Yes. It sickes me that Slashdot has followed Phoronix's lead in calling this a Linux bug. It isn't. The bug is in hardware not reporting that it is ASPM (Active State Power Management) capable.
As I understand it, the history of this thing is like:
1. Linux implements ASPM
2. This causes some hardware to fail, because it isn't ASPM capable
3. Linux is fixed to detect if the hardware reports ASPM capability, and doesn't use ASPM if the hardware says it doesn't support that
4. Michael Larabel of Phoronix notices that Linux power consumption has risen on some hardware, calls it a bug in Linux
5. Folks investigate, figure out that some hardware reports no ASPM capability, even though it is ASPM capable, and implement a kernel parameter to force Linux to use ASPM, even if the hardware says it doesn't support it
6. Michael Larabel keeps talking about the Linux power regression writes post after post about how it still hasn't been fixed
7. Someone figures out how Windows detects ASPM support on hardware that doesn't report it, and implements the same heuristic in Linux
8. Now, Slashdot claims the Linux bug has been fixed, even though it wasn't a bug in Linux, and Linux has had a workaround for almost as long as we've known about the issue
Seriously, guys. Bad reporting. This is _not_ what I come to Slashdot for. There are hundreds of sites that will give me half truths, common misconceptions, and the occasional nugget of truth. Strive to be better than those.
I guess that when people are stealing the stuff, that makes it officially valuable. To borrow an old meme: will 2011 be the year of biofuels in the fuel tank?
What worked for me is to do things on my own time, according to my own insights, using the tools that I chose.
Forget about the people who are telling you what to do, and the things they are telling you to do. If it were up to you, what would you do, and how would you do it?
For me, it turns out a lot of the magic is in typing a few words and seeing things happen. I don't like working in languages in which I cannot be productive. I don't enjoy being bogged down by office politics, inertia, and other people's mistakes. Throw all of that away and pick up a language in which you can make your computer do tricks with a few words. Like Ruby. Or Python. Anything with a REPL, really.
Possibly the most important tip for those in similar situations: don't hang around too long if the environment isn't working for you. I spent a lot of time working with tools I didn't like (and that weren't going to improve, due to the whole culture behind them being wrong), until I figured I was wasting my time building a resume for things I wanted to get away from. Figure out what you'd rather be doing, and jump ship as soon as you get a good opportunity to go do that.
So basically they suck. I shouldn't need to tweak my os thread scheduler just so a cpu can suck less. AMD needs to fix their shit instead of lame excuses.
Or, alternatively, the default settings for Windows 7 thread scheduling just aren't optimal for Bulldozer, and therefore not getting the full performance that Bulldozer is capable of.
Just because Windows default settings don't get optimal performance out of it doesn't mean the hardware sucks. It doesn't even mean Windows sucks; after all, you _can_ change the settings so that it performs better.
Question to you: what would you prefer:
A. CPU manufacturers optimize for performance potential
B. CPU manufacturers optimize for what happens to give the best results with the current default settings for some current version of some OS vendor's OS
Looks like you prefer B, but I think A is the better choice.
More than users who won't use strong passphrases, I have a problem with sites that don't allow them. E.g. limiting the password to a maximum of 8 characters, all of which must be alphanumeric. Or requiring that you answer one of a limited number of fixed "security questions".
Slashdot is fun. It reports news which basically doesn't exist. This is just some guy who is on an anti-Microsoft bender and wants to somehow make his ideology meaningful in a world which doesn't really give a shit (if the low Linux uptake has anything to go by).
This is not about Linux. It's about whether or not it is okay for public education institutions (and public institutions in general) to force the public to use a specific commercial product if they wish to partake. Given that there are various alternatives to said commercial product, and given that the government has adopted a policy of using open standards where they exist, I think forcing people to use a proprietary system is not okay. The fact that this system is also more expensive than many of the alternatives makes it even more odious.
His rant is way too emotional for something that the politicians and most parents won't even understand.
The story here is really simple: will we force everybody to pay for the most expensive option, or will we use standards, so that people can choose what they use?
If people refuse to understand that, that's still no reason to take the worse option.
I mean, everyone uses Windows right?
