If they're trying to invent a universal and perpetual ID-tagging system, 96 bits is too low IMHO. First off, we're not that far off from extra-plantery commercial activity, so the number of atoms on the planet is becoming irrelevant in the long-term view. Here's a more practical starting point: 99.8% of our Solar System's mass is in the Sun, which is roughly 75% hydrogen and 25% helium by mass. Using the known atomic weights and the mass of the sun, it becomes clear that 192 bits can enumerate every atom in the Sun with some margin for error. The remaining 0.2% of mass in the Solar System is small even in terms of mass - but since we counted the first 99.8% as hydrogen and helium atoms (the lightest), and some significant amount of the remaining 0.2% would be heavier elements, the margin of error between atoms in the sun and atoms in the solar system should be even smaller than this.
So, 192-bits, we can comfortably say, can enumerate the atoms in our solar system. Add another, what, like 16 more bits in case we decide to address more-fundamental particles like quarks and gluons and whatnot. We're at 208 bits now. Then remember than a database indexed by a 208-bit random number with no structural information would suck to search - therefore prefix codes will have to be used to classify objects and assign them to various owners and/or databases, which will lead to large wasteage in the number space. Add some headroom to cover this, round up to the nearest power-of-two bitsize, and you arrive at the reasonable number of 256 bits.
Considering that it requires the use of more particles to construct a number in some memory storage device than the number of particles *in* the enumerated things (like, it may well take a few atoms worth of particles to store the number for one tagged atom or whatever), this means that since the current system can address the particles we know of in the solar system, we'd be incapable of assigning all the numbers in the system until we were building storage systems from matter found outside our solar system, which should provide a reasonably huge amount of time to come up with a new system of numbering things.
Back when I used to work at an ISP (like back in 1994), I was a big MCI fan because they were way more reliable than Sprintlink. My bad feelings about them mostly stem from them laying me and my whole department off (I had been there in a development-related position for 4.5 years) when they had some financial troubles due to mismanagement. Makes you think when they whack 100 or so of their brightest employees without blinking to save some cash that their executives blew.
Linux probably has a greater share of the webserver market than anyone else, seeing as Apache is known to have the biggest share and Linux is probably the most-used platform for Apache. To say that 61% of defacements are Linux without stating what percentage of total websites are Linux is misleading.
All operating systems, XP and Linux included, have a variable amount of security, which varies with how persistent and knowledgeable the sysadmins involved are. Linux isn't universally more secure than XP, because there are so many variables involved, mostly at the sysadmin or user level rather than the code level. However, I think it's a fair and rational statement to say that given the same level of security expertise and dedication to security, a person can be considerably more secure in a Linux environment than a Windows one.
The breif linked info page mentions a wireless lan connection, but it never says why it needs it. It seems the laptop inside is doing all the realtime calculations it needs, and WLAN remote computing would probably be too slow for muscle reactions anyways. What's up with the unit having a WLAN connection? And does that limit the user to being near a specific WLAN set up to work with the legs?
1) Acquire funding, you need it 2) Pay IBM Global Services to redo everything in your datacenter, as your ac, ups, network wiring, etc probably suck as bad as your electrical wiring. 3)... 4) Profit!
Seriously, if you have the cash to pay them, I can't recommend IBM Global Services enough, they've done wonderful jobs on datacenter facilities work for me in the past, design through installation. (And no, I've never worked for them and they didn't pay me to say that)
Imagine if the FCC told Cisco and all the ISPs that every IPv4 address had to be portable between every provider, so that customers weren't inconvenienced when they switched. Everyone would say hell no, because it would destroy intelligent heirarchichal routing. The backbone routers would end up needing a flat list of all 4 billion IP addresses and which specific destination to go for each one. Routing CPU usage would increase drastically, and the lookup tables would require what, 8GB of memory at minimum?
Phone numbers used to route heirarchichally too, and it made sense for the equipment and the carriers, but LD and now local carriers are being forced to make this architectural blunder to satisfy consumers and the FCC... blah.
