I have a feeling that... "education professionals are rejecting the OLPCs whether or not the computers and software are good because they didn't get to push the development team around." How incredibly arrogant.
If you break the security polices you should be fired. I don't care if it is trivially easy to tunnel protocol X over HTTP. If you are willing to break the IT security policies why should you be trusted?
The problem with the "block known bad things" approach is that there are a lot of unknown bad things. It is far easier to profile for, and allow "known good things."
Watching all traffic for anomalies is a joke. No one has figured out how to do it yet and they have been chasing that goal for a decade at least. I have seen countless demos of "network anomaly detectors" that have all failed. Anomaly detection probably requires AI to work.
Given the technology available today the only effective technical controls we have to enforce an IT security policy is a default deny policy.
Not all audio works are covered. Only music may be copied for private use. You may not legally copy audiobooks in Canada.
The Copyright Act was amended to allow private copying and the levy at the same time. If I am not mistaken the amendment was passed in 1997 bills C.24 and S.50. Prior to the amendment copying music for private use was not allowed, but unenforceable. Essentially CIRA lobbied for a levy due to piracy. The Copyright Board gave CIRA the levy, but in return allowed Canadians to legally make private copies.
Read Part VIII of The Copyright Act. It is perfectly legal in Canada to copy music (and only music) for personal use. Note that section 80 does not state the copier must own a copy of the music prior to making another copy. The Copyright Board has interpreted this to mean that it is legal for a person to copy music from any source such as a CD borrowed from a friend or library. It is not legal for another person to make the copy for you. It is not legal for a person to charge a fee for the privilege of copying their CD. The Copyright Board has also stated that regardless of the source of any music you might have it is all legal (non-infringing) once you have it. So it is illegal for a friend to make you a mixed tape, but it is not illegal for you to posses the mixed tape.
The context of this discussion is buying new hardware for a home server. Obviously junk you have sitting in the basement is cheaper then something new.
Check the prices. An AMD X2 is excellent bang for the buck. It costs only a few dollars more then the cheapest CPU and for that you get a second core, more cache, more speed, and virtualization support. At idle it likely consumes less power then a p100, and definitely supports larger hard drives. While the mini-itx systems are small and cool, the cost is rather high. If anyone here has dicksize bragging rights and a lighter wallet, it is you.
Good recommendations on the hardware and software. A low power AMD X2 3800+ is a fantastic cpu for home servers. An AMD system beats Intel on price, and generally consumes less power at idle. The Intel Core 2 may be faster, but home servers are typically limited by hard drive speeds not cpu.
On the software side it is hard to recommend OpenBSD for a file server. OpenBSD has traditionally lagged FreeBSD, NetBSD, and Linux when in come to file system access, and it would seem to still be the case. While anecdotal, my Linux server with encrypted disks can get about 40MiB/s to and from the drive. The system was an AMD X2 3800 with 1GB ram running Debian/Etch/AMD64. The system was setup with EXT3 on LVM on dm-crypt with LUKS on software RAID 1 on two IDE Seagate 80 GB drives.
A sibling post mentions security. At this time that is a bit of a white elephant. There is no reason a FreeBSD or Linux system should not be just as secure as the OpenBSD system. All are using similar, if not the same, sever software.
Using disk or volume encryption is part of a layered security approach. Even in secure facilities things are stolen.
Physical security mitigates the threat of an attacker gaining physical access to the machine. Disk encryption mitigates the threat of an attacker gaining access to the disk (e.g. theft). File encryption mitigates the threat of an attacker gaining access to the running system (e.g. over the network). For good security you should use all of these tools.
I don't know why they install them in Canada, but I'm guessing it's not only a cost recovery exercise. That would be a good guess. If the compensators were just a cost recovery exercise they would turn them off in the summer.
I don't know why the fuel is compensate at the pump in Canada. It is not by law as some independent stations don't compensate for temperature. I suspect compensating meters are used to improve accounting. If it was just about money the stations could just as easily raise their prices.
The numbers I posted are reasonably accurate. Measurements were made with true RMS Fluke amp and volt meters. Taking power factor into account the numbers should be within 15%. Two of the systems tested were tested with the amp and volt meters, and a watt meter. The numbers were within 8%. Are you sure that your meter is accurate?
Is your water cooled AMD X2 overclocked? Are you sure "Cool'n'Quiet" is enabled? This will make a difference at idle. I am not surprised that your Celeron 566 burns 80w. A P3 550 I tested used about 85w at idle. At the time I was surprised as it was assumed that these older P3 systems ran cool.
