I have taken to running a spidering type script against my servers when they restart apache/tomcat to get the initial "compile" and caching going which improves initial users' experience. But 10 seconds sounds ridiculous no matter how you look at it.
Perhaps they are in need of some performance tuning in their code?..
it is a bit of a troll post as the item that would crash under a/. effect is Apache (assuming thats what you are running) not the OS. There is not enough of a performance difference in OS level operations between linux and bsd that would have an impact on your network and webserving daemon's ability to handle a/.
Assuming apache 1.3.x, even recompiled to handle more than 256 children you are hard limited by memory and bandwidth. So when you get too many concurrent TCP connections, they just get dropped, regardless of OS.
I think the more indirect point/question is that perhaps the current pre-boot operations cant effectively support their DRM desires and they need an extended pre-boot model to lock out unwanted software.
An earlier post had a link to a threaded discussion with linux core people, Linus, and a guy named Mark from Intel. He gave a background summary of why they are going down this path but he was obviously speaking to his audience and left out mention of any DRM considerations. I am sure the topic was examined as they were developing this model so I am curious/concerned that there may be more to that story.
They are an ISP for small coffe shops, you get access by purchasing a card for $3/1hr, $8/24hr, $20/1mo. Its anonymous and doesn't require a credit card. They run linux and apache on most of their servers that I looked at.
I would contact them and ask their advice. I use them quite a bit at various locations with various platforms (linux, OSX, winblows, etc.) and have never had any technical difficulties so their systems seem to be fairly admin-free.
I was refering to the "not contributing to the community" aspect of the article not the "GPL violations" talked about here (and in the alternate link).
I agree with you that stealing (violating GPL and reselling someone elses work) is too much. But just using software without contributing bug fixes, thank you notes, or money is in keeping with the spirit of OS, I believe.
absolutely. We are are already getting legislated on the one side ala DMCA and others, the last thing we need is more platforms on top of which our activities can be regulated. Keep the tax breaks for more regulated types of research.
good point. That is the idea of free software. We talk about wanting to see linux on the desktop and more end-user penetration but what can/should we expect in return. These companies (from the article) that integrate open-source software rarely have development staff and usually have very low skilled administrative staff. At best they could submit bug reports and do testing but I think that is even a bit much to expect.
Admittedly, everyone in the community has different motivations, but one principle of open source is that it is given away freely without expectation of compensation. Some may say that it is actually with the expectation of benefiting from others' work but that cant be viewed as a transactional event. More like a.. uhh karma event;-)
Excerpt from the definition you linked above:
"Some of the functionality described on this reference page extends the ISO C standard. Any conflict between the requirements described here and the ISO C standard is unintentional. This volume of IEEE Std 1003.1-2001 defers to the ISO C standard. [Option End]"
Which implies that ISO also defines this as a standard.
What they describe as their user model, using the kitchen vs. living room example, is exactly what networks (from roads to trade-routes to phones to 802.11) attempt (implicitly) to eliminate. Meaning they try to remove the barriers (of distance) from transactions and provide, in essence, complete access to resources. The interface should be transparent.
What is needed is adaptive UIs that provide you access to all resources regardless of location or interface method not specialized devices and access points. Eliminating distance is the point not mimicking physical limitations.
I guess they are suggesting a similar ends but I disagree with their premise. Or am I misunderstanding their premise?
Sometimes people make choices and trade-offs between system characteristics (maintainability, standardization, security, portability, performance, etc. etc.). I see this as simply an additional method for balancing these things in system design.
I also understand peoples initial negative reactions to new features (based on experience where a tool or feature intended for intelligent use gets abused and misapropriated).
I personally would like to see this idea extended (and improved) to offer more options for distributing logic/work flow/data and making finer tuned decisions on balancing system characteristics.
Its not a bad idea. And if stupid people apply it poorly thats all the better for my career.;-)
But does functionality like this exist for other executables (C/C++,Perl,etc.). Wouldn't this be extendable to accomodate external functions in general?
1) what is the name of the company? This is for my own dealings. To be honest, I will take your story with a grain of salt but a little research might help me understand if I would want to do business with them or add them to my blacklist.
