How many people still have a serial port palm pilot?
How many people need to configure a piece of network gear?
How many people have needed to get to the serial consone on their unix box?
How many people have rack mount gear that the only console is serial?
Serial won't die any time soon.
That's why we're in a period of "grandfathering" in the new technology slowly. People with serial-based Palms will use them until they break down, or until they want a faster unit (the Tungsten is GORGEOUS, BTW!), at which point they will no longer require that serial port.
As for configuring networking gear and rackmount equipment, that, too, will slowly come around and start using new technology for their control interfaces. A time will come, in the not so distant future, where it will become financially unfeasable to implement legacy technology on new devices, because the support will be dissapearing, and the devices won't be as functional in the years to come. (Nowehere to connect them, legacy inter-connects will no longer be manufactured)
As far as removing legacy equipment goes; this is nothing new. IBM removed the floppy drive from their PC spec years ago. Almost their entire line of laptops for the past year or two up to today don't include them, except via special order, and even then many chassis don't come equipped with a space for the drive, so external (Hey! USB!) drives are required.
Put it this way; when I can run a single USB cable, or a small (4,5,8 port) USB hub to my desk (or get a monitor with the ports embedded in it) and connect a mouse, keyboard, scanner, pen drive, Palm (or other handheld), camera, microphone, sound system, TV / FM tuner / video capture device, hard drive, CD/DVD-ROM/RW drive, cell phone charger, floppy drive, printer, tablet, or any number of thousands of other peripheral devices to just those ports, the future has come. Believe you me, I've crawled under more desks and behind more copmuter work centres than I care to remember, and it's a huge PITA. So now I've got all sorts of wasted ports on the units that are used so seldom they often get caked with dust before I get a chance to plug anything into them.
Since that future is already here, and since motherboard/computer manufacturers have demand for a) more USB ports, and b) little to no demand for legacy ports, they're doing what any business would do; they're adapting to the new market condition.
You can still buy motherboards with a full suite of legacy controllers, so you're still ok for supporting all your legacy devices, and you will be for a long while. Slowly, those boards will exist less and less, and have fewer and fewer legacy ports (many new boards only ship with one DB-9 serial port instead of two, or one DB-9 and one DB-25 as in past), and more and more USB ports. The exact same thing happened with ISA slots. They went from the majority, to having an even split (often with one ISA/PCI slot 'shared'), to having only three per board, to one per board, and finally we see very few boards who include an ISA slot. That transition, much like the transition away from legacy inter-connects and storage mediums, will take time. Likely five years.
Five years in the computer industry is a long, long time. I can forsee 1GB/Second inter-connects and peripherals being as readily available in five years as 12MB/Second are today, and I may be under-estimating.
So, spend $100 to replace a $0.50 port again (which again, you still would have paid for as a USB port). Bad investment.
He said printers. Also, I was working under the assumption that he was looking to replace all the PCs in his household or place of business almost overnight, while maintaining his collection of slow paralell printers. After all, that would be the only reason he'd be concerned about the loss of paralell ports, no?
Plus, this guy should buy a new zip drive to read his backups? Bad idea.
I'd love little more than for you to point out where I advocated purchase of a new legacy device.
>I'll assume you've got some figures to support this otherwise baseless claim?
Baseless? Uhhuh... try harder to troll next time.
The original statement was that USB is unreilable. But thank-you for quoting me out of context.
True, but it's the most reliable way I can move stuff back and forth from work to home. I don't have a CD burner at home. I do have Zip drives both places.
You should probably consider preparing for the future. If one of your ZIP drives starts failing (in any of the ways in which they fail, including "My drive won't read this disk, but that one will", which is what caused a friend of mine to switch to CD-R at a time when the least expensive drive was ~$350), you're screwed. Besides, CD-R drives have so much more utility than ZIP drives. When I want to transport, ie, Windows 2000 SP3 to my parents' house, along with updated 30MB printer drivers, a Word Perfect Office service pack (@~80MB), along with about 200MB worth of additional drivers and updates, I hauled out a single 650MB CD-RW disk and burned the files in 5 minutes. I didn't have to pack an external ZIP disk, a floppy with drivers, and two-three ZIP disks to do it, either. Same goes for any of my customers' locations; they all have CD-ROM drives, but barely 1% of them have ZIP drives.
For the cost of a single ZIP drive, you could purchase two CD burners and a box of 5 CD-RWs
As for the ports being kludgy and slow, why on earth do you need your keyboard or mouse to be fast? It's not like you're going to overflow the port or something.
It's not that their send-to-device speed is slow, it's that the entire bus is slow. They require special host bridges to keep them from bogging the entire system down. That costs lots of resources to implement, and at this point in time with the present market saturation of USB devices and converters, there's no need to fumble with kludges anymore.
As for USB not being trustworthy, I have never cared for it. It's never struck be as being that great of a replacement for perfectly decent technology. You can use it all you want. I would like the choice at least.
Why have you never cared for it? What on Earth is wrong with it? One plug type for ten thousand peripheral types, all with a unified interface reducing code overhead, physical space and confusion. Not to mention the need for stores to have a plethora of male-female, male-male, or female-female cables of a thousand different types on hand with customer service help required to figure out what cable you need to do what, often resulting in two adapters and a cable just to connect a device to a PC. When I'm working in the field, I frequently find myself having to run back to one of my suppliers to pick up a legacy cable that I seldom use, which costs time, gas money, and wear on my vehicle. Instead, I could carry a box of five or ten cables and be guaranteed that one of them will work with the peripherals they have on site. Otherwise, I could just borrow a cable from another of their USB/FireWire devices until I could get them a new cable.