Units can stay powered for up to two months in the field, and can be later collected and re-used. Each node costs around $10,000.
If I were a low-income thug and the US military invaded my country and sprayed the land with these things, I would probably run around and pick them up for resale. They start at 6x4 inches, but then they extend fins and an inflatable antenna, which should make them pretty easy targets to spot. And I bet to foreign military hands, they're worth more than the $10K they cost the US military. All things considered I could probably feed my family for 10 years by picking up 5 of them or so and selling them on the black market.
Oops you're right, the x87 FPU stuff has as it's double extended precision an 80-bit format, which can be chopped down to 64-bits when stored out to memory. The 112-bit I was referring to above is a different double-extended precision, which is actually stored in 128 bits but has an effective precision of 112 (the same way a 32-bit single-precision float has 24-bits of effective precision). The 128/112 format is supported on Sparc, but only the 80/?? (donno what the effective is) is on x87.
Actually it looks like it is intended for 10,000 different things, whatever might make some investors ees flash green. Like all new technologies, you promise they can solve all the world's ails to get development money, then you end up applying your research to a few narrow fields in the real world at the end.
Are you sure all of New Orleans has blackouts for 10-20 minutes once a week? I doubt it being such a major city. More than likely you locally experience blackouts in a much smaller area of New Orleans, and you should be bitching out your power company and/or your complex if you're in an apartment of some kind.
In a downtown apartment in houston, I get on average about one "minor event" every two weeks, a minor event being a brownout for 30 seconds max, or maybe a really quick 1 second blip that's hard to define as black or brownout. Actual power loss for any appreciable amount of time happens maybe once every few months at the most, generally due to a large storm or other natural phenomena. Again, this is my local stuff at my apartment, these things are usually very localized, I haven't heard of any decent-scale blackout in Houston in recent memory other than during storms bad enough to be considered natural disasters or close to it.
"XX-bit" computing actually means more than one thing, and I suspect the different meanings will continue to diverge, such that it will no longer be accurate to describe an overall computing system as having a certain "bitness". Bit-width is used to describe I/O busses, memory busses, processor address space, and processor register precision primarly, with other after-effects that fall out from those.
However, on a modern "32-bit" machine like a dual of the latest Xeon, you already have memory and I/O busses well in excess of 32 bits (64-bit PCI and PCI-X, and ungodly wide memory busses both for the processor and the GPU), and processor address space with PAE that goes to 36-bits (64GB). Really the only thing strictly 32-bit in such a beast is the registers. But wait, actually while the general purpose and segment registers and whatnot are still 32-bit, the modern "32-bit" x86s also have 128-bit mmx and sse registers, and have always had 112-bit floating point since the days of the first x87s (well it's 112 bits of precision in a 128 bit register I think?).
The only big quantum leap from the latest 32-bits to the first 64-bits is just that general purpose registers expand to 64 bits of width (or precision if you will), and address space can go beyond 4G without using funny extensions, to limits beyond our wildest dreams for now. Doubling the bit-width of an address space squares it's size, so you're talking the next address-space limit is 4GB^2, which is a crapload. But other than that, your xmms player right now can do 128-bit calculations on 128-bit registers to and from 64+ bit I/O and memory interfaces in a 36-bit address space environment on your "32-bit" processor:)
In real, actual, factual terms, saying that the most current release of Apache is secure because of all the reasons I outlined above carries far more real weight than any certification company can provide.
However, you are on the nose that a PHB would rather see an audit from an individual company. I guess it comes down to whether you want to bow down to the man and do what your PHB says regardless of how braindead it is, or you're willing to stand up to your PHB and educate them on the science and reality of computing.
You didn't even come close to a biting response. You should have mention that the US government and the CIA actually directly funded the Taliban and Al'Queda, and helped to educate their trainers for the training camps in effective terrorism methods. This took place when the US government considered militant afghani muslim terrorists a good weapon to point at the former USSR. We also backed (funds, weapons, training, again) Saddam's regime in Iraq, when we desired to use them against Iran. Now both countries have since become prime enemies.
