This really peeves me. Slashdot is abysmal at getting their source right. This *is not* a Yahoo News story, it's a Reuters story. One look at the article would tell you this.
If the phone only accepts updates signed with the manufacturer's private key, and if that private key is kept private, then it is very secure.
My phone (Danger Hiptop) can recieve automatic over-the-air updates (it has already recieved two), but it is still secure as it only accepts signed code.
Re:The "security blanket" factor
on
Javascrypt
·
· Score: 1
"Because it is! Under most circumstances anyway. Assuming you called them, and you looked up their phone number in some trustworthy place (like the phone book), then the odds that you're giving your credit card number to someone else are pretty small. Basically, the only way your number could be stolen would be if someone were tapping your line*. Not that wiretaps are all that tough to implement, but they're not that common, either, and more importantly they're not very easy to automate."
You missed a very important point. When you called that person on the phone, you gave your credit card number to *a person* - someone who could write it down on a sheet of paper without anyone else in the office noticing.
With any good online retailer (e.g. Newegg), the card is billed and the information deleted almost instantly. Yes, the admin could install a program that records credit card numbers, but it would likely be noticed eventually.
"so the simple act of typing your number in compromises it."
Or your house could be bugged with a $5 walkie talkie, so the simple act of saying your number compromises it.
"And computer-based CC# theft is eminently automatable."
And phone based theft requires nothing but an angry employee with some paper, a tape recorder, or any other number of devices.
"the scanning tools can send the data to electronic dead drops on hacked machines so that with a little care the attacker is almost completely untraceable"
And if our employee isn't stupid enough to actually enter your transaction in the computer, they are completely untracable.
There are risks both ways. Neither method is particularly secure. Handing your credit card to that waitor isn't very secure either - but we do it all the time. What amazes me is the number of people who order things using their credit card *in public*. People just blurt it out.
The grandparent was right. Most people do far riskier things with their credit cards than online shopping. Perhaps ordering over the phone is less risky. But shopping online is far safer than handing your card to someone you don't even know - at the food store, the gas station, or wherever. How do you know that that cardreader they are swiping it trough is the real one. How do you know that they aren't committing it to memory. How do you know that the person behind the desk at the airport isn't really typing your cardnumber into notepad. Shopping online pales compared to these risks.
"Uh, KDE has the Kiosk-framework which allows admins to lock down the desktop. Hell, the users couldn't even change their desktop-background or close full-screen Konqueror if the admin decided so! And the number of configuration-options is not THAT bad in KDE! Everything is in logical places, and it's not like you need to go through them every single day! And besides, no-one forces you to touch the settings. But at least KDE gives you the possibility to do so."
You don't get it, do you. It's not about "locking down" the desktop. It's called "747 syndrome". A 747, even the latest computerized versions, has over 500 switches and controls. They are logically organized. Someone who is familiar with the aircraft has no problem working the many controls. Now imagine your grandmother walking in and flying that 747. Perhaps everything is set up with sensible defaults. It doesn't matter. There are so many controls and switches that she would become overwhelmed. That is what *normal people* see in KDE. They don't see logical defaults. To them, KDE looks like a 747. So many buttons to push and menus to choose and options to pick. It's not that they aren't logically organized. It's not that they don't all have their purpose. There are simply too many of them. People want to understand something before they feel comfortable using it. That's why a DVD player with four buttons is easier to use than a DVD player with thirty two. And that's why, in the long run, GNOME's philosophy will produce a more usable desktop.
"The menus and buttons are cleaned up in KDE3.2. And I for one LIKE the fact that I'm given the possibility to tweak the desktop to my liking. I do not like it when I'm forced to use certain kind of desktop just because some "usability-expert" decided that it would be the best for me. I'm my own usability expert when it comes to the UI I use!"
You're not normal. Most people simply don't care. That's why 95% of the taskbars are on the bottom of the screen. That's why so many people have MSN as their homepage. That's why people put up with popups instead of getting a popup blocker. They see their computer as a tool. They don't care what the window focus behavior is or whether their web browser blocks cookies from some known advertiser.
There are good options and bad options.
Good options don't really change the behavior of the desktop. Wallpaper is a perfect example - it allows the user to personalize their system, but it is "safe". It doesn't make their system behave differently from their friend's system, the system in the manual, or the system on the desk of the IT department.
Bad options change functionality in a fundamental way. My aunt had somehow moved the taskbar to the side of the screen and she did not know how to move it back to the bottom. KDE is especially guilty of this. Imagine if some jerk (for example, a technician) changed the window focus behavior on a KDE system to focus on point and autoraise after 0.1 seconds. Most users would be *unable* to use their system until the problem was corrected. The same thing can happen by mistake.
There is huge motivation in the desktop world to have feature creap. Programs are adding features rather than making the software better. KDE tries to do too much.