Even if that were the case, it would be irrelevant: if standards were used, then _any_ operating system would be able to participate, including Windows. It's not as if, by going with open standards, you would lock out the users who can now use the system. And that's the whole point: to not lock people out.
But they also made the decision to make life more difficult for themselves by going against the grain and choosing to use something other than Windows (an OS pre-installed on virtually all computers you can buy, so having to buy it yourself is unnecessary).
Now you're blaming the victims. It is not them who are making things more difficult, it is the people who implement systems that will only work with specific other products, rather than going with standards that can be supported anywhere.
One could argue that some fights are worth fighting for, but if so... a small petition from a bunch of geeks with too much emotion and too little tact is likely to not do a damn thing.
You may well be right there, especially considering that the government _officially_ has a policy to use open standards and even to prefer open source software - yet, in many cases, has gone for a proprietary solution without even looking into the alternatives.
On the other hand, it was also a small bunch of geeks who discovered that the voting computers we used to use in the Netherlands weren't reliable, and they were tenacious enough to eventually get them all banned - even though the initial reaction was denial, marginalization, and misinformation. It is a good example of exactly what you're up against if you want to replace a vested commercial interest with the right thing, but it also shows that you _can_ win. But you have to raise awareness, first, and that is what those guys are doing.
I would say that if you're migrating anyway, why not do it right and migrate to PostgreSQL or EnterpriseDB? That may even be an easier transition if you're coming from Oracle, too.
A huge amount of these "security professionals" insist on trashing perfectly good hardware for no apparent reason, it's a complete was of good resources.
Pick one:
1. Spend a few minutes physically destroying perfectly good harddisk worth ~50 USD
2. Spend some more of your time and a lot of computer time scrambling the bits, so that you can sell the disk at whatever people are willing to pay for a second hand harddisk
3. Pass on the disk without making the sensitive data inaccessible, and risk huge damages
I know what I'd do. Swallow the ~50 USD loss and sleep soundly at night.
That's fine if you're building a nuclear power plant's control systems, or an autopilot, but to be blunt, people are happy with Windows because it makes the right compromises for them.
I think this is an important point that deserves reiterating. Different situations call for different trade-offs. In some cases, you will want to pay extra to ensure that your software is correct. In other cases, you will prefer to save on the price of the software and accept some minor annoyances. I think the right question isn't "How do we make all software correct?", but "How do we get people to make better choices when balancing purchase price versus correctness?"
So what the law is actually proposing is a way to punish commercial companies while letting open source developers off.
As far as I know, all commercial software I have worked on has been delivered to the customer with source code, and the customer allowed to do whatever they wanted with that. My understanding is that this is usually the case for custom software, and that the majority of the software industry is about custom software.
I would love to see better security from everyone (open source developers included), but idiotic laws like these wold just drive up costs of development to ridiculous levels.
Why would that be? First of all, we are talking about software developers being held liable. The cost is there, regardless of whether we leave it with the customer, or shift it to the software vendor. Secondly, for software that is under the proposed clause I, liability of the vendor would be limited to what they were originally paid for the software. This means that, at worst, if the software causes damage to the customer equal to or greater than what the vendor asked for the software, then the vendor doesn't get paid. That doesn't sound too unreasonable to me.
Of course, not all software will necessarily fall under clause I, but that's a choice. You can either allow the customer to inspect the source code and disable parts of it, or you can accept higher liability.
What part of this would drive up the cost of development to ridiculous levels?
Yeah, let's drive the cost of software through the roof.
It is not obvious to me that this will happen. For example, simpler programs generally contain fewer flaws, and cost less to develop, too. I've even read claims that optimizing for low cost involves optimizing for a low defect rate, because, ultimately, defects will increase development time and, therefore, cost.
Ultimately, software flaws will cost the customer one way or another, whether they pay to have the flaws eliminated up front, pay for having the flaws fixed later, accept the cost of working with flawed software, or pay for insurance. The question is, given the options, which one do you chose?
Perhaps the problem is that there isn't a clear way to decide up front what the best way to go is. Without knowing in advance how good a job a company is going to do, which flaws the software will contain, how much they will cost you, how much it will cost to have them repaired, or how much you would have to pay to avoid the flaws being created, how do you decide who gets the contract and how much should be spent up front to avoid costs later?
