Of course all of these are CMW products which meet a slightly different set of criteria...
11. What are the CMWREQs and the CMWEC?
The criteria used by the Defense Intelligence Agency (DIA) to rate a product as a Compartmented Mode Workstation (CMW) was the Compartmented Mode Workstation Evaluation Criteria (CMWEC), which superseded the CMW Requirements (CMWREQs) in 1991. This criteria defined a minimum level of assurance equivalent to the B1 level of the TCSEC (see TCSEC Criteria Concepts FAQ, Questions 9-11). It also defines a minimum set of functionality and usability features outside the scope of the TCSEC (e.g. a graphical user interface via a window system was required along with the capability to cut and paste between windows). Neither set of requirements are currently to evaluate products although products that are designed to have these features may be evaluated with the Common Criteria for Information Technology Security Evaluation (CCITSE).
Actually, where I work we use the standard Solaris start up files mostly and those wipe/tmp (usually we have that on disk) on boot.
This is a sensible strategy, and frankly I wouldn't expect to keep files in/tmp over a reboot.
You can limit the size of/tmp on the tmpfs file system by using the mount options... -o size=sz sz can be in bytes, kilobytes or megabytes (123, 123k or 123m)
The main reasons that we don't use it are DBAs...
We have had one DBA ask us to reduce the size of/tmp and use that space to create a new partition... And they generally don't want to use ANY memory for things other than their programs. tmpfs keeps the filesystem control structures in memory.
Or you can simply pad to four characters with the corresponding characters from 0x10, 0x34, 0x0D, 0x03. i.e. if you need two characters,pad it with 0x0d, 0x03.
Then when you split it up into three characters and XOR it with 67 you end up with null characters in the remaining spaces.
I know RIPE have been doing this for about a year (or so)... Whether this is a good thing depends on your point of view. It helps conserve IPv4 addresses. It means people need to think about what they are doing...
But if you offer anonymous ftp server and web server for a single fee then you still need to use IP addresses. FTP is not capable of working on a HOST header basis.
The ISP in the UK that I used to work for bundled anonymous FTP with web servers before this policy came out. I don't know how many people use their FTP space, but it is there. It was a cheap and easy way of adding value to our offerings.
My personal belief is that some people will switch to name based virtual servers, others will start to bundle more services for the same price such as FTP and HTTPS that can't be run on the same basis.
Anyone want an IP based shell account with a web server, ftp server, https server and nntp server of their very own, all for the low price of...
The real problem is that you currently have to register under a "locality".
I currently live in Milwaukie, Oregon. But I'm two blocks from Portland, I work in Hillsboro, and the company that I run computer systems for is based in Beaverton.
Which one should I register my domain name in? aGenericDomain.milwaukie.or.us?
No thank you... I want a statewide domain. Yup, I want to be able to register aGenericDomain.or.us...
OK I'm really just saying this because I want to be the proud owner of:-
them.or.us
Gee, we didn't even want freedom from Britian at first, we just wanted a few seats in Parliment -- like they'd given to Scotland a few decades before that.BIG DIFFERENCE!!! Scotland got "a few seats in parliament" because it was a seperate country, with it's own laws, parliament, and so on... which United with England on a legal footing. The Scottish King became the King of England too. It made sense. America was colonised. It was not an ongoing country at the time, at least not in the eyes of the European peoples of the time. So, please don't use this as a justification for the American civil war. God knows, there are enough real reasons without having to make things up.
In order to avoid "stupid" names our former illustrious leader instituted an excellent naming scheme. We can use any name we like as long as it comes from a standard Ordnance Survey Map (Whitby and surrounding area)
This sounds dull, but we have machines like tumulus, potato, hackness, scratch and scar.
We haven't yet used "Hole of Horcum" or "Lower Bell End" but one day they will take their place alongside Dismantled, and Danger Area.
As everyone else seems dead set against this idea, let me just expound (and expand) on why I like the idea of Clothos...
I don't have time to surf the web for 8 hours a day. However I do have time to at least skim a bunch of headings and read the ones that sound interesting (slashdot anyone?)
I do know that a lot of stuff is going on that I would be interested in if I could find out more about it. Think about the things that Slashdot doesn't cover that you get sent by friends who thought that you might be interested in it.
