But without an IP, you would not be able to actually communicate with the IP-less router. No matter what the OS is that's doing the filtering.
Sure, you could overwrite the stack, get it to run some arbitrary code, but unless you could transport enough code to be able have it spontaneously pick up an IP and become addressible, then you're still just poking into the dark.
It's like write-only memory. You know you exploited the machine, and it's now executing your arbitrary code. But it can't talk back to you, because it doesn't have an address to open a socket so it can talk to you.
Alright... heh, and while I agree that going back to the pengiun is definitely an option, and especially must be compared when first securing a network/firewall.
It's just in a long clump of OpenBSD posts, a post of "You could use Linux" is likely to be taken as Zealotry;)
Because ironic would be my saying that I run OpenBSD because it's never been hacked, and then being hacked myself.
My statement that OpenBSD is a good OS to choose because it has a low track-record of remote exploits is perfectly justified. Just because I've had an OpenBSD system hacked on the one remote exploit in 4 years, doesn't dilute my arguement.
Telling someone to run a software firewall on a notoriously insecure operating system is fundamentally flawed. Software fails, and if a software firewall fails, then the system is open to attack. If that system is insecure to begin with, then it's a horrible situation. Because the person thinks that they are secure, because of the firewall, but they're not.
If you have a piece of blackbox acting as your firewall, which no one can get into and out of except with physical access, then there is no remote exploit into that box. If you have that box setup where if it fails it will take out the connection, then you're safe because the computers behind it will be safe *even in failure*.
My problem was that I had made so that I would ssh into my firewall to get into my network. This meant that my firewall was directly attackable. No operating system is perfectly secure, but OpenBSD is as close on the default install as one can get right now. And OpenBSD on the whole has only failed once in the default install in over 4 years.
Show me a track record like that with Windows, or Linux.
Your (this is just to piss you off) not reading his comment. If it's an IP-less system then it *CAN'T* get targeted by attackers.
See, if the computer is unaddressable, then there is no way to get to it. This is why people don't attack HUBs. Because there's nothing to attack.
Even if you were managing a Windows system as your ip-less bridge, then no one except with physical access could actually interface with it. So, you wouldn't even need to patch it.
This is why IP-less routers are so much better than addressed routers. You're not relying on security of the software, you're effectively making it a chunk of wire in the path of communication. There, and effective, but unattackable.
Ah... nifty idea... I like it... Well, as it is right now, there is a monitor attached to the firewall.
We really have that many monitors that we don't know what to do with them. Same goes for full mobo+cpu+memory combos. (Although, that's my fault, not anyone elses. The monitors are just generally everyones fault for having more than one.)
I'll keep this trick in mind when I move out on my own, and have full and total control over every detail of my network.
I have to agree. I use OpenBSD for my firewall, then I poke holes through to my Linux server for HTTP, and SSH.
This avoids the situation that I had previously when someone hacked into my machine. They hacked into my OpenBSD firewall, then opened it all up, and marked my/etc/pf.conf system-immutable (so I had to reboot into single user mode to fix it.)
This way, if they hack my Linux server, they'd still have to hack into my OpenBSD box in order to open up the ports. I have plans to lock that up tight on both ends, so you need physical access to access it.
At that point, I'm as secure as I can get from across-the-world hackers.
God, I hate how you all act that this is something new.
Did you know that the Army recruiters in the area that you attented high school from have your name, address, and number *ALREADY*?
I'm serious, I saw the book with the class just after mine. It's a huge log book with names, numbers, and addresses along with colomns listed for writing information obtained from a call. That way they're up-to-speed on what whoever they talked to before told them.
A few of the entries had: "Do not call anymore." listed.
Seriously, I don't see this database as any different from digitizing what they're already doing. So, if you're going to complain now, then complain about what they're already doing.
Ok, instead of pirating, I'll do exactly what I was intending on doing anyways. Not buying it.
Yeah, I could support the Zeta people, but I don't exactly know how enjoyable it would be to use their OS. So, I'll just continue with my alternate legal option to wasting money on something that I'm unsure of.
Take a junior programming job that requires little/no experience, prove your metal and advance quickly. That's the only way it's going to happen, you're not going to just get given a flashy job just because Linus and co managed it back when.coms had fucktons of cash and you are on sourceforge.
Wow, it's like you know exactly what I'm doing wrong, even though you haven't done any serious looking into it.
