I am still trying to figure out why Integral Calculus is forced down everyone's throat. Computer Scientists are better off studying proof theory, axiomatic set theory, lambda-calculi, etc...
I'm a CS and Math guy... to preface this opinion
Now it depends on the program and the school of thought. Anyone who's ever worked with a physicist in the tech business (they crop up from time to time) understands that the guys with the PhD in Phyiscs is almost always better than the guys with Masters in CS, it just works out that way. Physics and Calc are one in the same when you get through all the BS.
Everyone knows that physicists are better and so there is a desire to
teach the tools that they use. That's just a theory I have, nothing
to back it up other than everyone knows how Einstein was and everybody
has an idea who Hawking is and nobody knows who Turing was or Euler
was or Galois. If it wasn't for Russle Crowe a fair number of math
geeks wouldn't know who Nash is... Copy what works.
Secondly, better programs tie it all together. You can start off
simulataneously learning continuous calc and Zermelo set theory in a
discrete class. Keep learning calc and more discrete. Then throw
some linear algebra in and some abstract algebra and then right about
that time one of them (the way I had it, it was a calc class) goes
into the throes of a mathgasm and proves Euler's formula, using
discrete math and calc both and kind of ties the whole thing
together (because after you've learned all the different methods of
integrations you're spending a lot of time doing what a class mate of
mine called "that big E shit" with additive and multiplicitive
series...) If all goes well you'll be wondering what's the true "key
to math" at about this time and it's kind of like having God whisper
in to your ear when you see how it all links up. I think proving a
lot of the linear algebra stuff is substantially easier if you have
calc as a tool. Then you continue on and prove all of the calc stuff
using the set theory that you had been building up, take a few more
calc courses doing diffeqs, partials and calc in 3d which is all
mostly mechanical at that point and then after all of that you do
whatever the hell you want in math. I think most of the stuff in
typical stats classes is very difficult to prove without calc.
The link between linear algebra, abstract algebra and discrete math is
pretty easy to see as you're doing it. The bridge between discrete
and continuous math is a bit more complex but it's really undeniable
when you see it.
And are you buying them a year or something? I've been kicking the idea around too. My father in law, to be, is a rancher and breeds horses, there are a handful of horse businesses on the web and it lends itself well to a web site that doesn't require an IT staff to run, you can put a horse's information up (the parents, the name, etc..) and a picture but then instead of having to do a lot of transaction processing the buyers are going to call or email and ask questions so they don't need a full on eBusiness. There is one out of South Dakota that he and some of his buddies frequent and it's pretty cool, it has a picture of the horse, the full history, some notes, information and links to the parents, how much they sold for, etc. He's dealing with about 60 horses so it might be useful; I know he'd get a kick out of having one...
I've looked at a handful of Zope hosting sites and antisipated that I'd build him some kind of system with Zope and plone, I'd like for it to be simple enough he could run it by himself and I think that it's possible with Zope, and if not I can do the heavier lifing from a state away. Anyone have experience with that? Any limitations? My biggest beef with Zope is the relative fragility that it has when some of the components on the system change, I assume that the virtual host isn't going to change anything without my approval, I don't want a new python or postgresql screwing the mix up.
Best prices I've seen is hostway ($7 a year for a.com) for the domain and then hurrah.com does zope hosting with postgresql and what not for $25 a month. I've seen a few others and the prices seem to hover around $30 a month and up. Anyone know better rates? So that's $307 ($350 because I'll buy the domain for 5 years) a year, that's not too unreasonable for a Christmas gift; it's hard to say how good it is for his business though. If he sells 6 horses from leads that the website produced then I could see him easily finding it worth while and picking it up after the year I bought him expired, if he sells none then it's more of a nice novelty and I might be better off buying him a nice fly fishing rod or something else. I personally don't want to keep paying for it forever and I'd hate to help him get it built just to let it die after a year...
I recall an article on Forbes (of all places.. they talk to the right guys though) on the matter comparing the Sun Niagra design goals and IBM's and Intel's. Basically the answer was that it's not clear what kinds of apps benefit from 8, 16, or 32 threads of parallelism. This is a low tech description but there are other bottle necks, you have to have that many "threads" of code that are ready to run to benefit from it or else it's cheaper to context switch.
Subsequently, I don't know how much you've played with Pentium IVs but they don't buy much in most circumstances. We're not talking about doubling performance or anything like that. If one SMT unit get's you a 20% improvment on a p4 in the best cases then what does the 4th unit buy? IBM is just hedging because the technology hasn't shown that it delivers serious punch yet.
So let me get this straight, we send out best guy in and he plays to a
draw and so the days of the machine aren't here? WTF are you smoking?
Kasparov draws and you think you or I or some other chess hack (yeah,
I play some games online, gone a few rounds with the chessmaster) has
a snowball's chance in hell against Fritz? No way. Fritz is like the
terminator robot, you have to pull his plug and squeeze him in an
industrial press for you or I to beat him at chess, either that or dip
him on hot lava.