You want choice? Do you still demand that software be ported to the Commodore 64 because it's such a tried and tested hardware platform? Do you want to go back to the days of an incompetent bus where you had to take half the cards out of your system and write down a map of IRQs and I/O addresses, then tweak half of them in order to install a sound card?
Back to floppy drives; I keep them in my systems because I need to support the lowest common denominator in my line of work, so I'll keep a floppy drive and disks around until less than 5% of my client base still have them. They're slow and unreliable, their bytes/square-inch ratio is horrible, and the media is far too succeptable to outside forces (moisture, sun/heat, magnetic forces, etc.) to make them a practical storage solution. One client recently got the idea in her head to back up their accounting workstation - on 800 floppy disks. It would have taken two (2) CD-Rs and perhaps an hour. She spent two days backing everything up. The lost wages alone would have covered the cost of a CD-RW drive, a field installation of same, and a spindle of CD-R discs. Then there's the lost productivity of having an employee and the accounting machine out of service for a day. Then there's the fact that if any of those disks fried, most of the backup would be useless (100MB+ datafiles spread across ~80 floppies = bad news).
When I need to use rescue tools on a workstation or server, sure, I could boot floppy disks. The first disk boots the system, the second disk contains mouse and additional low-level drivers, the third contains a partition management software package (stripped down to its bare essentials), the fourth package contains a (stripped down) copy of Ghost; a filesystem replication and backup utility, the fifth contains a small subset of hardware diagnostic tools, the sixth contains...
Instead, I carry a single CD-R disc labelled "rescue" with all that and more, including some 200MB of the more common hardware drivers I require in the field. It boots in less than 1/10th the time it would take a floppy to boot, and I can be instantly productive. Not in the case with floppy disks. Swap disks, wait, wait, run program, wait, wait, use program, close program, swap disks, wait, wait, etc. ad nauseum (and believe me, sitting staring at a blinking cursor for 60% of the time it takes me to complete an otherwise 15 minute operation is nauseating). I also have to keep second copies of each of my disks, which means carring around two disk boxes with me - just in case one of their floppy drives is damaged, won't read my first disk, or eats my first disk. So now with twice the space of a single 24-CD wallet, I've got less than 5% of the capacity of a single CD-R disc.
Back to USB; a unified interface for peripherals that can operate at high speeds is the way of the future, and I for one am glad to see legacy devices going out the window. There's no technical or practical reason for the industry not to take the step forward. Quite frankly, the people who want to use legacy hardware probably shouldn't be concerned with this anyways, since they're obviously more concerned with keeping their 386s up and running than with purchasing modern hardware anyways.
PS/2: Tried, true, and works with my old IBM clicky-clacky keyboard. I love that keyboard, and it's waaay more durable than any newer keyboard. I've spilled beer on it and it continues clacking away.
PS/2 <-> USB converter.
Parallel Port: I'd like to keep using my older printers and my old parallel Zip Drive. It's slow, but handy sometimes.
Get a print server for your old printers (two-ports can be had for under $100, and networking them is a snap), and buy a CD-RW drive. ZIP drives are slow, kludgy, low-capacity, and have a tendency to click your media (and drive) to death at a seemingly random time (usually disk 13 of 26 is the victim). Moreover, probably 95% or more of home and office computers have CD-ROM drives of some form or another, which makes CD-R/RW discs far more portable than the very, very slim market share of ZIP drives. CD-RW drives can be had brand-new for about $75CDN and can burn 900MB worth of data to a disc in approximately 1 minute 30 seconds. 900MB discs can be had for about $0.50CDN, 800MB CD-RW discs can be had for about $3CDN or less. How much does a 100 or 250MB ZIP disk cost, again?
Serial Ports: How else are you supposed to hook up a dumb terminal to your computer. USB?
Will the 0.02% of the population using dumb-terminals on their home PCs please stand up?
Seriously, there's no reason to drop these devices. Why not include them with the newer stuff.
Becauses the busses are slow, kludgy, and cost sillicon and valuable board real-estate that could be used for UATA133 or additional USB 2.0 (450+ MB/Sec) or IEEE1394 / FireWire (400+ MB/Sec) connectors, or to make motherboards smaller and/or less expensive.
Besides, USB is not to be trusted.
I'll assume you've got some figures to support this otherwise baseless claim?
Use another shell, and try your experiment. Then tell me IE loads any slower (or Mozilla is faster). Unless "wrapped up" means something I'm misunderstanding, here.
You're far too stuck on the explorer.exe shell. Windows is more than just an executable. Tell me honestly that you can remove all.DLL files related to Internet Explorer and still have a functional operating system.
BTW - Do try Windows XP before you make authoritative comments regarding things like Active Desktop, Internet Explorer, and integration.
BSD programmers already code for MS, haven't you read the license?
While that may be true (run `strings` against many Microsoft network applications, for example, and grep for "Regents". IIRC, NT4's ftp.exe was fun); what would be the shape of the world without BSD and its license? Who would exist for big iron servers, and who would pave the way for another free OS (Linux) to emerge into this market (it's inevietable; the market wants Linux, the market is going to get Linux, even if companies have to invest billions to do so), and what would be the shape of GPL, and other GPL'ed software had there been no BSD license?
Ideologically, people may prefer one or the other, but they're both complimentary (believe it or not).
We should be greatful for what BSD has done for us, rather than whining that "it's dead" and equating it to Microsoft.
Much as I hate the frequency with which this line comes up; it is not illegal to modify your purchased goods. I can modify it, replace the hard drive, DVD drive, controllers, I can open it up and run it 'au naturel', I can paint it purple, I can cut it in half, I can solder chips and wires onto the inside and outside of it, I can install Orbital CPU fans, I can put casters on it, or I can use it as a cat toy.
