So maybe what the DoJ is doing is going after the one where they have the evidence in the knowledge that this will cause the others to fall as well.
I took it to mean that Micron was basically being the rat. They are seeking amnesty by ratting out the others involved. So they don't get in trouble, and they come out looking like the good guys (comparatively). IMO they shouldn't get amnesty unless they voluntarily came forward, which it appears they didn't...
Nonetheless, incetives such as tax cuts do sound like an interesting idea.
I agree that simply making a source-code donation (so to speak) into a tax-deductable gift could help encourage even further growth of open-source software. However, I don't see it happening unless the organization running the project were a registered non-profit outfit.
One thing in the original post really bugs me:
...or at least make it mandatory to for-profit organizations to give a certain minimum amount and take it out of their taxes?
Make it mandatory? Are you serious? I wasn't sure if you meant to require a code contribution or a monetary one.
For code, this *might* be possible if your particular license required it, and even that would be pushing it IMO. This would only work with projects that are intended for developers to use; you'd never have anyone using Mozilla if such use required that you contribute code.
If you're talking about monetary contributions, then why bother being open-source in the first place? Essentially, you'd have a commercial product, but with the benefits of a non-profit outfit. It will never happen.
Don't forget the TSA screeners have the ability to ban you from flying. For life.
Is this actually true? If so, that certainly gives these people far too much authority/power (which likely affects their behavior). There should be some kind of due process involved here, and some method to appeal.
It doesn't just "feel" more responsive, it is more responsive!
I agree, though what I meant to say was that it feels faster. It certainly is more responsive, but it's not any faster.
I recall when the pre-empt patch first came out, it was tested on a variety of systems. On a desktop-like environment it made a huge difference (responsiveness) but in a server environment, it made very little difference.
So yes, it certainly is more responsive to any interactive application, but for sheer CPU loads it didn't make any difference.
There is one exception to this load balancing rule -- some special processes may be fixed to a certain runqueue. This attribute is called "thread affinity;" a thread is simply another name for a process.
I think it over-simplified this a bit. Granted, Linux doesn't make all that much distinction between a "thread" and a "process" as compared to (say) Windows, but the distinction is still important.
Otherwise, it's a decent article, and gave me some insight to one of the major improvements in 2.6 (which I've yet to try out).
I remember when the "pre-empt" patch came out for 2.4, before it was integrated into the kernel. For a desktop (or otherwise interactive, like my media box) system, it really made a major perceived improvement in performance (while *actual* performance wasn't affected; it was just about priorities and scheduling, making it "feel" more responsive).
The O(1) scheduling algorithm likely improves this further, and is enough to tempt me to spend XMas evening upgrading... these things are important, especially on a desktop system.
Windows XP, for example, isn't all that great in this area, and often one process can too easily slow things down. This is even further emphasized when all the processes you're working with are actually the main "explorer.exe" process; eg, you do something in Windows Explorer that blocks (spin up a CD drive) and everything else (the "desktop", task bar, etc) all become unresponsive...
I enjoy seeing such improvements in the Linux kernel. The pre-empt patch (later integrated into the mainstream kernel) made a drastic usability improvement (especially when the box is also a web server, MySQL server, firewall/router, etc) and I couldn't see a Windows box handling similar tasks without becoming unusable (note: not unstable, just not practical to use when responsiveness is hindered).
I think the kernel team is on the right track with this, specifically for desktop applications (though it does help in many other applications as well; anything interactive, really, even over the network/Internet).
I spent the day digging through boxes, closets, drawers -- trying to find my only TOSLink cable (optical digital audio thingy). I drove around for about 2 hours trying to find something that was open to buy a new one, to no avail.
Then, looking in one of the places I'd already looked at least four times, there it was! It made my holiday.
Oh, presents... sweater, new underwear and white T-shirts, and a nice kitchen knife set (that I had asked for). And I bought myself a digital multi-track hard disk recorder yesterday (hence the need for the TOSLink cable), which was probably the best present. I always buy myself something nice, to avoid standard gift disappointment;)
Sorry to reply again, but something occurred to me. In a normal power supply, a load on the output side directly affects the current draw on the input side. How does that work here? Other than having some kind of input-side regulation and feedback (opto-coupler?), similar to what we have now with switch-mode supplies, I'm not sure how this would work.
By itself it seems that this technology would draw about the same amount of input current, regardless of load. Of course it's possible that it's exactly a "normal" switching supply, with the transformer swapped out in favor of a Piezo device -- in which case the other problems have already been solved.
I am doing some graduate studies in this field, so here's a quick breakdown....
So if I'm understanding correctly, this is roughly equal to driving a speaker with a high voltage, and picking up the sound on a dynamic mic... resulting in a low voltage output from the mic. Accoustic coupling, only at a miniature and inaudible scale in a self-contained unit.
The dual voltage bit comes from the rectifier being a bridge rectifier when you set the switch to "240" and a voltage doubler when you set the switch to "110", both giving a DC voltage to the switch somewhere around 300V.
