Yes, perhaps it should provide such an option. Does it? Should/does it apply globally, or can you set it differently per-application? Per-dialog? Is it as flexible as.Xresources, which lets you set things this way for emacs and that way for everything else? How would that relate to themes?
It's all very well to talk about "should" but in the end it doesn't count for much if the default behavior is annoying.
Wrong. Themes can't be that detailed, to cover all the decisions the app developer makes. Even if they could, they'd be so incredibly large and complicated that nobody could create new ones. I know themes and skins are the height of fashion right now, but they're no substitute for UI flexibility.
Some of the advantages touted for Berlin vs. X actually sound like disadvantages to me. Consider:
One of the problems with the X Window System's flexibility was the accumulation of several inconsistant GUI toolkits...Berlin takes care of the user interface by itself without calling upon the use of GUI toolkits
In other words, Berlin takes the Mac approach of taking UI decisions away from app developers. Themes, schmemes, that's not real choice. Any time you add flexibility you create opportunities for both inconsistency and innovation; they're two sides of the same coin. When you take decisions away from people you reduce flexibility, gaining the advantage of consistency at the expense of stifling creativity.
Here's another example:
the size of an object on a 15 inch screen is the same as its size on paper, which is the size of an object on the big viewscreen at NASA...users would be compelled to use the highest resolution/color depth possible for the visual quality rather than for the space on their desktop
Thank you very much for deciding that for me. Maybe I want to free up screen real estate by switching to a higher resolution. Maybe I want all those annoying little dialog boxes to shrink so I have more room for that big image window, which I can resize and zoom in/out just fine without your help, but now you've scaled them right back up so they're in the way again.
OK, maybe that's overstating the case a bit. The point remains, though, that they have strong assumed that there's one "right way" to do things. Even Windows lets you specify lots of things in either pixels or inches (or centimeters, maybe - I don't remember). As it turns out very few applications take advantage of that, but at least they have the choice instead of being told which method to use.
I don't think Berlin's bad. I don't even think they've made bad decisions on the aspects I've mentioned. I just wouldn't go touting them as advantages vs. X when they might just as easily be considered neutral or negative.
As for the other post - I have always heard is "scuzzy."
Back in the very early days, when people could still remember SASI, there was actually a debate about whether SCSI should be "scuzzy" or "sexy". The former pronunciation prevailed, and I never thought it was a coincidence.;-)
As to the high end... Fiberchannel is a step forward, but not enough. Forget all these special purpose buses anyway... my suggestion would be to put a gigabit ethernet interface and an IP stack directly in the drive.
IP is a poor match for storage needs, IMO. TCP in particular was designed - and designed rather well - for the high-latency small-packet environment of the Internet, but storage is a low-latency large-packet world. It's also a world where the hardware must cooperate in ensuring a high level of data integrity, where robust and efficient buffer management is critical, etc. etc. etc. Even on cost, the equation does not clearly favor storage over IP. Sure, you get to use all of your familiar IP networking gear, but it will need to be upgraded to support various storage-related features already present in FC gear. Even on the controller end, do you really think a GigE interface plus an embedded IP stack is easier or cheaper to incorporate into a controller design than FC? I could go on, but I hope you get the point. "One size fits all" is a bankrupt philosophy. Let IP continue to be designed to suit traditional-networking needs, and for storage use something designed to suit storage needs.
Better to run something like GFS directly on the drive.
No, not better at all. Who wants the drive to be a bottleneck or SPOF? The whole point of something like GFS is to avoid those problems via distribution. Putting an IP stack on the drive is bad enough, and now you want to put a multiple-accessor filesystem on it? Dream on. People used to put things like networking stacks and filesystems on separate devices, because main processors were so wimpy, but they stopped doing that more than a decade ago. For a reason.
huge RAID arrays with one smart control node (like NetApps, etc)
NetApp doesn't make disk arrays. If you look at the people who do make high-end disk arrays, you'll see that they have far more than one brain. A big EMC, IBM, or Hitachi disk array is actually a very powerful multiprocessing computer in its own right, that just happens to be dedicated to the task of handling storage.
one drive per brain, a full computer in each drive, each drive a full node on the network
...at which point you're back to distributed systems as they exist today, wondering how to connect each of those single brains to its single drive with a non-proprietary interface. Going around in circles like that doesn't seem very productive to me.
For those who don't feel like building their own flashlight, check out CMG's Infinity Task Light. The LED lasts forever, and it boasts 40+ hours of continuous use on a single AA battery. I use NiMH batteries, which work even longer. The light is bright and rock-steady. I have a blue-green one that is by far the best camping light I've found - whether for reading in a tent or for late-night walks.
This is a victory for "free as in beer"; "Free as in speech" wasn't a player. Implications with respect to political agendas, possible corporate countermeasures, etc. should be obvious.
EVERYTHING that is happening in software engineering, everything new and bold and adventurous, is happening in Java... ...It's one of the classic blunders. Like trying to win a land war in Asia.;)
full disclosure makes it easier to find, prevent or fix the ones who might be hiding
...compared to total non-disclosure. However, by considering only those two possibilities you fall prey to the fallacy of the excluded middle. Partial disclosure - e.g. of risks and countermeasures but not of mechanics, or preferentially to trustworthy security professionals - can provide the same benefits vis a vis total non-disclosure without total disclosure's problem of teaching the bad guys how to exploit a vulnerability.
Five undisclosed vulnerabilities! Smart crackers might have enjoyed exploiting them for months!