One of the systems I tested was close to the configuration the grandparent was looking at. It was a socket 939 mainboard with AMD64 X2 3800+, 2x512MiB ram, Nvidia chipset with onboard video and a Seagate hard drive. At idle it consumed 67w.
Your average 250w-300w system does not use anywhere near that much power most of the time. I would guess that at idle either of those systems would use about 60-70w (assuming onboard video). At full cpu load I would expect the system to consume 70-80w. Possibly as high as 90w. A video card will make a big difference. In a system I tested the nvidia 7900 GTX consumed about 40w at idle and much more under load. When looking at yearly power consumption the power usage of the DVD-rw and floppy drive are effectively zero as those devices are so seldom used. (Unless you are running a DVD piracy shop:-)
For most users the systems will be idle most of the time. (Even when playing mp3s my Core 2 cpu is running at its slowest cpu speed.) Either of the above systems will likely consume about 550 kW-hours of electricity a year. If you run Folding@Home the systems will likely consume about 650 and maybe as high as 780 kW-hours. If you estimate electricity at 8cents per kWhr. You are looking at operating costs in the range of $45 a year. Running folding@home would cost $55 to $65 a year. Using the suspend feature can save you a few bucks every year.
If you are running Linux use the "ondemand" or "conservative" speed governor.
This certifications at the EAL4 and up levels are all functional tests. That is the actual system is run. Software by itself cannot run. It needs the hardware. These types of certifications are designed to eliminate as many unknowns as possible. Any RHEL system should behave the same but can you guarantee that? Consider the simple case as a bug in a hardware driver in one system but not in the tested system. That said, it is reasonable to expect that all x86 type hardware similar to the eServers would achieve the same certification.
Also IBM paid a pretty penny for the certifications. They would rather their competitors pay for their own certifications.
Shuttleworth's very active blog. What the hell are you talking about? Mark Shuttleworth has only made 5 posts this month, and only 7 posts in the month of May. This is hardly very active. Rosenberg adds nothing of value.
This is the exact sort of reasoning that has lead to software EULAs. The idea is that in order for a piece of software to be used it needs to be "copied" from floppy, tape, or harddrive into memory. Strictly speaking copyright law did not allow this copying. Only the copyright owner is allowed to make copies. Other parties, e.g. the users, are not allowed to make copies unless the copyright owner grants the other party a copyright license. The software makers saw the benefit of forcing licenses and used this legal requirement as an excuse for writing overreaching EULAs. A more sane approach would have been to extend "fair use."
I have not actually played WoW on any platform. I just threw it out as an example. I freely admit to being biased: my current machine has a 7900 GTS (o/c natch) and I am waiting for an excuse to upgrade to an 8800 (hello Quake Wars). I consider Intel GMA, ATI x1600, and even the Nvidia 8600m as poor for games. While I am sure you can play games on the MacBook and MacBook Pro. I would prefer to play games with all the shiny turned on.:-)
I think the better question is: "Will the iPhone measure up to the iPhone?" There have been endless rumours and hype, few real facts, and no independent reviews. While I am certain the iPhone will be a solid product, let us wait until June 29th before declaring the iPhone the greatest phone ever.
Santa Rosa still has problems addressing a full 4GiB of RAM. This is a limitation of running the processor in 32bit mode. In this mode a maximum of 4GiB can be addressed, but some of that space is mapped to system devices such as the dedicated video memory.
It is not a bad choice. There is nothing wrong with the built-in Intel graphics (GMA950 etc) for 95% of uses. If you plan to play games such as World of Warcraft or Quake then you would want the dedicated ati graphics. It is only clueless whiny mac fanboys who have a hang up with the Intel graphics. I am sure someone can post a long list of benchmarks that show that the Intel graphics are slow, but they won't be able to show a list of how that actually effects the user. Unless you fire up WoW you aren't going to notice.
I have an Adaptec U320 raid controller that goes belly up under heavy load. This happens under both Linux and FreeBSD. I don't care if it was a hardware fault, a firmware fault, or a driver fault. I did not have this problem with software raid.
There is fake hardware raid. This type of raid is cheap and most of the raid calculations are done by the driver in the host OS. Some of the calculations are handled by the hardware. This is the type of raid found on most motherboards. Adaptec calls this "HostRaid." This type of raid is poor. The drivers tend to be buggy. Despite the driver running in the OS, the kernel typically does not know that the device is software raid and cannot optimize accordingly. The raid array is also typically chipset dependent and you cannot physically move the array to another computer.
