I'm suprised that ISP's don't provide some kind of firewall on their side, and charge people for it.
Like imagine when you sign up for compnay's X DSL they offer a firewalled connection, or a non firewalled.
For the simple users ( my mom ) you could have a default firewall that just blocks windows ports that have know exploits. Does 445 really need to come in from the outside world
For the more advanced user you could have an interface that allows them to choose which ports.
How hard would it be to setup a dynamic firewall solution like this? People would pay 5 to 10 bucks a month extra for it. Even someone like me so I don't have to use a router. I just don't trust a desktop firewall.
For one, it is not like if everyone on the planet started using it microsoft would loose any market share. Firefox runs on windows. I have IE and firefox on my XP box. It is not going to make people use Linux, and both ff and IE are free.
Second, as a web developer I'd rather use IE with google toolbar any day of the week. Everything from the way firefox handles spans to basic tables is most annoying. CSS is very buggy, as is DOM among other things. Not to mention the differences with plugins. The developer tools are nice, but you can get those for IE with a litte effort.
If you ask me I'd throw out Netscapes crappy engine and write a new one from scratch, then it might have a chance.
Firefox is a great thing for Linux, but as a Windows user with IE it don't mean crap. I do agree that it is probably more secure, but with proper patching and SpyBot I don't have any issues.
Finally, the browser war was a cold war. In the long run it just proved that Netscape had no real business model, and MS can actually write a half way decent program, albeit not very secure. So any talk of a "another browser war" is just a waste of breath. Go run or something for christ sake.
The article claims that hard drives are starting to clammer for 16 mb caches. It seems odd that no one has come out with a standard cache expansion kit.
A mother board with an ATA chipset that could plug in older dirt cheap SRAM or even newer DDR or better. Imagine a 4 gig cache of SRAM attached to your harddrives. A machine left on for a while would start to smoke.
I have some really highend SCSI raid controllers that allow 256 megs of cache...I wonder why there is a product out there to add cache to an existing ATA system. Obviously cost is an issue, but it seems like this sort of thing would give a big bang for the buck. High end games will pay anything for a 5% perf increase.
This sounds like the thing the Linux community would say.
I highly doubt that ATMs are hooked up to the internet, so normal worms would not apply. Maybe if someone could take out a slew of ATM from the same supplier by hacking in to their network.
Then we have to imagine that the people would use some kind of firewall to protect the machines, and that they have thought about this as any half way intelligent coder/admin would.
That said, Linux has had many a buffer overrun, and has been attached just as much. Networked computers have serious security issues, regardless of the OS.
Come on slashdot editors, be a bit more professional.
Tablespaces are nice, but they really need to create database files that can contain objects. This is a major feature that most of the big boys have.
That is you allocate one file to a certain size. The file is a collection of database pages. Each page can be used by a table or index to store data.
This makes for much faster backups, and management. I can detach a database, copy the file somewhere, and reattach. There is a lot less file overhead since you lock on to a few files, versus a different file for each table/index. If your db has 100's or 1000's or tables this can really create a lot of overhead. If each table has a handful of indexs this can really mulitply.
Also you can attach different tables and indexs to different files and create groups of files. Then you can span these file groups across different drive subsystems to get really really good performance. This can even allow you to put non crucial data in another file that can be put on a super cheap drives, like debugging information or such. Tablespaces at least allows you to do this.
File per object is one of those things that really seperates postgresql from true enterprise level databases. Having a write ahead log used to be the other. You really need a db system that deal with pages, not files.
All in all though this is an important step for postgres, and maybe we will see single database files in the next version.
I said above the incoming ports is the cause of spam. This isn't really true, since bots connect to port 25 and start relaying email.
In some case spamming is the result of a worm, and some people with IIS installed have open relays.
In the long run the solution to spam may be to create a list of acceptable email servers. So unless you are "real" email server you can't connect and send email to a user.
Another solution maybe to attempt to connect to the server of the from address and see if it is real before delivering the message. In that case you must have port 25 open, and have a registered MX record. Having port 25 open maybe rated higher for non hosting centers, this would make it harder for the spammer even if they could pay to have 25 open. If you sent out 1000 spams, and each of those had to make a connection to your box and verify that a message was real it could add pretty quickly. You could bomb someone this way I suppose by sending spam with a from address of a valid address and cause their bill to spike. This could be reported and the server that tried to relay incorrect information could be blacklisted and if in a country with the right laws shutdown.
These ISP should consider blocking incoming ports for homes, minus ports need to say run an IP over phone service. Of course smart people will use the port, but if the port is actually rated differently then they might not.
This would stop the spread of viruses, because no one could be connected to. I'm behind a firewall, and except for my Overnet forwarded ports I have no need ( and you know that I really don't need Overnet ).
This would be the biggest difference between home and business accounts. On the home side opening up a port for their IP phone based service would be key. They could allow unlimited calls in their network, and charge lower fees for others.
If made standard enough then a whole slew of other companies could compete against each other. You pay SBC for the open port, then pay the other provider for the phone services. 5 bucks a month for the port, and then the rest based on usage with the actually phone company. Phones calls made to other Voice-IPs on a different network are rated lower, then those with a normal POT line.
At the same time they should allow ports to be opened, and then charge bandwith. So you could run a web server they open up port 80, at the same time you actually get a free firewall of sorts.
Piracy would not happen so much if the entertainment industries would get there heads out of their buts and offer good digital forms of albums and movies at affordable prices. The fact that no one has come up with a good "record" file that contains all the tracks of a record is proof of this.
Being able to download movies that are playing in the theatures for 15 bucks is essentially the same thing as going to theature. Yes you loose some money when two or more people see it, but you don't have to pay to distribute it, or take cuts from the venues themselves.
Chances are you might loose some DVD sales, but people buy DVDs to have a permanent high quality copy of video. I'd still buy the DVDs so I could then encode them to Tivo like device ( at the least my current favorites ) and then be able to do it again when I upgrade, or the hardware fails. Backing up 100s of movies can be kind of a daunty task for a technical person, and impossible for your average consumer.