Is it not also possible that they discovered these vulnerabilities in their own testing, and decided to fix them before an exploit appeared? Would you fault them for that? I know how the herd likes to jump to the most negative possible conclusions regarding everything MS does, but simple honesty requires that we at least mention and consider alternative explanations.
there have been times when vulnerabilities are announced in software that I used, and yet I don't upgrade. Why? Because the detailed description of the exploit shows that it won't work with the software as configured or as used.
OK, you're talking about a situation where you *knew it didn't apply*. That's a little different than *not knowing it does apply*. Maybe you'd treat the two scenarios the same way, but many wouldn't.
Also, I'd like to point out that I'm all for providing as much information as possible about the conditions that make one vulnerable, and about countermeasures. What I oppose is description not only of conditions and countermeasures, not only of the vulnerability's basic nature ("unchecked buffer length in the xxx-checking part of the yyy-module"), but of exactly how an exploit works or could work. If I, as a user, knew that the exploit involved such-and-such a buffer overflow, that it only mattered if I used feature X and that I could protect myself by doing Y, that last sort of information provides no additional value. It would provide additional value to security professionals as a test case or data point, which is why they should get it via limited disclosure, but it's not useful to me. The only people who derive significant value from the broadcasting of information about exploit mechanics - as opposed to limited disclosure or broadcasting of risk/countermeasure information - are the exploit programmers.
who defines the perimeter of the club, and who established his trust level
I already went over that ground in another sub-thread. Check my user page if you're really interested.
Anyhow, your desire to squelch the actual exploit seems to swim against the current of the internet.
I'm well aware that my attitude regarding disclosure runs counter to the herd/leech mentality.
If the guy who finds the bug stops short of a full exploit, someone else will naturally oblige by filling the gap.
...and if the information had been disseminated efficiently among members of the "defense" before giving it to the "offense" the exploit would be obsolete before it was created. Let's say that I find a vulnerability. I can do one of two things:
I can get whatever information is necessary into the hands of other security professionals so they can develop and deploy patches/signatures/etc. ASAP.
I can put the information into the hands of the bad guys so they can develop and deploy an exploit ASAP.
Clearly it's a race. I know that, even if I try to keep the information among the good guys, a leak will nonetheless occur sooner or later. However, I can try to make sure that as many good guys as possible are already working on countermeasures before the bad guys get the information and start working on exploits. That edge, even if it's only a day or two, might make millions of dollars' worth of difference in the damage (if any) the exploit does when it appears. Are you saying that we should sacrifice those people, just so you can have the warm fuzzy feeling of having additional information that in fact provides you with no additional protection? I'm sure you don't like to think of it that way, but it seems to me that your arguments - and those of others - favoring full disclosure are based more in a personal desire to feel like an expert than in overall social/economic utility.
Seriously, though, if I pissed you off maybe I made you think as well, and that's a good thing even if we happen to disagree.
All of the things you mentioned are very promiscuous in their inclusion of new members. As a matter of fact, they are specifically designed to become as open as possible.
Yes, those particular things are. I was offering them as counterexamples to the assumption that having a list implies a centralized authority, not necessarily as examples of "how things should be" with respect to security information. Your own proposal seems headed in the right direction, except that you seem to lack confidence in the "web of trust" idea. I think it scales better than you seem to think it does.
Also, since most of these details exist in the underground community before the security professionals hear of them, I doubt your closed list would have any affect on the creation of malicious software.
Here's a question: how open is the black-hat community? Do they just share any information with anyone? Are they "free" in that sense? No, not very. In general, to get information you have to pay for it in the form of other information of approximately equal value - what the P2P folks are calling an "economic" model of trust. Somehow, though, everyone arguing with me seems to think this not-very-free community is doing an excellent job of disseminating information so that those who can use it have it. The white hats could do no worse than the black hats by adopting the same less-than-full-disclosure model; given their superior resources and the lack of certain other limitations, they should even be able to do better.
Which means someone has to keep a list of colleagues and everyone with a vulnerability has to make sure to send to everyone on that list.
For someone who just accused me of constructing strawmen, you were pretty quick to whip out one of your own. Ask the Gnutella or FreeNet folks whether distribution of information requires a central directory. Ask the PGP folks whether trust requires a central authority. More decentralized means of distribution can (and do) work rather well for security information.
Do you really advocate dumbing down everyone because of all the clueless W2K and RedHat users who never install any security updates?
Wow, strawman #2 already. No, I do not advocate that at all. In fact, my point in one of my posts to this thread is that those ignorant W2K/RedHat users won't apply the patches anyway, even with full disclosure.
And, of course, in your entire post you mention nowhere that good practice is to alert the vendor before releasing to the public whenever possible.
Perhaps because, just five minutes prior to the post you saw, I had congratulated someone else in another post for reiterating that very point. I don't like to repeat myself, and generally only do so when someone I'm talking to seems particularly thick.
Instead, you imply that "full disclosure" doesn't give the vendor any chance to close the security holes.
Yes, folks, we have a straw-man hat trick! No, there was no such implication in my post; you made that up.
How should third-parties develop countermeasures?
...
How should authors of vulnerability scanners and intrusion detection systems obtain information to produce new signatures?
...
etc.
By limited disclosure. Yes, Virginia, there is something between sweeping something under the carpet and laying out all the gory details for everyone (including other would-be virus/worm writers) to see. If a security-product vendor had information that would help their colleagues create barriers, signatures, etc., they could share that information with those colleagues - without having to share it with the entire world. They could release enough information publicly to allow one "skilled in the art" to create countermeasures, without providing a step-by-step recipe that even the relatively unskilled could use to create new exploits. There's no need to reveal *everything* to *everyone*.
