Bruce Sterling is just projecting our fears out into the future, not statistics. Of course, he a writer: that's what they do.
What I mean is that he projects that capitalism utterly beat communism. But if you measure government vs. private sector, you see for the past 200 years, government is taking up an ever increasing share. Right now, government is about 50% of our GNP for industrialized nations. Except for a minor blip in the 1980s, this has always been on an upward trend. By my chart, it looks like in 2035, government will account for about 75% of GNP. Doesn't sound like capitalism wins to me.
In a similar vein, Sterling lambasts the hustle/bustle of the economy where "there's no place to be but in business". Mathematically, what he is saying he wants to share in the riches, but he resents having to work for it.
In the same article, he lambasts a huge population and the unavoidable environmental results, yet he lambasts an economy that doesn't reward mothers, so there are fewer children.The Kama Sutra says that people are prisoners of their own fears and prejudices. The prejudices Sterling has is that there are too many people consuming resources, but not enough children.
Anyway, I've run on too long. My statement is simply that I'm really irritated by people who can't do the math.
In much the same way that the PalmPilot hardware is just the Motorola Dragonball single-chip solution, this device is from our friends at Intel: StrongARM SA-1110. You can get full datasheets at: http://developer.intel.com/desig n/strong/datashts/278241.htm
The crinkly bits compared to a palm are:
235 MIPS @ 206 MHz (Palm is 2.7 MIPS @ 16MHz)
2.5 million transistors in 0.35 micron technology (image if they made it in 0.18 mircron!)
Color/grey scales LCD at 1024x1024. However, the only touchscreens it advertises that it works with are 320x240 pixel screens.
The pictures on the original page indicate that Linux will run out of 32-megs of ROM and 32-megs of RAM. It also looks like SAMSUNG is going to try to take advantage of all the chip's features (the disappointing thing about Palm is that they didn't take advantage of all the Dragonball's features).
The thing to remember is that Samsung is like only putting together a reference design from Intel with a reference implementation of Linux (probably from Lineo) and standard off-the-shelf apps (like MP3 players) with minor modifications. The PDA-style apps are probably the Lineo PDA suite. Getting all this to work well in a limitted power budget will be tough enough. The first version will probably not contain any wizbang features beyond this.
The same sort of paranoia goes everwhere. A customer did a 'strings' against our product, then made all sorts of paranoid accusations about how our product is a tool of the FBI/Microsoft used to spy on people. For example, we use the Windows API GetPrivateProfileString() in order to read configuration files. The paranoid interpretation is, of course, that we are attempting to read private secrets from the customer. Anyway, we posted the full rant to our website (along with our rebuttal, of course) here
(Moral of the story: decompile you product and remove any strings that a paranoid might interpret incorrectly).
Just the other day, some user sent me e-mail about how our personal-firewall product had been "cracked". The user though this meant that somebody had found a way of penetrating the firewall, when in reality it meant somebody had found a way pirate the software.
The confusion stems from ESR's guide. He insists that the proper word for cybercriminal is "cracker", not "hacker". This is true in the geek community, but it is not true in either the general community or the security community. In the security community, the word "crack" has specific connontations about breaking passwords and/or copyright restrictions.
Journalists who use the word "hacker" to refer to the recent DDoS attacks gets flames from nerds insisting that they use "cracker". When they use "cracker", they get flames from security people who tell them what an idiot they are for using the wrong word since no passwords were cracked in these attacks. Most journalists I know try "cracker" a few times before they get sick of the complaints from the security other side. They also realize that their audience (the general population) just doesn't understand the word cracker as well as hacker.
I only post this because I'm tired of religious wars on the "meaning" of words. Words don't have any particular meaning; there is only what people understand when they hear a word. By creating a dictionary that defines a word contrary to how most people use it, ESR is perpetuating a religious war.
One might want to consider this alternate definition of "hacker".
Yes, the culprits were primarily Solaris (and Linux) boxen. No, there is nothing special about these systems vs. Windows. The hackers who made the scripts wrote them to compile on UNIX, only because hackers prefer to run UNIX on their own systems.
As it stands right now, the average Solaris box can easily be exploited by buffer overflow scripts against Sun RPC services (cmsd, tooltalk, amd, etc). However, the same percentage of Windows boxes can be exploited via.htr buffer overflow or the RDO exploit.
BTW, if you've been running a firewall or intrusion detection system for the last several months, you probably have evidence of the perps. You may also want to check out this list of intrusions that hackers can run against systems, which are really evenly distributed among UNIX and Winsoze systems.
Hmmm. The general tone of the comments to this article are generally pro drug use. I thought I'd throw in a counter-point.
Hackers tend to be anti-authority. Therefore, hackers gravitate toward drugs because the religious authorities say that drugs are immoral and the government says drugs are illegal. In order to justify drug use, they invent benefits (like enhanced "insight" or "intelligence").
On the other hand, there is also the science/psychology "authorities" that say drugs are simply bad for you. (Of course, people dismiss this as tools of the authoritative state).
For example, the author claims that drugs enhance "insight". Certainly, if you talk to your average heavy LSD user, he/she will claim that the drugs provides all sorts of philosophical insights into the world. Unfortunately, they can't communicate exactly what those insights actually are, and such insights don't prove useful in their daily lives. Psychologists have studied this to a large extent and found that LSD does gives only the "illusion" of insight: the users are just fooling themselves.
Similarly, scientists have studied Extasy and found it has massive detrimental longterm effects to your IQ.
If you are looking for insight, read widely. In particular, read stuff that challenges your beliefs. The most interesting people I know are those who are widely read; the most boring people I've ever known have been heavy drug users. Similarly, I've noticed that the "insights" drugs give people does not change their beliefs. On the other hand, I've notice significant alteration in people's views on life when they start to read widely.
In the end, while wannabe hackers partake in anything counterculture, but all the interesting/talented ones I know are not into heavy drug use.
PS: I don't think drugs are immoral or that they should be illegal; just something that virtually never leads to anything useful.
The article is missing the key detail of local vs. remote.
A local hack would imply that the police enter your premise and sit down at your computer. A remote hack implies that the police connect to your computer while you're surfing on the Internet.
I can see this rankling a lot of Slashdotters who fear Big Brother, but remote access is really not different than what anybody anywhere on the world can do. I mean, you system is either vulnerable or hardened against intrusion. On Linux, if you simply remove all unnecessary network services in inetd.conf and install simple packet filters like ipchains, then there isn't much the police are going to be able to do. Similarly, on Windows you can install Network ICE which will not only block them, but also alert you to exactly what they are trying to do.
I mean, anybody who runs such countermeasures regularly sees attempts against their machines. Why get into a tizzy over the government doing what Russian hackers/crackers are doing to you anyway? Indeed, the Russian hackers are likely to be much more intelligent than government drones.
In any event, I've got countermeasures on my system. This means that the most likey outcome is that bungling investigators would tip me off to the investigation, not compromise my machine.