It is a physical piece of equipment, I paid for it, I can do whatever I want with it. (No, I didn't buy one, I was speaking in the hypothetical). So long, of course, as I don't use it to break other laws (eg; I can't hit someone over the head with it)
So by all means, mod up that XBox, install your favourite OS and watch movies on it. But don't expect your warranty to be upheld if (when) it fries.
Considering the quality of the rest of your post I'm dissappointed to see that you'd say something so blatently dumb. Perhaps you haven't been keeping up with the news lately... here's some non-Apache virii that have greatly impacted the Internet.
No, it wasn't blatantly dumb, but yes, they did affect a large quantity of the Internet. However, a large quantity does not equate to "the majority" by any means. Imagine the destructive DDoS effects of Nimda, Code Red, or Slammer doubled, combined with the side-effect of defacing 30 million websites in the process.
Starting to get the picture? Now do try and think before insulting one's intelligence.
It's been a well-known fact for some time that the netcraft numbers are badly skewed, since a couple of firms that park domains have thousands of generic pages running apache.
There are also a number of firms that park domains who have thousands of generic pages running IIS.
The monthly Netcraft survey analizes the results, and accounts for statistical oddities, like the months where one particular provider was waffling back and forth between Apache/IIS and causing a large skew in the numbers.
The fact remains, however, that Apache had a foothold long before IIS was unleashed to the Internet, has had a wider base of testers and more high-end applications than IIS. Whether or not the Netcraft numbers are accurate to within 2% or 5%, they do reflect an accurate picture of the state of the web, closer than any other survey has ever been, and as such are the most respected source of statistical web server data. But by all means, if you can show me a better source than Netcraft who disclose their methods, I'm all ears.
Public source code for software that is designed to protect isn't a great idea IMO. Would you want your home security system, complete with sensor locations, schematics, etc. posted in a book on your front porch?
Have I stepped out of Slashdot and into some kind of paralell universe where open source doesn't exist?
The schematics for my firewall and all public daemons ARE available, some of them even "at my front door".
Publicly available anti-virus and firewall software would be great (source code witheld), but then you run into the same problem MS has. Huge user base = greater draw to those looking to undermine the software = more security issues.
So there are twice as many Apache vulnerabilities as IIS vulnerabilities? And don't give me that "there are more Windows users... " excuse. If you want to affect the WWW at large, you attack that which comprises more than half the entire WWW, that being Apache. Were your logic correct, there would be a plethora of Apache vulnerabilities. The fact remains that a quality codebase, rather than a small userbase, defines the relative security of a product.
Sounds a lot like unfounded scaremongering by people who should know a lot better to me. 911 not only runs on a separate network (telephone != internet),
Actually, 911 service runs on the PSTN, as does a very large portion of the Internet. The two (Internet and PSTN) are very inter-twined, as are the vast majority of corporate (including bank) networks.
Remember, it was us geeks who convinced the suits that the Internet was the way to travel in the 21st century. Now it's our job to support that claim by providing them with a more reliable Internet.
And a 32-bit CPU can handle a 64-bit int just fine... it just takes longer to process.
I know; I was being ironic. I even included a smiley.:)
Moving to 64-bit native processors will speed up our overall systems; it'll make it infinitely easier for vendors to implement 64-bit instructions without having to emulate, or make multiple calls. It should bolster an overall efficiency increase in systems utilizing a lot of large memory/storage, as well as people using 64-bit storage even in lowered capacity. It will also pave the way for 128-bit calls to be made, since they'll only require two, opposed to three (or four) calls on existing 32-bit hardware.
The x86 architecture has been flawed basically from day one; this is a really good step in the right direction.
It is *always* helpful if you can wait 3 months. If you need a computer, buy one. If not, wait - you'll only be able to get more for less.
While this is true in almost all cases, with the release of 64-bit chips the situation is somewhat different. If I had $2k burning a hole in my pocket and wanted a brand-new machine, I'd really hate to buy a 32-bit Athlon mere weeks before the consumer release of 64-bit chips.
Release dates, even 'gray' dates, do help in planning one's upgrade. Also, I suspect that once the 64-bit chips start to become mainstream, the price of the 32-bit Athlons will plummet. Now it's not just a case of "more for less", but a case of "a lot more for a lot less".
With major technological leaps, it does make sense to be patient and follow the news.
Is anyone else more than a little afraid of some fundamentalist group launching a Ji-had (or some other faith based initiative) on the Net? I mean, there's an god-damn lot of blastphemy out here.
Since most of these large-scale DDoS attacks have been local in origin, the Bush administration's fear-mongering about Jihad's in cyberspace are little more than propaganda.
We should probably be more worried about socially stunted 15 year-old prodigies.
Personally, I am glad that somebody in law enforcement is taking active steps to investigate and shut down these worms.
Personally, I wish they'd spend a little bit of the money on public education. Start giving basic "Home Internet Security: 101" type courses in high schools so that the new crop of wIdiots have atleast a little backing in knowledge to take home with them. Maybe they can secure their parents machines and have an immediate effect on the state of things.
When you consider the sheer number of broadband subscribers in North America, and factor the number of them potentially vulnerable to any number of infiltration tactics, we can easily find ourselves facing 20k 1.5MBit connections. By my count, that makes for a LOT of aggregate bandwidth. DDoSs, information/identity theft are all infinitely possible.
This story only goes to foster the need for knowledge; all it takes is one, or a small group of concerted individuals who plan their attacks carefully, and the Internet can be crippled to a degree that we haven't seen thus far.
Corporations are another story. I believe firmly that they should be held fiscally responsible for the damage done at the behest of their bandwidth and servers. It's their responsibility to hire competent security personell to prevent attacks from using their larger-than-normal resources to aid in an attack. Maybe then competent IT people would suddenly find themselves facing thousands of job openings again, because it would be too expensive a risk for big companies not to have them on staff.
