Sometimes you're copying a database from location A to location B and it would be nice to have an easy way to compare the files that arrive at B with the ones at A to make sure that no bits fell out.
Sometimes you have a database that grows ten gigs a month. It's a *lot* easier to add a new datafile to a cooked device than to it is to partition out some more space for a new raw device and mark it as a datafile.
You're argument about the SCSI cards with no battery backup is specious. You do not have to use raw devices for Oracle to be ACID compliant. If you're using redo logs and datafiles on cooked devices your transactions are just as safe as if you're using raw devices.
That's why Oracle has redo logs. A transaction occurs; it's written to the redo (and mriror) logs; when the redo log is full, all of the transactions in it are applied to the datafile (what you can think of as the *actual* data). The redo log gets archived and a new one is started. If any one of those steps doesn't happen, the database stops accepting transactions (sometimes it stays up, sometimes it crashes). This happens just the same way on cooked devices as it does on raw devices.
and Oracle likes raw disks; filesystems just slow things down, after all
Raw devices aren't significantly faster than cooked devices and haven't been for a long time. Device drivers and OS disk subsystems (not to mention improvements in disk drives and controllers) have almost totally closed the performance gap. You might eke out an additional 5% performance advantage with raw devices, but that's not guaranteed.
When you factor in the PITA (pain in the ass) factor of managing raw devices (don't even think about mv, cp, diff, rm, tar, gzip, chmod, chown...there are no files for you to directly manipulate via the OS) there is no overall benefit to raw devices.
It's almost always a bad idea to use raw devices. If you want to increase your system performance: tune the application; tune oracle, tune the OS...don't switch to raw devices.
Based on my experience (getting zapped with 220) and my observations (watching other people getting zapped by 110 and 220), I say, "Take the 220 zap every time."
Imagine that you just had 18 pots of coffee instantaneously administered via IV, were dipped into hot grease for a split-second, and a Mack truck ran into you and rammed you into the wall 20 feet away. That's getting hit by 220.
110 is just like the above minus the Mack truck. Which means that you stay attached to the nasty circuit that is frying you. All of those movie images about some guy grabbing a live wire and hanging on while he jerks -- that is 110. If it had been 220 he would have been blown across the room.
You're more likely to get injured by 220, but you're more likely to get killed by 110.
Re:The Unneccesarily Long Road to Profitability
on
Amazon Makes a Profit
·
· Score: 1
I worked for Metricom (the Ricochet people).
In the final dark days, many of us in the Dallas and Houston offices wondered exactly how much the two multi-story, fancy office buildings in downtown San Jose actually cost. I mean, we're talking a place where a 1300 sq ft town home can sell for $400,000.
And, of course, the higher price of living meant that everyone needed a higher salary.
It's pretty much a given than you're not going to find the 500 hundred electrical engineers, wireless developers and system administrators that you need if you're looking in BFE, North Dakota. But there are a *lot* of other places you can find the real estate and people that you need cheaper than Califonia.
So what if you need to "stay in touch" with the deep industry currents in Silicon Valley -- rent a nice SMALL office; keep a SMALL staff on hand and have your corporate executives fly out there every few weeks. It's going to be a damn sight cheaper than maintaining 500 employees and 30,000 sq ft of office space in one of the most expensive places in the US.
in any event, this post hopefully makes it clear that the difference between the two is far more a matter of personal taste/how accustomed each person is to the syntax
Exactly!
A standard slashdot argument is: "I use XYZ and it is easier/better than ABC."
The reason that it's "easier/better" is that you're more familiar with it. People make judgements based on what they have experience with.
Sure, I think that BSD is better than Linux. I think that the *BSDs firewall syntax is better than the Linux firewall syntax. I think that the *BSD ports/package system rocks compared to any Linux solution (yes, even apt). But I think these things because I use *BSD all of the time! If I used Linux all of the time, I'd look at BSD and say, "What are these stupid disk slice things? What is this disklabel crap? Can't I just make some partitions and go?"
You can draw examples from every facet of the computer world on this subject. Emacs and vi, anyone? Perl versus Python? C++ versus Java? Generally, "better" means "the thing that I know how to use the best."
Some things have a more difficult learning curve than others -- does that make them better? Maybe; but that shouldn't be your only criteria for judging.
We're more prone to see things as "better" when we've invested time in learning them. And when we do compare things, we often use a suboptimal example for the thing that we don't know well -- because we don't know it well.
You're thinking about "computer security" (passwords, arbitrary code, etc) which is a subset of "information security".
Information security is the protection and preservation of any data/information about or in the possession of an organization. One way you protect your information is through good "computer security". However, good IT security departments are also concerned with (among other things) backups, contacts with law enforcement and press agencies and legal issues. None of which appear to fall into your definition of security.
It is common for system administrators and developers to view "security" in the context of "computer security." Paranoid IT security trolls [TM] usually adhere to the second view.
Privacy is also a subset of information security -- think about the relationship between privacy, information and social engineering for a minute.
I'm not saying that in this particular case that this privacy breach is an invitation to massive social engineering. I am saying that privacy issues are security issues.
After scanning all of the comments about this article, I've found that most of the controversial/antagonistic comments are about java versus Open Source.
How do you deal with these type of questions when you are speaking internally?
Are you an "Open Source is the One True Way [TM]" kind of person, or are you an "Open Source Can Help Us Crush Our Competitors As Long As We Don't Give Up The Good Stuff [Java]" kind of person?
I realize that this question is kind of trollish, but I'd really like to know where you personally divide "Open Source" and "Good for Sun".
Re:Long-term versus Short-term incentives
on
Making It Personal
·
· Score: 2, Interesting
I don't think that there are any companies with a long-term view. At least not the way I would define it (4-5 years).
Every company I've worked with defines "long-term" as "next quarter's financial reports" and "short-term" as "tomorrow's opening stock price".
