Re:Good For Them
on
Mandrake News
·
· Score: 5, Informative
If you buy the CD from anyone but Mandrake directly, they only get about half of the money. This isn't necessarily a bad thing, because if distributors and retailers are making money from Linux, it'll get more shelf space. But I don't really think Linux NEEDS to be on the shelf all that much yet... it's getting to be a pretty okay desktop, but it's not ready for Mom to install on her own. It's Mom-ready after it has been installed, but the geeks who know how to install it also know how to find it online.:-)
Seems to me that the basic membership ($5/mo) is a nice way to give them a steady revenue stream, which is important for software businesses.
I downloaded the OS, so so I felt a bit obligated to subscribe. I got StarOffice 6.0 as well, because I subscribed at the silver level. ($10/mo or $115/year.) As long as I keep getting bennies that are worth it, I'll keep resubscribing at that level, but I will renew at least a basic membership for as long as I keep using the distro.
Star Control 2 was highly derivative of several games of that time. I have a distinct memory of thinking that it stole blatantly from three games, but I can only remember Starflight now.
Regardless, it was a work of surpassing excellence. The story was entirely original, and the the mix of combat/exploration/puzzle solving was probably the closest to perfect of any game of its era. The resource-gathering got a little tedious... probably the only real weak spot.
I loved this game so much that about three years ago, I Ebayed a used 3DO console explicitly to get its superior version of SC2. I have played it through twice since, and I assure you it stands up with the very best of today's games. I would love it if the original designers were to do a REAL sequel... plain ol' 2D would be fine, and I'd pay top price for it. The storyline they had going was fantastic. Funny, VERY funny.... but interesting at the same time. Rare combination.
Of course, this means that my carefully-preserved 3DO version will lose value, but it's probably just as well. Hardware breaks, and source code can be preserved indefinitely.
As an aside, for fans of old games, Star Control is probably #2 or #3 in my all-time-favorites list. #1 is probably Chrono Trigger, on the Super Nintendo. Very rare cart, but the emulators are good enough to play it almost perfectly now. It is a VERY long game with an intricate plot. You just won't believe what they managed to squeeze into a 4MB cartridge.
I don't know where you're getting this crap, but you're just flat wrong.
You can test the ext2 thing yourself. Here's an example that's almost certain to leave you with filesystem damage. Install postfix, set up a dedicated/var/spool/postfix ext2 partition, start loading it with a thousand or so small, non-deliverable messages (so they stay there awhile, postfix is really fast), and pull the plug about halfway through. You'll get fairly severe damage almost every time, to the point that the machine won't reboot without manual intervention. Probably 90% chance.
Another example was when I first installed Linux in a professional environment. It ran DNS for us very nicely for a year or so, and then the power supply failed. The damage to the filesystem was EXTENSIVE. It took me a lot of work to fix it, almost to the point that it might have been faster to just rebuild it. It had several hundred crosslinked files, and I had to essentially take manual notes and copy damaged system files back in from the secondary machine. At that point I didn't know about RPM auditing; I suspect that would have made my life a lot easier. (although I don't know if RPM did that back then, either.) Regardless, it took me a long time to fix the machine, and my boss was Not Happy.... Linux was a hard sell there and if DNS had run reasonably well on Microsoft boxes at the time, that would probably have been the end of the experiment.
Keep in mind that we had a couple of hundred NT (4.0) machines at that same shop, and in the three years I was there, we never lost a byte of data. We had to reboot the goddamn things constantly, but we NEVER got filesystem corruption or lost data. Ever. I had a couple of hard drive failures, and I was still able to pull most of the data off dying drives; the drive itself had damaged the filesystem, but after cooling off, a chkdsk was able to restore things well enough for me to pull the data off. Ext2 loses data just from a power failure: NTFS does pretty well with a malfunctioning drive. There just is NOT a comparison here.
Your linked article says that NT choked and died after a week of heavy use, which I won't dispute, as it sounds easily possible. However, your article doesn't say ANYTHING about the filesystem. It does not support your argument. Nothing I have seen DOES support your argument. The filesystem is probably NT's strongest point. If there were problems with it, the newgroups would be filled with screaming anguish, and you can be sure that Slashdot would run many articles on unreliable NTFS..... but in the real world, that doesn't happen. You just don't see many complaints on that front. Everything ELSE, yes, but not the filesystem.
Then you say 'from a system administration perspective, I want a filesystem that keeps its data and stays fast under any load'.
Well yeah, I'd like that too! A server I could hang millions of clients from.... ANY load. Woohoo.
It sounds like your primary worry is speed. I won't argue about ext2 being fast; it is very fast for most uses, and I have no complaints about it on that front.
But I meant 'you don't lose data on NTFS very often' when I said 'robust and resilient'. Usually, I don't need speed as much as being SURE the data will be there when I go back to get it. Under ext2, that's just not the case.... a power failure can result in a huge amount of damage to the filesystem. It can usually be recovered with expertise and time, but a *good* fileystem, IMO, wouldn't have that problem.
From other posts in this thread, I may have been incorrect about NTFS4 being journaled. I thought it was. NT 4.0's filesystem was a LOT more robust than ext2, but I suppose that might not require journaling. I know that all versions of NTFS were designed to maintain the filesystem in a consistent state... you might lose data in open files, but you would almost certainly not lose the whole filesystem. (I thought that was marketroid for 'journaling', but may have been wrong.)
From a system administration perspective, that's what I want.... losing the whole server is Not Good.:-) NTFS5 may be better, but NTFS4 was excellent, in my experience. I think Linux is only just now getting there, and I'm still not entirely convinced.
I've been using Linux a long time, and as far as I know, the statement "linux had journaling filesystems before NT" is absolutely, utterly false. NT 3.51 had journaling.
Linux didn't have journaling in the mainstream kernel until the ext3 patches were accepted. You could probably have gotten some journaling under Linux with manual patching and installation of beta software in the NT 4.0 timeframe, but I don't believe the mainstream distros offered journaled filesystems until after Windows 2000 shipped.