(I guess my reaction is atypical: my geek distaste for l-users who can't configure their system outweighs my geek distrust of authority:-)
I work for a startup and help maintain the website. We currently get about 20,000 users/day, but are still growing rapidly. Here are my recommendations:
It's about the content, stupid Ultimately, the growth and popularity of your site is determined by the quality of its content, not its looks. Don't worry about looks until much, much later. Too many people shift too many resources too early into good looks. Remember, you've got finite resources. I've seen many sites fail because they spend all their effort getting the look just right, and never get the content right. Marketing types fret a lot about protraying the right image and all that crap; they have to fret about something because they rarely understand any of the actual details.
All code has bugs This simple law of programming applies to websites. Whatever ideas you have now about your website are not complete. Slashdot is always tweaking its content to create a better user experience. This actually dovetails with the point above: too many sites get customer feedback about things that need to be changed, but cannot because it would break the cool graphics, or the master design. Design your system NOW for constant tweaking, or you won't survive.
KISS (Keep it Simple, Stupid) People get enamored with the latest technologies and build websites that require the latest browsers with all featuers turned on. If you do this, you'll kill your site. Test with Lynx and make sure it provides an adequate (though not wonderful) user experience, then it'll likely work for everyone else. Cool stuff like Java, plugins, scripting, etc. are nice for sprucing up sites a bit, but if you depend upon them, you'll kill your site.
Focus! This is how marketing departments kill good work. Engineers try to create very focussed products that solve specific needs well, marketing tries to broaden the product's appeal, overloading it with features that end up satisfying no-one. Start broadening your appeal only after you've created a solid user base. For example, our company does business with another company that we have to help figure out very basic issues, because they aren't focusing on the technical problems but the "story" of where they are going. If they don't clean up their act, they will fail.
RAIL Redundent Array of Inexpensive Links. Grab two DSL lines from independent providers; that's all you need for a really popular site. Of course, that's assuming that you've followed the KISS principle above -- a lot of sites have huge graphics that quickly eat up bandwidth. You could easily maintain 20,000 hits/day and not eat up a 384-SDSL link. The chief problem isn't bandwidth by reliability. Even hosting companies like AboveNet and Exodus go down when backhoes take out their backbones. A RAIL solution solves this problem: DSL lines are a lot less reliable, but two DSL lines (from different vendors) are more reliable.
Backups You MUST have offsite backups. Also, assume any machine connected to the Internet will be corrupted (i.e. static content should be kept internally and regularly mirrored out onto the Internet servers).
Hacking um, you WILL be "hacked". Plan for it. I mean it. For example, your servers front-ending your site will easily be hacked, but if you plan on that contigency, you can usually harden your database server against further incursion. Don't believe me? Follow these steps: (1) go to Yahoo and search for "wwwboard passwd". (2)about every other link will be a pointer to an WS_FTP.LOG, which you replace with the file "passwd.txt" (3) run these passwords you get through a 'crack' program (4) poof, you thousands of passwords with only a few hours worth of work. Note: in this example, firewalls don't help.
Platform The underlying platform is irrelevent, in both security and performance. You should strongly consider PERL for dynamic content, only because it is the most used (and consequently, when you hire people to work on your site, this is what they'll know). Geeks like to fight over the most technologically elegant solution, but issues like hiring experienced programmers that can maintain it are far more relevent IRL.
Manage growth You will be too optimistic about growth in the beginning, and too pessimistic at some later date. You'll do a bunch of stuff that you think will drive people to your site, but they will fizzle. Then out of the middle of nowhere something happens and hits shoot up 10 fold. Be ready for both (watch cash flow and don't overspend now, but be ready to upgrade capacity at a moment's notice).
HITS Note that one of the Internet scams is people that promise to drive hits toward your site. This is all crap: all such techniques are publically available, and since this is your core business, you need to learn all of them yourself.
Outsourcing Outsource everything that isn't your core business. This is the Internet baby, you don't have time to build a company. You can't hire people fast enough, and you can't hire good enough people. You also don't want to be giving stock options out to people that don't directly influence the companies growth. For example, don't have a human resources person doing health insurance, outsource it to a consultancy. Many of the.com startups use this approach and have surprisingly few people when they go public. Conversely, the previous section is a good example: when it is your core business, DON'T hire consultants or outsource it -- do it yourself.
There's more, but I think this message is getting long enough.
I noticed that most of the replies were long on paranoia by short on details.
First of all, there already is a wiretapping standard called RMON. In particular, RMONv2 provides most of what law enforcement would want. RMON allows filtered packet capture, so it would be easy to configure the system to filter for a specific IP address and shunt it over to a buffer. One could easily monitor dialups this way. RMONv2 allows for fairly efficient monitoring (in its alMatrixTable) of source-destination address pairs along with an identification of the protocol (Something Japan requires, and which could easily be used to track down hackers who attempt to bounce attacks through chains of machines designed to conseal the true source).
A non-RMON solution would presumably copy packets destined to a certain IP address to be copied to another location. Presumably, this would entail simply encapsulating the IP packet inside another and shipping it off to FBI headquarters.
It seems interesting that most/.ers are against it. It seems that natural geek paranoia is winning out over geek superiority. I generally would support it, simply because I use encryption, but I know that stupid people don't. Stupid criminals really annoy me, and such constraints have no effect on ubergeeks who use encryption anyway.
Finally, there is a really good FAQ on the technology of wiretapping at: http://www.robertgraham.com/pubs/sniffing-faq.html. The information in this document could help you wiretap your own network and spy on your neighbors, though of course such activity is completely illegal and I would never encourage it.
The BlackICE Defender intrusion detection system is pretty darn easy to setup on a windows box, though it isn't nearly as flexible as something like ipchains for Linux.
The funny thing is, even though its only for windows, it detections a lot of intrusions for Linux, like the infamous rpc.mountd or numerous POP and IMAP exploits that only Linux is susceptible too (of course, it's really meant for the TONS of windows exploits).
Imagine having to have an intrusion detection system to thwart:
"sink overflow" when the hacker turns the faucet on and leaves the plug in
"toaster denial-of-service" when the hacker makes the default time 1-hour for toast, which not only denies you a nice pop tart in the morning, but also triggers the fire alarm.
"fridge spoofing attack" which attempts to redirect the auto-grocery system (which detects when you are out of something and orders more) so that the hacker can send free coke and pizza to himself
I think people need to learn a more Zen. The meaning of the word "free" changes dramatically depending upon the subject you are discussing.
For example, "freedom to work" usually implies that employers have less freedom to hire/fire. Similarly, the the article's pretty accurate on the freedom-of-speech issues -- but the only solution is to restrict freedoms in other areas: freedom to fire people if they expouse views that may have financial impact on my business, freedom as a business owner to publish what I want.
The Brooklyn Museum is a prime example. The real issue here is that government is forcing the taxpayers to pay for speech in the first place. The refusal to fund something is actually a net increase in freedom, not the other way around. Government patronage of the arts isn't a bad thing necesssarily, but it's decisions as to what art to patronize is in now way censhorship.
Another Katz example is the Reform party's desire to oust Ventura. Again, an example of freedom in action. Do we, as a country, want to restrict the freedom of parties to choose their own members?
The funny thing is that Katz thinks these things are new. Patronage of the arts for 200 years has been criticized for promoting the wrong art.
The government is just the reflection of popular will (according to the Declaration of Independence). Therefore, every time the government thwarts popular will, it is doing something wrong. Cutting support for unpopular exhibits, then it is bringing itself more inline with popular will. This is a far cry from restricting soembody who funds his/her own art exhibit.
