I have to make something absolutely clear about GPL, because I'm sick of hearing this "viral license" nonsense.
It is wrong wrong wrong and extremely impolite to accuse GPL of being a viral license because an application that links against or is based on a GPL'd app must be GPL.
Someone was kind enough to write a piece of software and give it away. Why shouldn't the auther be able to make the reasonable request that all future uses of that software be equally free? I for one don't want the code I give away turned into commercial products without any benafit to me.
It's not "live and let live" when you base code on my work. That's my work too in there, and I deserve a say in how it's used.
I've heard this before from a lot of FreeBSD advocates: "The FreeBSD TCP stack is lightning fast", which of course goes with the implication that the Linux stack is not all it could be.
For the dozens of times I've heard this, I haven't seen any recent benchmark or anything to back up the claim. It should be very simple to compare the two -- you can use exactly the same apps very easily.
I know that the original TCP stack for Linux was not so hot, but I know it was rewritten sometime in 2.0.x (get me if I'm wrong). I'm sure there have been other improvements through 2.1 developement.
I've never used Linux in a high enough bandwidth environment to be able to see the stack at all. On my old k6-200 serving ftp on 10baseT, processor utilization to fill the pipe (perhaps 30 users, so the ftp daemon wasn't costing much) was about 3%.
Anyone have any reports on the two in a 100baseT or gigabit environment?
Even with memory prices as high as they are, I can improve the performance of my systems with simple garden vegetables and tubers?
While potatoes are bulky and may not be a good option for my laptop (which doesn't have to do much heavy number-crunching anyhow), there is certainly some space in my main box that could be devoted to mashed potatoes.
...
You laugh, but that was seriously my first thought when I read the headline. I think I've been hacking for too long.
You mean the paragon of security if you mean "the glowing perfect example of how security should be."
A paradigm is (according to M-W) 1 : EXAMPLE, PATTERN; especially : an outstandingly clear or typical example or archetype
which NT certainly isn't, but I'm sure that's not what you mean, since Linux (or Solaris or BSD) aren't paradigm's of security either. OpenBSD however is a paragon of security, for example (M-W gives paragon: a model of excellence or perfection )
Read the above comment, or better yet, follow the link to his diary on gnome.org... children, always always follow the link before replying to a story:)
Now then, I have to say I disagree with you about duplicated efforts. In some sense, I feel there has to be a level of duplication. Not that there should be acrimony between competing projects -- interoperability and user choice at a fine-grained level should be the goal, which requires fairly close coordination in things like desktop environments (and is something I commend and encourage for the GNOME and KDE teams).
As an example where duplication is good: GMC is a nice fairly traditional file manager. Doesn't break any new ground, but provides a familiar starting point to the user.
But several developers wanted something more advanced. They wanted to seamlessly integrate networked and local filesystems at the conceptual level via a virtual file system, extending the way the Windows Explorer lets you browse samba shares on your network to include FTP and other file sharing methods. The result is the (still experimental) GNOME Explorer (for lack of a better name). It's an interesting project, but it would have been inappropriate to abandon earlier efforts half-complete in favor of the new one. If developers constantly did that, nothing would ever get finished:)
In addition, different projects have quite different cultures and backgrounds. Calls for the GNOME and KDE teams to merge are just silly -- they don't reflect that the projects have different approaches to the same problem. I think that's disrespectful to the developers, especially coming from non-programmers (I find programmers experienced in large projects, or better directly involved in the projects in question, have clearer perspectives on the whole thing).
First, I note that quantum computers haven't factored jack (yet, anyhow):)
All cryptography that's not one-time pad depends on some one-way function to produce its results -- the idea being that the attacker has to go back the other way, which is hard.
Factoring is certainly an excellent example of such a "trapdoor" function. But not that much in cryptography depends on factoring. The only symmetric cypher I know of that depends exactly on factoring is Blum squaring -- though there are certainly others that are equally un-well known.
RSA really depends on the Euler Phi function, which has yet to be proved equivalent to factoring.