That's one way, but most notebook adapters don't have such a switch. Rather, they accept a very wide range of input voltages. They work by simply being able to regulate and handle the full range of voltages; at 90v input the regulator would be passing quite a bit more current through, where at 240v the duty-cycle would be dropped significantly.
The piezo supplies, from what I gathered from the article, are more along the lines of a basic 60-Hz transformer; eg, you get some specific ratio of input/output voltage, without regulation. I'm sure these could be easily regulated, and I'm sure a future version will be.
It's (AFAIK) brand-new tech, so more features will come I'm sure, if the technology takes off.
Yes, they are smaller than the transformers needed for non-switching power supplies, but they are there.
Adding to this is the fact that switch-mode power supplies are the main culprits for RF/EMI problems. A simple 60-Hz transformer (unless in very bad shape) emits very little of anything in the RF spectrum.
I assumed that the article was in fact referring to switching supplies, since they mentioned the EMI issue as one of the problems that their idea solves.
The only thing I wonder about is decoupling. Not knowing exactly how they work (the article isn't all that technical), I wonder how well decoupled the output is from the input. I recall a laptop being recalled over poorly decoupled modems, causing a shock in some circumstances; with 110 to 220 VAC, I think the problem would be worse, but it's possible that there is a good degree of isolation in these things.
One of my contract clients (I run his Linux web server) had some concerns, and I eased his mind quite easily.
See, the people who buy into this nonsense are the same people who thought planes were going to crash due to Y2K, and believe everything FOX tells them (eg, that we didn't land on the moon). These people hear something and start to worry.
Usually, just giving them the facts, and telling them that they shouldn't believe everything they hear is all it takes. Linux is fine, you are fine, SCO is full of shit.
It's like dealing with a child, really, and it's not all that difficult. In my case (contract client) he tends to believe me on this kind of stuff, after several "told you so" situations over the years (Y2K being one of them).
That, in a nutshell, destroys the entire article. The end user shouldn't be forced to "hope" that bad things won't happen to their computers.
You've summed it up quite nicely. Back before Windows 2000, I just didn't understand why anyone put up with Windows at all. The fact that people considered daily reboots "normal" was pathetic.
Only now the situation is a bit different. 2000/XP are both very stable, and if properly patched are most always relatively secure. I still trust Linux or BSD a lot more, which is why my Windows machines are protected with a Linux/iptables firewall; but you have to admit that Windows has gotten much better. Again, though, if properly patched.
I believe (correct if wrong) that nearly all of the major exploits in the last few years were patched long before they became a problem; in many cases, months passed between the time a problem was fixed and the time it was exploited (thus giving plenty of time for testing and deployment).
Microsoft tried to remedy the problem with the "auto update" feature, which most of us didn't like. Fine. Now they're finally getting it right, and making things much better starting with SP2 (firewall enabled by default, etc). Sure, *nix has been doing it right for much longer, but you have to admit that things are getting a lot better in the Windows world...
Sendmail is for the most part replaced by Postfix and other varients. Apache... well, although quite a large portion of web servers run apache, a very small portion of linux systems are web servers.
While I personally don't use SendMail (I love Qmail), I believe the vast majority of Linux (and other Unix) machines offering mail services are using Sendmail. Just think of how many Cobalt RAQ machines administered by idiots are out there...
Apache has always had a pretty strong focus on security, though everyone makes mistakes from time to time. It does certainly have a better record than Sendmail or Bind, and I trust it quite a bit myself.
Sure, not every single Linux box is running Apache, but an attack that is targetted only at web server machines can still cause quite a bit of havoc; just think of Code Red and it's decendants.
Just because you aren't targetting *every* single machine out there doesn't mean an attack can't be effective. You comprimise a few thousand unpached Linux/Apache machines, or *nix/Sendmail, or whatever -- you still have plenty of power to (for example) attack an anti-spam site, or cause other, similar dammage.
Yes, an exploitable Windows -- especially when it's exploitable in its default configuration -- is a helluva target; but that doesn't mean all exploits need a hundred million exploitable machines to have an effective target.
I don't doubt it would be possible to create an effective virus for Linux.
I agree with everything you stated. It's the diversity that makes Linux (and other operating systems) less vulnerable to such massive attacks. But everyone learns from their mistakes, even Microsoft (albeit slowly sometimes).
Currently, if you purchase a copy of XP and install it with neworking capabilities (even dialup), there is a good chance you won't get as far as Windows Update before you're rooted. I went through that a couple of months ago -- got the "Windows is Shutting Down" dialog before the Windows Update page could load. I knew how to abort the shutdown and patch the problem, and I really should have enabled the firewall first -- but joe average doesn't (and shouldn't have to) know this.
However, I also recall the Honeypot project having similar experiences with RedHat 6.2; because of a remote-root exploit (I think), the machine was hardly online a few minutes before being rooted. If I remember correctly (it was a long time ago), 6.2 was the latest retail RedHat release at the time.