In this larger view, we have only reaped what we have sown when it comes to the recent al'queda terrorism. However, my response was in the short view, to a question of short view. He said the Taliban government presented no immediate threat to the US at the time, when in fact they did.
The Taliban was a horrible regime, but they were not a threat in any way to the immediate security of the US.
Um, yeah... harboring a leading world terrorist, funding him, popularizing him with your people through state-controller religion, allowing him to host large training camps... all of which contributed very greatly to his ability to launch attacks against a US naval ship, two embassies, and the world trade center twice... no, they weren't a US threat at all, they're just another world government trying to get by on this crazy planet.
Open Source projects have all the benefits of that sort of analysis built into the process already. Since the source is out there for anyone to analyze any way they see fit (source analysis, or external analysis of compiled binaries or running software), if the package has any interest from legitimate users, it tends to have interest from both white and black hack security analysis.
Generally the greater the end-user interest, the great the security analysis interest. The black hats of course follow that trend because the most widely-deployed packages are the ones for which holes are most useful. The white hats do it because finding and fixing problems in a package with a wider audience nets a wider recognition of their talents, and they seem to thrive on recognition. The only real difference is that the white hats tend to tell the develop first and/or offer a patch simultaneous to public disclosure, while the black hats tend to exploit it in private for a bit and share with their groupies until revelation is virtually inevitable, and then rush to publish before any of their peers do (again, for recognition).
Of course the same model applies to closed projects, but the difference is that only external analysis can be done, unless you're a paid Red Team with access to the proprietary source. Therefore it's arguable that OSS is the winner here with a wide array of disparate Red Teams working for us, whereas the proprietary software company has to pay a single or small hundful of them and hope that those select individuals can equal the analytical power we have in our masses.
Mathematics for the Million - Lancelot Hogben ISBN: 0-393-31071-X (This ISBN is from a 1993 printing of the 4th (last I believe) edition, originally published in 1895. The first edition was circa 1862).
This book is hands down one of the best adult math texts around, as shown by how it has endured over time. It covers all the practical branches of math one should know including calculus, and starts out at a very basic level. Throughout it explains the real meaning of the math, this is not a fact memorization book at all.
Also, if you're further interested in calculus, I'd recommend:
Calculus Made Easy - Silvanus P. Thompson and Martin Gardner ISBN: 0-312-18548-0 (Original by Thompson was from 1851, the ISBN here is an updated version (by Martin Gardner) published in 1998).
Covers (again, with real explanations, not memorization of facts) the real meaning and understanding of calculus, both differential and integral.
Surely someone with sufficient know-how should be able to make his own batches in his basement though right? What do you really need for raw material? Wood pulp, cotton fibers, and whatever they use for red and blue fibers (dyed cotton??). Whatever it is, I doubt you can stop people from making their own.
In a case like linksys, where let ssay they've made a change to iptables and used the modified iptables in a commercial product, they are not obligated to redistribute their changes to the public. They are only required to give the changed source code to actual customers who bought the commercial product, and only if they ask for it. However, they must give it to said customers under the terms of the GPL.
So the net result is, they are not required to put their iptables source code diffs up for public grabs under the GPL. However, if you purchase a product of theirs which contains the modified binaries, you have a right to demand the iptables source code diffs from them under the GPL, and once you receive your diffs, you have the legal right under the GPL to post them to the public yourself. Because a company like LinkSys should be able to see that a customer will eventually do this anyways, they generally just give it up to the public to begin with, but technically, they don't have to do it themselves. They can wait and see if any customers actually do it or not.