Of course, this problem isn't unique to software. There are probably a couple of time-tested ways to deal with these issues. Also, there probably isn't a one size fits all solution.
We are approaching the point where people and organizations are falling back to pen and paper for keeping important secrets, because they no longer trust their computers to keep them safe.
I see that as a Good Thing. Use complex technology where it helps you. Where it doesn't, keep things simple.
Most people understand the factors that affect security of pen and paper. Understanding what you are doing and what other people can do with that is a big part of security, computer or otherwise.
Another native-as-an-afterthought platform?
on
Intel Drops MeeGo
·
· Score: 1
From the Tizen announcement:
The Tizen application programming interfaces are based on HTML5 and other web standards, and we anticipate that the vast majority of Tizen application development will be based on these emerging standards.
This is what made me not interested in WebOS. IIRC, they added support for native code soon after, but, initially, they pushed it as a HTML+JavaScript platform. We already have that. And I don't want it.
Fortunately, they also write:
For those who use native code in their applications, the Tizen SDK will include a native development kit. We will open the entire Tizen software stack, from the core OS up through the core applications and polished user interfaces.
So, at least, they will support native code, too. Question is, will it be a real Unix-like system like Maemo, or will it be a "forget what you know, here are new APIs to do the same things" deal like Android and WebOS?
The same thing goes for Google: you may not have an account with them, but chances are they have a lot of your e-mail (people you correspond with use Google Mail). Use Google's search engine? They have your queries. If you post to Usenet, they have those posts, too. And I am sure they collect data through ads on non-Google sites, too. It is their stated mission to "Googleâ(TM)s mission is to organize the worldâs information and make it universally accessible", and they're very good at it.
A lot of people don't realize, or vaguely know but don't quite grasp just how much of what they consider private is collected by companies like Google and Facebook. Asking for a copy of what they know about you and receiving several hundred pages in return really drives the point home.
I'm sure I'll get hate for pointing this out, but maybe all these projects are dying because they are pointless? Apple rules the tablet, MSFT the desktop, and the phone is split between Apple and Google. So where is the market they were going to capture?
Of course, if everybody thought like that, Apple would never have gone on to rule the tablet, nor MSFT the desktop, and neither Apple nor Google would be in the phone market. All of these segments were dominated by other vendors before.
So, far from being pointless, projects like Maemo are very interesting, because they have the potential to bring something new (and, in this case, more standard and open) to the scene. That's why it is so sad they have been going nowhere, and that is why we have this story on Slashdot. If it wasn't for that, Meego would just be another unpopular project that nobody cared about. It is interesting because, at least in theory, it could break the grasp of the major vendors.
This is good news. No need to use Flash for presenting what is basically static pages with perhaps an animation here and there. Using HTML will make it more accessible. They mention mobile devices, but this will also help search engines and people with disabilities.
In my opinion, that's the whole point of sites like SlideShare. I mean, we can view presentations just fine without embedding them in a Flash file. And if we wanted to share them on the web, we could have used HTML like everybody else. And then they would actually work and be searchable, too.
So why do they embed the presentations in a Flash file? And why has it taken them so long to make them available as HTML? Probably exactly so that they can disable right-click and downloading - so that viewers have to keep coming to the site, and SlideShare can keep collecting ad revenue.
Strange that there are no examples of right wing hate literature on the list. I mean with the country being overrun by freedom hating liberals and all, you would think the list would consist almost exclusivly of works by "conservative" authors.
You know, the fact that so many companies really seem to be ignoring open source projects like Linux and Coreboot really makes me wonder.
Sure, we support Windows. Yeah, Mac OS X, too. Linux? Never heard of.
UEFI? Got that. Coreboot? Open Firmware? *crickets*
Sometimes, it's almost as if companies pretend that the open technologies do not exist. What gives? Especially given that many of them actually use open source software (often Linux) themselves.
Slashdot Mirror
Yes. It sickes me that Slashdot has followed Phoronix's lead in calling this a Linux bug. It isn't. The bug is in hardware not reporting that it is ASPM (Active State Power Management) capable.