As an individual I can make decisions based on long-term incentives...go to college for four (or five or seven) years, get a degree...do a crappy entry level job for three years, get real experience...consult for six years, make many dollars, become a sheep farmer...I can make adjustments in my current behavior for a future payoff because I'm still going to be me in 5 or 10 or 20 years, and I'll see the benefit. A company does not see benefits (long-term or short-term) -- the individuals that it consists of do.
When compensation is tied to stock price^H^H^H^H^H^H^H^H^H^H^Hcompany performance, there is no connection between "long-term good for the company" and "long-term good for me". The days of lifetime employment and solid pensions are over.
The percentage of people who, today, can say that they realistically expect to work at the same company for 10 years is damn close to zero. Hell, in the IT sector, five years at the same company is uncommon. So I (and you) are going to maximize my (our) immediate gains(s) at the expense of the company's long-term gain.
If I can get an extra $100K or $1M or $15M this year from bonuses and stock options , I'm going to do it. Screw the long-term corporate impact. I'm not going to be there long-term. Corporations have killed off any sense of traditional corporate loyalty (probably because of executives making bad long-term corporate decisions in order to maximize their short-term individual gains).
If there were anything in 'Equal' besides the Aspartame and Maltodextrin listed on the label (e.g. methanol ["wood alcohol"], the FDA would be having a PR Field-day suing the crap out of deep-pocketed Monsanto...
In the Novemebr-December 1999 issue of FDA Consumer Magazine, the FDA said that aspartame ingestion results in the production of methanol, formaldehyde and formate. This statement was made by Dr. David Hattan, Ph.D., acting director of FDA's division of health effects evaluation.
So, the FDA (whom you and I can agree to being a "knowledgeable" party) says that ingesting aspartame results in methanol being in your body. Methanol is also known as "methyl alcohol" or "wood alcohol".
I agree with your stance: I drink Diet Coke buy the case, and agree that someone would have to mainline aspartame in order to produce sufficiently lethal concentrations of methanol. But, please, check your facts. Don't propogate false information just for the sake of winning an argument.
Sorry to have pissed in your wheaties, buddy -- but I'm glad you think I'm comprehensive.
While I bow down to your grammarian skills and retract my harsh statement about the perceived inconsistency of your first and second points due to your use of "scare quotes", I still have to say that, yes, sometimes (even rarely) hybrids produced by hybridization are known to breed true.
Just one question; while you, as a farmer, personally, yourself, are carrying out this attractive Mendelian exercise, who's looking after your fucking farm? Monsanto sell their products to real farms, run to make a profit or for subsistence, not to loony thought experiments
At the moment, I, as a farmer, personally, myself, am not watching any of the crops on my "fucking farm". The livestock is being watched by eight Maremmas at the moment. I'm sure if they had a problem that I'd know about it.
I do make a profit (barely) and I subsist quite well off of my own produce. And if you think that farmers don't engage in "attractive Mendelian exercise" (or maybe it's a "loony thought experiment") you're crazy. Any successful farmer obsessively tracks the genetic history of his produce (plant or animal). That's why they make all of that farmer-guy software.
Re:Monsanto akin to evil corporations from the mov
on
Monsanto and PCBs
·
· Score: 4, Informative
Your comment contains a number of falsehoods which I will be more than happy to address:
1. all hybrid seeds are "infertile"
This happens to a false and incorrect statement. With canola it is difficult to create hybrids that are fertile and increase crop yield. Please note that this does not mean infertile; it just means difficult to reproduce. Cross-fertilized plants are rarely fertile. But that's nowhere close to never fertile.
2. farmers,always buy new seed every year, because retained grain is a poor and inefficient way to grow your pants [must control bad jokes...]
(By the way, how does your first point of "all hybrid seeds are infertile" tie in with your second point of "new seed comes from new healthy hybrids grown for seed"? If the hybrids are all infertile, why would I grow hybrids for seed)?
While, yes, as a farmer I supplement my existing gene-lineages (both plant and animal) with external lines for hybrid vigor and outside traits every year; I also breed my existing plants and animals for specific traits. If I started off with one line of genes, and attempted to maintain that line forever, yes, I might have problems. But I don't. I select outside strains to enhance certain qualities that I believe my strains are deficient in. However, assuming I made a good starting selection of lineages, I don't need to acquire outside stock. You're talking about a minimal initial genetic selection that doesn't allow for cross-breeding over a number of generations. Sorry, but I'm aware that this could be a problem and either: start off with a reasonable selection of different genetic strains, or supplement my breeding stock every year. But if I start off with a good selection, I don't need to buy new seeds every year.
3. our assertion that "sterile seeds could spread and render entire regions infertile" is interesting
Seeds aren't the issue here. Pollen is. For example, corn cross-pollinates. If I've got some sterile corn that swoops across the pasture and cross-pollinates with my good "breeding" corn, I've got a problem. And we haven't had a chance to get to the seed part yet.
And, also, sterility is the final "hereditary property". If I've got a ewe that hasn't bred by the time she's two, I'm going to cull her. And, guess what, all of the genes that I've worked on breeding into her are gone.
By the way, if I plough the "sterile" seeds into the ground and plant a different kind of seed, I've lost time, money and productivity. The things that I grow aren't comparable to "weeds".
Re:Guilt By Association, don't buy it
on
Monsanto and PCBs
·
· Score: 4, Informative
If there are any real factual arguments against GM foods, by all means present them.
What about the recent unexpected contamination of natural Mexican corn by genetically modified corn? If you're not familiar with this, here's the scoop: the Mexican equivalent of the US Department of Agriculture tested some corn-seed in Oaxaca and found that it had between a 3-60% rate of transgenetic contamination from species of corn that had not been imported into Mexico.
My real factual argument against GM foods follows.
One: until a GM food product has existed for a number of years it is impossible to be 100% certain what effects it might have. (Think about drugs the FDA approved as good...thalidomide for one).
