How does a PVR pose more of a threat than a VCR? Both can be programmed to record a show for later viewing (time shifting), though admittedly a PVR is more sophisticated and flexible. But the essence of the two is the same. You program it to record your favorite shows and you watch them when you want to. Nothing new there.
This is just corporate bellyaching. The economy sucks, and the true nature of the evil bastards running big business is becoming apparent. It was easier for them to hide it when everything was good, but now they're desperate.
Those loads were pretty much the same before slashdotting.
I couldn't even connect 5 minutes after the slashdotting... The system load isn't necessarily related to the bandwidth consumption of your pipe. If the page is static, your pipe is likely to saturate long before the CPU or disk utilization maxes out.
I guess we haven't heard any stories about timex setting off the nuke detectors...so it can't be all that bad can it?
Tritium gives off beta particles, I believe (either that or it's alpha particles). They cannot penetrate the glass or plastic face of the watch, nor the bezel. They stay within the watch, and so pose no risk. But that's somewhat irrelevant given the rarified particle count and the nature of beta particles.
As for your gunsight, the tiny dot of tritium gives off next to no radiation, but in any case the particles only travel a few inches at most. You'd have to practically touch it to the radiation detector to set it off, if even that would do it.
I have a Vaseline glass bead I use to test my Geiger counters with, and it has to be taken out of its paper sleeve and placed next to the detector tube to be measurable. Within a centimeter or two it puts off 20 times the normal background radiation, but 10 centimeters away you can barely tell the difference. It's the uranium in the green tint that exudes radioactive particles, but the quantity of radiation and the nature of beta particles make it effectively undetectible at any range. My guess is that your tritium sight is even less radioactive.
I suppose that if engineers really wanted to work at it and spend a lot of money, we might have nuclear powered, hydrogen lofted aircraft carrier blimps
If you had a nuclear-powered blimp, you wouldn't need hydrogen for lift. The abundance of heat generated by nuclear reactors would be quite sufficient to keep a hot air blimp afloat. No special gases or fuel required, other than plutonium.
I currently get spam at the rate of about 50,000 spams/year. And those are only the ones that my minimal spam filter doesn't catch. That's almost an order of magnitude more than the legitimate emails I get. It's so bad that I'm on the verge of enabling my by permission only email filter. I consider spam an absolute epidemic.
I think there needs to be some serious legislation against spam, but in the end I doubt it will help much. It will merely provide a somewhat satisfying method of impoverishing select spammers, but will do little to stem the tide. It's obvious we will all have to accept the fact that the good old days of email as we knew it are long gone. A new email paradigm will eventually have to come into being.
The Windows and Linux/Unix admins in my company are not paid differently. Same holds true for past jobs too. The main difference I've seen is that the Linux guys can generally get the job done faster than the Windows guys. Linux is a hell of a lot less complicated than Windows, and the Linux guys are generally more competent than the Windows guys.
And in my business, we have lots of Linux boxes directly serving users in various ways. Because we have lots of identical boxes, it's mostly brainless to service and maintain them. If a machine misbehaves or dies, we pull it out of the rack and reinstall it - a mindless and simple operation. The key here is that Linux 1) runs forever, while Windows doesn't, so the admins don't have to reboot servers much, and 2) we didn't pay a penny for the software. I would hate to think how much a Windows server farm would cost us. I shiver at the thought.
You know, I think there are reasons houses like Google, Pixar, and so on, all use Linux for their server farms. TCO is only one of them.
None of these stats seem to cover simulated heavy multiuser/multithread activity. That's what's key as far as I'm concerned. One of the major flaws in Linux today is the scheduling of user processes and file I/O (not sure about networking I/O, but it seems okay from simple observation). There are still severe process/thread starvation problems in the 2.4 kernel which are supposed to have been addressed in 2.5, but I've never seen a really good, real-world performance test to prove it. Until those problems are solved, Linux won't be useful for realtime server work other than web service.