I would like something that could sit there and scan the web and newsgroups and flag up things that would interest me. This would make things easier for me. I don't want a web site to "protect me from evil." I don't want a web site that hides things from me, and I don't want to be spoonfed "interesting stories." What I would like is "an intelligent agent" that looks for information that I would find interesting.
An excellent article... I would be interested in something that sifted out the stuff that I'm not interested in...
But it would have to learn what I wanted to know about. Sometimes I hear about things that are not immediately obviously interesting to me,... But yet they are of enough interest to me in a tangential way.
I guess I'd want it to let the odd random article through so that I could find out about those things that I was not obviously interested in.
In 1998, Stardock took the position that if IBM had no current or projected plans for a new fat OS/2 client, that it was in the interests of OS/2 users and the computing community in general that a third-party should work with IBM to license OS/2 technology on an OEM basis and make a new client available.
To that end, late last year, Stardock prepared a business plan and opened negotiations with IBM. The wheels of bureacracy grind slowly, but eventually it was up to "IBM" (executive level) to make the ultimate call on proceeding.
For the past 6 months, Stardock and IBM have been working closely together in hammering out the details of an OS/2 client. Everything from potential names down to which minute components would or would not be included. These meetings included multiple in-person meetings with IBM staff and executives here at Stardock's office complex in Livonia Michigan.
With an agreement in principle in place, the last major hurdle was this week in which the IBMers in favor of our proposal (mostly in Austin) presented their case to IBM as a whole.
The call has been made -- there will be no new client from Stardock and IBM has indicated that they have no plans for an OS/2-based client of their own.
Though IBM indicated Stardock had the strongest proposal, they have decided that it is currently not in IBM's or their customer's interests to license any current OS/2 technology on an OEM-basis.
There was never any discord between IBM and Stardock over financials, technical viability, target market, or the like. IBM has simply finally made the decision that a new OS/2 client would be in conflict with their strategic directions.
Stardock would like to extend a special thanks to all the IBMers (and in particular Ken Christopher and Timothy Sipples) who went above and beyond the call in working with us and going to bat inside IBM. Remember when you meet folks like them, who are and have been intimately involved with OS/2, that their hands may be just as tied as yours when the IBM Corporation as a whole sets policy.
It looks like the idea came forward from someone at realnames. I'm not particularly impressed with their idea. Just replace a URL with a simple text string... and whoever paid us most for that string will get the hit...
I don't think that people have much trouble in using search engines... Why not just put a search engine on your intranet server and have the home page set to that server?
It solves the problem of finding the 1996 budget report without knowing the URL... and it doesn't involve replacing browsers, adding in new servers or anything particularly complicated...
CLID should be enabled if you are connecting to a free ISP. The reason for this is traceability. If you send some email through a regular isp then you can be traced. if you do the same through a free ISP then they don't know where you came from.
You could be almost anybody. The solution insist on CLID. There has been a lot of discussion about this sort of thing in industry bodies...
AFAIK this information is only used for logging purposes.
Hmmm, how do you define Internet packets? TCP/IP? Well, Voice over IP works... so either they inspect all of my packets or they don't charge me properly.
Guess I'll start using an encrypted tunnel to a server somewhere that will break those packets out for me... Now what rate will they charge my encrypted IP packets at?
I can't see how you can regulate this one.
Either you play a flat monthly fee for such a service or you pay that for a basic service and pay extra for all those useless add ons...
Television and music... Hmmm, no I don't want to buy those services from you thank you.
Games... No thanks I have some of those already...
Phone calls... Well, that one sounds useful, how about I pay you per call...
in the UK we have to pay for ALL of our telephone calls...
The way this owrks is that 1/3 of that cost goes to the originating telco. 1/3 goes to BT for switching it between telcos and 1/3 goes to the terminating telco.
BT is for the majority of calls in the UK both the originating and terminating telco. So they get 100% of the call cost.
ISP's generally receive lots of calls without making any. This means that the receiving telco makes a nice profit on all of those calls. So this sort of profit sharing scheme means that the ISP can cut costs by getting some of that profit from the telco.
I don't know how it works in the states but I would guess that it's not the same.
Although Demon is owned by Scottish Telecom it has its own telco licence, so at a bit of investment (1/4 to 1/2 a million pounds) they can put in a C7 DMSU (telephone switch) and rake in 100% of the interconnect charge. i.e. get the final 1/3 all to themselves.