Two: apparently, based on the links mentioned above, it is impossible to control the dissemination of GM foods -- even the Monsanto Terminator gene isn't going to stop corn pollen.
Thus: we can't be what effects a GM food might have on the environment.
Ergo: this is a good argument for the strict control of GM foods.
And I might add, you probably don't trust Microsoft with Passport. Why would you trust Monsanto with GM foods?
We can't delude ourselves into thinking that whining on/. accompishes anything other than creating more input for a vicious feed-back loop that results in more whining on/. Someone can make a wonderful, insightful post, and it's like throwing chum into the shark tank. Nothing happens except we use it to justify the opinions that we already have. Hell, I'm just as guilty of it as anyone. I'll read a bunch of stuff, and just file it away so I can use it the next time I get into an argument. But I don't actually *do* anything about it.
(And please, don't think that illicit, annonymous MP3 trading means you're engaging in civil disobedience. If it's not public; if it's not en masse; if the cops aren't tear-gassing your unruly mob; if nobody outside of/. is appaled about it -- it's not civil disobedience...the value is in the "civil" not the "disobedience").
The only time I ever did anything differently was when the news about Dmitry broke. I was so appalled that I donated $250 (roughly 0.3% of my annual salary -- less than that after I figure my tax deductions for this year) to the EFF so I could feel good about myself. Sure, it helped the EFF, but really it was to sooth my own guilt about not doing anything. See, I can now go around and say, "I gave money to the EFF. Did you?" (Of course, I made them send me the hat and the tshirt).
Did I write one damned letter? To anybody? Nope. No email; no snailmail. Becuase I had given some pathetic amount of money to the EFF, I was a good person. I didn't need to do anything else to feel good.
I spread the word about Dmitry by telling my wife (who is only a techie by osmosis). For months, she randomly would ask, "what's going on with the poor Russian guy?". Of course, I track the news -- I'm aware of the issues -- so I'd tell her what the latest Dmitry news was; we'd commiserate about the stupidity of it, and we'd be done.
Once again, because I knew what was going on...because I could explain about this hideous assault on our rights...I felt good about myself.
I think that this disjunction between what I believe and what I do about those beliefs is due to the fact that, as a geek, I'm used to dealing with two types of arguments: one without an answer and one with an answer.
The first type has an indeterminate answer (the religious wars)...vi versus emacs (vi)...BSD versus Linux (BSD)...GNOME or KDE (KDE).
It doesn't really matter what the answer is, we all just like to argue about it and we all (hopefully) realize that ultimately it doesn't matter. No matter what side of the argument you choose, you'll still be able to get the job done. Your answer has more to do about differentiating yourself into the appropriate geek-tribe than it has to do with anything else.
The second type of argument is the one with a definite answer...How should I upgrade this Oracle 8.0 database to Oracale 8i? What is the best way to backup this contacts database? How do I write a bubblesort routine?
There are definite right and wrong answers to these questions. And if you pick the wrong one, you are going to suffer. And when you call me at 3:00AM, I am going to say, "I told you so!" and count my big geek-coup as I dance the victory dance on your stupid ass when I come in Monday morning. And you'll owe me many favors because I helped you out of the mess that you got yourself into by not listening to me.
We all agree that the DMCA/copyright/trademark/patent/IP (hereafter known as "the issues") issues are of the second category. They have a right and a wrong answer. We are conditioned that when arguing about these type of questions all we need to do is say, "Your answer is wrong because of XYZ." Because we know that if you choose to make the wrong decision after we told you, you will be bitten on the ass and come crying to us to fix it.
The problem is that the domain of the "the issues" is such that we will be penalized as well. And it's not going to be some short-term-next-Saturday-night kind of punishment. It will be a long-term, corrosive punishment. One day, we'll all wake up and say, "Fuck me. How did this happen?" But that's OK...because deep in our hearts, we'll all be saying, "I told you so."
Within the last month, I incorporated (a LLC) in Texas, and having a lawyer do everything (EIN, checking the name with the Secretary of State, all filings, by-laws, a cute little 'i'm-a-company-book', as well as some advice) cost me $1250. All I had to do was sign my name about 8 times.
Since I'm the only partner in the LLC, I don't have to worry too much on the accounting side, all of my federal taxes get thrown into a Schedule C that I attach to my 1040.
His comment was more along the line of accountants are not script kiddies, so we don't need to worry too much. That is probably reasonable, too.
Sorry, but I have to disagree. Accountants are worse than script kiddies. When they go bad they know exactly what they're looking for, and they know how to manipulate the data to hide any unusual transactions. Maybe the mythical bad accountant doesn't personally have the skillz to crack a system, but -- I assure you -- they are more than capable of finding a partner to help them.
I've been doing SAP R/3 security for a handful of years, and I could tell stories that would make every CFO in the world crap their pants.
You have to realize that we're talking about being able to manipulate real money. You can't treat it like monopoly money because it's just a bunch of numbers on a UI. You need to control (and be able to audit) access to an enterprise accounting system just like you would protect and audit access to a giant pile of dollar bills that is equivalent to your company's net worth. You've also got to realize that admin-style access to an accounting system means that you can make changes to things that happened in the past. So I could go back two months ago and insert a bogus purchase order for $99.00 (or any other small amount that misses the executive-approval-radar). Then, this month, I could pay it -- to that anonymous bank account I have. I could do this over and over with multiple fake purchase orders for months and months. And since no one could audit the transactions, they would only know that they were missing an ass-load of $99.00 transactions. (The real-world implementation is a bit more complicated, but you get the idea).
If your company has $500,000 of revenue a year, and the two accounting people are personal friends, you probably don't need to worry about embezzelment, fraud, fake purchase orders, etc. (I personally would worry about them, but I'm a paranoid security guy).
If your company is pulling in a few million dollars a year, and you hire random accounting people then, yes, you need to be able to audit their activities.