Jump to now: RedHat now enables less services by default (but still has a record number of suid-root binaries...), and really pushes you to enable iptables at install time before any network interface is brought up. Likewise, SP2 for XP will be doing some things right, and I'm sure this will carry over to Longhorn and future versions.
I say: bravo on both sides. Firewalls enabled by default (like "opt-in" instead of "opt-out"), and taking security into consideration with every decision (as RedHat and Microsoft both are learning to do, though many others *cough*OpenBSD*cough* have known this for a while)...
We had real problems at Y2K at the web hosting provider I worked for as a programmer. It's painful, but I'll recount the last few seconds of 1999...
We were watching Office Space at the Boss' house (the Matrix DVD hadn't arrived yet), and it occurred to us that it was past midnight. We paused the movie and checked to see that everything was functioning normally, which we all expected. We just knew that all the Y2k nuts were crazy, didn't know what they were talking about, us geeks had a handle on things, etc. But we checked anyway...
To our horror, we found that our web-based file manager was broken. Files created after the roll-over were showing the date as 19100, which didn't fit nicely into the table layout (I hadn't started using CSS for formatting yet). It looked horrible, not to mention our customers' resulting confusion.
Of course, had I RTFM a bit early on, I'd have known how the year is represented in Perl, and that I should simply add 1900 to the result rather than append "19" as a string. Come to think of it, I really did know that, it just didn't occurr to me at the time. The code worked at the time, so I moved on without giving it a second thought. I always mess up some mundane detail (to paraphrase from the aforementioned movie).
We eventually resolved the problem; few people were injured and little data was lost as a result. We then proceeded to resume the Office Space DVD at about 12:03, putting the incident our of our minds forever... until you brought back the horrible memories...
Luckily, I won't be around for the 2^30 holocaust, and in 2038 I'll just be laughing from my bunker (which hopefully by then I will have been able to afford; maybe freelance work repairing dammage from 2^30?)
Politicians and moral crusaders learn nothing from history. Prohibition does not work.
I'm not so sure I agree. Prohibition certainly does not work when the majority of the population disagrees with it (or even a significant minority). But when it's something like spam? I'm sure the vast majority of the population is against spam.
I'm sure even most organized criminals hate spam (I just had a wonderful vision about the organized criminals taking on the spam problem... what, are you saying I have a small ****? You wanna send my mother pornographic emails? *bang*...)
Anyway, there are many activities that are prohibited. Sometimes it works, for the most part; other times -- usually when the activity isn't all that harmful, but is enjoyable by some -- it doesn't. The "war on drugs" is rediculous (remember, it takes two sides to make a war) and will never be won unless one side gives in (and we know which side that will have to be).
But many prohibited activities are easily enforced. Everything from insider trading to child pornography. Sure, these things still happen, but because most people are against them anyway, aside from it being banned by law, it's rather infrequent, and most people -- who for whatever reason may want to engage in the prohibited activity -- still won't out of fear of being caught.
Perhaps one day spamming will be seen by most of society as being a very, very bad activity, and banned by law in many countries, to the point that it's just not worth even entertaining the idea.
The web hosting business went through this a few years ago. It used to be that all hosting providers offered unlimited data transfer, and this didn't used to be a problem; there usually were special exceptions for "download sites" and such, but for the most part it was unlimited.
As time went on, though, the average web site isn't just a few static HTML pages with a couple of optimized GIFs any more. As broadband access becomes more popular, web sites become more huge, more dynamic, and less optimized.
Most hosting providers did one of three things:
1) Offer a specific amount of monthly or daily data transfer. Usually this amount varies by the plan you have.
2) Redefine "Unlimited" deep in the TOS or AUP.
3) One big provider actually states that transfer is unlimited as long as you keep within the 17 GB/month limit. So, "unlimited as long as you stay within the limits".
Obviously #1 is preferred, but to many hosts, changing "unlimited" to any kind of limit puts them at a marketing disadvantage, since most customers don't really understand the limits or the fact that there's no such thing as "unlimited".
I'm sure ISPs will deal with the issue in similar ways, though one advantage is that most users understand the concept of "hours per month" more easily than they do "GB/month transfer", so a high-ish limit will appeal just as easily as "unlimited".
This is just about the low point in bad tech design.
Well, the grandparent suggested this application, not the designers of it (from what I can tell). I suspect it's more designed for kiosk applications personally.
Combine this with a touch-screen LCD with integrated speakers, and you have a kiosk who's CPU unit is about the size of the LCD power supply brick.
But...who actually wants this thing? And what are you using it for?
I gathered that it was intended for embedded devices, from the summary. Re-reading the summary, I realize they may have been referring to the device itself as embedded, thus it runs an embedded OS.
However, I could think of potential uses for it, specifically embedded. I'd think a touch-screen LCD combined with this (which would be no larger than the LCD's own power supply) would certainly make for a nice, space-saving kiosk...