I have a cable modem, 3Mibit down, 128Kibit up. I run snort on my
firewall. ~3000 snort identifiable "attacks" a week, on average. Now
most are probes and recon type events but that's a fair amount of
probing. Now there is a college in the area and there are probably a
fair number of students in our subnet; if I exclude my comcast subnet
I'm still getting attacked or probed over 1500 times a week. If I
exclude portscans and traffic from our subnet I'm still getting
attacked or probed over 400 times a week. Now this is a private home,
no domain, no services are available, nothing business related is
exposed. I don't advertise that there are machines at my IPs. I
don't go on IRC. I don't go on IRC and taunt crackers.
The internet is a grungy place. I'm not sure what kinds of numbers
are "normal" but this is excessive. I don't happen to mind portscans,
some people do, those aside we're still talking about a lot of traffic
that has no positive value, it's designed to cause damage, to
vandalize or worse.
It may not seem fair but it's inevitable that legal responsibility
will be placed somewhere. ISPs will be hit for allowing their
subscribers to launch attacks; there will be grace, but if you don't
curb attackers once you're warned then you should get sued, fined,
whatever. Secondarily, machine owners will get hit. Particularly if
they are savvy enough, I've heard co-workers (and I work at a
security firm) talk about leaving machines unpatched specifically so
they get attacked and then have a platform from which to launch
attacks of their own; that should be punishable.
I think of it like cars, anyone with money can buy a car. Simply
having one doesn't mean you're allowed to drive it with the rest of us
on the roads. You have to demonstrate that you're not a hazzard and
you know the rules of the road. You get a license and then you pay
fines for breaking laws and can lose your license. We'll never have
internet licenses but we'll start enforcing some laws, if you're a
savvy engineer and your machine is used to launch a major attack or
even terrorist like attack then you should be fined and maybe even go
to jail.
That's the beauty of it. He'll be questioned by both sides and SCO will think he's the one that will nail their case shut because he'll be a prick in that way that he can be sometime. At best they'll think he's a nutcase and a pinko.
The reality is that he's way way way too sharp, he got a McArthur and he's lived at MIT for a couple decades. It's one thing around geeks to try to change their lingo; there is an anarchistic nature in those kinds of crowds, they disagree with you for the sake of disagreement (that's the whole spirit behind BSD anymore.. They've got a big collective chip on their shoulder.) RMS is our ace, they'll get him on the stand thinking he's some hippy radical and he'll nail the fuckers to the wall.
More importantly, no matter what they may say or try to do, he's a free spirit and free thinker, he simply doesn't give a fuck about them. I don't think they could take him off the topic or trick him.
FWIW, "free" and "open source" and "libre" and what they really mean is what's coming under the gun here. SCO's attacking the foundation of it all. I'd rather have RMS there to defend the true meaning and spirit of the GPL rather than someone else.
And now we have these really fat and slow web servers with a Gig of RAM running shitty "web apps" everywhere?
And IBM was behind that effort. hmm.
QWest/US West did this, multiple times for probably a quarter billion dollars. So they ignore software engineering, they pay it some homage but pretty much ignore the science (rather than engineer a solution you probably need to cut through the tape and do it with a "tiger team," they have been aiming for CMM-3 for 15 years with no luck, go figure, me thinks in 15 more years they will have given up on CMM because it's too hard or they aren't smart enough or it costs to much more than they expected, or it's impossible.) some hot shot who thinks he'll make a VP starts advocating redoing something like the payroll system that has worked for 30 years. Several years later they kill the project, 10-15million in becuase it simply can't be done or they aren't smart enough or it costs too much more than they exepected or something. Then to make sure, they do it another time or two. Now we're not talking about switches and network infrastructure, we're talking about business infrastructure, stuff that you buy and implement SAP for. Not to bash Qwest, they do have some talented people but if they can't make an order system or payroll system migrate, there is no way in hell that you're going to cart blanche migrate Cobol to.NET and windows.
This has also been a fairly clear step in their evolution for a long long time. There isn't that much work in building a distro, especially if you start with Redhat's work. There are a number of Redhat based distros out there that are basically redhat with some different packages. Then there are SuSE and Mandrake which use RPM but are fairly different now. I guess it's a good time to start a business building distros or something.
I guess United SuSE and Mandrake will be the end user distros anymore. Debian and Gentoo seem to have nice little niches going on also. Unless of course Fedora becomes the Debian based on RPM.
I'm an alpha owner, I've got 2. I think they are great machines, it's a beautiful and clean architecture, but how exactly are they far ahead of MIPS or PowerPC?
They were the first to have really high clock speeds and it was a terrible abortion at first, the rest of the system was slow enough that the processor routinely stalled waiting for data. They migrated to a slightly different architecture that has a very sophisticated caching system, with the same problems, but it was a bit easier to get code in to cache, albeit an odd ball sized cache. They initially had terrible yields too. It wasn't until it was declared a dead architecture that they really got things in to a very solid position relative to Intel and IBM.