2) what is your question, "how do I build stable relationships with PHBs so that free lunches and golf outings from vendors dont get me outsourced again" or "how do I prepare for 3rd party assesments/sales pitches to ensure that both they and I can be objectively analyzed"?
Sadly, in corp IT, the answer to both questions is the answer to the first. Face time, "expectations management", proactive education, whispering sweet nothings in the ear, and many other social engineering tactics are how you build relationships with the morons in charge. This is how you will also be better prepared to deal with vendor incursions into your domain.
Technically the way to prepare for this is to do an assesment yourself, early and often, document it, summarize it, broadcast it, and ask for money. You will get ignored and turned down but you will have paper trail and they will remember, vaguely, that you said something about security when the sales pitch comes and they wont be surprised.
In corp IT and much of the world, when dealing with non-engineers, technical merit does not speak for itself but appearance and posturing go a long way. So, in the future, over-communicate and advertise. Remember that most non-technical people get their educations from advertisements and sales pitches so fight fire with fire.
Good point. In the vary large bank where I work there are many dilbert-esque re-orgs that are given all sorts of marketing hype to get analysts to boost our share price.
On the other hand, I am an architect taking part in the enterprise Linux initiaitive (which is where a large corporation attempts to mimic something it doesn't understand because everyone-else-is-doing-it). So maybe Microsoft is touting its methodology mimicry.
I wish more corps could actually make the mental/cultural shift to employ some of the effective methodologies and practices OS uses. It would make the world of IT not so painfull to look at.
Damn fine post. A thread had discussed this a long time ago.. or was that somewhere else.. ?.. damn addled brain.
At any rate, it is not feasible to store all possible combo's but moderately feasible to store 207 billion most likely passwords. Which leaves you with a large number of passwords that are not likely to be easily remembered by users. Which is why this is an issue. However, I would note that 207 billion hashes at 10 bytes a pop gives you 2,070 billion bytes of storage. Most script kiddies are not going to have access to ~2 terabytes of storage just for cracking of hashes. They wont be able to make it part of a rootkit as very few hosts could store the root kit. So the likely scenario would be a small subset of those hashes being employed (or a really good cracker would distribute the 207 billion over many nodes with a trojan acting as a compare server but that poses its own difficulties).
So the parent poster is correct in that what you REALLY have to worry about is using passwords that are not in dictionarys.
This should cause some interesting systems integration issues as crypt has become the defacto standard for cross system authentication and password management. (hash it at your web server, compare it with app server, store it in DB, where it is used by samba to auth winblow users, blah blah, I know these arent exact implementation examples but you get the idea). Just a lot of code or libraries to change to make a system secure.
Actually you make a good point about the OS dealing with intrusions properly. Multi-level security and multi-user systems have been researched quite a bit in the government starting way back with MULTIX (if I spelled it correctly) which is where many of multi-user concepts of UNIX grew from (if my POSIX lore serves me correctly).
I have worked with some multi-user/multi-security-level systems before (from SECRET to TS/SCI and back down again) and I will say that most of the constructs seem to be there in Linux (and more fully implemented in OpenBSD). For the most part its the degree of trust in humans that is simultaneously neccessary and the source of the risk. System properties and behaviours can ease some of the pain but I dont think it can be treated entirely as a function of the OS.
actually I had been using SecureID tokens since 1998 and am quite aware of how they work from both a server side and a client side. the tokens on bulk discount are $50, the server software and server agebts are QUITE expensive. The secureID token value is good for upto 119 seconds (as default install) and a key stroke recorder can be used to intercept and re-use them. They are a psuedo one-time password system and relie on the PIN to mitigate the obvious risk of lost keys/theft of token issue.
A true one-time system cannot be intercepted and re-used. the issue is having a viable store of one-time passwords around.
Now there was a company recently that was using some form of quantom physics to do a pseudo one-time system that was more secure than RSA's method but it was intended for point-to-point device work (like VPNs).
