Using the wrong ones is illegal in most countries, so they already put "violating FCC codes" right in GUI themselves.
That is true. But which option to choose isn't exactly rocket science, and I don't think the education in the US has deteriorated to the point where the average merkin doesn't know which country he lives in. So choosing a FCC violating setting is clearly the fault of the user.
Now, compare that to writing your own driver that drives the chip correctly. And keep in mind that FCC and many other countries' certification process for end-user WiFi equipment is for the whole system - radio, antenna and the lot. Even switching the antenna technically violates FCC, so using non-FCC tested software to drive the radio chip is way out there with regards to compliance.
Yep, Bill Gates can witness that there is no money on selling an OS.
BeOS, OS/2 and others are examples that there is no money on competing with MS on their home turf.
If Apple should out of the blue decide to go software only and make OSX work on clones, MS would most likely take that as a war declaration. Unless MS is too worried about an antitrust replay, they'd kill Office for OSX in a heartbeat and open their old bag labelled 'kill OS competition'. Not to mention that OSX x86 would be in a worse state than Linux was a few years ago with regards to driver support.
You may think that PC problems are due to shit hardware, which some are, but no most. Most are due to Windows being crap.
The Windows on top of DOS stack of cards was crap. After a couple of iterations of NT, the core OS is actually quite decent.
A lot of Windows stability issues is caused by crap hardware or crap drivers. The PC hardware market is cut-throat, especially on commodity items, so any corner cutting cost saving that can be done generally is done. Why do you think MS is running that big driver/hardware test and certification effort?
In fact, if you click on the Gartner new analysis linked in the vnunet article, you will find no mention of the "security chip" being quoted by this article so we have nested lousy reporting.
Good catch. Who'd have thought that other editors would show the same kind of accuracy that we have become accustomed to here on/.;-)
Seriously though, this is a reasonable move for Apple to ensure that the look, feel and reliability of the MacOS
Is it confirmed yet whether the 'MacIntel' will be standard IBM compatibles with some sort of motherboard identification that enables OSX to verify that it is running on Apple-manufactured hardware, or whether it will be x86 systems that are non-IBM compatible? Say, different kind of BIOS, different motherboard chipset, etc. Anyone had a peak at the innards of one of those x86 OSX devel boxes yet?
As for the 'Mac OS Experience' marketspeak, I think the largest issue would be drivers. Even if Apple is willing to become a software only company (which they evidently don't), getting all the required drivers for the myriad of PC hardware would be a gargantuan task. To provide a it-just-works experience for the users, they have to limit the number of hardware configurations available. It is not a question of "lower quality hardware" or "Apple magic pixie dust hardware", it is a question of driver availability and quality.
As well as providing for an OS "lock" on hardware, the implementation of such chips will also allow for stronger security
I have heard that security claim a lot of times. What I can't seem to find, however, is what kind of increased security the TCPA motherboard chip is supposed to give the user. All the examples I've seen so far can either be solved in software, or by hardware means that are far less open to abuse than TCPA is.
well as enabling one of the features that Hollywood has been demanding before Internet distribution of movies will be allowed by the studios.
The same arguments were used against the radio (people can listen to music for free, the sky is falling), the tape recorder (people can record music for free, the sky is falling), the TV (people won't go to cinemas anymore if they can watch movies on TV, we will never allow broadcast companies to broadcast our movies), the VCR (..and now they can record those movies and see them for free, Boston Strangler!)... It is a bluff and they are hoping they don't get called on it, just as they are bluffing about HDTV and the broadcast flag.
Why would the PCI-E version only ship with 12 pipelines, hrm?
It is a question of manufacturing yields and economics.
When the NV40 was introduced, they were manufactured using a brand new process. nVidia expected a low yield, leading to many parts with some vertex/pixel pipelines botched. So, instead of manufacturing two different cores - one with 12 pipelines for the mid-end and one with 16 pipelines for high-end, and then having to throw out all chips with defects - they instead only manufactured 16 pipeline cores, and chips with a certain number of defects could be down-graded to 12 pipelines. In effect increasing the number of chips that could be sold instead of thrown away.
As the manufacturing process matures, the number of chips with no defects increases. But since there are only so many people that want to buy a high-end chip, nVidia has to deliberately downgrade chips to fill the market demand for mid-end graphics cards.
Now, a 16 pipeline core is larger than a 12 pipeline core, meaning fewer chips per wafer. Once the manufacturing process is good enough, the required number of working high- and mid-end chips can be manufactured cheaper by using two different cores. Evidently, that line was reached by the time the PCI-E versions of the 6800 were introduced.