If you are interested in this book, you might like the FAQs on my site. These documents describe intrusion detection in detail, and are really useful in "forensics", studying the evidence of the attack.
Network IDS FAQ This document explains how network intrusion detection systems works and how to use them.
firewall-seen FAQ This document answers the age old question "I'm seeing XXXX on my firewall, what does it mean?". It also applies to intrusion detection system, it describes today's most common attacks, why the attacker is doing them, and which ones may be false-positives.
Sniffing/wiretap FAQ Describes how "sniffing/wiretap/eavesdropping" works, which is the technology that IDS is base upon. Also describes how to analyze packets in detail, because when you get attacked, you NEED to be able to pull out a protocol analyzer and look at the attack.
At http://www.networkice.com, you can buy a $40 intrusion detection system (BlackICE Defender) for Win95-WinNT that detects over 300 different intrusions (listed at http://advice.networkice.com/advice/ intrusions. It also comes with a built-in firewall that's actually managed by the IDS component (i.e. somebody attacks your personal web server, then he IDS component reconfigures the firewall rules).
The reason its sold for $40 rather than $4000 is that it runs "non-promiscuous". The personal version is just the "Sentry" version with the sniffing component removed.
Doesn't work on Linux, though:-( But it will detect/block intrusions if the Windows box is used as a router (though that violates the license agreement, it doesn't check).
In my German/French literatur classes, we read lots of books written circa 1900 that basically described the same thing. The industrial revolution had dramatically changed Europe/America, and people were very afraid that science and technology were progressing too fast and getting out of hand. They perceived the entire industrial complex as dehumanizing.
The thing is, technology redefines what it is to be human. In the past, working with your hands on actual things was thought to be human, wheras being a slave to mass-production machines was thought to be dehumanizing. What has really happened is that since manufacturing has become so productive, "industrialized" nations are now moving away from "industry" to service-based economies. More and more workers are using their "minds" rather than their "hands". We actually look at cultures like the Amish and remark on how "primitive" they are, and how they are "dehuman" in the direction toward "apes".
For the past couple centuries, we've been locked into this scientific angst: we don't want to go backwards and become animals again, and we don't want to go forward and become like robots. Either direction represents a dehumanization.
Everything that Katz says is simply paraphrasing what people said 100 years ago. Its simply a measure of fear and paranoia because they don't know where the world is heading.
I've found in life that paranoids dream of fantasies that are much more interesting than real life, whether it's big business, big government, CIA, FBI, NSA, etc. At the same time, it doesn't mean the paranoids aren't right after a fashion.
For example, Ronald Reagon in the early 1980's purposefully caused the recession at that time. Inflation was at 14% and getting worse. According to economic theory, you should be able jack up interest rates, throw millions of people out of work, and within a year the economy will recover, but resume at a much lower inflation rate.
As it turns out, Ronnie was right. But try explaining that to the people at the beginning of the recession who lost their jobs. I'm sure if they really understood how much control the government has over whether or not to force the country into a recession, they would be majorly pissed off.
Likewise, consider US cryptographic export restrictions. While its theoretical purpose is to make it easier for the NSA to spy on foreigners, it has the weird effect of reducing encryption within the United States. The average person in the US uses 40-bit encryption. Lots of products (such as the new AirPort wireless LAN) use 40-bit encryption because of this, even within the US. I think the government really does understand that export restrictions really have an effect on the encryption used by their own population.
On the other hand, I like low-inflation, and I also like the fact that I personally have easy access to 128-bit encryption but that the average stupid criminal doesn't. In other words, I think I like conspiracies.:)
The upshot is that it looks like most people won't/can't encrypt their data so that we can walk around with notebooks sniffing everyone else's connections. There are several companies building Internet-connected base-stations in airports charging connect-time to surf the web (I just got back from Atlanta which had one). Instead of paying them, you can have fund sniffing what everyone else is doing.
Um. No. Two reasons. The first is that it uses spread-spectrum. AM or FM modulation is only meaningful if you start with a single narrow-spectrum frequency. In other words, think of hearing part of a radio station up and down the dial, but not the complete signal at any one dial position.
Second, AM or FM is really a dramatic simplification of the way you modulate signals. You are right in thinking that restricting yourself to a single modulation method of either AM or FM dramatically reduces your bandwidth, but you don't think of modulating both amplitude and frequency together; you instead drop the entire concept and modulate the entire wave form. For example, phase-shift-keying (PSK) is a popular modulation technique: think of the sin wave, then abruptly shift it forward 1/4 of a wave (i.e. 90 degrees). You can make some mathematical equation showing the equivalence with simultaneously modulating both amplitude an frequency, but the other mathematics are easier.
I don't disagree with your thesis that an important role of universities is to FORCE exposure of other ideas and ways of thinking I in fact believe that is the primary function of universities.
My beef is the implementation. For example, I would say that students should be forced to read more Socrates/Aristotle/Plato, but what happens in American universities is that students are forced to know the professors pet theories on the subject and never get around to actually reading the source.
Similarly, in America you must show your work in solving math problems. You can actually do quite well on a test without ever getting a single problem right, whereas another student that gets 100% right answers can fail the test because they didn't show their work. Similarly, only in a America can students graduate without knowing how to read.
In essence, America has a "communist" education system: from each according to his capacity, to each according to his needs. Rather than having a "standard" for all students, learning is "dumbed down" to fit an individual's needs (and naturally, students take advantage of the system accordingly, so this fails just like communism fails). The number one philosophy behind American education system is to support a students self-confidence and stop them from failing. Here's a test of that hypothesis: walk up to an American teacher and say that you think there should be a national test necessary for a high-school diploma (like in every other country). Their first argument would be "...but what about the students that fail". Essentially, these teachers are busy dumbing down the system so that nobody can possibly fail. This means, as in communism, no one can actually "succeed" either. This grade inflation has been going on for 30 years now, in both our colleges and primary schools. (It is very well documented)
As for you comment: [you] personally have heard nothing but complaints from [your] German friends about huge class sizes, distant and arrogant professors, lack of quality teaching, etc. That is absolutely, 100% correct. I've been in [huge] [German] lecture halls where the students are making noise, sending paper airplanes about, etc. while the [distant] professor drones on ignoring the students. Your statement about "the quality of the teaching" reveals your true nature, however. It isn't about teaching, but learning. Compare exiting German students to American ones, and you will find that German students have much greater skills. To bring this around to your original comment: yes, they force you to learn things you wouldn't want to learn on your own, but they leave it up to you how you want to learn them. In otherwords, the education system is so bad students are forced to learn for themselves. In American high-schools, teachers try to "befriend" students; in German high-schools, teachers are hostile toward students. You can actually see this in classrooms where American students disperse throughout the room, whereas German students huddle together with the mentality of ganging up on the professor.
In other words, at every level in the education system comparing Germans to Americans, German outpace the American students. This applies not only to the narrow skills of the fields they have chosen, but a breadth of exposure to alternative ideas. Here is yet a third test: read the German media on abortion, and you hear a wide range of opinions on the subject. Read the American media, and you get exactly two. Germans learn critical thinking skills in school, derived from basic philosophy that Americans never learn. Thus, there is a lot of diversity in the way people think. Americans don't, so on any particular issue, there is less diversity of opinion.
