Kind of. However, it has also always been this way, and it has survived so far.
All that has really changed is the number of players has increased, and the size of the routing tables are increasing.
It has to work, so a lot of people should notice very quickly if something large goes wrong.
It also cannot very easily be fixed, as many players would have to spend a lot of money for it to change, and there is little financial incentive to chase that ghost.
And you thought IPv6 or DNSSEC adoption was taking a long time... imagine how many decades it would take for SBGP adoption?
I'm talking about default configurations here, it's not worth it to dicuss imaginary high-security configurations that real users never apply to their systems in real life.
Repeat after me: If it is not secure by default, then it is not secure.
When Microsoft makes the default that the user does not possess the second token, and a password is required, then we can refer to UAC as a security boundary.
An error rate of 5% is unacceptable for most computing applications. Sure, you can perform multiple computations, but computing twice does not necessarily halve the likelihood of an error.
If the two computations disagree, then you can't pick which one is in error, unless you have devised a test, or you perform yet another computation.
It's like trying to record an analog audio source multiple times over a low-quality cable.
There's no such thing as a reliable way to use two recordings of the audio to 'reduce' the errors.
You may as well say that quantum computers need to have 3 cores, each one solving the same algorithm in parallel, and outcome with the most votes wins.
However, you need to be sure each calculation is independent, otherwise you still have a probability of systemic error (due to elements of the computation and of the design of that particular quantum computer) -- certain computations might have a certain percentage of error, regardless of how many times repeated.
Statistically speaking, a p-value of 0.05 does not mean an error rate of 5%.
It refers to the probability of observing a value at least as extreme as that value, assuming the null hypothesis is true.
The calculation cannot tell you the probability of an error or not.
Actually, I think it may outpace Moore's law by an order of magnitude.
After the leap to molecule based computing, within a few years it will be a physical almost impossible to go any further down in scale, rendering Moore's law obsolete at that point.
But once we make that leap, we'll have so much computing power, we won't need Moore's law.
Somebody else will have to make the law that applies there on out.
So what if they do? Executing the sudo command is limited to the program you're sudo-ing, not your whole session. A program can't wait in the background and get root when someone types sudo.
Once you run sudo, it creates a temporary file in.fido somewhere, or/var/run/sudo
Anyways, the timestamp on the file indicates the last time you typed a password to run a sudo command.
Once you do it once, Sudo remembers (for a duration) that your username has recently typed the password, and further uses of the 'sudo' command will not require that a password be entered from some time.
Even if those other users are from a background cron job, script running daemonized, or a user logged into a different terminal, the password won't be required again, so there is a potential duration during which your use of 'sudo' has exposed you to potential attack.
Well, it might be useful for new render farms.
They could save money by not getting heavy cooling in the first place, eh?
However, the technology is radical and yet to be proven yet.
I don't see any business adopting or trying this, until it has been proven -- or until it becomes inexpensive to try.
It's not worth paying twice as much for a server, for some fancy immersive cooling technology, if it hasn't yet been proven for large deployments.
I think it's more of an option (immediately) for small-scale deployments, like ones you could use Windows-based software in
The fluid used in immersive cooling systems IS dialectric (an insulator) and inert to electronics.
Otherwise, it would make no sense to immerse the blade's components such as CPU and memory in it during normal operation.
This is not a water cooling solution, or a water block / partial immersion solution, where a dangerous liquid might be used, but kept isolated from the components by using tubing, a cooling block, and a pump.
In an immersion solution like the one discussed, all components of the server, except possibly hard drives, and some sensitive components are immersed in the fluid, and probably some simple agitators are present somewhere to ensure the fluid moves across the CPU -- but to a large extent, convection will do that.
If they use SSD drives, everything might be immersed.
It is not a given that it will ever leak.
Only if there are shoddy materials in the case itself, or the case gets broken.
Again, this is not the sort of solution where you have fragile tubes.
Hopefully, (if they are smart), the blade slots are on the top of the chassis, and blades insert downwards to be immersed in fluid.
The fluid is dialectric and therefore non-conductive and 'safe' it won't short out the other servers.
However, it could create a mess.
If you have 1 full immersion blade you'll want them all that way.
CPU and all components are immersed in the fluid.
The primary danger behind 'leaking' is that the tank runs low and the server or pump starts overheating due to lack of fluid.
Than re-fitting all your racks with some carbon fiber advanced material.
Surely cooling with a pumped liquid generates less vibration in the air than having a bunch of high-speed fans in your case.
Maybe this will result in better hard drive performance:)
The difference between a training company and most companies, is a training company uses most gear they buy for purposes that it won't be a big catastrophe if the equipment fails.