There is also pure software raid. This is the type of raid offered by the Linux "md" driver. FreeBSD, Windows, and MacOS all have something similar. This is the type of raid the parent posted discussed. Software raid of this type is often the best choice for home and small office use. The OS knowns and understand that the device is a software raid. The drivers and tools are full featured and mature software. In the case of Linux, and probably the others, the raid array is hardware independent. The drives could be moved to any system with sufficient disk controllers. If the server is lightly loaded the performance impact is negligible. In my experience Linux software raid (md) is resilient to hardware and power failures.
I suspect that the article you read was on fake hardware raid.
The advantages of trimix are not so clear cut. Insuring that the gas is blended properly with the correct mix of gases is a problem. The risks of diving on air can be managed. I know a number of very good experienced divers who only use air as the risks are well known.
I recently moved from the country back into the city. Country life was great on the week days when all I wanted to do was relax on the patio. But it sucked ass on the weekend.
I suspect that many people would take exception to your characterization of rural or suburban living as living in a cage. Many would say that they prefer it. That is fine, it doesn't make it any less of a cage.
I can't speak to Scott Adam's story, but I do know of a large shop that thought a bug bounty like that was a good idea. A rising star in management with little technical knowledge but lots of new ideas thought that a bug bounty would be a good motivator for QA. Fortunately for the company the idea was squashed by a number of experienced software engineers before it was implemented.
Along a similar vein one of the companies I worked for had an idea for spurring innovation and lateral thinking. The program was designed to find small improvements and cost savings on the production floor. The company offered a reward based on a percentage of the cost savings as well as a small gift. To give an idea of the expected cost savings the gifts ranged from golf shirts to pen sets with the company logo. Nothing fancy. This program worked well until an employee found a way to save 15 million dollars. The employee did receive the award but it was the last award paid. While it is nice of the company to offer incentives for new ideas, as this employee was an engineer it could easily be argued that it was his job to find 15 million dollars savings.
Lighttpd may seem to have been built with security in mind, but it hasn't. Superficially Lighttpd does all the right security things, but search for "lighttpd memory leak." Secure software does not leak memory.
Illicit drug is problematic for two reasons. The first is that it shows a lack of good judgment. Like it or not Illicit drug use is a major crime. If an employee is willing to break those laws, what other laws are are they will to break? The second more serious problem is illegal drug use can be used to coerce employees. An attacker could bribe an employee to reveal trade secrets or otherwise harm their employer. This could backfire and costs money for the bribe. If the employee is a drug abuser the attacker could threaten to out the employee resulting in jail time and job loss.
Slashdot Mirror
If you break the security polices you should be fired. I don't care if it is trivially easy to tunnel protocol X over HTTP. If you are willing to break the IT security policies why should you be trusted?
The problem with the "block known bad things" approach is that there are a lot of unknown bad things. It is far easier to profile for, and allow "known good things."
Watching all traffic for anomalies is a joke. No one has figured out how to do it yet and they have been chasing that goal for a decade at least. I have seen countless demos of "network anomaly detectors" that have all failed. Anomaly detection probably requires AI to work.
Given the technology available today the only effective technical controls we have to enforce an IT security policy is a default deny policy.
Just to clear a few things up.
Not all audio works are covered. Only music may be copied for private use. You may not legally copy audiobooks in Canada.
The Copyright Act was amended to allow private copying and the levy at the same time. If I am not mistaken the amendment was passed in 1997 bills C.24 and S.50. Prior to the amendment copying music for private use was not allowed, but unenforceable. Essentially CIRA lobbied for a levy due to piracy. The Copyright Board gave CIRA the levy, but in return allowed Canadians to legally make private copies.
Read Part VIII of The Copyright Act. It is perfectly legal in Canada to copy music (and only music) for personal use. Note that section 80 does not state the copier must own a copy of the music prior to making another copy. The Copyright Board has interpreted this to mean that it is legal for a person to copy music from any source such as a CD borrowed from a friend or library. It is not legal for another person to make the copy for you. It is not legal for a person to charge a fee for the privilege of copying their CD. The Copyright Board has also stated that regardless of the source of any music you might have it is all legal (non-infringing) once you have it. So it is illegal for a friend to make you a mixed tape, but it is not illegal for you to posses the mixed tape.
The context of this discussion is buying new hardware for a home server. Obviously junk you have sitting in the basement is cheaper then something new.
Check the prices. An AMD X2 is excellent bang for the buck. It costs only a few dollars more then the cheapest CPU and for that you get a second core, more cache, more speed, and virtualization support. At idle it likely consumes less power then a p100, and definitely supports larger hard drives. While the mini-itx systems are small and cool, the cost is rather high. If anyone here has dicksize bragging rights and a lighter wallet, it is you.