Note that this is quite common in the semiconductor industry.
Selling chips with certain faults as lower performance (or having redundant functional units on the core), decreasing the number of chips going to the trash. 80486DX with faulty math coprocessor were sold as 486SX. RAM chips often have a few redundant memory banks.
Deliberately down-clocking/-grading chips to fill market demand. Celerons based on a mature core / manufacturing process are usually very good overclockers.
I agree. Not gonna fly. Too much inconvenience for the user and not a large enough whip to make sure the consumer electronics manufacturers don't provide an unofficial work-around.
Sony was also the one that sued in the "Sony vs. Betamax" case and tried to use IP to stop VCRs.
Sony vs Universal et. al.? That was Hollywood trying to outlaw the 'Rec' button on video machines.
Re:Let me be the first to say...
on
SHA-1 Broken
·
· Score: 1
How about H(x)=MD5(x)+SHA-1(x)?
Re:What a hash is/does
on
SHA-1 Broken
·
· Score: 1
A good hash function has the property that if you know the hash for a file, you shouldn't be able to come up with another file that has the same hash without a prohibitive amount of work. A hash function is broken if this property stops holding.
Good explanation. One nitpick, though - that is true for cryptographic hashes. There are other hash functions that are used for other purposes, like error detection (crc32) / correction, hash look-up tables, string search, audio identification, etc.
Just pointing to the fact that it is possible to transfer files without scrambling a file via UDP.
And I'm just pointing out the fact that you can't do it with UDP only, you need a protocol on top.
In fact the transfer mode for a few p2p protocol's use udp to blast out data as fast as possible such as eDonkey.
Ugh. Wonderful. One of the important features of TCP is to discover network congestion and scale back to avoid traffic jams. If too many people run protocols on top of UDP or similar that don't do proper congestion detection, you can get rather nasty problems.
TCP may have error correction and everything built in but it can also be done in UDP.
On top of UDP.
Do you think Cisco (you know that small networking startup in San Jose) would use tftp instead of regular ftp if there wasn't a way to transfer using udp without the file being scrambled.
I don't follow you here.. TFTP is not UDP. The parent claimed (correctly) that UDP is only best-effort. He did not claim that it is impossible to design a protocol running on top of UDP that implements error correction et.al.
Well, they require a packet with the right sequence number to hit in the right time period.
Since there's a window of accepted sequence numbers, it really only requires a shitload of packets with likely numbers. Send enough good guesses and one will hit at the right time.
Like a race exploit, I don't think this requires 'good timing', I think it requires enough attempts to reduce the odds - many will fail, but one may succeed.
It also requires knowledge of the source and destination port and IP address of the connection you want to attack (which usually means you have to be able to eavesdrop on the traffic - not something your average script kiddy on ADSL can do), and the ability to spoof source IP and port (and I can only hope that most ISPs today have enough clue to drop those packets).
So it is more in the league of 'cat might get stuck in the radiator of your SUV causing the engine to overheat and jam causing loss of steering and crashing into a tree' than 'the sky is falling'.
Since the popularity of on-board software raid over the years, it seems that manufacturer Linux support has been nonexistent to mediocre at best.
Most of the cheap 'IDE/SATA RAID' chips and cards (those that don't have on-board RAM) are nothing more than a glorified software RAID driver and a on-card BIOS that enables booting from the RAID.
Except for the boot support, you get exactly the same with Linux software RAID - and with the added bonus that you can use any SCSI and IDE/SATA disk connected to any controller in the RAID.
1. Notify Microsoft and give them x amount of time before you go public 2. Just post the vulnerability -- watch 'em scramble for a fix 3. Just post an exploit -- watch 'em squirm.
This writer is on "level 3" (or maybe the grey area between levels 2 and 3).
No. He is on level 2. He made information about the vulnerability public, he did not provide a ready-to-run exploit that can be used by script kiddies.
Posting the vulnerability is a favor to people. Posting an exploit is a different story altogether. Since you have a hard time differentiating, let me try to help you out:
What are you talking about? He posted a vulnerability and a proof of concept BMP that shows that the stack is overwritten. It doesn't do anything except crash IE5.0.
If he had made a BMP that contained functional shell-code or similar nastiness ready to be used by script-kiddies, I'd agree with you.
PS -- next time, if you're less confrontational in your replies -- you will likely receive more friendly responses...ass.
It also helps to know what you're talking about before going ballistic.
