Anyone notice they (temporarily?) took this article off the Slashdot main page? Slashdot was probably contributing to the DDoS. Prudent thing to do I suppose...
I'm not sure about other solid state technologies, however most Compact Flash that I've seen tends to have a very limited number of erase cycles (300k - 1M), before bits can no longer be stored reliably.
While a million write cycles might last digital camera users for many years, I'd be willing to bet that a hefty Linux or Windows user would reach that cycle limit on parts of the disk(particularly virtual memory) in just a few weeks.
Faced with a choice between "quick and dirty" versus a long process that is not even ready to produce code until everything is known, there isn't a company in the world who won't go with quick and dirty.
You obviously haven't heard of 3D Realms, developers of the (hotly?) anticipated game DukeNukem Forever.
According to their FAQ:
* 1.11 - When will DNF be released?
DNF will be released "When It's Done." What this means is that 3D Realms will not release the game until they are sure it is the best first person shooter ever. There is no exact date, and any dates currently offered by anyone are purely speculation.
Actually, this is exactly where a portion of the security community is currently focusing. With a deep enough level of protocol understanding, it's often possible to write generalized algorithms that detect (and presumably block) novel attempts to exploit a known vulnerability. For example, in the case of SQL Slammer, the buffer overflow vulnerability disclosure came many months before the worm hit, and at least a couple intrusion detection vendors were able to positively identify the exploit attempt without requiring an update -- one of the keys to protection against such a rapidly propagating worm.
Come to my place. We will run a double blind experiment in which you will randomly switch a CRT between 60 Hz and 75 Hz refresh rates between trials and I will do the (according to you) impossible: Detect with 100% accuracy which refresh rate is being used at any given time.
Have you used Gnome or KDE recently? When I need to get something done without having to deal with various application crashes, I'm much more impressed by the stability of Windows 2000 and XP.
Bash Mico$oft all you want, but so long as they keep producing a superior desktop product, I will continue to use it.
IMHO, the recent review performed by NSS reveals a more advanced understanding of IDS technology. They haven't evaluated quite as many NIDS in their review and instead have opted to include a few HIDS for good measure.
-Gordo
>"I wonder if these legal types are ever going to actually blame this on the actual people who are sharing..."
Hmmm... everyone knows it's the end-user at fault, but it's an ineffective strategy for the RIAA to run around shutting down millions of users... It's kinda like trying to win at an endless game of whack-a-mole (http://www.jebikes.com/java/WhackAMole/).
The only effective strategy for copyright holders is to take a few runs at the P2P distribution nodes... This will work for a time, but eventually legally untouchable networks will spring up (e.g. some distributed Gnutella-like derivative) and the record companies will be forced to devise a copy-protection standard that better protects their profits. Worst case scenario, users will be forced to make analog copies of their favorite music... and audiophiles, (and some of us who like CD booklets) will still go out and buy the albums just as we do now. And the soap opera will continue...
So all of you can stop freaking out... the RIAA is not evil, nor are lawyers, nor is MP3, P2P, Communism or Capitalism. Things have a tendency to follow a natural order of progression -- evil empires and ineffective ideas will eventually fail due to constant upheavals that reflect the ingenuity of nature.
Ever wonder why DIVX failed as a sustainable video format? Not because it didn't make sense to the marketing geniuses who dreamed it up, and not because it probably would have saved the average user some money in the long-run, but rather because they underestimated two aspects of human nature:
1. We like having that intangible feeling of personal ownership -- you know, that human desire that just happens to drive Capitalism?
2. We hate being continuously reminded that our money is slowly being taken away from us. We want to use our belongings whenever we want, without having to even think about monetary considerations.
If you take away the right to ownership over goods that people are accustomed to owning outright (especially in the face of strong competitive alternatives), you will quickly drive away potential customers.
It's an interesting experiment, but I don't think Microsoft is going to be able to pull it off in the long-run (at least not for office software).