KDE's Worst Usability Flaws: - Control Center. This is the *number one* usability problem with KDE. It has a tree with pages which have tabs. There are too many options that most people should never need to use. - Naming. No, really. The whole "k" thing (and, similarly the "g" thing with GNOME) is unprofessional. Also, names should be descriptive. Microsoft "Word". "Notepad". "Internet Explorer". Most people don't know what Konqueror is. - Professionalism. This really shows through in the configuration wizard. GNOME had serious problems in version 1.4 with language that was unprofessional. - That whole startup wizard. People don't want to be assulted with choices when they log in - especially not ones that can fundamentally change the way the syst
"For example, the messenger service isn't used by anyone by spam senders"
System administators have used it for years. It's only recently that the spammers have decided to use it. That's why Microsoft is disabling the service by default in XPSP2.
"fragile, naked file system"
I don't honestly know what you are talking about. NTFS is a journaling filesystem with some very strong features. Metadata for every file, unlimited alternate data streams (Microsoft's version of the HFS data/resource forks, but you can have as many as you want), strong security permissions that even the OS obeys that can be applied on a per-user basis with inheritance and an allow/don't allow/deny system. NTFS one of the strongest attributes of Windows. Now, the permissions aren't set strict enough out of the box (and most users make their account part of the Administrators group - just like running as root all of the time).
Imagine how a Linux system would hold up under the following situation: - User always running as root, even when they don't have to - User downloading and executing unknown code from random locations (screensavers, shareware, warez) - User installing software that is bundled with programs that spy on them / mess up their system - User never patching their system, even though the OS can do it automatically - User not using a password on their system in many cases - User downloading and executing unknown code (in email attachments) even though system warns of extreme security risk - User not using firewall even though it is built into the OS
Now, Microsoft could do more: - No mail client should even be able to execute attachments. Even with a security warning. I do believe that Outlook Express now prevents you from executing attachments at all unless you uncheck a box hidden in some configuration dialog. - The firewall should be on by default. XP SP2 fixes this. - Users shouldn't run as root all of the time. Perhaps a warning when they log on would be helpful. The setup wizard already creates non-root users, but most people don't use them. I don't think users are adequtely informed of the security risks of running as root. - Windows should come with an antivirus solution. Something integrated and transparent. Sometimes, you need to run untrusted code, and an good antivirus program can help reduce the threat. - Windows should have more restrictive permissions by default. Currently, non-root users can write to "program files" and potentially destroy software (although not the OS).
Finally, some things that are good: - As I said before, the permissions system is very good - Windows File Protection is good for those stupid installers that try to overwrite system libraries - Systm Restore is nice for those people who are too cheap or lazy to have a real backup solution - Automatic updates are nice - if only people would use them - Driver rollback is nice for nuking "crap rev" drivers
"I guess the point of this is that if I have to re-install windows or edit the registry again before Christmas"
If you do the following things, you won't have to:
- Don't run as root (administrator) unless you absolutely must - Don't download and execute unknown code unless you have scanned it with an antivirus. Don't run it as root unless you absolutely must (many programs will install as nonroot) - Turn on the XP firewall - Run a spyware detection tool such as ad-aware or spybot to get rid of the crap - Install the latest patches and service packs
Basically, use common sense. If Windows users would realize that, no, your computer *is not* a toaster and it *does* require a bit of work to keep it secure, there would be many fewer viruses and worms.
Second, if you *ever* have to edit the registry, you're doing something very wrong. That's like saying that you should dismantle your entire car because one of your headlights is out.
You may prefer KDE, but GNOME is the better desktop to drive Linux onto the desktop:
- You may not like the lack of preferences, but corporations (and inexperienced users) do. MSN is the default home page on millions of systems because users are too lazy to change it. You may like a control center with 40 pages (and multiple tabs per page), but such a thing flies in the face of usability. Users are so overwhelmed by options that they don't find the ones that really matter. - GNOME has a decent HIG, and developers are actually making an effort to follow it. I have found that the HIG-compliant GNOME apps (e.g. Epiphany) are as easy if not easier to use than their Windows and Mac counterparts. Konqueror has button after buuton, and menu after menu. There are pages of preferences. There are so many things to click and choose from that many users are overwhelmed. Many people I know have switched from Windows to GNOME with positive results. I cannot say the same about KDE. - You don't have to use Mono to use GNOME. You don't even have to like Mono to use GNOME. - The "look and feel" of GNOME, in my opinion, is far superior to KDE. There are many GTK themes, most of which are attractive. KDE is butt ugly in my opinion, especially the defualt theme. In its default configuration, KDE looks like a bad OSX ripoff. Remember, "look and feel" is a subjective evaluation. - The goal of GNOME is not to make a desktop for Linux users. That was conceded to KDE long ago. Linux users like choices - that's why they are running an OS that gives them so many. GNOME's goal is to design a desktop for all of those who are *not* using Linux. GNOME is making Linux usable and accessable. It has an accesibility framework and applications that take advantage of it. It has a core set of applications that continues to improve (as does KDE). And, perhaps most importantly, it has a human interface guide that developers actually follow. And it has cross-distro administration tools to help administrators configure their system. GNOME is providing a desktop that goes above and beyond Windows - not in features, but in polish and usability.