Seems downright bizzarre that anyone would suggest homegrown as a cost effective option.
Depends on the particular product.
For many types of net-connected appliances (NAS servers, routers, firewalls, webcams,..), advanced PDA/cellphones, TiVo'ish media players and similar, Linux makes a lot of sense. Most of these devices are really mini-PCs, and Linux runs well on those.
But if we're talking washing machines, refridgerators, watches and other tiny stuff Linux is often the wrong choice because the hardware required for even a scaled down Linux kernel and libc is more expensive than a microcontroller + RT-OS.
I think the term we are all forgetting is: Defensive Patents. Designed NOT to enforce on a regular basis, but instead to say "sue us, and we will bitch slap you back".
The patent portfolios of companies like IBM and MS are the software business world equivalent of nukes. Mutually assured destruction would happen if two of the large ones released their arsenal at each other.
They are also used for cross licensing purposes - if a small company comes up with something one of the large ones wants/needs, they find some patent in their portfolio that the small company might infringe and say "cross license, or court".
(a) have some software layer that can use windows.dlls in linux, just like Wine...which would ensure that MS would go after you for patent or copyright infringement if your product becomes successfull. MS has not gone after Wine or Mplayer yet, because 1) they are not significant in the market and 2) that last DoJ dance is still a bit fresh.
I speak from experience, on the good end of the shotgun. Unix guys can do Windows, and oh so much more.
Dunno. I've met MCSEs that would never be able to navigate an Xterm, and Unix zealots that think Win2K is equivalent with W95.
Running a large Windows network properly does require knowledge and experience, and I'm not convinced that most *nix admins would be able to do the same without at least half a year of training (but a typical *nix admin would probably learn the Win fundamentals faster than the other way around).
This kind of strikes me as an odd purchase though.
My first thought too.
I can see two possible explanations (apart from Novell wanting to thumb their nose at SCO, but corporate decitions are usually based on increasing profits and not nosethumbing):
Novell wants a native.net implementation - Mono.
Novell wants to build a Linux desktop that is nicely integrated with NDS/ZenWorks.
Slashdot Mirror
Using the wrong ones is illegal in most countries, so they already put "violating FCC codes" right in GUI themselves.
That is true. But which option to choose isn't exactly rocket science, and I don't think the education in the US has deteriorated to the point where the average merkin doesn't know which country he lives in. So choosing a FCC violating setting is clearly the fault of the user.
Now, compare that to writing your own driver that drives the chip correctly. And keep in mind that FCC and many other countries' certification process for end-user WiFi equipment is for the whole system - radio, antenna and the lot. Even switching the antenna technically violates FCC, so using non-FCC tested software to drive the radio chip is way out there with regards to compliance.
Yep, Bill Gates can witness that there is no money on selling an OS.
BeOS, OS/2 and others are examples that there is no money on competing with MS on their home turf.
If Apple should out of the blue decide to go software only and make OSX work on clones, MS would most likely take that as a war declaration. Unless MS is too worried about an antitrust replay, they'd kill Office for OSX in a heartbeat and open their old bag labelled 'kill OS competition'. Not to mention that OSX x86 would be in a worse state than Linux was a few years ago with regards to driver support.
You may think that PC problems are due to shit hardware, which some are, but no most. Most are due to Windows being crap.
The Windows on top of DOS stack of cards was crap. After a couple of iterations of NT, the core OS is actually quite decent.
A lot of Windows stability issues is caused by crap hardware or crap drivers. The PC hardware market is cut-throat, especially on commodity items, so any corner cutting cost saving that can be done generally is done. Why do you think MS is running that big driver/hardware test and certification effort?
In fact, if you click on the Gartner new analysis linked in the vnunet article, you will find no mention of the "security chip" being quoted by this article so we have nested lousy reporting.
/. ;-)
Good catch. Who'd have thought that other editors would show the same kind of accuracy that we have become accustomed to here on
Seriously though, this is a reasonable move for Apple to ensure that the look, feel and reliability of the MacOS
Is it confirmed yet whether the 'MacIntel' will be standard IBM compatibles with some sort of motherboard identification that enables OSX to verify that it is running on Apple-manufactured hardware, or whether it will be x86 systems that are non-IBM compatible? Say, different kind of BIOS, different motherboard chipset, etc. Anyone had a peak at the innards of one of those x86 OSX devel boxes yet?