I'm a fan, but they made a lot of mistakes and never really made a push with it. It has been fun to watch but also painful; DEC was 10 years ago where Sun is today, a very talented group, with some good ideas and technology but no clear vision on how to put it out there. More over, alpha was strictly a server/desktop kind of chip that runs very hot and takes a lot of power and over the last 5 years or so that has been shown to be a losing design since people are very interested in scaling architectures, nobody wants to buy into something they can't use elsewhere and that's why powerpc goes from dinky little $10 CPUs for Tivos up to $4000 CPUs in p690s and sysplex boxes.
It also shows what may be an incredibly stupid move by HPaq. They are totally in bed with Intel with no plan B. That's too big a company to gamble on a single platform that hasn't demonstrated marketability.
Yes, but why would you want to, when you can have the real thing on SPARC.
Because x86 outperforms sparc, unless I buy a really expensive piece of hardware with a lot of processors, but if I'm in that market why should I buy from you when I can buy from IBM and get the better thing?
2) Does Sun support Linux on Sparc?
No, why would you want to. Where are the applications? (I mean Enterprise applications, not desktop stuff).
Because I'm the customer and that's what I want. I'll worry about the apps, you give me what I ask for. BTW, I want apps on Linux so you better start leaning on your vendors to port them if I buy your sparc solution. I have the money you want, do what I ask and I'll give it to you, simple rules, eh?
4) Why can't you run multple Linux VMs on a single Solaris O/S?
Why would you want to. What benefit does that give you over say, linux on blades.
Because I'm the customer and that's what I want. Trusted Solaris has had multiple security problems and I want to virtualize for security reasons, plus it's good enough for java so why not something else? I can do it on a z server and it outperforms Sun's enterprise hardware in every measure.
I worked at IBM for close to 10 years, throught the early and mid 1990s. These answers sound remarkably similar to things I heard said there. The difference is that IBM is a lot bigger than Sun, makes a lot more money and they have far far more research talent for 'innovating their way out of the hole.' Honestly, Sun should spend more time listening to their customers and less time listening to their prima donas. If a customer wants VMs on Solaris with linux in it (clue, they are giving solaris a life line you dumb asses! they are hedging on sun and you don't want to take it?!?) then they should make it. If a customer wants x86 solaris or Linux on sparc they should bloody well start providing those.
It may sound cliche but IBM reinvented itself in a lot of ways and they are still in business becuase of it. Sun is so far out in the weeds dorking around they don't even understand how they are being passed by. You can thank the ego maniacs in the executive corps there for that. Tell me, why the hell hasn't Scott been fired? He's practically destroyed the company.
Like IBM, they write software to facilitate the sales of their hardware. That's where their money is made.
Unlike IBM, they are being pretty sleazy about this. They understand the GPL very well, they know exactly what they are doing. I've spoken at length with members of the development and managment teams about it on other products. I'd feel different if this were and oversite but they know exactly what they are doing. They are stealing code and then what's even worse, they are putting the companies that buy their products in the line of fire.
I wouldn't be surprised if you could find some kind of GPL sob story about the FSF "thugs" making somebodies life suck, I remember RMS creating a shit storm by suggesting that Linux be called GNU/Linux which seemed to offend a very vocal fraction of the libre software movement and caused a great deal of pain and suffering but this simply isn't it. (That's a joke if you're humor impaired) Forbes is just trying to sell issues, appeal to the rich want-a-bes that read it regularly. I guess that new Ford GT40 wasn't available in time to do a fluff piece on a car that none of their readers will ever have but all want... Or maybe the fall Rolexes were late, who knows?
Do the have all of the curves of Uma Thurman?!
on
Martial Arts Robots
·
· Score: 1
I'm all for duplicating that too.. Sounds like good research to me.
I'm a capitalist. I believe in the system, I'm paid by the system and I'd like that to continue. The problem, or rather the problem as I see it as an engineer is that the market genearlly doesn't choose the "best" solution. We would have OS/2 and MacX desktops instead of Windows. We'd have betamax instead of VHS. We'd all drive Honda Accords instead of the multitude of different cars that we all drive. I've learned this time and time again in small businesses, technology isn't what sells, being focused on the customer and being quick and cheap are the biggest ones right now. I've seen shitty products win contracts against far better products but during the bake-off they called tech support and a humand answered one phone and a machine answered another and that was that, even though one clearly had better technology.
So now the market is shifting, for the longest time the engineering and technology were less important, now people are focused on a technical feature: security. Here is where I think it get's hazy, security isn't defined, most companies in the security business are full of shit, there aren't crash tests or something. MS will just start saying that they are securing their products, they will blame problems on users. How can you measure that they are actually improving security other than taking their word for it and empirically, you they lie then you've already given them the money, you've built the software library up on their platform and you're screwed.
I think that there are a lot of worthless lawsuits but market pressure alone may not force them to fix this stuff.
The real costs are to the rest of the Linux world. A number of large companies have put stops on open source plans until this is resolved. That hurts real people doing real work for businesses. My company sells products based on opensource, we have a number of very large deals that seem to be in limbo.