Teaching someone to be a good, general-purpose cook takes a number of years. But I can teach you how to be a tolerable cook (as long as there are no emergencies) in a much shorter time.
I can teach you how to boil water (an easy task) in one of two ways -- we put some water in a pan on a stove burner; we turn on the stove; when the water bubbles, we're done -- or we can use a microwave.
I can teach you how to make eggs benedict (a medium difficulty task) in one of to ways -- we toast some english muffins; we fry some canadian bacon; we poach some eggs; we make some hollandaise saude (But wait...I have to teach you how to make english muffins and how to poach eggs and how to make hollandaise sauce.) -- or we can buy some english muffins and fry some canadian bacon and use a little metal tool to make poaching eggs easier and we still have to make the hollandiase sauce.
I personally choose to make my own english muffins and to poach my eggs by slipping them in to a pot of boiling water. Why? Because I like the process of cooking. I know the easier ways of doing it, but I don't like them, and I don't begrude the extra time that I spend in order to have total control over the process.
If I am going to teach someone how to cook, I'm going to teach them the way that I like while perhaps mentioning the "easier" ways.
People are going to teach things the way that they do them.
Since I've started using it, I never (literally) see SPAM.
It has a whitelist and a blacklist. It challenges unknown senders and holds their mail in a pending queue. When you send email, it can generate a new address that's only good for a set amount of time, or only good for the recipient to respond to. It does other neat things as well. It is amazing.
The only problem that you might find is that you need to use qmail for a lot of the functions to work.
How often in the last couple years did you notice "Gee, this word processor can't keep up with my mad typing skillz."
Every damn day. Those keyboard buffers just can't keep up with my "mad typing skillz".
I don't have the slightest clue what "CSA Research's Benchmark Studio Professional" tests, but I'm going to guess that the CPU and I/O time spent on it typing is a few order of magnitudes less than the CPU and I/O time that it spends opening/closing files, caching, swapping, "thinking" and whatever.
Please be realistic, a freaking CLI telnet window spends more of it's time doing other crap than it spends handling my typing. There's not a single piece of software (application or OS) that spends more time dealing with keyboard-clicking than it spends with things like screen refreshing. (Sure it might have to redraw the screen every time I hit a letter, but it's spending a lot more time drawing the screen than it is receiving my keyboard press).
I think the fear here is that MS has not shown much interest in being PROactive in preventing such problems, particularly problems with such potential for ruining people's credit histories or bank accounts. If that is a legitimate fear, then it's a whopper!
Yup, it's a whopper. Spend 30 seconds thinking about all of the people who could have found exploits like this and wouldn't report them.
We can postulate that Marc is an very good hacker. We can also postulate that he has a sense of societal responsibility (or is a Microsoft basher -- which is really the same thing).
Start thinking about the possible set of very good hackers who wouldn't report this type of problem. Then think about what they could do with it. This is why security should be at the top of the list. Yes, it's paranoia, but when you think of the possible stakes, it's warranted. (Please draw your own analogies with the events of 9/11).
I have some more arguments about societal responsibility, technical skill of hackers, geographic proximity, and a few other odds and ends, but I don't want to turn this into a mini-dissertation.
I don't see anything in the second post (or the links that it references) that have anything to do with "Alan the responsible".
No mention of Alan or Marcelo. There is -- if you dig deeply -- a mention of the 2.4.13-ac4 kernel not having a problem with mmapping in certain situations.
But I don't see anything at all about Alan still being responsible.
It is quite possible that due to my rusty Spanish (and the fact that I'm a BSDite) that I've missed some subtle indicators, but I don't think so.
I personally think linux is an awesome server OS. I find that it's interface, especially remote, is far better than Windows, BSD, Solaris, and other UNIX systems.
What? How is SSH on Linux any different from SSH on any of the BSDs? Or Solaris? Or any other UNIX system?
With other OSes, like Solaris, their stock tools are horrible
So they don't ship with GNU tools. (By the way, many of them for Solaris can be located here). That's because you just bought a Sun box, not a Linux box. If I bought a Linux box, I wouldn't expect it to have smitty, now would I?
I can't help but feel your big complaint is: "all of those other Unixes are nasty because I'm not familiar with them". That's a fine opinion to have, but please don't try to take your personal preference and use it to prop up some Linux Rocks argument.
The main difference between a great systems administrator and a technically competent sysadmin is paranoia.
A great sysadmin would cut out their own heart before operating without known good backups. A great sysadmin would chew their own arm off before putting something into production without testing it first in a development environment. A great sysadmin *always* has a backout plan.
And how does a lowly admin reach this amazing level of greatness, you ask?
Admins get paranoid after making hideous, terrible mistakes that immediately result in Bad Things Happening.
I have personally: killed the email server for 2 days...shut down distribution for the world's largest distributor of widgets (every Thursday for 3 weeks)...destroyed all connectivity (voice and data) to the world for 12 hours...hosed the upgrade on a 700GB Oracle database (and our backups were no good). And any semi-experienced administrator will have, at minimum, two stories that are at least this bad (like my friend who shut down trading at Fidelity for a day).
And for every one one of these instances, I immediately felt the wrath of: my manager, my manager's manager, other people's managers, other people who were affected, stray people wandering by my cube who weren't affected...I also became a part of the "mythical sysadmin storybook"--"I once worked with this guy, and (you won't believe this) he..."
I submit the hypothesis that: generally, most developers are not subject to this type of immediate and extremely negative form of feedback for their mistakes. Therefore it takes a developer a long time to develop an aversion reflex that conditions them to do "the right thing -- error handling, code documentation" instead of doing "the easy, interesting, enjoyable and sexy thing -- making spiffy algorithms, writing tight code".
Drifting into another analogy, error handling is like code docmentation. Why do most developers get good (and a little obsessive) about documenting code? Becuase they finally spent some years trying to maintain someone else's tight, sexy code that is virtually incomprehensible.
