No, I did not read all your books, but I'll compensate by stating I'm twice fan of your X=(a/nt)^h serie. Twice, because I read them all both in french and english, when possible.
And your novels are standing out into the american sci-fi crowd, because they are really as funny and pun-ridden in both languages !!! Er, well, actually they are even funnier in french, but I have a cultural bias, as french is my mother thongue. So, kudos to you and your translator(s) !
I'm really wondering of what kind of hoops did you did had to go through to:
convince your editor to translate you books ? (probably none)
make sure that the X=(a/nt)^h punniest facets will get through ?
Another serious question: switching to Linux always pose the problem of file exchange with boring third-parties, like colleagues, editor, etc. Are you just using plain text for that matter or the edition word is more open than we think ? What's your favorite(s) tool(s)/file format(s) for your business ?
By the way, which language(s) do you speak/write/pun ?
Well,/. has never advertised to be the top-notch advisory source you wants to connect to... They have a lot of claims, but not that one indeed.
Generally, if you really are a security admin, you look at bugtrak, etc.etc.
OTOH, sorry for the Mozilla/Netscape mistake: you are damn right.
And no, this is not all it does: I did forget to mention it infected unpatched apache servers didn't I ? So I probably forgot a lot more;->
Good news guys, if we manage to trigger a nuclear winter, it will only take 1.4 millions years to have forests back instead of 10 !
...Plan accordingly for the food into your nuclear shelter guys.
AIX and shared libraries nightmare
on
Pet Bugs?
·
· Score: 1
I do not remember the AIX version it was (3.x or 4.x, x<2), but when you used shared libraries, it was mandatoy to 'rm' the old version. If you dared to 'mv' it, the system insisted of using the old version until you 'rm'ed it or rebooted the machine.
And NO it was not because the shared library was not unloaded or still open...
We wasted two weeks on this one, unable to fix a bug that was fixed in the source code, but not willing to dissapear until the test server crashed...
Just try to guess the amount of cursing/hair tearing/head banging we did.
But the funniest thing was that customers where telling us that everything was OK, but we were not able to reproduce the correction !!!
Aside of the obvious American-Oriented "Let's sue" approach, they are mssing some points in the article.
Software will forever be more complicated than anything else we are trying to build. Read the "Mythical Man month", written about twenty years ago. Software cannot easily be put into blue print, software does not fit into flow diagrams...
Just think as software as a state automaton: to properly test any software, you have to test its behavior against every possible input.
Useless to say that when your code base amounts to more than a dozen lines, the number of possible states of your automaton is...simply to big to understand. I'm not talking millions of lines here.
To propely test software, you have to bridge the gap between the assembly code: where a few lines of code can more or less easily be described into some state automaton, and high-level code when adding a few lines of code will add a tremendous amount of test cases. And do not let any consultant/quality whatever convince you otherwise. The only real value of software is simple to define: if its quality can overcome it drawbacks, then go for it. Do not ask for the impossible.
If you try to put lawyers into there, you'll just put developpment to a grinding halt, because up to now, there is no reasonnable way to code safely and to test everything. Will it be bad or not: well, I don't think it's going to happen, because on the other hand, when software do works, then it's so usefull. Try to leave without using software: forget about using a bank, a phone...
I'm rather hoping for a mid-term solution, where software customer will become reasonnable and stop to ask for more, but instead for better. My favorite is the Di....t sentence: "we want a bigger, nuclear power plant, but without too much radiations...unless it gives us X-ray vision"
Maybe the fact that software will eventually become unmanageable and bloated will force the latter on us;-)
As Cliff said, they just have to ship you something that writes to a floopy, and that's it.
LAst time I did upgrade my laptop, I just downloaded an exec that created a bootable floppy and...
Of course, the DOS on that diskette was some custom version.
Do not woory, it's just another MS-trick to make you believe that the command-line is dead.
Something that is specified into the vnc documentation is that using a flat-color background will improve the performance.
But I agree : vnc is a lot more efficient on *NIX that on NT...
