Yes, obviously I meant 1.5TB or 2TB. Darn fingers just don't hit the right keys sometimes. Sigh.
why aren't they selling the compression technology
Anybody remember when Byte reported on some compression software from a company that claimed they had invented new compression technology "not affected by the laws of information theory"? They claimed that it could be applied recursively to compress ANY file to 4KB. IIRC, the reporter said that the beta version compressed his files to 4K, but couldn't decompress them. He said the company was aware of the problem and would have it fixed in the next beta.
Funny how that company and its products didn't take the world by storm. I wonder how much money they got by defrauding investors.
I wasn't too surprised that they could take in a naive reporter, but I was very surprised that an editor didn't kill the story.
I don't know what other backup strategies the community web sites I frequent might use, but one of them is to make copies of their entire site available on multiple DVD sets.
That doesn't work so well if the archive is over 50GB, but at least one site I deal with is willing to give out copies of their >1TB collection if you provide them with a 1.5GB or 2GB USB drive to copy onto.
Any personal data the site may have obviously can't be included in a public distribution, so that needs to be backed up separately.
If you do that, make sure the laptops you're not yet using were put into heat-sealed bags with packages of silica gel (dessicant) in an environment with under 70% relative humidity, and don't open them before you need them. High humidity will cause corrosion and lead to equipment failure, so you can't just leave your spares exposed to ambient air.
I just got back from installing a bunch of equipment in a tropical area (Saipan, Tinian, and Rota, the three inhabited islands of the Commonwealth of Northern Mariana Islands).
If you need the equipment to have any halfway reasonable reliability, it MUST have some environmental control. You could use a NEMA class 5 enclosure if only the humidity was an issue and the equipment didn't dissipate a lot of heat. However, your hardware description indicates that you will have a lot of heat dissipation.
The only other option I can see is having some kind of environmental chamber (i.e., an air-conditioned box) to keep the humidity and temperature under control.
If you don't have that, the equipment WILL fail. It's a matter of WHEN, not IF.
Almost all electronic equipment is rated for operation at a maximum of 90% relative humidity (non-condensing), and much equipment is rated even lower than that.
In the CNMI, the _average_ of the daily high relative humidity is above 90% part of the year, and only slightly below 90% the rest of the year.
Of course they could still enforce their patents. The BSD and MIT licenses don't grant any patent rights, so they could still sue for infringement.
I am not a lawyer, but IMNSHO if they go that route, they should probably put a notice alongside the license stating that the software is subject to patents, with a URL of an MPEG LA web page giving more details.
Heck, I'm working on a BSCS, and I'll probably be 47 or 48 when I complete it (depending on whether I double-major in Math), and then I plan to apply to either an MSEE or PhD CS program, so I'll have another two or more years after that.
And after all that, it probably wouldn't even get me a better-paying job, assuming that I could find anyone that wants to hire an engineer in their early 50s at all.
But I don't care, because I'm doing it for my own enjoyment and satisfaction. I quit my day job in December, and I'm hoping not to ever have a day job (other than working for myself) again. I'm much happier now that I'm trying to do entrepreneurial things, even though I'm not (yet) bringing in as much income as I got from the day job.
When I was in my late 20s through my early 40s, I found that experience was much more of a factor in getting hired and getting a good salary than having a degree. I'm sure there are some exceptions to that, i.e., employers that are idiots, but who would want to work for those employers anyhow?
For anyone that doesn't have a degree, AND doesn't have industry experience, I'd recommend getting the degree and doing some summer internships to get experience. When I've been involved in interviewing candidates, I've found that even candidates with an MSCS but no real experience are often not adequately prepared for a software developer position. CS programs tend to be heavy on theory (and there's nothing wrong with that), but almost entirely lacking in practice.
Paying an extra $100 for a computer in this environment â" same piece of hardware â" paying $100 more to get Windows on it? I think that's a more challenging proposition for the average person than it used to be.
I wrote a two-pass cross-assembler in Perl some years back, but I still can't make heads or tails of most Perl code I see. It seems like a write-only language to me.
The idea behind the recently approved standards for FDE are that real crypto is used. The drive should only remember the key until it is powered down or told to forget the key. The problem is that there is no way to be sure that it forgets the key.
Depends on what government and how much leverage you have over the vendor. You might get the vendor to install the back door for you, or you might intercept the drives in shipping and install the back door.
The big risk with FDE is that the drive may, unbeknownst to the owner, cache and store the encryption keys somewhere inside the drive, either on the media or in nonvolatile memory, making it available to those that know where to find it.
