Yes, any time your data is spinning at nx10^3 rpm, or even if it isn't, there is a finite chance of data loss. Your data centre could be hit by a comet at any time of course. However I think that's nitpicking a bit. Let me reword it a bit: a power failure has a/significant/ chance of/causing/ data loss.
* To: debian-mirrors-announce@lists.debian.org, debian-infrastructure-announce@lists.debian.org, debian-devel-announce@lists.debian.org, debian-user@lists.debian.org
* Subject: ftp.debian.org update
* From: Josip Rodin <mirrors@debian.org>
* Date: Mon, 03 Dec 2007 20:52:00 +0100
* Message-id: <E1IzHKi-0007AN-MH@keid.carnet.hr>
* Mail-followup-to: debian-devel@lists.debian.org
Hi,
We're going to be changing ftp.debian.org setup a bit... but first, a friendly reminder.
Many people seem to think that ftp.debian.org is the canonical location of Debian packages and that it will be best for them to use that site for apt or for mirroring. This is *not true*.
ftp.debian.org is merely one of several servers that get updated from an internal Debian server. That address is presently located on a single server in the United States, and it still exists mainly for backwards compatibility.
In the future, it may get services reduced, or shut down, or converted into a globally load-balanced name, or whatever. Please don't use it.
If you're using it now, please switch to a country-based DNS name such as ftp.us.debian.org, ftp.ca.debian.org, ftp.uk.debian.org,... The list of those servers is at http://www.debian.org/mirror/list ...
It does sound funny, but it's not as tautological as it seems. It's saying that when you have a power outage, there is/always/ a nonzero/risk/ of losing data.
"The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool." -Unknown
So perhaps on some plane of reality we might be grateful to the good people at Microsoft for forcing SSD makers to make improvements they might not otherwise have made?
I have a rather nice solar powered 6-LED flashlight that was given to me as a gift some four years ago. Works very well too, as long as I remember to leave it on the windowsill once a year or so.
Unspecified DNS cache poisoning vulnerability (CVE-2008-1447)
Dan Kaminsky
Dan Kaminsky is credited with discovering some unspecified vulnerabilities in DNS that allow for cache poisoning on a massive the-intarweb-tubes-will-burst-and-flood-your-basement scale. There has been massive media attention over this vulnerability and a large amount of backlash in the security community over the lack of details. When the full details of the vulnerability are revealed at BlackHat, the masses will decide whether the hype and secrecy were worth it. And, more importantly, the Pwnie Judges will vote on whether Dan gets the Pwnie for Most Overhyped Bug.
Lamest Vendor Reponse
Linus Torvalds
Linux kernel non-disclosure policy
Proving that open-source security has not improved much since it relied on the idea of getting enough eyeballs to make bugs shallow, Linus Torvalds demonstrated his incompetence at handling security isses by defending silent patching of security vulnerabilities in the Linux kernel:
So I personally consider security bugs to be just "normal bugs". I don't cover them up, but I also don't have any reason what-so-ever to think it's a good idea to track them and announce them as something special.
Adding insult to injury:
Btw, and you may not like this, since you are so focused on security, one reason I refuse to bother with the whole security circus is that I think it glorifies - and thus encourages - the wrong behavior.
It makes "heroes" out of security people, as if the people who don't just fix normal bugs aren't as important.
* Best Server-Side Bug [slashdot.org]
* Best Client-Side Bug [slashdot.org]
* Mass 0wnage [slashdot.org]
* Most Innovative Research [slashdot.org]
* Lamest Vendor Response [slashdot.org]
* Most Overhyped Bug [slashdot.org]
* Best Song [slashdot.org]
* Most Epic FAIL [slashdot.org]
* Lifetime Achievement Award [slashdot.org]
What, Slashdot.org is the sole nominee for all categories? Fair enough for most of them I guess, but best Song? Has CowboyNeal put out an album lately?
6 seconds? I find it troubling that we consider such times close to instant on.
My 486 would boot to DOS with himem and emm386 in less than 1 second after POST (maybe a full second if I loaded mouse and CD-ROM drivers), and about 3 seconds if win.com (Windows 3.1) was in autoexec.bat.
Linux comes nowhere close to this of course, but I find the bootchart patch extremely useful for finding out exactly/why/ it's so slow.
why does 'taking responsibility' have to mean going to jail?
It doesn't. Sorry if I sounded like I meant that - I was just trying to make the point that having aspergers should not be a Get Out Of Trouble Free card.
You're correct - you had not mentioned nuclear power. However the GGGP did (which is most likely what the GGP was responding to when referring to third-world power generation).
Poor Kiwis, why haven't they got: "all their troops in the middle east already" we've been flip-flopping on that one for a while. It makes great political leverage though, apparently. "and a mortgage crisis" I'm afraid we do, it's just a bit further behind the US one. "and incalculable foreign debt" I'll give you that one, for now. "and nuclear power" to our peril I'm afraid. In the meantime we're burning coal, damming up rivers and finding other creative ways to screw up our environment. "and massive prisons" No, we just let the crims run the streets here. Much safer.
But we do have the metric system, so as Dave Dobbyn put it, "Welcome Home".
...a few high-risk property investment companies collapsing? Have you even looked at our housing market? House prices at eight years salary. Interest rates over 10%. Banks merrily dishing out low-to-zero-deposit loans to young families. Do you not think this is a problem?
And don't get me started on the idiotic "no nuclear power here" meme started in the '80s.
I actually sat looking at your post for a full minute before I realised you weren't talking about the particular kind of Predator whose primary purpose is to hunt aliens and humans for sport. I was trying to figure out how that could be construed as saving lives.