And as for security, someone mentionned, there is not so much encryption with vnc. At least, the vnc password is not sent in cleartext on the wire, but after that every keystrokes goes as it is into an udp packet.
But I'm using VNC through a VPN tunnel to work from home, and since the generated network traffic is relatively light-weight, it's working pretty well to control *NIX-based hosts...
Hey, wake up, those guys are just comparing stuff that should'nt in the first place !
I mean, those guys are comparing a full-fledged RAD/IDE/object model/whatever with g++, only a compiler. Well, not only, but g++/libg++ are quite independant from each other.
I mean, into developpment, having a _decent_ editor is not an option, not mentionning other mundane things like class-browsing capabilities, etc, etc... Yet another corporate lets-mix-everything-up-to-make-money-from-thin-air plan.
Not that their stuff is not great, but this white paper is comparing a engine with a full-fleged car, and telling you without shame that the latter is easier to drive: ARF, ARF, ARF !!!
Well as for the single-point-of-failure for the host computer, you _are_ right.
Another problem of course is the PCI bus speed, as someone already mentionned : if you are using some !gb/s link between the machines, that will allow you to deliver data much faster.
But... wait ! if that's going through a PCI bus anyway...
Hey, can some hardware people invent a _true_ bus, because we _are_ lacking something there.
But that kind of solution might interest people wants to do more with less space... If they are ready to pay the price.
All in all I'm not sure it's that interesting. Do someone have some benchmarking about that ???
Because if that's about network topology, with only one switch acting as a router, you're pretty much limited to one single Vlan/(subnet ?) if you don't want to cross the 'switch boundary'...
AFAIK, that's not much of a topologycal problem;-)
Or maybe some simulation of using your software showed that this was the typical test configuration, and that you will need routing just in 1/4 of your cases. I doubt it, though.
Another thing : I'm part of the administration team running a cluster about the same size than yours (and certainly using less floor space !).
Our architecture is the following : instead of having a small number of huge beasts, we have a network tree that is only three level deep, with computer/processor at the bottom layer, smaller switches having to handle only a reduced set of machines, and a core switch/router connected to everybody with 1Gb/s (full-duplex) at the top.
Did you do some cost studies about network architecture, because I'm under the impression that our solution is less expensive and will at the same time assure a better bandwidth ditribution.
But again, your objectives are probably different than ours, and it's just an impression.
Those guys just bought those 4 huge 6509C Cisco switches for big bucks.
I assume that One is acting as the main router, and the other are using it. I assume also that the switches are interconnected with 2x1Gb/s fibers, probably full-duplex and load/sharing above the two links.
What surprises me is that those switch fabric supports up to 256Gb/s bandwidth, but they are just connected with 2Gb/s links : talk about some bottlnecks here...
Telecom business - international company with 100.000 people (you can see the name of the company in the adds...)
We have a research site, 1700 people working here,
around 4000 machines.
Amongst them, we have 300 "repertoried" linux cpus, with around 80 desktop and some servers. But apparently this will soon ramp up.
my.2 cents.
Well well, it's not because you are [not] paranoid that they are not after you...
From a professional experience, I tend to agree with the conclusions of the article.
Even if their main point is more:
"how to use statistics methods to predict intrusion attempt"
than
let's demonstrate the aggressivity of our beloved blasthat community.
But to get back to my experience, we sat up a firewall between our intranet and some inter-universities research network. The outcome was pretty scary.
The box was first connected to the external research net (and internet through it). We did not set up the DNS configuration before three week
It took about only two days to reach "cruising scan speed".
In fact, having a dns existence did not change the things very much. Right now, our probe rate is about 5000/7000 DENY packets per week.
And yes, our box is responding to icmp echo, but not forward...
Well, I did put `>` characters into my prompt until a spurious copy-paste trashed an important file because the middle-button paste somehow made the shell to redirect garbage into a real file...
DO NOT EVER use > in your prompt, or it will bite you one day. And do not tell me you never did such a mistake...
This is really sounding like a loch-ness article : they had some content to give, so unearthed a freak ranting against PDA.