The whole indemnification thing is another area, if you buy in to Sun's or HP's indemnification program, you essentially start to give up your rights to the software, the very rights RMS has been fighting for. They put hard limits on how you can use the software, where you can use it, etc.. Should parts of the industry buy in to those games more fully it put's a serious damper on the use of free software. Fundamental freedom type stuff, like Sun won't let you use Linux in the "server" and indemnify it. Further research on it shows that they are trying to leverage that so that you can't use Linux on *any* server if you wish to be part of their program. Those are hard things to undo once done if there is market support for them.
It's extremely useful. Now I'm not so sure I think much of the
"people without access to MIT profs can learn" theory. It's nice in a
romantic way to think about inner city kids learning to be the equal
to MIT grads by studying this material and I think there is a certain
geek appeal to the more reclusive geek variety that don't like to ask
questions in classes and generally only like to work on things by
themselves. This is no substitute for a college education, especially
not an MIT or some other upper echelon school education.
It's really useful though. I have all my course notes from CMU, most
are typed up, they are all sorted out in an anal sort of way and I've
gone back to them regularly during my professional career. You end
up solving the same problems. They are valuble to me and I'd never
bring them in to my place of work. THis starts to fill that void a
little bit, it's not the same but it's nice to have access to. If
other schools jump on board it could be really useful.
Put the Stevens books in to digital form and I don't need a book at
work for anything, I have access to it all online. Very cool, only
been talking about paperless offices for about 30 years now. Nice to
see a little progress.
That has nothing to do with the license. It has to do with end users and the ease of using it. It needs to be integrated into the mail client and it needs to be easy to see and use.
Most clients now spawn an exec and pipe data to PGP or GPG. Nothing in the GPL prohibits that.
I'd be interested in the habbits. I've seen the stuff on DSLreports. One of the guys I've heard of being warned had 6 128Kb internet radio streams rolling 24-7 which seems a little on the excessive side if you ask me; he's not even listening he's just stream ripping them most likely. I have an rsycned mirror of kernel.org and redhat and mandrake from one of the sunsites, I refresh every week and on the heavy months when they spin a new release it goes up to 4GB or so of traffic. Typically it's under 1GB. Nobody has said a damn thing. That seemed like a heavy load to me.
I'd just be curious to hear an example of what someone did and got warned. With DSL there is at least a somewhat legitmate claim that you're buying the bandwidth, on cable you are sharing the
stream with other people. I could see non-stop streaming being a
problem. Somebody downloading 6 stream 24-7 not listening is somewhat
upsetting, especially if he was on my link. From my personal
experience with DSL, Sprint Wireless Broadband and then AT&T and now
Comcast cable based internet, I'd have to say that Comcast/AT&T
handedly spanks the others.
I full heartedly agree. For home use and most small things the whole find the problem, patch it quick and upgrade system works really well. The code is getting much better but if you're deploying a producting system in an important business environment it's not always so easy. For real production stuff you've probably been safer with telnet instead of ssh over the last few years because the weaknesses of most telnet deamons require sniffing which is a solvable problem in other ways and it's much harder for your script kiddies to just sniff an arbitrary connection. Worse, the OpenSSH stuff that has happened has shown how we need a more layered approach, OpenSSH has failed and people got root access, not shell access but they got remote root, it was a catastrophic failure.
I see this largely as a problem of the integration. If there is an OpenSSL issue, it affects which programs? Apache, OpenSSH, tcpdump (yep, it can use OpenSSL to the decodes) and dozens of others including databases that use SSL for secure connections. Depending on which vintage of the software you are on it potentially means you'll end up updating all of that stuff. RPM and deb fixes a lot of this stuff but I bring it up becuase I've seen the problems happen in the real world. A stupid SSL vuln caused us to update a database which is used for production data, it becomes a risk problem at that point, what's a lower risk the possiblity that someone may use the SSL attack or the possiblity that upgrading the database will be more complex than installing an RPM and require hours and hours of downtime? Once you're making those kinds of tradeoffs you've already lost.
Some opensource secure coding standards and guidelines would be nice and I think they could help cut down on these kinds of problems, they won't fix them but they can help. C and C++ aren't the problems, there are plenty of embedded programs that don't have those problems and they use different coding strategies and practices. You have to have a complete knowledge of the system to do secure coding. Java based daemons is kind of a solution but it ties us to a vendor and it's really heavy handed and takes a lot of memory to perform, worse it's not a small undertaking and Tomcat and JBoss have had some terrible security problems also. We end up trading one class of problems for a different set.
I just scanned the OpenBSD site and did a quick google, no OpenBSD secure coding standards and guidelines document exists... We need something like that, we already have groups doing audits and some very very good people doing them like Solar Designer and Theo de Raadt. What are they doing and looking for? Why isn't there a document for OpenBSD that explains why it's supposed to be more secure? If we came up with some good standards and practices for the whole community to emulate we'd be much better off.