Around here (Colorado), even GSM service works *everywhere*. Indoors, around town, driving 60 miles through nowhere to get to the airport (Denver International Airport is built in the middle of nowhere).
Where the providers differentiate themselves is in rural coverage. Verizon wireless gave my friend *nearly 100%* coverage in Wyoming. We're talking CDMA coverage that's 100 miles away from the nearest town of more than 100. With Verizon, coverage is simply a non-issue: I would say that it's quite nearly 100%.
So, if you drive around cities of more than 5000 and stay on the interstate highways / other major roads, any provider is really fine. If you want to drive through nowhere and still get coverage, you might want to look at Verizon.
Verizon Wireless now offers 3G CDMA EVDO service (500K-2M, generally) for $80 a month. It drops to 80K-144K (still technically 3G) when you leave the (relatively small, at least for now) EVDO coverage areas.
That's not an issue. You send them 3DES encrypted messeges and arrange for the key to be delivered upon your death. So, even if they are hacked, your messeges are secure.
" Bugs in IE lead to the equivalent of root exploits"
This is simply bullshit. Yes, IE has security problems, some of them extremely severe, but they are certainly not root exploits. Bugs in IE are little different than bugs in Mozilla - of course, IE has far more of them.
IE runs with all of the same permissions and restrictions of any other application. Believe it or not, IE isn't really integrated into Windows. Explorer.exe, the Windows shell, depends on IE; as does the help system and some other things - but all of these applications run under the privelages of a user's account. For IE to cause a "root exploit", the user would have to be running as Administrator - and Mozilla can cause a problem just as severe in that situation.
IE6 actually has decent CSS compliancy when you switch it into "compliance" mode by using the XHTML doctype as the first line of your page. No, there is a large subset of CSS2 that it doesn't support, but it supports all of CSS1 properly and most of CSS2 properly.
AMD's Athlon 64 can change frequency and voltage on the fly to any of several levels. Even the desktop version has this feature.
Intel has been using copper interconnects since Pentium III "Coppermine"; AMD since Athlon XP "Palomino". AMD is currently (AFAIK) the only company producing CPUs using a SOI process.
Apparently, Canadians haven't discovered humor yet. The grandparent's comment was meant as a joke. Thus the +4 funny.
About the weakness of the USD:
It's actually *good* that the dollar is decrasing in value because, when your dollar buys less overseas, foriegn goods become more expensive and the trade imbalance is reduced. That's why it's so damaging that China has pinned their currency to the dollar - by keeping Chinese products cheap, it prevents the normal economic mechanisms from correcting the trade defecit.)
"As an example Tsai estimated that using the Shor Algorithm to factor a 256-bit binary number, a task that would take 10 million years using something like IBM Corp.'s Blue Gene supercomputer, could be accomplished by a quantum computer in about 10 seconds."
Using that logic, the following holds true: - Factoring a 256 bit number on the IBM Blue Gene takes 31536000000000 longer than on a quantum computer. - RSA 512 was broken in seven months by a cluster 1000 times less powerful than the IBM Blue Gene - Thus, a quantum computer could crack RSA 315360000000000000 faster than the MIT cluster that broke RSA 512
- RSA 1024 is 2^512 times harder to crack than RSA 512 - 2^512/315360000000000000 = 4.25*10^136 - RSA 1024 could be broken in 4.25*10^136 times longer than RSA 512 was broken by the MIT cluster
Yes, this is an oversimplification, but it appears that RSA 1024 is secure - at least in the immediate future. Of course, factoring breakthroughs can always occur, and my numbers are based on many assumptions, but still, it's not time to get worried yet.
"The PPC970 and Power4+ are both fabricated in 130nm technologies. Better silicon does not make it a better processor architecture. "
I made exactly the opposite point: Itanium is not held back by architecture but by process. With a 130nm process, Itanium is as fast as a Pentium 4 3.2Ghz in integer and far faster in floating point.
"Speaking of cache, somewhat under-reported in the technical press was IBM's revelations of its upcoming Power5 server architecture. Yup, that's four dual-core processors each with 2MB of L2 cache, and four 36MB L3 cache chips all in the same package. IBM is leveraging it's packaging advantages against Intel's process advantages. Well, that, and making each processor die dual-core multithreaded."
Unfortnuately, that processor simply won't sell in any sort of volume. Producing a package that size is extremely expensive and cost inefficent. If Intel would wise up we could see Itaniums in laptops (with 1MB cache, of course). Deerfield is such a CPU - less cache, smaller, produces less heat. Unfortunately, at 1Ghz, it isn't all that fast (similar to a Pentium 4 at 2.2Ghz in integer).
If by "about 1.3Ghz", you mean 1.5Ghz, then, yes, Itanium only goes up to 1.5Ghz. But at 1.5Ghz is faster than the fastest 3.2Ghz Pentium 4. With a decent process and less cache, it could easily scale to 2+ Ghz.