There's lots of discussion about how someone can just sniff the transaction or plant hidden RFID readers, and they are being debunked by the fact that there's some sort of challenge/response encryption.
Fine, except given that some thieves have gone as far as to obtain a legitimate ATM machine to steal ATM card/PIN numbers, how much more difficult would it be to obtain an RFID credit card reader? Whatever public keys or key database a scanner needs would be taken care of, as it would all be purchased/leased for a seeminly legal purpose. At this point it would be trivial to plant the reader in a location that people tend to walk by, and unless there's some kind of PIN verification, you've got all you need.
Thus, the user doesn't even have to knowingly make a transaction as with the ATM scams.
If there's PIN verification, an on/off switch, or a lead protective storage pouch... then we're in the same place we're at now; but if all it takes is the user to click "OK" on the scanner, then obviously there's no security there (only against accidental scans at a legitimate establishment).
I'm not much of a photographer, but I had to comment on a couple of your points:
I've compared digital and film prints under a microscope; the digital has huge ink, and the photographic print has a light dusting of grain that's barely visable even under the microscope.
I think this depends greatly on the printer used to print the digital photo. A cheap, commodity ink-jet printer is obviously going to do a poor job. Most ink-jet printers claim to do "photo quality" printing on "photo paper", but when you pay $30 for a printer... you shouldn't expect any kind of quality beyond printing a Yahoo map.
Do you think you'll be able to access your CD-R or Zip disk in 5 or 10 years?
Personally, my pics are on my hard drive, and are backed up. If something goes wrong -- CD format becomes obsolete, for example -- I'll make new backups on new media. I'll always have redundant digital backups, on hard drives, CD media (DVD before too long), and even on my web server's hard drive.
As for prints -- well, I've never (yet) printed a digital photo, but if I run across one I particularly want in print form I'll take it to the nearest Wal-Mart or drug store, on my memory stick, and they'll print up a nice, professional copy for me. On much better equipment than a $30 ink-jet printer, I am sure...
Good luck, remember to shoot as many shots as you can afford and never be afraid that you're "wasting" film.
I'm not much of a photographer myself, but that's one thing I love about digital. With my 64MB stick, I can get some 80+ 1600x1200 pictures, and if I bring the laptop to dump them on I'm virtually unlimited.
So after finally realizing this, I've started getting into the habit of taking many redundant pictures. Much of the time this proves invaluable, as when I load them up later on a real monitor, I can pick the best take out of 5 or 10 pictures, and it didn't cost me anything more.
If one is really into photography (as a hobby or profession), then I'd give the same advice, regardless of whether it's film or digital. There's nothing like having a perfect picture opportunity, only to have twitched slightly and come home to find you blew it. Snap, snap, snap, and you're much more likely to come home with something good:)
Not to complain (a phrase that is always followed by a complaint), but... this has to be one of the worse book reviews I've read in a while (even on Slashdot). Many of the comments were unnecessary, and it seemed to really just be an excuse to bash Microsoft. I'm not sure the Slashdot audience is the best audience to pitch this book to, either, though I'm sure many will find it quite useful.
I just had to comment about the review itself. The reviewer gives a couple of specific examples from the book. And his own comments, like:
MS Office... ah yes, Office. What would we ever do without it? What can we do with it? Windows Explorer... ah yes, Windows Explorer. Not bad, but it could be better.
And sentances like:
Of course, one could point out if previous versions of Windows had been created "right" or "ran correctly," there wouldn't be need for a whole chapter (or even reams of books) on Microsoft fixes or how to get it to run properly.
(emphasis mine)
There's not much of a teaser or compelling "cliff hanger" to make one want to go buy this book. I suspect/. only posted it in hopes of getting people to use the affiliate link...
About the book itself, aside from the one chapter about hardware issues, it seems to be yet another Windows (and Windows software) annoyances book, though if you're targetting the mainstream I suppose PC == Windows. It just doesn't sound much like an O'Reilly title, though...
"Ever since I installed W2K I have never seen the blue screen again"
nah... it just spontaneously reboots instead...
This was an issue for me only the first time I ever installed Win2k. Since then I learned to change the setting that does this, and the only BSODs I've had since were directly hardware related (bad PSU, failed hard disk). XP is, annoying as it may be at times, pretty solid. I reboot it as often as my linux boxes, which is to say, only when I move hardware around or upgrade components (all run 24x7 for months at a time).
You might say (and I would agree) that it's stupid for that ("auto reboot") to be the default setting; in fact, that one thing had me very pissed at Windows for a while. However, many stupid defaults apply to other OS's as well (RedHat on up to 7.x enabling tons of services, even on a "workstation" install, for example; or the 50-something Set-UID binaries...). In all cases I've learned to change the options I don't agree with and move on.
Slashdot Mirror
So maybe what the DoJ is doing is going after the one where they have the evidence in the knowledge that this will cause the others to fall as well.