Every connection with an educated person at the helm who keeps track of security updates and is mindful of what they install/run is one less connection that can be used to attack those of us who do take this care.
These 'demo' CD's are not the SUSE distro - the only way to get that is to buy it you can not download it
You are incorrect, sir. You can, in fact, download the entire SuSE distribution fileset from their FTP site. All 5-odd gigabytes worth of it for every version. What you can not do, however, is download recent ISO images of their distribution. You are perfectly free to download the entire distribution and network-install it to your heart's content.
Go here if you're still not sure. If you'd prefer, you could use one of their FTP mirror sites located all over the world.
If you poke around, you'll find the RPMs for all binary packages as well as the sources of every (license permitting) package in their entire distribution. I count 2,072 source RPM packages.
For the record, up until the 7.0 release, SuSE always had downloadable, installable (not "live") ISOs of every release. Sometimes it came out later than their retail version, but it was always there, and I've got about six burned versions (up-to and including 7.0) to prove it.
I'm glad I don't have a policy with these people. It sucks when you go to certain lengths of care with whom you share your personal data and it gets stolen anyways.
Security, security, security, people. It's my (and your) information we're dealing with here. I'd sooner it not be put in the hands of the lowest bidder, Thankyouverymuch.
Even if they copy everything off of your hard drive and send it to their own servers, according to most Slashdotters, that is only copyright infringement (not theft), provided they don't delete anything.
This is why argument by analogy is so maligned here on Slashdot.
The analogy you refer to is most likely the distribution (rights?) of RIAA and/or MPAA sanctioned materials, including music files and movies, correct?
In order to download these, I do not need to violate any individual's privacy. Instead, I download (voluntarily) any number of freely available P2P applications and initiate transfers from people who have willingly configured their software packages to allow me access to a 'shared' portion of their own systems. These people populate this folder with files they have copied, downloaded, or created themselves. The source materials for these transfers were made available to the public by the aforementioned entities, so nobody had to violate their computer systems or physical locations to obtain the source.
There is no subterfuge involved, nor is there any involuntary transfer of otherwise private materials. (Vis, the files, e-mail, and information stored therein on my home PC(s)).
(Note that I am stating no position, pro or con, on the topic of P2P applications or their content, merely discussing your analogy. I don't want to open any further cans of worms).
They are not threatening you, taking your money and/or valuables,
...
IANAL, but if you sue them you might be able to pick up a keen $5000 fine. That figure doesn't include legal expenses, of course.
IANAL either, but I do believe there is legal footing for such a case. The users' computers are made to operate in a mannar in which they were not prepared, or willing to have it operate. Everything from the homepage being changed to software that alters the overall behaviour of the system to software of unknown quantity that opens potential security holes in the system.
The other factor to consider is the costs associated with repairing the system which are quantifiable. For example, if I have to visit a company and purge six office workstations of this software, the company is looking at not only a lost afternoon's work, but also a bill from me for $60/hour for anywhere up to six full hours. That's assuming that a) there are only six infected machines, b) the software is not in any way self-replicating, b) the software is readily removed from the systems, and does not ressurect itself. The other thing I would have to do while on the premeses is update all Windows installations (Windows Update) and all virus software and definitions as preventitive measure, thereby bringing the potential time per workstation up to the full hour mark, if not greater (dial-up would require either a long download, or a return to a broadband connection and CD burner to download the updates manually).
Long story short, since there are quantifiable costs, lost productivity, and damages that can be attributed to software of this type, I do believe suit could be brought against the makers. Based on the installation methods, I do believe fraud charges could also be lain.
A friend of mine was recently in hospital for extreme bloating, cramping, shortness of breath, nausea, and all sorts of other uncomfortable symptoms. The cause? A nut allergy. He's been a nut lover for all his life (atleast 30-40 years' worth of adulthood, anyways), often sitting down to a beer and a can of nuts in the evening and never encountered a problem before. But now it's potentially life-threatening if he consumes even trace amounts of almost any nut.
And no, he hasn't had any major transplants or transfusions lately. It just... happened. The doctors have no idea, either, partially since it doesn't run in his family.
We've got good DRP in our company, but it *still* costs money just to reboot (if only in sysadmin time.)
Maintaining up to date amd/or reliable servers is what sysadmin time is supposed to be for. If re-booting a server or two is required to prevent external access to your data, or your server becoming an amplifier for another DDoS attack, by all means do so.
Sure, there was a day in age where hardware and software could sit for years on end without a reboot (which is why so many old, eg FreeBSD systems still sit with their 2000+ day uptimes), but that day has come and gone. Hardware and software pace of change is accelerated beyond the comprehension of ten years ago, and so have crackers' abilities to infiltrate said software.
We're already well aware that the notion of a "trusted" network is false, based on the number of employees transporting systems between home and work, and the number of client-targetted worms/viruses/trojans, so firewalls will no longer protect us (completely). We can't just lock the door and hope nobody will find our bounty, we have to protect that bounty with the latest software patches.
This is no longer merely about protecting just our jobs, or the small wing of our own corporate sector; it's much more than that. Now our actions can affect multiple-billions of dollars of other peoples' money. It can affect our country's, as well as the world's economy. It can affect our national and foreign militaries, or it could even prevent Grandma from being able to pay her phone bill at her local ATM.