So, my point is, developers take a long time to viscerally learn the need for good error handling by repeatedly getting whacked on the head for lack of error handling. It's like evolution in action.
Slashdot Mirror
Sometimes you're copying a database from location A to location B and it would be nice to have an easy way to compare the files that arrive at B with the ones at A to make sure that no bits fell out.
Sometimes you have a database that grows ten gigs a month. It's a *lot* easier to add a new datafile to a cooked device than to it is to partition out some more space for a new raw device and mark it as a datafile.
You're argument about the SCSI cards with no battery backup is specious. You do not have to use raw devices for Oracle to be ACID compliant. If you're using redo logs and datafiles on cooked devices your transactions are just as safe as if you're using raw devices.
That's why Oracle has redo logs. A transaction occurs; it's written to the redo (and mriror) logs; when the redo log is full, all of the transactions in it are applied to the datafile (what you can think of as the *actual* data). The redo log gets archived and a new one is started. If any one of those steps doesn't happen, the database stops accepting transactions (sometimes it stays up, sometimes it crashes). This happens just the same way on cooked devices as it does on raw devices.
and Oracle likes raw disks; filesystems just slow things down, after all
Raw devices aren't significantly faster than cooked devices and haven't been for a long time. Device drivers and OS disk subsystems (not to mention improvements in disk drives and controllers) have almost totally closed the performance gap. You might eke out an additional 5% performance advantage with raw devices, but that's not guaranteed.
When you factor in the PITA (pain in the ass) factor of managing raw devices (don't even think about mv, cp, diff, rm, tar, gzip, chmod, chown...there are no files for you to directly manipulate via the OS) there is no overall benefit to raw devices.
It's almost always a bad idea to use raw devices. If you want to increase your system performance: tune the application; tune oracle, tune the OS...don't switch to raw devices.
Based on my experience (getting zapped with 220) and my observations (watching other people getting zapped by 110 and 220), I say, "Take the 220 zap every time."
Imagine that you just had 18 pots of coffee instantaneously administered via IV, were dipped into hot grease for a split-second, and a Mack truck ran into you and rammed you into the wall 20 feet away. That's getting hit by 220.
110 is just like the above minus the Mack truck. Which means that you stay attached to the nasty circuit that is frying you. All of those movie images about some guy grabbing a live wire and hanging on while he jerks -- that is 110. If it had been 220 he would have been blown across the room.
You're more likely to get injured by 220, but you're more likely to get killed by 110.
I worked for Metricom (the Ricochet people).
In the final dark days, many of us in the Dallas and Houston offices wondered exactly how much the two multi-story, fancy office buildings in downtown San Jose actually cost. I mean, we're talking a place where a 1300 sq ft town home can sell for $400,000.
And, of course, the higher price of living meant that everyone needed a higher salary.
It's pretty much a given than you're not going to find the 500 hundred electrical engineers, wireless developers and system administrators that you need if you're looking in BFE, North Dakota. But there are a *lot* of other places you can find the real estate and people that you need cheaper than Califonia.
So what if you need to "stay in touch" with the deep industry currents in Silicon Valley -- rent a nice SMALL office; keep a SMALL staff on hand and have your corporate executives fly out there every few weeks. It's going to be a damn sight cheaper than maintaining 500 employees and 30,000 sq ft of office space in one of the most expensive places in the US.
in any event, this post hopefully makes it clear that the difference between the two is far more a matter of personal taste/how accustomed each person is to the syntax
Exactly!
A standard slashdot argument is: "I use XYZ and it is easier/better than ABC."
The reason that it's "easier/better" is that you're more familiar with it. People make judgements based on what they have experience with.
Sure, I think that BSD is better than Linux. I think that the *BSDs firewall syntax is better than the Linux firewall syntax. I think that the *BSD ports/package system rocks compared to any Linux solution (yes, even apt). But I think these things because I use *BSD all of the time! If I used Linux all of the time, I'd look at BSD and say, "What are these stupid disk slice things? What is this disklabel crap? Can't I just make some partitions and go?"
You can draw examples from every facet of the computer world on this subject. Emacs and vi, anyone? Perl versus Python? C++ versus Java? Generally, "better" means "the thing that I know how to use the best."
Some things have a more difficult learning curve than others -- does that make them better? Maybe; but that shouldn't be your only criteria for judging.
We're more prone to see things as "better" when we've invested time in learning them. And when we do compare things, we often use a suboptimal example for the thing that we don't know well -- because we don't know it well.
You're thinking about "computer security" (passwords, arbitrary code, etc) which is a subset of "information security".
Information security is the protection and preservation of any data/information about or in the possession of an organization. One way you protect your information is through good "computer security". However, good IT security departments are also concerned with (among other things) backups, contacts with law enforcement and press agencies and legal issues. None of which appear to fall into your definition of security.
It is common for system administrators and developers to view "security" in the context of "computer security." Paranoid IT security trolls [TM] usually adhere to the second view.
Privacy is also a subset of information security -- think about the relationship between privacy, information and social engineering for a minute.
I'm not saying that in this particular case that this privacy breach is an invitation to massive social engineering. I am saying that privacy issues are security issues.
After scanning all of the comments about this article, I've found that most of the controversial/antagonistic comments are about java versus Open Source.
How do you deal with these type of questions when you are speaking internally?
Are you an "Open Source is the One True Way [TM]" kind of person, or are you an "Open Source Can Help Us Crush Our Competitors As Long As We Don't Give Up The Good Stuff [Java]" kind of person?
I realize that this question is kind of trollish, but I'd really like to know where you personally divide "Open Source" and "Good for Sun".
I don't think that there are any companies with a long-term view. At least not the way I would define it (4-5 years).
Every company I've worked with defines "long-term" as "next quarter's financial reports" and "short-term" as "tomorrow's opening stock price".
