Greg Pfister's book is good -- the details are somewhat dated, though the conceptual portion appears to be aging well.
Distributed net has a page with references for other texts on clustering. `Course, you can always check out the related book purchases links at Amazon.
Figures I've seen (IIRC, from Gregory Aharonian) are that pre-trial costs average US$100k, a case taken to trial average US$1m. Bogus patents are effective because they're too expensive to fight.
An Anti-Patent Patent League -- usually conceived as a patent pool, has been suggested by John Walker of Autodesk, L. Peter Deutsch of Alladin Software, Richard M. Stallman of FSF and LPF, and is now part of a proposal floated by Eric S. Raymond.
While theoretically workable, the obvious problem with the idea is that it hasn't been made to work yet -- though circumstances are changing. Patent pools have some serious organizational and logistical problems. Essentially it puts free software in the position of relying on the kindness of strangers, and patents are still expensive to aquire, maintain, use, and defend.
An alternative I proposed in several areas a few weeks ago is to try to extend the already significant power of copyright as used in free software licenses such as the GNU GPL, NPL, and IBM Public License. Copyright is easily aquired, already held by free software developers and interests, fairly easily defended and asserted, and lasts for fscking ever (life plus 70 years).
The mechanism is to add a termination clause to a software license which says words to the effect "this license terminates, and the rights granted, but not the obligations required, if you initiate patent infringement actions on any licensee of a class of software". The definition of the class is key -- it could be a list of important programs (say gcc, glibc, Linux, bind), a list of projects (say, any GNU project), or all programs covered under a particular license or set of licenses. This is similar in almost all respects to existing software licenses except that terminating actions are extended to a class of software rather than the immediately covered work.
There are a number of problems identified -- businesses may be deterred from using software with such a poison pill, a company which seperates its patent holdings from its main operations may thwart the intent, penalizing beneficiaries of abusers of the license may be necessary but difficult, the clause might be considered a "patent grab" (I think it is, but there's a strong quid pro quo).
Still, if I may say so, it's an interesting and novel approach.
I've heard (though not benchmarked) that a ramdisk will swap out, allowing other system processes (or cache) to utilize memory, and that access through a swapfile is more efficient than access through a cache. I'd be interested in hearing of|seeing benchmark results or comparisons of ramdisk performance vs. cache hits on otherwise identically configured boxes -- same memory, same OS, same load. The discussion was general (other Unices, NT, etc.), not specific to Linux, so YMMV applies.
This is a bug, Rob. If I were to log out and post anon the behavior would be different.
I disagree with the entire "don't moderate and post to the same discussion" rule -- it's too easily circumvented by either posting anonymously or by obtaining multiple IDs (kmself & kmself-post). I'm also much more likely to be interested in posting and/or moderating to articles I am interested in. I don't post much, but when I do this is a really annoying restriction.
I have a couple of other gripes with moderation:
Moderation should not be anonymous. No faceless judges.
Moderators should have more points, or up|down points should be seperately allocated. Five is simply too few on many discussions -- it's too painful to weigh whether or not to spend a point on a specific article.
Additionally, I think most of the AC abuses would be curbed if AC posts had to pass through a moderator for approval (seperate point basis, non-anonymous).
But the 'post anon' mod-undo is really bugging me.
-- Karsten M. Self (kmself@ix.netcom.com) What part of "Gestalt" don't you understand?
SAS for Linux: http://www.netcom.com/~kmself/SAS/SAS4Linux.html Mailing list: "subscribe sas-linux" to mailto:majordomo@cranfield.ac.uk 11:24am up 2 days, 15:04, 0 users, load average: 0.23, 0.17, 0.17
Having paid my way through much of college driving a Xerox 9200 and 5090 ("DocuTech") at a franchise named for curly hair....
Most full-service copy shops will have both a mondo electric paper cutter (it will handle several reams of 11x17, your book is no problem) and the equipment and materials to throw on several types of binds -- combs, velo, spiral wire, etc. Cost is a few bucks.