Even if the viewer program deleted the file after 2 weeks that would keep most people from keeping them forever, most people feel better about doing something the right way.
In short I think we need to find a balance. The wild west days of the internet need to stop for better security, and better QOS. Yes I think we need the ability for people to distribute information more freely, but that is what bloggs are doing. How many of use really need to run a web server on the internet anymore, especially with all the blogs, and free web space provided by ISPs. The answer is your really don't, except that it feels like freedom is being taken away by not having them. Freedom comes with cost, and the cost of this freedom has shown to be great, the cost has been spam and worms.
Most test actually look for byproducts of a condition, verus the condition itself. However, this makes me wonder if you catch the "good" aids virus if you will test positive for HIV.
We would then need another way to test to see if you have any of the real thing, or just caught the unreal thing from someone else.
I wonder if it gets passed from Mother to child...usually aids doesn't, but there is still a pretty good chance.
I hope either Iomega, or another company will take this idea and make them into a solution that can be changed mechanically. Tape changers today still suck, and are super expensive.
I'd like to see something like the mini harddrives ipod and other devices use turned into a tape replacement solution. Imagine a cartridge of these that simple sides forwards and backwards, and a "head" that is really an miniture Serial IDE interface that plugs into the drive, powers it up, and then writes or reads.
Take it one step further and stripe these. Write in duplicate to three of these suckers. If one fails you've got two backups. When you read you get much faster results. Even further, create a brick of them, and you don't even need a movable head/interface.
In a few years these little drives should reach 100's of gigs. The day of tapes should be coming to an end...I always think of one of those old movies with the reals spinning in the background.
Time and time again I turn to non open source solutions because they simply are more complete. Another term is also "commerical qualitity". MS doesn't put out products that have broken buttons, and crappy images. They don't have desktops that look like crap, and are hard to navigate. A front end is put on everything, by the same team that puts out the backend.
Even things like installers for your apps versus a centralized approach like RPMs or Debian packages have a big impact. People have to be able to double click, and get a friendly click next 10 times kind of install. You can argue that this is just because they are used to it, but it doesn't really matter, they want it. You can pull of the same thing if you make sure you OS can detect them on a double click, but you also need the packages to contain a way to make the install look like it is from them.
The OS community is growing in the server market and tech departments because most of us don't care about it. Still some of us are busy developing on top of the server and don't want to have to deal with a lot of the server maintance stuff. Windows NT strikes a balance.
Another peave I have with the *nix approach is the use of OS based sub-systems to pull off functionality. It is a very valid approach to problems, but one that I don't particularly like and is a reason why Windows does better then *nix in the larger sense IMHO.
An example of what I'm trying to say is using things like file system links to pull things off, verus having a file that repersent a shortcut. Using a link for a web sever to redirect, verus the web server having a list of those links, Also using a list of shell scripts to pull something off, versus having a GUI tool that integrates them directly.
The large impact that this has is that it makes every program more dependent on large sets of smaller executable tools. Windows has a GUI for everything, and in most cases command line tools in the resource kit for those that need to write scripts. Having a GUI for everything just makes them look more professional, versus having to learn configuration files and such. With XP these things are even dumbed down to amazing levels. MS knows this, and Linux doesn't want to admit it, we can't turn the world into a bunch of command line whizs.
Most open source tools have a GUI or some kind of configuration helping tool, but most are from another party that is affiliated with the main group. IT execs hate this. If you are going to put out a product, put out a complete one. Everything has to have a unifing theme.
SQL servers use a page caching system generally. That is the database exists on the harddrive as a series of xK pages ( 8k pages for MS SQL server ).
As a page gets loaded from the harddisk it is loaded into the server's cache. Any read/writes are done to memory and not the disk. Background process write the pages to disk that are dirty. All transactions are written to the transaction log so if the server crashes before this happens recovery can happen when the db starts back up.
This means that a large portion of the data is already in memory. Servers usually pre-allocate gigs of memory for this purpose, the more the better and a big reason for 64 bit on large dbs.
Under x86 caching schemes, the CPU does speculative loads. It "guesses" what memory the processor is going to need and starts loading it into high speed cache. This is perfect for a db since most of the time the db pages you need are in sequential order. Especially when you are talking about pages that only include indexing data. The query usually does most of it's work using indexes, and then at the end will actually "lookup" the data.
So bigger caches mean that these big binary trees get loaded into cache and the algorythms can loop through them faster and pull off the cache.
Take this into the Itanium world and we can start to get even better performance. The thing people tend to forget about Itanium is that you can tell it to load you data into cache. So an optimized DB server can have it read this large section of code into the cache while it does calculations. Itanium allows 3 instructions to be loaded. Once hypertheading is put into Itanium you will see these DB apps really fly. Itanium is showing good promise in this arena, even at 1.5 GHZ. Clock that up to 2 to 3ghz with multiple hypertheaded cores and we are going to have one fast chip for dbs.
The big issue is the price, if you are going to spend that much money, go with the proven Sun/IBM. Itanium is set to replace the Xeon by 2007 ( I'm guessing before then because of scaling issue on the Xeon and x86 emulation software giving decent 32 bit for legacy apps ).
I really think Intel needs to push their Itanium. MS likes it, Linux likes it, a few db servers like it, and a slew of other high performance, server based things. I don't see how Intel is going to scale against the Oppie. Not unless they stick a on-die memory controller. Hypertheading and the new thread based instructions will help though. Should be an inresting battle. I'll be happy if AMD can get 10% to 20% marketshare, then we will see some true competition and innovation like we have on the desktop.
I really don't understand why Intel is handling this so poorly. Someone in the higher ups must have thought this to be a horrible end of the world type of thing. In my mind it isn't. They have ended up making Intel look worse if they would have just quitely said, we are supporting x86-64...which is compatible wiht AMD, at the end of the sentence.
AMD is an x86 processor. Something Intel invented. Becuase of the agreement between Intel and AMD over the use x86, Intel can use the new extensions without paying royalties.
A) The only people that might loose faith in Intel are some techies, most of who are already AMDFanBoys ( and girls ) anyways. The average consumer ain't going to care who created the 64 bit extensions.