It's really not that painful to move to the metric system. My country did it a few decades ago and we still keep our culture. We still call a Quarter Pounder With Cheese, a Quarter Pounder With Cheese.
The only difference is that peoples heads don't explode now trying to convert lengths based on the distance from some dead kings outstretched thumb to his nose.
Slashdot Mirror
People move house; people change phone numbers. It's a fact of life I'm afraid.
I keep my bank and my computer totally separate.
dude, I think you've just sparked the biggest vigilante manhunt your country has seen to date.
Any special reason?
Yes, any time your data is spinning at nx10^3 rpm, or even if it isn't, there is a finite chance of data loss. Your data centre could be hit by a comet at any time of course. However I think that's nitpicking a bit. Let me reword it a bit: a power failure has a /significant/ chance of /causing/ data loss.
Well I guess that makes Fedora ritalin.
Heh, yeah thanks :)
Actually I'm correctly quoting a guy on /. who in turn must have been misquoting GBS in his sig.
It does sound funny, but it's not as tautological as it seems. It's saying that when you have a power outage, there is /always/ a nonzero /risk/ of losing data.
When I read this, a certain quote comes to mind:
"The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool." -Unknown
So perhaps on some plane of reality we might be grateful to the good people at Microsoft for forcing SSD makers to make improvements they might not otherwise have made?
I have a rather nice solar powered 6-LED flashlight that was given to me as a gift some four years ago. Works very well too, as long as I remember to leave it on the windowsill once a year or so.
Really dumb question, but why can't we patch BIND to do what DNSSec does?
Pwnie for Most Overhyped Bug
Unspecified DNS cache poisoning vulnerability (CVE-2008-1447)
Dan Kaminsky
Dan Kaminsky is credited with discovering some unspecified vulnerabilities in DNS that allow for cache poisoning on a massive the-intarweb-tubes-will-burst-and-flood-your-basement scale. There has been massive media attention over this vulnerability and a large amount of backlash in the security community over the lack of details. When the full details of the vulnerability are revealed at BlackHat, the masses will decide whether the hype and secrecy were worth it. And, more importantly, the Pwnie Judges will vote on whether Dan gets the Pwnie for Most Overhyped Bug.
Lamest Vendor Reponse
Linus Torvalds
Linux kernel non-disclosure policy
Proving that open-source security has not improved much since it relied on the idea of getting enough eyeballs to make bugs shallow, Linus Torvalds demonstrated his incompetence at handling security isses by defending silent patching of security vulnerabilities in the Linux kernel:
So I personally consider security bugs to be just "normal bugs". I don't cover them up, but I also don't have any reason what-so-ever to think it's a good idea to track them and announce them as something special.
Adding insult to injury:
Btw, and you may not like this, since you are so focused on security, one reason I refuse to bother with the whole security circus is that I think it glorifies - and thus encourages - the wrong behavior.
It makes "heroes" out of security people, as if the people who don't just fix normal bugs aren't as important.
Nominees
* Best Server-Side Bug [slashdot.org]
* Best Client-Side Bug [slashdot.org]
* Mass 0wnage [slashdot.org]
* Most Innovative Research [slashdot.org]
* Lamest Vendor Response [slashdot.org]
* Most Overhyped Bug [slashdot.org]
* Best Song [slashdot.org]
* Most Epic FAIL [slashdot.org]
* Lifetime Achievement Award [slashdot.org]
What, Slashdot.org is the sole nominee for all categories? Fair enough for most of them I guess, but best Song? Has CowboyNeal put out an album lately?
6 seconds? I find it troubling that we consider such times close to instant on.
My 486 would boot to DOS with himem and emm386 in less than 1 second after POST (maybe a full second if I loaded mouse and CD-ROM drivers), and about 3 seconds if win.com (Windows 3.1) was in autoexec.bat.
Linux comes nowhere close to this of course, but I find the bootchart patch extremely useful for finding out exactly /why/ it's so slow.
Then you don't understand the problem.
... and then remember that you had another emacs session open in another terminal.
why does 'taking responsibility' have to mean going to jail?
It doesn't. Sorry if I sounded like I meant that - I was just trying to make the point that having aspergers should not be a Get Out Of Trouble Free card.
You're correct - you had not mentioned nuclear power. However the GGGP did (which is most likely what the GGP was responding to when referring to third-world power generation).
Poor Kiwis, why haven't they got:
"all their troops in the middle east already" we've been flip-flopping on that one for a while. It makes great political leverage though, apparently.
"and a mortgage crisis" I'm afraid we do, it's just a bit further behind the US one.
"and incalculable foreign debt" I'll give you that one, for now.
"and nuclear power" to our peril I'm afraid. In the meantime we're burning coal, damming up rivers and finding other creative ways to screw up our environment.
"and massive prisons" No, we just let the crims run the streets here. Much safer.
But we do have the metric system, so as Dave Dobbyn put it, "Welcome Home".
...a few high-risk property investment companies collapsing? Have you even looked at our housing market? House prices at eight years salary. Interest rates over 10%. Banks merrily dishing out low-to-zero-deposit loans to young families. Do you not think this is a problem?
And don't get me started on the idiotic "no nuclear power here" meme started in the '80s.
Personality disorders such as Aspergers can be debilitating, but at some point we must all take responsibility for our own actions. No one else can.
I actually sat looking at your post for a full minute before I realised you weren't talking about the particular kind of Predator whose primary purpose is to hunt aliens and humans for sport. I was trying to figure out how that could be construed as saving lives.
It's really not that painful to move to the metric system. My country did it a few decades ago and we still keep our culture. We still call a Quarter Pounder With Cheese, a Quarter Pounder With Cheese.
The only difference is that peoples heads don't explode now trying to convert lengths based on the distance from some dead kings outstretched thumb to his nose.
Yes.