Some common observation :
people have been complaining since Socrate that the new generation are getting less polite,educated, etc... But I'll bet that trying to be Leonard the Vinci today will really really more difficult than during the renewal...
each time a new technology hits the market, a mass movment of people scared by the unknown is going to find evidence that the new thing is harmfull, and especially for the brain. Remember reading people arguing that because of their lack of precision (finite-precision arythmetic), computer will be useless.
This article has a strong smell of urban legend. As for scientific evidences, the number of people they report is laughable.
It is not even coherent on itself : on one part, it states the risk of loosing your memory because you are not exercising it, and right after that it complains about the information overload (buzzword) and what damage it may cause.
And the poor lady that downloaded his memory into his pda, she is probably lacking some feedback loop. Because if I start to loose my memory like this, I will try do to something before loosing my work.
When I did had not time any more to play RPG, I stayed subscribed to one RPG magazine just for the fun of reading the scenarios and games description.
Reading a good scenario for me is exactly like reading a good book : what's interesting is to see the scenario creator's mind at work, and because RPG is so close to storytelling.
Another thing is : playing doom, quake, fps just for the sheer fun of exploring an unknown world and for the sightseeing pleasure. Granted, it might wear out quickly, but I'm not so sure it wears out more quickly than playing the games itself.
I remember some user-created doom wad that really created some breath-taking sight, especially when it came to wicked architecture with platform hanging in mid-air, bottomless pits and neverending slopes.
Those powerful 3-D games/rendering platform are really nice playground for apprentice gods/architects.
Since one fiscal year, here, in Quebec, everyone that gets the government tax funding for childrens has the right to claim :
- 500 CA$ rebate on a brand new complete system (at least the box + a screen +...)
- 16$/month rebate for a 24-month subscription to a government-approved ISP (means that the ISP has to be a Quebec company, whatever that means).
I do think it's about time governments start thinking helping someone else that big corporations.
The offer helds until march this year, and I do not know if they mean to carry on with it.
Q1 : Would you trust your money to an open-source bank ?
A1 : No.
Hell, I hate banks : they always display the most astounding financial results, while complaining about the economy and laying off as much people as they can.
Do you really think that they will open-source their inner systems : unlikely. Firstly because they largely prefer security by obscurity, and secondly because I doubt the open source community will manage to do something usefull with their base of mainframe-based COBOL code. Sure, their web infrastructure will be all unix/win as it can be, but the account will reside on some real safe system.
But as for their integration software, as they pointed into the article, that will be profitable for them and their clients to have that part of the code improved by the global community : that's just another way of drawing on the global ressources.
Worst, they might just tell their clients : our integration software is open sourced, hire some hacker and do not bother us again.
OK,OK Guys, you are right, but, as usual, it depends of the point of view.
From the language designer perspective, TeX did not change (and Knuth Rules, of course : one of my favorite dream is to buy his "Art..." books and have enough time to study them properly, and toroughly).
...But from the user perspective, who really used naked TeX, without LaTeX or anything helping ? Better admit that you use vi to directly write postscript files to you favorite printer.
That's what I meant about evolving : once the niche your software is filling (the user needs)grows, disappear or mutate, you will have to change it.
TeX is extremely good at laying out 2-D pages, but what will it do if 3-D representation begins to be commonplace : someone will have to extract the ideas in it (hopefully the code) and adapt it to the new reality.
Sorry to dampen our enthousiams, but the first or second law of thermodynamics prevent this. In substance it says that you cannot do it, because you will create heat in the process anyway.
It's dead ! Nobody use it anymore, the only hardware able to run it rusts in some remote museum.
I have to admit that the sheer concept of finished software is alien to me : how can you think of something finished when everything else is evolving ? I'm pretty sure that even the so-called "livings fossils" have maybe barely evolved, but have evolved a bit nonetheless.
But maybe that was some of the famous LW second-order jokes;-)
By the way, the moderators are really awake this morning : 33 posts only in that story, 26 moderated down : is/. suffering from a over-crowd of mods ?