Standard DES and the AES candidates are less secure than that, even, since they trade off speed for a measure of security.
I can't remember how closely Diffie-Helman depends on factoring, but I think it's pretty close. Someone correct me if I'm wrong.
Someone want to add some other cipher types?
We're implementing an Enigma machine on our FPGAs in Fundamentals of CE (18-240)...that's definitely not as secure as factoring:)
As many know, your twofish algorithm is one of the (many) submissions to become the AES standard. The goal for these algorithms is to be able to implement them extremely cheaply in hardware -- say on a 6800 with 256 bytes of RAM. In other words, cheaply enough to put on a smart card.
But IBM's team alleges that any algorithm that simple can be fairly easily cracked by doing a power usage analysis on the chip (by watching fluctuations in the electrical contacts with the reader) and that the necessary equipment to protect against power analysis would be equivalent to a much more complex processor -- so much so you might as well just implement a different and more complex (and hopefully power-random) algorithm. Of course IBM suggests their own implementation.
What do you think? Is there a way to build a simple smart card so that power analysis isn't a problem? Perhaps the whole question will become irrelevant since we'll be carrying around so much processing power in our PDAs that we'll just use them?
but it was one of the last issues. The story took place during the heydey of the Chinese empire (I don't think it's ever made clear exactly when, but at least 500 years ago), and the story is told in the form of an old Chinese exile writing a letter.
I think it was both the best story and best art... and that's saying something...
Win2k crashes on my friend's machine when you exit Unreal Tournament.
Oh, and the RedHat update thing? (the RedHat 6 boxes we code on have been up since the beginning of the semester).
More like, "You go to RedHat's website, download everything in errata (1 command on any decent ftp client, try lftp), and upgrade everything you have installed (also 1 command).
If you do read BugTraq, you'd know that both RedHat and MS have a pretty decent record for acknowledging security holes quickly. The difference is that MS recommends a cheesy workaround and says "wait for the next Service Pack" (which break things more often than not; ZD's Tips for NT Admins include not applying Service Packs unless you know you need them, which is sad). RedHat meanwhile posts the URLs for updated packages in their messages.
You are of course free to run whichever you feel is easier to maintain in a secure state.
More megahertz is more polygons, pure and simple. Floating point speed is the key limitation to what we can do in games these days, and limits all aspects -- from doing transforms for polys to nifty effects like lighting.
The real point of offloading generic tasks like geometry and lighting onto the graphics board is to be able to do crazy, highly specific features on the CPU. Games will only get wilder and wilder. Great things are to come!
...
Oh, you wanted to get work done? I can give you a 386 for free that will run LaTeX, lynx, mutt, gcc/g++, gdb, and everything else you need to be productive:)
A friend of mine put together a cluster in our high school. He did things a bit differently
1. Custom-build Definitely the way to go. You can get nice machines for a few hundrew bucks each. But put cheap video cards in -- it makes maintenance much easier. And some MB's may not boot without them. Spare ISA ones that are lying around should do the trick -- you'll never be taking them out of text mode. The machines we got had cheapie vidcards on the MB, which was fine.
2. HUB Switched all the way.
3. Versions If you want the latest ver, use the ones from Debian potato (unstable):)
5. CPU I recommend Celeron 450a's (300a's OC'd to 450MHz). You'll need a nice motherboard that will let you set core CPU voltages (or some Celerons may not OC, which happened to us). But there are some relatively inexpensive dual motherboards that let you set core voltage, and Celerons and slockets are still pretty cheap (our machines were before the slockets came out, so they're single CPUs). Celerons are far faster than equivalently clocked K6's, so go with Intel unless you want to spring for K7's (now that would be slick!).
6. NICs I'm not sure what the gigabit advantage would be -- probably depends on what you're crunching. Obviously if computation time is high relative to data quantity, you're fine. But gigabit equipment is expensive. Consider ATM equipment -- fast and cheap. ATM switches are way cheaper afaik, and there are a couple of ATM boards supported by Linux. It's ideal for this kind of application since only the head node (which would then need another NIC) needs to talk to the outside world.