As I understand it, the history of this thing is like:
1. Linux implements ASPM
2. This causes some hardware to fail, because it isn't ASPM capable
3. Linux is fixed to detect if the hardware reports ASPM capability, and doesn't use ASPM if the hardware says it doesn't support that
4. Michael Larabel of Phoronix notices that Linux power consumption has risen on some hardware, calls it a bug in Linux
5. Folks investigate, figure out that some hardware reports no ASPM capability, even though it is ASPM capable, and implement a kernel parameter to force Linux to use ASPM, even if the hardware says it doesn't support it
6. Michael Larabel keeps talking about the Linux power regression writes post after post about how it still hasn't been fixed
7. Someone figures out how Windows detects ASPM support on hardware that doesn't report it, and implements the same heuristic in Linux
8. Now, Slashdot claims the Linux bug has been fixed, even though it wasn't a bug in Linux, and Linux has had a workaround for almost as long as we've known about the issue
Seriously, guys. Bad reporting. This is _not_ what I come to Slashdot for. There are hundreds of sites that will give me half truths, common misconceptions, and the occasional nugget of truth. Strive to be better than those.
I guess that when people are stealing the stuff, that makes it officially valuable. To borrow an old meme: will 2011 be the year of biofuels in the fuel tank?
What worked for me is to do things on my own time, according to my own insights, using the tools that I chose.
Forget about the people who are telling you what to do, and the things they are telling you to do. If it were up to you, what would you do, and how would you do it?
For me, it turns out a lot of the magic is in typing a few words and seeing things happen. I don't like working in languages in which I cannot be productive. I don't enjoy being bogged down by office politics, inertia, and other people's mistakes. Throw all of that away and pick up a language in which you can make your computer do tricks with a few words. Like Ruby. Or Python. Anything with a REPL, really.
Possibly the most important tip for those in similar situations: don't hang around too long if the environment isn't working for you. I spent a lot of time working with tools I didn't like (and that weren't going to improve, due to the whole culture behind them being wrong), until I figured I was wasting my time building a resume for things I wanted to get away from. Figure out what you'd rather be doing, and jump ship as soon as you get a good opportunity to go do that.
I've met lots of geeks and don't have any children, autistic or otherwise.
I'd say that means you're doing it right - but that's just my personal opinion, of course.
So basically they suck. I shouldn't need to tweak my os thread scheduler just so a cpu can suck less. AMD needs to fix their shit instead of lame excuses.
Or, alternatively, the default settings for Windows 7 thread scheduling just aren't optimal for Bulldozer, and therefore not getting the full performance that Bulldozer is capable of.
Just because Windows default settings don't get optimal performance out of it doesn't mean the hardware sucks. It doesn't even mean Windows sucks; after all, you _can_ change the settings so that it performs better.
Question to you: what would you prefer:
A. CPU manufacturers optimize for performance potential
B. CPU manufacturers optimize for what happens to give the best results with the current default settings for some current version of some OS vendor's OS
Looks like you prefer B, but I think A is the better choice.
Strange... here we were expecting the 'net to be abuzz with excitement, and users rushing to the store ... but all we can hear is ... crickets?
XML is like violence: if it doesn't solve the problem, use more!
who cares what the question is, just put in an unguessable answer that you make up
Of course, and that's what I do. But still, it's another attack vector. And I bet many people actually put in easily guessable answers.
More than users who won't use strong passphrases, I have a problem with sites that don't allow them. E.g. limiting the password to a maximum of 8 characters, all of which must be alphanumeric. Or requiring that you answer one of a limited number of fixed "security questions".
Slashdot is fun. It reports news which basically doesn't exist. This is just some guy who is on an anti-Microsoft bender and wants to somehow make his ideology meaningful in a world which doesn't really give a shit (if the low Linux uptake has anything to go by).
This is not about Linux. It's about whether or not it is okay for public education institutions (and public institutions in general) to force the public to use a specific commercial product if they wish to partake. Given that there are various alternatives to said commercial product, and given that the government has adopted a policy of using open standards where they exist, I think forcing people to use a proprietary system is not okay. The fact that this system is also more expensive than many of the alternatives makes it even more odious.
His rant is way too emotional for something that the politicians and most parents won't even understand.
The story here is really simple: will we force everybody to pay for the most expensive option, or will we use standards, so that people can choose what they use?