Slashdot Mirror
No, I did not read all your books, but I'll compensate by stating I'm twice fan of your X=(a/nt)^h serie. Twice, because I read them all both in french and english, when possible.
And your novels are standing out into the american sci-fi crowd, because they are really as funny and pun-ridden in both languages !!! Er, well, actually they are even funnier in french, but I have a cultural bias, as french is my mother thongue. So, kudos to you and your translator(s) !
I'm really wondering of what kind of hoops did you did had to go through to:
Another serious question: switching to Linux always pose the problem of file exchange with boring third-parties, like colleagues, editor, etc. Are you just using plain text for that matter or the edition word is more open than we think ? What's your favorite(s) tool(s)/file format(s) for your business ?
By the way, which language(s) do you speak/write/pun ?
Well, /. has never advertised to be the top-notch advisory source you wants to connect to... They have a lot of claims, but not that one indeed.
Generally, if you really are a security admin, you look at bugtrak, etc.etc.
OTOH, sorry for the Mozilla/Netscape mistake: you are damn right.
And no, this is not all it does: I did forget to mention it infected unpatched apache servers didn't I ? So I probably forgot a lot more ;->
For those of you that like the horror stories, are some excerpt of # strings .a (of the linux version of course).
(snip)- r00t your box
- send e-mail
- do DOS
- fake beeing mozilla or lynx
Hey apache admin abroad: wake up !Good news guys, if we manage to trigger a nuclear winter, it will only take 1.4 millions years to have forests back instead of 10 !
...Plan accordingly for the food into your nuclear shelter guys.
I do not remember the AIX version it was (3.x or 4.x, x<2), but when you used shared libraries, it was mandatoy to 'rm' the old version. If you dared to 'mv' it, the system insisted of using the old version until you 'rm'ed it or rebooted the machine.
And NO it was not because the shared library was not unloaded or still open...
We wasted two weeks on this one, unable to fix a bug that was fixed in the source code, but not willing to dissapear until the test server crashed...
Just try to guess the amount of cursing/hair tearing/head banging we did.
But the funniest thing was that customers where telling us that everything was OK, but we were not able to reproduce the correction !!!
Software will forever be more complicated than anything else we are trying to build. Read the "Mythical Man month", written about twenty years ago. Software cannot easily be put into blue print, software does not fit into flow diagrams...
Just think as software as a state automaton: to properly test any software, you have to test its behavior against every possible input. Useless to say that when your code base amounts to more than a dozen lines, the number of possible states of your automaton is ...simply to big to understand. I'm not talking millions of lines here.
To propely test software, you have to bridge the gap between the assembly code: where a few lines of code can more or less easily be described into some state automaton, and high-level code when adding a few lines of code will add a tremendous amount of test cases. And do not let any consultant/quality whatever convince you otherwise. The only real value of software is simple to define: if its quality can overcome it drawbacks, then go for it. Do not ask for the impossible.
If you try to put lawyers into there, you'll just put developpment to a grinding halt, because up to now, there is no reasonnable way to code safely and to test everything. Will it be bad or not: well, I don't think it's going to happen, because on the other hand, when software do works, then it's so usefull. Try to leave without using software: forget about using a bank, a phone...
I'm rather hoping for a mid-term solution, where software customer will become reasonnable and stop to ask for more, but instead for better. My favorite is the Di....t sentence: "we want a bigger, nuclear power plant, but without too much radiations...unless it gives us X-ray vision"
Maybe the fact that software will eventually become unmanageable and bloated will force the latter on us ;-)
OOoops
downlink : max 300kbs/avg 100kbs/min 0kbs ;)
uplink : max 12kbs (as per agreement)
cost : around 40$/month.
By the way, do not be surprised it's the same everywhere in canada, this is because of a ruling of the government/local FCC equivalent.
To summarize, in canada, if someone gets BB access at more than 40$, that's somewhat illegal...
Do not woory, it's just another MS-trick to make you believe that the command-line is dead.
But I agree : vnc is a lot more efficient on *NIX that on NT...
And as for security, someone mentionned, there is not so much encryption with vnc. At least, the vnc password is not sent in cleartext on the wire, but after that every keystrokes goes as it is into an udp packet.