Further, NTFS is extremely robust and resilient. It's EXTREMELY unusual to lose data from an NTFS partition. Compare that to reiserfs, which has had many, many, many problems over the years. (I believe it is considered stable now.)
Admittedly, to some degree, NT *had to* have a great filesystem, because it was unstable. And Linux could get away with the horrid ext2 filesystem because the OS was so reliable that the filesystem was very rarely shut down incorrectly.
But, regardless, NTFS got journaling and ACL's really *right* long, long ago. Between the two features, it's a lot better than anything Linux offers (yet). Linux is improving rapidly, but filesystems and permissions are core NT strengths and should not be casually dismissed.
So because other countries are dirty, that makes us clean? I think not.
A government obtains its power through the consent of the governed. Maintaining it at their expense by spying on them is a mark of fascism, not democracy.
I realize you're explicitly not asking this question, but I can say that a $2500 G4 + $300 in RAM is very quick. The dual processors seem to allow it to maintain responsiveness even under a good bit of load. I haven't stressed it heavily yet (still learning the system), but I'd call it roughly comparable to my Athlon 1900+ running Windows 2K.
If I understood correctly what I read in the Missing Manual for OSX (decent book, but aimed more at Mac OS 9 users than at Unix geeks), each Quartz window actually allocates enough RAM to fill the screen. This means that running multiple apps will drain your RAM a little faster than you might otherwise expect, especially on a big monitor.
I have a friend with an iMac (the one with the 17" widescreen), and he's quite happy with it. He's a Linux geek from way back, and says it's similar to his 1.5ghz P4 system. I *think* he expanded his RAM too, but I'm not certain.
On my system, with 1.25gb of memory, I don't think I've ever seen it go much below 750MB free. But I'm not doing all that much with it yet. I don't have any commercial apps running, just the stuff that comes with it and the vast library of open source stuff that I'm used to. I would guess that 512MB would probably be very comfortable for normal use, 768MB if you're running lots at once.
The only app I've run that seems slow is Angband Carbon.... the screen updates on that application are rather sluggish. I haven't tried compiling the X Windows version yet, but I'll bet almost anything it's faster. I don't think Carbon is very efficient. Oh.... I almost forgot. MacMame is DIRT SLOW on this machine. It's also Carbonized. Probably not a coincidence. OS X will run Carbon apps, but I don't remember seeing anything about it running Carbon apps *well*.:-)
In essence, starting from scratch on 10.2 on a new system, I have no speed complaints at all. The machine doesn't dazzle me. I wouldn't describe it as 'lightning quick', but it would never have occurred to me to call it slow, either. Hopefully you can extrapolate down from there to iMac level.
Nvidia is getting a strong advantage from their proprietary drivers.... if they were open source, how much you wanna bet that ATI's OpenGL drivers would be running just fine?
Releasing the source is not always a good idea. I really don't like the Nvidia binary drivers, but they'd be shooting themselves in the foot if they gave away the source code for their excellent OpenGL support.
They're quite expensive, but I have heard many, many times over the years that PC Power & Cooling makes some of the finest supplies in the business. Every machine I own uses them. I particularly like the Silencer 400. They're down to under $150 now. I paid around $250 each for the two I have, and would cheerfully buy more at that price. (IANAEE, but I've had no problems with any of the four PSes I've bought from them. All are still in service.)
I really wanted to see if they actually are as good as has been claimed.. I'm amazed that Tom left them out. Maybe if enough PCP&C fans whine, he'll do an update?
Re:the ultimate Amiga error message was great...
on
Gnarly Error Messages
·
· Score: 3, Interesting
Oh duh. Sorry, you're right. Pre-emptive without memory protection. Examples of cooperative multitasking are Mac OS9 and earlier(tolerable) and Windows 3.1 (well beyond horrible).
I met RJ Mical once, the man who wrote Exec, which was the Amiga's multitasking engine. (I think it would be called the scheduler/dispatcher now.) Exec was responsible for the extremely, extremely efficient context switches that made the Amiga so fast and responsive. Motorola used to use his code as an example of 'how to do multitasking on a 68000'. I have a vague memory that Exec did a context switch in something like 11 instructions.
I am rarely speechless, but I was there... what do you aay to a demigod? (well, other than 'thank you', which I think I did manage.:-) )
When the Amiga crashed (and in the early days, it crashed A LOT), you got a flashing red box at the top of the screen that said (roughly, it's been many years): 'System Error. Press any key or mouse button to reboot. Guru Meditation #:' and then some long string of hexadecimal digits. I believe the implication was that a systems guru could meditate on the number to understand the problem with the program that had crashed the system. (and yes, individual programs could easily take down an Amiga... cooperative multitasking is bad that way.)
I don't think anyone liked their computer crashing, but folks were disappointed with Commodore for changing it, in later versions, to something like 'System Error #:'. Guru meditations were much cooler than the Atari (or mac?) bomb icons. At least, if it had to crash, it did so impressively.:)
(You could also tell a power Amiga user by a habit they developed... that of jiggling the mouse all the time. Often, the only sign of a system crash was the mouse pointer ceasing to work... so Amigans got in the habit of constantly moving it to make sure the computer was still working. Took me years to get over that, myself.)
Isn't it more accurate to say that *on average*, random data is incompressible? You could potentially generate a thousand bits of random data that was all 500 1s followed by 500 0s... it would compress very well, and would be random.
Presumably, a small random file would usually be somewhat compressible, but the longer the file became, the less compressible it would be.
From real-life experience, I can assure you that this is accurate. I posted here in a related topic.
Basically: scripting is everything. If you understand shell scripting and perl, you can make Unix machines dance. A real Unix wizard can nearly bring about world peace from the command line.
Scripting in Windows is much harder. It can be done, but it's relatively alien to the system, and some complex things are unscriptable.