Even if the standard drive firmware doesn't do that, how would you know that the firmware of the drive wasn't modified sometime after manufacture and before purchase to install such a back door?
If you were an agent of some government that wanted to be able to access data on disk drives whose owners believe them to be encrypted, what better way to do that than to either convince the drive vendors to install a back door for you, or to let you tamper with the drives at some point in the process? That would eliminate a whole lot of hassle for you, and there are only a few drive vendors you'd have to subvert.
I think I'll stick to LUKS and dm-crypt. It's not a perfect solution, and it's still possible that someone could subvert my encryption, but doing it in the software I have some measure of control over clearly makes it harder for them than doing it in hardware that I have no choice but to trust blindly.
Am I paranoid? Sure. Probably no one is trying to steal my keys or my data. But the likelyhood of the existence of a back door has NOTHING to do with whether the bad guys (or maybe the good guys?) are interested in my data. Even if no one intends to steal my data today, once a back door exists it can be used against me in the future.
Really, MS could save everyone a lot of trouble by freely licensing fat16/32.
What's their motivation to "save everyone a lot of trouble"?
Microsoft executives have a fiduciary responsibility to maximize shareholder value. Imagine someone at Microsoft having this discussion with Steve Ballmer:
Someone: "We have two options. One is that we could sell licenses for FAT16 and FAT32."
Ballmer: "OK, that sounds reasonable. What's the second option?"
Someone: "We could give away FAT16 and FAT32, to save everyone a lot of trouble."
Ballmer: "Hmmm... how do we monetize that?"
Someone:
Give away FAT16 and FAT32
???
Profit!
Ballmer: "If you can work out step 2 in more detail, we can consider it, but right now your first option is looking more attractive."
As for the certificates, you do not need to buy a certificate from VeriSign to sign your DNS data. You generate your own keys and provide a key fingerprint to whomever is delegating your domain to you.
And who do you suppose is delegating my.com domain to me? Even if I don't have to "buy a certificate" from them, do you really think that they will do anything useful with that key fingerprint without trying to extract more money from me?
I somehow doubt that telling people with.com domains that they can use DNSSEC by switching to a different gTLD or ccTLD would make them particularly happy.
Re:Maybe it's just my tinfoil hat speaking...
on
Whither the 19th IOCCC?
·
· Score: 2, Insightful
Or I've been reading too much Charles Stross
There ain't no such thing as too much Charles Stross!
Remember, if security were a data field, it wouldn't be a boolean value, it would be a real number.
Yes. But even more important to bear in mind is Bruce Schneier's admonition that security is a process, not a product. Far too many people will buy these FDE disk drives, and then blindly assume that since they have bought "security", don't have to do anything else, and that their problem is solved.
That's not a criticism of FDE; it happens with every kind of security-related hardware and software. However, the more security products people buy, the more likely they are to get lulled into thinking that it's a solved problem.
Slashdot Mirror
why aren't they selling the compression technology
Anybody remember when Byte reported on some compression software from a company that claimed they had invented new compression technology "not affected by the laws of information theory"? They claimed that it could be applied recursively to compress ANY file to 4KB. IIRC, the reporter said that the beta version compressed his files to 4K, but couldn't decompress them. He said the company was aware of the problem and would have it fixed in the next beta.
Funny how that company and its products didn't take the world by storm. I wonder how much money they got by defrauding investors.
I wasn't too surprised that they could take in a naive reporter, but I was very surprised that an editor didn't kill the story.
That doesn't work so well if the archive is over 50GB, but at least one site I deal with is willing to give out copies of their >1TB collection if you provide them with a 1.5GB or 2GB USB drive to copy onto.
Any personal data the site may have obviously can't be included in a public distribution, so that needs to be backed up separately.
What, you're not dextrous enough to use three positions per finger and count to 59,048?
I find that more than three positions per finger becomes difficult to maintain reliably.
wristwatch without the watch, for a long time now.
If you do that, make sure the laptops you're not yet using were put into heat-sealed bags with packages of silica gel (dessicant) in an environment with under 70% relative humidity, and don't open them before you need them. High humidity will cause corrosion and lead to equipment failure, so you can't just leave your spares exposed to ambient air.
If you need the equipment to have any halfway reasonable reliability, it MUST have some environmental control. You could use a NEMA class 5 enclosure if only the humidity was an issue and the equipment didn't dissipate a lot of heat. However, your hardware description indicates that you will have a lot of heat dissipation.