If you combine the number of existing, open vulnerabilities on client and server platforms with the readily available bandwidth to them (20000 clients @ 1.5MBits + 1000 servers @ 45MBits is a lot of "Oomph!"), and the relatively fragile nature of some of our most depended upon services (vis; the root name servers, of which there are only a limited number) and you've got a major recipe for disaster. Entirely too often do people take a lax approach to security because it's "too hard", but in a lot of cases where corporations are concerned, due to poor planning. An IT infrastructure can't be thrown together piecemeal; it has to be planned from the ground up to support;
Scalability
Redundancy
Disasier Recovery
Useability
Stability
Even if you only have one 'testbed' server for ten or twenty production servers, you should have the ability to put it online as a hot spare for any one of your servers, take the production server offline, spend as much time as required to get it operational, then switch the production server back into operation. This will likely mean distributing the load among other servers, atleast for a short period of time; so be it. Your servers shouldn't be running at full capacity anyways.
There should also be provisions for minimizing downtime in the event of catastrophic failure. Hardware failure, human error (tripping over power cables happens, unfortunately.:/ ), fire, flood, lightening, etc. Ideally, you'd have a redundant mirror of your servers in an alternate location, but that's for the Really Big Boys, so we'll just consider hot and cold spare servers for the moment, or even the ability to remove one server's load to another server, or group of servers. Having one server exclusively responsible for any single function goes back to poor planning. If your only database server goes AWOL, for example, your entire operation could well cease to function.
With good DRPs being as easy as one additional, lesser powered server, or even a minor software re-configuration (ie; in a load balancer), it's just pure silliness to use it as an excuse for not being up to date as far as security is concerned. That kind of apathy is responsible for the constant ass-kicing we're seeing on the global Internet nowadays, and I find it personally appalling and quite frankly insulting. People are taking up arms against me for having the audacity to desire competency and responsibility from sysadmins.
I've decided to make this my last post on the topic. If the monday-night quarterbacks posting here can't or won't look at, or understand the big picture, so be it.
Who the hell has their SQL server in the public side of their firewall? These things shouldn't be directly accessable to any worm.
Recent estimates say somewhere to the tune of 200,000 servers exposed to the public Internet. Others were likely infected backwards through DMZs or 'trusted' firewall rules.
Slashdot Mirror
That's why we're in a period of "grandfathering" in the new technology slowly. People with serial-based Palms will use them until they break down, or until they want a faster unit (the Tungsten is GORGEOUS, BTW!), at which point they will no longer require that serial port.
As for configuring networking gear and rackmount equipment, that, too, will slowly come around and start using new technology for their control interfaces. A time will come, in the not so distant future, where it will become financially unfeasable to implement legacy technology on new devices, because the support will be dissapearing, and the devices won't be as functional in the years to come. (Nowehere to connect them, legacy inter-connects will no longer be manufactured)
As far as removing legacy equipment goes; this is nothing new. IBM removed the floppy drive from their PC spec years ago. Almost their entire line of laptops for the past year or two up to today don't include them, except via special order, and even then many chassis don't come equipped with a space for the drive, so external (Hey! USB!) drives are required.
Put it this way; when I can run a single USB cable, or a small (4,5,8 port) USB hub to my desk (or get a monitor with the ports embedded in it) and connect a mouse, keyboard, scanner, pen drive, Palm (or other handheld), camera, microphone, sound system, TV / FM tuner / video capture device, hard drive, CD/DVD-ROM/RW drive, cell phone charger, floppy drive, printer, tablet, or any number of thousands of other peripheral devices to just those ports, the future has come. Believe you me, I've crawled under more desks and behind more copmuter work centres than I care to remember, and it's a huge PITA. So now I've got all sorts of wasted ports on the units that are used so seldom they often get caked with dust before I get a chance to plug anything into them.
Since that future is already here, and since motherboard/computer manufacturers have demand for a) more USB ports, and b) little to no demand for legacy ports, they're doing what any business would do; they're adapting to the new market condition.
You can still buy motherboards with a full suite of legacy controllers, so you're still ok for supporting all your legacy devices, and you will be for a long while. Slowly, those boards will exist less and less, and have fewer and fewer legacy ports (many new boards only ship with one DB-9 serial port instead of two, or one DB-9 and one DB-25 as in past), and more and more USB ports. The exact same thing happened with ISA slots. They went from the majority, to having an even split (often with one ISA/PCI slot 'shared'), to having only three per board, to one per board, and finally we see very few boards who include an ISA slot. That transition, much like the transition away from legacy inter-connects and storage mediums, will take time. Likely five years.
Five years in the computer industry is a long, long time. I can forsee 1GB/Second inter-connects and peripherals being as readily available in five years as 12MB/Second are today, and I may be under-estimating.
He said printers. Also, I was working under the assumption that he was looking to replace all the PCs in his household or place of business almost overnight, while maintaining his collection of slow paralell printers. After all, that would be the only reason he'd be concerned about the loss of paralell ports, no?
I'd love little more than for you to point out where I advocated purchase of a new legacy device.
The original statement was that USB is unreilable. But thank-you for quoting me out of context.
Now, would you care to answer the question?
You should probably consider preparing for the future. If one of your ZIP drives starts failing (in any of the ways in which they fail, including "My drive won't read this disk, but that one will", which is what caused a friend of mine to switch to CD-R at a time when the least expensive drive was ~$350), you're screwed. Besides, CD-R drives have so much more utility than ZIP drives. When I want to transport, ie, Windows 2000 SP3 to my parents' house, along with updated 30MB printer drivers, a Word Perfect Office service pack (@~80MB), along with about 200MB worth of additional drivers and updates, I hauled out a single 650MB CD-RW disk and burned the files in 5 minutes. I didn't have to pack an external ZIP disk, a floppy with drivers, and two-three ZIP disks to do it, either. Same goes for any of my customers' locations; they all have CD-ROM drives, but barely 1% of them have ZIP drives.
For the cost of a single ZIP drive, you could purchase two CD burners and a box of 5 CD-RWs
It's not that their send-to-device speed is slow, it's that the entire bus is slow. They require special host bridges to keep them from bogging the entire system down. That costs lots of resources to implement, and at this point in time with the present market saturation of USB devices and converters, there's no need to fumble with kludges anymore.