I have applied to entry level jobs. That's pretty much all I've been applying to. The problem is that people are scared to hire you in an entry level position, because you're "overqualifed." (This is the only thing I can figure.)
Thinking about this, it does make sense. Many people balk at the idea of hiring someone who's far above in ability or education than required for the job, because they know that the person is basically planning on using them, and the second they get offered a job more commensurate with their abilities/skills with a decent salary, poof, they're gone.
This just isn't a threat with the majority of entry-level programmers, because they're not capable of jumping to experienced until they've put in a decent amount of work. But, if I have a portfolio, and prove experience... well, then obviously I won't be satisfied with an entry-level programming position. And the second I start shining out like that, they'll be expecting for me to come by asking for a raise, or I leave for company XY, which is willing to pay me what I feel I'm worth.
I dunno... I'm just trying to rationalize why I'm being rejected for even entry-level jobs from everyone.
Re:Resolved: NeXTStep was More Advanced than BeOS.
on
Zeta Goes Gold
·
· Score: 1
Alright, you have me beat. Of course, for awhile I was answering phone calls for PeoplePC sales.
One time, this guy calls up, and he tells me, "I probably know more about computers than anyone there!" In a very thick cowboy accent.
I was like... "wow, really, sir? That's impressive." Meanwhile, I was working on the PearPC AltiVec emulation.
Through the course of the conversation, it became apparent (because he told me) that he only needed PeoplePC to play Star Wars Galaxies: Jump to Lightspeed
Hint to everyone out there: Just because you think you're the hot shit, and you're calling in some tech sales line, doesn't mean you won't find a fellow geek, who knows his shit better than you. It's just very highly unlikely.
Re:Resolved: NeXTStep was More Advanced than BeOS.
on
Zeta Goes Gold
·
· Score: 1
Yeah, Steve Jobs definitely brought a lot back to the company.
It was definitely a good move. Of course, I like the CARS article when Al Gore was brought onto the board. Suggesting some sort of recount.
Which was funny, because Al Gore had just lost, and had demanded a recount in Florida, but that fell through. And they're parallizing......
Yeah, all this talk about getting the talented people into good well paying FOSS-compatible jobs. It'd be nice, right?
Real world doesn't work that way. No one seems to care if you have experience in Open Source Programming. The FOSS development model and environment is entirely different from commerical programming.
So, we're all stuck out here at the fringe with the skills and the talent, but no one wants to hire us, because we'll expect a pay commensurate with our talent, but yet we don't have the experience to validate it most of the time.
So, we either take some lame entry-level position, (not to imply that entry-level positions are bad. I'd happily take one just to get a job in my field and start building commercial experience) or we end up getting rejected by everyone, either because we want too much money, or our experience just doesn't align with the position.
Fact is, that I've spent my whole college career working in FOSS, and am a really good programmer, but no one seems to care about that crap. They just see another moron with no work experience, who wants a salary at the same level as someone with reasonable experience. (And for all the detractors out there, I've applied for jobs asking for low salary levels, and they still don't care.)
It's quite depressing that I get to install security systems, because no one wants to pay me for my programming skill.
Intel chips have SSE2, which for the most part, is faster than AltiVec (at least on the newer chips which will be available in 2006)
AltiVec is just a more robust design.
So, take your pick on what you think is better: speed => Intel, design => PowerPC
The consumer, who votes with their wallet, and the lack of progress in the PowerPC development has forced Apple to go for the Intel and speed, rather than the superior design of the PowerPC.
Same problem is with the BIOS. OpenFirmware is way much better than the Standard PC BIOS, but *shrug* can't use commodity PC hardware without it, so Apple would screw themselves just as bad if they went with OpenFirmware. (Funny thing is, if they did keep OpenFirmware, you could still use the same video cards, etc that you used on your PowerPC Mac. But people would wonder why you couldn't use this PC Video Card, on a PC Apple, and that wouldn't be good.)
Hm... good point. Apple worked pretty close with Motorola to provide certain instructions for sure. I imagine it might be possible that they're working with Intel now to try and get them to insert certain instructions, which would accelerate the graphics in OSX through vector usage.
Of course, this generally only matters in the software driver backup, so this may not be that big of a concern.
Of course, because of their ad-hoc design, I think it would likely be hard for them to add in missing instructions now. Like PSLLB, and PMINxx where xx is anything but UB, or SW.
Well, I'll not discuss which is *faster*, because like you mentioned. It depends.
What I'm here to say, is that AltiVec is more complete and fleshed-out than SSE.