" but the Itanium is neither cheap nor cool (130W!)"
This has to do with the fact that the CPU has 3MB of cache on it. That makes the die huge which makes the CPU expensive. It also makes it heat up like a toaster. As a comparison, the latest Pentium 4s are ~90W, and they only have 512K of cache.
"In the performance arena, Moore's law is useless unless chip designers figure out how to use MORE transistors to compute more quickly."
My statement was that, for a given performance level, Itanium uses less transistors than RISC. Itanium was *designed* to use more transistors. That's why the instruction set is designed to produce code that runs well in paralell. RISC CPUs have to figure out what can be run in paralell in hardware - Itanium does it in the compiler.
"Itanium is a poor architecture. This isn't just my opinion, it's the opinion of the professor here at UT Austin working on the multi-core lightweight processor"
Your professor's opinion is... well... flawed.
Itanium is an excellent architecture. Its flaws come from politics:
1: Itanium requires good compilers. For now, that means compilers from Intel. GCC will be fine for running Mozilla on an Itanium, but technical apps simply won't perform anywhere near the performance of the machine when compied with GCC.
2: Intel wants to market Itanium as a server chip. That means that they are putting 3MB or 6MB on the high end Itaniums. Soon they will have a 9MB cache version. Lots of cache means lots of transistors means lots of heat.
3: Intel is not fabbing Itanium with a state of the art process. Intel leads the world in process technology, yet their Itanium is still on a 130nm process. Before Madison (about a year ago), it was on a 180nm process.
Some misconceptions:
1: Itanium is "inefficent". This couldn't be further from the truth. At 1.5Ghz, it whoops *anything* else in SPECfp (by a margin of 1.5x or more) and matches the 3.2Ghz P4 or 2.2Ghz Opteron in SPECint.
2: Itanium is "slow". Wrong again, see above.
3: Itanium doesn't scale. Wrong again. Itanium scales better than any other current architecture, getting nearly 100% of clock in both int and fp. Opteron gets around 99% int and 95% fp. Pentium 4 gets around 85% int and 80% fp. I don't have data for PPC970.
4: Itanium is expensive. This is true, but it has to do with politics rather than architecture. Itanium uses *fewer* transistors and does *more* instructions per clock than a RISC architecture. Itanium takes much of the logic out of the CPU and puts it into the compiler (this is why you need good compilers). Itanium's architecture is called EPIC, or explicitly paralell instruction computing, because each instruction is "tagged" by the compiler to tell the CPU what instructions can and cannot be executed in paralell.
EPIC scales better than RISC architectures. It does more work with a lower clock and fewer transistors. That means that it will ultimately result in a cooler, cheaper, smaller, faster CPU than anything else. Intel's politics prevents this from happening.
So, please don't say that Itanium is a poor architecture. Itanium is a proven architecture. It uses fewer transistors and lower clock speeds than comparable RISC CPUs. Yes, it has problems, but most of them have to do with Itanium the CPU (too much cache, too expensive, not latest process) instead of EPIC the architecture.
1995: Microsoft Windows 95. Made PCs (not Macs) easy enough to use for your granny 2000: Microsoft Windows 2000. Good enough to be called a "real OS". 2001: Microsoft XBox. Wildly unprofitable, but nonetheless a notable entry into the gaming market. Allows developers to easily port code between PC and game system. 2001: Microsoft Windows XP. The first "real OS" in the consumer space. Linux is still not the kind of OS your granny should be running and Mac OS 10.1 hadn't even come out.
Has anyone pointed out that both of these apps run great on Windows XP? I don't need to buy a Mac, or use codeweaver. I just click the icon in the taskbar.
The AMD Opteron has an *onboard* memory controller. This dramatically lowers latency from ~130 cycles (on a traditional northbridge system) to ~60 cycles. An Opteron system doesn't even need a memory controller; it's right on the CPU.
Apple's "architecture" is basically a traditional northbridge/southbridge setup. The closest comparison to Apple's architecture is the NVIDIA NForce2 chipset for Athlon XP. It uses a northbridge that connects to the proecessor, memory, and AGP (as it does in the G5). The northbridge connects to the southbridge via HyperTransport (same as in the G5) which controls all other I/O (also the same as the G5).
Compared to Opteron, the PPC970 (G5) differs in that:
- It *does not* have an onboard memory controller - The CPU does not have HyperTransport links
The G5 architecture is far more similar to the NForce2 architecture than an AMD64 based system. It's really just a traditional northbridge/southbridge setup.
Slashdot Mirror
This really peeves me. Slashdot is abysmal at getting their source right. This *is not* a Yahoo News story, it's a Reuters story. One look at the article would tell you this.
If the phone only accepts updates signed with the manufacturer's private key, and if that private key is kept private, then it is very secure.
My phone (Danger Hiptop) can recieve automatic over-the-air updates (it has already recieved two), but it is still secure as it only accepts signed code.