Slashdot Mirror
Anyone notice they (temporarily?) took this article off the Slashdot main page? Slashdot was probably contributing to the DDoS. Prudent thing to do I suppose...
I'm not sure about other solid state technologies, however most Compact Flash that I've seen tends to have a very limited number of erase cycles (300k - 1M), before bits can no longer be stored reliably.
While a million write cycles might last digital camera users for many years, I'd be willing to bet that a hefty Linux or Windows user would reach that cycle limit on parts of the disk(particularly virtual memory) in just a few weeks.
Faced with a choice between "quick and dirty" versus a long process that is not even ready to produce code until everything is known, there isn't a company in the world who won't go with quick and dirty. You obviously haven't heard of 3D Realms, developers of the (hotly?) anticipated game DukeNukem Forever. According to their FAQ: * 1.11 - When will DNF be released? DNF will be released "When It's Done." What this means is that 3D Realms will not release the game until they are sure it is the best first person shooter ever. There is no exact date, and any dates currently offered by anyone are purely speculation.
Actually, this is exactly where a portion of the security community is currently focusing. With a deep enough level of protocol understanding, it's often possible to write generalized algorithms that detect (and presumably block) novel attempts to exploit a known vulnerability. For example, in the case of SQL Slammer, the buffer overflow vulnerability disclosure came many months before the worm hit, and at least a couple intrusion detection vendors were able to positively identify the exploit attempt without requiring an update -- one of the keys to protection against such a rapidly propagating worm.
Come to my place. We will run a double blind experiment in which you will randomly switch a CRT between 60 Hz and 75 Hz refresh rates between trials and I will do the (according to you) impossible: Detect with 100% accuracy which refresh rate is being used at any given time.
Have you used Gnome or KDE recently? When I need to get something done without having to deal with various application crashes, I'm much more impressed by the stability of Windows 2000 and XP.
Bash Mico$oft all you want, but so long as they keep producing a superior desktop product, I will continue to use it.
IMHO, the recent review performed by NSS reveals a more advanced understanding of IDS technology. They haven't evaluated quite as many NIDS in their review and instead have opted to include a few HIDS for good measure. -Gordo
>"I wonder if these legal types are ever going to actually blame this on the actual people who are sharing ..."
Hmmm... everyone knows it's the end-user at fault, but it's an ineffective strategy for the RIAA to run around shutting down millions of users... It's kinda like trying to win at an endless game of whack-a-mole (http://www.jebikes.com/java/WhackAMole/).
The only effective strategy for copyright holders is to take a few runs at the P2P distribution nodes... This will work for a time, but eventually legally untouchable networks will spring up (e.g. some distributed Gnutella-like derivative) and the record companies will be forced to devise a copy-protection standard that better protects their profits. Worst case scenario, users will be forced to make analog copies of their favorite music... and audiophiles, (and some of us who like CD booklets) will still go out and buy the albums just as we do now. And the soap opera will continue...
So all of you can stop freaking out... the RIAA is not evil, nor are lawyers, nor is MP3, P2P, Communism or Capitalism. Things have a tendency to follow a natural order of progression -- evil empires and ineffective ideas will eventually fail due to constant upheavals that reflect the ingenuity of nature.
Ever wonder why DIVX failed as a sustainable video format? Not because it didn't make sense to the marketing geniuses who dreamed it up, and not because it probably would have saved the average user some money in the long-run, but rather because they underestimated two aspects of human nature:
1. We like having that intangible feeling of personal ownership -- you know, that human desire that just happens to drive Capitalism?
2. We hate being continuously reminded that our money is slowly being taken away from us. We want to use our belongings whenever we want, without having to even think about monetary considerations.
If you take away the right to ownership over goods that people are accustomed to owning outright (especially in the face of strong competitive alternatives), you will quickly drive away potential customers.
It's an interesting experiment, but I don't think Microsoft is going to be able to pull it off in the long-run (at least not for office software).
--Gordo