As an individual I can make decisions based on long-term incentives...go to college for four (or five or seven) years, get a degree...do a crappy entry level job for three years, get real experience...consult for six years, make many dollars, become a sheep farmer...I can make adjustments in my current behavior for a future payoff because I'm still going to be me in 5 or 10 or 20 years, and I'll see the benefit. A company does not see benefits (long-term or short-term) -- the individuals that it consists of do.
When compensation is tied to stock price^H^H^H^H^H^H^H^H^H^H^Hcompany performance, there is no connection between "long-term good for the company" and "long-term good for me". The days of lifetime employment and solid pensions are over.
The percentage of people who, today, can say that they realistically expect to work at the same company for 10 years is damn close to zero. Hell, in the IT sector, five years at the same company is uncommon. So I (and you) are going to maximize my (our) immediate gains(s) at the expense of the company's long-term gain.
If I can get an extra $100K or $1M or $15M this year from bonuses and stock options , I'm going to do it. Screw the long-term corporate impact. I'm not going to be there long-term. Corporations have killed off any sense of traditional corporate loyalty (probably because of executives making bad long-term corporate decisions in order to maximize their short-term individual gains).
If there were anything in 'Equal' besides the Aspartame and Maltodextrin listed on the label (e.g. methanol ["wood alcohol"], the FDA would be having a PR Field-day suing the crap out of deep-pocketed Monsanto...
In the Novemebr-December 1999 issue of FDA Consumer Magazine, the FDA said that aspartame ingestion results in the production of methanol, formaldehyde and formate. This statement was made by Dr. David Hattan, Ph.D., acting director of FDA's division of health effects evaluation.
So, the FDA (whom you and I can agree to being a "knowledgeable" party) says that ingesting aspartame results in methanol being in your body. Methanol is also known as "methyl alcohol" or "wood alcohol".
I agree with your stance: I drink Diet Coke buy the case, and agree that someone would have to mainline aspartame in order to produce sufficiently lethal concentrations of methanol. But, please, check your facts. Don't propogate false information just for the sake of winning an argument.
Sorry to have pissed in your wheaties, buddy -- but I'm glad you think I'm comprehensive.
While I bow down to your grammarian skills and retract my harsh statement about the perceived inconsistency of your first and second points due to your use of "scare quotes", I still have to say that, yes, sometimes (even rarely) hybrids produced by hybridization are known to breed true.
Just one question; while you, as a farmer, personally, yourself, are carrying out this attractive Mendelian exercise, who's looking after your fucking farm? Monsanto sell their products to real farms, run to make a profit or for subsistence, not to loony thought experiments
At the moment, I, as a farmer, personally, myself, am not watching any of the crops on my "fucking farm". The livestock is being watched by eight Maremmas at the moment. I'm sure if they had a problem that I'd know about it.
I do make a profit (barely) and I subsist quite well off of my own produce. And if you think that farmers don't engage in "attractive Mendelian exercise" (or maybe it's a "loony thought experiment") you're crazy. Any successful farmer obsessively tracks the genetic history of his produce (plant or animal). That's why they make all of that farmer-guy software.
Your comment contains a number of falsehoods which I will be more than happy to address:
,always buy new seed every year, because retained grain is a poor and inefficient way to grow your pants [must control bad jokes...]
1. all hybrid seeds are "infertile"
This happens to a false and incorrect statement. With canola it is difficult to create hybrids that are fertile and increase crop yield. Please note that this does not mean infertile; it just means difficult to reproduce. Cross-fertilized plants are rarely fertile. But that's nowhere close to never fertile.
2. farmers
(By the way, how does your first point of "all hybrid seeds are infertile" tie in with your second point of "new seed comes from new healthy hybrids grown for seed"? If the hybrids are all infertile, why would I grow hybrids for seed)?
While, yes, as a farmer I supplement my existing gene-lineages (both plant and animal) with external lines for hybrid vigor and outside traits every year; I also breed my existing plants and animals for specific traits. If I started off with one line of genes, and attempted to maintain that line forever, yes, I might have problems. But I don't. I select outside strains to enhance certain qualities that I believe my strains are deficient in. However, assuming I made a good starting selection of lineages, I don't need to acquire outside stock. You're talking about a minimal initial genetic selection that doesn't allow for cross-breeding over a number of generations. Sorry, but I'm aware that this could be a problem and either: start off with a reasonable selection of different genetic strains, or supplement my breeding stock every year. But if I start off with a good selection, I don't need to buy new seeds every year.
3. our assertion that "sterile seeds could spread and render entire regions infertile" is interesting
Seeds aren't the issue here. Pollen is. For example, corn cross-pollinates. If I've got some sterile corn that swoops across the pasture and cross-pollinates with my good "breeding" corn, I've got a problem. And we haven't had a chance to get to the seed part yet.
And, also, sterility is the final "hereditary property". If I've got a ewe that hasn't bred by the time she's two, I'm going to cull her. And, guess what, all of the genes that I've worked on breeding into her are gone.
By the way, if I plough the "sterile" seeds into the ground and plant a different kind of seed, I've lost time, money and productivity. The things that I grow aren't comparable to "weeds".
If there are any real factual arguments against GM foods, by all means present them.
What about the recent unexpected contamination of natural Mexican corn by genetically modified corn? If you're not familiar with this, here's the scoop: the Mexican equivalent of the US Department of Agriculture tested some corn-seed in Oaxaca and found that it had between a 3-60% rate of transgenetic contamination from species of corn that had not been imported into Mexico.
from:
UC Berkeley
Reuters
Nature, Vol. 413, September 27, 2001
My real factual argument against GM foods follows.
One: until a GM food product has existed for a number of years it is impossible to be 100% certain what effects it might have. (Think about drugs the FDA approved as good...thalidomide for one).
Two: apparently, based on the links mentioned above, it is impossible to control the dissemination of GM foods -- even the Monsanto Terminator gene isn't going to stop corn pollen.
Thus: we can't be what effects a GM food might have on the environment.