As for the 'Mac OS Experience' marketspeak, I think the largest issue would be drivers. Even if Apple is willing to become a software only company (which they evidently don't), getting all the required drivers for the myriad of PC hardware would be a gargantuan task. To provide a it-just-works experience for the users, they have to limit the number of hardware configurations available. It is not a question of "lower quality hardware" or "Apple magic pixie dust hardware", it is a question of driver availability and quality.
As well as providing for an OS "lock" on hardware, the implementation of such chips will also allow for stronger security
I have heard that security claim a lot of times. What I can't seem to find, however, is what kind of increased security the TCPA motherboard chip is supposed to give the user. All the examples I've seen so far can either be solved in software, or by hardware means that are far less open to abuse than TCPA is.
well as enabling one of the features that Hollywood has been demanding before Internet distribution of movies will be allowed by the studios.
The same arguments were used against the radio (people can listen to music for free, the sky is falling), the tape recorder (people can record music for free, the sky is falling), the TV (people won't go to cinemas anymore if they can watch movies on TV, we will never allow broadcast companies to broadcast our movies), the VCR (..and now they can record those movies and see them for free, Boston Strangler!)... It is a bluff and they are hoping they don't get called on it, just as they are bluffing about HDTV and the broadcast flag.
Anyone else notice that the talkbacks to the oped has been removed?
/. conspiracy theories. >:->
Cue
Why would the PCI-E version only ship with 12 pipelines, hrm?
It is a question of manufacturing yields and economics.
When the NV40 was introduced, they were manufactured using a brand new process. nVidia expected a low yield, leading to many parts with some vertex/pixel pipelines botched. So, instead of manufacturing two different cores - one with 12 pipelines for the mid-end and one with 16 pipelines for high-end, and then having to throw out all chips with defects - they instead only manufactured 16 pipeline cores, and chips with a certain number of defects could be down-graded to 12 pipelines. In effect increasing the number of chips that could be sold instead of thrown away.
As the manufacturing process matures, the number of chips with no defects increases. But since there are only so many people that want to buy a high-end chip, nVidia has to deliberately downgrade chips to fill the market demand for mid-end graphics cards.
Now, a 16 pipeline core is larger than a 12 pipeline core, meaning fewer chips per wafer. Once the manufacturing process is good enough, the required number of working high- and mid-end chips can be manufactured cheaper by using two different cores. Evidently, that line was reached by the time the PCI-E versions of the 6800 were introduced.
Note that this is quite common in the semiconductor industry.
Selling chips with certain faults as lower performance (or having redundant functional units on the core), decreasing the number of chips going to the trash. 80486DX with faulty math coprocessor were sold as 486SX. RAM chips often have a few redundant memory banks.
Deliberately down-clocking/-grading chips to fill market demand. Celerons based on a mature core / manufacturing process are usually very good overclockers.
But I'd much rather have a 68060. ;-)
I agree. Not gonna fly. Too much inconvenience for the user and not a large enough whip to make sure the consumer electronics manufacturers don't provide an unofficial work-around.
And when the PoE connection to the back-end database breaks:
Quoth the server: 404.
Sony was also the one that sued in the "Sony vs. Betamax" case and tried to use IP to stop VCRs.
Sony vs Universal et. al.? That was Hollywood trying to outlaw the 'Rec' button on video machines.
How about H(x)=MD5(x)+SHA-1(x)?
A good hash function has the property that if you know the hash for a file, you shouldn't be able to come up with another file that has the same hash without a prohibitive amount of work. A hash function is broken if this property stops holding.
Good explanation. One nitpick, though - that is true for cryptographic hashes. There are other hash functions that are used for other purposes, like error detection (crc32) / correction, hash look-up tables, string search, audio identification, etc.
See Wikipedia
a.k.a. Pathologically Eclectic Rubbish Lister
:-)
(In Norway there's a saying that a dear child has many names)
Just pointing to the fact that it is possible to transfer files without scrambling a file via UDP.
And I'm just pointing out the fact that you can't do it with UDP only, you need a protocol on top.
In fact the transfer mode for a few p2p protocol's use udp to blast out data as fast as possible such as eDonkey.
Ugh. Wonderful. One of the important features of TCP is to discover network congestion and scale back to avoid traffic jams. If too many people run protocols on top of UDP or similar that don't do proper congestion detection, you can get rather nasty problems.
TCP may have error correction and everything built in but it can also be done in UDP.
On top of UDP.
Do you think Cisco (you know that small networking startup in San Jose) would use tftp instead of regular ftp if there wasn't a way to transfer using udp without the file being scrambled.