If people refuse to understand that, that's still no reason to take the worse option.
I mean, everyone uses Windows right?
Even if that were the case, it would be irrelevant: if standards were used, then _any_ operating system would be able to participate, including Windows. It's not as if, by going with open standards, you would lock out the users who can now use the system. And that's the whole point: to not lock people out.
But they also made the decision to make life more difficult for themselves by going against the grain and choosing to use something other than Windows (an OS pre-installed on virtually all computers you can buy, so having to buy it yourself is unnecessary).
Now you're blaming the victims. It is not them who are making things more difficult, it is the people who implement systems that will only work with specific other products, rather than going with standards that can be supported anywhere.
One could argue that some fights are worth fighting for, but if so... a small petition from a bunch of geeks with too much emotion and too little tact is likely to not do a damn thing.
You may well be right there, especially considering that the government _officially_ has a policy to use open standards and even to prefer open source software - yet, in many cases, has gone for a proprietary solution without even looking into the alternatives.
On the other hand, it was also a small bunch of geeks who discovered that the voting computers we used to use in the Netherlands weren't reliable, and they were tenacious enough to eventually get them all banned - even though the initial reaction was denial, marginalization, and misinformation. It is a good example of exactly what you're up against if you want to replace a vested commercial interest with the right thing, but it also shows that you _can_ win. But you have to raise awareness, first, and that is what those guys are doing.
Is Microsoft better than Oracle?
I would say that if you're migrating anyway, why not do it right and migrate to PostgreSQL or EnterpriseDB? That may even be an easier transition if you're coming from Oracle, too.
A huge amount of these "security professionals" insist on trashing perfectly good hardware for no apparent reason, it's a complete was of good resources.
Pick one:
1. Spend a few minutes physically destroying perfectly good harddisk worth ~50 USD
2. Spend some more of your time and a lot of computer time scrambling the bits, so that you can sell the disk at whatever people are willing to pay for a second hand harddisk
3. Pass on the disk without making the sensitive data inaccessible, and risk huge damages
I know what I'd do. Swallow the ~50 USD loss and sleep soundly at night.
That's fine if you're building a nuclear power plant's control systems, or an autopilot, but to be blunt, people are happy with Windows because it makes the right compromises for them.
I think this is an important point that deserves reiterating. Different situations call for different trade-offs. In some cases, you will want to pay extra to ensure that your software is correct. In other cases, you will prefer to save on the price of the software and accept some minor annoyances. I think the right question isn't "How do we make all software correct?", but "How do we get people to make better choices when balancing purchase price versus correctness?"
So what the law is actually proposing is a way to punish commercial companies while letting open source developers off.
As far as I know, all commercial software I have worked on has been delivered to the customer with source code, and the customer allowed to do whatever they wanted with that. My understanding is that this is usually the case for custom software, and that the majority of the software industry is about custom software.
I would love to see better security from everyone (open source developers included), but idiotic laws like these wold just drive up costs of development to ridiculous levels.
Why would that be? First of all, we are talking about software developers being held liable. The cost is there, regardless of whether we leave it with the customer, or shift it to the software vendor. Secondly, for software that is under the proposed clause I, liability of the vendor would be limited to what they were originally paid for the software. This means that, at worst, if the software causes damage to the customer equal to or greater than what the vendor asked for the software, then the vendor doesn't get paid. That doesn't sound too unreasonable to me.
Of course, not all software will necessarily fall under clause I, but that's a choice. You can either allow the customer to inspect the source code and disable parts of it, or you can accept higher liability.
What part of this would drive up the cost of development to ridiculous levels?
Yeah, let's drive the cost of software through the roof.
It is not obvious to me that this will happen. For example, simpler programs generally contain fewer flaws, and cost less to develop, too. I've even read claims that optimizing for low cost involves optimizing for a low defect rate, because, ultimately, defects will increase development time and, therefore, cost.
Ultimately, software flaws will cost the customer one way or another, whether they pay to have the flaws eliminated up front, pay for having the flaws fixed later, accept the cost of working with flawed software, or pay for insurance. The question is, given the options, which one do you chose?