So technically nobody will be charged more for this, its already included on your phone bill.
A while ago while reading segfault I came across this article which talks about small machines, and there is a follow up from someone in perth who is running a 486 suspended from the ceiling by fishing line...
I guess that it predates this custom made objet d'art...
Well, I hate to disagree, but having run SunOs and Sparc Linux on the same hardware, I would say that SparcLinux is more reliable and faster. Maybe PC hardware is less reliable than SUN hardware, but when you can repair/replace it on site within minutes it works out more efficient than using Suns.
Actually my work is migrating away from suns and towards Linux... sometimes Sun hardware running Sparc Linux simply because of the cost/performance savings.
I just dislike some of the things about their distribution...
I dislike RPM... but that's my personal opinion, and I don't force it on anyone else. It wouldn't be so bad if RPMs were multiplatform and were used by people... but HP have their package management tools, sun have theirs... I tend to avoid learning these things as they don't scale.
I dislike their extensions to the init stuff. although I prefer the SVR4 style multiple little scripts symbolically linked style over the one big init script per level style. But again, that is just personal.
All in all, I don't use Red Hat much, but I have no objections to the company.
The only distribution that actually manages to irritate me is Debian, but that's because I can't seem to get the install to do what I want it to, and the GNU/Linux debate irritates me... mostly the GNU attitude to man pages. "this page doesn't exist because we think you should use texinfo" Fortunately I have found a texinfo to groff converter...:-)
This shows the stupidity of software patents. After all, if you can't patent the software, then nobody can claim that they had the idea for X first... You can still copyright your program. you just can't patent the algorithm behind it.
Of course us You-Rope-Ians currently have the right idea.:-)
Slashdot Mirror
What conclusions can be drawn from the fact that one registrar wanted both .kids and .xxx?
.teens too...
I guess they want to clearly delineate websites for adults and those for children, but howlong before we see someone registering nude.kids?
At least they didn't ask for
Z.
Trusted Solaris
HP Virtual Vault Based on HP-UX CMW
SCO CMW
Of course all of these are CMW products which meet a slightly different set of criteria...
11. What are the CMWREQs and the CMWEC?
The criteria used by the Defense Intelligence Agency (DIA) to rate a product as a Compartmented Mode Workstation (CMW) was the Compartmented Mode Workstation Evaluation Criteria (CMWEC), which superseded the CMW Requirements (CMWREQs) in 1991. This criteria defined a minimum level of assurance equivalent to the B1 level of the TCSEC (see TCSEC Criteria Concepts FAQ, Questions 9-11). It also defines a minimum set of functionality and usability features outside the scope of the TCSEC (e.g. a graphical user interface via a window system was required along with the capability to cut and paste between windows). Neither set of requirements are currently to evaluate products although products that are designed to have these features may be evaluated with the Common Criteria for Information Technology Security Evaluation (CCITSE).
Actually, where I work we use the standard Solaris start up files mostly and those wipe /tmp (usually we have that on disk) on boot.
/tmp over a reboot.
/tmp on the tmpfs file system by using the mount options... -o size=sz sz can be in bytes, kilobytes or megabytes (123, 123k or 123m)
/tmp and use that space to create a new partition... And they generally don't want to use ANY memory for things other than their programs. tmpfs keeps the filesystem control structures in memory.
This is a sensible strategy, and frankly I wouldn't expect to keep files in
You can limit the size of
The main reasons that we don't use it are DBAs...
We have had one DBA ask us to reduce the size of
Z.
Or you can simply pad to four characters with the corresponding characters from 0x10, 0x34, 0x0D, 0x03. i.e. if you need two characters,pad it with 0x0d, 0x03.
Then when you split it up into three characters and XOR it with 67 you end up with null characters in the remaining spaces.
I know RIPE have been doing this for about a year (or so)... Whether this is a good thing depends on your point of view. It helps conserve IPv4 addresses. It means people need to think about what they are doing...
But if you offer anonymous ftp server and web server for a single fee then you still need to use IP addresses. FTP is not capable of working on a HOST header basis.
The ISP in the UK that I used to work for bundled anonymous FTP with web servers before this policy came out. I don't know how many people use their FTP space, but it is there. It was a cheap and easy way of adding value to our offerings.