I got one down to about 3 seconds.
on
Booting Linux Faster
·
· Score: 2, Interesting
It was a Pentium 300 Mhz class machine in an embedded device. I had the kernel in flash and used my own variation of the linuxbios project.
My best times were power on to init in about 2.7 seconds. By the time we got the "authentication code" and what not in it was closer to 30 seconds.
Take all that BIOS stuff out and create a truely lean and mean setup with minimal init scripts and you can blaze. Longest step was copying the kernel from slow-mo flash memory in to RAM...
On the 5th near miss where nothing happens, the 6th won't be news worthy. Remember chicken little who cried that the sky was falling? Or the boy who cried wolf?
And you're not serious in believing that congress is going to come up with a solution do you? So congress will debate and then they will bring some of these scientists who don't have enough money to really do good research in front of them, he will say something to the effect that if an asteroid is coming the best thing is to bend over, put your head between your knees and kiss your ass good bye. Why? because that's the only practical thing to do. That will get pigeon holed before it goes up for a vote because we have the mightiest military there ever was and that's simply not a grand enough thing for this great nation to do.
So they will put together some kind of exploratory committee. Al Gore was a master at these, the guy failed out of grad school, he
didn't quit, he got booted out and told not to come back and then has the audacity to speak like
he's a member of the super educated elite that invented something like
the internet or the space telescope... haha.. "So I was sitting on my
daddy's ranch in Nashville and the boys at NASA and DARPA called me up
to ask my opinions on connecting millions of computers together. I
sketched out some ideas for something that became known as the OSI
stack... haha." sorry about that, I always laugh when I think about it.. anyhoo, said exploratory group will include many
non-scientists who are supposed to "have people" that can give them
answers. The answers are related to questions like "if I fire up
Oakridge to build a whole shitload more nukes and create a few more
jobs, will I get re-elected?" and "will landing Bruce Willis on an
asteroid somehow turn around my state's (California's) economy and get
me re-elected or maybe set me up for a presidential bid?"
After 10 years and some insane amount of "research money" later (read:
meetings at Pebble Beach and Augusta and 3 martinit lunches with
"their people") some how they will scratch together a proposal with
about 50000 "riders" on it because no way in hell can they vote down
the asteroid defense initiative. So in exchange for it we'll also get
some shit about The Salt Lake becoming one of the Great Lakes, some
kind of abortion advertising ban, and a new video game tax. Then the
fundamental meat of the bill will be to build some kind of impossible
to construct trillion dollar space laser or nuke launching platform
that won't actually stop an asteroid anyways.
And that is how a bill becomes a law. I think there was a saturday
morning cartoon short that described all of this.
Instead of trying to get money out of them (look at all the young pirates bitching about being sued for a few grand, they don't have money) why don't we just cut their link for a period of time, say 8 days? It's short enough that you can deal but long enough to really piss you off so you had better make sure you don't let that stuff happen.
SSH has been one of the biggest weaknesses in security infrastructure the last few years..
I know there are a bunch of Ada hackers out there and people with other languages they are advocating and trying to protect, this seems like an ideal task to prove your prowess and the strength of your tool set by building a better SSH server and client.
I'd love to see some network infrastructure servers done in Ada.
Slashdot Mirror
I'm a CS and Math guy... to preface this opinion
Now it depends on the program and the school of thought. Anyone who's ever worked with a physicist in the tech business (they crop up from time to time) understands that the guys with the PhD in Phyiscs is almost always better than the guys with Masters in CS, it just works out that way. Physics and Calc are one in the same when you get through all the BS.
Everyone knows that physicists are better and so there is a desire to teach the tools that they use. That's just a theory I have, nothing to back it up other than everyone knows how Einstein was and everybody has an idea who Hawking is and nobody knows who Turing was or Euler was or Galois. If it wasn't for Russle Crowe a fair number of math geeks wouldn't know who Nash is... Copy what works.
Secondly, better programs tie it all together. You can start off simulataneously learning continuous calc and Zermelo set theory in a discrete class. Keep learning calc and more discrete. Then throw some linear algebra in and some abstract algebra and then right about that time one of them (the way I had it, it was a calc class) goes into the throes of a mathgasm and proves Euler's formula, using discrete math and calc both and kind of ties the whole thing together (because after you've learned all the different methods of integrations you're spending a lot of time doing what a class mate of mine called "that big E shit" with additive and multiplicitive series...) If all goes well you'll be wondering what's the true "key to math" at about this time and it's kind of like having God whisper in to your ear when you see how it all links up. I think proving a lot of the linear algebra stuff is substantially easier if you have calc as a tool. Then you continue on and prove all of the calc stuff using the set theory that you had been building up, take a few more calc courses doing diffeqs, partials and calc in 3d which is all mostly mechanical at that point and then after all of that you do whatever the hell you want in math. I think most of the stuff in typical stats classes is very difficult to prove without calc.
The link between linear algebra, abstract algebra and discrete math is pretty easy to see as you're doing it. The bridge between discrete and continuous math is a bit more complex but it's really undeniable when you see it.