Windows 2000 has improved this capability a lot. If they have been studying for three years, chances are that a lot of the machines are still 4.0. A true from-the-bottom-up 2K network is A LOT easier to administer than 4.0. One poster in the linked thread claims to be running about 200 clients and 37 2K servers all by himself. With 4.0, I don't think that would be possible. Things would break faster than you could fix them. With 2K I can just barely imagine doing it, though I bet that guy is incredibly busy.
Linux is easier still to administer. Perl, ASCII text configuration files, and separation of services beat Kixstart and the registry hands-down.
I keep running into the concept that some technological revolutions were 'inevitable'. Per this theory, SOMEONE would have invented the cotton gin, even if Eli Whitney had died young. But then I look at Tesla and alternating current and I truly wonder if anyone else on the planet could have done what he did.
I'm curious as to whether or not you think the Internet, or something like it, was inevitable? What were the crucial success points? Were there individual places where, without someone being truly and irreplaceably brilliant, the Internet would not have come to be?
I bought a dual-G4, and it's fairly nice, but don't buy the hype. I really suspect there's some 'astroturf marketing' going on, and I think maybe the/. crowd is buying it.
I mean, the system looks FANTASTIC, but the just-works thing is crap. My printer doesn't work with OS/X.. it's the one thing I really wanted to work, and it doesn't. Not even the Gimp-Print people have a driver for it yet.
And Unix stuff is a royal pain in the ASS to get running well.
I posted a long critique on the O'Reilly website, home of the major cheerleading -- I attached it to his second article. (Link here).
It *looks* wonderful. And the notebooks may be absolutely fantastic: I have not worked with one. (Linux is apparently pretty weak on notebooks). But as a desktop... if you're really a Unix guy, you're probably going to be happier with Mandrake. If you're a Mac person, then OS/X is a no-brainer, IMO.... but Unix geeks should be wary. There's simply not as much 'there' there as Apple, and what I believe are its astroturfers, want you to believe.
They should change their logo to: "Everything just works, as long as it's not Unix stuff". (or particular printers)
Do you have a pointer to a conversation about that? My experience with pf in 3.0 was that it was great for small sites/firewalls, but choked badly in full-scale production. (I'm sure it's better now). I didn't see any features in it that I thought were superior to iptables.... if anything, it looked like iptables did more.
Not trying to start a flamewar here, just interested in where you developed your opinion?
I've hated this stance by Stallman forever. He casually interjects this GNU/ stuff into totally unrelated topics... if someone says 'Linux' where he sees or reads it, he seems somehow duty-bound to attack. I actually exchanged some rather heated words with him for cluttering up a totally unrelated mailing list with his gripes. (He ended up calling me "a hostile person".... which I am, when someone wants to evangelize about Linux naming on a security mailing list.)
If it's REALLY the GNU part that is important, then in 25 years, the GNU name will still be around, but Linux itself will be pretty much obsolete and gone, supplanted by some other kernel to run the GNU system software. I think this is an entirely possible outcome.
If it's really Linux that's important, then things will go on pretty much as they are now.... most folks will use/say Linux, and will appreciate the great GNU tools that work in their Linux operating system.
A number of years ago (in the 1995 timeframe), I was told by my boss that 1 admin per 30 Windows machines was about normal, and 1 admin per 100 Unix machines was roughly equivalent. My later experience roughly bears that out. With NT 4.0 networks, you need a second person fairly early. At about 20 machines, assuming you're growing quickly, you'll want help. You'll want to add another person at about 50, and you should be good with three up to 100 clients or so.
Windows 2000 has added many automated tasks in Active Directory, but when I last worked with it (without service packs), those things tended to be a bit flaky at times. I suspect you probably need the same three guys at 50 machines, but you can probably scale them to 150-200. This is purely theoretical, and is based on a six-month contract learning and setting up a brand-new Windows 2000 network, back pre-SP1. I'd be interested to hear from any experienced 2K admins whether or not my wild-assed guess is accurate.
I'm now the sole admin in a network of about a hundred Linux machines. I'm busy as hell, but I can keep up with things. Scripting is lifesaving. With a well-set-up cluster, you can script almost anything, and can scale from 2 to 2000 machines in much less than linear time. (ie, 2000 machines is probably 20 times as hard as 2, not 1000 times.) I could definitely use help, but I bet that two of us could scale to at least 400 boxes.
As other people are pointing out, what Sun's solution is going to do is replace all the low-end stuff, all the routine things that the beginners do. That's going to make it really hard to break into the sysadmin market... either you already know it all and can run the whole network, or you don't really know anything and can't get hired. It's a nasty catch-22.... you'll need experience with large networks to get experience with large networks. It'll suck to be coming out of college into that kind of environment.
In general, I tend to think that you're not really doing your job well, as a sysadmin, unless you're putting yourself out of a job every day. A really well-run network should run great whether or not you happen to show up that day -- or that week, or that month. That's sort of an abstract Holy Grail... real networks don't work like that, but it's a good goal. The closer you approximate it, the better you're doing. If you drop dead tomorrow and the company isn't terribly injured, you were doing a good job. (or you weren't doing anything:-) )
I suspect that nearly all tech jobs are temporary.... eventually the tech will change and render most jobs obsolete. This is true of technology in general, but it's happening a lot faster in computers than in other, older technologies, like autos or televisions. Obsolescence happens quickly, well within individual techy lifetimes.
Remember, computers are very new, compared with most human technologies, and everything is still jury-rigged and labor-intensive. Gradually that's going to go away, and there will be a need for fewer and fewer people doing the jobs we do today. But... as these lower layers get sorted out and finalized into best practices and insta-networks (just add a drop of water) a whole new class of jobs will arise, USING those networks to accomplish things. And I suspect that those jobs will be tremendously more interesting than the ones we have now.
Just like we need far, far fewer man-hours to make a ton of steel than we did in 1900, we'll need far fewer creators-of-networks. That's the nature of capitalism: creative destruction. Overall it's very good, but it's hard on the people in the middle of it.