So why don't vendors do this? Do they not have faith in their colleagues' discretion? Hmmm. Do they not have faith that their colleagues can develop countermeasures based on partial information faster than black hats can create new exploits? Hmmm again. The *real* reason why they prefer full disclosure is discussed in one of my other posts to this thread.
Smith goes on to say:
What it boils down to is this: disclosure of detailed vulnerability information benefits security conscious people, while, in the short them, hurts people that do not keep up with security
BZZZT! Wrong. The security-conscious people can get that benefit without full disclosure, with less risk to the security-naive rabble. Of course, it's in security companies' interests that security-naive people should get hurt, making them less security-naive and more likely to buy products or services from companies such as the one of which Smith is CTO. I sure am glad that I'm not in a business where making sure people get hurt is part of the business plan.
That might have been me. Or it might not. In any case, it's a belief I subscribe to, and one which I have voiced here on at least one occasion.
I think what a lot of people are missing with all the talk about "pressure" is that there are basically two types of sysadmins: those that are security-conscious and those that are not. Those that are not are unlikely to apply a patch even when an exploit is known and circulating, unless and until it actually hits them. Look at all the people who failed to apply the IIS patch even after CRv1 went around, and got hit by CRv2. No amount of pressure, on or from the OS vendor, is going to affect that. By contrast, those who are security conscious would take protective measures even without full disclosure just to be safe. If there's no patch available from the vendor, maybe someone else can come up with a stopgap. For example, eEye could have described an adequate set of protective measures for CR without providing the recipe for CRv2; anyone who thinks their reason for not taking that approach is anything but venal must be hopelessly naive. If nobody has a patch or stopgap, the only people who benefit from full disclosure are the bad guys.
Note that in no case of those above does "pressure" make a difference. Also note that in no case does full disclosure help the good guys. The people who work at security companies know each other. They can share the details among themselves discreetly if they choose to, so that all of the firewall/IDS/etc. people can keep up in the arms race. The only difference between that and full disclosure is that full disclosure also makes it more likely that new exploits will appear before the vendors all catch up.
Do you think it's just coincidence that it's good for eEye's business for new versions of CR to appear when they're prepared for it? If so, consider the text of this link from their front page:
The Only Product That Blocked The Worms Before Their Discovery
Remember that eEye is a business too. What if eEye releases information hoping to encourage development of new exploits?
Unfortunately, this method of drumming up business is standard practice in the security industry. It's in their own financial interest to keep security problems in people's minds. At the very least, this means that they will hype any threat to the highest possible level, just like the Y2K consultants did. Too often, actually contributing to the creation of new exploits is also part of the business model. Don't believe me? How do you think these folks know so much about how exploits work? Do you suppose that just maybe it's because they either spent time working the other side of the street, or that they're in contact with people who do? Might there be just the slimmest possibility that they still engage in such activity themselves, when they have both the skills and the (financial) motive to do so? OF COURSE THEY DO!. There are probably a few true white hats out there, but the majority - the vast majority of those who make money off it - are dark grey at best.
The central problem with Freenet is its speed, which I believe is inherently broken. When a user begins a transfer of a file over the Freenet network it is copied to every node...a hop from the source might be very slow
Performance-wise, this caching is actually one of Freenet's strengths. If a cached copy of the data you want exists on the near side of a slow link, you never have to traverse that slow link, and Freenet's caching makes this much more likely. Obviously cache hit ratios, miss penalties, etc. have a lot to do with exactly how well it works in practice, but the caching in general will help far more than it hurts.
Speed problems in Freenet are implementation artifacts, which I expect to be fixed. There is, however, a much more serious design-level problem with Freenet: its lack of reliability. Freenet drops data. While Ian Clarke always turns several pretty colors whenever someone characterizes the data loss as random, data loss that occurs in response to events or conditions that the requester cannot control or even know is just not practically any different. Even if the data exists somewhere in the system, you might not be able to find it. Search requests have a horizon, which Freenet developers in a classic instance of "Not Invented Here" syndroms call HTL (Hops To Live) instead of using the well-known term TTL (Time To Live). If you're 10 hops from where the data was inserted, and your requests use HTL=4, you'd better hope that not one but (at least) two nodes between you and the insertion point requested the data before you. One might argue that you could just use larger HTL values, but if everyone did that your overlay network would get totally clogged with everyone's search requests hitting every other node: ask the Gnutella guys how much fun that was. Freenet makes it even worse because the routing's not reliable enough to avoid loops. The basic problem is that Freenet doesn't have any solution better than HTL to prevent this sort of query-overload meltdown, and adopting HTL as your "solution" guarantees that search results will never be more than guesses.
There are other less technical problems with the Freenet project, but it's not necessary even to go into those. On the basis of technical problems alone, I think that Freenet can never be more than a mediocre niche solution. It will certainly never be the world-changing tsunami that its self-appointed PR flacks (hello IC, OS, BW) would have us believe it is.
I can't mod today, so I'll reply. Excellent post. I disagree with some of what you say, and far more simply goes unaddressed, but overall your points - particularly about the importance of being able to put information in context - are very valid and significant.
It's entirely possible that they're applying different policies to different parts of their network, either intentionally or otherwise. I know that after Bell Atlantic bought Nynex the two halves of their network were not particularly well integrated and ran by very different rules, so it's not a stretch to imagine that the former-GTE and former-BA parts (for example) exhibit different behaviors. I guess what I should have said is that from my house in Lexington MA - which was New England Telephone, then Nynex, etc. - I can get to outside SMTP servers just fine. Whether that applies to someone in, say, Delaware might be a whole different matter.