B) AMD DID THE WORK. No need waste time designing the specs out.
C) MS has an OS ready to go out the door, no time waiting for you apps to be deployed.
D) AMD has spent a lot of time marketing the technology, all you have to say is we do it with more GHZ ( please don't let the GHZ thing spin off into another thread ).
E) You've got something to help ease the pain between your Xeon and Itanium lines.
This is a good thing for Intel. Sure you are copying AMD's instruction set, but lets face it, compared to the man hours needed to actually implement the instruction set in trannies, an instruction set is pretty simple. Intel saves money, says hey look we are not a monopoly anymore don't hate us, and has a good product.
Intel made a bad PR decision, they should just admit it and move on.
The best current solution is really the only one. Have a list of friendlies ( possibly with server information ).
How often do you get an email from a complete stranger that you really want to read. For most personal accounts you have a limited set of email buddies, a lot like an instant messenging service. Building this list is the big issue.
Say you buy something from amazon.com, or another site. The web application needs to be able to add itself to your friendly list. Of course this does not happen automatically, but with something you click. A simple standard would not be that hard to devise so any mail client could recieve the message. Upon receiving the message the user is asked if the email is a friendly. At this point the program could check for a valid MX record, and a slew of other tests to see if the record is valid and issue a warning, or give the green light.
Now if the email is webmaster, or your the kind of person that does get lots of emails from people on the Web, like a CmdTaco you need some more tools. But current spam checkers matched with MX lookup could seriously limit the number of records. You could also do some kind of verification routine where your email program sends an auto-response with one of those pictures. This has gotten worked around with letting porn surfers answer the question for you, but I'm sure it won't be long before people write bots to answer the porn guys wrong.
MX lookup I think will be the first step. If you can reverse an address, then ask that server if the email is authentic, and even give a CRC/timestamp to see if the email came from it. This would make it harder to run your own email server, but if you doing this you probably know what the hell MX records are.
I always felt that this would be super simple to pull off with a stationary bike attachment.
If you have a bike you can go out and get an speedometer for it for almost nothing. Mind you a nice one will cost about 50 to 100 bucks or more depending on how fancy you want to be.
The point is this works by simpling install a magnet on the wheel, and a sensor on the frame. Then you can sense the velocity.
Now connect this to an Xbox controller and you got a work out. The controller would have to have a kind of min/max setting. Say you stop the bike completely, the game hits the pause, or start button. Once you hit a certain min range, basically just a few rpms a second you just stand there. the faster you go over this range the joystick is slowly pushed up on the controller, obviously not physically, but since the joystick is analog you could get good range.
Obviously turning is still going to be a button, but a good stationary bike will burn calories, and I think has been proven to help loose weight in combination with a good diet.
This was actually used in an arcade game, I forget the name. You where on a hang glider type of bike thing. The faster you pedalled the faster your propeller went. I'm really suprised that Bally's didn't pick up on this. The arcade wasn't successfull because no one wants to go to an arcade an sweat!!
I'm a biker to, so I'd love to get my daily workout, and get some project gotham 2 in at the same time.
This brings up an interesting point about OEMs and patching. I've never bought a Dell, I usually build my box. Does Dell ship with the latest service pack as soon as it is available, and do they apply this critical patches to the line immediately or at all? I would at least expect the lastest service pack to be on.
Another idea would to simply put the machine in a safe boot mode when the machine first comes up. This basically blocks all incoming traffic, and then attempts to connect to the MS site. Either via dial-up, or attempts to do a DHCP thing. Maybe even fire this the first time the network is initiated. It would definately stop the machines from getting infected before they can get patched.
office celebrations
on
Cube House
·
· Score: 4, Interesting
We do this stuff at our office all the time. Usually for birthdays and the such. I really should throw together a web page with all the pics sometime.
The best ones so far where.
We took a bunch of cubicles and covered them with taped together black trash bags. This created a very cool cave. We put plants and a fog machine in as well.
Our boss is from Alabama, so for his birthday we decorated the whole office like some kind of back woods farm. We took his desk out and replaced it with a piece of plywood, and put a bail of straw in his office. We all dressed up in overalls and even staged a wedding ( the groom was at gun point and the bride about 8 months along ).
The next year we staged a murder mystery with our unexpecting boss at the middle of it. His brother was murdered and he had to figure out who it was. We staged it like a 30's private eye office.
For my birthday the guys decorated my office like a rave. Including a bunch of techno and monitors with cheesy colorful screen savers. Again the smoke machine was brought in, and they all laughed as I got lung cancer and couldn't even see my screen.
We've made people where bunny suits like at an amunsment park, had a toga party theme, made people work in a tent all day, and a whole lot of other things.
We've been slacking as of late with less revenues and more stress, but this stuff can really really boost morale in your office. We are a small company with very few rules, so we can get away with this stuff, if you can go for it.
Once again someone is going about feeding a huge number of consumers ( the human population ) with centralized sources. Although this is convient it does not scale.
Why not put solar panels on everyones house. Or on the top of building and have them feed battery array.
Or create lots of small fuel cells instead of one big coal power generator.
Or have our new cars charge themselves and then the power grid with solar/fuel cell combos.
Microwaves power is such a cool, but stupid idea. Kind of line nuclear power. Lets create a really expensive solution that leave nuclear waste for our kids to deal with, great....think outside the box people.
Why are ISP's not doing some level of firewalling.
This would probably help kick start it, in an effort to not allow it to take effect.
Obviously they don't want to piss off their customer base because some messenger thing won't run, but almost everyone is going and getting a cable/dsl router to protect themselves and doing port forwarding if they are smart enough to even host something.
Why not do this at the ISP, why aren't ISP monitoring their own customers and telling them they are infected, or taking them off the network if they are. Hell, offer a $20 an hour service to fix it with some kind of remoting software. People would love that. ISPs should become support shops, they are already connected to your box, and their are a lot of admins without work right now.
The movie industry doesn't have to worry so much as the music industry for several reasons, mainly because they know not to gouge their customers.
Let's compare the two.