In case you're wondering, no, I'm not a troll. I've done *extensive* testing in this area. So have others, which is why they've been working hard on scheduling.
Most/. readers use IE, if I recall the recent topic on the subject. Given that, it's not a stretch to assume that the majority of/. readers use M$ products regularly.
Reading that Usenet thread was ugly. Dan Bernstein has the unsurpassed ability to present (often) good ideas while being a complete prick.
Dan, you want people to take you more seriously, try being human once in a while.
You don't need to prove just how damn intelligent you are by beating other people over the head with their own "ignorance". You might want to work on your own ignorance in the social skills department first.
That said, transmitting the entire root zone over Usenet and other means sounds like a good suggestion. I hope you can start sounding like less of a lunatic so people will listen to the idea.
How many people have given to [the] EFF more money than they have given to their local telecom to give them shitty DSL service?
What if I like my DSL provider better than I like the EFF? Besides, I pay a lot for my DSL. It's high quality. I can't imagine paying the EFF that much money.
Hey, I might actually consider dumping both my cable and DSL for satellite if I got a chance to live in the highlands. At least in summer. Sounds worth it to me.
That is a good optimization, of course, but you still have the.5 second latency for round-trip packets. That means a TCP SYN sequence takes about a second, and then you can start pushing data. That takes at least another second or so. But, if you do lots of concurrent connections, it will indeed reduce the total wait for the entire page load.
While I'm glad for the guy in the middle of nowhere now that he finally has some way to access the Internet, I do not envy anyone who has to use satellite for their Internet connection. The laws of physics dictate that you will get a minimum of 500 milliseconds ping time to anywhere on the net. Packets must travel 22k miles from the planet to the satellite, then 22k miles back down to your ISP. That's already about 240 milliseconds. Then add the transit time from your ISP to the destination site; for the sake of argument, say it's instantaneous and adds no transit time. Then add in the return trip of 240 milliseconds, for a total of 480 milliseconds. This represents the absolute minimum round-trip time for data sent via satellite. Of course, in the real world, it will be somewhat longer than that, but it depends on your ISP and the rest of the hops between you and the destination.
In terms of realtime games, this sucks bigtime. In terms of web browsing, it can also be quite annoying. A friend of mine had to dump his satellite connection because the latency made web browsing unpleasant and he was at a serious disadvantage in online gaming. That's not to say that throughput is bad, however. It can be quite good, but because of the latency it's probably best suited for non-interactive stuff like transmitting large data files, email, etc.
If I lived in the boondocks, I probably wouldn't hesitate to get satellite. Otherwise I would stay away!
Here are some great deals, straight off their web sites!
walmart.com: LEGO Harry Potter: Chamber of Secrets - $69.77
target.com: Audiovox Personal CD Players - $23.99-$27.99
staples.com: HP OfficeJet 4-in-1 Machine -$149.98
bestbuy.com: Sony Mavica MVC-CD400 Digital Camera - $649.99
Quality of Star Trek decreasing?
on
Ask William Shatner
·
· Score: 5, Interesting
Hi Bill,
I'm curious to know what you think of the "modern day" Star Trek shows that come out every now and then. I feel the shows have degraded in quality, and have become less reminiscent of the original series with each new series that comes out. The Next Generation was generally good, but following shows seem to be progressively less interesting and engaging. Granted, it's a tall order to create a show that surpasses the original Star Trek, but I think they could have done a lot better.
At the risk of biting the hand that feeds (or fed) you, I'd like to hear the honest truth as you see it. What do you think of the four Star Trek spinoffs? Is the franchise still kicking after so many years, or is it time to put it out to pasture?
By the way, I have to tell you that you were my idol growing up. I learned everything I needed to know about women from Captain Kirk!