My personal belief is that some people will switch to name based virtual servers, others will start to bundle more services for the same price such as FTP and HTTPS that can't be run on the same basis.
Anyone want an IP based shell account with a web server, ftp server, https server and nntp server of their very own, all for the low price of...
The real problem is that you currently have to register under a "locality".
I currently live in Milwaukie, Oregon. But I'm two blocks from Portland, I work in Hillsboro, and the company that I run computer systems for is based in Beaverton.
Which one should I register my domain name in? aGenericDomain.milwaukie.or.us?
No thank you... I want a statewide domain. Yup, I want to be able to register aGenericDomain.or.us...
OK I'm really just saying this because I want to be the proud owner of:- them.or.us
Gee, we didn't even want freedom from Britian at first, we just wanted a few seats in Parliment -- like they'd given to Scotland a few decades before that. BIG DIFFERENCE!!! Scotland got "a few seats in parliament" because it was a seperate country, with it's own laws, parliament, and so on... which United with England on a legal footing. The Scottish King became the King of England too. It made sense. America was colonised. It was not an ongoing country at the time, at least not in the eyes of the European peoples of the time. So, please don't use this as a justification for the American civil war. God knows, there are enough real reasons without having to make things up.
In order to avoid "stupid" names our former illustrious leader instituted an excellent naming scheme. We can use any name we like as long as it comes from a standard Ordnance Survey Map (Whitby and surrounding area)
This sounds dull, but we have machines like tumulus, potato, hackness, scratch and scar.
We haven't yet used "Hole of Horcum" or "Lower Bell End" but one day they will take their place alongside Dismantled, and Danger Area.
Zwack (on Claymoor, as I'm Scottish)
Why not set your browser to accept cookies, and then make the cookie file read only.
That way cookies only last for the length of your netscape session.
That Commander Taco thinks that my Slashdot login should be much more secure than the Amazon 1-click stuff.
Doesn't it just warm the cockles of your heart?
As everyone else seems dead set against this idea, let me just expound (and expand) on why I like the idea of Clothos...
I don't have time to surf the web for 8 hours a day. However I do have time to at least skim a bunch of headings and read the ones that sound interesting (slashdot anyone?)
I do know that a lot of stuff is going on that I would be interested in if I could find out more about it. Think about the things that Slashdot doesn't cover that you get sent by friends who thought that you might be interested in it.
I would like something that could sit there and scan the web and newsgroups and flag up things that would interest me. This would make things easier for me. I don't want a web site to "protect me from evil." I don't want a web site that hides things from me, and I don't want to be spoonfed "interesting stories." What I would like is "an intelligent agent" that looks for information that I would find interesting.
An excellent article... I would be interested in something that sifted out the stuff that I'm not interested in...
But it would have to learn what I wanted to know about. Sometimes I hear about things that are not immediately obviously interesting to me,... But yet they are of enough interest to me in a tangential way.
I guess I'd want it to let the odd random article through so that I could find out about those things that I was not obviously interested in.
Subject: Judgement Day results
Date: Fri, 17 Sep 1999 13:46:45 -0400
From: "Brad Wardell"
In 1998, Stardock took the position that if IBM had no current or projected plans for a new fat OS/2 client, that it was in the interests of OS/2 users and the computing community in general that a third-party should work with IBM to license OS/2 technology on an OEM basis and make a new client available.
To that end, late last year, Stardock prepared a business plan and opened negotiations with IBM. The wheels of bureacracy grind slowly, but eventually it was up to "IBM" (executive level) to make the ultimate call on proceeding.
For the past 6 months, Stardock and IBM have been working closely together in hammering out the details of an OS/2 client. Everything from potential names down to which minute components would or would not be included. These meetings included multiple in-person meetings with IBM staff and executives here at Stardock's office complex in Livonia Michigan.
With an agreement in principle in place, the last major hurdle was this week in which the IBMers in favor of our proposal (mostly in Austin) presented
their case to IBM as a whole.
The call has been made -- there will be no new client from Stardock and IBM has indicated that they have no plans for an OS/2-based client of their own.
Though IBM indicated Stardock had the strongest proposal, they have decided that it is currently not in IBM's or their customer's interests to license any current OS/2 technology on an OEM-basis.
There was never any discord between IBM and Stardock over financials, technical viability, target market, or the like. IBM has simply finally made the decision that a new OS/2 client would be in conflict with their strategic directions.
