My buddy runs a compute farm. I know what cycles are good for. What I don't see is how a criminal could reliably/statistically profit. People who need lots of cycles need them very reliably and the data is far to valuable to trust to any fly-by-night operation.
I certainly wouldn't block RDTSC or interfere with the piggy's use of it. Just use it to watch'em.
As for users on a cluster/shared host, that becomes an administrative issue. A thief can be caught (process watchdog on HD or ethernet interrupts) and booted. Probably a significant punishment to the thief, most of whom don't need cycles. Those who do are tied to software.
I think it shows in `top` as sleeping. What malware needs cycles? Mostly they want ports (esp 25 SMTP outbound) or perhaps disk (searching). Protect the resources that need protecting!
A very cheap simple patch is add RDTSC instructions at process restart and blocking syscall to count the cycles actually used. That way the extensive tick-code doesn't need to be modified.
Yield()ing just before timer tick is a neat trick to grab cycles, but what use are cycles? This might have been interesting on time-share machines 20 years ago. But now cycles are in gross surplus on most machines. And processes carefully controlled on loaded machines. Until this piggy can be remotely deployed, it isn't much of a hazard.
A very simple patch is to issue RDTSC instructions at process restart and blocking syscall to count the cycles actually used. That way the extensive tick-code doesn't need to be modified.
What you get away with depends on who is chasing you and how interested they are. The RIAA is out to scare.
Civil court cases are judged on "balance of probabilities" rather than "beyond reasonable doubt" standards of proof. I have no doubt the RIAA could obtain a judgement against an account holder if they could prove a) the account violated copyright and b) the accountholder most likely did it.
Please note that there is absolutely no right to avoid self-incrimination in civil cases. Discovery is an awesome thing, and you will be compelled to answer questions under pain of perjury. You might be able to create doubt if you can convincingly show your UID was stolen. Or can establish you are stupid enough to serve as a bot _and_ the usage and access patterns match no active use by you.
AFAICS, Privacy is a conditional right. You have to behave in order to enjoy it. Do bad things and you will lose it. That's the basis for police search warrants. The same or worse holds in the civil law sphere -- discovery and depositions are frightening things.
The justification for privacy is simple: prevention of prejudice. But it is a shield against unfair blows, not a tank where you can launch attacks from protection.
Anonymity has some tradition (Federalist Papers) and protection in the US. But they are honored mostly because they were "fair and reasonable". Many other countries do not protect anonymity because it has frequently been abused.
Whatever your personal position on human-caused global warming, surely you have noticed: the tide of sentiment is turning on both sides of the Atlantic: Euros are becoming more skeptical, and Ameros (incl W) more accepting.
This is odd. It is also both odd and suspicious that sentiments appear very strongly held. A religious fervor. I doubt science is being used to find truth. More likely being selectively abused to support emotionally-derived positions.
Beyond the question of whether a court has the right to demand changes to a vital set of machine instructions to produce documentation, such evidence would obviously be new.
Such new evidence might indicate wrongdoing at this future time, but cannot prove what the suit alleges -- past wrongdoing!
RAM is written at speeds in excess of 1 GB/s. Disk has trouble beyond 30 MB/s. It cannot possibly keep up with all writes. The best that could be hoped for is occasional (every minute) snapshots. Even that will tie-up disk for 30 seconds doing the dump.
Crimescene photos are criminal, not civil. If this case were criminal, the cops could get a warrent and wiretap [sniff] the traffic. Which is probably how this really should proceed.
This is ordering a civil defendant to do cumbersome things they wouldn't ordinarily do to help the plaintiff. Unwarrented intrusion.
This is unbelieveable, especially in a Civil case. Sure, you can order the production of documents. Even expost format conversions. But I've never heard of imposing a requirement to make new documents.
The meatspace equivalent to RAM-recording is to require conversations to be taped and those tapes to be produced. Worse (more intrusive) actually, since RAM must be slowed to be recorded. RAM is as ephemeral as air.
I expect an appeal. I understand the desireability and value of the evidence, but rules are rules.
A nice reference, thanks. Maybe a little small with only 1900 samples. At least they're looking at false-positives.
But I think you need to go deeper: it is not merely the error rates but also the cost of errors. Opening spam (especially with image-load off) is basically very low cost, less than a second of time. The cost of missing legit email is several (sometimes many) orders of magnatude more.
His 99.8% filters aren't bad, but his failures were two false negatives, 1 false positive. It would be better if it could be adjusted to 10 false negatives and no false positives.
Now, if you're doing something to get 1 million spams per day, I'll suggest you need to do something different (like avoiding mailto: webpages).
What you can get away with depends very much on who is opposing you. If this were purely software that could run on any number of different GNU/Linux systems, then you probably could escape your work being considered "a derivative work" and subject to the GPL.