1) Movies come out in theaters for about 8 to 12 dollars, sometimes cheaper. This is as close to a live concert as your going to get. A live concert tickets for a major band is easily $30 dollars. Not to mention having to wait in a really long line, and deal with all the kids. Go to a movie on a Tuesday, sneak in a coke in your pockets or girlfriends purse and your cool.
2) Once out on DVD you get all kinds of extras, and a really high quaility piece of art. CDs are cds, they don't make them with surround sound or anything special. No video of live concerts or anything. And you usually have to pay 18 bucks for them, even when they have been out for 10 years! You can get all those marginally good movies for $10 bucks in those bins.
3) Movies can cast 10s of millions, while CDs could be made for near nothing. Yet they continue to sell for about the same and they just trust the user to want a collection.
I think the music industry could learn a thing or two. I don't really think we need multi-million a show tours. I don't want a million lights and gimics. I just want to see a live band for a decent price. I wish I liked phish, cause then I could get it. Why must I pay $100 bucks for a Radiohead concert. What ever happened to the arena concert?
Not to sound like RMS, but what exactly do we mean by is Linux more secure.
We really need to say is Linux, Samba, Apache, Mozzialla.....more secure then windows core ( which would include things like the DCOM exploit ), or SMB, IIS, and IE.....
The real question here is, can one company be as secure as the open source community.
This is a really complicated question. In one way you could say yes, because of the huge testing advantage an OS project has. This could also be turned to no if no one gives a fly f*ck about the project except its core developers and it doesn't get tested. Microsoft has a disadvantage about testing, but a much more real obligation to provide secure systems. Linux users like to boast, but windows has a very real financial obligation ( they are public ).
MS is going to get hit more, because they have more users, and the users they have are not always up to date or as intelligent. They also have a lot of people who blindly hate them. This is actually going to be to their advantage in a few years.
There are two very real problems with MS and the way they go about patches that I see, two problems that Linux is on top of.
1) most require a reboot.
If this wasn't the case, it would be perfectly okay to automatically patch. My production database server couldn't be patched right away because it needed the uptime ( I had 225 days before the damn blaster thing ) and we can't afford a cluster to switch over to while we upgrade. I tried every work around, but ultimately I had to patch and restart the thing at midnight on a Saturday. I'm sure on a linux box I could have fixed the exploit without bothering my database box. Or maybe I'd have to disable a feature while it happened.
2) Patches not very available.
I remember MS's site went down the day I was patching for the dcom exploit, because of a DDOS, but this is retarded with the web. They should affiliate with trusted providers like download.com to make sure you can get to these.
MS puts out some good products, sometimes they make stupid mistakes in design ( but sometimes so does the linux kernel ). The real advantage here is that Linux patches itself ( the community ) while MS seems to always have a security firm find there crap. There was absolutely no reason to have a buffer overflow in DCOM, none, zilch, zero. If it had been some weird or interesting exploit I would have felt something for them, but a buffer overrun, get your crap together.
The same goes for C/C++ linux guys. I'm suprised there hasn't be a security library standardized. Java guys can rest easy, at least for the buffer overruns, but there are plenty of ways to write an insure java app.
I think overall the response was good to blaster, but worms do have a real threat, but they utlimately the immune system of our computers ( their programmers ) will figure a way around.
I know they are not easy, but I've been reading about basic hardware for a while, and I do think it is possible to learn without drinking for four years ( going to school, just kidding I'd like to have gone, but it isn't for me. ).
I've applied and got denied to a engineering schools, even though I'm making good money and have good job security not even having a college degree in the software world.
I feel like I could learn this on my own, not overnight, you cannot become anything good overnight.
I think FPGAs at least allow someone who doesn't have access to expensive schools and even more expensive labs a chance to learn hardware designs. And I think there are actually some suprising similiarity's between hardware and software.
Plus software can take a lot of testing as well, and it isn't as easy to define sometimes. Logic functions usually work with a pretty small vector. The number of permutations can be huge, but can also be defined. Theorectically it is possible in a complex application, but hard to think about.
I think these are the coolest things to come around since high level languages.
I've done some reading on VHDL and other languages used to program them. It would also be a fun hobby and a great way for open source to venture into the hardware realm.
VHDL compilers are platform specific, so as the FPGA platform evolves the code written can be tweeked and recompiled to run faster on new chips. You could also take the compiled result and do additional tweeking to create an IC. It could also be possible to re-compile on the fly if the industry got standard enough, even running through an emulator if need be.
FPGAs can even load new code as they are running, pretty fast to. So you could have librarys in memory and move them into the processors as they are needed. This allows for a much more complex program to be in hardware.
Memory bandwith and memory in general seem to be some limiting factors, but are being addresses as they evolve. I think eventually they will be like a normal CPU, surrounding the FPGA.
FPGA designs ( the fpga itself ) are usually a lot simpler then a normal CPU, so manufactoring them on smaller processes like 90 nm and lower will be easier, of course not a cake walk either.
Check out http://www.xilinx.com for some products, they seem to be affordable for the average joe. I've read "Programmable Logic: PLDs and FPGAs" ( look on Amazon or your favorite reseller ), it was outdated, but a good introduction. There are some new books that I'm looking to get my hands on as well.
I've done quite a bit of google searching, but haven't found a good "getting started with fpga" site. If anyone has some please reply with them.
I totally agree, and I do when there is a reason to.
I've often thought that people should release their singles for free and place an add at the end for a web site or for their CD. People would still download them because they know they are safe, high quality, and they don't have to deal with Kazaa popups and Freenet lag.
The problem is that most CDs suck. They have a few good songs, and then a lot of filler. They don't care about ordering or themes anymore. The album has died because it is way easier to market a few singles and sell the rest.
So if they want to sell track per track that is fine, but why not in any format. It would not be that hard to encode in MP3 and then write a script that changes the encoding ( to ogg for example ) as the file was being downloaded. And then cache it.
Slashdot Mirror
I'm suprised that ISP's don't provide some kind of firewall on their side, and charge people for it.
Like imagine when you sign up for compnay's X DSL
they offer a firewalled connection, or a non firewalled.