I think you misunderstand. This isn't "open port 113 from anywhere after any connection on port 6667", it's "allow (only!) the target of a 6667 connection to open port 113 back to the originating machine." I don't remember the default timeout, I think it's like 10 seconds.
Why is this useful? Because irc servers that use ident wait until the connection fails to allow you in. I don't want the whole world hitting that ident port. I want to implicitly give that server permission by my connection attempt. And of course (this is in response to the other poster), I run a fake identd that just returns what I want it to return. I don't like identd itself, but I DO like to connect to irc servers very quickly, and with my normal 'username'. The only way I've found to do this is to open port 113 to everywhere. I prefer the PIX approach of opening a brief window after a connection attempt implicitly grants permission. Yes, I realize that this is imperfect security, but it's better than open-all-the-time-to-everyone.
This has been mentioned above, but not very clearly. As far as I know, the PIX software also requires an activation key, which costs money. You might be able to get one from a warez utility, but it is an extra step, and it is illegal. Also note that Cisco charges extra for the ability to just secure shell into your firewall(!). Unless you cough up a whole bunch of extra money, you have to use TELNET to configure a FIREWALL. This is really lame.
Further, the PIX just isn't a very good firewall.
The hardware is well-built but incredibly underpowered. The one we have at work is only 200mhz. I don't know how far that will scale, but, personally, I don't think I'd want to be putting more than about 5 megabits through it. And Cisco charges about 12,000 dollars for the PIX.(!)
The command syntax is really hard to figure out. It just makes no sense at all. The documentation on Cisco's site is excellent, but I always have to resort to cookbook examples, because I don't use it every day.
The default configuration is 'allow all outbound traffic and all inbound replies'. It is very hard to change this. If you want a fairly secure network, you shouldn't allow direct outbound connections, but rather only through a proxy device of some kind. If your security policy requires outbound connection restrictions, this is really awkward to implement with the PIX.
The PIX isn't a very good router, either. It doesn't support most of the 'real' IOS commands. You can do some routing with it, but it's not very flexible.
I've worked with a lot of firewalls and have done a lot of firewalling, and in my opinion, Linux with iptables is about the best thing going. You will have to spend significant learning time to figure it out, as the documentation is not very good, but once you do, you can do pretty much anything with it. Linux has always been a great router, and with the introduction of iptables, became a great firewall too. If you don't want to build rules by hand, there's a program called 'fwbuilder' that gives you a Checkpoint-like GUI. FWBuilder also speaks OpenBSD's pf and I *think* Checkpoint's firewall language, but I'm not sure about that last.
OpenBSD has a good reputation as a firewall. I used it at home for a couple years, but I have moved to Linux since then. The PF language is very clean and easy to read, and if you're just starting with firewalling, it can be a good first opensource firewall. However, there were big performance problems with OpenBSD's bridging firewall code in 3.0; it choked hard over about 25K connections, and past about 30 megabits it just froze up for random periods of time. Very frustrating. Linux on the same hardware (with the iptables bridging patch) handles over 60 megabits flawlessly. And going over 30k connections is trivial; you simply echo a large number into a variable in the/proc filesystem. I searched and searched and could NOT find any way to do this on BSD. It may exist, but I couldn't find it.
They may have fixed the performance problems in more recent revs of OpenBSD. 3.0 was the first release of pf, and I threw it into a monster production environment based on the OpenBSD team's reputation. The later revs may be much better, but as of 3.0, Linux absolutely destroys OpenBSD as a firewall.
There's one cool thing the PIX does that I haven't figured out how to duplicate manually. It has an 'established' command, which allows you to say: "If I open a command on port X, allow a return connection on port Y for a short period of time." This is useful, for example, for IRC, where you connect on port 6667 and an ident connection comes back in on port 113.
I asked about this feature on the OpenBSD newsgroups, and got scoffed at... according to them, it's more secure to leave the port open all the time to everyone than just to allow return connections from a host to which you have connected and only for a short period of time. Frankly, I think that's just stupid. It's the typical apologist reaction... "that's a dumb feature to ask for because it's hard to do". They'll say it's stupid until someone takes the time to implement it, and then suddenly that's the only way to go and any system that doesn't do that is obviously broken.
I haven't found that capability in the Linux iptables stuff either, FWIW. As far as I know, only the PIX does this, and I consider it a very useful feature. (you can sort of simulate it with some of the kernel modules for different protocols, but I haven't found a way to do an arbitrary set of ports).
If you can live without the 'established' command, though, I'd probably, overall, recommend the Linux/FWBuilder combo. If you want to learn more about firewalling, OpenBSD's pf language is a nice simple way to start.
And if you really want to spend money on a firewall, Checkpoint is a much better solution than the PIX. It has many enterprise-class features that the free alternatives lack, like good VPN support and great support for managing clusters of firewalls. The Nokia Checkpoint boxes are *really* cool; they are based on a custom BSD-derived kernel. They cost more than the PIX, but in my opinion are wildly better and well worth the extra. (when I last looked, the prices on the Nokia boxes were in the 20K+ range. They may have dropped since the dotcom blowup.) The administration is easy, you get the power of BSD, and the hardware is really well-built. Very, very cool boxes.
There have been user groups for computers since computers first started selling to the public. There is nothing even vaguely sinister about this. And it was very common for the manufacturer of a given computer to support user groups. They are free training and advocacy... what intelligent manufacturer wouldn't?
Users loved them, because there were usually classes and other people having similar problems... it was a way to be social and learn all at the same time. And back when you could buy several different sorts of computer, it also gave you some emotional comfort... here were other people in the same boat you were in, either sinking or swimming along with you.
They're not that common anymore because of the computing monoculture we have, but.NET is different enough from the mainstream that new user groups might well be useful. Lo and behold, they are springing from the woodwork. It is exceptionally unlikely that this is a plot... there ARE people in the world who like Microsoft, you know, and manufacturer support of user groups just makes basic sense.