Though I don't think I'd chop and rebind my books (unless they were falling apart), I have bound some documentation I've printed myself.
But the intelligent threads aren't direct followups to trolls. The first poster gets penalized (maybe the penalty only applies if the post itself is a counter-troll), the rest of the thread is not a direct response to the troll, they are responding to (presumably) slightly more informed discussion. No penalty. Incentive: don't feed trolls, if you must, provide an informed response.
Yes, I've seen a number of trolls generate interesting discussions, but it's usually at a very high S/N cost. See for instance Lewis A. Mettler on open source and security, at Infoworld Electric.
Yes, it ended up producing some intelligent comment, but only at the cost of much, much noise (hundreds of direct posts and thousands of followups). Note Mettler's own followups to my summary and Bob Brewer's (tseliot, mentioned near the top of the link provided). Talk about a one-tune whistle!
Several moderators may hit a post at the same time (I've seen it happen).
Other abuse-detection factors (moderator X poster frequencies) would detect any whack-a-mole moderation. I've suggested same elsewhere in this article.
Granted you've got to build in the safeguards, but it's doable.
"Moderator overload" isn't running out of points, it's running out of poop: "Oh god, 4,922 posts, hellifimgonnatomoderatethemall". It's just intimidating. Better to focus on the edge conditions -- is there anything moderated really high which doesn't deserve it, is there anything moderated really low which doesn't deserve it.
Ok, maybe random ordering would help a bit simply to get stuff moderated. But it doesn't address the psychological impact of seeing hundreds of posts on one topic.
Another thing I was thinking of, that would have a DRASTIC effect on the way things are done, would be to actually include the names of the moderators that moderated the post in the header.
I'd like very much to see this. Moderating is a power and a privilege, it should come with an accompanying responsibility.
At the very least,/. should be tracking frequencies of moderator by poster. Vendettas should stand out quite clearly -- normal moderating patterns will tend to be fairly random (and highly AC, I suspect).
Moderators doing this get a nastygram the first time (and lose moderation points, and have current moderation undone). Second time they are permanently banned from moderating. Subject to personal appeal.
I suggest AC status be a privaledge, not a right. If someone wants to post as an AC, they must prove themself by making valid, worth while and non-flamebait posts that the moderators pick up on. After increasing their score, they can obtain a rank, which in turn gives them a checkbox in the post form allowing their posts to appear as AC.
Problem is that this introduces a registration process for ACs. Part of AC is a CYA for Rob: he doesn't know who you are and he can't find out who you are. He can't spill you to the Feds, InterPol, the Black Helicoptors....
An alternative option might be for all AC posts to have to be filtered by a moderator prior to showing up in the general discussion. Only moderators would see unmoderated AC posts. Multiple moderators would be able to vote an AC post in or out, so the system wouldn't be overly susceptible to moderator abuse. The tragedy of the Stevens article would likely have been avoided.
Rob's plan may not be perfect, but its approaching an ideal. Give someone a second chance (and a third and a fourth and a fifth), then revoke their rights for abusing a privilege. The mechanism might need some work, but the idea is good. I think it's about three chances too many though.... Censorship isn't based on content, it's based on abuse, it's short term and it's quick. Fits the crime, IMO.
The payoff of a troll is the rise it generates. No troll = no rise. Much the same way that some one of the most effective anti-graffiti measures is to simply cover the stuff up as soon as it appears. No art, no impact. Takes away the satisfaction of doing it.
Moderation should mostly focus on hitting posts which are scored too low, and somewhat on posts scored too high. It's easy to get the latter (thresh >= 3). It's really hard to skim the crud (thresh <= 1 or 0) for things which should move up. I'd like to see both min and max scores be configurable in the browsing interface. Randomizing post order doesn't really solve the problem -- in a sufficiently long forum, you'll hit moderator overload no matter what.
Moderation of itself seems to work -- fairly well, most of the time. Posts which are "good" get moderated up consistantly, posts which are "bad" get moderated down consistantly. Posts which are controversial, however, get bounced up and down, and the net score may not reflect the true measure of the post's significance.
