My question is do we have to pay money for this? Maybe there is something I'm missing, but isn't VOIP the same thing as any other TCP/IP application? I don't pay my ISP for other TCP/IP services individually (email, web, news, streaming radio, etc), so why should I have to pay for low quality streaming voice signal?
AMD designed the Athlon 64 to work with 32-bit and 64-bit software, in an effort to bridge the gap between the two applications. The move to 64 bits from 32 bits, which has already begun in servers, promises to boost the performance of PCs, partially by enabling them to use more RAM. But the software that will make the jump possible is still in the developmental stage.
So servers are starting to switch to 64bit machines now eh? I thought it was 2003 not1993.
Later they say that WindowsXP 64 will be out "later next year" (tm). I don't see the big deal around the 64bit hype. I've been using 64bit machines for years and I only see a difference when dealing with large files (>2gig), which is partly or mostly a software issue or other very large stuff like addressing up to 4 gigs of RAM in one app. I've never had these problems doing "normal" PC computing like email, graphics, music, web surfing.
Anyway, it looks like 64bit computing is about to become standard. Yeah! Back to work.
Yeah, and even if a canadian (just kidding) can figure out what can be done after reading a 5 minute blurb on slashdot, think about a halfway bright and motivated hacker might do.
My question, if these systems are so easy to get into, is there any kind of disclosure by the govn't regarding these breaches? It seems to me like it might be important.
Btw, I'm at a DOE lab right now. I havn't tried breaking into anything, but it appears as though security is pretty tight here and we don't have any really interesting data that people might want to steal. Every machine here is behind a firewall, and I believe that there are only a handful of ports and services that are available to the outside world, and those are watched pretty good.
Yeah, that is a risk, however, you still can't disable TELNET. It is required."
I was in a similar situation, and I modified the telnet daemon so that a password wasn't required and put the telnet app on a different port and tcp wrappered that port. Granted this wasn't financial info, but I could not have a plaintext password going to a mission critical system.
When it comes to classified systems and networks, the government is pretty damn secure.
I can't remember specifically who owned the system, but there is a supercomputing facility for the military where all input and output files are hand carried, aka sneakernetted, into and out of the facility. There is 0 networking into or outof the room.
Not so with software. You can't know what hardware the end user will use.
Software products already have supported hardware stuff on the boxes. Your saying that a piece of software cannot be certified to do said function on X pieces of hardware?
You can;t know every little idiosyncracy of every private network on the planet.
So? This product is certified to run on any standard ethernet network or whatever, does not seem too difficult.
You can't cover every edge case.
Dunno what this is, next.
Standardized testing like hardware can be put through is far less meaningful in such an environment.
Dunno what this is, next.
This is not to say that testing, particularly thotough and thoughful testing is not desirable, I just suspect that it takes something other than a cookie cutter approach to test software thoroughly.
You cannot test all input parameters, there are infinite inputs. You can say what is "acceptable input". You can test for that every time, and reject anything that is not acceptable. I see no reason that an OS should crash without help from faulty hardware.
The hardware approvals include functionality tests that ensure that the product works as intended in any way the user would handle it (even unsuitable use).
You can get that in software, but your gonna pay for it. There are contracts for medical, government, military, transportation, etc that say that the software will work(tm).
Would such approvals for commercial software improve the quality of the products, including minimizing the risk of data loss and heightening the security? In other words, would it facilitate or inhibit the creation of good software?"
Would it improve quality? Of course. But I can't think of any consumer level software that a) costs a significant amount of money and b) is of such poor quality that the customer needs some kind of preemtive certification saying its OK. (No windows jokes, please).
Software would cost more because of it, and I seriously doubt it would overall improve quality. Not too many ppl have THX certified home theaters, but many have hts and like them ok, and much more just have a TV or nothing.
Btw, the toy this guy is developing is pretty cool. Check out the samples before its slashdoted.
Make it something people *want* to spend the $$$ on.
People already want to. People want to see concerts so bad that they have no problem giving ticketmaster about 15 dollars for the priveledge of selling them a ticket with a face value of 40. For really popular concerts its not uncommon for people to pay hundreds of dollars for a single ticket. But you might say, concerts != albums. No, they don't, but it does say that there is money that people are willing to pay for music. I hate repeating myself, but I will.