Ergo: this is a good argument for the strict control of GM foods.
And I might add, you probably don't trust Microsoft with Passport. Why would you trust Monsanto with GM foods?
He does have a point.
/. accompishes anything other than creating more input for a vicious feed-back loop that results in more whining on /. Someone can make a wonderful, insightful post, and it's like throwing chum into the shark tank. Nothing happens except we use it to justify the opinions that we already have. Hell, I'm just as guilty of it as anyone. I'll read a bunch of stuff, and just file it away so I can use it the next time I get into an argument. But I don't actually *do* anything about it.
/. is appaled about it -- it's not civil disobedience...the value is in the "civil" not the "disobedience").
We can't delude ourselves into thinking that whining on
(And please, don't think that illicit, annonymous MP3 trading means you're engaging in civil disobedience. If it's not public; if it's not en masse; if the cops aren't tear-gassing your unruly mob; if nobody outside of
The only time I ever did anything differently was when the news about Dmitry broke. I was so appalled that I donated $250 (roughly 0.3% of my annual salary -- less than that after I figure my tax deductions for this year) to the EFF so I could feel good about myself. Sure, it helped the EFF, but really it was to sooth my own guilt about not doing anything. See, I can now go around and say, "I gave money to the EFF. Did you?" (Of course, I made them send me the hat and the tshirt).
Did I write one damned letter? To anybody? Nope. No email; no snailmail. Becuase I had given some pathetic amount of money to the EFF, I was a good person. I didn't need to do anything else to feel good.
I spread the word about Dmitry by telling my wife (who is only a techie by osmosis). For months, she randomly would ask, "what's going on with the poor Russian guy?". Of course, I track the news -- I'm aware of the issues -- so I'd tell her what the latest Dmitry news was; we'd commiserate about the stupidity of it, and we'd be done.
Once again, because I knew what was going on...because I could explain about this hideous assault on our rights...I felt good about myself.
I think that this disjunction between what I believe and what I do about those beliefs is due to the fact that, as a geek, I'm used to dealing with two types of arguments: one without an answer and one with an answer.
The first type has an indeterminate answer (the religious wars)...vi versus emacs (vi)...BSD versus Linux (BSD)...GNOME or KDE (KDE).
It doesn't really matter what the answer is, we all just like to argue about it and we all (hopefully) realize that ultimately it doesn't matter. No matter what side of the argument you choose, you'll still be able to get the job done. Your answer has more to do about differentiating yourself into the appropriate geek-tribe than it has to do with anything else.
The second type of argument is the one with a definite answer...How should I upgrade this Oracle 8.0 database to Oracale 8i? What is the best way to backup this contacts database? How do I write a bubblesort routine?
There are definite right and wrong answers to these questions. And if you pick the wrong one, you are going to suffer. And when you call me at 3:00AM, I am going to say, "I told you so!" and count my big geek-coup as I dance the victory dance on your stupid ass when I come in Monday morning. And you'll owe me many favors because I helped you out of the mess that you got yourself into by not listening to me.
We all agree that the DMCA/copyright/trademark/patent/IP (hereafter known as "the issues") issues are of the second category. They have a right and a wrong answer. We are conditioned that when arguing about these type of questions all we need to do is say, "Your answer is wrong because of XYZ." Because we know that if you choose to make the wrong decision after we told you, you will be bitten on the ass and come crying to us to fix it.
The problem is that the domain of the "the issues" is such that we will be penalized as well. And it's not going to be some short-term-next-Saturday-night kind of punishment. It will be a long-term, corrosive punishment. One day, we'll all wake up and say, "Fuck me. How did this happen?" But that's OK...because deep in our hearts, we'll all be saying, "I told you so."
Within the last month, I incorporated (a LLC) in Texas, and having a lawyer do everything (EIN, checking the name with the Secretary of State, all filings, by-laws, a cute little 'i'm-a-company-book', as well as some advice) cost me $1250. All I had to do was sign my name about 8 times.
Since I'm the only partner in the LLC, I don't have to worry too much on the accounting side, all of my federal taxes get thrown into a Schedule C that I attach to my 1040.
The only way you're going to have a $250,000 SAP R/3 implementation is to send out press gangs to 'recruit' R/3 consultants.
His comment was more along the line of accountants are not script kiddies, so we don't need to worry too much. That is probably reasonable, too.
Sorry, but I have to disagree. Accountants are worse than script kiddies. When they go bad they know exactly what they're looking for, and they know how to manipulate the data to hide any unusual transactions. Maybe the mythical bad accountant doesn't personally have the skillz to crack a system, but -- I assure you -- they are more than capable of finding a partner to help them.
I've been doing SAP R/3 security for a handful of years, and I could tell stories that would make every CFO in the world crap their pants.
You have to realize that we're talking about being able to manipulate real money. You can't treat it like monopoly money because it's just a bunch of numbers on a UI. You need to control (and be able to audit) access to an enterprise accounting system just like you would protect and audit access to a giant pile of dollar bills that is equivalent to your company's net worth. You've also got to realize that admin-style access to an accounting system means that you can make changes to things that happened in the past. So I could go back two months ago and insert a bogus purchase order for $99.00 (or any other small amount that misses the executive-approval-radar). Then, this month, I could pay it -- to that anonymous bank account I have. I could do this over and over with multiple fake purchase orders for months and months. And since no one could audit the transactions, they would only know that they were missing an ass-load of $99.00 transactions. (The real-world implementation is a bit more complicated, but you get the idea).
If your company has $500,000 of revenue a year, and the two accounting people are personal friends, you probably don't need to worry about embezzelment, fraud, fake purchase orders, etc. (I personally would worry about them, but I'm a paranoid security guy).
If your company is pulling in a few million dollars a year, and you hire random accounting people then, yes, you need to be able to audit their activities.
I can teach you how to boil water (an easy task) in one of two ways -- we put some water in a pan on a stove burner; we turn on the stove; when the water bubbles, we're done -- or we can use a microwave.