I've suggested previously a couple of changes to the browsing interface:
Allow selection of posts by the number of times a post has been moderated, regardless of the score. The controversial stuff will fall out.
Allow setting a ceiling as well as a floor on post scores. It would help moderators a lot to be able to do a quick scan of all -1 (or lower) posts to see if anything's been unfairly demoted. Try doing that on the Stevens article....
I've often found my five moderating points are insufficient to the task. I also dislike the fact that I cannot both post and moderate, and am about this close to coming up with post-only and moderate-only IDs.
Other vague gripes -- it's not always clear what the moderation categories mean (is "funny" up or down), it might be better to simply have an up or down vote, plus optional description. The current options should have an indication of direction (+/- would do it). The categories seem incomplete.
Finally, there ought to be a feedback discussion for Slashdot where users can post their concerns and vote features up or down. Re-open the discussion on a regular basis (say every week or two) to flush out and start over, but keep the old feedbacks for historical perspective.
True type support Try xfstt or other font servers listed at Freshmeat.
Less bulky wigets Tcl/Tk and Motif tend to be a bit on the mondo side. GTK and Qt have much cleaner, more PC|Mac -like wigets. This is an applications development issue for the most part.
Games. Just wait. Meantime, there's always Quake....
Strong second on Steve McConnell's books, though my personal favorite is Code Complete. Steve continues to write on this topic, and is using his current position as editor of IEEE Software to continue spreading the gospel^H^H^H^H^H^Hmessage.
He's been getting curious about the open source movement and the Linux phenomenon -- note Software's Jan/Feb 1999 Linux edition, and the editor's column and response in the current (Jul/Aug 1999) issue. Access is limited to IEEE and ACM members, but editor's columns tend to show up after a month or so at the Construx website.
Among Steve's criticisms of OSS are that design and architecture documentation are sorely lacking. As others have noted here, there are many instances where free software has set sights on existing functionality -- implementing systems the way they should have been in the first place, often closer to the design documentation than the proprietary application.
There you have it, in the man's own words. Bruce Schneier has unwittingly produced excellent evidence that security through obscurity keeps systems solid, but disclosure opens them to cracking 'within months'.
Looks like real-world experience suggests that if you know your algorithm is going to be shaky, keeping it in the dark is the wisest course of action.
And likewise, there you have it. If you know your algorithm is shaky, you'd better count on obscurity for security, because once the hole is known, cracking becomes trivial. Far better to use a known, tested, and secure algorithm which is only known to fall to brute-strength attacks.
The fallacy of your argument is this false syllogism:
Poor algorithms are secure only when obscure.
Algorithm X is not obscure.
Algorithm X is not secure.
There are in fact algorithms which are quite well known -- DES, Blowfish, Twofish, RC4 -- but which provide security (at least with a sufficiently large key length). Schneier's book will provide you with much more information on this topic.
Security through obscurity -- whether a weak encryption method, Navajo scouts, or invisible ink -- work when there is a strong time-sensitivity to data. "Cracking" front-line reports from WWII scouts after hours or days would be of little value. Cracking personal, business, or government secrets after months or decades could be a serious threat. Do you really want to trust such information to a flaky algorithm and a fragile ability to keep it unknown?
I've since had an email response from Anthony with a new phone number and an explanation. He registered the site when he first started hearing about an Amiga-Transmeta connection. Some members of the Linux press were present and may have more to report. Anthony promises to fill in the website with more information later.
From the LinuxToday story, it's been noted that the story was written by and reported by an Anthony Kilna. A whois query turns up a record for METAMIGA.COM, registered 17 July, 1999. The phone number listed, (619) 677-9830, responds with a "disconnected or no longer in service" message.
Which isn't to say this is a fake, but I'm dubious at present. There are details BTW at http://www.kilna.com/.
I've emailed Anthony for more information, we'll have to wait and see what turns up.