Slashdot Mirror
If you buy the CD from anyone but Mandrake directly, they only get about half of the money. This isn't necessarily a bad thing, because if distributors and retailers are making money from Linux, it'll get more shelf space. But I don't really think Linux NEEDS to be on the shelf all that much yet... it's getting to be a pretty okay desktop, but it's not ready for Mom to install on her own. It's Mom-ready after it has been installed, but the geeks who know how to install it also know how to find it online. :-)
Seems to me that the basic membership ($5/mo) is a nice way to give them a steady revenue stream, which is important for software businesses.
I downloaded the OS, so so I felt a bit obligated to subscribe. I got StarOffice 6.0 as well, because I subscribed at the silver level. ($10/mo or $115/year.) As long as I keep getting bennies that are worth it, I'll keep resubscribing at that level, but I will renew at least a basic membership for as long as I keep using the distro.
It just seems like the right thing to do.
Star Control 2 was highly derivative of several games of that time. I have a distinct memory of thinking that it stole blatantly from three games, but I can only remember Starflight now.
Regardless, it was a work of surpassing excellence. The story was entirely original, and the the mix of combat/exploration/puzzle solving was probably the closest to perfect of any game of its era. The resource-gathering got a little tedious... probably the only real weak spot.
I loved this game so much that about three years ago, I Ebayed a used 3DO console explicitly to get its superior version of SC2. I have played it through twice since, and I assure you it stands up with the very best of today's games. I would love it if the original designers were to do a REAL sequel... plain ol' 2D would be fine, and I'd pay top price for it. The storyline they had going was fantastic. Funny, VERY funny.... but interesting at the same time. Rare combination.
Of course, this means that my carefully-preserved 3DO version will lose value, but it's probably just as well. Hardware breaks, and source code can be preserved indefinitely.
As an aside, for fans of old games, Star Control is probably #2 or #3 in my all-time-favorites list. #1 is probably Chrono Trigger, on the Super Nintendo. Very rare cart, but the emulators are good enough to play it almost perfectly now. It is a VERY long game with an intricate plot. You just won't believe what they managed to squeeze into a 4MB cartridge.
I don't know where you're getting this crap, but you're just flat wrong.
/var/spool/postfix ext2 partition, start loading it with a thousand or so small, non-deliverable messages (so they stay there awhile, postfix is really fast), and pull the plug about halfway through. You'll get fairly severe damage almost every time, to the point that the machine won't reboot without manual intervention. Probably 90% chance.
You can test the ext2 thing yourself. Here's an example that's almost certain to leave you with filesystem damage. Install postfix, set up a dedicated
Another example was when I first installed Linux in a professional environment. It ran DNS for us very nicely for a year or so, and then the power supply failed. The damage to the filesystem was EXTENSIVE. It took me a lot of work to fix it, almost to the point that it might have been faster to just rebuild it. It had several hundred crosslinked files, and I had to essentially take manual notes and copy damaged system files back in from the secondary machine. At that point I didn't know about RPM auditing; I suspect that would have made my life a lot easier. (although I don't know if RPM did that back then, either.) Regardless, it took me a long time to fix the machine, and my boss was Not Happy.... Linux was a hard sell there and if DNS had run reasonably well on Microsoft boxes at the time, that would probably have been the end of the experiment.
Keep in mind that we had a couple of hundred NT (4.0) machines at that same shop, and in the three years I was there, we never lost a byte of data. We had to reboot the goddamn things constantly, but we NEVER got filesystem corruption or lost data. Ever. I had a couple of hard drive failures, and I was still able to pull most of the data off dying drives; the drive itself had damaged the filesystem, but after cooling off, a chkdsk was able to restore things well enough for me to pull the data off. Ext2 loses data just from a power failure: NTFS does pretty well with a malfunctioning drive. There just is NOT a comparison here.
Your linked article says that NT choked and died after a week of heavy use, which I won't dispute, as it sounds easily possible. However, your article doesn't say ANYTHING about the filesystem. It does not support your argument. Nothing I have seen DOES support your argument. The filesystem is probably NT's strongest point. If there were problems with it, the newgroups would be filled with screaming anguish, and you can be sure that Slashdot would run many articles on unreliable NTFS..... but in the real world, that doesn't happen. You just don't see many complaints on that front. Everything ELSE, yes, but not the filesystem.
Then you say 'from a system administration perspective, I want a filesystem that keeps its data and stays fast under any load'.
Well yeah, I'd like that too! A server I could hang millions of clients from.... ANY load. Woohoo.
Um, no, I don't want to buy a bridge too, sorry.
It sounds like your primary worry is speed. I won't argue about ext2 being fast; it is very fast for most uses, and I have no complaints about it on that front.
:-) NTFS5 may be better, but NTFS4 was excellent, in my experience. I think Linux is only just now getting there, and I'm still not entirely convinced.
But I meant 'you don't lose data on NTFS very often' when I said 'robust and resilient'. Usually, I don't need speed as much as being SURE the data will be there when I go back to get it. Under ext2, that's just not the case.... a power failure can result in a huge amount of damage to the filesystem. It can usually be recovered with expertise and time, but a *good* fileystem, IMO, wouldn't have that problem.
From other posts in this thread, I may have been incorrect about NTFS4 being journaled. I thought it was. NT 4.0's filesystem was a LOT more robust than ext2, but I suppose that might not require journaling. I know that all versions of NTFS were designed to maintain the filesystem in a consistent state... you might lose data in open files, but you would almost certainly not lose the whole filesystem. (I thought that was marketroid for 'journaling', but may have been wrong.)
From a system administration perspective, that's what I want.... losing the whole server is Not Good.
I've been using Linux a long time, and as far as I know, the statement "linux had journaling filesystems before NT" is absolutely, utterly false. NT 3.51 had journaling.
Linux didn't have journaling in the mainstream kernel until the ext3 patches were accepted. You could probably have gotten some journaling under Linux with manual patching and installation of beta software in the NT 4.0 timeframe, but I don't believe the mainstream distros offered journaled filesystems until after Windows 2000 shipped.