I've looked at a handful of Zope hosting sites and antisipated that I'd build him some kind of system with Zope and plone, I'd like for it to be simple enough he could run it by himself and I think that it's possible with Zope, and if not I can do the heavier lifing from a state away. Anyone have experience with that? Any limitations? My biggest beef with Zope is the relative fragility that it has when some of the components on the system change, I assume that the virtual host isn't going to change anything without my approval, I don't want a new python or postgresql screwing the mix up.
Best prices I've seen is hostway ($7 a year for a .com) for the domain and then hurrah.com does zope hosting with postgresql and what not for $25 a month. I've seen a few others and the prices seem to hover around $30 a month and up. Anyone know better rates? So that's $307 ($350 because I'll buy the domain for 5 years) a year, that's not too unreasonable for a Christmas gift; it's hard to say how good it is for his business though. If he sells 6 horses from leads that the website produced then I could see him easily finding it worth while and picking it up after the year I bought him expired, if he sells none then it's more of a nice novelty and I might be better off buying him a nice fly fishing rod or something else. I personally don't want to keep paying for it forever and I'd hate to help him get it built just to let it die after a year...
Subsequently, I don't know how much you've played with Pentium IVs but they don't buy much in most circumstances. We're not talking about doubling performance or anything like that. If one SMT unit get's you a 20% improvment on a p4 in the best cases then what does the 4th unit buy? IBM is just hedging because the technology hasn't shown that it delivers serious punch yet.
So let me get this straight, we send out best guy in and he plays to a draw and so the days of the machine aren't here? WTF are you smoking? Kasparov draws and you think you or I or some other chess hack (yeah, I play some games online, gone a few rounds with the chessmaster) has a snowball's chance in hell against Fritz? No way. Fritz is like the terminator robot, you have to pull his plug and squeeze him in an industrial press for you or I to beat him at chess, either that or dip him on hot lava.
The internet is a grungy place. I'm not sure what kinds of numbers are "normal" but this is excessive. I don't happen to mind portscans, some people do, those aside we're still talking about a lot of traffic that has no positive value, it's designed to cause damage, to vandalize or worse.
It may not seem fair but it's inevitable that legal responsibility will be placed somewhere. ISPs will be hit for allowing their subscribers to launch attacks; there will be grace, but if you don't curb attackers once you're warned then you should get sued, fined, whatever. Secondarily, machine owners will get hit. Particularly if they are savvy enough, I've heard co-workers (and I work at a security firm) talk about leaving machines unpatched specifically so they get attacked and then have a platform from which to launch attacks of their own; that should be punishable.
I think of it like cars, anyone with money can buy a car. Simply having one doesn't mean you're allowed to drive it with the rest of us on the roads. You have to demonstrate that you're not a hazzard and you know the rules of the road. You get a license and then you pay fines for breaking laws and can lose your license. We'll never have internet licenses but we'll start enforcing some laws, if you're a savvy engineer and your machine is used to launch a major attack or even terrorist like attack then you should be fined and maybe even go to jail.
The reality is that he's way way way too sharp, he got a McArthur and he's lived at MIT for a couple decades. It's one thing around geeks to try to change their lingo; there is an anarchistic nature in those kinds of crowds, they disagree with you for the sake of disagreement (that's the whole spirit behind BSD anymore.. They've got a big collective chip on their shoulder.) RMS is our ace, they'll get him on the stand thinking he's some hippy radical and he'll nail the fuckers to the wall.
More importantly, no matter what they may say or try to do, he's a free spirit and free thinker, he simply doesn't give a fuck about them. I don't think they could take him off the topic or trick him.
FWIW, "free" and "open source" and "libre" and what they really mean is what's coming under the gun here. SCO's attacking the foundation of it all. I'd rather have RMS there to defend the true meaning and spirit of the GPL rather than someone else.
And IBM was behind that effort. hmm.
QWest/US West did this, multiple times for probably a quarter billion dollars. So they ignore software engineering, they pay it some homage but pretty much ignore the science (rather than engineer a solution you probably need to cut through the tape and do it with a "tiger team," they have been aiming for CMM-3 for 15 years with no luck, go figure, me thinks in 15 more years they will have given up on CMM because it's too hard or they aren't smart enough or it costs to much more than they expected, or it's impossible.) some hot shot who thinks he'll make a VP starts advocating redoing something like the payroll system that has worked for 30 years. Several years later they kill the project, 10-15million in becuase it simply can't be done or they aren't smart enough or it costs too much more than they exepected or something. Then to make sure, they do it another time or two. Now we're not talking about switches and network infrastructure, we're talking about business infrastructure, stuff that you buy and implement SAP for. Not to bash Qwest, they do have some talented people but if they can't make an order system or payroll system migrate, there is no way in hell that you're going to cart blanche migrate Cobol to .NET and windows.
This has also been a fairly clear step in their evolution for a long long time. There isn't that much work in building a distro, especially if you start with Redhat's work. There are a number of Redhat based distros out there that are basically redhat with some different packages. Then there are SuSE and Mandrake which use RPM but are fairly different now. I guess it's a good time to start a business building distros or something.