For the simple users ( my mom ) you could have a default firewall that just blocks windows ports that have know exploits. Does 445 really need to come in from the outside world
For the more advanced user you could have an interface that allows them to choose which ports.
How hard would it be to setup a dynamic firewall solution like this? People would pay 5 to 10 bucks a month extra for it. Even someone like me so I don't have to use a router. I just don't trust a desktop firewall.
But I have to agree with him here.
For one, it is not like if everyone on the planet started using it microsoft would loose any market share. Firefox runs on windows. I have IE and firefox on my XP box. It is not going to make people use Linux, and both ff and IE are free.
Second, as a web developer I'd rather use IE with google toolbar any day of the week. Everything from the way firefox handles spans to basic tables is most annoying. CSS is very buggy, as is DOM among other things. Not to mention the differences with plugins. The developer tools are nice, but you can get those for IE with a litte effort.
If you ask me I'd throw out Netscapes crappy engine and write a new one from scratch, then it might have a chance.
Firefox is a great thing for Linux, but as a Windows user with IE it don't mean crap. I do agree that it is probably more secure, but with proper patching and SpyBot I don't have any issues.
Finally, the browser war was a cold war. In the long run it just proved that Netscape had no real business model, and MS can actually write a half way decent program, albeit not very secure. So any talk of a "another browser war" is just a waste of breath. Go run or something for christ sake.
The article claims that hard drives are starting to clammer for 16 mb caches. It seems odd that no one has come out with a standard cache expansion kit.
A mother board with an ATA chipset that could plug in older dirt cheap SRAM or even newer DDR or better. Imagine a 4 gig cache of SRAM attached to your harddrives. A machine left on for a while would start to smoke.
I have some really highend SCSI raid controllers that allow 256 megs of cache...I wonder why there is a product out there to add cache to an existing ATA system. Obviously cost is an issue, but it seems like this sort of thing would give a big bang for the buck. High end games will pay anything for a 5% perf increase.
This sounds like the thing the Linux community would say.
I highly doubt that ATMs are hooked up to the internet, so normal worms would not apply. Maybe if someone could take out a slew of ATM from the same supplier by hacking in to their network.
Then we have to imagine that the people would use some kind of firewall to protect the machines, and that they have thought about this as any half way intelligent coder/admin would.
That said, Linux has had many a buffer overrun, and has been attached just as much. Networked computers have serious security issues, regardless of the OS.
Come on slashdot editors, be a bit more professional.
Tablespaces are nice, but they really need to create database files that can contain objects. This is a major feature that most of the big boys have.
That is you allocate one file to a certain size. The file is a collection of database pages. Each page can be used by a table or index to store data.
This makes for much faster backups, and management. I can detach a database, copy the file somewhere, and reattach. There is a lot less file overhead since you lock on to a few files, versus a different file for each table/index. If your db has 100's or 1000's or tables this can really create a lot of overhead. If each table has a handful of indexs this can really mulitply.
Also you can attach different tables and indexs to different files and create groups of files. Then you can span these file groups across different drive subsystems to get really really good performance. This can even allow you to put non crucial data in another file that can be put on a super cheap drives, like debugging information or such. Tablespaces at least allows you to do this.
File per object is one of those things that really seperates postgresql from true enterprise level databases. Having a write ahead log used to be the other. You really need a db system that deal with pages, not files.
All in all though this is an important step for postgres, and maybe we will see single database files in the next version.
I said above the incoming ports is the cause of spam. This isn't really true, since bots connect to port 25 and start relaying email.
In some case spamming is the result of a worm, and some people with IIS installed have open relays.
In the long run the solution to spam may be to create a list of acceptable email servers. So unless you are "real" email server you can't connect and send email to a user.
Another solution maybe to attempt to connect to the server of the from address and see if it is real before delivering the message. In that case you must have port 25 open, and have a registered MX record. Having port 25 open maybe rated higher for non hosting centers, this would make it harder for the spammer even if they could pay to have 25 open. If you sent out 1000 spams, and each of those had to make a connection to your box and verify that a message was real it could add pretty quickly. You could bomb someone this way I suppose by sending spam with a from address of a valid address and cause their bill to spike. This could be reported and the server that tried to relay incorrect information could be blacklisted and if in a country with the right laws shutdown.
These ISP should consider blocking incoming ports for homes, minus ports need to say run an IP over phone service. Of course smart people will use the port, but if the port is actually rated differently then they might not.
This would stop the spread of viruses, because no one could be connected to. I'm behind a firewall, and except for my Overnet forwarded ports I have no need ( and you know that I really don't need Overnet ).
This would be the biggest difference between home and business accounts. On the home side opening up a port for their IP phone based service would be key. They could allow unlimited calls in their network, and charge lower fees for others.
If made standard enough then a whole slew of other companies could compete against each other. You pay SBC for the open port, then pay the other provider for the phone services. 5 bucks a month for the port, and then the rest based on usage with the actually phone company. Phones calls made to other Voice-IPs on a different network are rated lower, then those with a normal POT line.
At the same time they should allow ports to be opened, and then charge bandwith. So you could run a web server they open up port 80, at the same time you actually get a free firewall of sorts.
Piracy would not happen so much if the entertainment industries would get there heads out of their buts and offer good digital forms of albums and movies at affordable prices. The fact that no one has come up with a good "record" file that contains all the tracks of a record is proof of this.
Being able to download movies that are playing in the theatures for 15 bucks is essentially the same thing as going to theature. Yes you loose some money when two or more people see it, but you don't have to pay to distribute it, or take cuts from the venues themselves.
Chances are you might loose some DVD sales, but people buy DVDs to have a permanent high quality copy of video. I'd still buy the DVDs so I could then encode them to Tivo like device ( at the least my current favorites ) and then be able to do it again when I upgrade, or the hardware fails.
Backing up 100s of movies can be kind of a daunty task for a technical person, and impossible for your average consumer.
Even if the viewer program deleted the file after 2 weeks that would keep most people from keeping them forever, most people feel better about doing something the right way.
