helps!
You are correct in this assertion.
However, if I were to (make the mistake of) look(ing) into RAID as a backup solution, I would not use RAID 5. I would set a RAID 1+0 solution with snapshot mirroring. This way, I can lose up to half of the physical drives in the array before losing my data (rather than losing my data if I lose one drive and a parity drive). RAID 1+0 is also far faster than RAID 5...and with the snapshots, the system would not be prone to rm -rf / issues. However, this would still be vulnerable to filesystem problems.
Just my $0.02While you may have a point fundamentally -- I think that you're wrong in this instance. First of all -- this is not the latest whiz-bang gadgetry -- its the latest version of Microsoft's OS -- the most widely used and supported operating system in the world. Corporate EU's shouldn't have to learn your propritary technology (different from what 90% of the coroporate world uses) to get their job done...especially considering that these people are lawyers (they don't have time to learn how to use a different OS). Look at it this way: Your CEO wants to run an SGI Octane2. Do you say "I won't support it -- you can't have it. I'm going to firewall your shit off" or do yo say "OK, we can do that...but I neither have the budget for that workstation, nor the staff to support it. Here's how much it will cost, and here's the skillset we'll need if you want support."?
Also, this poster's attitude is pretty poor:
What if one of these XP people is a partner in the firm, is saying no the right thing to do, or will saying no find his ass out on the street? If I were a partner in the firm, I'd fire his ass in a heartbeat for taking that attitude.My point is, is that saying hell no and being inflexible is the wrong way to run an IT department -- and this crappy attitude tends to be very commonplace in IT. If this guy actually cares and wants to do the right thing here (instead of hearing a bunch of self-congratulatory Mac users suck each others dicks), what he should do is to explain the situation to his EU's, and offer a couple of alternatives...such as one of the company's old PC's running Win2K running alongside of the Apple -- or (like I said before) let them have it, and tell them that you simply don't have the budget to support a small minority and they're on their own...also tell them what services that they're missing out on by using the alternative OS.
The EU's don't necesarily think that they know more than IT -- they're most likely more comfortable with the Windows environmant than that of the Apple (and likely more productive with it). The fact that this manager is taking the "I know what's best because I'm an IT manager and this is the easiest thing for you to use...damnit" stance is just a bad attitude, and I hope he doesn't really talk down to his users like that...but then again, as much as I hate IT, I'm looking for a different job, and his firm sounds like a nice place to work as a IT manager/admin (after all, I really like the new MacOS).
I'm not sure that I agree with you here...and I think that this may show the crux of the problem with IT in many companies.
Managers tend to forget that IT exists to serve the employees. IT is not in place to tell the users what they can't do. Its important to keeps this in mind when writing IT policy. In fact, without hte employees, IT wouldn't exist -- there would just be operations.
This is just plain wrong. This totally prevents employees from communicating/filesharing with other employees. Remember, if IT is there for the employee, and IT is preventing the employee from doing their job, then IT is not doing their job and IT deserves to be fired.
I'm not saying that this manager should bend over backwards for these folks -- on the contrary -- tell your users that the department doesn't have the resources to support that minority and they're on their own (after all -- that's what Mac users have been hearing for years in the workplace). Mandate that they use proper virus protection and that they stay up to date with the latest Windows updates...this shuold keep your network pretty safe.
I think that Slashdot is playing too much xbill and starting to believe its real.
Buy OpenBSD posters. It'll support the software too. Go here.
OK...I hate to get into a troll-y, flamebait, off-topic post...but I'll bite...only because the modern, popular nomenclature is just plain wrong.
What do you think that the term "PC" means? Does a PC have to be running an Intel 80x86 processor, or just x86 compatible? Can it be any box using commodity x86 hardware? Does it have to run a Microsoft operating system, or can it be running Linux, Solaris, or a BSD? Whaddabout if its running NeXTstep or BeOS? Is a four-way Xeon running Linux and Apache a PC?
How is a Mac not a PC? It is, in every sense of the term, a Personal Computer. If a Macintosh does not fall into the category of a personal computer, what category does it fall into? A minicomputer? A workstation? An appliance? A microcomputer with expensive, propritary hardware?
That being said: To answer your question, the last time I saw MacOS running on a PC was the last time I saw a Mac. :)
If you're going to share a disk/fs between multiple machines, you will need a filesystem capable of performing proper file locking in order to avoid data corruption and race conditions.
Global File System (aka GFS) can do this. I believe that it was originally developed under a OSS license, but eventually went commercial. There's rumors of a GNU/GPL GFS (called OpenGFS) but I don't have many details as to the maturity of the project, or any experience with it at all.
I found GFS's learning curve to be pretty steep, but if I was able to set it up, I'm sure that you can work through it.
Lastly, I have only used GFS with a SAN cluster, connecting multiple machines via fabric fibre channel (you might want to consider into using a third box as a RAID host). I know that you are using a very different solution than I did, on a different budget -- so YMMV.
I hope that this is helpful to you.
I know that this doesn't quite answer your question, but I believe that your question has a fundamental flaw.
Dell's servers are not necessarily more expensive than their desktops. They have a wide range of servers, the lowest end are far cheaper than any desktop that they sell.
See this page for their introductory range of PowerEdgeSC servers -- which start at $349 (probably closer to $5-600 for something usable with a good warranty). Try to get a Dell desktop for that little. (Yeah -- I know their higher-end systems can get pricey fast...)