Slashdot Mirror
If they're trying to invent a universal and perpetual ID-tagging system, 96 bits is too low IMHO. First off, we're not that far off from extra-plantery commercial activity, so the number of atoms on the planet is becoming irrelevant in the long-term view. Here's a more practical starting point: 99.8% of our Solar System's mass is in the Sun, which is roughly 75% hydrogen and 25% helium by mass. Using the known atomic weights and the mass of the sun, it becomes clear that 192 bits can enumerate every atom in the Sun with some margin for error. The remaining 0.2% of mass in the Solar System is small even in terms of mass - but since we counted the first 99.8% as hydrogen and helium atoms (the lightest), and some significant amount of the remaining 0.2% would be heavier elements, the margin of error between atoms in the sun and atoms in the solar system should be even smaller than this.
So, 192-bits, we can comfortably say, can enumerate the atoms in our solar system. Add another, what, like 16 more bits in case we decide to address more-fundamental particles like quarks and gluons and whatnot. We're at 208 bits now. Then remember than a database indexed by a 208-bit random number with no structural information would suck to search - therefore prefix codes will have to be used to classify objects and assign them to various owners and/or databases, which will lead to large wasteage in the number space. Add some headroom to cover this, round up to the nearest power-of-two bitsize, and you arrive at the reasonable number of 256 bits.
Considering that it requires the use of more particles to construct a number in some memory storage device than the number of particles *in* the enumerated things (like, it may well take a few atoms worth of particles to store the number for one tagged atom or whatever), this means that since the current system can address the particles we know of in the solar system, we'd be incapable of assigning all the numbers in the system until we were building storage systems from matter found outside our solar system, which should provide a reasonably huge amount of time to come up with a new system of numbering things.
It isn't all that wierdly difficult to port *nix software over to Plan 9, get porting
I haven't touched plan 9 since back around 1996 or so, but back then it shipped with a browser called Mothra I believe.
Back when I used to work at an ISP (like back in 1994), I was a big MCI fan because they were way more reliable than Sprintlink. My bad feelings about them mostly stem from them laying me and my whole department off (I had been there in a development-related position for 4.5 years) when they had some financial troubles due to mismanagement. Makes you think when they whack 100 or so of their brightest employees without blinking to save some cash that their executives blew.
Telemetry of what? On a lab test model sure, but on the final product?
Linux probably has a greater share of the webserver market than anyone else, seeing as Apache is known to have the biggest share and Linux is probably the most-used platform for Apache. To say that 61% of defacements are Linux without stating what percentage of total websites are Linux is misleading.
All operating systems, XP and Linux included, have a variable amount of security, which varies with how persistent and knowledgeable the sysadmins involved are. Linux isn't universally more secure than XP, because there are so many variables involved, mostly at the sysadmin or user level rather than the code level. However, I think it's a fair and rational statement to say that given the same level of security expertise and dedication to security, a person can be considerably more secure in a Linux environment than a Windows one.
The breif linked info page mentions a wireless lan connection, but it never says why it needs it. It seems the laptop inside is doing all the realtime calculations it needs, and WLAN remote computing would probably be too slow for muscle reactions anyways. What's up with the unit having a WLAN connection? And does that limit the user to being near a specific WLAN set up to work with the legs?
1) Acquire funding, you need it
2) Pay IBM Global Services to redo everything in your datacenter, as your ac, ups, network wiring, etc probably suck as bad as your electrical wiring.
3)
4) Profit!
Seriously, if you have the cash to pay them, I can't recommend IBM Global Services enough, they've done wonderful jobs on datacenter facilities work for me in the past, design through installation. (And no, I've never worked for them and they didn't pay me to say that)
I give WorldCom a big fat F too, right up their asses, they suck.
Imagine if the FCC told Cisco and all the ISPs that every IPv4 address had to be portable between every provider, so that customers weren't inconvenienced when they switched. Everyone would say hell no, because it would destroy intelligent heirarchichal routing. The backbone routers would end up needing a flat list of all 4 billion IP addresses and which specific destination to go for each one. Routing CPU usage would increase drastically, and the lookup tables would require what, 8GB of memory at minimum?