Further, NTFS is extremely robust and resilient. It's EXTREMELY unusual to lose data from an NTFS partition. Compare that to reiserfs, which has had many, many, many problems over the years. (I believe it is considered stable now.)
Admittedly, to some degree, NT *had to* have a great filesystem, because it was unstable. And Linux could get away with the horrid ext2 filesystem because the OS was so reliable that the filesystem was very rarely shut down incorrectly.
But, regardless, NTFS got journaling and ACL's really *right* long, long ago. Between the two features, it's a lot better than anything Linux offers (yet). Linux is improving rapidly, but filesystems and permissions are core NT strengths and should not be casually dismissed.
So because other countries are dirty, that makes us clean? I think not.
A government obtains its power through the consent of the governed. Maintaining it at their expense by spying on them is a mark of fascism, not democracy.
I realize you're explicitly not asking this question, but I can say that a $2500 G4 + $300 in RAM is very quick. The dual processors seem to allow it to maintain responsiveness even under a good bit of load. I haven't stressed it heavily yet (still learning the system), but I'd call it roughly comparable to my Athlon 1900+ running Windows 2K.
:-)
If I understood correctly what I read in the Missing Manual for OSX (decent book, but aimed more at Mac OS 9 users than at Unix geeks), each Quartz window actually allocates enough RAM to fill the screen. This means that running multiple apps will drain your RAM a little faster than you might otherwise expect, especially on a big monitor.
I have a friend with an iMac (the one with the 17" widescreen), and he's quite happy with it. He's a Linux geek from way back, and says it's similar to his 1.5ghz P4 system. I *think* he expanded his RAM too, but I'm not certain.
On my system, with 1.25gb of memory, I don't think I've ever seen it go much below 750MB free. But I'm not doing all that much with it yet. I don't have any commercial apps running, just the stuff that comes with it and the vast library of open source stuff that I'm used to. I would guess that 512MB would probably be very comfortable for normal use, 768MB if you're running lots at once.
The only app I've run that seems slow is Angband Carbon.... the screen updates on that application are rather sluggish. I haven't tried compiling the X Windows version yet, but I'll bet almost anything it's faster. I don't think Carbon is very efficient. Oh.... I almost forgot. MacMame is DIRT SLOW on this machine. It's also Carbonized. Probably not a coincidence. OS X will run Carbon apps, but I don't remember seeing anything about it running Carbon apps *well*.
In essence, starting from scratch on 10.2 on a new system, I have no speed complaints at all. The machine doesn't dazzle me. I wouldn't describe it as 'lightning quick', but it would never have occurred to me to call it slow, either. Hopefully you can extrapolate down from there to iMac level.
I don't think there's anything in the GPL that says the code you release has to be easy to understand, is there?
:-)
If so, I suspect about half the software on Freshmeat wouldn't qualify.
Nvidia is getting a strong advantage from their proprietary drivers.... if they were open source, how much you wanna bet that ATI's OpenGL drivers would be running just fine?
Releasing the source is not always a good idea. I really don't like the Nvidia binary drivers, but they'd be shooting themselves in the foot if they gave away the source code for their excellent OpenGL support.
They're quite expensive, but I have heard many, many times over the years that PC Power & Cooling makes some of the finest supplies in the business. Every machine I own uses them. I particularly like the Silencer 400. They're down to under $150 now. I paid around $250 each for the two I have, and would cheerfully buy more at that price. (IANAEE, but I've had no problems with any of the four PSes I've bought from them. All are still in service.)
I really wanted to see if they actually are as good as has been claimed.. I'm amazed that Tom left them out. Maybe if enough PCP&C fans whine, he'll do an update?
Oh duh. Sorry, you're right. Pre-emptive without memory protection. Examples of cooperative multitasking are Mac OS9 and earlier(tolerable) and Windows 3.1 (well beyond horrible).
:-) )
I met RJ Mical once, the man who wrote Exec, which was the Amiga's multitasking engine. (I think it would be called the scheduler/dispatcher now.) Exec was responsible for the extremely, extremely efficient context switches that made the Amiga so fast and responsive. Motorola used to use his code as an example of 'how to do multitasking on a 68000'. I have a vague memory that Exec did a context switch in something like 11 instructions.
I am rarely speechless, but I was there... what do you aay to a demigod? (well, other than 'thank you', which I think I did manage.
Anyway, thanks for the correction. Duh.
When the Amiga crashed (and in the early days, it crashed A LOT), you got a flashing red box at the top of the screen that said (roughly, it's been many years): 'System Error. Press any key or mouse button to reboot. Guru Meditation #:' and then some long string of hexadecimal digits. I believe the implication was that a systems guru could meditate on the number to understand the problem with the program that had crashed the system. (and yes, individual programs could easily take down an Amiga... cooperative multitasking is bad that way.)
:)
I don't think anyone liked their computer crashing, but folks were disappointed with Commodore for changing it, in later versions, to something like 'System Error #:'. Guru meditations were much cooler than the Atari (or mac?) bomb icons. At least, if it had to crash, it did so impressively.
(You could also tell a power Amiga user by a habit they developed... that of jiggling the mouse all the time. Often, the only sign of a system crash was the mouse pointer ceasing to work... so Amigans got in the habit of constantly moving it to make sure the computer was still working. Took me years to get over that, myself.)
Consider: since RedHat can raise the bard, surely Mandrake can bring back recently-dead kernel hackers. :-)
Isn't it more accurate to say that *on average*, random data is incompressible? You could potentially generate a thousand bits of random data that was all 500 1s followed by 500 0s... it would compress very well, and would be random.
Presumably, a small random file would usually be somewhat compressible, but the longer the file became, the less compressible it would be.
Basically: scripting is everything. If you understand shell scripting and perl, you can make Unix machines dance. A real Unix wizard can nearly bring about world peace from the command line.
Scripting in Windows is much harder. It can be done, but it's relatively alien to the system, and some complex things are unscriptable.