Why have you never cared for it? What on Earth is wrong with it? One plug type for ten thousand peripheral types, all with a unified interface reducing code overhead, physical space and confusion. Not to mention the need for stores to have a plethora of male-female, male-male, or female-female cables of a thousand different types on hand with customer service help required to figure out what cable you need to do what, often resulting in two adapters and a cable just to connect a device to a PC. When I'm working in the field, I frequently find myself having to run back to one of my suppliers to pick up a legacy cable that I seldom use, which costs time, gas money, and wear on my vehicle. Instead, I could carry a box of five or ten cables and be guaranteed that one of them will work with the peripherals they have on site. Otherwise, I could just borrow a cable from another of their USB/FireWire devices until I could get them a new cable.
You want choice? Do you still demand that software be ported to the Commodore 64 because it's such a tried and tested hardware platform? Do you want to go back to the days of an incompetent bus where you had to take half the cards out of your system and write down a map of IRQs and I/O addresses, then tweak half of them in order to install a sound card?
Back to floppy drives; I keep them in my systems because I need to support the lowest common denominator in my line of work, so I'll keep a floppy drive and disks around until less than 5% of my client base still have them. They're slow and unreliable, their bytes/square-inch ratio is horrible, and the media is far too succeptable to outside forces (moisture, sun/heat, magnetic forces, etc.) to make them a practical storage solution. One client recently got the idea in her head to back up their accounting workstation - on 800 floppy disks. It would have taken two (2) CD-Rs and perhaps an hour. She spent two days backing everything up. The lost wages alone would have covered the cost of a CD-RW drive, a field installation of same, and a spindle of CD-R discs. Then there's the lost productivity of having an employee and the accounting machine out of service for a day. Then there's the fact that if any of those disks fried, most of the backup would be useless (100MB+ datafiles spread across ~80 floppies = bad news).
When I need to use rescue tools on a workstation or server, sure, I could boot floppy disks. The first disk boots the system, the second disk contains mouse and additional low-level drivers, the third contains a partition management software package (stripped down to its bare essentials), the fourth package contains a (stripped down) copy of Ghost; a filesystem replication and backup utility, the fifth contains a small subset of hardware diagnostic tools, the sixth contains ...
Instead, I carry a single CD-R disc labelled "rescue" with all that and more, including some 200MB of the more common hardware drivers I require in the field. It boots in less than 1/10th the time it would take a floppy to boot, and I can be instantly productive. Not in the case with floppy disks. Swap disks, wait, wait, run program, wait, wait, use program, close program, swap disks, wait, wait, etc. ad nauseum (and believe me, sitting staring at a blinking cursor for 60% of the time it takes me to complete an otherwise 15 minute operation is nauseating). I also have to keep second copies of each of my disks, which means carring around two disk boxes with me - just in case one of their floppy drives is damaged, won't read my first disk, or eats my first disk. So now with twice the space of a single 24-CD wallet, I've got less than 5% of the capacity of a single CD-R disc.
Back to USB; a unified interface for peripherals that can operate at high speeds is the way of the future, and I for one am glad to see legacy devices going out the window. There's no technical or practical reason for the industry not to take the step forward. Quite frankly, the people who want to use legacy hardware probably shouldn't be concerned with this anyways, since they're obviously more concerned with keeping their 386s up and running than with purchasing modern hardware anyways.
PS/2 <-> USB converter.
Get a print server for your old printers (two-ports can be had for under $100, and networking them is a snap), and buy a CD-RW drive. ZIP drives are slow, kludgy, low-capacity, and have a tendency to click your media (and drive) to death at a seemingly random time (usually disk 13 of 26 is the victim). Moreover, probably 95% or more of home and office computers have CD-ROM drives of some form or another, which makes CD-R/RW discs far more portable than the very, very slim market share of ZIP drives. CD-RW drives can be had brand-new for about $75CDN and can burn 900MB worth of data to a disc in approximately 1 minute 30 seconds. 900MB discs can be had for about $0.50CDN, 800MB CD-RW discs can be had for about $3CDN or less. How much does a 100 or 250MB ZIP disk cost, again?
Will the 0.02% of the population using dumb-terminals on their home PCs please stand up?
Becauses the busses are slow, kludgy, and cost sillicon and valuable board real-estate that could be used for UATA133 or additional USB 2.0 (450+ MB/Sec) or IEEE1394 / FireWire (400+ MB/Sec) connectors, or to make motherboards smaller and/or less expensive.
I'll assume you've got some figures to support this otherwise baseless claim?
You're far too stuck on the explorer.exe shell. Windows is more than just an executable. Tell me honestly that you can remove all .DLL files related to Internet Explorer and still have a functional operating system.
BTW - Do try Windows XP before you make authoritative comments regarding things like Active Desktop, Internet Explorer, and integration.
While that may be true (run `strings` against many Microsoft network applications, for example, and grep for "Regents". IIRC, NT4's ftp.exe was fun); what would be the shape of the world without BSD and its license? Who would exist for big iron servers, and who would pave the way for another free OS (Linux) to emerge into this market (it's inevietable; the market wants Linux, the market is going to get Linux, even if companies have to invest billions to do so), and what would be the shape of GPL, and other GPL'ed software had there been no BSD license?
Ideologically, people may prefer one or the other, but they're both complimentary (believe it or not).
We should be greatful for what BSD has done for us, rather than whining that "it's dead" and equating it to Microsoft.
Much as I hate the frequency with which this line comes up; it is not illegal to modify your purchased goods. I can modify it, replace the hard drive, DVD drive, controllers, I can open it up and run it 'au naturel', I can paint it purple, I can cut it in half, I can solder chips and wires onto the inside and outside of it, I can install Orbital CPU fans, I can put casters on it, or I can use it as a cat toy.