The perverse thing about all this is that I've found German students who study in America do very well, better possibly than if they had stayed in Germany. American students are pampered, whereas German students have much better self-motivation and study skills (they have to, as you see above). Likewise, they are used to more rigorous social pressures in their general culture, so it the stupid [communist] games teachers play seem natural to them.
Another perverse aspect of all this is that German students have more self-confidence. In America, teachers never allow students to fail, so students are never challenged. German students are heavily challenged, and therefore learn how to overcome. This teaches a lot of self-confidence.
I don't find the article very insightful. It just reiterates the common prejudices in the American media. For example, every organized human behavior is dominated by political shuffling around (including organized religion, science, education). It seems like he is discovering that this is a recent thing in education, but of course it has always been this way.
Though he respects the student more, he still believes the solution is in better "teaching". In America, the belief is that students need to be taught. There are constant debates on how to teach students better. As many geeks experience in high-school, this is very oppressive: students aren't free to learn in their own way, they are force to play whatever game the teacher wants them to play.
For example, American education has been run on the concept for the past 20 years that we should ram facts down students throats, we should instead teach them how to think. This is extraordinarily oppressive to smart students who have cognative skills better than teachers. I remember in one college EE class where we had to calculate the Thevinin resistence. I failed the lab because I used a complete different technique than what the teacher taught. It took me a week of haranguing the teacher until he let me prove that not only did I get the correct result, but my method produced more significant figures than the "correct" method. Mine also took fewer steps, and as far as I could tell, was more intuitive. I got a B instead of an F, I should have gotten an A+.
I have looked back in the literature and found that this idea is actually even older. It is like Christmas: we all think it was more pure and less commercial in the old days. The reality is that it has been a marketing circus for 150 years. We look back on the classes in school that required rote memorization that we all forgot after the test anyway, and we say that education should be different. The general slide in American education is to teach fewer and fewer facts, and still be an utter failure at how to teach students to think. And while we all hate rote memorization, it isn't as bad as you think: for example, rote memorization of wordlists teaches foreign languages well. To still need the practical application of using the language to "set" them, but you really do have to start with the memorization process.
The funny thing is that even though tests results of grade-school education show Americans behind other developed countries, American grade-school teachers refuse to even consider foriegn school techniques as being relavent in America. Every 5 years some new education guru pops up showing new methods of teaching, and bunches of teachers flock to these new methods.
In many non-American countries, however, the model of education is must different. Let me contrast German and American university systems. I'm sure many American nerds are familiar with the oppressive American system, but they don't realize that it can be different. To start with, in Germany, you don't sign up for a class. If you want to attend lectures, you simply show up. In fact, for the first month of a term, half the students are still off on vacation. You must sign up for some things, like reserving lab time or signing up for a test.
The key here is that students are responsible for their education in Germany, but the system is responsible in America. If you are a nerd/geek, this is extraordinarily oppressive because the system doesn't take into account your special needs.
This isn't to say that German universitys don't have problems; for example they are every much as political as American ones. Also, the German culture is more oppressive for nerd/geek initiative in the first place, though it does free you to learn in your own manner.
From this perspective, I think the philosophical basis behind universities are two-fold: one, to make you a more rounded person by forcing you to take classes in subjects that aren't relavent to your career, and two, certify you as having the basic knowledge to fulfill your career. Let's say that Dr. Dobbs Journal had a certification course on programming in the C language. Their certification would test not only that the person had a full command of the language (i.e. had no problems with pointers-to-pointers) but also a grasp of basic data structures. If you looked at two candidates for a programming position, which would you rather have? A recent Computer Science graduate, who got an A in "Basic C Programming" or a Dr. Dobbs certified C specialist?
As you can see, I'm a geek who has been oppressed by the American education system who wanted to teach me how to think, so I have some pretty strong reactions to articles like this. I rather be freed to learn my own way.
Any system you choose will likely work, except if you choose dynamic content or your link is too slow.
Details
1. think about the difference between "static" content (just files on the disk) and "dynamic" content (pages generated live, like here at/.). If you are just serving files, a 486 can handle it (assuming T1 speeds). I personally use a Pentium/90 at.3 T1 speeds and CPU never gets high.
1bis. Memory and disk speeds are hugely more critical than CPU speeds (if you are not doing dynamic content). Get a DMA harddisk (SCSI or UltraDMA IDE). 64-meg of RAM should really be enough for your application.
2. the biggest thing that is going to kill you is bandwidth. Now I run a website that gets about 10,000 hits/day (raw) on a 400-kbps link, but I'm just serving HTML and inline GIFs so the link never really gets overloaded. However, you sound like you might be hosting some pretty hefty downloads. One technique is to stick your big-files on a free-hosting website (like GeoCities), but they do monitor their logs and they will kill your download, but hopefully that's after being Slashdotted.
3. Reading other comments, I see a bunch of people suggesting RAMDISKS. That's totally unnecessary; the operating system caches disk access equally as well as a RAMDISK. (In fact, a RAMDISK is just a crude way of tuning your disk-cache).
4. Remember to consider you content. Artistic web-designers tend to put way to much layout/graphics in their pages. This can kill you website, as it can easily reach 10-times the bare minimum in size, but moreover kill your site with unnecessary TCP connections (If you put 4 gifs in a web-page, you will cause 4 TCP connections to your site; and the TCP stack within the machine can handle only so many concurrent TCP connections before bogging down).
4bis. Please be polite to readers. You probably will develope your content only on one browser, but slashdotters use a wide variety of browsers; you'll likely piss off a lot of people if, for example, your pages render well on Netscape/4.61 but look like crap on older/alternative versions. This often means reducing layout.
I just purchased a copy of Cryptonomicon for my Grandfather, as he was involved in the crypto-effort during the war (he's a native German speaker/translator). Since I'm part of security company, I thought the parallel was interesting.
It causes my brain to hurt talking to him. He doesn't understand computers, so computer terms like "disk drive" are complete gibberish to him. On the other hand, words like "cipher-text", "one-time-pad", and other cryptography terms are perfectly natural for him. I simply can't grasp the concept that you could do cryptography without computers.
He has a lot of interesting annecdotes. For example, the Germans thought they had a machine that produced a one-time-pad, but the codebreakers found it repeated over a long cycle. Cracking security today is no different: find accidental weaknesses left behind by the engineers.
I'm surprised that people aren't looking at this from the philosophical side. Nobody has questioned the philosophical basis behind the right of goverment to tax.
I'm not sure what other people feel is the philosophical basis for taxation. It seems to me perfect taxes are basically usage taxes: what you pay exactly matches the benefit you get. For example, rich people should probably pay for for police protection because they have more to lose in a theft. Another philosophical basis might be to "adjust" society to be more like one would we like to live in (i.e. we don't like others around us to suffer in poverty). Combining those two mean we'd prefer gasoline taxes to toll roads, for example (we don't want usage toll booths every mile, and gasoline taxes approximate the benefit AND encourage lower pollution etc.).