If the company were an ISP or a big telephone company, or other organization with a 24x7 network that HAS TO WORK, and they always make sure to buy the high-end support contract for all their network gear, to ensure any faulty component can be replaced in hours, not days, their opinion on the matter might be quite different:)
Due to the nature of the clones, a seller admitting they were cloned would be subject to immediate lawsuit and criminal action for willful infringement of patents and copyrights.
In other words, they are damned if they do, and damned if they don't. The only legal thing they can do is not sell clones at all.
The cynic in me says they'll disable the outputs entirely on older boxes, and if you complain, support will tell you it's a problem with your box, go buy the new fancy box that they have finer-grained control over.
I'm sure we'll soon be hearing about concessions like the FCC says it's OK for providers to turn off some ports, such as port 5060 TCP/UDP, port 6667, port 6881, and whatever port Skype uses.
At the same time their pushing their own telephone/VoIP + cable bundle as hard as possible
Time for you to get out of IT, if you think you need to blindly apply every patch marked important, that is an extreme waste.
It doesn't matter what the rating is, if the patch isn't for an issue that effects you, it is not worth the cost in terms of downtime risk and overhead to apply that patch.
Doubly so for non-critical rated issues.
For every patch, you read the security advisories in detail, and determine whether to implement the patch, or design a workaround to prevent the issue from being exploited until the next major upgrade cycle.
Or you may determine that the severity isn't sufficient to warrant patching, even if the rating is important.
"Many times there simply is no benefit to anyone to disclose the bug."
This is sure and utter nonsense.
Failing to publicize the more critical issue means fewer people will apply the patch -- less pressure to apply the patch
Sometimes higher-priority vulnerabilities are applied, and lower-priorities are not.
Often IT professionals will review the specific security advisory in question, and run the patch early only if the advised security issue impacts their setup; more general patching of issues that do not currently effect them, can wait until the normal upgrade cycle (possibly once every 12 to 24 months, or sometimes even longer).
Releasing the patch discloses the bug to anyone who is concerned into looking at it deeply -- they will analyze what is being changed by the patch, and can find the vulnerability based on the contents of the patch and what changed.
Second, more vendors doing something similar sometimes would just further invalidate studies of windows security, if you can prove they do.
You see... the mere possibility that their practices may be completely different or inconsistent makes the incidence of vulnerability report numbers useless as a metric.
Kind of. However, it has also always been this way, and it has survived so far. All that has really changed is the number of players has increased, and the size of the routing tables are increasing.
It has to work, so a lot of people should notice very quickly if something large goes wrong.
It also cannot very easily be fixed, as many players would have to spend a lot of money for it to change, and there is little financial incentive to chase that ghost.
And you thought IPv6 or DNSSEC adoption was taking a long time... imagine how many decades it would take for SBGP adoption?
I'm talking about default configurations here, it's not worth it to dicuss imaginary high-security configurations that real users never apply to their systems in real life.
Repeat after me: If it is not secure by default, then it is not secure.
When Microsoft makes the default that the user does not possess the second token, and a password is required, then we can refer to UAC as a security boundary.
An error rate of 5% is unacceptable for most computing applications. Sure, you can perform multiple computations, but computing twice does not necessarily halve the likelihood of an error. If the two computations disagree, then you can't pick which one is in error, unless you have devised a test, or you perform yet another computation.
It's like trying to record an analog audio source multiple times over a low-quality cable. There's no such thing as a reliable way to use two recordings of the audio to 'reduce' the errors.
You may as well say that quantum computers need to have 3 cores, each one solving the same algorithm in parallel, and outcome with the most votes wins.
However, you need to be sure each calculation is independent, otherwise you still have a probability of systemic error (due to elements of the computation and of the design of that particular quantum computer) -- certain computations might have a certain percentage of error, regardless of how many times repeated.
Statistically speaking, a p-value of 0.05 does not mean an error rate of 5%. It refers to the probability of observing a value at least as extreme as that value, assuming the null hypothesis is true.
The calculation cannot tell you the probability of an error or not.
Actually, I think it may outpace Moore's law by an order of magnitude.
After the leap to molecule based computing, within a few years it will be a physical almost impossible to go any further down in scale, rendering Moore's law obsolete at that point.
But once we make that leap, we'll have so much computing power, we won't need Moore's law. Somebody else will have to make the law that applies there on out.
So what if they do? Executing the sudo command is limited to the program you're sudo-ing, not your whole session. A program can't wait in the background and get root when someone types sudo.
Once you run sudo, it creates a temporary file in .fido somewhere, or /var/run/sudo
Anyways, the timestamp on the file indicates the last time you typed a password to run a sudo command.
Once you do it once, Sudo remembers (for a duration) that your username has recently typed the password, and further uses of the 'sudo' command will not require that a password be entered from some time.
Even if those other users are from a background cron job, script running daemonized, or a user logged into a different terminal, the password won't be required again, so there is a potential duration during which your use of 'sudo' has exposed you to potential attack.