8. PGCC I've seen no indication that a) Pentium-optimized code is particularly better (and I suspect its stability...) b) It's faster at all on PPro-based chips. Optimizing for PPro and Pentium are two very different things. I'd just go with a standard Linux distro -- it'll make your life easier. It's irrelevant anyhow, since your code will make all the difference. It might be worth playing with different compilers to see what makes your stuff go fastest. Post the results for the rest of us!
9. Overclocking Any moron can OC a Celeron 300a to 450MHz with a decent motherboard. Beyond that takes guts and skill -- and may not be worth it, since a decently sized cluster (ours was 16 machines) will start to show some variance in chips -- as we found out. On the upside, the load balancing software should be able to compensate just fine if you have a few dud nodes. Many Beowulf clusters are heterogeneous.
considering that Glide and GL are not the same thing.
If you mean re-implementing the Glide functions so they call GL, this is slow and in violation of 3dfx's copyrights on Glide (Creative provided the same thing under Windows and got their butts sued). This is also not such a trivial thing to do...
This is important: there was a nasty stack-smashing bug that was fixed late in the pre-releases for this kernel.
It was discovered by ben at valinux dot com, and was posted to BugTraq on Friday.
Ben writes:
While doing some debugging, I discovered a really nasty stack smash bug in linux-2.2.12. The I haven't checked previous versions of the 2.2 kernel but bug appears to be fixed in linux-2.2.13pre17.
If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel.
Basically the problem is that the execve system call checks that argv is a valid pointer but it doesn't check that all of the pointers in argv array are valid pointers. If you pass bad pointers into the execve system call you can corrupt the processes stack before it returns to user space. Then when the kernel hands off the process to the elf loader code and which begins to setup the processes it can be made to execute some malicious code in place of the program's main function.
This is particularly scary because all of this occurs BEFORE the program begins executing its main function and AFTER the program returns to user space with privilege. Therefore no matter how well audited the program may be it can be used as to gain privilege.
The thing that tipped me off to the problem was that a program that I exec'd was getting killed with SIGSEGV in __libc_start_main before my main function began running.
-ben
There was more discussion that followed, tho I won't summarize it here. But do upgrade:)
but don't get your panties in a bunch. A friend of mine had a laptop with a Rag LT Pro, and he had to wait till just a few weeks ago for the 2D Xserver for it, so increased support is definitely a good thing. But the Rage Pro is a very out-of-date chipset -- it was already pretty slow at this time a year ago.
I have yet to see a laptop with even acceptable, let alone cutting-edge, 3D support.
by using the IDE controller on my SoundBlaster AWE32. It worked fine:).
As far as I know Linux supports just about everything out there in the IDE controller world. The Promise PCI UDMA controllers definitely work and have acheived quite a bit of popularity. They cost $20-30 and have 2 controllers on a board. Lots of people are using them to build cheap software RAID solutions.
largely that it's very hard to parallelize code so that you can run it through separate execution units without stalling the processor. With the Pentium's two shallow integer execution units it was possible to hand-optimize your assembly to keep the two pipes filled. But breaking up code that is linear in design (i.e. most programs have a single "flow" and assume linearity of execution as their core model) into parallel chunks is a hard problem.
Continuing down the "more, simpler pipes" path is akin to explicitly parallel chips. It's a hot area of research, and there are some applications for which it might pay off (the ones where multiprocessor machines already pay off, perhaps: servers that are doing several unrelated things at once) but for doing just one thing and doing it fast, faster deeper is probably far easier a problem. Remember, Intel has had problems with the old P6 core (ppro/pII/pIII) because it's already very hard to write a compiler that doesn't stall it left and right.
With all that said, I don't see any mention in this article about the actual design of the new chip, except for some very vague (and likely wrong imho) stuff in the article about Wilamette that's referenced in this one.