This is pretty amusing. In the first 15yo thread, I said that's the way adolescents have always behaved, and I got flamed for it. Now I'm getting flamed for limiting my comments to a particular subset of adolescents. There is, apparently, nothing one could say on the matter that won't draw fire from someone who's 15 years old at heart and feels threatened. What better evidence could one ask for that some people just come here to harass others instead of discussing things like adults?
On a more topical note, I still do think there's something distinct about net-connected 15yo techies compared to others their age. There's a level of social reinforcement for their arrogance that didn't exist before. It used to be that little pockets of interest would form by town or neighborhood. God help the kid who was interested in model rocketry while the other kids in the immediate area were all into model trains, or vice versa. The "odd man out" would gain no status or respect through their knowledge. Now, though, it's different. Anybody can hop on the web and find some sort of community based around their interests. They can obtain resources and advice, or respect and status, from their globally dispersed peers. They can spend a great deal of their time in such one-dimensional communities in what amounts to one big circle jerk, instead of being brought down by constant contact with people who consider their preoccupation silly or worthless. Often, they can parlay their narrow interests into highly paid jobs, stroking their egos even furthers. This is very different from the way things used to be, or the way they still are among less-connected people, where potential community members might never meet even when they live very close to one another. Try to find a good marbles player in your area without using the net, then compare that experience to what happens when you ask a similarly obscure computer-related question on the net.
The *tendency* toward this sort of behavior has indeed always been there, but the environment turns tendencies into a much more common reality. The factors that used to mitigate such arrogance have disappeared, and new factors that accentuate it have come into play.
They tend to confuse hostility with communication.
When I was fifteen I thought everyone was out to get me, and that I was way smarter than everyone I knew, and responded in kind. That's what kids at fifteen do.
That's not the same thing as confusing hostility with communication. While a certain level of intergenerational suspicion is natural (as I pointed out last time around), extension of that suspicion even to one's peers - even those who offer only well-meaning questions or advice - is the mark of a sociopath. Unfortunately, such indiscriminate anti-social behavior is only reinforced by ubergeeks who go out of their way to create a false association between creativity and irritability. The received lesson from these "negative role models" is often that you can't be a true ubergeek yourself unless you snap at people constantly, so the impressionable kids emulate that behavior. This is not the same relationship that has traditionally existed between 15-year-olds and their mentors or role models.
They can be arrogant and posturing as well as creative and energetic.
Who would think such a thing could happen
Thank you for your demonstration of arrogant posturing. The point here is that 'net culture encourages such posturing, as described above.
They fixate on "me" media, blocking and filtering people and ideas they don't like or agree with.
God knows when I was a kid, the last thing I wanted were things that catered and marketed to my life and my outlook
Again, you're demonstrating the exact same behavior that Katz attributes to 15-year-olds. How old are you, anyway?
Kids have always tried to filter out messages they didn't want to hear. However, the information deluge of the last twenty years has made quite a difference. Every cause, no matter how ridiculous or narrowly defined, has its champions on the net. With so many "channels" to choose from, an impressionable kid can be far more selective about which messages they hear than they could ever be before. If you read the daily newspaper, you'll get more-or-less decent information on a whole range of topics, written from a more-or-less objective POV. If you read Slashdot instead, you'll get information that's not only more limited in scope but also more consistently slanted towards a particular set of philosophical and political views. The kids Katz talks about are the ones who read Slashdot, and that does make them different from other kids who read the paper.
I'm generally no fan of Jon Katz, but I have to applaud the following:
Certain traits of the Net-connected 15-year old form recognizable patterns. They tend to confuse hostility with communication; they shoot (or type) before they think. They can be arrogant and posturing as well as creative and energetic. They are sometimes narcissistic: they fixate on "me" media, blocking and filtering people and ideas they don't like or agree with. Too often, they see reality only as what they (or the people on their mailing lists, blogs or p2p forums) think.
Except that I'd draw the line closer to 25 than 15, I couldn't have said it better myself. It's an almost perfect description of the majority here on slashdot or in the other forums Katz mentions. Web-connected young techies seem very acutely aware of how much they know, and insistent on that knowledge's importance, but startlingly (disgustingly) unaware and dismissive of all that they don't know. It's like the urge to learn is short-lived, taking them only so far before that curiosity disappears and their opinions harden into stone after only a few years. Few and far between, seemingly, are those who continue to admit the limits of their knowledge and set about making new discoveries after those first couple of years. I'm sorry, but as long as I can meet dozens of people a year who have performed and innovated at a high level for a decade or more[1], I will remain unimpressed by people with only a couple of years of less-than-stellar achievement under their belts. Enfants terribles are a dime a dozen, and their inflated sense of their own worth and importance is what brought us the dot-bomb crash.
[1] Yes, such people are also a small minority. Far more ten-year guys[2] have "one year ten times" and not ten years of continuous learning/innovation. That's kind of the point. Just about everyone has a few good years in them. The two-year guy hasn't proven he has anything more than that and, statistically, he's far more likely to fall into the "one year ten times" category, so why does he think he's so exceptional?
[2] It is pretty much just guys I'm talking about. I've known some female developers in my time, including my wife, but the patterns of performance and stagnation among them seem quite different than what we're talking about[3].
I'm a Verizon DSL customer, and I have no problems connecting to outside servers from inside Verizon's network to send mail. Yes, I just checked. My understanding is that it's only the converse that is banned - connecting to Verizon's servers from outside. This has been true ever since I got my DSL account (two years ago) and is a big pain in the ass, but it's not as bad as what people are claiming.