Give us our money's worth you fuckers! For the price of a CD I _expect_ good album art, lyrics, the content in multiple digital formats. At least. And btw, those oldies that people are downloading and collecting in droves should be about 5 dollars. A music recording is just that, its not a press for money. There is no excuse for a Beatles album to cost 12 to 20 bucks. 1/2 of them are dead, and I don't feel like contributing to Michael Jackson's child molestation defense fund. I gave at the office. (For those that don't know MJ owns I think 1/2 of the beatles rights, he used to have 100%).
Music is a part of the human experience. It is something that defines us as a culture and has been ever since sticks were 1st beat on something and it made a sound. People want it, and will pay for it. People don't care or necessarily want musicians and execs in the music industry to make 7 and 8 figures a year.
Look at Gnome and KDE. Both great windowing managers. Both took great amounts of time and effort to make.
I thought that Gnome and KDE were entirely different from the ground up. KDE is stuck ontop of the qt toolkit and Gnome on gtk, etc.
Yet for joe-six-pack-end-user (which everyone here on slashdot eventually wants as linux users, right?) , there isn't "multiple window managers", there is the start menu, and he doesn't really care whether it is a "K" or a "foot" down in the lower left hand corner.
Ha! Yes, we all love joe-six-pack, and yes slashdoters want him to be the poster child for linux that runs a windowing environment that looks just like windows. He will then be promoted to joe-twelve-pack because he's using a free (as in beer) OS now. Nirvana is the next level!
What isn't stated in the article is that there aren't that many human interface experts working in open source. Most interfaces are done either by programmers themselves, or graphic designers who have no idea how most users navigate through systems. What good open source projects need is human interface experts who are willing to lend their knowledge to make a easier navagatable program.
In my experience, I have seen few human interface experts that have been involved in any software product. The notable exception is Apple, they even put the stuff on the web. On a side note, I really like the "interface" to UNIX/Linux like stuff because it was created for and by "us". However, the interface is not too "friendly" for our soon to be joe-twelve-pack.
I think that there should be more open standards and compliance to them vs. battling over Gnome and KDE, distros, etc. You can't go wrong complying with a spec (although the spec may be wrong:)
...has written a article saying that the hidden costs of OS add up to a higher TCO
OK, 1st I have never seen a valid way of _measuring_ TCO and this guy can measure "hidden costs" in TCO. So are these "hidden" costs things like security breaches, viri, worms, buggy software, new bugs introduced by a patch/upgrade, etc? And these things can be preemptively quantified in terms of $$ ?? !! Amazing.
Now with the forking problem. Well, its a part of life. Churches do it, companies do it, religions do it, nations do it. I have never been negatively affected by a forked opensource project. The biggest fork of a project I can think of was when gcc was forked into egcs, which was eventually unforked back into gcc. I'd take the gcc we have today over the one years ago anytime. Even with the gcc/egcs fork there was no problems any different from an upgrade from any complex computer program.
And in closed source, this keeps "forks" from happening? Closed source companies go out of business, their programers go to other companies, etc. Although code rarely gets transfered when these things happen, other closed source projects spring up to compete or fill some void for people. That is similar to a fork except its more like a rewrite.
Back to work. I've got to unhide some hidden costs to lower the TCO for my PHB ASAP.
How about a change of paradigms? Passwords suck. Always have, always will. All they say is that some bozo knows some pseudorandom string of characters. How many of you have typed your password accidentally in plaintext because of a typo like typing 'us' instead of 'su' and then throwing your password in there. Hell, I used to look in people's.bash_history file for passwords before they thought it was a good idea to not let that file be world readable.
Lets talk about real tokens like those RSA keychains, smartcards, biometrics. Passwords will NEVER be secure. As an exercise to the reader, go randomly call up any business and see how many passwords you can get from people over the phone just by asking them.
Maybe I'm nop paranoid enough, but I've never been too concerned about the security of people's passwords after root has been compromised, so I don't care what format the hashes are in/etc/shadow.
Also, the method of "cracking" crypt() passwords can generate collisons, so the password that worked on one system may not work on another (because of different salts used).