I took it to mean that Micron was basically being the rat. They are seeking amnesty by ratting out the others involved. So they don't get in trouble, and they come out looking like the good guys (comparatively). IMO they shouldn't get amnesty unless they voluntarily came forward, which it appears they didn't...
Their two of the worst ... can't people use the English language anymore? Sheesh!!
;)
I hope you were going for humor here...
Nonetheless, incetives such as tax cuts do sound like an interesting idea.
...or at least make it mandatory to for-profit organizations to give a certain minimum amount and take it out of their taxes?
I agree that simply making a source-code donation (so to speak) into a tax-deductable gift could help encourage even further growth of open-source software. However, I don't see it happening unless the organization running the project were a registered non-profit outfit.
One thing in the original post really bugs me:
Make it mandatory? Are you serious? I wasn't sure if you meant to require a code contribution or a monetary one.
For code, this *might* be possible if your particular license required it, and even that would be pushing it IMO. This would only work with projects that are intended for developers to use; you'd never have anyone using Mozilla if such use required that you contribute code.
If you're talking about monetary contributions, then why bother being open-source in the first place? Essentially, you'd have a commercial product, but with the benefits of a non-profit outfit. It will never happen.
Don't forget the TSA screeners have the ability to ban you from flying. For life.
Is this actually true? If so, that certainly gives these people far too much authority/power (which likely affects their behavior). There should be some kind of due process involved here, and some method to appeal.
Got a reference on this?
It doesn't just "feel" more responsive, it is more responsive!
I agree, though what I meant to say was that it feels faster. It certainly is more responsive, but it's not any faster.
I recall when the pre-empt patch first came out, it was tested on a variety of systems. On a desktop-like environment it made a huge difference (responsiveness) but in a server environment, it made very little difference.
So yes, it certainly is more responsive to any interactive application, but for sheer CPU loads it didn't make any difference.
Regarding "dumbing it down":
There is one exception to this load balancing rule -- some special processes may be fixed to a certain runqueue. This attribute is called "thread affinity;" a thread is simply another name for a process.
I think it over-simplified this a bit. Granted, Linux doesn't make all that much distinction between a "thread" and a "process" as compared to (say) Windows, but the distinction is still important.
Otherwise, it's a decent article, and gave me some insight to one of the major improvements in 2.6 (which I've yet to try out).
I remember when the "pre-empt" patch came out for 2.4, before it was integrated into the kernel. For a desktop (or otherwise interactive, like my media box) system, it really made a major perceived improvement in performance (while *actual* performance wasn't affected; it was just about priorities and scheduling, making it "feel" more responsive).
The O(1) scheduling algorithm likely improves this further, and is enough to tempt me to spend XMas evening upgrading... these things are important, especially on a desktop system.
Windows XP, for example, isn't all that great in this area, and often one process can too easily slow things down. This is even further emphasized when all the processes you're working with are actually the main "explorer.exe" process; eg, you do something in Windows Explorer that blocks (spin up a CD drive) and everything else (the "desktop", task bar, etc) all become unresponsive...
I enjoy seeing such improvements in the Linux kernel. The pre-empt patch (later integrated into the mainstream kernel) made a drastic usability improvement (especially when the box is also a web server, MySQL server, firewall/router, etc) and I couldn't see a Windows box handling similar tasks without becoming unusable (note: not unstable, just not practical to use when responsiveness is hindered).
I think the kernel team is on the right track with this, specifically for desktop applications (though it does help in many other applications as well; anything interactive, really, even over the network/Internet).
I spent the day digging through boxes, closets, drawers -- trying to find my only TOSLink cable (optical digital audio thingy). I drove around for about 2 hours trying to find something that was open to buy a new one, to no avail.
;)
Then, looking in one of the places I'd already looked at least four times, there it was! It made my holiday.
Oh, presents... sweater, new underwear and white T-shirts, and a nice kitchen knife set (that I had asked for). And I bought myself a digital multi-track hard disk recorder yesterday (hence the need for the TOSLink cable), which was probably the best present. I always buy myself something nice, to avoid standard gift disappointment
Overall, it's been a good year.
Sorry to reply again, but something occurred to me. In a normal power supply, a load on the output side directly affects the current draw on the input side. How does that work here? Other than having some kind of input-side regulation and feedback (opto-coupler?), similar to what we have now with switch-mode supplies, I'm not sure how this would work.
By itself it seems that this technology would draw about the same amount of input current, regardless of load. Of course it's possible that it's exactly a "normal" switching supply, with the transformer swapped out in favor of a Piezo device -- in which case the other problems have already been solved.
Any insight?
I am doing some graduate studies in this field, so here's a quick breakdown. ...
So if I'm understanding correctly, this is roughly equal to driving a speaker with a high voltage, and picking up the sound on a dynamic mic... resulting in a low voltage output from the mic. Accoustic coupling, only at a miniature and inaudible scale in a self-contained unit.