In short I think we need to find a balance. The wild west days of the internet need to stop for better security, and better QOS. Yes I think we need the ability for people to distribute information more freely, but that is what bloggs are doing. How many of use really need to run a web server on the internet anymore, especially with all the blogs, and free web space provided by ISPs. The answer is your really don't, except that it feels like freedom is being taken away by not having them. Freedom comes with cost, and the cost of this freedom has shown to be great, the cost has been spam and worms.
Most test actually look for byproducts of a condition, verus the condition itself. However, this makes me wonder if you catch the "good" aids virus if you will test positive for HIV.
We would then need another way to test to see if you have any of the real thing, or just caught the unreal thing from someone else.
I wonder if it gets passed from Mother to child...usually aids doesn't, but there is still a pretty good chance.
I hope either Iomega, or another company will take this idea and make them into a solution that can be changed mechanically. Tape changers today still suck, and are super expensive.
I'd like to see something like the mini harddrives ipod and other devices use turned into a tape replacement solution. Imagine a cartridge of these that simple sides forwards and backwards, and a "head" that is really an miniture Serial IDE interface that plugs into the drive, powers it up, and then writes or reads.
Take it one step further and stripe these. Write in duplicate to three of these suckers. If one fails you've got two backups. When you read you get much faster results. Even further, create a brick of them, and you don't even need a movable head/interface.
In a few years these little drives should reach 100's of gigs. The day of tapes should be coming to an end...I always think of one of those old movies with the reals spinning in the background.
Time and time again I turn to non open source
solutions because they simply are more complete. Another term is also "commerical qualitity". MS doesn't put out products that have broken buttons, and crappy images. They don't have desktops that look like crap, and are hard to navigate. A front end is put on everything, by the same team that puts out the backend.
Even things like installers for your apps versus a centralized approach like RPMs or Debian packages have a big impact. People have to be able to double click, and get a friendly click next 10 times kind of install. You can argue that this is just because they are used to it, but it doesn't really matter, they want it. You can pull of the same thing if you make sure you OS can detect them on a double click, but you also need the packages to contain a way to make the install look like it is from them.
The OS community is growing in the server market and tech departments because most of us don't care about it. Still some of us are busy developing on top of the server and don't want to have to deal with a lot of the server maintance stuff. Windows NT strikes a balance.
Another peave I have with the *nix approach is the use of OS based sub-systems to pull off functionality. It is a very valid approach to problems, but one that I don't particularly like and is a reason why Windows does better then *nix in the larger sense IMHO.
An example of what I'm trying to say is using things like file system links to pull things off, verus having a file that repersent a shortcut. Using a link for a web sever to redirect, verus the web server having a list of those links, Also using a list of shell scripts to pull something off, versus having a GUI tool that integrates them directly.
The large impact that this has is that it makes every program more dependent on large sets of smaller executable tools. Windows has a GUI for everything, and in most cases command line tools in the resource kit for those that need to write scripts. Having a GUI for everything just makes them look more professional, versus having to learn configuration files and such. With XP these things are even dumbed down to amazing levels. MS knows this, and Linux doesn't want to admit it, we can't turn the world into a bunch of command line whizs.
Most open source tools have a GUI or some kind of configuration helping tool, but most are from another party that is affiliated with the main group. IT execs hate this. If you are going to put out a product, put out a complete one. Everything has to have a unifing theme.
SQL servers use a page caching system generally. That is the database exists on the harddrive as a series of xK pages ( 8k pages for MS SQL server ).
As a page gets loaded from the harddisk it is loaded into the server's cache. Any read/writes are done to memory and not the disk. Background process write the pages to disk that are dirty. All transactions are written to the transaction log so if the server crashes before this happens recovery can happen when the db starts back up.
This means that a large portion of the data is already in memory. Servers usually pre-allocate gigs of memory for this purpose, the more the better and a big reason for 64 bit on large dbs.
Under x86 caching schemes, the CPU does speculative loads. It "guesses" what memory the processor is going to need and starts loading it into high speed cache. This is perfect for a db since most of the time the db pages you need are in sequential order. Especially when you are talking about pages that only include indexing data. The query usually does most of it's work using indexes, and then at the end will actually "lookup" the data.
So bigger caches mean that these big binary trees get loaded into cache and the algorythms can loop through them faster and pull off the cache.
Take this into the Itanium world and we can start to get even better performance. The thing people tend to forget about Itanium is that you can tell it to load you data into cache. So an optimized DB server can have it read this large section of code into the cache while it does calculations. Itanium allows 3 instructions to be loaded. Once hypertheading is put into Itanium you will see these DB apps really fly. Itanium is showing good promise in this arena, even at 1.5 GHZ. Clock that up to 2 to 3ghz with multiple hypertheaded cores and we are going to have one fast chip for dbs.
The big issue is the price, if you are going to spend that much money, go with the proven Sun/IBM. Itanium is set to replace the Xeon by 2007 ( I'm guessing before then because of scaling issue on the Xeon and x86 emulation software giving decent 32 bit for legacy apps ).
I really think Intel needs to push their Itanium. MS likes it, Linux likes it, a few db servers like it, and a slew of other high performance, server based things. I don't see how Intel is going to scale against the Oppie. Not unless they stick a on-die memory controller. Hypertheading and the new thread based instructions will help though. Should be an inresting battle. I'll be happy if AMD can get 10% to 20% marketshare, then we will see some true competition and innovation like we have on the desktop.
I really don't understand why Intel is handling this so poorly. Someone in the higher ups must have thought this to be a horrible end of the world type of thing. In my mind it isn't. They have ended up making Intel look worse if they would have just quitely said, we are supporting x86-64...which is compatible wiht AMD, at the end of the sentence.
AMD is an x86 processor. Something Intel invented. Becuase of the agreement between Intel and AMD over the use x86, Intel can use the new extensions without paying royalties.
A) The only people that might loose faith in Intel are some techies, most of who are already AMDFanBoys ( and girls ) anyways. The average consumer ain't going to care who created the 64 bit extensions.
B) AMD DID THE WORK. No need waste time designing the specs out.
C) MS has an OS ready to go out the door, no time waiting for you apps to be deployed.