My opinion is that having NVIDIA work with kernel developers to come up with fully open-source, GPL licensed Linux drivers for their hardware would be better than ever releasing a single binary-only driver.
Agreed. In my opinion having everything in life matching up to my ideals would be better than not.
NVIDIA haven't given us anything for free.
I cannot ever remember when a hardware manufacturer has ever given me anything for free (aside from toys/tshirts at trade shows). And I've worked on millions of dollars with hardware over the years, those fuckers.
Experience shows us that, over time, Linux kernel programmers write far superior Linux drivers than the hardware manufacturers.
Wake me up when the Intel e100 driver in linux is better than Intel's. Granted most of the hardware drivers provided in the kernel itself are pretty damn good and I prefer to use them over a binary module.
The drivers cause mysterious kernel panics which can't be debugged because they originate from somewhere inside a black box that only NVIDIA may look at.
Maybe the kernel interface should provide better glue between the driver and the kernel itself so that they can be debugged, or maybe if its too much of a problem having binary modules, there is nothing to stop them from existing by either changing the lincense of the kernel to disallow them or at the end user level by choosing more "open" hardare.
I'm not clear what you are complaining about. What is your obsession with having an NVIDIA video card? There are many others out there, some even with opensource drivers. Just like OSes, there are many out there. Some are open and free, some (most in terms of # installed) are not. Are you going to complain next that Solaris, Windows and MacOS are closed source when you knew that upfront?
cities provide many services; stuff like road repair, snow removal, parks and open space, police, fire, methodone clinics, subsidized public transport, recreation centers, public pools, wildlife management, etc... You may not use or want some particular service, but I bet you rely on some of them
Yes, I do rely on some of them and don't mind paying for all of them in my $1,600 in annual taxes. But to be ontopic, I do mind getting a water bill (after paying my $1,600 in annual city taxes) that says:
I usually think its tacky replying to oneself, but I just remembered something.
I rented a PODS storage unit. Upon ordering it I was suckered into a $5 charge for "POD insurance". It was only $5, and I assumed a one time fee, so I said sure.
I then found out that I was being billed $5 a month for said insurance.
Get this. The insurance was for their property on their property. I inquired as to how I could be in any way shape or form responsible for anything if I didn't pay this insurance, and noone could answer. So I had them credit my account for any such insurance charges.
I've noticed this for years and its gotten entirely out of hand. I am now forced to ask people stupid questions like "How much does the $19.95 a day truck cost?" I was shocked to find out that at UHaul it actually cost 19.95 plus mileage.
I refuse to get phone service because of this, cell or otherwise. It is insane that the priveledge of using over 100 year old technology to talk to people costs on order of 1/2 the amount to power my house for a month.
I pay over $1,600 dollars a year in taxes for my house which is in a city. I always thought that city == trash pickup because of said taxes. Nope, they charge me 15 bucks a month on my water bill for trash, plus 4 dollars "maintence" on the sewer systems. I dunno what the sewer charge is for.
The only way that this is going to stop is if people stop paying for it. I have asked hotels to take off the safe charge.
Back to the phone thing. I promptly canceled my last phone after the 12.95 a month phone cost me over $26 (yes thats double!). I told them that it was deceitful and false advertising and under no circumstances was I goint to pay that, and I have been without a phone for 6 months or so (my work does pay for a cell, so I'm not that hardcore). This phone thing really pissed me off because it was a switch of providers that I agreed to because it was going to save me $10 a month. Being that I was writing a check for over $26 before and after, I do not see how I was saving anything. These extra costs make price comparison imposible and I think that it should be illegal.
So Sun is changing their mind about the cost of a product. Whats next, Sun offering an AMD processor with Linux?
These people are getting really wierd.
Ha!
My question is do we have to pay money for this? Maybe there is something I'm missing, but isn't VOIP the same thing as any other TCP/IP application? I don't pay my ISP for other TCP/IP services individually (email, web, news, streaming radio, etc), so why should I have to pay for low quality streaming voice signal?