I can teach you how to make eggs benedict (a medium difficulty task) in one of to ways -- we toast some english muffins; we fry some canadian bacon; we poach some eggs; we make some hollandaise saude (But wait...I have to teach you how to make english muffins and how to poach eggs and how to make hollandaise sauce.) -- or we can buy some english muffins and fry some canadian bacon and use a little metal tool to make poaching eggs easier and we still have to make the hollandiase sauce.
I personally choose to make my own english muffins and to poach my eggs by slipping them in to a pot of boiling water. Why? Because I like the process of cooking. I know the easier ways of doing it, but I don't like them, and I don't begrude the extra time that I spend in order to have total control over the process.
If I am going to teach someone how to cook, I'm going to teach them the way that I like while perhaps mentioning the "easier" ways.
People are going to teach things the way that they do them.
TMDA
(Tagged Message Delivery Agent).
Since I've started using it, I never (literally) see SPAM.
It has a whitelist and a blacklist. It challenges unknown senders and holds their mail in a pending queue. When you send email, it can generate a new address that's only good for a set amount of time, or only good for the recipient to respond to. It does other neat things as well. It is amazing.
The only problem that you might find is that you need to use qmail for a lot of the functions to work.
Here's the ruling.
How often in the last couple years did you notice "Gee, this word processor can't keep up with my mad typing skillz."
Every damn day. Those keyboard buffers just can't keep up with my "mad typing skillz".
I don't have the slightest clue what "CSA Research's Benchmark Studio Professional" tests, but I'm going to guess that the CPU and I/O time spent on it typing is a few order of magnitudes less than the CPU and I/O time that it spends opening/closing files, caching, swapping, "thinking" and whatever.
Please be realistic, a freaking CLI telnet window spends more of it's time doing other crap than it spends handling my typing. There's not a single piece of software (application or OS) that spends more time dealing with keyboard-clicking than it spends with things like screen refreshing. (Sure it might have to redraw the screen every time I hit a letter, but it's spending a lot more time drawing the screen than it is receiving my keyboard press).
I think the fear here is that MS has not shown much interest in being PROactive in preventing such problems, particularly problems with such potential for ruining people's credit histories or bank accounts. If that is a legitimate fear, then it's a whopper!
Yup, it's a whopper. Spend 30 seconds thinking about all of the people who could have found exploits like this and wouldn't report them.
We can postulate that Marc is an very good hacker. We can also postulate that he has a sense of societal responsibility (or is a Microsoft basher -- which is really the same thing).
Start thinking about the possible set of very good hackers who wouldn't report this type of problem. Then think about what they could do with it. This is why security should be at the top of the list. Yes, it's paranoia, but when you think of the possible stakes, it's warranted. (Please draw your own analogies with the events of 9/11).
I have some more arguments about societal responsibility, technical skill of hackers, geographic proximity, and a few other odds and ends, but I don't want to turn this into a mini-dissertation.
I don't see anything in the second post (or the links that it references) that have anything to do with "Alan the responsible".
No mention of Alan or Marcelo. There is -- if you dig deeply -- a mention of the 2.4.13-ac4 kernel not having a problem with mmapping in certain situations.
But I don't see anything at all about Alan still being responsible.
It is quite possible that due to my rusty Spanish (and the fact that I'm a BSDite) that I've missed some subtle indicators, but I don't think so.
They have it available now.
I personally think linux is an awesome server OS. I find that it's interface, especially remote, is far better than Windows, BSD, Solaris, and other UNIX systems.
What? How is SSH on Linux any different from SSH on any of the BSDs? Or Solaris? Or any other UNIX system?
With other OSes, like Solaris, their stock tools are horrible
So they don't ship with GNU tools. (By the way, many of them for Solaris can be located here). That's because you just bought a Sun box, not a Linux box. If I bought a Linux box, I wouldn't expect it to have smitty, now would I?
I can't help but feel your big complaint is: "all of those other Unixes are nasty because I'm not familiar with them". That's a fine opinion to have, but please don't try to take your personal preference and use it to prop up some Linux Rocks argument.
The main difference between a great systems administrator and a technically competent sysadmin is paranoia.
A great sysadmin would cut out their own heart before operating without known good backups. A great sysadmin would chew their own arm off before putting something into production without testing it first in a development environment. A great sysadmin *always* has a backout plan.
And how does a lowly admin reach this amazing level of greatness, you ask?
Admins get paranoid after making hideous, terrible mistakes that immediately result in Bad Things Happening.
I have personally: killed the email server for 2 days...shut down distribution for the world's largest distributor of widgets (every Thursday for 3 weeks)...destroyed all connectivity (voice and data) to the world for 12 hours...hosed the upgrade on a 700GB Oracle database (and our backups were no good). And any semi-experienced administrator will have, at minimum, two stories that are at least this bad (like my friend who shut down trading at Fidelity for a day).
And for every one one of these instances, I immediately felt the wrath of: my manager, my manager's manager, other people's managers, other people who were affected, stray people wandering by my cube who weren't affected...I also became a part of the "mythical sysadmin storybook"--"I once worked with this guy, and (you won't believe this) he..."
I submit the hypothesis that: generally, most developers are not subject to this type of immediate and extremely negative form of feedback for their mistakes. Therefore it takes a developer a long time to develop an aversion reflex that conditions them to do "the right thing -- error handling, code documentation" instead of doing "the easy, interesting, enjoyable and sexy thing -- making spiffy algorithms, writing tight code".
Drifting into another analogy, error handling is like code docmentation. Why do most developers get good (and a little obsessive) about documenting code? Becuase they finally spent some years trying to maintain someone else's tight, sexy code that is virtually incomprehensible.
So, my point is, developers take a long time to viscerally learn the need for good error handling by repeatedly getting whacked on the head for lack of error handling. It's like evolution in action.