Windows 2000 has improved this capability a lot. If they have been studying for three years, chances are that a lot of the machines are still 4.0. A true from-the-bottom-up 2K network is A LOT easier to administer than 4.0. One poster in the linked thread claims to be running about 200 clients and 37 2K servers all by himself. With 4.0, I don't think that would be possible. Things would break faster than you could fix them. With 2K I can just barely imagine doing it, though I bet that guy is incredibly busy.
Linux is easier still to administer. Perl, ASCII text configuration files, and separation of services beat Kixstart and the registry hands-down.
I keep running into the concept that some technological revolutions were 'inevitable'. Per this theory, SOMEONE would have invented the cotton gin, even if Eli Whitney had died young. But then I look at Tesla and alternating current and I truly wonder if anyone else on the planet could have done what he did.
I'm curious as to whether or not you think the Internet, or something like it, was inevitable? What were the crucial success points? Were there individual places where, without someone being truly and irreplaceably brilliant, the Internet would not have come to be?
LOL... I was looking to see if anyone had posted about this. The site is roughly:
:-)
one
paragraph
per
banner
ad
I mean, the system looks FANTASTIC, but the just-works thing is crap. My printer doesn't work with OS/X.. it's the one thing I really wanted to work, and it doesn't. Not even the Gimp-Print people have a driver for it yet.
And Unix stuff is a royal pain in the ASS to get running well.
I posted a long critique on the O'Reilly website, home of the major cheerleading -- I attached it to his second article. (Link here).
It *looks* wonderful. And the notebooks may be absolutely fantastic: I have not worked with one. (Linux is apparently pretty weak on notebooks). But as a desktop... if you're really a Unix guy, you're probably going to be happier with Mandrake. If you're a Mac person, then OS/X is a no-brainer, IMO.... but Unix geeks should be wary. There's simply not as much 'there' there as Apple, and what I believe are its astroturfers, want you to believe.
They should change their logo to: "Everything just works, as long as it's not Unix stuff". (or particular printers)
(-1, offtopic)
Do you have a pointer to a conversation about that? My experience with pf in 3.0 was that it was great for small sites/firewalls, but choked badly in full-scale production. (I'm sure it's better now). I didn't see any features in it that I thought were superior to iptables.... if anything, it looked like iptables did more.
Not trying to start a flamewar here, just interested in where you developed your opinion?
I've hated this stance by Stallman forever. He casually interjects this GNU/ stuff into totally unrelated topics... if someone says 'Linux' where he sees or reads it, he seems somehow duty-bound to attack. I actually exchanged some rather heated words with him for cluttering up a totally unrelated mailing list with his gripes. (He ended up calling me "a hostile person".... which I am, when someone wants to evangelize about Linux naming on a security mailing list.)
If it's REALLY the GNU part that is important, then in 25 years, the GNU name will still be around, but Linux itself will be pretty much obsolete and gone, supplanted by some other kernel to run the GNU system software. I think this is an entirely possible outcome.
If it's really Linux that's important, then things will go on pretty much as they are now.... most folks will use/say Linux, and will appreciate the great GNU tools that work in their Linux operating system.
Time will tell.
A number of years ago (in the 1995 timeframe), I was told by my boss that 1 admin per 30 Windows machines was about normal, and 1 admin per 100 Unix machines was roughly equivalent. My later experience roughly bears that out. With NT 4.0 networks, you need a second person fairly early. At about 20 machines, assuming you're growing quickly, you'll want help. You'll want to add another person at about 50, and you should be good with three up to 100 clients or so.
:-) )
Windows 2000 has added many automated tasks in Active Directory, but when I last worked with it (without service packs), those things tended to be a bit flaky at times. I suspect you probably need the same three guys at 50 machines, but you can probably scale them to 150-200. This is purely theoretical, and is based on a six-month contract learning and setting up a brand-new Windows 2000 network, back pre-SP1. I'd be interested to hear from any experienced 2K admins whether or not my wild-assed guess is accurate.
I'm now the sole admin in a network of about a hundred Linux machines. I'm busy as hell, but I can keep up with things. Scripting is lifesaving. With a well-set-up cluster, you can script almost anything, and can scale from 2 to 2000 machines in much less than linear time. (ie, 2000 machines is probably 20 times as hard as 2, not 1000 times.) I could definitely use help, but I bet that two of us could scale to at least 400 boxes.
As other people are pointing out, what Sun's solution is going to do is replace all the low-end stuff, all the routine things that the beginners do. That's going to make it really hard to break into the sysadmin market... either you already know it all and can run the whole network, or you don't really know anything and can't get hired. It's a nasty catch-22.... you'll need experience with large networks to get experience with large networks. It'll suck to be coming out of college into that kind of environment.
In general, I tend to think that you're not really doing your job well, as a sysadmin, unless you're putting yourself out of a job every day. A really well-run network should run great whether or not you happen to show up that day -- or that week, or that month. That's sort of an abstract Holy Grail... real networks don't work like that, but it's a good goal. The closer you approximate it, the better you're doing. If you drop dead tomorrow and the company isn't terribly injured, you were doing a good job. (or you weren't doing anything
I suspect that nearly all tech jobs are temporary.... eventually the tech will change and render most jobs obsolete. This is true of technology in general, but it's happening a lot faster in computers than in other, older technologies, like autos or televisions. Obsolescence happens quickly, well within individual techy lifetimes.
Remember, computers are very new, compared with most human technologies, and everything is still jury-rigged and labor-intensive. Gradually that's going to go away, and there will be a need for fewer and fewer people doing the jobs we do today. But... as these lower layers get sorted out and finalized into best practices and insta-networks (just add a drop of water) a whole new class of jobs will arise, USING those networks to accomplish things. And I suspect that those jobs will be tremendously more interesting than the ones we have now.
Just like we need far, far fewer man-hours to make a ton of steel than we did in 1900, we'll need far fewer creators-of-networks. That's the nature of capitalism: creative destruction. Overall it's very good, but it's hard on the people in the middle of it.
Cool, thanks, I will do that!