One of the quips on X sheds some light though "How to make a 50 Mips workstation run like a 4.77 MHz IBM PC". Courtesy of Mr. Moore, consumer desktop PCs are shipping with 10 times the CPU speed and memory of a what was once a top-of-the-line workstation. When you add network bandwidth to the equation -- X was (and is) used to run many apps remotely on a server or other workstation to the local display -- X was a pig.
The world's changed a lot. Most of the complaints against X have been repaired either by fixing the original problem, or more often, by upgrading the environment.
Slashdot Mirror
There's a bit of info at his homepage and resume. I think you might have found your sophisticated know-how.
Greg Pfister's book is good -- the details are somewhat dated, though the conceptual portion appears to be aging well.
Distributed net has a page with references for other texts on clustering. `Course, you can always check out the related book purchases links at Amazon.
Figures I've seen (IIRC, from Gregory Aharonian) are that pre-trial costs average US$100k, a case taken to trial average US$1m. Bogus patents are effective because they're too expensive to fight.
An Anti-Patent Patent League -- usually conceived as a patent pool, has been suggested by John Walker of Autodesk, L. Peter Deutsch of Alladin Software, Richard M. Stallman of FSF and LPF, and is now part of a proposal floated by Eric S. Raymond.
While theoretically workable, the obvious problem with the idea is that it hasn't been made to work yet -- though circumstances are changing. Patent pools have some serious organizational and logistical problems. Essentially it puts free software in the position of relying on the kindness of strangers, and patents are still expensive to aquire, maintain, use, and defend.
An alternative I proposed in several areas a few weeks ago is to try to extend the already significant power of copyright as used in free software licenses such as the GNU GPL, NPL, and IBM Public License. Copyright is easily aquired, already held by free software developers and interests, fairly easily defended and asserted, and lasts for fscking ever (life plus 70 years).
The mechanism is to add a termination clause to a software license which says words to the effect "this license terminates, and the rights granted, but not the obligations required, if you initiate patent infringement actions on any licensee of a class of software". The definition of the class is key -- it could be a list of important programs (say gcc, glibc, Linux, bind), a list of projects (say, any GNU project), or all programs covered under a particular license or set of licenses. This is similar in almost all respects to existing software licenses except that terminating actions are extended to a class of software rather than the immediately covered work.
I've outlined the idea a bit more fully at Infoworld Electric's Forums.
There are a number of problems identified -- businesses may be deterred from using software with such a poison pill, a company which seperates its patent holdings from its main operations may thwart the intent, penalizing beneficiaries of abusers of the license may be necessary but difficult, the clause might be considered a "patent grab" (I think it is, but there's a strong quid pro quo).
Still, if I may say so, it's an interesting and novel approach.
I've heard (though not benchmarked) that a ramdisk will swap out, allowing other system processes (or cache) to utilize memory, and that access through a swapfile is more efficient than access through a cache. I'd be interested in hearing of|seeing benchmark results or comparisons of ramdisk performance vs. cache hits on otherwise identically configured boxes -- same memory, same OS, same load. The discussion was general (other Unices, NT, etc.), not specific to Linux, so YMMV applies.
Any takers?
My moderation of this post was undone through the broken "Post Anonymously" button (post is anonymous but moderation is undone).
If anyone else shares my sensayuma, give the post a well-deserved point. It's spot-on.
Mailed to malda
This is a bug, Rob. If I were to log out and post anon the behavior would be different.
I disagree with the entire "don't moderate and post to the same discussion" rule -- it's too easily circumvented by either posting anonymously or by obtaining multiple IDs (kmself & kmself-post). I'm also much more likely to be interested in posting and/or moderating to articles I am interested in. I don't post much, but when I do this is a really annoying restriction.
I have a couple of other gripes with moderation:
Additionally, I think most of the AC abuses would be curbed if AC posts had to pass through a moderator for approval (seperate point basis, non-anonymous).
But the 'post anon' mod-undo is really bugging me.