AMD designed the Athlon 64 to work with 32-bit and 64-bit software, in an effort to bridge the gap between the two applications. The move to 64 bits from 32 bits, which has already begun in servers, promises to boost the performance of PCs, partially by enabling them to use more RAM. But the software that will make the jump possible is still in the developmental stage.
So servers are starting to switch to 64bit machines now eh? I thought it was 2003 not 1993.
Later they say that WindowsXP 64 will be out "later next year" (tm). I don't see the big deal around the 64bit hype. I've been using 64bit machines for years and I only see a difference when dealing with large files (>2gig), which is partly or mostly a software issue or other very large stuff like addressing up to 4 gigs of RAM in one app. I've never had these problems doing "normal" PC computing like email, graphics, music, web surfing.
Anyway, it looks like 64bit computing is about to become standard. Yeah! Back to work.
Yeah, and even if a canadian (just kidding) can figure out what can be done after reading a 5 minute blurb on slashdot, think about a halfway bright and motivated hacker might do.
My question, if these systems are so easy to get into, is there any kind of disclosure by the govn't regarding these breaches? It seems to me like it might be important.
Btw, I'm at a DOE lab right now. I havn't tried breaking into anything, but it appears as though security is pretty tight here and we don't have any really interesting data that people might want to steal. Every machine here is behind a firewall, and I believe that there are only a handful of ports and services that are available to the outside world, and those are watched pretty good.
Yeah, that is a risk, however, you still can't disable TELNET. It is required."
I was in a similar situation, and I modified the telnet daemon so that a password wasn't required and put the telnet app on a different port and tcp wrappered that port. Granted this wasn't financial info, but I could not have a plaintext password going to a mission critical system.
When it comes to classified systems and networks, the government is pretty damn secure.
I can't remember specifically who owned the system, but there is a supercomputing facility for the military where all input and output files are hand carried, aka sneakernetted, into and out of the facility. There is 0 networking into or outof the room.
Not so with software. You can't know what hardware the end user will use.
Software products already have supported hardware stuff on the boxes. Your saying that a piece of software cannot be certified to do said function on X pieces of hardware?
You can;t know every little idiosyncracy of every private network on the planet.
So? This product is certified to run on any standard ethernet network or whatever, does not seem too difficult.
You can't cover every edge case.
Dunno what this is, next.
Standardized testing like hardware can be put through is far less meaningful in such an environment.
Dunno what this is, next.
This is not to say that testing, particularly thotough and thoughful testing is not desirable, I just suspect that it takes something other than a cookie cutter approach to test software thoroughly.
You cannot test all input parameters, there are infinite inputs. You can say what is "acceptable input". You can test for that every time, and reject anything that is not acceptable. I see no reason that an OS should crash without help from faulty hardware.
Posting anonymously. Hi, boss!
Way to make a stand on the subject! I guess your OK with any old burger.
The hardware approvals include functionality tests that ensure that the product works as intended in any way the user would handle it (even unsuitable use).
You can get that in software, but your gonna pay for it. There are contracts for medical, government, military, transportation, etc that say that the software will work(tm).
Would such approvals for commercial software improve the quality of the products, including minimizing the risk of data loss and heightening the security? In other words, would it facilitate or inhibit the creation of good software?"
Would it improve quality? Of course. But I can't think of any consumer level software that a) costs a significant amount of money and b) is of such poor quality that the customer needs some kind of preemtive certification saying its OK. (No windows jokes, please).
Software would cost more because of it, and I seriously doubt it would overall improve quality. Not too many ppl have THX certified home theaters, but many have hts and like them ok, and much more just have a TV or nothing.
Btw, the toy this guy is developing is pretty cool. Check out the samples before its slashdoted.
You can't compare colectables to comodity products. Look at beanie babies.
Make it something people *want* to spend the $$$ on.
People already want to. People want to see concerts so bad that they have no problem giving ticketmaster about 15 dollars for the priveledge of selling them a ticket with a face value of 40. For really popular concerts its not uncommon for people to pay hundreds of dollars for a single ticket. But you might say, concerts != albums. No, they don't, but it does say that there is money that people are willing to pay for music. I hate repeating myself, but I will.