The only other option I can see is having some kind of environmental chamber (i.e., an air-conditioned box) to keep the humidity and temperature under control.
If you don't have that, the equipment WILL fail. It's a matter of WHEN, not IF.
Almost all electronic equipment is rated for operation at a maximum of 90% relative humidity (non-condensing), and much equipment is rated even lower than that.
In the CNMI, the _average_ of the daily high relative humidity is above 90% part of the year, and only slightly below 90% the rest of the year.
Indeed.
It's here.
Oops, sorry, meant to post it to a different article!
Look here.
Are any of the people believing that actual lawyers?
I am not a lawyer, but IMNSHO if they go that route, they should probably put a notice alongside the license stating that the software is subject to patents, with a URL of an MPEG LA web page giving more details.
If I'm not mistaken, the photos can't be entered as evidence in court without making them available to the defense.
And after all that, it probably wouldn't even get me a better-paying job, assuming that I could find anyone that wants to hire an engineer in their early 50s at all.
But I don't care, because I'm doing it for my own enjoyment and satisfaction. I quit my day job in December, and I'm hoping not to ever have a day job (other than working for myself) again. I'm much happier now that I'm trying to do entrepreneurial things, even though I'm not (yet) bringing in as much income as I got from the day job.
When I was in my late 20s through my early 40s, I found that experience was much more of a factor in getting hired and getting a good salary than having a degree. I'm sure there are some exceptions to that, i.e., employers that are idiots, but who would want to work for those employers anyhow?
For anyone that doesn't have a degree, AND doesn't have industry experience, I'd recommend getting the degree and doing some summer internships to get experience. When I've been involved in interviewing candidates, I've found that even candidates with an MSCS but no real experience are often not adequately prepared for a software developer position. CS programs tend to be heavy on theory (and there's nothing wrong with that), but almost entirely lacking in practice.
Paying an extra $100 for a computer in this environment â" same piece of hardware â" paying $100 more to get Windows on it? I think that's a more challenging proposition for the average person than it used to be.
I wrote a two-pass cross-assembler in Perl some years back, but I still can't make heads or tails of most Perl code I see. It seems like a write-only language to me.
The idea behind the recently approved standards for FDE are that real crypto is used. The drive should only remember the key until it is powered down or told to forget the key. The problem is that there is no way to be sure that it forgets the key.
Depends on what government and how much leverage you have over the vendor. You might get the vendor to install the back door for you, or you might intercept the drives in shipping and install the back door.
Even if the standard drive firmware doesn't do that, how would you know that the firmware of the drive wasn't modified sometime after manufacture and before purchase to install such a back door?
If you were an agent of some government that wanted to be able to access data on disk drives whose owners believe them to be encrypted, what better way to do that than to either convince the drive vendors to install a back door for you, or to let you tamper with the drives at some point in the process? That would eliminate a whole lot of hassle for you, and there are only a few drive vendors you'd have to subvert.
I think I'll stick to LUKS and dm-crypt. It's not a perfect solution, and it's still possible that someone could subvert my encryption, but doing it in the software I have some measure of control over clearly makes it harder for them than doing it in hardware that I have no choice but to trust blindly.
Am I paranoid? Sure. Probably no one is trying to steal my keys or my data. But the likelyhood of the existence of a back door has NOTHING to do with whether the bad guys (or maybe the good guys?) are interested in my data. Even if no one intends to steal my data today, once a back door exists it can be used against me in the future.
It's not clear that it's even technically possible. Maybe if the mechanism was in a vacuum.
Ludicrous speed! Go!
To me that's a much more serious limitation of the current displays than the inability to bend them.
What's their motivation to "save everyone a lot of trouble"?
Microsoft executives have a fiduciary responsibility to maximize shareholder value. Imagine someone at Microsoft having this discussion with Steve Ballmer:
And who do you suppose is delegating my .com domain to me? Even if I don't have to "buy a certificate" from them, do you really think that they will do anything useful with that key fingerprint without trying to extract more money from me?
I somehow doubt that telling people with .com domains that they can use DNSSEC by switching to a different gTLD or ccTLD would make them particularly happy.
There ain't no such thing as too much Charles Stross!
Yes. But even more important to bear in mind is Bruce Schneier's admonition that security is a process, not a product. Far too many people will buy these FDE disk drives, and then blindly assume that since they have bought "security", don't have to do anything else, and that their problem is solved.
That's not a criticism of FDE; it happens with every kind of security-related hardware and software. However, the more security products people buy, the more likely they are to get lulled into thinking that it's a solved problem.