I don't follow you here.. TFTP is not UDP. The parent claimed (correctly) that UDP is only best-effort. He did not claim that it is impossible to design a protocol running on top of UDP that implements error correction et.al.
Well, they require a packet with the right sequence number to hit in the right time period.
Since there's a window of accepted sequence numbers, it really only requires a shitload of packets with likely numbers. Send enough good guesses and one will hit at the right time.
Like a race exploit, I don't think this requires 'good timing', I think it requires enough attempts to reduce the odds - many will fail, but one may succeed.
It also requires knowledge of the source and destination port and IP address of the connection you want to attack (which usually means you have to be able to eavesdrop on the traffic - not something your average script kiddy on ADSL can do), and the ability to spoof source IP and port (and I can only hope that most ISPs today have enough clue to drop those packets).
So it is more in the league of 'cat might get stuck in the radiator of your SUV causing the engine to overheat and jam causing loss of steering and crashing into a tree' than 'the sky is falling'.
Since the popularity of on-board software raid over the years, it seems that manufacturer Linux support has been nonexistent to mediocre at best.
Most of the cheap 'IDE/SATA RAID' chips and cards (those that don't have on-board RAM) are nothing more than a glorified software RAID driver and a on-card BIOS that enables booting from the RAID.
Except for the boot support, you get exactly the same with Linux software RAID - and with the added bonus that you can use any SCSI and IDE/SATA disk connected to any controller in the RAID.
1. Notify Microsoft and give them x amount of time before you go public
2. Just post the vulnerability -- watch 'em scramble for a fix
3. Just post an exploit -- watch 'em squirm.
This writer is on "level 3" (or maybe the grey area between levels 2 and 3).
No. He is on level 2. He made information about the vulnerability public, he did not provide a ready-to-run exploit that can be used by script kiddies.
Posting the vulnerability is a favor to people. Posting an exploit is a different story altogether. Since you have a hard time differentiating, let me try to help you out:
What are you talking about? He posted a vulnerability and a proof of concept BMP that shows that the stack is overwritten. It doesn't do anything except crash IE5.0.
If he had made a BMP that contained functional shell-code or similar nastiness ready to be used by script-kiddies, I'd agree with you.
PS -- next time, if you're less confrontational in your replies -- you will likely receive more friendly responses...ass.
It also helps to know what you're talking about before going ballistic.
Seems downright bizzarre that anyone would suggest homegrown as a cost effective option.
Depends on the particular product.
For many types of net-connected appliances (NAS servers, routers, firewalls, webcams,..), advanced PDA/cellphones, TiVo'ish media players and similar, Linux makes a lot of sense. Most of these devices are really mini-PCs, and Linux runs well on those.
But if we're talking washing machines, refridgerators, watches and other tiny stuff Linux is often the wrong choice because the hardware required for even a scaled down Linux kernel and libc is more expensive than a microcontroller + RT-OS.
I think the term we are all forgetting is: Defensive Patents. Designed NOT to enforce on a regular basis, but instead to say "sue us, and we will bitch slap you back".
The patent portfolios of companies like IBM and MS are the software business world equivalent of nukes. Mutually assured destruction would happen if two of the large ones released their arsenal at each other.
They are also used for cross licensing purposes - if a small company comes up with something one of the large ones wants/needs, they find some patent in their portfolio that the small company might infringe and say "cross license, or court".
Or, as in this case, for bitch-slapping SCO.
(a) have some software layer that can use windows .dlls in linux, just like Wine. ..which would ensure that MS would go after you for patent or copyright infringement if your product becomes successfull. MS has not gone after Wine or Mplayer yet, because 1) they are not significant in the market and 2) that last DoJ dance is still a bit fresh.
I speak from experience, on the good end of the shotgun. Unix guys can do Windows, and oh so much more.
Dunno. I've met MCSEs that would never be able to navigate an Xterm, and Unix zealots that think Win2K is equivalent with W95.
Running a large Windows network properly does require knowledge and experience, and I'm not convinced that most *nix admins would be able to do the same without at least half a year of training (but a typical *nix admin would probably learn the Win fundamentals faster than the other way around).
This kind of strikes me as an odd purchase though.
.net implementation - Mono.
My first thought too.
I can see two possible explanations (apart from Novell wanting to thumb their nose at SCO, but corporate decitions are usually based on increasing profits and not nosethumbing):
Novell wants a native
Novell wants to build a Linux desktop that is nicely integrated with NDS/ZenWorks.
And? If it works better than RTS/CTS and solves their problem..