SSE feels *way* too much like a hack than an extention. It's missing some basic functionality and consistency in instruction encoding. It basically shows almost no forethought towards being an extention, but rather just a collection of functions that Intel said, "Darn, it'd be really nice if we could do this..."
As for the point of consistency in instruction encoding. PSLL has H, and W, but where the PSLLB instruction should be, it's invalid, or something entirely unrelated.
The MINUB, and MINSW are both entirely off alignment from where one would expect them when examining the encoding of other instructions.
I don't attack SSE that it's slow. I attack SSE because I feel dirty looking at it.
Let's ask someone who understands deeply the full and total differences between AltiVec and SSE2.
Like, me. I wrote the AltiVec emulation in PearPC. Thus, I have quite a bit of authority on the differences between the two.
AltiVec has a more fleshed out assortment of instructions. SSE2, and SSE both are missing a number of instructions. Most of these don't get used often, so you're not losing much in the way of speed, but AltiVec has a more complete implementation.
EXAMPLE: PAVGB PAVGH but no PAVGW
PMINUB and PMINSW, but no PMINSB, PMINUH, PMINSH, PMAXUW
PSLLW and PSLLD, but no PSLLH, or PSSLB (same for all packed shifts)
Then, I'll point out a number of points upon the design straight from the Pentium 4 optimization guide.
Don't use SSE when 64-bits is all you're working on. This makes obvious sense for floating point code (denormals take a long time to calculate and can stall results for the stuff you want), but this is saying use MMX when only using 64-bits of data. Because, and I kid you not. They say that the 128-bit SSE is wider, and thus performs slower. (Why should it when it's PARALLEL execution.)
Also, SSE3 is breaking parallel operations by providing horizontal instructions. Why even vectorize these, they're going to run as slow as scalar operations. Ok, so you get out of passing it back out to memory, but come on, the idea of a vectorization unit is to perform parallel vector math. But I understand the strong desire to make things work fast rather than proper, and avoiding those few clock-cycles means that they're willing to stall a vector unit on a scalar operation.
Um... what do we have left. AH yes. The problem of XORPS vs PXOR. They both do the same thing right? They XOR the value of one 128-bit register against another 128-bit register. But there's a fundamental point here. If you use XORPS on an XMM register, which is integer, then you're going to get slow down. If you use PXOR on an XMM register, which is floating point, then you're going to get slow down. Now this really isn't a problem when you can track this information and such. But really. Shouldn't these both be equated to the same microcode, and handled by say, a logic vector unit that handles permutes (sorry, shuffles) and logic? WOULDN'T THAT MAKE SENSE. Not apparently to the SSE designers.
Now, SSE2 yes had double-percision floating point in 128-bit vector registers, which gets you a whole incredible 2 elements per vector. Wow, that's definitely worth the overhead of using vector registers, and insuring alignment, etc. Plus, the G5 can issue two identical FPU instructions at one time, and since all PowerPC math is done in double-precision (or better internally to an instruction) you get two double-precision operations per cycle. Wow, I can see a true benefit for hacking in double precision support into AltiVec.
Now, if you want to debate any of these points, I'll gladly point you to the proper resource to prove my point, as I use them constantly in my work on emulating AltiVec with SSE.
(BTW: emulating SSE with AltiVec would be almost painfully simple compared to AltiVec in SSE. It's almost entirely a proper superset of SSE.)
Oh, last, let's not forget about those wonderful instructions that Apple must have told someone to put in there, because they're used for Anti-aliasing fonts, and icons, and are just used all over the place in OSX: vmhraddshs, etc. Which will likely never have a single instruction equivalent in SSE.
Slashdot Mirror
But without an IP, you would not be able to actually communicate with the IP-less router. No matter what the OS is that's doing the filtering.
Sure, you could overwrite the stack, get it to run some arbitrary code, but unless you could transport enough code to be able have it spontaneously pick up an IP and become addressible, then you're still just poking into the dark.
It's like write-only memory. You know you exploited the machine, and it's now executing your arbitrary code. But it can't talk back to you, because it doesn't have an address to open a socket so it can talk to you.
I can see your point there. And I must admit that Windows has been known to have problems with certain malformed packets.
Of course, the attack would really be limited to causing DoS, and there would still be little concern of a remote exploit.
One would *really* have to handle packets very bad to allow for a usable remote exploit of an unaddressable packet filter.
Alright... heh, and while I agree that going back to the pengiun is definitely an option, and especially must be compared when first securing a network/firewall.