Phone numbers used to route heirarchichally too, and it made sense for the equipment and the carriers, but LD and now local carriers are being forced to make this architectural blunder to satisfy consumers and the FCC... blah.
If I were a low-income thug and the US military invaded my country and sprayed the land with these things, I would probably run around and pick them up for resale. They start at 6x4 inches, but then they extend fins and an inflatable antenna, which should make them pretty easy targets to spot. And I bet to foreign military hands, they're worth more than the $10K they cost the US military. All things considered I could probably feed my family for 10 years by picking up 5 of them or so and selling them on the black market.
Oops you're right, the x87 FPU stuff has as it's double extended precision an 80-bit format, which can be chopped down to 64-bits when stored out to memory. The 112-bit I was referring to above is a different double-extended precision, which is actually stored in 128 bits but has an effective precision of 112 (the same way a 32-bit single-precision float has 24-bits of effective precision). The 128/112 format is supported on Sparc, but only the 80/?? (donno what the effective is) is on x87.
Actually it looks like it is intended for 10,000 different things, whatever might make some investors ees flash green. Like all new technologies, you promise they can solve all the world's ails to get development money, then you end up applying your research to a few narrow fields in the real world at the end.
Are you sure all of New Orleans has blackouts for 10-20 minutes once a week? I doubt it being such a major city. More than likely you locally experience blackouts in a much smaller area of New Orleans, and you should be bitching out your power company and/or your complex if you're in an apartment of some kind.
In a downtown apartment in houston, I get on average about one "minor event" every two weeks, a minor event being a brownout for 30 seconds max, or maybe a really quick 1 second blip that's hard to define as black or brownout. Actual power loss for any appreciable amount of time happens maybe once every few months at the most, generally due to a large storm or other natural phenomena. Again, this is my local stuff at my apartment, these things are usually very localized, I haven't heard of any decent-scale blackout in Houston in recent memory other than during storms bad enough to be considered natural disasters or close to it.
Wasn't there a slashdot story recently about some guys that made an eletrical supply that ran off of sugar in human blood, intended for implants?
"XX-bit" computing actually means more than one thing, and I suspect the different meanings will continue to diverge, such that it will no longer be accurate to describe an overall computing system as having a certain "bitness". Bit-width is used to describe I/O busses, memory busses, processor address space, and processor register precision primarly, with other after-effects that fall out from those.
:)
However, on a modern "32-bit" machine like a dual of the latest Xeon, you already have memory and I/O busses well in excess of 32 bits (64-bit PCI and PCI-X, and ungodly wide memory busses both for the processor and the GPU), and processor address space with PAE that goes to 36-bits (64GB). Really the only thing strictly 32-bit in such a beast is the registers. But wait, actually while the general purpose and segment registers and whatnot are still 32-bit, the modern "32-bit" x86s also have 128-bit mmx and sse registers, and have always had 112-bit floating point since the days of the first x87s (well it's 112 bits of precision in a 128 bit register I think?).
The only big quantum leap from the latest 32-bits to the first 64-bits is just that general purpose registers expand to 64 bits of width (or precision if you will), and address space can go beyond 4G without using funny extensions, to limits beyond our wildest dreams for now. Doubling the bit-width of an address space squares it's size, so you're talking the next address-space limit is 4GB^2, which is a crapload. But other than that, your xmms player right now can do 128-bit calculations on 128-bit registers to and from 64+ bit I/O and memory interfaces in a 36-bit address space environment on your "32-bit" processor
Such a game has existed for a long time now:
www.project-entropia.com
In real, actual, factual terms, saying that the most current release of Apache is secure because of all the reasons I outlined above carries far more real weight than any certification company can provide.
However, you are on the nose that a PHB would rather see an audit from an individual company. I guess it comes down to whether you want to bow down to the man and do what your PHB says regardless of how braindead it is, or you're willing to stand up to your PHB and educate them on the science and reality of computing.