My issue with the Blackdown port is that, beautifully compliant as it is, it lacks a JIT compiler. My benchmarks make the Kaffe JITC about three times as fast as the Blackdown JDK's interpreter. I consider interpreted Java unusable -- making my computer three times slower (at least) than it should be is not acceptable.
I'm withholding judgement on JITC'd Java as I haven't found at JITC that will run everything. Kaffe will run my little toy tests, but it dies when trying to run a real app like NetBeans (which is apparently pretty evil, they recommend not running with a JITC). NetBeans under the interpreter runs like it was on a 386. I just downloaded the IBM JDK 1.18. I'd really like to port some Java stuff to C++ and compare for speed. Anyone know of any similar benchmarks that have already been done?
Bill Gates is worth 100 billion. Not paid $100 billion. He's not paid even $5 billion. CEO salaries are absurd these days, but they don't reach beyond the 100's of millions, even including stock options etc etc.
But Gates is worth $100 billion because he founded MS and was therefore the (or one of the, Allen was there too) controlling shareholder. So you shouldn't be surprised that if his company has grown into that kind of behemoth he's worth that much. But he was never paid the vast majority of it.
but I wouldn't want to live in Minneapolis. Washington's got: a) A better theater scene. Half a dozen repertory troupes, plus a pile of others. We have our own french theater, our own Shakespeare theater, etc etc etc. b) A better classical music scene. Leonard Slatkin and the NSO. 'Nuff said. (and you can go to free concerts year round) c) A better music scene in general. Does Minneapolis have the 9:30 Club? I think not. How many bands actually tour through there anyhow? d) More interesting people to talk to. Washington is an extremely well educated city and is very diverse. e) A better location. I can get anywhere on the east coast relatively quickly. Minneapolis can't say that, and you're not even in California to make up for it! f) Better weather. Sure, the summers are too hot. But everyplace is airconditioned, and the winters aren't 40 below!
I don't claim Washington is perfect. The traffic bites (officially worse than LA! woohoo!). And the city itself is a miserable place to live, due to years of mismanagement. Only 500,000 of 5e6 area residents live in the city -- you guessed it, the poorest 500,000 for the most part. The suburbs are very nice. Fortunately, the city does seem to be slowly turning around. But for all that, it's a beautiful city to visit, and the public parts (the Mall, pretty much all of NW) is very nice.
Of course, what do I know, I'm stuck in Pittsburgh.
Don't have much opportunity for piracy. You can't do that kind of thing on any scale in a business (perhaps with the exception of real fly-by-night places). The risks and consequences are just too great -- you really don't want your company sued out of existance.
As for users, most of them get M$ for free on their computers. So they don't pay, more than in some very abstract sense. And it's not more than a few bucks per machine.
But it has to do with people who have inside access to companies manipulating stock values for profit.
The most familiar forms are what it looks like Corel's CEO did: taking advantage of knowledge of a coming stock shift to make money. For example, a CEO has the power and connections to do things like make a futures bet (perhaps covered through some holding company so as not to attract attention) that stock will drop, then announce news that causes the stock to drop. It doesn't look quite that bad for Cowpland.
This kind of thing falls under a general class of very strict rules about what you can do and what information you must provide if your company is publicly traded, since there are lots of opportunities for fraud in the stock market.
Securities laws mandate careful prospectuses and evaluation of prospective investors in an IPO to make sure they are not defrauded. Also, things like VA's "quiet period" before their IPO is specifically to prevent insider trading on the IPO.
Anyone want to give more legalistic definitions, since the best I can come up with is pretty anecdotal?
Slashdot Mirror
I have to make something absolutely clear about GPL, because I'm sick of hearing this "viral license" nonsense.
It is wrong wrong wrong and extremely impolite to accuse GPL of being a viral license because an application that links against or is based on a GPL'd app must be GPL.