--
Karsten M. Self (kmself@ix.netcom.com)
What part of "Gestalt" don't you understand?
SAS for Linux: http://www.netcom.com/~kmself/SAS/SAS4Linux.html
Mailing list: "subscribe sas-linux" to mailto:majordomo@cranfield.ac.uk
11:24am up 2 days, 15:04, 0 users, load average: 0.23, 0.17, 0.17
Having paid my way through much of college driving a Xerox 9200 and 5090 ("DocuTech") at a franchise named for curly hair....
Most full-service copy shops will have both a mondo electric paper cutter (it will handle several reams of 11x17, your book is no problem) and the equipment and materials to throw on several types of binds -- combs, velo, spiral wire, etc. Cost is a few bucks.
Though I don't think I'd chop and rebind my books (unless they were falling apart), I have bound some documentation I've printed myself.
But the intelligent threads aren't direct followups to trolls. The first poster gets penalized (maybe the penalty only applies if the post itself is a counter-troll), the rest of the thread is not a direct response to the troll, they are responding to (presumably) slightly more informed discussion. No penalty. Incentive: don't feed trolls, if you must, provide an informed response.
Yes, I've seen a number of trolls generate interesting discussions, but it's usually at a very high S/N cost. See for instance Lewis A. Mettler on open source and security, at Infoworld Electric.
Yes, it ended up producing some intelligent comment, but only at the cost of much, much noise (hundreds of direct posts and thousands of followups). Note Mettler's own followups to my summary and Bob Brewer's (tseliot, mentioned near the top of the link provided). Talk about a one-tune whistle!
Granted you've got to build in the safeguards, but it's doable.
Ok, maybe random ordering would help a bit simply to get stuff moderated. But it doesn't address the psychological impact of seeing hundreds of posts on one topic.
Might also pay to make habitual troll-respondants subject to the same penalties as trolls themselves -- negative kharma.
I'd like very much to see this. Moderating is a power and a privilege, it should come with an accompanying responsibility.
At the very least, /. should be tracking frequencies of moderator by poster. Vendettas should stand out quite clearly -- normal moderating patterns will tend to be fairly random (and highly AC, I suspect).
Moderators doing this get a nastygram the first time (and lose moderation points, and have current moderation undone). Second time they are permanently banned from moderating. Subject to personal appeal.
...if the 'Troll' attribute isn't revealed to the moderator, how would they know which posts get tripled and which don't?
Problem is that this introduces a registration process for ACs. Part of AC is a CYA for Rob: he doesn't know who you are and he can't find out who you are. He can't spill you to the Feds, InterPol, the Black Helicoptors....
An alternative option might be for all AC posts to have to be filtered by a moderator prior to showing up in the general discussion. Only moderators would see unmoderated AC posts. Multiple moderators would be able to vote an AC post in or out, so the system wouldn't be overly susceptible to moderator abuse. The tragedy of the Stevens article would likely have been avoided.
Rob's plan may not be perfect, but its approaching an ideal. Give someone a second chance (and a third and a fourth and a fifth), then revoke their rights for abusing a privilege. The mechanism might need some work, but the idea is good. I think it's about three chances too many though.... Censorship isn't based on content, it's based on abuse, it's short term and it's quick. Fits the crime, IMO.
The payoff of a troll is the rise it generates. No troll = no rise. Much the same way that some one of the most effective anti-graffiti measures is to simply cover the stuff up as soon as it appears. No art, no impact. Takes away the satisfaction of doing it.
Moderation should mostly focus on hitting posts which are scored too low, and somewhat on posts scored too high. It's easy to get the latter (thresh >= 3). It's really hard to skim the crud (thresh <= 1 or 0) for things which should move up. I'd like to see both min and max scores be configurable in the browsing interface. Randomizing post order doesn't really solve the problem -- in a sufficiently long forum, you'll hit moderator overload no matter what.