Yes, I know the thing about SMTP was only an aside, and that most of the commotion is about HTTP. Nonetheless, it still bears correction.
Oops, forgot the note. [1] I'm not sure about the spelling because I only ever heard it talked about, never saw anything on paper. Then I left that job and stopped keeping track of such things.
Another thought: the reason Intel, AMD et al keep pushing faster pipes when they only get 20-50% of nominal on the existing pipes is simple. They'll always use only a fraction of whatever pipe you hand them. It's way easier to design a faster pipe and get 20-50% of that than to get 70% or more out of the existing pipe.
That might still be a lot faster than what's seen in the PC space. I remember a few years ago having a devil of a time getting some of the popular Intel chipsets to sustain more than about 20MB/s without locking up. Sun's new-at-the-time "Psycho"[1] chipset was a breath of fresh air by comparison. You might think that 150MB/s sucks, but it would not be at all surprising if it's still better than what you'll find in the Intel/AMD camp.
The concept of "clueless" elders is a thouroghly modern idea, propogated by an edutainment industry devoted to selling Mars bars to kids.
Nice little conspiracy theory you've got there. Unfortunately, it has little to do with reality. Even if we accept your claim that lack of respect for one's elders is a purely modern phenomenon, placing all of the blame on the entertainment industry is ridiculous. Advertisers didn't create the sentiment; they merely play to it.
If you're lucky enough to have a grandparent alive, do yourself a favor and spend a day with them. You'll be amazed at how much they DO know.
Did I ever say I agreed with the attitude that older people are clueless? No, I did not. If you were to look on my website you'd even see some essays - written quite a while ago - about the advantages that older people have over younger ones in the workplace, and similar topics. I'm quite well aware that older people are not in fact clueless, thankyouverymuch.
Slashdot Mirror
Yes, perhaps it should provide such an option. Does it? Should/does it apply globally, or can you set it differently per-application? Per-dialog? Is it as flexible as .Xresources, which lets you set things this way for emacs and that way for everything else? How would that relate to themes?
It's all very well to talk about "should" but in the end it doesn't count for much if the default behavior is annoying.
Wrong. Themes can't be that detailed, to cover all the decisions the app developer makes. Even if they could, they'd be so incredibly large and complicated that nobody could create new ones. I know themes and skins are the height of fashion right now, but they're no substitute for UI flexibility.
Some of the advantages touted for Berlin vs. X actually sound like disadvantages to me. Consider:
In other words, Berlin takes the Mac approach of taking UI decisions away from app developers. Themes, schmemes, that's not real choice. Any time you add flexibility you create opportunities for both inconsistency and innovation; they're two sides of the same coin. When you take decisions away from people you reduce flexibility, gaining the advantage of consistency at the expense of stifling creativity.
Here's another example:
Thank you very much for deciding that for me. Maybe I want to free up screen real estate by switching to a higher resolution. Maybe I want all those annoying little dialog boxes to shrink so I have more room for that big image window, which I can resize and zoom in/out just fine without your help, but now you've scaled them right back up so they're in the way again.
OK, maybe that's overstating the case a bit. The point remains, though, that they have strong assumed that there's one "right way" to do things. Even Windows lets you specify lots of things in either pixels or inches (or centimeters, maybe - I don't remember). As it turns out very few applications take advantage of that, but at least they have the choice instead of being told which method to use.
I don't think Berlin's bad. I don't even think they've made bad decisions on the aspects I've mentioned. I just wouldn't go touting them as advantages vs. X when they might just as easily be considered neutral or negative.
Back in the very early days, when people could still remember SASI, there was actually a debate about whether SCSI should be "scuzzy" or "sexy". The former pronunciation prevailed, and I never thought it was a coincidence. ;-)
IP is a poor match for storage needs, IMO. TCP in particular was designed - and designed rather well - for the high-latency small-packet environment of the Internet, but storage is a low-latency large-packet world. It's also a world where the hardware must cooperate in ensuring a high level of data integrity, where robust and efficient buffer management is critical, etc. etc. etc. Even on cost, the equation does not clearly favor storage over IP. Sure, you get to use all of your familiar IP networking gear, but it will need to be upgraded to support various storage-related features already present in FC gear. Even on the controller end, do you really think a GigE interface plus an embedded IP stack is easier or cheaper to incorporate into a controller design than FC? I could go on, but I hope you get the point. "One size fits all" is a bankrupt philosophy. Let IP continue to be designed to suit traditional-networking needs, and for storage use something designed to suit storage needs.
No, not better at all. Who wants the drive to be a bottleneck or SPOF? The whole point of something like GFS is to avoid those problems via distribution. Putting an IP stack on the drive is bad enough, and now you want to put a multiple-accessor filesystem on it? Dream on. People used to put things like networking stacks and filesystems on separate devices, because main processors were so wimpy, but they stopped doing that more than a decade ago. For a reason.
NetApp doesn't make disk arrays. If you look at the people who do make high-end disk arrays, you'll see that they have far more than one brain. A big EMC, IBM, or Hitachi disk array is actually a very powerful multiprocessing computer in its own right, that just happens to be dedicated to the task of handling storage.
...at which point you're back to distributed systems as they exist today, wondering how to connect each of those single brains to its single drive with a non-proprietary interface. Going around in circles like that doesn't seem very productive to me.