Good recommendations on the hardware and software. A low power AMD X2 3800+ is a fantastic cpu for home servers. An AMD system beats Intel on price, and generally consumes less power at idle. The Intel Core 2 may be faster, but home servers are typically limited by hard drive speeds not cpu.
On the software side it is hard to recommend OpenBSD for a file server. OpenBSD has traditionally lagged FreeBSD, NetBSD, and Linux when in come to file system access, and it would seem to still be the case. While anecdotal, my Linux server with encrypted disks can get about 40MiB/s to and from the drive. The system was an AMD X2 3800 with 1GB ram running Debian/Etch/AMD64. The system was setup with EXT3 on LVM on dm-crypt with LUKS on software RAID 1 on two IDE Seagate 80 GB drives.
A sibling post mentions security. At this time that is a bit of a white elephant. There is no reason a FreeBSD or Linux system should not be just as secure as the OpenBSD system. All are using similar, if not the same, sever software.
Using disk or volume encryption is part of a layered security approach. Even in secure facilities things are stolen.
Physical security mitigates the threat of an attacker gaining physical access to the machine. Disk encryption mitigates the threat of an attacker gaining access to the disk (e.g. theft). File encryption mitigates the threat of an attacker gaining access to the running system (e.g. over the network). For good security you should use all of these tools.
I don't know why the fuel is compensate at the pump in Canada. It is not by law as some independent stations don't compensate for temperature. I suspect compensating meters are used to improve accounting. If it was just about money the stations could just as easily raise their prices.
The numbers I posted are reasonably accurate. Measurements were made with true RMS Fluke amp and volt meters. Taking power factor into account the numbers should be within 15%. Two of the systems tested were tested with the amp and volt meters, and a watt meter. The numbers were within 8%. Are you sure that your meter is accurate?
Is your water cooled AMD X2 overclocked? Are you sure "Cool'n'Quiet" is enabled? This will make a difference at idle. I am not surprised that your Celeron 566 burns 80w. A P3 550 I tested used about 85w at idle. At the time I was surprised as it was assumed that these older P3 systems ran cool.
One of the systems I tested was close to the configuration the grandparent was looking at. It was a socket 939 mainboard with AMD64 X2 3800+, 2x512MiB ram, Nvidia chipset with onboard video and a Seagate hard drive. At idle it consumed 67w.
Your average 250w-300w system does not use anywhere near that much power most of the time. I would guess that at idle either of those systems would use about 60-70w (assuming onboard video). At full cpu load I would expect the system to consume 70-80w. Possibly as high as 90w. A video card will make a big difference. In a system I tested the nvidia 7900 GTX consumed about 40w at idle and much more under load. When looking at yearly power consumption the power usage of the DVD-rw and floppy drive are effectively zero as those devices are so seldom used. (Unless you are running a DVD piracy shop :-)
For most users the systems will be idle most of the time. (Even when playing mp3s my Core 2 cpu is running at its slowest cpu speed.) Either of the above systems will likely consume about 550 kW-hours of electricity a year. If you run Folding@Home the systems will likely consume about 650 and maybe as high as 780 kW-hours. If you estimate electricity at 8cents per kWhr. You are looking at operating costs in the range of $45 a year. Running folding@home would cost $55 to $65 a year. Using the suspend feature can save you a few bucks every year.
If you are running Linux use the "ondemand" or "conservative" speed governor.
This certifications at the EAL4 and up levels are all functional tests. That is the actual system is run. Software by itself cannot run. It needs the hardware. These types of certifications are designed to eliminate as many unknowns as possible. Any RHEL system should behave the same but can you guarantee that? Consider the simple case as a bug in a hardware driver in one system but not in the tested system. That said, it is reasonable to expect that all x86 type hardware similar to the eServers would achieve the same certification.
Also IBM paid a pretty penny for the certifications. They would rather their competitors pay for their own certifications.
This is the exact sort of reasoning that has lead to software EULAs. The idea is that in order for a piece of software to be used it needs to be "copied" from floppy, tape, or harddrive into memory. Strictly speaking copyright law did not allow this copying. Only the copyright owner is allowed to make copies. Other parties, e.g. the users, are not allowed to make copies unless the copyright owner grants the other party a copyright license. The software makers saw the benefit of forcing licenses and used this legal requirement as an excuse for writing overreaching EULAs. A more sane approach would have been to extend "fair use."