Cool!
The dual voltage bit comes from the rectifier being a bridge rectifier when you set the switch to "240" and a voltage doubler when you set the switch to "110", both giving a DC voltage to the switch somewhere around 300V.
That's one way, but most notebook adapters don't have such a switch. Rather, they accept a very wide range of input voltages. They work by simply being able to regulate and handle the full range of voltages; at 90v input the regulator would be passing quite a bit more current through, where at 240v the duty-cycle would be dropped significantly.
The piezo supplies, from what I gathered from the article, are more along the lines of a basic 60-Hz transformer; eg, you get some specific ratio of input/output voltage, without regulation. I'm sure these could be easily regulated, and I'm sure a future version will be.
It's (AFAIK) brand-new tech, so more features will come I'm sure, if the technology takes off.
Yes, they are smaller than the transformers needed for non-switching power supplies, but they are there.
Adding to this is the fact that switch-mode power supplies are the main culprits for RF/EMI problems. A simple 60-Hz transformer (unless in very bad shape) emits very little of anything in the RF spectrum.
I assumed that the article was in fact referring to switching supplies, since they mentioned the EMI issue as one of the problems that their idea solves.
The only thing I wonder about is decoupling. Not knowing exactly how they work (the article isn't all that technical), I wonder how well decoupled the output is from the input. I recall a laptop being recalled over poorly decoupled modems, causing a shock in some circumstances; with 110 to 220 VAC, I think the problem would be worse, but it's possible that there is a good degree of isolation in these things.
One of my contract clients (I run his Linux web server) had some concerns, and I eased his mind quite easily.
See, the people who buy into this nonsense are the same people who thought planes were going to crash due to Y2K, and believe everything FOX tells them (eg, that we didn't land on the moon). These people hear something and start to worry.
Usually, just giving them the facts, and telling them that they shouldn't believe everything they hear is all it takes. Linux is fine, you are fine, SCO is full of shit.
It's like dealing with a child, really, and it's not all that difficult. In my case (contract client) he tends to believe me on this kind of stuff, after several "told you so" situations over the years (Y2K being one of them).
That, in a nutshell, destroys the entire article. The end user shouldn't be forced to "hope" that bad things won't happen to their computers.
You've summed it up quite nicely. Back before Windows 2000, I just didn't understand why anyone put up with Windows at all. The fact that people considered daily reboots "normal" was pathetic.
Only now the situation is a bit different. 2000/XP are both very stable, and if properly patched are most always relatively secure. I still trust Linux or BSD a lot more, which is why my Windows machines are protected with a Linux/iptables firewall; but you have to admit that Windows has gotten much better. Again, though, if properly patched.
I believe (correct if wrong) that nearly all of the major exploits in the last few years were patched long before they became a problem; in many cases, months passed between the time a problem was fixed and the time it was exploited (thus giving plenty of time for testing and deployment).
Microsoft tried to remedy the problem with the "auto update" feature, which most of us didn't like. Fine. Now they're finally getting it right, and making things much better starting with SP2 (firewall enabled by default, etc). Sure, *nix has been doing it right for much longer, but you have to admit that things are getting a lot better in the Windows world...
Sendmail is for the most part replaced by Postfix and other varients. Apache... well, although quite a large portion of web servers run apache, a very small portion of linux systems are web servers.
While I personally don't use SendMail (I love Qmail), I believe the vast majority of Linux (and other Unix) machines offering mail services are using Sendmail. Just think of how many Cobalt RAQ machines administered by idiots are out there...
Apache has always had a pretty strong focus on security, though everyone makes mistakes from time to time. It does certainly have a better record than Sendmail or Bind, and I trust it quite a bit myself.
Sure, not every single Linux box is running Apache, but an attack that is targetted only at web server machines can still cause quite a bit of havoc; just think of Code Red and it's decendants.
Just because you aren't targetting *every* single machine out there doesn't mean an attack can't be effective. You comprimise a few thousand unpached Linux/Apache machines, or *nix/Sendmail, or whatever -- you still have plenty of power to (for example) attack an anti-spam site, or cause other, similar dammage.
Yes, an exploitable Windows -- especially when it's exploitable in its default configuration -- is a helluva target; but that doesn't mean all exploits need a hundred million exploitable machines to have an effective target.
I don't doubt it would be possible to create an effective virus for Linux.
I agree with everything you stated. It's the diversity that makes Linux (and other operating systems) less vulnerable to such massive attacks. But everyone learns from their mistakes, even Microsoft (albeit slowly sometimes).
Currently, if you purchase a copy of XP and install it with neworking capabilities (even dialup), there is a good chance you won't get as far as Windows Update before you're rooted. I went through that a couple of months ago -- got the "Windows is Shutting Down" dialog before the Windows Update page could load. I knew how to abort the shutdown and patch the problem, and I really should have enabled the firewall first -- but joe average doesn't (and shouldn't have to) know this.