"Because it is! Under most circumstances anyway. Assuming you called them, and you looked up their phone number in some trustworthy place (like the phone book), then the odds that you're giving your credit card number to someone else are pretty small. Basically, the only way your number could be stolen would be if someone were tapping your line*. Not that wiretaps are all that tough to implement, but they're not that common, either, and more importantly they're not very easy to automate."
You missed a very important point.
When you called that person on the phone, you gave your credit card number to *a person* - someone who could write it down on a sheet of paper without anyone else in the office noticing.
With any good online retailer (e.g. Newegg), the card is billed and the information deleted almost instantly. Yes, the admin could install a program that records credit card numbers, but it would likely be noticed eventually.
"so the simple act of typing your number in compromises it."
Or your house could be bugged with a $5 walkie talkie, so the simple act of saying your number compromises it.
"And computer-based CC# theft is eminently automatable."
And phone based theft requires nothing but an angry employee with some paper, a tape recorder, or any other number of devices.
"the scanning tools can send the data to electronic dead drops on hacked machines so that with a little care the attacker is almost completely untraceable"
And if our employee isn't stupid enough to actually enter your transaction in the computer, they are completely untracable.
There are risks both ways. Neither method is particularly secure. Handing your credit card to that waitor isn't very secure either - but we do it all the time. What amazes me is the number of people who order things using their credit card *in public*. People just blurt it out.
The grandparent was right. Most people do far riskier things with their credit cards than online shopping. Perhaps ordering over the phone is less risky. But shopping online is far safer than handing your card to someone you don't even know - at the food store, the gas station, or wherever. How do you know that that cardreader they are swiping it trough is the real one. How do you know that they aren't committing it to memory. How do you know that the person behind the desk at the airport isn't really typing your cardnumber into notepad. Shopping online pales compared to these risks.
"Uh, KDE has the Kiosk-framework which allows admins to lock down the desktop. Hell, the users couldn't even change their desktop-background or close full-screen Konqueror if the admin decided so! And the number of configuration-options is not THAT bad in KDE! Everything is in logical places, and it's not like you need to go through them every single day! And besides, no-one forces you to touch the settings. But at least KDE gives you the possibility to do so."
You don't get it, do you. It's not about "locking down" the desktop. It's called "747 syndrome". A 747, even the latest computerized versions, has over 500 switches and controls. They are logically organized. Someone who is familiar with the aircraft has no problem working the many controls. Now imagine your grandmother walking in and flying that 747. Perhaps everything is set up with sensible defaults. It doesn't matter. There are so many controls and switches that she would become overwhelmed. That is what *normal people* see in KDE. They don't see logical defaults. To them, KDE looks like a 747. So many buttons to push and menus to choose and options to pick. It's not that they aren't logically organized. It's not that they don't all have their purpose. There are simply too many of them. People want to understand something before they feel comfortable using it. That's why a DVD player with four buttons is easier to use than a DVD player with thirty two. And that's why, in the long run, GNOME's philosophy will produce a more usable desktop.
"The menus and buttons are cleaned up in KDE3.2. And I for one LIKE the fact that I'm given the possibility to tweak the desktop to my liking. I do not like it when I'm forced to use certain kind of desktop just because some "usability-expert" decided that it would be the best for me. I'm my own usability expert when it comes to the UI I use!"
You're not normal. Most people simply don't care. That's why 95% of the taskbars are on the bottom of the screen. That's why so many people have MSN as their homepage. That's why people put up with popups instead of getting a popup blocker. They see their computer as a tool. They don't care what the window focus behavior is or whether their web browser blocks cookies from some known advertiser.
There are good options and bad options.
Good options don't really change the behavior of the desktop. Wallpaper is a perfect example - it allows the user to personalize their system, but it is "safe". It doesn't make their system behave differently from their friend's system, the system in the manual, or the system on the desk of the IT department.
Bad options change functionality in a fundamental way. My aunt had somehow moved the taskbar to the side of the screen and she did not know how to move it back to the bottom. KDE is especially guilty of this. Imagine if some jerk (for example, a technician) changed the window focus behavior on a KDE system to focus on point and autoraise after 0.1 seconds. Most users would be *unable* to use their system until the problem was corrected. The same thing can happen by mistake.
There is huge motivation in the desktop world to have feature creap. Programs are adding features rather than making the software better. KDE tries to do too much.
KDE's Worst Usability Flaws:
- Control Center. This is the *number one* usability problem with KDE. It has a tree with pages which have tabs. There are too many options that most people should never need to use.
- Naming. No, really. The whole "k" thing (and, similarly the "g" thing with GNOME) is unprofessional. Also, names should be descriptive. Microsoft "Word". "Notepad". "Internet Explorer". Most people don't know what Konqueror is.
- Professionalism. This really shows through in the configuration wizard. GNOME had serious problems in version 1.4 with language that was unprofessional.