Give us our money's worth you fuckers! For the price of a CD I _expect_ good album art, lyrics, the content in multiple digital formats. At least. And btw, those oldies that people are downloading and collecting in droves should be about 5 dollars. A music recording is just that, its not a press for money. There is no excuse for a Beatles album to cost 12 to 20 bucks. 1/2 of them are dead, and I don't feel like contributing to Michael Jackson's child molestation defense fund. I gave at the office. (For those that don't know MJ owns I think 1/2 of the beatles rights, he used to have 100%).
Music is a part of the human experience. It is something that defines us as a culture and has been ever since sticks were 1st beat on something and it made a sound. People want it, and will pay for it. People don't care or necessarily want musicians and execs in the music industry to make 7 and 8 figures a year.
Look at Gnome and KDE. Both great windowing managers. Both took great amounts of time and effort to make.
:)
I thought that Gnome and KDE were entirely different from the ground up. KDE is stuck ontop of the qt toolkit and Gnome on gtk, etc.
Yet for joe-six-pack-end-user (which everyone here on slashdot eventually wants as linux users, right?) , there isn't "multiple window managers", there is the start menu, and he doesn't really care whether it is a "K" or a "foot" down in the lower left hand corner.
Ha! Yes, we all love joe-six-pack, and yes slashdoters want him to be the poster child for linux that runs a windowing environment that looks just like windows. He will then be promoted to joe-twelve-pack because he's using a free (as in beer) OS now. Nirvana is the next level!
What isn't stated in the article is that there aren't that many human interface experts working in open source. Most interfaces are done either by programmers themselves, or graphic designers who have no idea how most users navigate through systems. What good open source projects need is human interface experts who are willing to lend their knowledge to make a easier navagatable program.
In my experience, I have seen few human interface experts that have been involved in any software product. The notable exception is Apple, they even put the stuff on the web. On a side note, I really like the "interface" to UNIX/Linux like stuff because it was created for and by "us". However, the interface is not too "friendly" for our soon to be joe-twelve-pack.
I think that there should be more open standards and compliance to them vs. battling over Gnome and KDE, distros, etc. You can't go wrong complying with a spec (although the spec may be wrong
...has written a article saying that the hidden costs of OS add up to a higher TCO
OK, 1st I have never seen a valid way of _measuring_ TCO and this guy can measure "hidden costs" in TCO. So are these "hidden" costs things like security breaches, viri, worms, buggy software, new bugs introduced by a patch/upgrade, etc? And these things can be preemptively quantified in terms of $$ ?? !! Amazing.
Now with the forking problem. Well, its a part of life. Churches do it, companies do it, religions do it, nations do it. I have never been negatively affected by a forked opensource project. The biggest fork of a project I can think of was when gcc was forked into egcs, which was eventually unforked back into gcc. I'd take the gcc we have today over the one years ago anytime. Even with the gcc/egcs fork there was no problems any different from an upgrade from any complex computer program.
And in closed source, this keeps "forks" from happening? Closed source companies go out of business, their programers go to other companies, etc. Although code rarely gets transfered when these things happen, other closed source projects spring up to compete or fill some void for people. That is similar to a fork except its more like a rewrite.
Back to work. I've got to unhide some hidden costs to lower the TCO for my PHB ASAP.
How about a change of paradigms? Passwords suck. Always have, always will. All they say is that some bozo knows some pseudorandom string of characters. How many of you have typed your password accidentally in plaintext because of a typo like typing 'us' instead of 'su' and then throwing your password in there. Hell, I used to look in people's .bash_history file for passwords before they thought it was a good idea to not let that file be world readable.
Lets talk about real tokens like those RSA keychains, smartcards, biometrics. Passwords will NEVER be secure. As an exercise to the reader, go randomly call up any business and see how many passwords you can get from people over the phone just by asking them.
Sometimes you can just do "ypcat -k passwd" and get the hash...
You must be confused into thinking NIS is secure.
Maybe I'm nop paranoid enough, but I've never been too concerned about the security of people's passwords after root has been compromised, so I don't care what format the hashes are in /etc/shadow.
Also, the method of "cracking" crypt() passwords can generate collisons, so the password that worked on one system may not work on another (because of different salts used).
Solaris uses PAM, so its trivial to add any kind of authentication method that you want.