For example, if I go to the local store and buy something, the local government probably has the right to levy a sales tax. It maintains the roads I use, it provides police protection, etc. However, when I buy from the Internet, the local government is much less involved. Does my city or state government have the right to tax transactions at the same rate as before? (BTW, the federal government is much more involved, i.e. tracking hacking, fraud, and the lot, but they don't see the money).
Currently, taxes are pretty much a blunt instrument. In the above example, much of what I pay for in the sales tax isn't related to the transaction, but the theory is that it "correlates". Richer people benefit from government services such as fire protection on more expensive homes, and they tend to buy more. Therefore, we think it ok to charge a "fee" for the transaction even though the "benefit" as nothing to do with the transaction.
From this perspective, the government currently subsidizes Internet transactions. The FBI tracks down credit card fraud, which effectively lowers your credit card fees, but you don't pay for that protection. Likewise, shipping your books from Amazon.com creates wear-and-tear on the roads, but you don't pay for that.
Personally, I like the idea of a tax-free Internet zone precisely because taxes across International borders gets difficult. For example, the company I work for sells a $39.95 product that we've sold over the net to Europe, Canada, Asia, South America, etc. We simply cannot handle a country-by-country tax problem. It would cost much more than $39.95 to sell a single copy to Venezuela, for example. Direct Internet taxation will stifle lots of business activity.
As a consequence, I'd like to search for other ways to indirectly tax Internet transactions. A fuel tax springs to mind (which I like for other reasons) to tax shipments. A credit-card tax would also be a good thing (since the government is already subsidizing credit card transactions anyway). In other words, rather than stifle all the small businesses which aren't equiped to deal with the taxes, why not shift the burden onto the big companies that can?
I know it's off topic, but I really like your signature "Subtle mind control? Why do all these HTML buttons say 'Submit'?"
It would be a waste of bandwith, but it could be interesting to moderate people's sigs. The way it would work is that I would track down your user account, and some button would allow me to say that your sig if flamebate, funny, insightful, etc. I notice some good posts but with flamebate sigs -- such a system could help discourage such sigs.
I can see where negative sigs drag down your postings, while positive sigs would simply be ranked somewhere as a list of "best-o-slashdot" list.
On the other hand, I find that sigs generally detract from the whole experience:-(
Slashdot Mirror
What I mean is that he projects that capitalism utterly beat communism. But if you measure government vs. private sector, you see for the past 200 years, government is taking up an ever increasing share. Right now, government is about 50% of our GNP for industrialized nations. Except for a minor blip in the 1980s, this has always been on an upward trend. By my chart, it looks like in 2035, government will account for about 75% of GNP. Doesn't sound like capitalism wins to me.
In a similar vein, Sterling lambasts the hustle/bustle of the economy where "there's no place to be but in business". Mathematically, what he is saying he wants to share in the riches, but he resents having to work for it.
In the same article, he lambasts a huge population and the unavoidable environmental results, yet he lambasts an economy that doesn't reward mothers, so there are fewer children.The Kama Sutra says that people are prisoners of their own fears and prejudices. The prejudices Sterling has is that there are too many people consuming resources, but not enough children.
Anyway, I've run on too long. My statement is simply that I'm really irritated by people who can't do the math.
The crinkly bits compared to a palm are:
The pictures on the original page indicate that Linux will run out of 32-megs of ROM and 32-megs of RAM. It also looks like SAMSUNG is going to try to take advantage of all the chip's features (the disappointing thing about Palm is that they didn't take advantage of all the Dragonball's features).
The thing to remember is that Samsung is like only putting together a reference design from Intel with a reference implementation of Linux (probably from Lineo) and standard off-the-shelf apps (like MP3 players) with minor modifications. The PDA-style apps are probably the Lineo PDA suite. Getting all this to work well in a limitted power budget will be tough enough. The first version will probably not contain any wizbang features beyond this.
The burning questions I have:
(Moral of the story: decompile you product and remove any strings that a paranoid might interpret incorrectly).
The confusion stems from ESR's guide. He insists that the proper word for cybercriminal is "cracker", not "hacker". This is true in the geek community, but it is not true in either the general community or the security community. In the security community, the word "crack" has specific connontations about breaking passwords and/or copyright restrictions.
Journalists who use the word "hacker" to refer to the recent DDoS attacks gets flames from nerds insisting that they use "cracker". When they use "cracker", they get flames from security people who tell them what an idiot they are for using the wrong word since no passwords were cracked in these attacks. Most journalists I know try "cracker" a few times before they get sick of the complaints from the security other side. They also realize that their audience (the general population) just doesn't understand the word cracker as well as hacker.
I only post this because I'm tired of religious wars on the "meaning" of words. Words don't have any particular meaning; there is only what people understand when they hear a word. By creating a dictionary that defines a word contrary to how most people use it, ESR is perpetuating a religious war.
One might want to consider this alternate definition of "hacker".
As it stands right now, the average Solaris box can easily be exploited by buffer overflow scripts against Sun RPC services (cmsd, tooltalk, amd, etc). However, the same percentage of Windows boxes can be exploited via .htr buffer overflow or the RDO exploit.
BTW, if you've been running a firewall or intrusion detection system for the last several months, you probably have evidence of the perps. You may also want to check out this list of intrusions that hackers can run against systems, which are really evenly distributed among UNIX and Winsoze systems.
Hackers tend to be anti-authority. Therefore, hackers gravitate toward drugs because the religious authorities say that drugs are immoral and the government says drugs are illegal. In order to justify drug use, they invent benefits (like enhanced "insight" or "intelligence").
On the other hand, there is also the science/psychology "authorities" that say drugs are simply bad for you. (Of course, people dismiss this as tools of the authoritative state).
For example, the author claims that drugs enhance "insight". Certainly, if you talk to your average heavy LSD user, he/she will claim that the drugs provides all sorts of philosophical insights into the world. Unfortunately, they can't communicate exactly what those insights actually are, and such insights don't prove useful in their daily lives. Psychologists have studied this to a large extent and found that LSD does gives only the "illusion" of insight: the users are just fooling themselves.
Similarly, scientists have studied Extasy and found it has massive detrimental longterm effects to your IQ.
If you are looking for insight, read widely. In particular, read stuff that challenges your beliefs. The most interesting people I know are those who are widely read; the most boring people I've ever known have been heavy drug users. Similarly, I've noticed that the "insights" drugs give people does not change their beliefs. On the other hand, I've notice significant alteration in people's views on life when they start to read widely.
In the end, while wannabe hackers partake in anything counterculture, but all the interesting/talented ones I know are not into heavy drug use.
PS: I don't think drugs are immoral or that they should be illegal; just something that virtually never leads to anything useful.
A local hack would imply that the police enter your premise and sit down at your computer. A remote hack implies that the police connect to your computer while you're surfing on the Internet.
I can see this rankling a lot of Slashdotters who fear Big Brother, but remote access is really not different than what anybody anywhere on the world can do. I mean, you system is either vulnerable or hardened against intrusion. On Linux, if you simply remove all unnecessary network services in inetd.conf and install simple packet filters like ipchains, then there isn't much the police are going to be able to do. Similarly, on Windows you can install Network ICE which will not only block them, but also alert you to exactly what they are trying to do.
I mean, anybody who runs such countermeasures regularly sees attempts against their machines. Why get into a tizzy over the government doing what Russian hackers/crackers are doing to you anyway? Indeed, the Russian hackers are likely to be much more intelligent than government drones.