However, I also recall the Honeypot project having similar experiences with RedHat 6.2; because of a remote-root exploit (I think), the machine was hardly online a few minutes before being rooted. If I remember correctly (it was a long time ago), 6.2 was the latest retail RedHat release at the time.
Jump to now: RedHat now enables less services by default (but still has a record number of suid-root binaries...), and really pushes you to enable iptables at install time before any network interface is brought up. Likewise, SP2 for XP will be doing some things right, and I'm sure this will carry over to Longhorn and future versions.
I say: bravo on both sides. Firewalls enabled by default (like "opt-in" instead of "opt-out"), and taking security into consideration with every decision (as RedHat and Microsoft both are learning to do, though many others *cough*OpenBSD*cough* have known this for a while)...
We had real problems at Y2K at the web hosting provider I worked for as a programmer. It's painful, but I'll recount the last few seconds of 1999...
We were watching Office Space at the Boss' house (the Matrix DVD hadn't arrived yet), and it occurred to us that it was past midnight. We paused the movie and checked to see that everything was functioning normally, which we all expected. We just knew that all the Y2k nuts were crazy, didn't know what they were talking about, us geeks had a handle on things, etc. But we checked anyway...
To our horror, we found that our web-based file manager was broken. Files created after the roll-over were showing the date as 19100, which didn't fit nicely into the table layout (I hadn't started using CSS for formatting yet). It looked horrible, not to mention our customers' resulting confusion.
Of course, had I RTFM a bit early on, I'd have known how the year is represented in Perl, and that I should simply add 1900 to the result rather than append "19" as a string. Come to think of it, I really did know that, it just didn't occurr to me at the time. The code worked at the time, so I moved on without giving it a second thought. I always mess up some mundane detail (to paraphrase from the aforementioned movie).
We eventually resolved the problem; few people were injured and little data was lost as a result. We then proceeded to resume the Office Space DVD at about 12:03, putting the incident our of our minds forever... until you brought back the horrible memories...
Luckily, I won't be around for the 2^30 holocaust, and in 2038 I'll just be laughing from my bunker (which hopefully by then I will have been able to afford; maybe freelance work repairing dammage from 2^30?)
Politicians and moral crusaders learn nothing from history. Prohibition does not work.
...)
I'm not so sure I agree. Prohibition certainly does not work when the majority of the population disagrees with it (or even a significant minority). But when it's something like spam? I'm sure the vast majority of the population is against spam.
I'm sure even most organized criminals hate spam (I just had a wonderful vision about the organized criminals taking on the spam problem... what, are you saying I have a small ****? You wanna send my mother pornographic emails? *bang*
Anyway, there are many activities that are prohibited. Sometimes it works, for the most part; other times -- usually when the activity isn't all that harmful, but is enjoyable by some -- it doesn't. The "war on drugs" is rediculous (remember, it takes two sides to make a war) and will never be won unless one side gives in (and we know which side that will have to be).
But many prohibited activities are easily enforced. Everything from insider trading to child pornography. Sure, these things still happen, but because most people are against them anyway, aside from it being banned by law, it's rather infrequent, and most people -- who for whatever reason may want to engage in the prohibited activity -- still won't out of fear of being caught.
Perhaps one day spamming will be seen by most of society as being a very, very bad activity, and banned by law in many countries, to the point that it's just not worth even entertaining the idea.
Or perhaps I'm just being optimistic...
The web hosting business went through this a few years ago. It used to be that all hosting providers offered unlimited data transfer, and this didn't used to be a problem; there usually were special exceptions for "download sites" and such, but for the most part it was unlimited.
As time went on, though, the average web site isn't just a few static HTML pages with a couple of optimized GIFs any more. As broadband access becomes more popular, web sites become more huge, more dynamic, and less optimized.
Most hosting providers did one of three things:
1) Offer a specific amount of monthly or daily data transfer. Usually this amount varies by the plan you have.
2) Redefine "Unlimited" deep in the TOS or AUP.
3) One big provider actually states that transfer is unlimited as long as you keep within the 17 GB/month limit. So, "unlimited as long as you stay within the limits".
Obviously #1 is preferred, but to many hosts, changing "unlimited" to any kind of limit puts them at a marketing disadvantage, since most customers don't really understand the limits or the fact that there's no such thing as "unlimited".
I'm sure ISPs will deal with the issue in similar ways, though one advantage is that most users understand the concept of "hours per month" more easily than they do "GB/month transfer", so a high-ish limit will appeal just as easily as "unlimited".
This is just about the low point in bad tech design.
Well, the grandparent suggested this application, not the designers of it (from what I can tell). I suspect it's more designed for kiosk applications personally.
Combine this with a touch-screen LCD with integrated speakers, and you have a kiosk who's CPU unit is about the size of the LCD power supply brick.
But...who actually wants this thing? And what are you using it for?
I gathered that it was intended for embedded devices, from the summary. Re-reading the summary, I realize they may have been referring to the device itself as embedded, thus it runs an embedded OS.