Moderation of itself seems to work -- fairly well, most of the time. Posts which are "good" get moderated up consistantly, posts which are "bad" get moderated down consistantly. Posts which are controversial, however, get bounced up and down, and the net score may not reflect the true measure of the post's significance.
I've suggested previously a couple of changes to the browsing interface:
I've often found my five moderating points are insufficient to the task. I also dislike the fact that I cannot both post and moderate, and am about this close to coming up with post-only and moderate-only IDs.
Other vague gripes -- it's not always clear what the moderation categories mean (is "funny" up or down), it might be better to simply have an up or down vote, plus optional description. The current options should have an indication of direction (+/- would do it). The categories seem incomplete.
Finally, there ought to be a feedback discussion for Slashdot where users can post their concerns and vote features up or down. Re-open the discussion on a regular basis (say every week or two) to flush out and start over, but keep the old feedbacks for historical perspective.
Try xfstt or other font servers listed at Freshmeat.
Tcl/Tk and Motif tend to be a bit on the mondo side. GTK and Qt have much cleaner, more PC|Mac -like wigets. This is an applications development issue for the most part.
Just wait. Meantime, there's always Quake....
Strong second on Steve McConnell's books, though my personal favorite is Code Complete. Steve continues to write on this topic, and is using his current position as editor of IEEE Software to continue spreading the gospel^H^H^H^H^H^Hmessage.
He's been getting curious about the open source movement and the Linux phenomenon -- note Software's Jan/Feb 1999 Linux edition, and the editor's column and response in the current (Jul/Aug 1999) issue. Access is limited to IEEE and ACM members, but editor's columns tend to show up after a month or so at the Construx website.
Among Steve's criticisms of OSS are that design and architecture documentation are sorely lacking. As others have noted here, there are many instances where free software has set sights on existing functionality -- implementing systems the way they should have been in the first place, often closer to the design documentation than the proprietary application.
Looks like real-world experience suggests that if you know your algorithm is going to be shaky, keeping it in the dark is the wisest course of action.
And likewise, there you have it. If you know your algorithm is shaky, you'd better count on obscurity for security, because once the hole is known, cracking becomes trivial. Far better to use a known, tested, and secure algorithm which is only known to fall to brute-strength attacks.
The fallacy of your argument is this false syllogism:
There are in fact algorithms which are quite well known -- DES, Blowfish, Twofish, RC4 -- but which provide security (at least with a sufficiently large key length). Schneier's book will provide you with much more information on this topic.
Security through obscurity -- whether a weak encryption method, Navajo scouts, or invisible ink -- work when there is a strong time-sensitivity to data. "Cracking" front-line reports from WWII scouts after hours or days would be of little value. Cracking personal, business, or government secrets after months or decades could be a serious threat. Do you really want to trust such information to a flaky algorithm and a fragile ability to keep it unknown?
I've since had an email response from Anthony with a new phone number and an explanation. He registered the site when he first started hearing about an Amiga-Transmeta connection. Some members of the Linux press were present and may have more to report. Anthony promises to fill in the website with more information later.
From the LinuxToday story, it's been noted that the story was written by and reported by an Anthony Kilna. A whois query turns up a record for METAMIGA.COM, registered 17 July, 1999. The phone number listed, (619) 677-9830, responds with a "disconnected or no longer in service" message.
Which isn't to say this is a fake, but I'm dubious at present. There are details BTW at http://www.kilna.com/.
I've emailed Anthony for more information, we'll have to wait and see what turns up.
Hi, Jamie.
This is also in the Unix Hater's Handbook, referenced from your site, of course.
One of the quips on X sheds some light though "How to make a 50 Mips workstation run like a 4.77 MHz IBM PC". Courtesy of Mr. Moore, consumer desktop PCs are shipping with 10 times the CPU speed and memory of a what was once a top-of-the-line workstation. When you add network bandwidth to the equation -- X was (and is) used to run many apps remotely on a server or other workstation to the local display -- X was a pig.
The world's changed a lot. Most of the complaints against X have been repaired either by fixing the original problem, or more often, by upgrading the environment.