;)
It's just in a long clump of OpenBSD posts, a post of "You could use Linux" is likely to be taken as Zealotry
Why is it not ironic...
Because ironic would be my saying that I run OpenBSD because it's never been hacked, and then being hacked myself.
My statement that OpenBSD is a good OS to choose because it has a low track-record of remote exploits is perfectly justified. Just because I've had an OpenBSD system hacked on the one remote exploit in 4 years, doesn't dilute my arguement.
Telling someone to run a software firewall on a notoriously insecure operating system is fundamentally flawed. Software fails, and if a software firewall fails, then the system is open to attack. If that system is insecure to begin with, then it's a horrible situation. Because the person thinks that they are secure, because of the firewall, but they're not.
If you have a piece of blackbox acting as your firewall, which no one can get into and out of except with physical access, then there is no remote exploit into that box. If you have that box setup where if it fails it will take out the connection, then you're safe because the computers behind it will be safe *even in failure*.
My problem was that I had made so that I would ssh into my firewall to get into my network. This meant that my firewall was directly attackable. No operating system is perfectly secure, but OpenBSD is as close on the default install as one can get right now. And OpenBSD on the whole has only failed once in the default install in over 4 years.
Show me a track record like that with Windows, or Linux.
Your (this is just to piss you off) not reading his comment. If it's an IP-less system then it *CAN'T* get targeted by attackers.
See, if the computer is unaddressable, then there is no way to get to it. This is why people don't attack HUBs. Because there's nothing to attack.
Even if you were managing a Windows system as your ip-less bridge, then no one except with physical access could actually interface with it. So, you wouldn't even need to patch it.
This is why IP-less routers are so much better than addressed routers. You're not relying on security of the software, you're effectively making it a chunk of wire in the path of communication. There, and effective, but unattackable.
Nice tool
But I already have something that works. OpenBSD+pf.
Why would I want to take down my internet connection and spend hours reconfiguring something else just to have Linux+Shorwall running on it.
OpenBSD+PF gets the job done, and it gets it done the way I want it done.
I'm not so locked into using Linux that I would pass over OpenBSD just because it's not Linux.
Ah... nifty idea... I like it... Well, as it is right now, there is a monitor attached to the firewall.
We really have that many monitors that we don't know what to do with them. Same goes for full mobo+cpu+memory combos. (Although, that's my fault, not anyone elses. The monitors are just generally everyones fault for having more than one.)
I'll keep this trick in mind when I move out on my own, and have full and total control over every detail of my network.
What the heck service did you install on the OpenBSD box to get it hacked?
OpenSSH. You know, the whole privsep thing that was the only exploit in a default install in 4 years...
Are you sure you are human?
Why do you ask are you sure you are human?
Yes, but IPTables is so.... ugly...
I mean, pf is just so much nice to interact with.
In linux, I download a firewall script that does all the IPTables work for me.
But with OpenBSD, I sit there and craft my own pf.conf, and I know exactly the behaviour that I'm to expect, and want.
But yes. Linux+IPTables is still way better than Windows + software firewall.
I have to agree. I use OpenBSD for my firewall, then I poke holes through to my Linux server for HTTP, and SSH.
/etc/pf.conf system-immutable (so I had to reboot into single user mode to fix it.)
This avoids the situation that I had previously when someone hacked into my machine. They hacked into my OpenBSD firewall, then opened it all up, and marked my
This way, if they hack my Linux server, they'd still have to hack into my OpenBSD box in order to open up the ports. I have plans to lock that up tight on both ends, so you need physical access to access it.
At that point, I'm as secure as I can get from across-the-world hackers.
PearPC.net has been going on about "Nipple"s.
I think someone over there thinks it's absolutely hilarious.
God, I hate how you all act that this is something new.
Did you know that the Army recruiters in the area that you attented high school from have your name, address, and number *ALREADY*?
I'm serious, I saw the book with the class just after mine. It's a huge log book with names, numbers, and addresses along with colomns listed for writing information obtained from a call. That way they're up-to-speed on what whoever they talked to before told them.
A few of the entries had: "Do not call anymore." listed.
Seriously, I don't see this database as any different from digitizing what they're already doing. So, if you're going to complain now, then complain about what they're already doing.
Ok, instead of pirating, I'll do exactly what I was intending on doing anyways. Not buying it.
Yeah, I could support the Zeta people, but I don't exactly know how enjoyable it would be to use their OS. So, I'll just continue with my alternate legal option to wasting money on something that I'm unsure of.