This is a very good point. The theory goes that open peer-review will fill in for "gatekeeper" review and that it will be caught before too long. The trade here is the "before too long" vs. the time to get a fix/enhancement in. Most projects have stable and dev builds. For those running in production, use stable. This should have given the community time to review the code base for backdoors and other defects. But the rub comes in when something needs to be patched in stable builds (and quickly). I do have to say that I trust many open source projects and the people working on them to do peer review of "emergency" patches to stable, but, there is still a risk with some projects.
Keeping in mind that real software engineering companies have the same risks and trade-offs and follow a similar process, I would still say that a well supported open source project will generally fair better at dealing with this than a company that has to pay for these bodies.
Actually there is a method for securing against lost passwords (by this I mean intercepted as in looked over shoulder, recorded key clicks, etc.) and that is the one-time password method combined with some other secondary authentication method. It is, however, extremely difficult to implement successfully. I have been kicking around a method creating my own system for this for my servers. I suspect that I wont be bright enough to do a good implementation of it though.
Of course this has nothing to do with the earlier post being both right and wrong. (right in the sense that Joe CTOs are dumber than a bag of doorknobs, and wrong in that it is not a technical reflection of relative security between MS and Linux).
After RedHat dropped their free line (I was just paying for RHN access) I have been contemplating going to Debian for my servers and suse for desktops or some other scenario. Debian packages and apt-get were primary reasons for considering that distro as my next platform. I dont want to say I am scared off by this but it does remind me that I have to put more thought into how to deal with these things. I had simply trusted RHN and the PGP signing of their RPMs, which may have been a little foolish.
I do have to say that I am still happier with Debian broadcasting this incident as loudly as possible rather than the corporate tactic of hushing it up (I know of a few companys that have done just that). Thanks for the open honesty Debian!
Slashdot Mirror
I have taken to running a spidering type script against my servers when they restart apache/tomcat to get the initial "compile" and caching going which improves initial users' experience. But 10 seconds sounds ridiculous no matter how you look at it.
Perhaps they are in need of some performance tuning in their code?..
it is a bit of a troll post as the item that would crash under a /. effect is Apache (assuming thats what you are running) not the OS. There is not enough of a performance difference in OS level operations between linux and bsd that would have an impact on your network and webserving daemon's ability to handle a /.
Assuming apache 1.3.x, even recompiled to handle more than 256 children you are hard limited by memory and bandwidth. So when you get too many concurrent TCP connections, they just get dropped, regardless of OS.
I think the more indirect point/question is that perhaps the current pre-boot operations cant effectively support their DRM desires and they need an extended pre-boot model to lock out unwanted software.
An earlier post had a link to a threaded discussion with linux core people, Linus, and a guy named Mark from Intel. He gave a background summary of why they are going down this path but he was obviously speaking to his audience and left out mention of any DRM considerations. I am sure the topic was examined as they were developing this model so I am curious/concerned that there may be more to that story.
except for the fact that AMD is still trying to suck up to MS and wont play nice with the OS community..
http://www.facefive.com/
They are an ISP for small coffe shops, you get access by purchasing a card for $3/1hr, $8/24hr, $20/1mo. Its anonymous and doesn't require a credit card. They run linux and apache on most of their servers that I looked at.
I would contact them and ask their advice. I use them quite a bit at various locations with various platforms (linux, OSX, winblows, etc.) and have never had any technical difficulties so their systems seem to be fairly admin-free.
I was refering to the "not contributing to the community" aspect of the article not the "GPL violations" talked about here (and in the alternate link).
I agree with you that stealing (violating GPL and reselling someone elses work) is too much. But just using software without contributing bug fixes, thank you notes, or money is in keeping with the spirit of OS, I believe.
LOL!!
absolutely. We are are already getting legislated on the one side ala DMCA and others, the last thing we need is more platforms on top of which our activities can be regulated. Keep the tax breaks for more regulated types of research.
good point. That is the idea of free software. We talk about wanting to see linux on the desktop and more end-user penetration but what can/should we expect in return. These companies (from the article) that integrate open-source software rarely have development staff and usually have very low skilled administrative staff. At best they could submit bug reports and do testing but I think that is even a bit much to expect.