Having helped develop C2 Unix OSes, I can tell you that Linux does not come close. There may be patches for all I know, but for sure stock Linux doesn't cut it. It's not a matter of Linux being buggy or broken; it's just not built to be that secure. I don't recall all of the criteria, but they are quite intrusive and the vast majority of Linux users would find them more than burdensome.
One example that immediately comes to mind is that "ps" listings can't show other users' processes. Many of the C2 requirements are kind of like that.
I don't know about you, but the fact that Xbox Live doesn't work with dial-up prevents me from considering buying it.
But why would you even want to use it with dialup? It doesn't work with dialup because the bandwidth requirements for decent gameplay are far beyond the 4-6k/second you might get over your modem. Even if they could reduce the bandwidth requirements somehow, that would mean no voice, and the LPBs would waste you anyway.
Never, NEVER, take a percentage of the profits on a movie as payment. No movie known to man has ever profited, thanks to accounting. You must take a percentage of gross or a flat fee. Period. Everyone knows that, except, apparently, Stan Lee, who must have the stupidest lawyer know to man, too.
You are cleary not a security expert or you'd never make the claim that Java, much less any software, is totally secure. There is no such thing, except in the happy land you see in your dreams at night.
It is beyond naive to claim that you're safe simply because Java runs in a sandbox. There has been more than one sandbox security violation reported in the past, and there will be more to come. The same can be said to be true for *any* piece of software. The sandbox cannot be, and is not, perfect. Period, end of story, don't even think of disputing this if you want to continue to be taken seriously.
Let's discuss your statement that a Java app can't touch the disk if you don't want it to. Fine, for the sake of argument, let's say that it's impossible. But it's not necessarily impossible to exploit a bug in the application or the Java engine that does something other than write to the disk. How about if all it does is act as a network zombie, participating in a massive DoS attack against some unwitting web site? Or perhaps it might sniff your network traffic and report back to the hacker. Or maybe all it does is make it report false results to folding@home, or do the actual work but give the hacker credit for the work. Etc.
But, let's say that you're absolutely right, and there's nothing anyone can do to subvert the intent of the Java application or violate the restrictions of the Java engine. You make the mighty big assumption that the application is written perfectly and can resist any form of bad input. Most importantly, you're assuming that your Java engine is correctly configured. Unfortunately, you can never know this to be absolutely true. The safety of the Java engine is only as good as the user who configures it, and it is always possible to make mistakes. One mistake and all your lovely assumptions about the safety of your nice Java sandbox go byebye. Every "expert" of one sort or another has made a simple but potentially tragic blunder configuring otherwise "safe" software at some point in their life.
I reiterate: the only way to be absolutely assured that your systems are not hacked by running folding@home, or any similar service, is to not run it at all in the first place. Any other claim is made with utter naivete. Enroll yourself in Network Security 101 if you disagree, then let us know if you still think you're right.
PS: Even if someone can't write you a Java program on the spot that violates the sandbox doesn't mean it's not possible.
Would you change your mind if the program was written in a secure language like Java?
Nope. Granted, Java might be more secure than an app written in C/C++. But Java is not bulletproof by any stretch. Rule #1 in security is that no application is secure. The corollary to the rule is the only way to be sure is to not run the application in the first place. Kinda like the only way to be sure you don't get AIDS through sex is to not have sex.
It's a security risk, plain and simple. Running this on any company machine containing files that we care about, or that is behind the firewall, is too much of a risk to even consider.
Overly anal? No. All it takes is for someone to discover a buffer overrun in the application, create an exploit, and poison our DNS to get data from their site instead of folding@home's site. This is perfectly possible, and should it happen, could be devastating.
I don't care enough about folding@home to risk company security. The CPU cycles we would have spent crunching data for them are not an issue, especially if the cycles would have been wasted anyway. I would gladly spend those if there were no risk.
Slashdot Mirror
How does a PVR pose more of a threat than a VCR? Both can be programmed to record a show for later viewing (time shifting), though admittedly a PVR is more sophisticated and flexible. But the essence of the two is the same. You program it to record your favorite shows and you watch them when you want to. Nothing new there.