My opinion is that having NVIDIA work with kernel developers to come up with fully open-source, GPL licensed Linux drivers for their hardware would be better than ever releasing a single binary-only driver.
Agreed. In my opinion having everything in life matching up to my ideals would be better than not.
NVIDIA haven't given us anything for free.
I cannot ever remember when a hardware manufacturer has ever given me anything for free (aside from toys/tshirts at trade shows). And I've worked on millions of dollars with hardware over the years, those fuckers.
Experience shows us that, over time, Linux kernel programmers write far superior Linux drivers than the hardware manufacturers.
Wake me up when the Intel e100 driver in linux is better than Intel's. Granted most of the hardware drivers provided in the kernel itself are pretty damn good and I prefer to use them over a binary module.
The drivers cause mysterious kernel panics which can't be debugged because they originate from somewhere inside a black box that only NVIDIA may look at.
Maybe the kernel interface should provide better glue between the driver and the kernel itself so that they can be debugged, or maybe if its too much of a problem having binary modules, there is nothing to stop them from existing by either changing the lincense of the kernel to disallow them or at the end user level by choosing more "open" hardare.
I'm not clear what you are complaining about. What is your obsession with having an NVIDIA video card? There are many others out there, some even with opensource drivers. Just like OSes, there are many out there. Some are open and free, some (most in terms of # installed) are not. Are you going to complain next that Solaris, Windows and MacOS are closed source when you knew that upfront?
Gawd, did everyone forget that it was an assumption not too long ago that if you put an ad on tv with any word ending in .com that you would be rich?
... I'm tired of hearing the same tired, stupid jokes repeated over and over again.
You must be new here.
cities provide many services; stuff like road repair, snow removal, parks and open space, police, fire, methodone clinics, subsidized public transport, recreation centers, public pools, wildlife management, etc... You may not use or want some particular service, but I bet you rely on some of them
Yes, I do rely on some of them and don't mind paying for all of them in my $1,600 in annual taxes. But to be ontopic, I do mind getting a water bill (after paying my $1,600 in annual city taxes) that says:
- road repair xx.xx
- snow removal xx.xx
- methodone clinic xx.xx
- etc
My point was "Why was the trash and sewer repair a separate charge?"
I usually think its tacky replying to oneself, but I just remembered something.
I rented a PODS storage unit. Upon ordering it I was suckered into a $5 charge for "POD insurance". It was only $5, and I assumed a one time fee, so I said sure.
I then found out that I was being billed $5 a month for said insurance.
Get this. The insurance was for their property on their property. I inquired as to how I could be in any way shape or form responsible for anything if I didn't pay this insurance, and noone could answer. So I had them credit my account for any such insurance charges.
I've noticed this for years and its gotten entirely out of hand. I am now forced to ask people stupid questions like "How much does the $19.95 a day truck cost?" I was shocked to find out that at UHaul it actually cost 19.95 plus mileage.
I refuse to get phone service because of this, cell or otherwise. It is insane that the priveledge of using over 100 year old technology to talk to people costs on order of 1/2 the amount to power my house for a month.
I pay over $1,600 dollars a year in taxes for my house which is in a city. I always thought that city == trash pickup because of said taxes. Nope, they charge me 15 bucks a month on my water bill for trash, plus 4 dollars "maintence" on the sewer systems. I dunno what the sewer charge is for.
The only way that this is going to stop is if people stop paying for it. I have asked hotels to take off the safe charge.
Back to the phone thing. I promptly canceled my last phone after the 12.95 a month phone cost me over $26 (yes thats double!). I told them that it was deceitful and false advertising and under no circumstances was I goint to pay that, and I have been without a phone for 6 months or so (my work does pay for a cell, so I'm not that hardcore). This phone thing really pissed me off because it was a switch of providers that I agreed to because it was going to save me $10 a month. Being that I was writing a check for over $26 before and after, I do not see how I was saving anything. These extra costs make price comparison imposible and I think that it should be illegal.
Does this finally mean that this will be the end of telemarkers?
AFAIK, telemarkers cannot call cell phones. Telemarkers cannot tell what number a cell phone is anymore. Ergo, telemarkers cannot make calls.
Am I missing something?