You didn't even come close to a biting response. You should have mention that the US government and the CIA actually directly funded the Taliban and Al'Queda, and helped to educate their trainers for the training camps in effective terrorism methods. This took place when the US government considered militant afghani muslim terrorists a good weapon to point at the former USSR. We also backed (funds, weapons, training, again) Saddam's regime in Iraq, when we desired to use them against Iran. Now both countries have since become prime enemies.
In this larger view, we have only reaped what we have sown when it comes to the recent al'queda terrorism. However, my response was in the short view, to a question of short view. He said the Taliban government presented no immediate threat to the US at the time, when in fact they did.
n/t
Um, yeah... harboring a leading world terrorist, funding him, popularizing him with your people through state-controller religion, allowing him to host large training camps... all of which contributed very greatly to his ability to launch attacks against a US naval ship, two embassies, and the world trade center twice... no, they weren't a US threat at all, they're just another world government trying to get by on this crazy planet.
Open Source projects have all the benefits of that sort of analysis built into the process already. Since the source is out there for anyone to analyze any way they see fit (source analysis, or external analysis of compiled binaries or running software), if the package has any interest from legitimate users, it tends to have interest from both white and black hack security analysis.
Generally the greater the end-user interest, the great the security analysis interest. The black hats of course follow that trend because the most widely-deployed packages are the ones for which holes are most useful. The white hats do it because finding and fixing problems in a package with a wider audience nets a wider recognition of their talents, and they seem to thrive on recognition. The only real difference is that the white hats tend to tell the develop first and/or offer a patch simultaneous to public disclosure, while the black hats tend to exploit it in private for a bit and share with their groupies until revelation is virtually inevitable, and then rush to publish before any of their peers do (again, for recognition).
Of course the same model applies to closed projects, but the difference is that only external analysis can be done, unless you're a paid Red Team with access to the proprietary source. Therefore it's arguable that OSS is the winner here with a wide array of disparate Red Teams working for us, whereas the proprietary software company has to pay a single or small hundful of them and hope that those select individuals can equal the analytical power we have in our masses.
Mathematics for the Million - Lancelot Hogben
ISBN: 0-393-31071-X
(This ISBN is from a 1993 printing of the 4th (last I believe) edition, originally published in 1895. The first edition was circa 1862).
This book is hands down one of the best adult math texts around, as shown by how it has endured over time. It covers all the practical branches of math one should know including calculus, and starts out at a very basic level. Throughout it explains the real meaning of the math, this is not a fact memorization book at all.
Also, if you're further interested in calculus, I'd recommend:
Calculus Made Easy - Silvanus P. Thompson and Martin Gardner
ISBN: 0-312-18548-0
(Original by Thompson was from 1851, the ISBN here is an updated version (by Martin Gardner) published in 1998).
Covers (again, with real explanations, not memorization of facts) the real meaning and understanding of calculus, both differential and integral.
Surely someone with sufficient know-how should be able to make his own batches in his basement though right? What do you really need for raw material? Wood pulp, cotton fibers, and whatever they use for red and blue fibers (dyed cotton??). Whatever it is, I doubt you can stop people from making their own.
who cares (well, besides you)
In a case like linksys, where let ssay they've made a change to iptables and used the modified iptables in a commercial product, they are not obligated to redistribute their changes to the public. They are only required to give the changed source code to actual customers who bought the commercial product, and only if they ask for it. However, they must give it to said customers under the terms of the GPL.
So the net result is, they are not required to put their iptables source code diffs up for public grabs under the GPL. However, if you purchase a product of theirs which contains the modified binaries, you have a right to demand the iptables source code diffs from them under the GPL, and once you receive your diffs, you have the legal right under the GPL to post them to the public yourself. Because a company like LinkSys should be able to see that a customer will eventually do this anyways, they generally just give it up to the public to begin with, but technically, they don't have to do it themselves. They can wait and see if any customers actually do it or not.