But I'm using VNC through a VPN tunnel to work from home, and since the generated network traffic is relatively light-weight, it's working pretty well to control *NIX-based hosts...Hey, wake up, those guys are just comparing stuff that should'nt in the first place !
I mean, those guys are comparing a full-fledged RAD/IDE/object model/whatever with g++, only a compiler. Well, not only, but g++/libg++ are quite independant from each other.I mean, into developpment, having a _decent_ editor is not an option, not mentionning other mundane things like class-browsing capabilities, etc, etc... Yet another corporate lets-mix-everything-up-to-make-money-from-thin-air plan.
Not that their stuff is not great, but this white paper is comparing a engine with a full-fleged car, and telling you without shame that the latter is easier to drive: ARF, ARF, ARF !!!
Nice try, though...
Another problem of course is the PCI bus speed, as someone already mentionned : if you are using some !gb/s link between the machines, that will allow you to deliver data much faster.
But... wait ! if that's going through a PCI bus anyway... Hey, can some hardware people invent a _true_ bus, because we _are_ lacking something there.But that kind of solution might interest people wants to do more with less space... If they are ready to pay the price.
All in all I'm not sure it's that interesting. Do someone have some benchmarking about that ???
What do you means by "topology" ?.
Because if that's about network topology, with only one switch acting as a router, you're pretty much limited to one single Vlan/(subnet ?) if you don't want to cross the 'switch boundary'... AFAIK, that's not much of a topologycal problemOr maybe some simulation of using your software showed that this was the typical test configuration, and that you will need routing just in 1/4 of your cases. I doubt it, though.
Another thing : I'm part of the administration team running a cluster about the same size than yours (and certainly using less floor space !).
Our architecture is the following : instead of having a small number of huge beasts, we have a network tree that is only three level deep, with computer/processor at the bottom layer, smaller switches having to handle only a reduced set of machines, and a core switch/router connected to everybody with 1Gb/s (full-duplex) at the top.Did you do some cost studies about network architecture, because I'm under the impression that our solution is less expensive and will at the same time assure a better bandwidth ditribution.
But again, your objectives are probably different than ours, and it's just an impression.
I assume that One is acting as the main router, and the other are using it. I assume also that the switches are interconnected with 2x1Gb/s fibers, probably full-duplex and load/sharing above the two links.
What surprises me is that those switch fabric supports up to 256Gb/s bandwidth, but they are just connected with 2Gb/s links : talk about some bottlnecks here...
But maybe I did not read enough documents ?
Any comments from the builders of that lab ?
Telecom business - international company with 100.000 people (you can see the name of the company in the adds...) .2 cents.
We have a research site, 1700 people working here, around 4000 machines.
Amongst them, we have 300 "repertoried" linux cpus, with around 80 desktop and some servers. But apparently this will soon ramp up.
my
From a professional experience, I tend to agree with the conclusions of the article.
Even if their main point is more:
"how to use statistics methods to predict intrusion attempt"
than
let's demonstrate the aggressivity of our beloved blasthat community.
But to get back to my experience, we sat up a firewall between our intranet and some inter-universities research network. The outcome was pretty scary.
The box was first connected to the external research net (and internet through it). We did not set up the DNS configuration before three week
It took about only two days to reach "cruising scan speed". In fact, having a dns existence did not change the things very much. Right now, our probe rate is about 5000/7000 DENY packets per week. And yes, our box is responding to icmp echo, but not forward...
My 3.14 cents.
NAT has _never_ been a security measure : you need either _no_ connection or a real firewall.
And btw, netstat -anp is something usefull also...
I'm currently beeing massively port-scanned by some imbecile that probably believes that nmap is an intrusion system...
Well, I did put `>` characters into my prompt until a spurious copy-paste trashed an important file because the middle-button paste somehow made the shell to redirect garbage into a real file... DO NOT EVER use > in your prompt, or it will bite you one day. And do not tell me you never did such a mistake...
This is really sounding like a loch-ness article : they had some content to give, so unearthed a freak ranting against PDA.