Take a junior programming job that requires little/no experience, prove your metal and advance quickly. That's the only way it's going to happen, you're not going to just get given a flashy job just because Linus and co managed it back when .coms had fucktons of cash and you are on sourceforge.
Wow, it's like you know exactly what I'm doing wrong, even though you haven't done any serious looking into it.
I have applied to entry level jobs. That's pretty much all I've been applying to. The problem is that people are scared to hire you in an entry level position, because you're "overqualifed." (This is the only thing I can figure.)
Thinking about this, it does make sense. Many people balk at the idea of hiring someone who's far above in ability or education than required for the job, because they know that the person is basically planning on using them, and the second they get offered a job more commensurate with their abilities/skills with a decent salary, poof, they're gone.
This just isn't a threat with the majority of entry-level programmers, because they're not capable of jumping to experienced until they've put in a decent amount of work. But, if I have a portfolio, and prove experience... well, then obviously I won't be satisfied with an entry-level programming position. And the second I start shining out like that, they'll be expecting for me to come by asking for a raise, or I leave for company XY, which is willing to pay me what I feel I'm worth.
I dunno... I'm just trying to rationalize why I'm being rejected for even entry-level jobs from everyone.
stop ruining my gag by actually laughing. ... ...
you insensitive clod.
Yeah, it would definitely be awesome to see them make the CPU architecture itself a trivial, and unimportant aspect of the computer.
Think of the skill required to write viruses. You'd have to be able to generate fat viruses that would infect each architecture.
I'd say you're spouting crap with the whole Cocoa runtime... but then I'd have said you were spouting crap about Marklar up until the WWDC last week.
OUCH!
Alright, you have me beat. Of course, for awhile I was answering phone calls for PeoplePC sales.
One time, this guy calls up, and he tells me, "I probably know more about computers than anyone there!" In a very thick cowboy accent.
I was like... "wow, really, sir? That's impressive." Meanwhile, I was working on the PearPC AltiVec emulation.
Through the course of the conversation, it became apparent (because he told me) that he only needed PeoplePC to play Star Wars Galaxies: Jump to Lightspeed
Hint to everyone out there: Just because you think you're the hot shit, and you're calling in some tech sales line, doesn't mean you won't find a fellow geek, who knows his shit better than you. It's just very highly unlikely.
Yeah, Steve Jobs definitely brought a lot back to the company.
...
It was definitely a good move. Of course, I like the CARS article when Al Gore was brought onto the board. Suggesting some sort of recount.
Which was funny, because Al Gore had just lost, and had demanded a recount in Florida, but that fell through. And they're parallizing...
fine, don't laugh at my stupid joke.
there was a torrent out there, but it turns out it was just a pic of catherine zeta jones.
Funny thing is the torrent is still going strong.
Yeah, all this talk about getting the talented people into good well paying FOSS-compatible jobs. It'd be nice, right?
Real world doesn't work that way. No one seems to care if you have experience in Open Source Programming. The FOSS development model and environment is entirely different from commerical programming.
So, we're all stuck out here at the fringe with the skills and the talent, but no one wants to hire us, because we'll expect a pay commensurate with our talent, but yet we don't have the experience to validate it most of the time.
So, we either take some lame entry-level position, (not to imply that entry-level positions are bad. I'd happily take one just to get a job in my field and start building commercial experience) or we end up getting rejected by everyone, either because we want too much money, or our experience just doesn't align with the position.
Fact is, that I've spent my whole college career working in FOSS, and am a really good programmer, but no one seems to care about that crap. They just see another moron with no work experience, who wants a salary at the same level as someone with reasonable experience. (And for all the detractors out there, I've applied for jobs asking for low salary levels, and they still don't care.)
It's quite depressing that I get to install security systems, because no one wants to pay me for my programming skill.
Intel chips have SSE2, which for the most part, is faster than AltiVec (at least on the newer chips which will be available in 2006)
AltiVec is just a more robust design.
So, take your pick on what you think is better: speed => Intel, design => PowerPC
The consumer, who votes with their wallet, and the lack of progress in the PowerPC development has forced Apple to go for the Intel and speed, rather than the superior design of the PowerPC.
Same problem is with the BIOS. OpenFirmware is way much better than the Standard PC BIOS, but *shrug* can't use commodity PC hardware without it, so Apple would screw themselves just as bad if they went with OpenFirmware. (Funny thing is, if they did keep OpenFirmware, you could still use the same video cards, etc that you used on your PowerPC Mac. But people would wonder why you couldn't use this PC Video Card, on a PC Apple, and that wouldn't be good.)