For those who don't feel like building their own flashlight, check out CMG's Infinity Task Light. The LED lasts forever, and it boasts 40+ hours of continuous use on a single AA battery. I use NiMH batteries, which work even longer. The light is bright and rock-steady. I have a blue-green one that is by far the best camping light I've found - whether for reading in a tent or for late-night walks.
This is a victory for "free as in beer"; "Free as in speech" wasn't a player. Implications with respect to political agendas, possible corporate countermeasures, etc. should be obvious.
Truly, you have a dizzying intellect.
...compared to total non-disclosure. However, by considering only those two possibilities you fall prey to the fallacy of the excluded middle. Partial disclosure - e.g. of risks and countermeasures but not of mechanics, or preferentially to trustworthy security professionals - can provide the same benefits vis a vis total non-disclosure without total disclosure's problem of teaching the bad guys how to exploit a vulnerability.
Is it not also possible that they discovered these vulnerabilities in their own testing, and decided to fix them before an exploit appeared? Would you fault them for that? I know how the herd likes to jump to the most negative possible conclusions regarding everything MS does, but simple honesty requires that we at least mention and consider alternative explanations.
OK, you're talking about a situation where you *knew it didn't apply*. That's a little different than *not knowing it does apply*. Maybe you'd treat the two scenarios the same way, but many wouldn't.
Also, I'd like to point out that I'm all for providing as much information as possible about the conditions that make one vulnerable, and about countermeasures. What I oppose is description not only of conditions and countermeasures, not only of the vulnerability's basic nature ("unchecked buffer length in the xxx-checking part of the yyy-module"), but of exactly how an exploit works or could work. If I, as a user, knew that the exploit involved such-and-such a buffer overflow, that it only mattered if I used feature X and that I could protect myself by doing Y, that last sort of information provides no additional value. It would provide additional value to security professionals as a test case or data point, which is why they should get it via limited disclosure, but it's not useful to me. The only people who derive significant value from the broadcasting of information about exploit mechanics - as opposed to limited disclosure or broadcasting of risk/countermeasure information - are the exploit programmers.
I already went over that ground in another sub-thread. Check my user page if you're really interested.
I'm well aware that my attitude regarding disclosure runs counter to the herd/leech mentality.
...and if the information had been disseminated efficiently among members of the "defense" before giving it to the "offense" the exploit would be obsolete before it was created. Let's say that I find a vulnerability. I can do one of two things:
Clearly it's a race. I know that, even if I try to keep the information among the good guys, a leak will nonetheless occur sooner or later. However, I can try to make sure that as many good guys as possible are already working on countermeasures before the bad guys get the information and start working on exploits. That edge, even if it's only a day or two, might make millions of dollars' worth of difference in the damage (if any) the exploit does when it appears. Are you saying that we should sacrifice those people, just so you can have the warm fuzzy feeling of having additional information that in fact provides you with no additional protection? I'm sure you don't like to think of it that way, but it seems to me that your arguments - and those of others - favoring full disclosure are based more in a personal desire to feel like an expert than in overall social/economic utility.
Can you see me quaking? No, didn't think so.
Seriously, though, if I pissed you off maybe I made you think as well, and that's a good thing even if we happen to disagree.
Yes, those particular things are. I was offering them as counterexamples to the assumption that having a list implies a centralized authority, not necessarily as examples of "how things should be" with respect to security information. Your own proposal seems headed in the right direction, except that you seem to lack confidence in the "web of trust" idea. I think it scales better than you seem to think it does.
Here's a question: how open is the black-hat community? Do they just share any information with anyone? Are they "free" in that sense? No, not very. In general, to get information you have to pay for it in the form of other information of approximately equal value - what the P2P folks are calling an "economic" model of trust. Somehow, though, everyone arguing with me seems to think this not-very-free community is doing an excellent job of disseminating information so that those who can use it have it. The white hats could do no worse than the black hats by adopting the same less-than-full-disclosure model; given their superior resources and the lack of certain other limitations, they should even be able to do better.
For someone who just accused me of constructing strawmen, you were pretty quick to whip out one of your own. Ask the Gnutella or FreeNet folks whether distribution of information requires a central directory. Ask the PGP folks whether trust requires a central authority. More decentralized means of distribution can (and do) work rather well for security information.
Wow, strawman #2 already. No, I do not advocate that at all. In fact, my point in one of my posts to this thread is that those ignorant W2K/RedHat users won't apply the patches anyway, even with full disclosure.
Perhaps because, just five minutes prior to the post you saw, I had congratulated someone else in another post for reiterating that very point. I don't like to repeat myself, and generally only do so when someone I'm talking to seems particularly thick.
Yes, folks, we have a straw-man hat trick! No, there was no such implication in my post; you made that up.
In that thread, Richard Smith asks:
By limited disclosure. Yes, Virginia, there is something between sweeping something under the carpet and laying out all the gory details for everyone (including other would-be virus/worm writers) to see. If a security-product vendor had information that would help their colleagues create barriers, signatures, etc., they could share that information with those colleagues - without having to share it with the entire world. They could release enough information publicly to allow one "skilled in the art" to create countermeasures, without providing a step-by-step recipe that even the relatively unskilled could use to create new exploits. There's no need to reveal *everything* to *everyone*.
So why don't vendors do this? Do they not have faith in their colleagues' discretion? Hmmm. Do they not have faith that their colleagues can develop countermeasures based on partial information faster than black hats can create new exploits? Hmmm again. The *real* reason why they prefer full disclosure is discussed in one of my other posts to this thread.