Someone was kind enough to write a piece of software and give it away. Why shouldn't the auther be able to make the reasonable request that all future uses of that software be equally free? I for one don't want the code I give away turned into commercial products without any benafit to me.
It's not "live and let live" when you base code on my work. That's my work too in there, and I deserve a say in how it's used.
I've heard this before from a lot of FreeBSD advocates: "The FreeBSD TCP stack is lightning fast", which of course goes with the implication that the Linux stack is not all it could be.
For the dozens of times I've heard this, I haven't seen any recent benchmark or anything to back up the claim. It should be very simple to compare the two -- you can use exactly the same apps very easily.
I know that the original TCP stack for Linux was not so hot, but I know it was rewritten sometime in 2.0.x (get me if I'm wrong). I'm sure there have been other improvements through 2.1 developement.
I've never used Linux in a high enough bandwidth environment to be able to see the stack at all. On my old k6-200 serving ftp on 10baseT, processor utilization to fill the pipe (perhaps 30 users, so the ftp daemon wasn't costing much) was about 3%.
Anyone have any reports on the two in a 100baseT or gigabit environment?
Even with memory prices as high as they are, I can improve the performance of my systems with simple garden vegetables and tubers?
While potatoes are bulky and may not be a good option for my laptop (which doesn't have to do much heavy number-crunching anyhow), there is certainly some space in my main box that could be devoted to mashed potatoes.
...
You laugh, but that was seriously my first thought when I read the headline. I think I've been hacking for too long.
You mean the paragon of security if you mean "the glowing perfect example of how security should be."
A paradigm is (according to M-W)
1 : EXAMPLE, PATTERN; especially : an outstandingly clear or typical example or archetype
which NT certainly isn't, but I'm sure that's not what you mean, since Linux (or Solaris or BSD) aren't paradigm's of security either. OpenBSD however is a paragon of security, for example (M-W gives paragon: a model of excellence or perfection )
But the correct usage would be
it'd be approprié
"apropros" means "on the subject of"
Read the above comment, or better yet, follow the link to his diary on gnome.org ... children, always always follow the link before replying to a story :)
:)
Now then, I have to say I disagree with you about duplicated efforts. In some sense, I feel there has to be a level of duplication. Not that there should be acrimony between competing projects -- interoperability and user choice at a fine-grained level should be the goal, which requires fairly close coordination in things like desktop environments (and is something I commend and encourage for the GNOME and KDE teams).
As an example where duplication is good: GMC is a nice fairly traditional file manager. Doesn't break any new ground, but provides a familiar starting point to the user.
But several developers wanted something more advanced. They wanted to seamlessly integrate networked and local filesystems at the conceptual level via a virtual file system, extending the way the Windows Explorer lets you browse samba shares on your network to include FTP and other file sharing methods. The result is the (still experimental) GNOME Explorer (for lack of a better name). It's an interesting project, but it would have been inappropriate to abandon earlier efforts half-complete in favor of the new one. If developers constantly did that, nothing would ever get finished
In addition, different projects have quite different cultures and backgrounds. Calls for the GNOME and KDE teams to merge are just silly -- they don't reflect that the projects have different approaches to the same problem. I think that's disrespectful to the developers, especially coming from non-programmers (I find programmers experienced in large projects, or better directly involved in the projects in question, have clearer perspectives on the whole thing).
First, I note that quantum computers haven't factored jack (yet, anyhow) :)
:)
All cryptography that's not one-time pad depends on some one-way function to produce its results -- the idea being that the attacker has to go back the other way, which is hard.
Factoring is certainly an excellent example of such a "trapdoor" function. But not that much in cryptography depends on factoring. The only symmetric cypher I know of that depends exactly on factoring is Blum squaring -- though there are certainly others that are equally un-well known.
RSA really depends on the Euler Phi function, which has yet to be proved equivalent to factoring.
Standard DES and the AES candidates are less secure than that, even, since they trade off speed for a measure of security.
I can't remember how closely Diffie-Helman depends on factoring, but I think it's pretty close. Someone correct me if I'm wrong.