However, I could think of potential uses for it, specifically embedded. I'd think a touch-screen LCD combined with this (which would be no larger than the LCD's own power supply) would certainly make for a nice, space-saving kiosk...
There's lots of discussion about how someone can just sniff the transaction or plant hidden RFID readers, and they are being debunked by the fact that there's some sort of challenge/response encryption.
Fine, except given that some thieves have gone as far as to obtain a legitimate ATM machine to steal ATM card/PIN numbers, how much more difficult would it be to obtain an RFID credit card reader? Whatever public keys or key database a scanner needs would be taken care of, as it would all be purchased/leased for a seeminly legal purpose. At this point it would be trivial to plant the reader in a location that people tend to walk by, and unless there's some kind of PIN verification, you've got all you need.
Thus, the user doesn't even have to knowingly make a transaction as with the ATM scams.
If there's PIN verification, an on/off switch, or a lead protective storage pouch... then we're in the same place we're at now; but if all it takes is the user to click "OK" on the scanner, then obviously there's no security there (only against accidental scans at a legitimate establishment).
Any thoughs?
I'm not much of a photographer, but I had to comment on a couple of your points:
I've compared digital and film prints under a microscope; the digital has huge ink, and the photographic print has a light dusting of grain that's barely visable even under the microscope.
I think this depends greatly on the printer used to print the digital photo. A cheap, commodity ink-jet printer is obviously going to do a poor job. Most ink-jet printers claim to do "photo quality" printing on "photo paper", but when you pay $30 for a printer... you shouldn't expect any kind of quality beyond printing a Yahoo map.
Do you think you'll be able to access your CD-R or Zip disk in 5 or 10 years?
Personally, my pics are on my hard drive, and are backed up. If something goes wrong -- CD format becomes obsolete, for example -- I'll make new backups on new media. I'll always have redundant digital backups, on hard drives, CD media (DVD before too long), and even on my web server's hard drive.
As for prints -- well, I've never (yet) printed a digital photo, but if I run across one I particularly want in print form I'll take it to the nearest Wal-Mart or drug store, on my memory stick, and they'll print up a nice, professional copy for me. On much better equipment than a $30 ink-jet printer, I am sure...
Good luck, remember to shoot as many shots as you can afford and never be afraid that you're "wasting" film.
:)
I'm not much of a photographer myself, but that's one thing I love about digital. With my 64MB stick, I can get some 80+ 1600x1200 pictures, and if I bring the laptop to dump them on I'm virtually unlimited.
So after finally realizing this, I've started getting into the habit of taking many redundant pictures. Much of the time this proves invaluable, as when I load them up later on a real monitor, I can pick the best take out of 5 or 10 pictures, and it didn't cost me anything more.
If one is really into photography (as a hobby or profession), then I'd give the same advice, regardless of whether it's film or digital. There's nothing like having a perfect picture opportunity, only to have twitched slightly and come home to find you blew it. Snap, snap, snap, and you're much more likely to come home with something good
Not to complain (a phrase that is always followed by a complaint), but... this has to be one of the worse book reviews I've read in a while (even on Slashdot). Many of the comments were unnecessary, and it seemed to really just be an excuse to bash Microsoft. I'm not sure the Slashdot audience is the best audience to pitch this book to, either, though I'm sure many will find it quite useful.
... ah yes, Office. What would we ever do without it? What can we do with it? ... ah yes, Windows Explorer. Not bad, but it could be better.
/. only posted it in hopes of getting people to use the affiliate link...
I just had to comment about the review itself. The reviewer gives a couple of specific examples from the book. And his own comments, like:
MS Office
Windows Explorer
And sentances like:
Of course, one could point out if previous versions of Windows had been created "right" or "ran correctly," there wouldn't be need for a whole chapter (or even reams of books) on Microsoft fixes or how to get it to run properly.
(emphasis mine)
There's not much of a teaser or compelling "cliff hanger" to make one want to go buy this book. I suspect
About the book itself, aside from the one chapter about hardware issues, it seems to be yet another Windows (and Windows software) annoyances book, though if you're targetting the mainstream I suppose PC == Windows. It just doesn't sound much like an O'Reilly title, though...
This was an issue for me only the first time I ever installed Win2k. Since then I learned to change the setting that does this, and the only BSODs I've had since were directly hardware related (bad PSU, failed hard disk). XP is, annoying as it may be at times, pretty solid. I reboot it as often as my linux boxes, which is to say, only when I move hardware around or upgrade components (all run 24x7 for months at a time).
You might say (and I would agree) that it's stupid for that ("auto reboot") to be the default setting; in fact, that one thing had me very pissed at Windows for a while. However, many stupid defaults apply to other OS's as well (RedHat on up to 7.x enabling tons of services, even on a "workstation" install, for example; or the 50-something Set-UID binaries...). In all cases I've learned to change the options I don't agree with and move on.