Smith goes on to say:
BZZZT! Wrong. The security-conscious people can get that benefit without full disclosure, with less risk to the security-naive rabble. Of course, it's in security companies' interests that security-naive people should get hurt, making them less security-naive and more likely to buy products or services from companies such as the one of which Smith is CTO. I sure am glad that I'm not in a business where making sure people get hurt is part of the business plan.
That might have been me. Or it might not. In any case, it's a belief I subscribe to, and one which I have voiced here on at least one occasion.
I think what a lot of people are missing with all the talk about "pressure" is that there are basically two types of sysadmins: those that are security-conscious and those that are not. Those that are not are unlikely to apply a patch even when an exploit is known and circulating, unless and until it actually hits them. Look at all the people who failed to apply the IIS patch even after CRv1 went around, and got hit by CRv2. No amount of pressure, on or from the OS vendor, is going to affect that. By contrast, those who are security conscious would take protective measures even without full disclosure just to be safe. If there's no patch available from the vendor, maybe someone else can come up with a stopgap. For example, eEye could have described an adequate set of protective measures for CR without providing the recipe for CRv2; anyone who thinks their reason for not taking that approach is anything but venal must be hopelessly naive. If nobody has a patch or stopgap, the only people who benefit from full disclosure are the bad guys.
Note that in no case of those above does "pressure" make a difference. Also note that in no case does full disclosure help the good guys. The people who work at security companies know each other. They can share the details among themselves discreetly if they choose to, so that all of the firewall/IDS/etc. people can keep up in the arms race. The only difference between that and full disclosure is that full disclosure also makes it more likely that new exploits will appear before the vendors all catch up.
Do you think it's just coincidence that it's good for eEye's business for new versions of CR to appear when they're prepared for it? If so, consider the text of this link from their front page:
Unfortunately, this method of drumming up business is standard practice in the security industry. It's in their own financial interest to keep security problems in people's minds. At the very least, this means that they will hype any threat to the highest possible level, just like the Y2K consultants did. Too often, actually contributing to the creation of new exploits is also part of the business model. Don't believe me? How do you think these folks know so much about how exploits work? Do you suppose that just maybe it's because they either spent time working the other side of the street, or that they're in contact with people who do? Might there be just the slimmest possibility that they still engage in such activity themselves, when they have both the skills and the (financial) motive to do so? OF COURSE THEY DO!. There are probably a few true white hats out there, but the majority - the vast majority of those who make money off it - are dark grey at best.
Performance-wise, this caching is actually one of Freenet's strengths. If a cached copy of the data you want exists on the near side of a slow link, you never have to traverse that slow link, and Freenet's caching makes this much more likely. Obviously cache hit ratios, miss penalties, etc. have a lot to do with exactly how well it works in practice, but the caching in general will help far more than it hurts.
Speed problems in Freenet are implementation artifacts, which I expect to be fixed. There is, however, a much more serious design-level problem with Freenet: its lack of reliability. Freenet drops data. While Ian Clarke always turns several pretty colors whenever someone characterizes the data loss as random, data loss that occurs in response to events or conditions that the requester cannot control or even know is just not practically any different. Even if the data exists somewhere in the system, you might not be able to find it. Search requests have a horizon, which Freenet developers in a classic instance of "Not Invented Here" syndroms call HTL (Hops To Live) instead of using the well-known term TTL (Time To Live). If you're 10 hops from where the data was inserted, and your requests use HTL=4, you'd better hope that not one but (at least) two nodes between you and the insertion point requested the data before you. One might argue that you could just use larger HTL values, but if everyone did that your overlay network would get totally clogged with everyone's search requests hitting every other node: ask the Gnutella guys how much fun that was. Freenet makes it even worse because the routing's not reliable enough to avoid loops. The basic problem is that Freenet doesn't have any solution better than HTL to prevent this sort of query-overload meltdown, and adopting HTL as your "solution" guarantees that search results will never be more than guesses.
There are other less technical problems with the Freenet project, but it's not necessary even to go into those. On the basis of technical problems alone, I think that Freenet can never be more than a mediocre niche solution. It will certainly never be the world-changing tsunami that its self-appointed PR flacks (hello IC, OS, BW) would have us believe it is.
I can't mod today, so I'll reply. Excellent post. I disagree with some of what you say, and far more simply goes unaddressed, but overall your points - particularly about the importance of being able to put information in context - are very valid and significant.
It's entirely possible that they're applying different policies to different parts of their network, either intentionally or otherwise. I know that after Bell Atlantic bought Nynex the two halves of their network were not particularly well integrated and ran by very different rules, so it's not a stretch to imagine that the former-GTE and former-BA parts (for example) exhibit different behaviors. I guess what I should have said is that from my house in Lexington MA - which was New England Telephone, then Nynex, etc. - I can get to outside SMTP servers just fine. Whether that applies to someone in, say, Delaware might be a whole different matter.
This is pretty amusing. In the first 15yo thread, I said that's the way adolescents have always behaved, and I got flamed for it. Now I'm getting flamed for limiting my comments to a particular subset of adolescents. There is, apparently, nothing one could say on the matter that won't draw fire from someone who's 15 years old at heart and feels threatened. What better evidence could one ask for that some people just come here to harass others instead of discussing things like adults?