- That whole startup wizard. People don't want to be assulted with choices when they log in - especially not ones that can fundamentally change the way the syst
"For example, the messenger service isn't used by anyone by spam senders"
System administators have used it for years. It's only recently that the spammers have decided to use it. That's why Microsoft is disabling the service by default in XPSP2.
"fragile, naked file system"
I don't honestly know what you are talking about. NTFS is a journaling filesystem with some very strong features. Metadata for every file, unlimited alternate data streams (Microsoft's version of the HFS data/resource forks, but you can have as many as you want), strong security permissions that even the OS obeys that can be applied on a per-user basis with inheritance and an allow/don't allow/deny system. NTFS one of the strongest attributes of Windows. Now, the permissions aren't set strict enough out of the box (and most users make their account part of the Administrators group - just like running as root all of the time).
Imagine how a Linux system would hold up under the following situation:
- User always running as root, even when they don't have to
- User downloading and executing unknown code from random locations (screensavers, shareware, warez)
- User installing software that is bundled with programs that spy on them / mess up their system
- User never patching their system, even though the OS can do it automatically
- User not using a password on their system in many cases
- User downloading and executing unknown code (in email attachments) even though system warns of extreme security risk
- User not using firewall even though it is built into the OS
Now, Microsoft could do more:
- No mail client should even be able to execute attachments. Even with a security warning. I do believe that Outlook Express now prevents you from executing attachments at all unless you uncheck a box hidden in some configuration dialog.
- The firewall should be on by default. XP SP2 fixes this.
- Users shouldn't run as root all of the time. Perhaps a warning when they log on would be helpful. The setup wizard already creates non-root users, but most people don't use them. I don't think users are adequtely informed of the security risks of running as root.
- Windows should come with an antivirus solution. Something integrated and transparent. Sometimes, you need to run untrusted code, and an good antivirus program can help reduce the threat.
- Windows should have more restrictive permissions by default. Currently, non-root users can write to "program files" and potentially destroy software (although not the OS).
Finally, some things that are good:
- As I said before, the permissions system is very good
- Windows File Protection is good for those stupid installers that try to overwrite system libraries
- Systm Restore is nice for those people who are too cheap or lazy to have a real backup solution
- Automatic updates are nice - if only people would use them
- Driver rollback is nice for nuking "crap rev" drivers
"I guess the point of this is that if I have to re-install windows or edit the registry again before Christmas"
If you do the following things, you won't have to:
- Don't run as root (administrator) unless you absolutely must
- Don't download and execute unknown code unless you have scanned it with an antivirus. Don't run it as root unless you absolutely must (many programs will install as nonroot)
- Turn on the XP firewall
- Run a spyware detection tool such as ad-aware or spybot to get rid of the crap
- Install the latest patches and service packs
Basically, use common sense. If Windows users would realize that, no, your computer *is not* a toaster and it *does* require a bit of work to keep it secure, there would be many fewer viruses and worms.
Second, if you *ever* have to edit the registry, you're doing something very wrong. That's like saying that you should dismantle your entire car because one of your headlights is out.
Not to minimize this, but it *is* a PDA. It's not like Palm provides any more crash protectio.
You may prefer KDE, but GNOME is the better desktop to drive Linux onto the desktop:
- You may not like the lack of preferences, but corporations (and inexperienced users) do. MSN is the default home page on millions of systems because users are too lazy to change it. You may like a control center with 40 pages (and multiple tabs per page), but such a thing flies in the face of usability. Users are so overwhelmed by options that they don't find the ones that really matter.
- GNOME has a decent HIG, and developers are actually making an effort to follow it. I have found that the HIG-compliant GNOME apps (e.g. Epiphany) are as easy if not easier to use than their Windows and Mac counterparts. Konqueror has button after buuton, and menu after menu. There are pages of preferences. There are so many things to click and choose from that many users are overwhelmed. Many people I know have switched from Windows to GNOME with positive results. I cannot say the same about KDE.
- You don't have to use Mono to use GNOME. You don't even have to like Mono to use GNOME.
- The "look and feel" of GNOME, in my opinion, is far superior to KDE. There are many GTK themes, most of which are attractive. KDE is butt ugly in my opinion, especially the defualt theme. In its default configuration, KDE looks like a bad OSX ripoff. Remember, "look and feel" is a subjective evaluation.
- The goal of GNOME is not to make a desktop for Linux users. That was conceded to KDE long ago. Linux users like choices - that's why they are running an OS that gives them so many. GNOME's goal is to design a desktop for all of those who are *not* using Linux. GNOME is making Linux usable and accessable. It has an accesibility framework and applications that take advantage of it. It has a core set of applications that continues to improve (as does KDE). And, perhaps most importantly, it has a human interface guide that developers actually follow. And it has cross-distro administration tools to help administrators configure their system. GNOME is providing a desktop that goes above and beyond Windows - not in features, but in polish and usability.
Around here (Colorado), even GSM service works *everywhere*. Indoors, around town, driving 60 miles through nowhere to get to the airport (Denver International Airport is built in the middle of nowhere).