.. uhh karma event ;-)
Admittedly, everyone in the community has different motivations, but one principle of open source is that it is given away freely without expectation of compensation. Some may say that it is actually with the expectation of benefiting from others' work but that cant be viewed as a transactional event. More like a
Excerpt from the definition you linked above: "Some of the functionality described on this reference page extends the ISO C standard. Any conflict between the requirements described here and the ISO C standard is unintentional. This volume of IEEE Std 1003.1-2001 defers to the ISO C standard. [Option End]" Which implies that ISO also defines this as a standard.
uhhm.. one-click shopping, embeded applications in a browser (plugins), geez.. what were all the other bullshit patents in the news this year..
point being that law and sanity have nothing to do with eachother. Think of them as the matter/anti-matter guys in star trek..
What they describe as their user model, using the kitchen vs. living room example, is exactly what networks (from roads to trade-routes to phones to 802.11) attempt (implicitly) to eliminate. Meaning they try to remove the barriers (of distance) from transactions and provide, in essence, complete access to resources. The interface should be transparent.
What is needed is adaptive UIs that provide you access to all resources regardless of location or interface method not specialized devices and access points. Eliminating distance is the point not mimicking physical limitations.
I guess they are suggesting a similar ends but I disagree with their premise. Or am I misunderstanding their premise?
Sometimes people make choices and trade-offs between system characteristics (maintainability, standardization, security, portability, performance, etc. etc.). I see this as simply an additional method for balancing these things in system design.
;-)
I also understand peoples initial negative reactions to new features (based on experience where a tool or feature intended for intelligent use gets abused and misapropriated).
I personally would like to see this idea extended (and improved) to offer more options for distributing logic/work flow/data and making finer tuned decisions on balancing system characteristics.
Its not a bad idea. And if stupid people apply it poorly thats all the better for my career.
But does functionality like this exist for other executables (C/C++,Perl,etc.). Wouldn't this be extendable to accomodate external functions in general?
1) what is the name of the company? This is for my own dealings. To be honest, I will take your story with a grain of salt but a little research might help me understand if I would want to do business with them or add them to my blacklist.
2) what is your question, "how do I build stable relationships with PHBs so that free lunches and golf outings from vendors dont get me outsourced again" or "how do I prepare for 3rd party assesments/sales pitches to ensure that both they and I can be objectively analyzed"?
Sadly, in corp IT, the answer to both questions is the answer to the first. Face time, "expectations management", proactive education, whispering sweet nothings in the ear, and many other social engineering tactics are how you build relationships with the morons in charge. This is how you will also be better prepared to deal with vendor incursions into your domain.
Technically the way to prepare for this is to do an assesment yourself, early and often, document it, summarize it, broadcast it, and ask for money. You will get ignored and turned down but you will have paper trail and they will remember, vaguely, that you said something about security when the sales pitch comes and they wont be surprised.
In corp IT and much of the world, when dealing with non-engineers, technical merit does not speak for itself but appearance and posturing go a long way. So, in the future, over-communicate and advertise. Remember that most non-technical people get their educations from advertisements and sales pitches so fight fire with fire.
Good point. In the vary large bank where I work there are many dilbert-esque re-orgs that are given all sorts of marketing hype to get analysts to boost our share price.
On the other hand, I am an architect taking part in the enterprise Linux initiaitive (which is where a large corporation attempts to mimic something it doesn't understand because everyone-else-is-doing-it). So maybe Microsoft is touting its methodology mimicry.
I wish more corps could actually make the mental/cultural shift to employ some of the effective methodologies and practices OS uses. It would make the world of IT not so painfull to look at.
try yellow dog briqs.. PPC boxes size of a CD-ROM drive..
http://www.yellowdoglinux.com/products/
He is correct in part. My older version of Mozilla:
e cu rity/ex01/vun2.htm
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020830
Displays this URL in the test link in the article:
http://www.microsoft.com%01@zapthedingbat.com/s
To a normal user it may look like I am in the microsoft domain. In IE, however, it truncates the ugliness at the end, like so:
http://www.microsoft.com
Which is far more deceptive.
Damn fine post. A thread had discussed this a long time ago.. or was that somewhere else.. ?.. damn addled brain.