Someone want to add some other cipher types?
We're implementing an Enigma machine on our FPGAs in Fundamentals of CE (18-240)...that's definitely not as secure as factoring
Bruce --
As many know, your twofish algorithm is one of the (many) submissions to become the AES standard. The goal for these algorithms is to be able to implement them extremely cheaply in hardware -- say on a 6800 with 256 bytes of RAM. In other words, cheaply enough to put on a smart card.
But IBM's team alleges that any algorithm that simple can be fairly easily cracked by doing a power usage analysis on the chip (by watching fluctuations in the electrical contacts with the reader) and that the necessary equipment to protect against power analysis would be equivalent to a much more complex processor -- so much so you might as well just implement a different and more complex (and hopefully power-random) algorithm. Of course IBM suggests their own implementation.
What do you think? Is there a way to build a simple smart card so that power analysis isn't a problem? Perhaps the whole question will become irrelevant since we'll be carrying around so much processing power in our PDAs that we'll just use them?
but it was one of the last issues. The story took place during the heydey of the Chinese empire (I don't think it's ever made clear exactly when, but at least 500 years ago), and the story is told in the form of an old Chinese exile writing a letter.
... and that's saying something...
I think it was both the best story and best art
Win2k crashes on my friend's machine when you exit Unreal Tournament.
Oh, and the RedHat update thing? (the RedHat 6 boxes we code on have been up since the beginning of the semester).
More like, "You go to RedHat's website, download everything in errata (1 command on any decent ftp client, try lftp), and upgrade everything you have installed (also 1 command).
If you do read BugTraq, you'd know that both RedHat and MS have a pretty decent record for acknowledging security holes quickly. The difference is that MS recommends a cheesy workaround and says "wait for the next Service Pack" (which break things more often than not; ZD's Tips for NT Admins include not applying Service Packs unless you know you need them, which is sad). RedHat meanwhile posts the URLs for updated packages in their messages.
You are of course free to run whichever you feel is easier to maintain in a secure state.
when several members of our company were underage, we had problems getting in to E3.
We contacted the show management and they got us special badges. It was a little bit of trouble, not much.
I'm surprised Comdex wouldn't do the same.
More megahertz is more polygons, pure and simple. Floating point speed is the key limitation to what we can do in games these days, and limits all aspects -- from doing transforms for polys to nifty effects like lighting.
:)
The real point of offloading generic tasks like geometry and lighting onto the graphics board is to be able to do crazy, highly specific features on the CPU. Games will only get wilder and wilder. Great things are to come!
...
Oh, you wanted to get work done? I can give you a 386 for free that will run LaTeX, lynx, mutt, gcc/g++, gdb, and everything else you need to be productive
A friend of mine put together a cluster in our high school. He did things a bit differently
:)
...)
1. Custom-build
Definitely the way to go. You can get nice machines for a few hundrew bucks each. But put cheap video cards in -- it makes maintenance much easier. And some MB's may not boot without them. Spare ISA ones that are lying around should do the trick -- you'll never be taking them out of text mode. The machines we got had cheapie vidcards on the MB, which was fine.
2. HUB
Switched all the way.
3. Versions
If you want the latest ver, use the ones from Debian potato (unstable)
5. CPU
I recommend Celeron 450a's (300a's OC'd to 450MHz). You'll need a nice motherboard that will let you set core CPU voltages (or some Celerons may not OC, which happened to us). But there are some relatively inexpensive dual motherboards that let you set core voltage, and Celerons and slockets are still pretty cheap (our machines were before the slockets came out, so they're single CPUs).
Celerons are far faster than equivalently clocked K6's, so go with Intel unless you want to spring for K7's (now that would be slick!).
6. NICs
I'm not sure what the gigabit advantage would be -- probably depends on what you're crunching. Obviously if computation time is high relative to data quantity, you're fine. But gigabit equipment is expensive. Consider ATM equipment -- fast and cheap. ATM switches are way cheaper afaik, and there are a couple of ATM boards supported by Linux. It's ideal for this kind of application since only the head node (which would then need another NIC) needs to talk to the outside world.