I guess United SuSE and Mandrake will be the end user distros anymore. Debian and Gentoo seem to have nice little niches going on also. Unless of course Fedora becomes the Debian based on RPM.
They were the first to have really high clock speeds and it was a terrible abortion at first, the rest of the system was slow enough that the processor routinely stalled waiting for data. They migrated to a slightly different architecture that has a very sophisticated caching system, with the same problems, but it was a bit easier to get code in to cache, albeit an odd ball sized cache. They initially had terrible yields too. It wasn't until it was declared a dead architecture that they really got things in to a very solid position relative to Intel and IBM.
I'm a fan, but they made a lot of mistakes and never really made a push with it. It has been fun to watch but also painful; DEC was 10 years ago where Sun is today, a very talented group, with some good ideas and technology but no clear vision on how to put it out there. More over, alpha was strictly a server/desktop kind of chip that runs very hot and takes a lot of power and over the last 5 years or so that has been shown to be a losing design since people are very interested in scaling architectures, nobody wants to buy into something they can't use elsewhere and that's why powerpc goes from dinky little $10 CPUs for Tivos up to $4000 CPUs in p690s and sysplex boxes.
It also shows what may be an incredibly stupid move by HPaq. They are totally in bed with Intel with no plan B. That's too big a company to gamble on a single platform that hasn't demonstrated marketability.
Yes, but why would you want to, when you can have the real thing on SPARC.
Because x86 outperforms sparc, unless I buy a really expensive piece of hardware with a lot of processors, but if I'm in that market why should I buy from you when I can buy from IBM and get the better thing?
2) Does Sun support Linux on Sparc?
No, why would you want to. Where are the applications? (I mean Enterprise applications, not desktop stuff).
Because I'm the customer and that's what I want. I'll worry about the apps, you give me what I ask for. BTW, I want apps on Linux so you better start leaning on your vendors to port them if I buy your sparc solution. I have the money you want, do what I ask and I'll give it to you, simple rules, eh?
4) Why can't you run multple Linux VMs on a single Solaris O/S?
Why would you want to. What benefit does that give you over say, linux on blades.
Because I'm the customer and that's what I want. Trusted Solaris has had multiple security problems and I want to virtualize for security reasons, plus it's good enough for java so why not something else? I can do it on a z server and it outperforms Sun's enterprise hardware in every measure.
I worked at IBM for close to 10 years, throught the early and mid 1990s. These answers sound remarkably similar to things I heard said there. The difference is that IBM is a lot bigger than Sun, makes a lot more money and they have far far more research talent for 'innovating their way out of the hole.' Honestly, Sun should spend more time listening to their customers and less time listening to their prima donas. If a customer wants VMs on Solaris with linux in it (clue, they are giving solaris a life line you dumb asses! they are hedging on sun and you don't want to take it?!?) then they should make it. If a customer wants x86 solaris or Linux on sparc they should bloody well start providing those.
It may sound cliche but IBM reinvented itself in a lot of ways and they are still in business becuase of it. Sun is so far out in the weeds dorking around they don't even understand how they are being passed by. You can thank the ego maniacs in the executive corps there for that. Tell me, why the hell hasn't Scott been fired? He's practically destroyed the company.
Unlike IBM, they are being pretty sleazy about this. They understand the GPL very well, they know exactly what they are doing. I've spoken at length with members of the development and managment teams about it on other products. I'd feel different if this were and oversite but they know exactly what they are doing. They are stealing code and then what's even worse, they are putting the companies that buy their products in the line of fire.
I wouldn't be surprised if you could find some kind of GPL sob story about the FSF "thugs" making somebodies life suck, I remember RMS creating a shit storm by suggesting that Linux be called GNU/Linux which seemed to offend a very vocal fraction of the libre software movement and caused a great deal of pain and suffering but this simply isn't it. (That's a joke if you're humor impaired) Forbes is just trying to sell issues, appeal to the rich want-a-bes that read it regularly. I guess that new Ford GT40 wasn't available in time to do a fluff piece on a car that none of their readers will ever have but all want... Or maybe the fall Rolexes were late, who knows?
I'm all for duplicating that too.. Sounds like good research to me.
There hasn't been a huge buyoff on it from the kernel community but it looks like 2.7 may include it, the API is now called fastboot.
Proxy firewall? Anyone?
I'm a capitalist. I believe in the system, I'm paid by the system and I'd like that to continue. The problem, or rather the problem as I see it as an engineer is that the market genearlly doesn't choose the "best" solution. We would have OS/2 and MacX desktops instead of Windows. We'd have betamax instead of VHS. We'd all drive Honda Accords instead of the multitude of different cars that we all drive. I've learned this time and time again in small businesses, technology isn't what sells, being focused on the customer and being quick and cheap are the biggest ones right now. I've seen shitty products win contracts against far better products but during the bake-off they called tech support and a humand answered one phone and a machine answered another and that was that, even though one clearly had better technology.