Well, it might be useful for new render farms. They could save money by not getting heavy cooling in the first place, eh?
However, the technology is radical and yet to be proven yet. I don't see any business adopting or trying this, until it has been proven -- or until it becomes inexpensive to try.
It's not worth paying twice as much for a server, for some fancy immersive cooling technology, if it hasn't yet been proven for large deployments.
I think it's more of an option (immediately) for small-scale deployments, like ones you could use Windows-based software in
The fluid used in immersive cooling systems IS dialectric (an insulator) and inert to electronics.
Otherwise, it would make no sense to immerse the blade's components such as CPU and memory in it during normal operation.
This is not a water cooling solution, or a water block / partial immersion solution, where a dangerous liquid might be used, but kept isolated from the components by using tubing, a cooling block, and a pump.
In an immersion solution like the one discussed, all components of the server, except possibly hard drives, and some sensitive components are immersed in the fluid, and probably some simple agitators are present somewhere to ensure the fluid moves across the CPU -- but to a large extent, convection will do that.
If they use SSD drives, everything might be immersed.
It is not a given that it will ever leak. Only if there are shoddy materials in the case itself, or the case gets broken.
Again, this is not the sort of solution where you have fragile tubes.
Hopefully, (if they are smart), the blade slots are on the top of the chassis, and blades insert downwards to be immersed in fluid.
The fluid is dialectric and therefore non-conductive and 'safe' it won't short out the other servers.
However, it could create a mess. If you have 1 full immersion blade you'll want them all that way.
CPU and all components are immersed in the fluid. The primary danger behind 'leaking' is that the tank runs low and the server or pump starts overheating due to lack of fluid.
Than re-fitting all your racks with some carbon fiber advanced material. Surely cooling with a pumped liquid generates less vibration in the air than having a bunch of high-speed fans in your case.
Maybe this will result in better hard drive performance :)
Maybe so, but Cassandra is sexier, and Voldemort is just plain evil.
Linus torvald IS a big backer. Or was it a big hacker? hmm..... both.
Maybe... but you could be going the NOLO route and filing the patent applications yourself, without the assistance of a lawyer.
What about a shell company that is not required to transfer them, but has a policy of transferring them?
The difference between a training company and most companies, is a training company uses most gear they buy for purposes that it won't be a big catastrophe if the equipment fails.
If the company were an ISP or a big telephone company, or other organization with a 24x7 network that HAS TO WORK, and they always make sure to buy the high-end support contract for all their network gear, to ensure any faulty component can be replaced in hours, not days, their opinion on the matter might be quite different :)
Um... GBICs are not networking gear. They are optical (or copper) connection modules that plug into networking gear.
They are about as much networking gear in themselves as a Cat5 end.
I suppose next we will start seeing a crackdown on genuine Cisco Cat5 plug and fiber MT-RJ connector forgeries?
To the extent 'Cognac' is a generic name, you could call your clone cognac, as long as you are not posing as another brand name of the product.
Due to the nature of the clones, a seller admitting they were cloned would be subject to immediate lawsuit and criminal action for willful infringement of patents and copyrights.
In other words, they are damned if they do, and damned if they don't. The only legal thing they can do is not sell clones at all.
The fact that the real gear is covered by manufacturer warranty and support contract
I'm racking my brain, trying to figure out what all this vibration stuff is about.
Sounds like a bait and switch scam....
The cynic in me says they'll disable the outputs entirely on older boxes, and if you complain, support will tell you it's a problem with your box, go buy the new fancy box that they have finer-grained control over.
What happens when the other outputs are what you use to watch the on demand video, and your TV has no HDMI w/ HDCP input?
I'm sure we'll soon be hearing about concessions like the FCC says it's OK for providers to turn off some ports, such as port 5060 TCP/UDP, port 6667, port 6881, and whatever port Skype uses.
At the same time their pushing their own telephone/VoIP + cable bundle as hard as possible
Time for you to get out of IT, if you think you need to blindly apply every patch marked important, that is an extreme waste.
It doesn't matter what the rating is, if the patch isn't for an issue that effects you, it is not worth the cost in terms of downtime risk and overhead to apply that patch.
Doubly so for non-critical rated issues.
For every patch, you read the security advisories in detail, and determine whether to implement the patch, or design a workaround to prevent the issue from being exploited until the next major upgrade cycle.
Or you may determine that the severity isn't sufficient to warrant patching, even if the rating is important.
"Many times there simply is no benefit to anyone to disclose the bug."
This is sure and utter nonsense.
Second, more vendors doing something similar sometimes would just further invalidate studies of windows security, if you can prove they do.
You see... the mere possibility that their practices may be completely different or inconsistent makes the incidence of vulnerability report numbers useless as a metric.