8. PGCC
I've seen no indication that
a) Pentium-optimized code is particularly better (and I suspect its stability
b) It's faster at all on PPro-based chips. Optimizing for PPro and Pentium are two very different things. I'd just go with a standard Linux distro -- it'll make your life easier.
It's irrelevant anyhow, since your code will make all the difference. It might be worth playing with different compilers to see what makes your stuff go fastest. Post the results for the rest of us!
9. Overclocking
Any moron can OC a Celeron 300a to 450MHz with a decent motherboard. Beyond that takes guts and skill -- and may not be worth it, since a decently sized cluster (ours was 16 machines) will start to show some variance in chips -- as we found out. On the upside, the load balancing software should be able to compensate just fine if you have a few dud nodes. Many Beowulf clusters are heterogeneous.
considering that Glide and GL are not the same thing.
...
If you mean re-implementing the Glide functions so they call GL, this is slow and in violation of 3dfx's copyrights on Glide (Creative provided the same thing under Windows and got their butts sued). This is also not such a trivial thing to do
Care to provide more details?
But in my book it's out there enough to merit attention, especially since there's some indication that this was not a problem in 2.0.36.
from 2.2.12 to this kernel.
:)
This is important: there was a nasty stack-smashing bug that was fixed late in the pre-releases for this kernel.
It was discovered by ben at valinux dot com, and was posted to BugTraq on Friday.
Ben writes:
While doing some debugging, I discovered a really nasty stack smash
bug in linux-2.2.12. The I haven't checked previous versions of the
2.2 kernel but bug appears to be fixed in linux-2.2.13pre17.
If I am reading this correctly, the implications of this bug could be
very dire. It may be possible to easily obtain root privilege on any
box running this kernel.
Basically the problem is that the execve system call checks that argv
is a valid pointer but it doesn't check that all of the pointers in
argv array are valid pointers. If you pass bad pointers into the
execve system call you can corrupt the processes stack before it
returns to user space. Then when the kernel hands off the process to
the elf loader code and which begins to setup the processes it can be
made to execute some malicious code in place of the program's main
function.
This is particularly scary because all of this occurs BEFORE the
program begins executing its main function and AFTER the program
returns to user space with privilege. Therefore no matter how well
audited the program may be it can be used as to gain privilege.
The thing that tipped me off to the problem was that a program that I
exec'd was getting killed with SIGSEGV in __libc_start_main before my
main function began running.
-ben
There was more discussion that followed, tho I won't summarize it here. But do upgrade
but don't get your panties in a bunch. A friend of mine had a laptop with a Rag LT Pro, and he had to wait till just a few weeks ago for the 2D Xserver for it, so increased support is definitely a good thing. But the Rage Pro is a very out-of-date chipset -- it was already pretty slow at this time a year ago.
I have yet to see a laptop with even acceptable, let alone cutting-edge, 3D support.
by using the IDE controller on my SoundBlaster AWE32. It worked fine :).
As far as I know Linux supports just about everything out there in the IDE controller world. The Promise PCI UDMA controllers definitely work and have acheived quite a bit of popularity. They cost $20-30 and have 2 controllers on a board. Lots of people are using them to build cheap software RAID solutions.
largely that it's very hard to parallelize code so that you can run it through separate execution units without stalling the processor. With the Pentium's two shallow integer execution units it was possible to hand-optimize your assembly to keep the two pipes filled. But breaking up code that is linear in design (i.e. most programs have a single "flow" and assume linearity of execution as their core model) into parallel chunks is a hard problem.
Continuing down the "more, simpler pipes" path is akin to explicitly parallel chips. It's a hot area of research, and there are some applications for which it might pay off (the ones where multiprocessor machines already pay off, perhaps: servers that are doing several unrelated things at once) but for doing just one thing and doing it fast, faster deeper is probably far easier a problem. Remember, Intel has had problems with the old P6 core (ppro/pII/pIII) because it's already very hard to write a compiler that doesn't stall it left and right.