D) AMD has spent a lot of time marketing the technology, all you have to say is we do it with more GHZ ( please don't let the GHZ thing spin off into another thread ).
E) You've got something to help ease the pain between your Xeon and Itanium lines.
This is a good thing for Intel. Sure you are copying AMD's instruction set, but lets face it, compared to the man hours needed to actually implement the instruction set in trannies, an instruction set is pretty simple. Intel saves money, says hey look we are not a monopoly anymore don't hate us, and has a good product.
Intel made a bad PR decision, they should just admit it and move on.
The best current solution is really the only one. Have a list of friendlies ( possibly with server information ).
How often do you get an email from a complete stranger that you really want to read. For most personal accounts you have a limited set of email buddies, a lot like an instant messenging service.
Building this list is the big issue.
Say you buy something from amazon.com, or another site. The web application needs to be able to add itself to your friendly list. Of course this does not happen automatically, but with something you click. A simple standard would not be that hard to devise so any mail client could recieve the message. Upon receiving the message the user is asked if the email is a friendly. At this point the program could check for a valid MX record, and a slew of other tests to see if the record is valid and issue a warning, or give the green light.
Now if the email is webmaster, or your the kind of person that does get lots of emails from people on the Web, like a CmdTaco you need some
more tools. But current spam checkers matched with MX lookup could seriously limit the number of records. You could also do some kind of verification routine where your email program sends an auto-response with one of those pictures. This has gotten worked around with letting porn surfers answer the question for you, but I'm sure it won't be long before people write bots to answer the porn guys wrong.
MX lookup I think will be the first step. If you can reverse an address, then ask that server if the email is authentic, and even give a CRC/timestamp to see if the email came from it. This would make it harder to run your own email server, but if you doing this you probably know what the hell MX records are.
I always felt that this would be super simple to pull off with a stationary bike attachment.
If you have a bike you can go out and get an speedometer for it for almost nothing. Mind you a nice one will cost about 50 to 100 bucks or more depending on how fancy you want to be.
The point is this works by simpling install a magnet on the wheel, and a sensor on the frame. Then you can sense the velocity.
Now connect this to an Xbox controller and you got a work out. The controller would have to have a kind of min/max setting. Say you stop the bike completely, the game hits the pause, or start button. Once you hit a certain min range, basically just a few rpms a second you just stand there. the faster you go over this range the joystick is slowly pushed up on the controller, obviously not physically, but since the joystick is analog you could get good range.
Obviously turning is still going to be a button, but a good stationary bike will burn calories, and I think has been proven to help loose weight in combination with a good diet.
This was actually used in an arcade game, I forget the name. You where on a hang glider type of bike thing. The faster you pedalled the faster your propeller went. I'm really suprised that Bally's didn't pick up on this. The arcade wasn't successfull because no one wants to go to an arcade an sweat!!
I'm a biker to, so I'd love to get my daily workout, and get some project gotham 2 in at the same time.
et
This brings up an interesting point about OEMs and patching. I've never bought a Dell, I usually build my box. Does Dell ship with the latest service pack as soon as it is available, and do they apply this critical patches to the line immediately or at all? I would at least expect the lastest service pack to be on.
Another idea would to simply put the machine in a safe boot mode when the machine first comes up. This basically blocks all incoming traffic, and then attempts to connect to the MS site. Either via dial-up, or attempts to do a DHCP thing. Maybe even fire this the first time the network is initiated. It would definately stop the machines from getting infected before they can get patched.
We do this stuff at our office all the time. Usually for birthdays and the such. I really should throw together a web page with all the pics sometime.
The best ones so far where.
We took a bunch of cubicles and covered them with taped together black trash bags. This created a very cool cave. We put plants and a fog machine in as well.
Our boss is from Alabama, so for his birthday we decorated the whole office like some kind of back woods farm. We took his desk out and replaced it with a piece of plywood, and put a bail of straw in his office. We all dressed up in overalls and even staged a wedding ( the groom was at gun point and the bride about 8 months along ).
The next year we staged a murder mystery with our unexpecting boss at the middle of it. His brother was murdered and he had to figure out who it was. We staged it like a 30's private eye office.
For my birthday the guys decorated my office like a rave. Including a bunch of techno and monitors with cheesy colorful screen savers. Again the smoke machine was brought in, and they all laughed as I got lung cancer and couldn't even see my screen.
We've made people where bunny suits like at an amunsment park, had a toga party theme, made people work in a tent all day, and a whole lot of other things.
We've been slacking as of late with less revenues and more stress, but this stuff can really really boost morale in your office. We are a small company with very few rules, so we can get away with this stuff, if you can go for it.
Once again someone is going about feeding a huge number of consumers ( the human population ) with centralized sources. Although this is convient it does not scale.
Why not put solar panels on everyones house. Or on the top of building and have them feed battery array.
Or create lots of small fuel cells instead of one big coal power generator.
Or have our new cars charge themselves and then the power grid with solar/fuel cell combos.
Microwaves power is such a cool, but stupid idea. Kind of line nuclear power. Lets create a really expensive solution that leave nuclear waste for our kids to deal with, great....think outside the box people.
An mp3 is usually about 1 meg a minute. But a raw wav file is several times more. The same goes for raw video verus mpg2 or quicktime.
I suppose the number could be much larger if you expand data before counting it.
Half the time we don't know our network is infected until it is too late, or someone complains the internet is slow.
Just having a honeypot that can alarm us to what boxes are infected is a big plus. We can take it from there.
Somehow taking the computer off the network would be a bonus as well. I wish our firewall had this functionality.
Why are ISP's not doing some level of firewalling.
This would probably help kick start it, in an effort to not allow it to take effect.
Obviously they don't want to piss off their customer base because some messenger thing won't run, but almost everyone is going and getting a cable/dsl router to protect themselves and doing port forwarding if they are smart enough to even host something.
Why not do this at the ISP, why aren't ISP monitoring their own customers and telling them they are infected, or taking them off the network if they are. Hell, offer a $20 an hour service to fix it with some kind of remoting software. People would love that. ISPs should become support shops, they are already connected to your box, and their are a lot of admins without work right now.