In any event, I've got countermeasures on my system. This means that the most likey outcome is that bungling investigators would tip me off to the investigation, not compromise my machine.
(I guess my reaction is atypical: my geek distaste for l-users who can't configure their system outweighs my geek distrust of authority :-)
It's about the content, stupid Ultimately, the growth and popularity of your site is determined by the quality of its content, not its looks. Don't worry about looks until much, much later. Too many people shift too many resources too early into good looks. Remember, you've got finite resources. I've seen many sites fail because they spend all their effort getting the look just right, and never get the content right. Marketing types fret a lot about protraying the right image and all that crap; they have to fret about something because they rarely understand any of the actual details.
All code has bugs This simple law of programming applies to websites. Whatever ideas you have now about your website are not complete. Slashdot is always tweaking its content to create a better user experience. This actually dovetails with the point above: too many sites get customer feedback about things that need to be changed, but cannot because it would break the cool graphics, or the master design. Design your system NOW for constant tweaking, or you won't survive.
KISS (Keep it Simple, Stupid) People get enamored with the latest technologies and build websites that require the latest browsers with all featuers turned on. If you do this, you'll kill your site. Test with Lynx and make sure it provides an adequate (though not wonderful) user experience, then it'll likely work for everyone else. Cool stuff like Java, plugins, scripting, etc. are nice for sprucing up sites a bit, but if you depend upon them, you'll kill your site.
Focus! This is how marketing departments kill good work. Engineers try to create very focussed products that solve specific needs well, marketing tries to broaden the product's appeal, overloading it with features that end up satisfying no-one. Start broadening your appeal only after you've created a solid user base. For example, our company does business with another company that we have to help figure out very basic issues, because they aren't focusing on the technical problems but the "story" of where they are going. If they don't clean up their act, they will fail.
RAIL Redundent Array of Inexpensive Links. Grab two DSL lines from independent providers; that's all you need for a really popular site. Of course, that's assuming that you've followed the KISS principle above -- a lot of sites have huge graphics that quickly eat up bandwidth. You could easily maintain 20,000 hits/day and not eat up a 384-SDSL link. The chief problem isn't bandwidth by reliability. Even hosting companies like AboveNet and Exodus go down when backhoes take out their backbones. A RAIL solution solves this problem: DSL lines are a lot less reliable, but two DSL lines (from different vendors) are more reliable.
Backups You MUST have offsite backups. Also, assume any machine connected to the Internet will be corrupted (i.e. static content should be kept internally and regularly mirrored out onto the Internet servers).
Hacking um, you WILL be "hacked". Plan for it. I mean it. For example, your servers front-ending your site will easily be hacked, but if you plan on that contigency, you can usually harden your database server against further incursion. Don't believe me? Follow these steps: (1) go to Yahoo and search for "wwwboard passwd". (2)about every other link will be a pointer to an WS_FTP.LOG, which you replace with the file "passwd.txt" (3) run these passwords you get through a 'crack' program (4) poof, you thousands of passwords with only a few hours worth of work. Note: in this example, firewalls don't help.
Platform The underlying platform is irrelevent, in both security and performance. You should strongly consider PERL for dynamic content, only because it is the most used (and consequently, when you hire people to work on your site, this is what they'll know). Geeks like to fight over the most technologically elegant solution, but issues like hiring experienced programmers that can maintain it are far more relevent IRL.
Manage growth You will be too optimistic about growth in the beginning, and too pessimistic at some later date. You'll do a bunch of stuff that you think will drive people to your site, but they will fizzle. Then out of the middle of nowhere something happens and hits shoot up 10 fold. Be ready for both (watch cash flow and don't overspend now, but be ready to upgrade capacity at a moment's notice).
HITS Note that one of the Internet scams is people that promise to drive hits toward your site. This is all crap: all such techniques are publically available, and since this is your core business, you need to learn all of them yourself.
Outsourcing Outsource everything that isn't your core business. This is the Internet baby, you don't have time to build a company. You can't hire people fast enough, and you can't hire good enough people. You also don't want to be giving stock options out to people that don't directly influence the companies growth. For example, don't have a human resources person doing health insurance, outsource it to a consultancy. Many of the .com startups use this approach and have surprisingly few people when they go public. Conversely, the previous section is a good example: when it is your core business, DON'T hire consultants or outsource it -- do it yourself.
There's more, but I think this message is getting long enough.
First of all, there already is a wiretapping standard called RMON. In particular, RMONv2 provides most of what law enforcement would want. RMON allows filtered packet capture, so it would be easy to configure the system to filter for a specific IP address and shunt it over to a buffer. One could easily monitor dialups this way. RMONv2 allows for fairly efficient monitoring (in its alMatrixTable) of source-destination address pairs along with an identification of the protocol (Something Japan requires, and which could easily be used to track down hackers who attempt to bounce attacks through chains of machines designed to conseal the true source).
A non-RMON solution would presumably copy packets destined to a certain IP address to be copied to another location. Presumably, this would entail simply encapsulating the IP packet inside another and shipping it off to FBI headquarters.
It seems interesting that most /.ers are against it. It seems that natural geek paranoia is winning out over geek superiority. I generally would support it, simply because I use encryption, but I know that stupid people don't. Stupid criminals really annoy me, and such constraints have no effect on ubergeeks who use encryption anyway.
Finally, there is a really good FAQ on the technology of wiretapping at: http://www.robertgraham.com/pubs /sniffing-faq.html. The information in this document could help you wiretap your own network and spy on your neighbors, though of course such activity is completely illegal and I would never encourage it.
The funny thing is, even though its only for windows, it detections a lot of intrusions for Linux, like the infamous rpc.mountd or numerous POP and IMAP exploits that only Linux is susceptible too (of course, it's really meant for the TONS of windows exploits).
Imagine having to have an intrusion detection system to thwart:
Um, what if I don't? Do I get my money back?
For example, "freedom to work" usually implies that employers have less freedom to hire/fire. Similarly, the the article's pretty accurate on the freedom-of-speech issues -- but the only solution is to restrict freedoms in other areas: freedom to fire people if they expouse views that may have financial impact on my business, freedom as a business owner to publish what I want.
The Brooklyn Museum is a prime example. The real issue here is that government is forcing the taxpayers to pay for speech in the first place. The refusal to fund something is actually a net increase in freedom, not the other way around. Government patronage of the arts isn't a bad thing necesssarily, but it's decisions as to what art to patronize is in now way censhorship.
Another Katz example is the Reform party's desire to oust Ventura. Again, an example of freedom in action. Do we, as a country, want to restrict the freedom of parties to choose their own members?
The funny thing is that Katz thinks these things are new. Patronage of the arts for 200 years has been criticized for promoting the wrong art.
The government is just the reflection of popular will (according to the Declaration of Independence). Therefore, every time the government thwarts popular will, it is doing something wrong. Cutting support for unpopular exhibits, then it is bringing itself more inline with popular will. This is a far cry from restricting soembody who funds his/her own art exhibit.
I'm sorry, but a lot of newbies and experts alike have found A LOT of value with this document.