Perhaps the problem is that there isn't a clear way to decide up front what the best way to go is. Without knowing in advance how good a job a company is going to do, which flaws the software will contain, how much they will cost you, how much it will cost to have them repaired, or how much you would have to pay to avoid the flaws being created, how do you decide who gets the contract and how much should be spent up front to avoid costs later?
Of course, this problem isn't unique to software. There are probably a couple of time-tested ways to deal with these issues. Also, there probably isn't a one size fits all solution.
We are approaching the point where people and organizations are falling back to pen and paper for keeping important secrets, because they no longer trust their computers to keep them safe.
I see that as a Good Thing. Use complex technology where it helps you. Where it doesn't, keep things simple.
Most people understand the factors that affect security of pen and paper. Understanding what you are doing and what other people can do with that is a big part of security, computer or otherwise.
From the Tizen announcement:
This is what made me not interested in WebOS. IIRC, they added support for native code soon after, but, initially, they pushed it as a HTML+JavaScript platform. We already have that. And I don't want it.
Fortunately, they also write:
So, at least, they will support native code, too. Question is, will it be a real Unix-like system like Maemo, or will it be a "forget what you know, here are new APIs to do the same things" deal like Android and WebOS?
Completely correct.
The same thing goes for Google: you may not have an account with them, but chances are they have a lot of your e-mail (people you correspond with use Google Mail). Use Google's search engine? They have your queries. If you post to Usenet, they have those posts, too. And I am sure they collect data through ads on non-Google sites, too. It is their stated mission to "Googleâ(TM)s mission is to organize the worldâs information and make it universally accessible", and they're very good at it.
A lot of people don't realize, or vaguely know but don't quite grasp just how much of what they consider private is collected by companies like Google and Facebook. Asking for a copy of what they know about you and receiving several hundred pages in return really drives the point home.
I'm sure I'll get hate for pointing this out, but maybe all these projects are dying because they are pointless? Apple rules the tablet, MSFT the desktop, and the phone is split between Apple and Google. So where is the market they were going to capture?
Of course, if everybody thought like that, Apple would never have gone on to rule the tablet, nor MSFT the desktop, and neither Apple nor Google would be in the phone market. All of these segments were dominated by other vendors before.
So, far from being pointless, projects like Maemo are very interesting, because they have the potential to bring something new (and, in this case, more standard and open) to the scene. That's why it is so sad they have been going nowhere, and that is why we have this story on Slashdot. If it wasn't for that, Meego would just be another unpopular project that nobody cared about. It is interesting because, at least in theory, it could break the grasp of the major vendors.
This is good news. No need to use Flash for presenting what is basically static pages with perhaps an animation here and there. Using HTML will make it more accessible. They mention mobile devices, but this will also help search engines and people with disabilities.
When I go to the site, I'm still getting "Flash Player 9 (or above) is needed to view presentations."
Why? For no good reason then to annoy us I guess.
In my opinion, that's the whole point of sites like SlideShare. I mean, we can view presentations just fine without embedding them in a Flash file. And if we wanted to share them on the web, we could have used HTML like everybody else. And then they would actually work and be searchable, too.
So why do they embed the presentations in a Flash file? And why has it taken them so long to make them available as HTML? Probably exactly so that they can disable right-click and downloading - so that viewers have to keep coming to the site, and SlideShare can keep collecting ad revenue.
Strange that there are no examples of right wing hate literature on the list. I mean with the country being overrun by freedom hating liberals and all, you would think the list would consist almost exclusivly of works by "conservative" authors.
Right, but you wouldn't expect the liberal media conspiracy to report that, now, would you?
Anyone remember the town of Morlaw in the movie Interstate 60?
I find it more impressive to watch the video, but here are some quotes:
http://www.imdb.com/title/tt0165832/quotes?qt0195360
http://www.imdb.com/title/tt0165832/quotes?qt0195361
You know, the fact that so many companies really seem to be ignoring open source projects like Linux and Coreboot really makes me wonder.
Sure, we support Windows. Yeah, Mac OS X, too. Linux? Never heard of.
UEFI? Got that. Coreboot? Open Firmware? *crickets*
Sometimes, it's almost as if companies pretend that the open technologies do not exist. What gives? Especially given that many of them actually use open source software (often Linux) themselves.