It is a physical piece of equipment, I paid for it, I can do whatever I want with it. (No, I didn't buy one, I was speaking in the hypothetical). So long, of course, as I don't use it to break other laws (eg; I can't hit someone over the head with it)
So by all means, mod up that XBox, install your favourite OS and watch movies on it. But don't expect your warranty to be upheld if (when) it fries.
No, it wasn't blatantly dumb, but yes, they did affect a large quantity of the Internet. However, a large quantity does not equate to "the majority" by any means. Imagine the destructive DDoS effects of Nimda, Code Red, or Slammer doubled, combined with the side-effect of defacing 30 million websites in the process.
Starting to get the picture? Now do try and think before insulting one's intelligence.
</THREAD>
There are also a number of firms that park domains who have thousands of generic pages running IIS.
The monthly Netcraft survey analizes the results, and accounts for statistical oddities, like the months where one particular provider was waffling back and forth between Apache/IIS and causing a large skew in the numbers.
The fact remains, however, that Apache had a foothold long before IIS was unleashed to the Internet, has had a wider base of testers and more high-end applications than IIS. Whether or not the Netcraft numbers are accurate to within 2% or 5%, they do reflect an accurate picture of the state of the web, closer than any other survey has ever been, and as such are the most respected source of statistical web server data. But by all means, if you can show me a better source than Netcraft who disclose their methods, I'm all ears.
Have I stepped out of Slashdot and into some kind of paralell universe where open source doesn't exist?
The schematics for my firewall and all public daemons ARE available, some of them even "at my front door".
So there are twice as many Apache vulnerabilities as IIS vulnerabilities? And don't give me that "there are more Windows users ... " excuse. If you want to affect the WWW at large, you attack that which comprises more than half the entire WWW, that being Apache. Were your logic correct, there would be a plethora of Apache vulnerabilities. The fact remains that a quality codebase, rather than a small userbase, defines the relative security of a product.
Nice troll, though. It looked really sincere.
Actually, 911 service runs on the PSTN, as does a very large portion of the Internet. The two (Internet and PSTN) are very inter-twined, as are the vast majority of corporate (including bank) networks.
Remember, it was us geeks who convinced the suits that the Internet was the way to travel in the 21st century. Now it's our job to support that claim by providing them with a more reliable Internet.
I know; I was being ironic. I even included a smiley. :)
Moving to 64-bit native processors will speed up our overall systems; it'll make it infinitely easier for vendors to implement 64-bit instructions without having to emulate, or make multiple calls. It should bolster an overall efficiency increase in systems utilizing a lot of large memory/storage, as well as people using 64-bit storage even in lowered capacity. It will also pave the way for 128-bit calls to be made, since they'll only require two, opposed to three (or four) calls on existing 32-bit hardware.
The x86 architecture has been flawed basically from day one; this is a really good step in the right direction.
So that mainstream media will never be able to harp on the "Y2K+38" crisis. I'd love to see that solved with three decades to spare. :)
Mmmmm.. 8-way Opteron..
I think I'm horny.
While this is true in almost all cases, with the release of 64-bit chips the situation is somewhat different. If I had $2k burning a hole in my pocket and wanted a brand-new machine, I'd really hate to buy a 32-bit Athlon mere weeks before the consumer release of 64-bit chips.
Release dates, even 'gray' dates, do help in planning one's upgrade. Also, I suspect that once the 64-bit chips start to become mainstream, the price of the 32-bit Athlons will plummet. Now it's not just a case of "more for less", but a case of "a lot more for a lot less".
With major technological leaps, it does make sense to be patient and follow the news.
Since most of these large-scale DDoS attacks have been local in origin, the Bush administration's fear-mongering about Jihad's in cyberspace are little more than propaganda.
We should probably be more worried about socially stunted 15 year-old prodigies.
Personally, I wish they'd spend a little bit of the money on public education. Start giving basic "Home Internet Security: 101" type courses in high schools so that the new crop of wIdiots have atleast a little backing in knowledge to take home with them. Maybe they can secure their parents machines and have an immediate effect on the state of things.
When you consider the sheer number of broadband subscribers in North America, and factor the number of them potentially vulnerable to any number of infiltration tactics, we can easily find ourselves facing 20k 1.5MBit connections. By my count, that makes for a LOT of aggregate bandwidth. DDoSs, information/identity theft are all infinitely possible.
This story only goes to foster the need for knowledge; all it takes is one, or a small group of concerted individuals who plan their attacks carefully, and the Internet can be crippled to a degree that we haven't seen thus far.
Corporations are another story. I believe firmly that they should be held fiscally responsible for the damage done at the behest of their bandwidth and servers. It's their responsibility to hire competent security personell to prevent attacks from using their larger-than-normal resources to aid in an attack. Maybe then competent IT people would suddenly find themselves facing thousands of job openings again, because it would be too expensive a risk for big companies not to have them on staff.
Every connection with an educated person at the helm who keeps track of security updates and is mindful of what they install/run is one less connection that can be used to attack those of us who do take this care.
</RANT>
Asphyxiation, huh? I bet I could otherwise occupy my mouth long enough ...
You are incorrect, sir. You can, in fact, download the entire SuSE distribution fileset from their FTP site. All 5-odd gigabytes worth of it for every version. What you can not do, however, is download recent ISO images of their distribution. You are perfectly free to download the entire distribution and network-install it to your heart's content.
Go here if you're still not sure. If you'd prefer, you could use one of their FTP mirror sites located all over the world.
If you poke around, you'll find the RPMs for all binary packages as well as the sources of every (license permitting) package in their entire distribution. I count 2,072 source RPM packages.