Network IDS FAQ
This document explains how network intrusion detection systems works and how to use them.
firewall-seen FAQ
This document answers the age old question "I'm seeing XXXX on my firewall, what does it mean?". It also applies to intrusion detection system, it describes today's most common attacks, why the attacker is doing them, and which ones may be false-positives.
Sniffing/wiretap FAQ
Describes how "sniffing/wiretap/eavesdropping" works, which is the technology that IDS is base upon. Also describes how to analyze packets in detail, because when you get attacked, you NEED to be able to pull out a protocol analyzer and look at the attack.
The reason its sold for $40 rather than $4000 is that it runs "non-promiscuous". The personal version is just the "Sentry" version with the sniffing component removed.
Doesn't work on Linux, though :-( But it will detect/block intrusions if the Windows box is used as a router (though that violates the license agreement, it doesn't check).
The thing is, technology redefines what it is to be human. In the past, working with your hands on actual things was thought to be human, wheras being a slave to mass-production machines was thought to be dehumanizing. What has really happened is that since manufacturing has become so productive, "industrialized" nations are now moving away from "industry" to service-based economies. More and more workers are using their "minds" rather than their "hands". We actually look at cultures like the Amish and remark on how "primitive" they are, and how they are "dehuman" in the direction toward "apes".
For the past couple centuries, we've been locked into this scientific angst: we don't want to go backwards and become animals again, and we don't want to go forward and become like robots. Either direction represents a dehumanization.
Everything that Katz says is simply paraphrasing what people said 100 years ago. Its simply a measure of fear and paranoia because they don't know where the world is heading.
For example, Ronald Reagon in the early 1980's purposefully caused the recession at that time. Inflation was at 14% and getting worse. According to economic theory, you should be able jack up interest rates, throw millions of people out of work, and within a year the economy will recover, but resume at a much lower inflation rate.
As it turns out, Ronnie was right. But try explaining that to the people at the beginning of the recession who lost their jobs. I'm sure if they really understood how much control the government has over whether or not to force the country into a recession, they would be majorly pissed off.
Likewise, consider US cryptographic export restrictions. While its theoretical purpose is to make it easier for the NSA to spy on foreigners, it has the weird effect of reducing encryption within the United States. The average person in the US uses 40-bit encryption. Lots of products (such as the new AirPort wireless LAN) use 40-bit encryption because of this, even within the US. I think the government really does understand that export restrictions really have an effect on the encryption used by their own population.
On the other hand, I like low-inflation, and I also like the fact that I personally have easy access to 128-bit encryption but that the average stupid criminal doesn't. In other words, I think I like conspiracies. :)
The upshot is that it looks like most people won't/can't encrypt their data so that we can walk around with notebooks sniffing everyone else's connections. There are several companies building Internet-connected base-stations in airports charging connect-time to surf the web (I just got back from Atlanta which had one). Instead of paying them, you can have fund sniffing what everyone else is doing.
Second, AM or FM is really a dramatic simplification of the way you modulate signals. You are right in thinking that restricting yourself to a single modulation method of either AM or FM dramatically reduces your bandwidth, but you don't think of modulating both amplitude and frequency together; you instead drop the entire concept and modulate the entire wave form. For example, phase-shift-keying (PSK) is a popular modulation technique: think of the sin wave, then abruptly shift it forward 1/4 of a wave (i.e. 90 degrees). You can make some mathematical equation showing the equivalence with simultaneously modulating both amplitude an frequency, but the other mathematics are easier.
My beef is the implementation. For example, I would say that students should be forced to read more Socrates/Aristotle/Plato, but what happens in American universities is that students are forced to know the professors pet theories on the subject and never get around to actually reading the source.
Similarly, in America you must show your work in solving math problems. You can actually do quite well on a test without ever getting a single problem right, whereas another student that gets 100% right answers can fail the test because they didn't show their work. Similarly, only in a America can students graduate without knowing how to read.
In essence, America has a "communist" education system: from each according to his capacity, to each according to his needs. Rather than having a "standard" for all students, learning is "dumbed down" to fit an individual's needs (and naturally, students take advantage of the system accordingly, so this fails just like communism fails). The number one philosophy behind American education system is to support a students self-confidence and stop them from failing. Here's a test of that hypothesis: walk up to an American teacher and say that you think there should be a national test necessary for a high-school diploma (like in every other country). Their first argument would be "...but what about the students that fail". Essentially, these teachers are busy dumbing down the system so that nobody can possibly fail. This means, as in communism, no one can actually "succeed" either. This grade inflation has been going on for 30 years now, in both our colleges and primary schools. (It is very well documented)
As for you comment: [you] personally have heard nothing but complaints from [your] German friends about huge class sizes, distant and arrogant professors, lack of quality teaching, etc. That is absolutely, 100% correct. I've been in [huge] [German] lecture halls where the students are making noise, sending paper airplanes about, etc. while the [distant] professor drones on ignoring the students. Your statement about "the quality of the teaching" reveals your true nature, however. It isn't about teaching, but learning. Compare exiting German students to American ones, and you will find that German students have much greater skills. To bring this around to your original comment: yes, they force you to learn things you wouldn't want to learn on your own, but they leave it up to you how you want to learn them. In otherwords, the education system is so bad students are forced to learn for themselves. In American high-schools, teachers try to "befriend" students; in German high-schools, teachers are hostile toward students. You can actually see this in classrooms where American students disperse throughout the room, whereas German students huddle together with the mentality of ganging up on the professor.
In other words, at every level in the education system comparing Germans to Americans, German outpace the American students. This applies not only to the narrow skills of the fields they have chosen, but a breadth of exposure to alternative ideas. Here is yet a third test: read the German media on abortion, and you hear a wide range of opinions on the subject. Read the American media, and you get exactly two. Germans learn critical thinking skills in school, derived from basic philosophy that Americans never learn. Thus, there is a lot of diversity in the way people think. Americans don't, so on any particular issue, there is less diversity of opinion.
The perverse thing about all this is that I've found German students who study in America do very well, better possibly than if they had stayed in Germany. American students are pampered, whereas German students have much better self-motivation and study skills (they have to, as you see above). Likewise, they are used to more rigorous social pressures in their general culture, so it the stupid [communist] games teachers play seem natural to them.
Another perverse aspect of all this is that German students have more self-confidence. In America, teachers never allow students to fail, so students are never challenged. German students are heavily challenged, and therefore learn how to overcome. This teaches a lot of self-confidence.
Though he respects the student more, he still believes the solution is in better "teaching". In America, the belief is that students need to be taught. There are constant debates on how to teach students better. As many geeks experience in high-school, this is very oppressive: students aren't free to learn in their own way, they are force to play whatever game the teacher wants them to play.
For example, American education has been run on the concept for the past 20 years that we should ram facts down students throats, we should instead teach them how to think. This is extraordinarily oppressive to smart students who have cognative skills better than teachers. I remember in one college EE class where we had to calculate the Thevinin resistence. I failed the lab because I used a complete different technique than what the teacher taught. It took me a week of haranguing the teacher until he let me prove that not only did I get the correct result, but my method produced more significant figures than the "correct" method. Mine also took fewer steps, and as far as I could tell, was more intuitive. I got a B instead of an F, I should have gotten an A+.