I think you misunderstand. This isn't "open port 113 from anywhere after any connection on port 6667", it's "allow (only!) the target of a 6667 connection to open port 113 back to the originating machine." I don't remember the default timeout, I think it's like 10 seconds.
Why is this useful? Because irc servers that use ident wait until the connection fails to allow you in. I don't want the whole world hitting that ident port. I want to implicitly give that server permission by my connection attempt. And of course (this is in response to the other poster), I run a fake identd that just returns what I want it to return. I don't like identd itself, but I DO like to connect to irc servers very quickly, and with my normal 'username'. The only way I've found to do this is to open port 113 to everywhere. I prefer the PIX approach of opening a brief window after a connection attempt implicitly grants permission. Yes, I realize that this is imperfect security, but it's better than open-all-the-time-to-everyone.
This has been mentioned above, but not very clearly. As far as I know, the PIX software also requires an activation key, which costs money. You might be able to get one from a warez utility, but it is an extra step, and it is illegal. Also note that Cisco charges extra for the ability to just secure shell into your firewall(!). Unless you cough up a whole bunch of extra money, you have to use TELNET to configure a FIREWALL. This is really lame.
/proc filesystem. I searched and searched and could NOT find any way to do this on BSD. It may exist, but I couldn't find it.
Further, the PIX just isn't a very good firewall.
The hardware is well-built but incredibly underpowered. The one we have at work is only 200mhz. I don't know how far that will scale, but, personally, I don't think I'd want to be putting more than about 5 megabits through it. And Cisco charges about 12,000 dollars for the PIX.(!)
The command syntax is really hard to figure out. It just makes no sense at all. The documentation on Cisco's site is excellent, but I always have to resort to cookbook examples, because I don't use it every day.
The default configuration is 'allow all outbound traffic and all inbound replies'. It is very hard to change this. If you want a fairly secure network, you shouldn't allow direct outbound connections, but rather only through a proxy device of some kind. If your security policy requires outbound connection restrictions, this is really awkward to implement with the PIX.
The PIX isn't a very good router, either. It doesn't support most of the 'real' IOS commands. You can do some routing with it, but it's not very flexible.
I've worked with a lot of firewalls and have done a lot of firewalling, and in my opinion, Linux with iptables is about the best thing going. You will have to spend significant learning time to figure it out, as the documentation is not very good, but once you do, you can do pretty much anything with it. Linux has always been a great router, and with the introduction of iptables, became a great firewall too. If you don't want to build rules by hand, there's a program called 'fwbuilder' that gives you a Checkpoint-like GUI. FWBuilder also speaks OpenBSD's pf and I *think* Checkpoint's firewall language, but I'm not sure about that last.
OpenBSD has a good reputation as a firewall. I used it at home for a couple years, but I have moved to Linux since then. The PF language is very clean and easy to read, and if you're just starting with firewalling, it can be a good first opensource firewall. However, there were big performance problems with OpenBSD's bridging firewall code in 3.0; it choked hard over about 25K connections, and past about 30 megabits it just froze up for random periods of time. Very frustrating. Linux on the same hardware (with the iptables bridging patch) handles over 60 megabits flawlessly. And going over 30k connections is trivial; you simply echo a large number into a variable in the
They may have fixed the performance problems in more recent revs of OpenBSD. 3.0 was the first release of pf, and I threw it into a monster production environment based on the OpenBSD team's reputation. The later revs may be much better, but as of 3.0, Linux absolutely destroys OpenBSD as a firewall.
There's one cool thing the PIX does that I haven't figured out how to duplicate manually. It has an 'established' command, which allows you to say: "If I open a command on port X, allow a return connection on port Y for a short period of time." This is useful, for example, for IRC, where you connect on port 6667 and an ident connection comes back in on port 113.
I asked about this feature on the OpenBSD newsgroups, and got scoffed at... according to them, it's more secure to leave the port open all the time to everyone than just to allow return connections from a host to which you have connected and only for a short period of time. Frankly, I think that's just stupid. It's the typical apologist reaction... "that's a dumb feature to ask for because it's hard to do". They'll say it's stupid until someone takes the time to implement it, and then suddenly that's the only way to go and any system that doesn't do that is obviously broken.
I haven't found that capability in the Linux iptables stuff either, FWIW. As far as I know, only the PIX does this, and I consider it a very useful feature. (you can sort of simulate it with some of the kernel modules for different protocols, but I haven't found a way to do an arbitrary set of ports).
If you can live without the 'established' command, though, I'd probably, overall, recommend the Linux/FWBuilder combo. If you want to learn more about firewalling, OpenBSD's pf language is a nice simple way to start.
And if you really want to spend money on a firewall, Checkpoint is a much better solution than the PIX. It has many enterprise-class features that the free alternatives lack, like good VPN support and great support for managing clusters of firewalls. The Nokia Checkpoint boxes are *really* cool; they are based on a custom BSD-derived kernel. They cost more than the PIX, but in my opinion are wildly better and well worth the extra. (when I last looked, the prices on the Nokia boxes were in the 20K+ range. They may have dropped since the dotcom blowup.) The administration is easy, you get the power of BSD, and the hardware is really well-built. Very, very cool boxes.
He apparently doesn't remember the 80s. :-)
.NET is different enough from the mainstream that new user groups might well be useful. Lo and behold, they are springing from the woodwork. It is exceptionally unlikely that this is a plot... there ARE people in the world who like Microsoft, you know, and manufacturer support of user groups just makes basic sense.
There have been user groups for computers since computers first started selling to the public. There is nothing even vaguely sinister about this. And it was very common for the manufacturer of a given computer to support user groups. They are free training and advocacy... what intelligent manufacturer wouldn't?
Users loved them, because there were usually classes and other people having similar problems... it was a way to be social and learn all at the same time. And back when you could buy several different sorts of computer, it also gave you some emotional comfort... here were other people in the same boat you were in, either sinking or swimming along with you.
They're not that common anymore because of the computing monoculture we have, but