Some common observation :
people have been complaining since Socrate that the new generation are getting less polite,educated, etc... But I'll bet that trying to be Leonard the Vinci today will really really more difficult than during the renewal...
each time a new technology hits the market, a mass movment of people scared by the unknown is going to find evidence that the new thing is harmfull, and especially for the brain. Remember reading people arguing that because of their lack of precision (finite-precision arythmetic), computer will be useless.
This article has a strong smell of urban legend. As for scientific evidences, the number of people they report is laughable.
It is not even coherent on itself : on one part, it states the risk of loosing your memory because you are not exercising it, and right after that it complains about the information overload (buzzword) and what damage it may cause.
And the poor lady that downloaded his memory into his pda, she is probably lacking some feedback loop. Because if I start to loose my memory like this, I will try do to something before loosing my work.
When I did had not time any more to play RPG, I stayed subscribed to one RPG magazine just for the fun of reading the scenarios and games description.
Reading a good scenario for me is exactly like reading a good book : what's interesting is to see the scenario creator's mind at work, and because RPG is so close to storytelling.Another thing is : playing doom, quake, fps just for the sheer fun of exploring an unknown world and for the sightseeing pleasure. Granted, it might wear out quickly, but I'm not so sure it wears out more quickly than playing the games itself.
I remember some user-created doom wad that really created some breath-taking sight, especially when it came to wicked architecture with platform hanging in mid-air, bottomless pits and neverending slopes.Those powerful 3-D games/rendering platform are really nice playground for apprentice gods/architects.
Since one fiscal year, here, in Quebec, everyone that gets the government tax funding for childrens has the right to claim :
- 500 CA$ rebate on a brand new complete system (at least the box + a screen +...) - 16$/month rebate for a 24-month subscription to a government-approved ISP (means that the ISP has to be a Quebec company, whatever that means).I do think it's about time governments start thinking helping someone else that big corporations.
The offer helds until march this year, and I do not know if they mean to carry on with it.Of course, I'm a hard-code Kommunizt zealot.
Q1 : Would you trust your money to an open-source bank ?
A1 : No.Hell, I hate banks : they always display the most astounding financial results, while complaining about the economy and laying off as much people as they can.
Do you really think that they will open-source their inner systems : unlikely. Firstly because they largely prefer security by obscurity, and secondly because I doubt the open source community will manage to do something usefull with their base of mainframe-based COBOL code. Sure, their web infrastructure will be all unix/win as it can be, but the account will reside on some real safe system.
But as for their integration software, as they pointed into the article, that will be profitable for them and their clients to have that part of the code improved by the global community : that's just another way of drawing on the global ressources.
Worst, they might just tell their clients : our integration software is open sourced, hire some hacker and do not bother us again.From the language designer perspective, TeX did not change (and Knuth Rules, of course : one of my favorite dream is to buy his "Art..." books and have enough time to study them properly, and toroughly).
...But from the user perspective, who really used naked TeX, without LaTeX or anything helping ? Better admit that you use vi to directly write postscript files to you favorite printer.
That's what I meant about evolving : once the niche your software is filling (the user needs)grows, disappear or mutate, you will have to change it.
TeX is extremely good at laying out 2-D pages, but what will it do if 3-D representation begins to be commonplace : someone will have to extract the ideas in it (hopefully the code) and adapt it to the new reality.Sorry to dampen our enthousiams, but the first or second law of thermodynamics prevent this. In substance it says that you cannot do it, because you will create heat in the process anyway.
Or is that a new kind of thermodynamic trolling ?
It's dead ! Nobody use it anymore, the only hardware able to run it rusts in some remote museum.
I have to admit that the sheer concept of finished software is alien to me : how can you think of something finished when everything else is evolving ? I'm pretty sure that even the so-called "livings fossils" have maybe barely evolved, but have evolved a bit nonetheless.
But maybe that was some of the famous LW second-order jokes ;-)
By the way, the moderators are really awake this morning : 33 posts only in that story, 26 moderated down : is /. suffering from a over-crowd of mods ?