I have looked back in the literature and found that this idea is actually even older. It is like Christmas: we all think it was more pure and less commercial in the old days. The reality is that it has been a marketing circus for 150 years. We look back on the classes in school that required rote memorization that we all forgot after the test anyway, and we say that education should be different. The general slide in American education is to teach fewer and fewer facts, and still be an utter failure at how to teach students to think. And while we all hate rote memorization, it isn't as bad as you think: for example, rote memorization of wordlists teaches foreign languages well. To still need the practical application of using the language to "set" them, but you really do have to start with the memorization process.
The funny thing is that even though tests results of grade-school education show Americans behind other developed countries, American grade-school teachers refuse to even consider foriegn school techniques as being relavent in America. Every 5 years some new education guru pops up showing new methods of teaching, and bunches of teachers flock to these new methods.
In many non-American countries, however, the model of education is must different. Let me contrast German and American university systems. I'm sure many American nerds are familiar with the oppressive American system, but they don't realize that it can be different. To start with, in Germany, you don't sign up for a class. If you want to attend lectures, you simply show up. In fact, for the first month of a term, half the students are still off on vacation. You must sign up for some things, like reserving lab time or signing up for a test.
The key here is that students are responsible for their education in Germany, but the system is responsible in America. If you are a nerd/geek, this is extraordinarily oppressive because the system doesn't take into account your special needs.
This isn't to say that German universitys don't have problems; for example they are every much as political as American ones. Also, the German culture is more oppressive for nerd/geek initiative in the first place, though it does free you to learn in your own manner.
From this perspective, I think the philosophical basis behind universities are two-fold: one, to make you a more rounded person by forcing you to take classes in subjects that aren't relavent to your career, and two, certify you as having the basic knowledge to fulfill your career. Let's say that Dr. Dobbs Journal had a certification course on programming in the C language. Their certification would test not only that the person had a full command of the language (i.e. had no problems with pointers-to-pointers) but also a grasp of basic data structures. If you looked at two candidates for a programming position, which would you rather have? A recent Computer Science graduate, who got an A in "Basic C Programming" or a Dr. Dobbs certified C specialist?
As you can see, I'm a geek who has been oppressed by the American education system who wanted to teach me how to think, so I have some pretty strong reactions to articles like this. I rather be freed to learn my own way.
Details
1. think about the difference between "static" content (just files on the disk) and "dynamic" content (pages generated live, like here at /.). If you are just serving files, a 486 can handle it (assuming T1 speeds). I personally use a Pentium/90 at .3 T1 speeds and CPU never gets high.
1bis. Memory and disk speeds are hugely more critical than CPU speeds (if you are not doing dynamic content). Get a DMA harddisk (SCSI or UltraDMA IDE). 64-meg of RAM should really be enough for your application.
2. the biggest thing that is going to kill you is bandwidth. Now I run a website that gets about 10,000 hits/day (raw) on a 400-kbps link, but I'm just serving HTML and inline GIFs so the link never really gets overloaded. However, you sound like you might be hosting some pretty hefty downloads. One technique is to stick your big-files on a free-hosting website (like GeoCities), but they do monitor their logs and they will kill your download, but hopefully that's after being Slashdotted.
3. Reading other comments, I see a bunch of people suggesting RAMDISKS. That's totally unnecessary; the operating system caches disk access equally as well as a RAMDISK. (In fact, a RAMDISK is just a crude way of tuning your disk-cache).
4. Remember to consider you content. Artistic web-designers tend to put way to much layout/graphics in their pages. This can kill you website, as it can easily reach 10-times the bare minimum in size, but moreover kill your site with unnecessary TCP connections (If you put 4 gifs in a web-page, you will cause 4 TCP connections to your site; and the TCP stack within the machine can handle only so many concurrent TCP connections before bogging down).
4bis. Please be polite to readers. You probably will develope your content only on one browser, but slashdotters use a wide variety of browsers; you'll likely piss off a lot of people if, for example, your pages render well on Netscape/4.61 but look like crap on older/alternative versions. This often means reducing layout.
It causes my brain to hurt talking to him. He doesn't understand computers, so computer terms like "disk drive" are complete gibberish to him. On the other hand, words like "cipher-text", "one-time-pad", and other cryptography terms are perfectly natural for him. I simply can't grasp the concept that you could do cryptography without computers.
He has a lot of interesting annecdotes. For example, the Germans thought they had a machine that produced a one-time-pad, but the codebreakers found it repeated over a long cycle. Cracking security today is no different: find accidental weaknesses left behind by the engineers.
I'm not sure what other people feel is the philosophical basis for taxation. It seems to me perfect taxes are basically usage taxes: what you pay exactly matches the benefit you get. For example, rich people should probably pay for for police protection because they have more to lose in a theft. Another philosophical basis might be to "adjust" society to be more like one would we like to live in (i.e. we don't like others around us to suffer in poverty). Combining those two mean we'd prefer gasoline taxes to toll roads, for example (we don't want usage toll booths every mile, and gasoline taxes approximate the benefit AND encourage lower pollution etc.).
For example, if I go to the local store and buy something, the local government probably has the right to levy a sales tax. It maintains the roads I use, it provides police protection, etc. However, when I buy from the Internet, the local government is much less involved. Does my city or state government have the right to tax transactions at the same rate as before? (BTW, the federal government is much more involved, i.e. tracking hacking, fraud, and the lot, but they don't see the money).
Currently, taxes are pretty much a blunt instrument. In the above example, much of what I pay for in the sales tax isn't related to the transaction, but the theory is that it "correlates". Richer people benefit from government services such as fire protection on more expensive homes, and they tend to buy more. Therefore, we think it ok to charge a "fee" for the transaction even though the "benefit" as nothing to do with the transaction.
From this perspective, the government currently subsidizes Internet transactions. The FBI tracks down credit card fraud, which effectively lowers your credit card fees, but you don't pay for that protection. Likewise, shipping your books from Amazon.com creates wear-and-tear on the roads, but you don't pay for that.
Personally, I like the idea of a tax-free Internet zone precisely because taxes across International borders gets difficult. For example, the company I work for sells a $39.95 product that we've sold over the net to Europe, Canada, Asia, South America, etc. We simply cannot handle a country-by-country tax problem. It would cost much more than $39.95 to sell a single copy to Venezuela, for example. Direct Internet taxation will stifle lots of business activity.
As a consequence, I'd like to search for other ways to indirectly tax Internet transactions. A fuel tax springs to mind (which I like for other reasons) to tax shipments. A credit-card tax would also be a good thing (since the government is already subsidizing credit card transactions anyway). In other words, rather than stifle all the small businesses which aren't equiped to deal with the taxes, why not shift the burden onto the big companies that can?
Anyway, those are my thoughts.
I know it's off topic, but I really like your signature "Subtle mind control? Why do all these HTML buttons say 'Submit'?"
:-(
It would be a waste of bandwith, but it could be interesting to moderate people's sigs. The way it would work is that I would track down your user account, and some button would allow me to say that your sig if flamebate, funny, insightful, etc. I notice some good posts but with flamebate sigs -- such a system could help discourage such sigs.
I can see where negative sigs drag down your postings, while positive sigs would simply be ranked somewhere as a list of "best-o-slashdot" list.
On the other hand, I find that sigs generally detract from the whole experience