Where the providers differentiate themselves is in rural coverage. Verizon wireless gave my friend *nearly 100%* coverage in Wyoming. We're talking CDMA coverage that's 100 miles away from the nearest town of more than 100. With Verizon, coverage is simply a non-issue: I would say that it's quite nearly 100%.
So, if you drive around cities of more than 5000 and stay on the interstate highways / other major roads, any provider is really fine. If you want to drive through nowhere and still get coverage, you might want to look at Verizon.
Verizon Wireless now offers 3G CDMA EVDO service (500K-2M, generally) for $80 a month. It drops to 80K-144K (still technically 3G) when you leave the (relatively small, at least for now) EVDO coverage areas.
You're new here aren't you?
1: Comcast, for one, will give you up to 25 IP addresses (note that this is highly unsupported, may not work, etc.)
2: Many cable modems now have NAT and a DHCP server built in.
3: The kids could just use an anonymizing SSL proxy. Or do something with SSH. Again, most kids would likely not be able to do this.
That's not an issue. You send them 3DES encrypted messeges and arrange for the key to be delivered upon your death. So, even if they are hacked, your messeges are secure.
" Bugs in IE lead to the equivalent of root exploits"
This is simply bullshit. Yes, IE has security problems, some of them extremely severe, but they are certainly not root exploits. Bugs in IE are little different than bugs in Mozilla - of course, IE has far more of them.
IE runs with all of the same permissions and restrictions of any other application. Believe it or not, IE isn't really integrated into Windows. Explorer.exe, the Windows shell, depends on IE; as does the help system and some other things - but all of these applications run under the privelages of a user's account. For IE to cause a "root exploit", the user would have to be running as Administrator - and Mozilla can cause a problem just as severe in that situation.
"full CSS compliancy"
IE6 actually has decent CSS compliancy when you switch it into "compliance" mode by using the XHTML doctype as the first line of your page. No, there is a large subset of CSS2 that it doesn't support, but it supports all of CSS1 properly and most of CSS2 properly.
AMD's Athlon 64 can change frequency and voltage on the fly to any of several levels. Even the desktop version has this feature.
Intel has been using copper interconnects since Pentium III "Coppermine"; AMD since Athlon XP "Palomino". AMD is currently (AFAIK) the only company producing CPUs using a SOI process.
Apparently, Canadians haven't discovered humor yet. The grandparent's comment was meant as a joke. Thus the +4 funny.
About the weakness of the USD:
It's actually *good* that the dollar is decrasing in value because, when your dollar buys less overseas, foriegn goods become more expensive and the trade imbalance is reduced. That's why it's so damaging that China has pinned their currency to the dollar - by keeping Chinese products cheap, it prevents the normal economic mechanisms from correcting the trade defecit.)
"As an example Tsai estimated that using the Shor Algorithm to factor a 256-bit binary number, a task that would take 10 million years using something like IBM Corp.'s Blue Gene supercomputer, could be accomplished by a quantum computer in about 10 seconds."
Using that logic, the following holds true:
- Factoring a 256 bit number on the IBM Blue Gene takes 31536000000000 longer than on a quantum computer.
- RSA 512 was broken in seven months by a cluster 1000 times less powerful than the IBM Blue Gene
- Thus, a quantum computer could crack RSA 315360000000000000 faster than the MIT cluster that broke RSA 512
- RSA 1024 is 2^512 times harder to crack than RSA 512
- 2^512/315360000000000000 = 4.25*10^136
- RSA 1024 could be broken in 4.25*10^136 times longer than RSA 512 was broken by the MIT cluster
Yes, this is an oversimplification, but it appears that RSA 1024 is secure - at least in the immediate future. Of course, factoring breakthroughs can always occur, and my numbers are based on many assumptions, but still, it's not time to get worried yet.
No, but they can be used to end a war without the massive bloodshed of an invasion. Or to prevent a war from ever happening.
"The PPC970 and Power4+ are both fabricated in 130nm technologies. Better silicon does not make it a better processor architecture. "
I made exactly the opposite point: Itanium is not held back by architecture but by process. With a 130nm process, Itanium is as fast as a Pentium 4 3.2Ghz in integer and far faster in floating point.
"Speaking of cache, somewhat under-reported in the technical press was IBM's revelations of its upcoming Power5 server architecture. Yup, that's four dual-core processors each with 2MB of L2 cache, and four 36MB L3 cache chips all in the same package. IBM is leveraging it's packaging advantages against Intel's process advantages. Well, that, and making each processor die dual-core multithreaded."
Unfortnuately, that processor simply won't sell in any sort of volume. Producing a package that size is extremely expensive and cost inefficent. If Intel would wise up we could see Itaniums in laptops (with 1MB cache, of course). Deerfield is such a CPU - less cache, smaller, produces less heat. Unfortunately, at 1Ghz, it isn't all that fast (similar to a Pentium 4 at 2.2Ghz in integer).