But embedded, you're using one Linux kernel (possibly customized) and tightly interacting with your app. At the very least, you will have to distribute source for that kernel. You will also have users complaining about your source. Many fairly deep pocketed embedded-linux mfrs have decided to publish source (even TiVo) rather than fight a battle they are likely to lose in court.
The Goodmail premise is filtering. All filters catch false positives. I'm far more worried about losing mail! that being subjected to spam. So I turn all filtering off. So should anyone with high-value mail. I know a local architectural firm did after a purchase order was false-positived.
As for the strawman, you just sue your professional and their ISP. I have no doubt the ISP would get hit for actual, consequential and punative damages.
On another level, email should not be used for high-value communications without backup/acknowledgement. The internet just is _not_ reliable. Email is far less reliable than people suppose.
Frankly, I see very little difference here. Linus says, as he always does "Show me the code!". He draws a line in the sand with ZFS. Schwartz says "we will", but note, no promises about ZFS. The most remarkable thing is that Sun is currying favor with Linus.
Move on, nothing to see here. The dogs bark, the caravan passes.
Whether for phones or other, a stateless
PC is a terminal, now AKA "Thin Client" or "Internet Appliance". Information is stored on a server elsewhere, accessible everywhere.
I like Xterminals, but I'm a dinosaur and remember the Real Thing: terminals that did X and you could log into the networked machine[s]. Sort of like a VT220 doing graphics. They ran BOOTP (iso DHCP) and TFTP to boot.
Now you'd want boot from flash and DHCP. The minicomp would be a small box like a SohO router with SVGA out (only 2D required), 10/100baseT or wireless, a wall-wart for power, and USB or PS/2
for kbd/mse. Very tidy, very neat and very cheap. Add monitor, kbd, mouse and network to run.
Hardware specs very similar to a SoHo router:
486-class CPU, 64 MB RAM, 64 MB FLASH. Tight Linux SW.
Onboard SSH would be a must, but a key design decision would be whether to incorporate a browser client to the local X server. Doing so would usually improve performance and always cut X-traffic. But this would jeopardize making the box a stateless appliance. That might depend on whether the box was tethered to a LAN server, or expected to work standalone. Flash cards or USB sticks could hold state.
With software, you can do much the same thing to much more powerful desktop and laptop machines using something like a Knoppix boot CD.
You seem to be complaining you'd like more competition. Well, every
consumer would. Sometimes it happens, sometimes it don't. But the fact
that there _are_ two competitors (TW & VZ) present in the market means
there will be some economically significant level of competition
(absent collusion).
Slashdot is a silly example -- there are too many comparables for the
routing tables to hold. And we whine too loud. But net bias could easily happen for YouTube
or the 'torrent ports. Then either TW or VZ would try to steal customers with differentiated service, or both would crap out. Which way would depend on profits. They'll certainly try to steal profitable customers.
AFAIK, external traffic still costs ~$0.50/GB. But the bulk market demands fixed pricing, so some customers are grossly unprofitable. Hogs gotta be slaughtered. P!ssing them off is neither illegal nor unethical. It is seriously unethical to take advantage. Or maybe you believe consumers don't need ethics? That your neighbors should cover you?
With this basic driver in place, various workarounds are likely: ISPs offering premium services to better match revenue with costs. YouTube might pay for the traffic they induce. Or some pay-for-service competitor might.
The key is cost have to be covered. If they're common [Google], it will be built into base price. On the website end, their ISPs know the traffic and what to charge.
There _is_ competition between cable & DSL. Just because it isn't as vibrant as you'd like doesn't mean it isn't there nor that it doesn't restrict competitors. Both know if they p!ss too many people off, they'll lose customers bigtime. Most customers are enormously profitable, so they won't want to do this. You might not be profitable (too much data xfr), so they won't mind losing you.
No, not at all. Customers complaints and desertion limit service degradation. If you assume no competition, then you have all sort of problems, starting with base price.
Of course Cox can add a dedicated link to MS and ping improve. But if they _deliberately_ and significantly slow customer access to Google, customers will complain and desert. If you're assuming no competition [monopoly], then all sorts of different problems arise. The first being base price.
Perhaps I don't understand fully. I'm not sure who does. Currently we have differences in connection speed caused by hardware varagies. Why would bringing them under human control be worse?
Yes, I understand about the "reach across" worry. Google doesn't need to worry about AT&T's ransom request. They just have to find an ISP that is willing to provide service. That ISP will lean on AT&T, or they will take their traffic elsewhere.
Slashdot Mirror
As for users on a cluster/shared host, that becomes an administrative issue. A thief can be caught (process watchdog on HD or ethernet interrupts) and booted. Probably a significant punishment to the thief, most of whom don't need cycles. Those who do are tied to software.
A very simple patch is to issue RDTSC instructions at process restart and blocking syscall to count the cycles actually used. That way the extensive tick-code doesn't need to be modified.
Civil court cases are judged on "balance of probabilities" rather than "beyond reasonable doubt" standards of proof. I have no doubt the RIAA could obtain a judgement against an account holder if they could prove a) the account violated copyright and b) the accountholder most likely did it.