This is just corporate bellyaching. The economy sucks, and the true nature of the evil bastards running big business is becoming apparent. It was easier for them to hide it when everything was good, but now they're desperate.
Those loads were pretty much the same before slashdotting.
I couldn't even connect 5 minutes after the slashdotting... The system load isn't necessarily related to the bandwidth consumption of your pipe. If the page is static, your pipe is likely to saturate long before the CPU or disk utilization maxes out.
It's kind of funny how this guy voluntarily slashdotted himself by submitting an article with a link to his own site, crashing it instantly. :)
If it was an older watch, it might have been radium. I have no doubt that could set off an alarm.
I guess we haven't heard any stories about timex setting off the nuke detectors...so it can't be all that bad can it?
Tritium gives off beta particles, I believe (either that or it's alpha particles). They cannot penetrate the glass or plastic face of the watch, nor the bezel. They stay within the watch, and so pose no risk. But that's somewhat irrelevant given the rarified particle count and the nature of beta particles.
As for your gunsight, the tiny dot of tritium gives off next to no radiation, but in any case the particles only travel a few inches at most. You'd have to practically touch it to the radiation detector to set it off, if even that would do it.
I have a Vaseline glass bead I use to test my Geiger counters with, and it has to be taken out of its paper sleeve and placed next to the detector tube to be measurable. Within a centimeter or two it puts off 20 times the normal background radiation, but 10 centimeters away you can barely tell the difference. It's the uranium in the green tint that exudes radioactive particles, but the quantity of radiation and the nature of beta particles make it effectively undetectible at any range. My guess is that your tritium sight is even less radioactive.
I suppose that if engineers really wanted to work at it and spend a lot of money, we might have nuclear powered, hydrogen lofted aircraft carrier blimps
If you had a nuclear-powered blimp, you wouldn't need hydrogen for lift. The abundance of heat generated by nuclear reactors would be quite sufficient to keep a hot air blimp afloat. No special gases or fuel required, other than plutonium.
I currently get spam at the rate of about 50,000 spams/year. And those are only the ones that my minimal spam filter doesn't catch. That's almost an order of magnitude more than the legitimate emails I get. It's so bad that I'm on the verge of enabling my by permission only email filter. I consider spam an absolute epidemic.
I think there needs to be some serious legislation against spam, but in the end I doubt it will help much. It will merely provide a somewhat satisfying method of impoverishing select spammers, but will do little to stem the tide. It's obvious we will all have to accept the fact that the good old days of email as we knew it are long gone. A new email paradigm will eventually have to come into being.
The Windows and Linux/Unix admins in my company are not paid differently. Same holds true for past jobs too. The main difference I've seen is that the Linux guys can generally get the job done faster than the Windows guys. Linux is a hell of a lot less complicated than Windows, and the Linux guys are generally more competent than the Windows guys.
And in my business, we have lots of Linux boxes directly serving users in various ways. Because we have lots of identical boxes, it's mostly brainless to service and maintain them. If a machine misbehaves or dies, we pull it out of the rack and reinstall it - a mindless and simple operation. The key here is that Linux 1) runs forever, while Windows doesn't, so the admins don't have to reboot servers much, and 2) we didn't pay a penny for the software. I would hate to think how much a Windows server farm would cost us. I shiver at the thought.
You know, I think there are reasons houses like Google, Pixar, and so on, all use Linux for their server farms. TCO is only one of them.
None of these stats seem to cover simulated heavy multiuser/multithread activity. That's what's key as far as I'm concerned. One of the major flaws in Linux today is the scheduling of user processes and file I/O (not sure about networking I/O, but it seems okay from simple observation). There are still severe process/thread starvation problems in the 2.4 kernel which are supposed to have been addressed in 2.5, but I've never seen a really good, real-world performance test to prove it. Until those problems are solved, Linux won't be useful for realtime server work other than web service.