I have not actually played WoW on any platform. I just threw it out as an example. I freely admit to being biased: my current machine has a 7900 GTS (o/c natch) and I am waiting for an excuse to upgrade to an 8800 (hello Quake Wars). I consider Intel GMA, ATI x1600, and even the Nvidia 8600m as poor for games. While I am sure you can play games on the MacBook and MacBook Pro. I would prefer to play games with all the shiny turned on. :-)
I think the better question is: "Will the iPhone measure up to the iPhone?" There have been endless rumours and hype, few real facts, and no independent reviews. While I am certain the iPhone will be a solid product, let us wait until June 29th before declaring the iPhone the greatest phone ever.
Santa Rosa still has problems addressing a full 4GiB of RAM. This is a limitation of running the processor in 32bit mode. In this mode a maximum of 4GiB can be addressed, but some of that space is mapped to system devices such as the dedicated video memory.
It is not a bad choice. There is nothing wrong with the built-in Intel graphics (GMA950 etc) for 95% of uses. If you plan to play games such as World of Warcraft or Quake then you would want the dedicated ati graphics. It is only clueless whiny mac fanboys who have a hang up with the Intel graphics. I am sure someone can post a long list of benchmarks that show that the Intel graphics are slow, but they won't be able to show a list of how that actually effects the user. Unless you fire up WoW you aren't going to notice.
I have an Adaptec U320 raid controller that goes belly up under heavy load. This happens under both Linux and FreeBSD. I don't care if it was a hardware fault, a firmware fault, or a driver fault. I did not have this problem with software raid.
I think you are confusing two types of raid.
There is fake hardware raid. This type of raid is cheap and most of the raid calculations are done by the driver in the host OS. Some of the calculations are handled by the hardware. This is the type of raid found on most motherboards. Adaptec calls this "HostRaid." This type of raid is poor. The drivers tend to be buggy. Despite the driver running in the OS, the kernel typically does not know that the device is software raid and cannot optimize accordingly. The raid array is also typically chipset dependent and you cannot physically move the array to another computer.
There is also pure software raid. This is the type of raid offered by the Linux "md" driver. FreeBSD, Windows, and MacOS all have something similar. This is the type of raid the parent posted discussed. Software raid of this type is often the best choice for home and small office use. The OS knowns and understand that the device is a software raid. The drivers and tools are full featured and mature software. In the case of Linux, and probably the others, the raid array is hardware independent. The drives could be moved to any system with sufficient disk controllers. If the server is lightly loaded the performance impact is negligible. In my experience Linux software raid (md) is resilient to hardware and power failures.
I suspect that the article you read was on fake hardware raid.
The advantages of trimix are not so clear cut. Insuring that the gas is blended properly with the correct mix of gases is a problem. The risks of diving on air can be managed. I know a number of very good experienced divers who only use air as the risks are well known.
I recently moved from the country back into the city. Country life was great on the week days when all I wanted to do was relax on the patio. But it sucked ass on the weekend.
I suspect that many people would take exception to your characterization of rural or suburban living as living in a cage. Many would say that they prefer it. That is fine, it doesn't make it any less of a cage.
I can't speak to Scott Adam's story, but I do know of a large shop that thought a bug bounty like that was a good idea. A rising star in management with little technical knowledge but lots of new ideas thought that a bug bounty would be a good motivator for QA. Fortunately for the company the idea was squashed by a number of experienced software engineers before it was implemented.
Along a similar vein one of the companies I worked for had an idea for spurring innovation and lateral thinking. The program was designed to find small improvements and cost savings on the production floor. The company offered a reward based on a percentage of the cost savings as well as a small gift. To give an idea of the expected cost savings the gifts ranged from golf shirts to pen sets with the company logo. Nothing fancy. This program worked well until an employee found a way to save 15 million dollars. The employee did receive the award but it was the last award paid. While it is nice of the company to offer incentives for new ideas, as this employee was an engineer it could easily be argued that it was his job to find 15 million dollars savings.
Lighttpd may seem to have been built with security in mind, but it hasn't. Superficially Lighttpd does all the right security things, but search for "lighttpd memory leak." Secure software does not leak memory.
The Wikipedia broadband article is reasonably accurate.
Illicit drug is problematic for two reasons. The first is that it shows a lack of good judgment. Like it or not Illicit drug use is a major crime. If an employee is willing to break those laws, what other laws are are they will to break? The second more serious problem is illegal drug use can be used to coerce employees. An attacker could bribe an employee to reveal trade secrets or otherwise harm their employer. This could backfire and costs money for the bribe. If the employee is a drug abuser the attacker could threaten to out the employee resulting in jail time and job loss.