As far as dealing with the vendor -- how difficult is it to tell hime that he is out of line? Maybe get his name and his manager's number. You are the customer, aren't you?
I buy Dell computers for a small business almost daily, and I've never had a bad experience with them. Maybe its because I don't volunteer more information than they need. In any case, the bottom line is you are the customer, and you can tell your vendor to fuck off -- however, they will not do that to you...they need your business.
I've never heard of this reputation -- but sympatico.ca was one of the first domains that I've ever summarily banned from any network.
I've detected repeated hack attempts and port scans coming from sympatico.ca. After sending abuse reports via email to sympatico and receiving no response, I just decided that I'd be beter off not allowing any traffic from sympatico.
Is it fair? no...but what's the alternative?
Yeah -- I totally agree.
Bad analogy.
The reason why its a bad analogy is because Latin was, at one time, used as a mainsteam cultural language. Minix was not built as an OS for the masses. It was developed specifically as a teaching tool. So if a few professors use it, it means that it is alive and kicking in exactly the way it was intended to exist in the first place (in fact, you proved my point -- thanks). Now, it just happens to be useful in ways that it was not originally intended -- it runs Apache and some other useful tools, which for the sake of this argument, is a bonus. Is Linux as good of a teaching tool as Minix? No -- for several reasons that I won't get into...or even answer of you choose to argue it with me (read the rest of the posts on this /. topic and I'm sure you will find an convicing answer). Is there a better OS to be used as a teaching tool? Not that I know of. Do some professors still use Minix to teach with? Most likely -- so it is decidedly not dead.
Al Woodhull's Minux box is still alive, well, and running here, in the third floor of Cole Science center at Hampshire College, in Amherst, MA. Al Woodhull is the co-author of the Minix operating system, and I believe that he still helps maintain it (occasionally).
The fact that it is still up and running an Apache server is a testament that it is still a functional operating system...more than just an educational toy. Here is a quote from the site:
So what if XF86 isn't being written for it? Does X make it a real OS? Is an OS not functional without X11R6? Does that make all of those X-less servers that I built and maintain toys?
OK -- while I don't agree with all the crap the preceeded the above quote -- the above is right on the money. What you need to do is to escelate the problem up the buearocracy. Make a stink, and make their admins looks bad -- real bad.
I remember years ago, when I was just starting college, my friend wrote a little C app to periodically scan wtmp (or was it utmp?) on our SunOS system to see when his friends logged on and off. He sent it out to all of his friends to test. While he was testing, he experimented by including all 1500 users for about 5 mins and ate a big chunk of memory and CPU and one of the student admin's ZSH processes wouldn't fork. Our student-admin did a find in the /student/ directory and sent a nasty-gram to everyone who had the app in their homedirectories. The reaction was appropriate, but the content of the letter was so abusive and out of line that it provoked a response from me similar to what I think that you should do. His letter was so amazingly BOFH-like, I had to keep it around for humor's sake...I'll include here:
I wrote a nasty-gram back, telling him that it was an independant, academic project and the college should be supporting that kind of activity. I also CC'ed it to Academic Computing and various other administrative folks. It got results. Had we just rolled over and let this guy abuse us, he would have got the impression that it was OK to talk to people like that in his job function (alot of SA's do) and continued to run his system with an iron fist. Remember -- the network, and its associated staff is there for you to make use of.
The right thing to do is to write your SA a letter, write IT a letter, write one to academic computing, and write one to your dean of student affairs. Also, figure out who the SA works for, and who they work for. It wouldn't hurt to talk to a CS prof and get them on your side (professors have a lot more pull with the administration than you).
You didn't do anything wrong. Put those bastards in their place. If Shawn Fanning found his way to a brief geek-rockstardom from a project (and innovative way of thinking) similar to yours...this kind of thing should be rewarded.
As an addendum to the story, the guy who wrote "void" went on to work for a number of video game shops, eventually landing at Bungie, writing much of Halo's 3D engine..which, from where I sit, is quite successful. Experiment, fuck around, push the limit of the rules, and if anyone gets in your way -- don't back down. It may take you very far.
Woah, woah...back up there a second. That's the politics of the situation. That's how it all works. Did the US need to give foreign aid to Yemen in the first place? Does the US not reserve the right to revoke their foreign aid for any reason?
I think that there is some feeling that since the US is in such a powerful position, the rest of the world deserves the US's assistance. This kind of thinking is just plain wrong.
Let's put it in persoective. Hypothetically, let's suppose that for some reason, I'm supporting you financially. Now, let's say that we have a falling out and I find out that you've been talking smack about me behind my back. Am I not allowed to stop hooking you up with a check every month to support your livelyhood? If you owe some money to a loanshark and he's going to break your bones when he doesn't get money...is it my responsibilty because I stopped sending you money? Hell no! Now, how is the Yemen situation in the Gulf War any different?
I fail to see any logic in your argument, because the US is not mandated (by any stretch of the imagination) to give foreign aid to anyone. The US reserves the right to cancel those dollars at any time, for any reason. Now that includes cessation of foreign aid for a country's UN vote against what the US feels is in its best interests. Period.
Maybe I'm missing something -- but this seems to be a case of "life is not fair"...but insidous? I seriously doubt it.
I'm going to have to (conditionally) disagree with the above point. Police officers will typically want people to know that they have their gun on a person. That person is more likely to be subdued when they know where the first one is going.
Now the case is likely very different for a military sniper, assassin, or a rampage-style serial killer...IANAGF (I am not a gun freak), so YMMV.