In case you're wondering, no, I'm not a troll. I've done *extensive* testing in this area. So have others, which is why they've been working hard on scheduling.
I wonder why Microsoft advertizes in Slashdot.
/. readers use IE, if I recall the recent topic on the subject. Given that, it's not a stretch to assume that the majority of /. readers use M$ products regularly.
Most
Reading that Usenet thread was ugly. Dan Bernstein has the unsurpassed ability to present (often) good ideas while being a complete prick.
Dan, you want people to take you more seriously, try being human once in a while. You don't need to prove just how damn intelligent you are by beating other people over the head with their own "ignorance". You might want to work on your own ignorance in the social skills department first.
That said, transmitting the entire root zone over Usenet and other means sounds like a good suggestion. I hope you can start sounding like less of a lunatic so people will listen to the idea.
How many people have given to [the] EFF more money than they have given to their local telecom to give them shitty DSL service?
What if I like my DSL provider better than I like the EFF? Besides, I pay a lot for my DSL. It's high quality. I can't imagine paying the EFF that much money.
Hey, I might actually consider dumping both my cable and DSL for satellite if I got a chance to live in the highlands. At least in summer. Sounds worth it to me.
That is a good optimization, of course, but you still have the .5 second latency for round-trip packets. That means a TCP SYN sequence takes about a second, and then you can start pushing data. That takes at least another second or so. But, if you do lots of concurrent connections, it will indeed reduce the total wait for the entire page load.
And games will still suck.
While I'm glad for the guy in the middle of nowhere now that he finally has some way to access the Internet, I do not envy anyone who has to use satellite for their Internet connection. The laws of physics dictate that you will get a minimum of 500 milliseconds ping time to anywhere on the net. Packets must travel 22k miles from the planet to the satellite, then 22k miles back down to your ISP. That's already about 240 milliseconds. Then add the transit time from your ISP to the destination site; for the sake of argument, say it's instantaneous and adds no transit time. Then add in the return trip of 240 milliseconds, for a total of 480 milliseconds. This represents the absolute minimum round-trip time for data sent via satellite. Of course, in the real world, it will be somewhat longer than that, but it depends on your ISP and the rest of the hops between you and the destination.
In terms of realtime games, this sucks bigtime. In terms of web browsing, it can also be quite annoying. A friend of mine had to dump his satellite connection because the latency made web browsing unpleasant and he was at a serious disadvantage in online gaming. That's not to say that throughput is bad, however. It can be quite good, but because of the latency it's probably best suited for non-interactive stuff like transmitting large data files, email, etc.
If I lived in the boondocks, I probably wouldn't hesitate to get satellite. Otherwise I would stay away!
Here are some great deals, straight off their web sites!
walmart.com:
LEGO Harry Potter: Chamber of Secrets - $69.77
target.com:
Audiovox Personal CD Players - $23.99-$27.99
staples.com:
HP OfficeJet 4-in-1 Machine -$149.98
bestbuy.com:
Sony Mavica MVC-CD400 Digital Camera - $649.99
Hi Bill,
I'm curious to know what you think of the "modern day" Star Trek shows that come out every now and then. I feel the shows have degraded in quality, and have become less reminiscent of the original series with each new series that comes out. The Next Generation was generally good, but following shows seem to be progressively less interesting and engaging. Granted, it's a tall order to create a show that surpasses the original Star Trek, but I think they could have done a lot better.
At the risk of biting the hand that feeds (or fed) you, I'd like to hear the honest truth as you see it. What do you think of the four Star Trek spinoffs? Is the franchise still kicking after so many years, or is it time to put it out to pasture?
By the way, I have to tell you that you were my idol growing up. I learned everything I needed to know about women from Captain Kirk!