With all that said, I don't see any mention in this article about the actual design of the new chip, except for some very vague (and likely wrong imho) stuff in the article about Wilamette that's referenced in this one.
My issue with the Blackdown port is that, beautifully compliant as it is, it lacks a JIT compiler. My benchmarks make the Kaffe JITC about three times as fast as the Blackdown JDK's interpreter. I consider interpreted Java unusable -- making my computer three times slower (at least) than it should be is not acceptable.
I'm withholding judgement on JITC'd Java as I haven't found at JITC that will run everything. Kaffe will run my little toy tests, but it dies when trying to run a real app like NetBeans (which is apparently pretty evil, they recommend not running with a JITC). NetBeans under the interpreter runs like it was on a 386. I just downloaded the IBM JDK 1.18. I'd really like to port some Java stuff to C++ and compare for speed. Anyone know of any similar benchmarks that have already been done?
Bill Gates is worth 100 billion. Not paid $100 billion. He's not paid even $5 billion. CEO salaries are absurd these days, but they don't reach beyond the 100's of millions, even including stock options etc etc.
But Gates is worth $100 billion because he founded MS and was therefore the (or one of the, Allen was there too) controlling shareholder. So you shouldn't be surprised that if his company has grown into that kind of behemoth he's worth that much. But he was never paid the vast majority of it.
but I wouldn't want to live in Minneapolis. Washington's got:
a) A better theater scene. Half a dozen repertory troupes, plus a pile of others. We have our own french theater, our own Shakespeare theater, etc etc etc.
b) A better classical music scene. Leonard Slatkin and the NSO. 'Nuff said. (and you can go to free concerts year round)
c) A better music scene in general. Does Minneapolis have the 9:30 Club? I think not. How many bands actually tour through there anyhow?
d) More interesting people to talk to. Washington is an extremely well educated city and is very diverse.
e) A better location. I can get anywhere on the east coast relatively quickly. Minneapolis can't say that, and you're not even in California to make up for it!
f) Better weather. Sure, the summers are too hot. But everyplace is airconditioned, and the winters aren't 40 below!
I don't claim Washington is perfect. The traffic bites (officially worse than LA! woohoo!). And the city itself is a miserable place to live, due to years of mismanagement. Only 500,000 of 5e6 area residents live in the city -- you guessed it, the poorest 500,000 for the most part. The suburbs are very nice. Fortunately, the city does seem to be slowly turning around. But for all that, it's a beautiful city to visit, and the public parts (the Mall, pretty much all of NW) is very nice.
Of course, what do I know, I'm stuck in Pittsburgh.
Don't have much opportunity for piracy. You can't do that kind of thing on any scale in a business (perhaps with the exception of real fly-by-night places). The risks and consequences are just too great -- you really don't want your company sued out of existance.
As for users, most of them get M$ for free on their computers. So they don't pay, more than in some very abstract sense. And it's not more than a few bucks per machine.
you learned a great deal from fortune(6)
But it has to do with people who have inside access to companies manipulating stock values for profit.
The most familiar forms are what it looks like Corel's CEO did: taking advantage of knowledge of a coming stock shift to make money. For example, a CEO has the power and connections to do things like make a futures bet (perhaps covered through some holding company so as not to attract attention) that stock will drop, then announce news that causes the stock to drop. It doesn't look quite that bad for Cowpland.
This kind of thing falls under a general class of very strict rules about what you can do and what information you must provide if your company is publicly traded, since there are lots of opportunities for fraud in the stock market.
Securities laws mandate careful prospectuses and evaluation of prospective investors in an IPO to make sure they are not defrauded. Also, things like VA's "quiet period" before their IPO is specifically to prevent insider trading on the IPO.
Anyone want to give more legalistic definitions, since the best I can come up with is pretty anecdotal?