For the record, up until the 7.0 release, SuSE always had downloadable, installable (not "live") ISOs of every release. Sometimes it came out later than their retail version, but it was always there, and I've got about six burned versions (up-to and including 7.0) to prove it.
Security, security, security, people. It's my (and your) information we're dealing with here. I'd sooner it not be put in the hands of the lowest bidder, Thankyouverymuch.
This is why argument by analogy is so maligned here on Slashdot.
The analogy you refer to is most likely the distribution (rights?) of RIAA and/or MPAA sanctioned materials, including music files and movies, correct?
In order to download these, I do not need to violate any individual's privacy. Instead, I download (voluntarily) any number of freely available P2P applications and initiate transfers from people who have willingly configured their software packages to allow me access to a 'shared' portion of their own systems. These people populate this folder with files they have copied, downloaded, or created themselves. The source materials for these transfers were made available to the public by the aforementioned entities, so nobody had to violate their computer systems or physical locations to obtain the source.
There is no subterfuge involved, nor is there any involuntary transfer of otherwise private materials. (Vis, the files, e-mail, and information stored therein on my home PC(s)).
(Note that I am stating no position, pro or con, on the topic of P2P applications or their content, merely discussing your analogy. I don't want to open any further cans of worms).
IANAL either, but I do believe there is legal footing for such a case. The users' computers are made to operate in a mannar in which they were not prepared, or willing to have it operate. Everything from the homepage being changed to software that alters the overall behaviour of the system to software of unknown quantity that opens potential security holes in the system.
The other factor to consider is the costs associated with repairing the system which are quantifiable. For example, if I have to visit a company and purge six office workstations of this software, the company is looking at not only a lost afternoon's work, but also a bill from me for $60/hour for anywhere up to six full hours. That's assuming that a) there are only six infected machines, b) the software is not in any way self-replicating, b) the software is readily removed from the systems, and does not ressurect itself. The other thing I would have to do while on the premeses is update all Windows installations (Windows Update) and all virus software and definitions as preventitive measure, thereby bringing the potential time per workstation up to the full hour mark, if not greater (dial-up would require either a long download, or a return to a broadband connection and CD burner to download the updates manually).
Long story short, since there are quantifiable costs, lost productivity, and damages that can be attributed to software of this type, I do believe suit could be brought against the makers. Based on the installation methods, I do believe fraud charges could also be lain.
And no, he hasn't had any major transplants or transfusions lately. It just... happened. The doctors have no idea, either, partially since it doesn't run in his family.
Maintaining up to date amd/or reliable servers is what sysadmin time is supposed to be for. If re-booting a server or two is required to prevent external access to your data, or your server becoming an amplifier for another DDoS attack, by all means do so.
Sure, there was a day in age where hardware and software could sit for years on end without a reboot (which is why so many old, eg FreeBSD systems still sit with their 2000+ day uptimes), but that day has come and gone. Hardware and software pace of change is accelerated beyond the comprehension of ten years ago, and so have crackers' abilities to infiltrate said software.
We're already well aware that the notion of a "trusted" network is false, based on the number of employees transporting systems between home and work, and the number of client-targetted worms/viruses/trojans, so firewalls will no longer protect us (completely). We can't just lock the door and hope nobody will find our bounty, we have to protect that bounty with the latest software patches.
This is no longer merely about protecting just our jobs, or the small wing of our own corporate sector; it's much more than that. Now our actions can affect multiple-billions of dollars of other peoples' money. It can affect our country's, as well as the world's economy. It can affect our national and foreign militaries, or it could even prevent Grandma from being able to pay her phone bill at her local ATM.
If you combine the number of existing, open vulnerabilities on client and server platforms with the readily available bandwidth to them (20000 clients @ 1.5MBits + 1000 servers @ 45MBits is a lot of "Oomph!"), and the relatively fragile nature of some of our most depended upon services (vis; the root name servers, of which there are only a limited number) and you've got a major recipe for disaster. Entirely too often do people take a lax approach to security because it's "too hard", but in a lot of cases where corporations are concerned, due to poor planning. An IT infrastructure can't be thrown together piecemeal; it has to be planned from the ground up to support;
Even if you only have one 'testbed' server for ten or twenty production servers, you should have the ability to put it online as a hot spare for any one of your servers, take the production server offline, spend as much time as required to get it operational, then switch the production server back into operation. This will likely mean distributing the load among other servers, atleast for a short period of time; so be it. Your servers shouldn't be running at full capacity anyways.
There should also be provisions for minimizing downtime in the event of catastrophic failure. Hardware failure, human error (tripping over power cables happens, unfortunately. :/ ), fire, flood, lightening, etc. Ideally, you'd have a redundant mirror of your servers in an alternate location, but that's for the Really Big Boys, so we'll just consider hot and cold spare servers for the moment, or even the ability to remove one server's load to another server, or group of servers. Having one server exclusively responsible for any single function goes back to poor planning. If your only database server goes AWOL, for example, your entire operation could well cease to function.
With good DRPs being as easy as one additional, lesser powered server, or even a minor software re-configuration (ie; in a load balancer), it's just pure silliness to use it as an excuse for not being up to date as far as security is concerned. That kind of apathy is responsible for the constant ass-kicing we're seeing on the global Internet nowadays, and I find it personally appalling and quite frankly insulting. People are taking up arms against me for having the audacity to desire competency and responsibility from sysadmins.
I've decided to make this my last post on the topic. If the monday-night quarterbacks posting here can't or won't look at, or understand the big picture, so be it.
Recent estimates say somewhere to the tune of 200,000 servers exposed to the public Internet. Others were likely infected backwards through DMZs or 'trusted' firewall rules.
You'd be amazed what a solid sysadmin with a zero budget can do with scrap metal.