Please note that there is absolutely no right to avoid self-incrimination in civil cases. Discovery is an awesome thing, and you will be compelled to answer questions under pain of perjury. You might be able to create doubt if you can convincingly show your UID was stolen. Or can establish you are stupid enough to serve as a bot _and_ the usage and access patterns match no active use by you.
The justification for privacy is simple: prevention of prejudice. But it is a shield against unfair blows, not a tank where you can launch attacks from protection.
Anonymity has some tradition (Federalist Papers) and protection in the US. But they are honored mostly because they were "fair and reasonable". Many other countries do not protect anonymity because it has frequently been abused.
This is odd. It is also both odd and suspicious that sentiments appear very strongly held. A religious fervor. I doubt science is being used to find truth. More likely being selectively abused to support emotionally-derived positions.
Such new evidence might indicate wrongdoing at this future time, but cannot prove what the suit alleges -- past wrongdoing!
So is irrelevant.
has trouble beyond 30 MB/s. It cannot possibly keep up with all writes. The best that could be hoped for is occasional (every minute) snapshots. Even that will tie-up disk for 30 seconds doing the dump.
This is ordering a civil defendant to do cumbersome things they wouldn't ordinarily do to help the plaintiff. Unwarrented intrusion.
But bad facts make bad law.
The meatspace equivalent to RAM-recording is to require conversations to be taped and those tapes to be produced. Worse (more intrusive) actually, since RAM must be slowed to be recorded. RAM is as ephemeral as air.
I expect an appeal. I understand the desireability and value of the evidence, but rules are rules.
But I think you need to go deeper: it is not merely the error rates but also the cost of errors. Opening spam (especially with image-load off) is basically very low cost, less than a second of time. The cost of missing legit email is several (sometimes many) orders of magnatude more.
His 99.8% filters aren't bad, but his failures were two false negatives, 1 false positive. It would be better if it could be adjusted to 10 false negatives and no false positives.
Now, if you're doing something to get 1 million spams per day, I'll suggest you need to do something different (like avoiding mailto: webpages).
But embedded, you're using one Linux kernel (possibly customized) and tightly interacting with your app. At the very least, you will have to distribute source for that kernel. You will also have users complaining about your source. Many fairly deep pocketed embedded-linux mfrs have decided to publish source (even TiVo) rather than fight a battle they are likely to lose in court.
As for the strawman, you just sue your professional and their ISP. I have no doubt the ISP would get hit for actual, consequential and punative damages.
On another level, email should not be used for high-value communications without backup/acknowledgement. The internet just is _not_ reliable. Email is far less reliable than people suppose.
Frankly, I see very little difference here. Linus says, as he always does "Show me the code!". He draws a line in the sand with ZFS. Schwartz says "we will", but note, no promises about ZFS. The most remarkable thing is that Sun is currying favor with Linus.
Move on, nothing to see here. The dogs bark, the caravan passes.
I like Xterminals, but I'm a dinosaur and remember the Real Thing: terminals that did X and you could log into the networked machine[s]. Sort of like a VT220 doing graphics. They ran BOOTP (iso DHCP) and TFTP to boot.
Now you'd want boot from flash and DHCP. The minicomp would be a small box like a SohO router with SVGA out (only 2D required), 10/100baseT or wireless, a wall-wart for power, and USB or PS/2 for kbd/mse. Very tidy, very neat and very cheap. Add monitor, kbd, mouse and network to run. Hardware specs very similar to a SoHo router: 486-class CPU, 64 MB RAM, 64 MB FLASH. Tight Linux SW.
Onboard SSH would be a must, but a key design decision would be whether to incorporate a browser client to the local X server. Doing so would usually improve performance and always cut X-traffic. But this would jeopardize making the box a stateless appliance. That might depend on whether the box was tethered to a LAN server, or expected to work standalone. Flash cards or USB sticks could hold state.
With software, you can do much the same thing to much more powerful desktop and laptop machines using something like a Knoppix boot CD.
Slashdot is a silly example -- there are too many comparables for the routing tables to hold. And we whine too loud. But net bias could easily happen for YouTube or the 'torrent ports. Then either TW or VZ would try to steal customers with differentiated service, or both would crap out. Which way would depend on profits. They'll certainly try to steal profitable customers.
AFAIK, external traffic still costs ~$0.50/GB. But the bulk market demands fixed pricing, so some customers are grossly unprofitable. Hogs gotta be slaughtered. P!ssing them off is neither illegal nor unethical. It is seriously unethical to take advantage. Or maybe you believe consumers don't need ethics? That your neighbors should cover you?
With this basic driver in place, various workarounds are likely: ISPs offering premium services to better match revenue with costs. YouTube might pay for the traffic they induce. Or some pay-for-service competitor might.
The key is cost have to be covered. If they're common [Google], it will be built into base price. On the website end, their ISPs know the traffic and what to charge.