Hm... good point. Apple worked pretty close with Motorola to provide certain instructions for sure. I imagine it might be possible that they're working with Intel now to try and get them to insert certain instructions, which would accelerate the graphics in OSX through vector usage.
Of course, this generally only matters in the software driver backup, so this may not be that big of a concern.
Of course, because of their ad-hoc design, I think it would likely be hard for them to add in missing instructions now. Like PSLLB, and PMINxx where xx is anything but UB, or SW.
Well, I'll not discuss which is *faster*, because like you mentioned. It depends.
What I'm here to say, is that AltiVec is more complete and fleshed-out than SSE.
SSE feels *way* too much like a hack than an extention. It's missing some basic functionality and consistency in instruction encoding. It basically shows almost no forethought towards being an extention, but rather just a collection of functions that Intel said, "Darn, it'd be really nice if we could do this..."
As for the point of consistency in instruction encoding. PSLL has H, and W, but where the PSLLB instruction should be, it's invalid, or something entirely unrelated.
The MINUB, and MINSW are both entirely off alignment from where one would expect them when examining the encoding of other instructions.
I don't attack SSE that it's slow. I attack SSE because I feel dirty looking at it.
Let's ask someone who understands deeply the full and total differences between AltiVec and SSE2.
Like, me. I wrote the AltiVec emulation in PearPC. Thus, I have quite a bit of authority on the differences between the two.
AltiVec has a more fleshed out assortment of instructions. SSE2, and SSE both are missing a number of instructions. Most of these don't get used often, so you're not losing much in the way of speed, but AltiVec has a more complete implementation.
EXAMPLE:
PAVGB
PAVGH
but no PAVGW
PMINUB and PMINSW, but no PMINSB, PMINUH, PMINSH, PMAXUW
PSLLW and PSLLD, but no PSLLH, or PSSLB (same for all packed shifts)
Then, I'll point out a number of points upon the design straight from the Pentium 4 optimization guide.
Don't use SSE when 64-bits is all you're working on. This makes obvious sense for floating point code (denormals take a long time to calculate and can stall results for the stuff you want), but this is saying use MMX when only using 64-bits of data. Because, and I kid you not. They say that the 128-bit SSE is wider, and thus performs slower. (Why should it when it's PARALLEL execution.)
Also, SSE3 is breaking parallel operations by providing horizontal instructions. Why even vectorize these, they're going to run as slow as scalar operations. Ok, so you get out of passing it back out to memory, but come on, the idea of a vectorization unit is to perform parallel vector math. But I understand the strong desire to make things work fast rather than proper, and avoiding those few clock-cycles means that they're willing to stall a vector unit on a scalar operation.
Um... what do we have left. AH yes. The problem of XORPS vs PXOR. They both do the same thing right? They XOR the value of one 128-bit register against another 128-bit register. But there's a fundamental point here. If you use XORPS on an XMM register, which is integer, then you're going to get slow down. If you use PXOR on an XMM register, which is floating point, then you're going to get slow down. Now this really isn't a problem when you can track this information and such. But really. Shouldn't these both be equated to the same microcode, and handled by say, a logic vector unit that handles permutes (sorry, shuffles) and logic? WOULDN'T THAT MAKE SENSE. Not apparently to the SSE designers.
Now, SSE2 yes had double-percision floating point in 128-bit vector registers, which gets you a whole incredible 2 elements per vector. Wow, that's definitely worth the overhead of using vector registers, and insuring alignment, etc. Plus, the G5 can issue two identical FPU instructions at one time, and since all PowerPC math is done in double-precision (or better internally to an instruction) you get two double-precision operations per cycle. Wow, I can see a true benefit for hacking in double precision support into AltiVec.
Now, if you want to debate any of these points, I'll gladly point you to the proper resource to prove my point, as I use them constantly in my work on emulating AltiVec with SSE.
(BTW: emulating SSE with AltiVec would be almost painfully simple compared to AltiVec in SSE. It's almost entirely a proper superset of SSE.)
Oh, last, let's not forget about those wonderful instructions that Apple must have told someone to put in there, because they're used for Anti-aliasing fonts, and icons, and are just used all over the place in OSX: vmhraddshs, etc. Which will likely never have a single instruction equivalent in SSE.