"Itanium2 is only availble up to about 1.3 Ghz."
If by "about 1.3Ghz", you mean 1.5Ghz, then, yes, Itanium only goes up to 1.5Ghz. But at 1.5Ghz is faster than the fastest 3.2Ghz Pentium 4. With a decent process and less cache, it could easily scale to 2+ Ghz.
" but the Itanium is neither cheap nor cool (130W!)"
This has to do with the fact that the CPU has 3MB of cache on it. That makes the die huge which makes the CPU expensive. It also makes it heat up like a toaster. As a comparison, the latest Pentium 4s are ~90W, and they only have 512K of cache.
"In the performance arena, Moore's law is useless unless chip designers figure out how to use MORE transistors to compute more quickly."
My statement was that, for a given performance level, Itanium uses less transistors than RISC. Itanium was *designed* to use more transistors. That's why the instruction set is designed to produce code that runs well in paralell. RISC CPUs have to figure out what can be run in paralell in hardware - Itanium does it in the compiler.
"Itanium is a poor architecture. This isn't just my opinion, it's the opinion of the professor here at UT Austin working on the multi-core lightweight processor"
Your professor's opinion is... well... flawed.
Itanium is an excellent architecture. Its flaws come from politics:
1: Itanium requires good compilers. For now, that means compilers from Intel. GCC will be fine for running Mozilla on an Itanium, but technical apps simply won't perform anywhere near the performance of the machine when compied with GCC.
2: Intel wants to market Itanium as a server chip. That means that they are putting 3MB or 6MB on the high end Itaniums. Soon they will have a 9MB cache version. Lots of cache means lots of transistors means lots of heat.
3: Intel is not fabbing Itanium with a state of the art process. Intel leads the world in process technology, yet their Itanium is still on a 130nm process. Before Madison (about a year ago), it was on a 180nm process.
Some misconceptions:
1: Itanium is "inefficent". This couldn't be further from the truth. At 1.5Ghz, it whoops *anything* else in SPECfp (by a margin of 1.5x or more) and matches the 3.2Ghz P4 or 2.2Ghz Opteron in SPECint.
2: Itanium is "slow". Wrong again, see above.
3: Itanium doesn't scale. Wrong again. Itanium scales better than any other current architecture, getting nearly 100% of clock in both int and fp. Opteron gets around 99% int and 95% fp. Pentium 4 gets around 85% int and 80% fp. I don't have data for PPC970.
4: Itanium is expensive. This is true, but it has to do with politics rather than architecture. Itanium uses *fewer* transistors and does *more* instructions per clock than a RISC architecture. Itanium takes much of the logic out of the CPU and puts it into the compiler (this is why you need good compilers). Itanium's architecture is called EPIC, or explicitly paralell instruction computing, because each instruction is "tagged" by the compiler to tell the CPU what instructions can and cannot be executed in paralell.
EPIC scales better than RISC architectures. It does more work with a lower clock and fewer transistors. That means that it will ultimately result in a cooler, cheaper, smaller, faster CPU than anything else. Intel's politics prevents this from happening.
So, please don't say that Itanium is a poor architecture. Itanium is a proven architecture. It uses fewer transistors and lower clock speeds than comparable RISC CPUs. Yes, it has problems, but most of them have to do with Itanium the CPU (too much cache, too expensive, not latest process) instead of EPIC the architecture.
"past 5 - 10 years"
1995: Microsoft Windows 95. Made PCs (not Macs) easy enough to use for your granny
2000: Microsoft Windows 2000. Good enough to be called a "real OS".
2001: Microsoft XBox. Wildly unprofitable, but nonetheless a notable entry into the gaming market. Allows developers to easily port code between PC and game system.
2001: Microsoft Windows XP. The first "real OS" in the consumer space. Linux is still not the kind of OS your granny should be running and Mac OS 10.1 hadn't even come out.
Has anyone pointed out that both of these apps run great on Windows XP? I don't need to buy a Mac, or use codeweaver. I just click the icon in the taskbar.
Yes, it was nmap, if by "Matrix 1" he meant "Matrix 2".
WRONG!
The AMD Opteron has an *onboard* memory controller. This dramatically lowers latency from ~130 cycles (on a traditional northbridge system) to ~60 cycles. An Opteron system doesn't even need a memory controller; it's right on the CPU.
Apple's "architecture" is basically a traditional northbridge/southbridge setup. The closest comparison to Apple's architecture is the NVIDIA NForce2 chipset for Athlon XP. It uses a northbridge that connects to the proecessor, memory, and AGP (as it does in the G5). The northbridge connects to the southbridge via HyperTransport (same as in the G5) which controls all other I/O (also the same as the G5).
Compared to Opteron, the PPC970 (G5) differs in that:
- It *does not* have an onboard memory controller
- The CPU does not have HyperTransport links
The G5 architecture is far more similar to the NForce2 architecture than an AMD64 based system. It's really just a traditional northbridge/southbridge setup.