Stardock would like to extend a special thanks to all the IBMers (and in particular Ken Christopher and Timothy Sipples) who went above and beyond
the call in working with us and going to bat inside IBM. Remember when you meet folks like them, who are and have been intimately involved with OS/2, that their hands may be just as tied as yours when the IBM Corporation as a whole sets policy.
Everything that could be done was done.
Brad
---
Brad Wardell
Product Manager: Object Desktop & The Corporate Machine
http://www.stardock.com
Well, if being born in Scotland makes him an American... then hey, I must be an American!
It looks like the idea came forward from someone at realnames. I'm not particularly impressed with their idea. Just replace a URL with a simple text string... and whoever paid us most for that string will get the hit...
I don't think that people have much trouble in using search engines... Why not just put a search engine on your intranet server and have the home page set to that server?
It solves the problem of finding the 1996 budget report without knowing the URL... and it doesn't involve replacing browsers, adding in new servers or anything particularly complicated...
CLID should be enabled if you are connecting to a free ISP. The reason for this is traceability. If you send some email through a regular isp then you can be traced. if you do the same through a free ISP then they don't know where you came from.
You could be almost anybody. The solution insist on CLID. There has been a lot of discussion about this sort of thing in industry bodies...
AFAIK this information is only used for logging purposes.
4. Internet packets are free;
Hmmm, how do you define Internet packets? TCP/IP?
Well, Voice over IP works... so either they inspect all of my packets or they don't charge me properly.
Guess I'll start using an encrypted tunnel to a server somewhere that will break those packets out for me... Now what rate will they charge my encrypted IP packets at?
I can't see how you can regulate this one.
Either you play a flat monthly fee for such a service or you pay that for a basic service and pay extra for all those useless add ons...
Television and music... Hmmm, no I don't want to buy those services from you thank you.
Games... No thanks I have some of those already...
Phone calls... Well, that one sounds useful, how about I pay you per call...
Ahem...
in the UK we have to pay for ALL of our telephone calls...
The way this owrks is that 1/3 of that cost goes to the originating telco. 1/3 goes to BT for switching it between telcos and 1/3 goes to the terminating telco.
BT is for the majority of calls in the UK both the originating and terminating telco. So they get 100% of the call cost.
ISP's generally receive lots of calls without making any. This means that the receiving telco makes a nice profit on all of those calls. So this sort of profit sharing scheme means that the ISP can cut costs by getting some of that profit from the telco.
I don't know how it works in the states but I would guess that it's not the same.
Although Demon is owned by Scottish Telecom it has its own telco licence, so at a bit of investment (1/4 to 1/2 a million pounds) they can put in a C7 DMSU (telephone switch) and rake in 100% of the interconnect charge. i.e. get the final 1/3 all to themselves.
So technically nobody will be charged more for this, its already included on your phone bill.
I guess that it predates this custom made objet d'art...
Well, I hate to disagree, but having run SunOs and Sparc Linux on the same hardware, I would say that SparcLinux is more reliable and faster. Maybe PC hardware is less reliable than SUN hardware, but when you can repair/replace it on site within minutes it works out more efficient than using Suns.
Actually my work is migrating away from suns and towards Linux... sometimes Sun hardware running Sparc Linux simply because of the cost/performance savings.
I just dislike some of the things about their distribution...
:-)
I dislike RPM... but that's my personal opinion, and I don't force it on anyone else. It wouldn't be so bad if RPMs were multiplatform and were used by people... but HP have their package management tools, sun have theirs... I tend to avoid learning these things as they don't scale.
I dislike their extensions to the init stuff. although I prefer the SVR4 style multiple little scripts symbolically linked style over the one big init script per level style. But again, that is just personal.
All in all, I don't use Red Hat much, but I have no objections to the company.
The only distribution that actually manages to irritate me is Debian, but that's because I can't seem to get the install to do what I want it to, and the GNU/Linux debate irritates me... mostly the GNU attitude to man pages. "this page doesn't exist because we think you should use texinfo" Fortunately I have found a texinfo to groff converter...
This shows the stupidity of software patents. After all, if you can't patent the software, then nobody can claim that they had the idea for X first... You can still copyright your program. you just can't patent the algorithm behind it.
:-)
Of course us You-Rope-Ians currently have the right idea.