Having helped develop C2 Unix OSes, I can tell you that Linux does not come close. There may be patches for all I know, but for sure stock Linux doesn't cut it. It's not a matter of Linux being buggy or broken; it's just not built to be that secure. I don't recall all of the criteria, but they are quite intrusive and the vast majority of Linux users would find them more than burdensome.
One example that immediately comes to mind is that "ps" listings can't show other users' processes. Many of the C2 requirements are kind of like that.
I don't know about you, but the fact that Xbox Live doesn't work with dial-up prevents me from considering buying it.
But why would you even want to use it with dialup? It doesn't work with dialup because the bandwidth requirements for decent gameplay are far beyond the 4-6k/second you might get over your modem. Even if they could reduce the bandwidth requirements somehow, that would mean no voice, and the LPBs would waste you anyway.
Never, NEVER, take a percentage of the profits on a movie as payment. No movie known to man has ever profited, thanks to accounting. You must take a percentage of gross or a flat fee. Period. Everyone knows that, except, apparently, Stan Lee, who must have the stupidest lawyer know to man, too.
Isn't MP3.com owned by one of the major labels?
You are cleary not a security expert or you'd never make the claim that Java, much less any software, is totally secure. There is no such thing, except in the happy land you see in your dreams at night.
It is beyond naive to claim that you're safe simply because Java runs in a sandbox. There has been more than one sandbox security violation reported in the past, and there will be more to come. The same can be said to be true for *any* piece of software. The sandbox cannot be, and is not, perfect. Period, end of story, don't even think of disputing this if you want to continue to be taken seriously.
Let's discuss your statement that a Java app can't touch the disk if you don't want it to. Fine, for the sake of argument, let's say that it's impossible. But it's not necessarily impossible to exploit a bug in the application or the Java engine that does something other than write to the disk. How about if all it does is act as a network zombie, participating in a massive DoS attack against some unwitting web site? Or perhaps it might sniff your network traffic and report back to the hacker. Or maybe all it does is make it report false results to folding@home, or do the actual work but give the hacker credit for the work. Etc.
But, let's say that you're absolutely right, and there's nothing anyone can do to subvert the intent of the Java application or violate the restrictions of the Java engine. You make the mighty big assumption that the application is written perfectly and can resist any form of bad input. Most importantly, you're assuming that your Java engine is correctly configured. Unfortunately, you can never know this to be absolutely true. The safety of the Java engine is only as good as the user who configures it, and it is always possible to make mistakes. One mistake and all your lovely assumptions about the safety of your nice Java sandbox go byebye. Every "expert" of one sort or another has made a simple but potentially tragic blunder configuring otherwise "safe" software at some point in their life.
I reiterate: the only way to be absolutely assured that your systems are not hacked by running folding@home, or any similar service, is to not run it at all in the first place. Any other claim is made with utter naivete. Enroll yourself in Network Security 101 if you disagree, then let us know if you still think you're right.
PS: Even if someone can't write you a Java program on the spot that violates the sandbox doesn't mean it's not possible.
Would you change your mind if the program was written in a secure language like Java?
Nope. Granted, Java might be more secure than an app written in C/C++. But Java is not bulletproof by any stretch. Rule #1 in security is that no application is secure. The corollary to the rule is the only way to be sure is to not run the application in the first place. Kinda like the only way to be sure you don't get AIDS through sex is to not have sex.
It's a security risk, plain and simple. Running this on any company machine containing files that we care about, or that is behind the firewall, is too much of a risk to even consider.
Overly anal? No. All it takes is for someone to discover a buffer overrun in the application, create an exploit, and poison our DNS to get data from their site instead of folding@home's site. This is perfectly possible, and should it happen, could be devastating.
I don't care enough about folding@home to risk company security. The CPU cycles we would have spent crunching data for them are not an issue, especially if the cycles would have been wasted anyway. I would gladly spend those if there were no risk.
Guess I can't get anything right today. Swap Crusader and Paladin in my last question.