At any rate, it is not feasible to store all possible combo's but moderately feasible to store 207 billion most likely passwords. Which leaves you with a large number of passwords that are not likely to be easily remembered by users. Which is why this is an issue. However, I would note that 207 billion hashes at 10 bytes a pop gives you 2,070 billion bytes of storage. Most script kiddies are not going to have access to ~2 terabytes of storage just for cracking of hashes. They wont be able to make it part of a rootkit as very few hosts could store the root kit. So the likely scenario would be a small subset of those hashes being employed (or a really good cracker would distribute the 207 billion over many nodes with a trojan acting as a compare server but that poses its own difficulties).
So the parent poster is correct in that what you REALLY have to worry about is using passwords that are not in dictionarys.
This should cause some interesting systems integration issues as crypt has become the defacto standard for cross system authentication and password management. (hash it at your web server, compare it with app server, store it in DB, where it is used by samba to auth winblow users, blah blah, I know these arent exact implementation examples but you get the idea). Just a lot of code or libraries to change to make a system secure.
Actually you make a good point about the OS dealing with intrusions properly. Multi-level security and multi-user systems have been researched quite a bit in the government starting way back with MULTIX (if I spelled it correctly) which is where many of multi-user concepts of UNIX grew from (if my POSIX lore serves me correctly).
I have worked with some multi-user/multi-security-level systems before (from SECRET to TS/SCI and back down again) and I will say that most of the constructs seem to be there in Linux (and more fully implemented in OpenBSD). For the most part its the degree of trust in humans that is simultaneously neccessary and the source of the risk. System properties and behaviours can ease some of the pain but I dont think it can be treated entirely as a function of the OS.
actually I had been using SecureID tokens since 1998 and am quite aware of how they work from both a server side and a client side. the tokens on bulk discount are $50, the server software and server agebts are QUITE expensive. The secureID token value is good for upto 119 seconds (as default install) and a key stroke recorder can be used to intercept and re-use them. They are a psuedo one-time password system and relie on the PIN to mitigate the obvious risk of lost keys/theft of token issue. A true one-time system cannot be intercepted and re-used. the issue is having a viable store of one-time passwords around. Now there was a company recently that was using some form of quantom physics to do a pseudo one-time system that was more secure than RSA's method but it was intended for point-to-point device work (like VPNs).
This is a very good point. The theory goes that open peer-review will fill in for "gatekeeper" review and that it will be caught before too long. The trade here is the "before too long" vs. the time to get a fix/enhancement in. Most projects have stable and dev builds. For those running in production, use stable. This should have given the community time to review the code base for backdoors and other defects. But the rub comes in when something needs to be patched in stable builds (and quickly). I do have to say that I trust many open source projects and the people working on them to do peer review of "emergency" patches to stable, but, there is still a risk with some projects.
Keeping in mind that real software engineering companies have the same risks and trade-offs and follow a similar process, I would still say that a well supported open source project will generally fair better at dealing with this than a company that has to pay for these bodies.
Actually there is a method for securing against lost passwords (by this I mean intercepted as in looked over shoulder, recorded key clicks, etc.) and that is the one-time password method combined with some other secondary authentication method. It is, however, extremely difficult to implement successfully. I have been kicking around a method creating my own system for this for my servers. I suspect that I wont be bright enough to do a good implementation of it though.
Of course this has nothing to do with the earlier post being both right and wrong. (right in the sense that Joe CTOs are dumber than a bag of doorknobs, and wrong in that it is not a technical reflection of relative security between MS and Linux).
After RedHat dropped their free line (I was just paying for RHN access) I have been contemplating going to Debian for my servers and suse for desktops or some other scenario. Debian packages and apt-get were primary reasons for considering that distro as my next platform. I dont want to say I am scared off by this but it does remind me that I have to put more thought into how to deal with these things. I had simply trusted RHN and the PGP signing of their RPMs, which may have been a little foolish.
I do have to say that I am still happier with Debian broadcasting this incident as loudly as possible rather than the corporate tactic of hushing it up (I know of a few companys that have done just that). Thanks for the open honesty Debian!