The movie industry doesn't have to worry so much as the music industry for several reasons, mainly because they know not to gouge their customers.
Let's compare the two.
1) Movies come out in theaters for about 8 to 12 dollars, sometimes cheaper. This is as close to a live concert as your going to get. A live concert tickets for a major band is easily $30 dollars. Not to mention having to wait in a really long line, and deal with all the kids. Go to a movie on a Tuesday, sneak in a coke in your pockets or girlfriends purse and your cool.
2) Once out on DVD you get all kinds of extras, and a really high quaility piece of art. CDs are cds, they don't make them with surround sound or anything special. No video of live concerts or anything. And you usually have to pay 18 bucks for them, even when they have been out for 10 years! You can get all those marginally good movies for $10 bucks in those bins.
3) Movies can cast 10s of millions, while CDs could be made for near nothing. Yet they continue to sell for about the same and they just trust the user to want a collection.
I think the music industry could learn a thing or two. I don't really think we need multi-million a show tours. I don't want a million lights and gimics. I just want to see a live band for a decent price. I wish I liked phish, cause then I could get it. Why must I pay $100 bucks for a Radiohead concert. What ever happened to the arena concert?
Not to sound like RMS, but what exactly do we mean by is Linux more secure.
We really need to say is Linux, Samba, Apache, Mozzialla.....more secure then windows core ( which would include things like the DCOM exploit ), or SMB, IIS, and IE.....
The real question here is, can one company be as secure as the open source community.
This is a really complicated question. In one way you could say yes, because of the huge testing advantage an OS project has. This could also be turned to no if no one gives a fly f*ck about the project except its core developers and it doesn't get tested. Microsoft has a disadvantage about testing, but a much more real obligation to provide secure systems. Linux users like to boast, but windows has a very real financial obligation ( they are public ).
MS is going to get hit more, because they have more users, and the users they have are not always up to date or as intelligent. They also have a lot of people who blindly hate them. This is actually going to be to their advantage in a few years.
There are two very real problems with MS and the way they go about patches that I see, two problems that Linux is on top of.
1) most require a reboot.
If this wasn't the case, it would be perfectly okay to automatically patch. My production database server couldn't be patched right away because it needed the uptime ( I had 225 days before the damn blaster thing ) and we can't afford a cluster to switch over to while we upgrade. I tried every work around, but ultimately I had to patch and restart the thing at midnight on a Saturday. I'm sure on a linux box I could have fixed the exploit without bothering my database box. Or maybe I'd have to disable a feature while it happened.
2) Patches not very available.
I remember MS's site went down the day I was patching for the dcom exploit, because of a DDOS, but this is retarded with the web. They should affiliate with trusted providers like download.com to make sure you can get to these.
MS puts out some good products, sometimes they make stupid mistakes in design ( but sometimes so does the linux kernel ). The real advantage here is that Linux patches itself ( the community ) while MS seems to always have a security firm find there crap. There was absolutely no reason to have a buffer overflow in DCOM, none, zilch, zero. If it had been some weird or interesting exploit I would have felt something for them, but a buffer overrun, get your crap together.
The same goes for C/C++ linux guys. I'm suprised there hasn't be a security library standardized. Java guys can rest easy, at least for the buffer overruns, but there are plenty of ways to write an insure java app.
I think overall the response was good to blaster, but worms do have a real threat, but they utlimately the immune system of our computers ( their programmers ) will figure a way around.
I know they are not easy, but I've been reading about basic hardware for a while, and I do think it is possible to learn without drinking for four years ( going to school, just kidding I'd like to have gone, but it isn't for me. ).
I've applied and got denied to a engineering schools, even though I'm making good money and have good job security not even having a college degree in the software world.
I feel like I could learn this on my own, not overnight, you cannot become anything good overnight.
I think FPGAs at least allow someone who doesn't have access to expensive schools and even more expensive labs a chance to learn hardware designs. And I think there are actually some suprising similiarity's between hardware and software.
Plus software can take a lot of testing as well, and it isn't as easy to define sometimes. Logic functions usually work with a pretty small vector. The number of permutations can be huge, but can also be defined. Theorectically it is possible in a complex application, but hard to think about.
I think these are the coolest things to come around since high level languages.
I've done some reading on VHDL and other languages used to program them. It would also be a fun hobby and a great way for open source to venture into the hardware realm.
VHDL compilers are platform specific, so as the FPGA platform evolves the code written can be tweeked and recompiled to run faster on new chips. You could also take the compiled result and do additional tweeking to create an IC. It could also be possible to re-compile on the fly if the industry got standard enough, even running through an emulator if need be.
FPGAs can even load new code as they are running, pretty fast to. So you could have librarys in memory and move them into the processors as they are needed. This allows for a much more complex program to be in hardware.
Memory bandwith and memory in general seem to be some limiting factors, but are being addresses as they evolve. I think eventually they will be like a normal CPU, surrounding the FPGA.
FPGA designs ( the fpga itself ) are usually a lot simpler then a normal CPU, so manufactoring them on smaller processes like 90 nm and lower will be easier, of course not a cake walk either.
Check out http://www.xilinx.com for some products, they seem to be affordable for the average joe. I've read "Programmable Logic: PLDs and FPGAs" ( look on Amazon or your favorite reseller ), it was outdated, but a good introduction. There are some new books that I'm looking to get my hands on as well.
I've done quite a bit of google searching, but haven't found a good "getting started with fpga" site. If anyone has some please reply with them.
I totally agree, and I do when there is a reason to.
I've often thought that people should release their singles for free and place an add at the end for a web site or for their CD. People would still download them because they know they are safe, high quality, and they don't have to deal with Kazaa popups and Freenet lag.
The problem is that most CDs suck. They have a few good songs, and then a lot of filler. They don't care about ordering or themes anymore. The album has died because it is way easier to market a few singles and sell the rest.
So if they want to sell track per track that is fine, but why not in any format. It would not be that hard to encode in MP3 and then write a script that changes the encoding ( to ogg for example ) as the file was being downloaded. And then cache it.