On a more topical note, I still do think there's something distinct about net-connected 15yo techies compared to others their age. There's a level of social reinforcement for their arrogance that didn't exist before. It used to be that little pockets of interest would form by town or neighborhood. God help the kid who was interested in model rocketry while the other kids in the immediate area were all into model trains, or vice versa. The "odd man out" would gain no status or respect through their knowledge. Now, though, it's different. Anybody can hop on the web and find some sort of community based around their interests. They can obtain resources and advice, or respect and status, from their globally dispersed peers. They can spend a great deal of their time in such one-dimensional communities in what amounts to one big circle jerk, instead of being brought down by constant contact with people who consider their preoccupation silly or worthless. Often, they can parlay their narrow interests into highly paid jobs, stroking their egos even furthers. This is very different from the way things used to be, or the way they still are among less-connected people, where potential community members might never meet even when they live very close to one another. Try to find a good marbles player in your area without using the net, then compare that experience to what happens when you ask a similarly obscure computer-related question on the net.
The *tendency* toward this sort of behavior has indeed always been there, but the environment turns tendencies into a much more common reality. The factors that used to mitigate such arrogance have disappeared, and new factors that accentuate it have come into play.
That's not the same thing as confusing hostility with communication. While a certain level of intergenerational suspicion is natural (as I pointed out last time around), extension of that suspicion even to one's peers - even those who offer only well-meaning questions or advice - is the mark of a sociopath. Unfortunately, such indiscriminate anti-social behavior is only reinforced by ubergeeks who go out of their way to create a false association between creativity and irritability. The received lesson from these "negative role models" is often that you can't be a true ubergeek yourself unless you snap at people constantly, so the impressionable kids emulate that behavior. This is not the same relationship that has traditionally existed between 15-year-olds and their mentors or role models.
Thank you for your demonstration of arrogant posturing. The point here is that 'net culture encourages such posturing, as described above.
Again, you're demonstrating the exact same behavior that Katz attributes to 15-year-olds. How old are you, anyway?
Kids have always tried to filter out messages they didn't want to hear. However, the information deluge of the last twenty years has made quite a difference. Every cause, no matter how ridiculous or narrowly defined, has its champions on the net. With so many "channels" to choose from, an impressionable kid can be far more selective about which messages they hear than they could ever be before. If you read the daily newspaper, you'll get more-or-less decent information on a whole range of topics, written from a more-or-less objective POV. If you read Slashdot instead, you'll get information that's not only more limited in scope but also more consistently slanted towards a particular set of philosophical and political views. The kids Katz talks about are the ones who read Slashdot, and that does make them different from other kids who read the paper.
I'm generally no fan of Jon Katz, but I have to applaud the following:
Except that I'd draw the line closer to 25 than 15, I couldn't have said it better myself. It's an almost perfect description of the majority here on slashdot or in the other forums Katz mentions. Web-connected young techies seem very acutely aware of how much they know, and insistent on that knowledge's importance, but startlingly (disgustingly) unaware and dismissive of all that they don't know. It's like the urge to learn is short-lived, taking them only so far before that curiosity disappears and their opinions harden into stone after only a few years. Few and far between, seemingly, are those who continue to admit the limits of their knowledge and set about making new discoveries after those first couple of years. I'm sorry, but as long as I can meet dozens of people a year who have performed and innovated at a high level for a decade or more[1], I will remain unimpressed by people with only a couple of years of less-than-stellar achievement under their belts. Enfants terribles are a dime a dozen, and their inflated sense of their own worth and importance is what brought us the dot-bomb crash.
[1] Yes, such people are also a small minority. Far more ten-year guys[2] have "one year ten times" and not ten years of continuous learning/innovation. That's kind of the point. Just about everyone has a few good years in them. The two-year guy hasn't proven he has anything more than that and, statistically, he's far more likely to fall into the "one year ten times" category, so why does he think he's so exceptional?
[2] It is pretty much just guys I'm talking about. I've known some female developers in my time, including my wife, but the patterns of performance and stagnation among them seem quite different than what we're talking about[3].
[3]Any Pratchett fans out there?
I'm a Verizon DSL customer, and I have no problems connecting to outside servers from inside Verizon's network to send mail. Yes, I just checked. My understanding is that it's only the converse that is banned - connecting to Verizon's servers from outside. This has been true ever since I got my DSL account (two years ago) and is a big pain in the ass, but it's not as bad as what people are claiming.
Yes, I know the thing about SMTP was only an aside, and that most of the commotion is about HTTP. Nonetheless, it still bears correction.
Oops, forgot the note. [1] I'm not sure about the spelling because I only ever heard it talked about, never saw anything on paper. Then I left that job and stopped keeping track of such things.
Another thought: the reason Intel, AMD et al keep pushing faster pipes when they only get 20-50% of nominal on the existing pipes is simple. They'll always use only a fraction of whatever pipe you hand them. It's way easier to design a faster pipe and get 20-50% of that than to get 70% or more out of the existing pipe.
That might still be a lot faster than what's seen in the PC space. I remember a few years ago having a devil of a time getting some of the popular Intel chipsets to sustain more than about 20MB/s without locking up. Sun's new-at-the-time "Psycho"[1] chipset was a breath of fresh air by comparison. You might think that 150MB/s sucks, but it would not be at all surprising if it's still better than what you'll find in the Intel/AMD camp.
Nice little conspiracy theory you've got there. Unfortunately, it has little to do with reality. Even if we accept your claim that lack of respect for one's elders is a purely modern phenomenon, placing all of the blame on the entertainment industry is ridiculous. Advertisers didn't create the sentiment; they merely play to it.
Did I ever say I agreed with the attitude that older people are clueless? No, I did not. If you were to look on my website you'd even see some essays - written quite a while ago - about the advantages that older people have over younger ones in the workplace, and similar topics. I'm quite well aware that older people are not in fact clueless, thankyouverymuch.