So now the market is shifting, for the longest time the engineering and technology were less important, now people are focused on a technical feature: security. Here is where I think it get's hazy, security isn't defined, most companies in the security business are full of shit, there aren't crash tests or something. MS will just start saying that they are securing their products, they will blame problems on users. How can you measure that they are actually improving security other than taking their word for it and empirically, you they lie then you've already given them the money, you've built the software library up on their platform and you're screwed.
I think that there are a lot of worthless lawsuits but market pressure alone may not force them to fix this stuff.
The whole indemnification thing is another area, if you buy in to Sun's or HP's indemnification program, you essentially start to give up your rights to the software, the very rights RMS has been fighting for. They put hard limits on how you can use the software, where you can use it, etc.. Should parts of the industry buy in to those games more fully it put's a serious damper on the use of free software. Fundamental freedom type stuff, like Sun won't let you use Linux in the "server" and indemnify it. Further research on it shows that they are trying to leverage that so that you can't use Linux on *any* server if you wish to be part of their program. Those are hard things to undo once done if there is market support for them.
It's really useful though. I have all my course notes from CMU, most are typed up, they are all sorted out in an anal sort of way and I've gone back to them regularly during my professional career. You end up solving the same problems. They are valuble to me and I'd never bring them in to my place of work. THis starts to fill that void a little bit, it's not the same but it's nice to have access to. If other schools jump on board it could be really useful.
Put the Stevens books in to digital form and I don't need a book at work for anything, I have access to it all online. Very cool, only been talking about paperless offices for about 30 years now. Nice to see a little progress.
Most clients now spawn an exec and pipe data to PGP or GPG. Nothing in the GPL prohibits that.
I'd just be curious to hear an example of what someone did and got warned. With DSL there is at least a somewhat legitmate claim that you're buying the bandwidth, on cable you are sharing the stream with other people. I could see non-stop streaming being a problem. Somebody downloading 6 stream 24-7 not listening is somewhat upsetting, especially if he was on my link. From my personal experience with DSL, Sprint Wireless Broadband and then AT&T and now Comcast cable based internet, I'd have to say that Comcast/AT&T handedly spanks the others.
I see this largely as a problem of the integration. If there is an OpenSSL issue, it affects which programs? Apache, OpenSSH, tcpdump (yep, it can use OpenSSL to the decodes) and dozens of others including databases that use SSL for secure connections. Depending on which vintage of the software you are on it potentially means you'll end up updating all of that stuff. RPM and deb fixes a lot of this stuff but I bring it up becuase I've seen the problems happen in the real world. A stupid SSL vuln caused us to update a database which is used for production data, it becomes a risk problem at that point, what's a lower risk the possiblity that someone may use the SSL attack or the possiblity that upgrading the database will be more complex than installing an RPM and require hours and hours of downtime? Once you're making those kinds of tradeoffs you've already lost.
Some opensource secure coding standards and guidelines would be nice and I think they could help cut down on these kinds of problems, they won't fix them but they can help. C and C++ aren't the problems, there are plenty of embedded programs that don't have those problems and they use different coding strategies and practices. You have to have a complete knowledge of the system to do secure coding. Java based daemons is kind of a solution but it ties us to a vendor and it's really heavy handed and takes a lot of memory to perform, worse it's not a small undertaking and Tomcat and JBoss have had some terrible security problems also. We end up trading one class of problems for a different set.
I just scanned the OpenBSD site and did a quick google, no OpenBSD secure coding standards and guidelines document exists... We need something like that, we already have groups doing audits and some very very good people doing them like Solar Designer and Theo de Raadt. What are they doing and looking for? Why isn't there a document for OpenBSD that explains why it's supposed to be more secure? If we came up with some good standards and practices for the whole community to emulate we'd be much better off.
My best times were power on to init in about 2.7 seconds. By the time we got the "authentication code" and what not in it was closer to 30 seconds.
Take all that BIOS stuff out and create a truely lean and mean setup with minimal init scripts and you can blaze. Longest step was copying the kernel from slow-mo flash memory in to RAM...
On the 5th near miss where nothing happens, the 6th won't be news worthy. Remember chicken little who cried that the sky was falling? Or the boy who cried wolf?
And you're not serious in believing that congress is going to come up with a solution do you? So congress will debate and then they will bring some of these scientists who don't have enough money to really do good research in front of them, he will say something to the effect that if an asteroid is coming the best thing is to bend over, put your head between your knees and kiss your ass good bye. Why? because that's the only practical thing to do. That will get pigeon holed before it goes up for a vote because we have the mightiest military there ever was and that's simply not a grand enough thing for this great nation to do.
So they will put together some kind of exploratory committee. Al Gore was a master at these, the guy failed out of grad school, he didn't quit, he got booted out and told not to come back and then has the audacity to speak like he's a member of the super educated elite that invented something like the internet or the space telescope... haha.. "So I was sitting on my daddy's ranch in Nashville and the boys at NASA and DARPA called me up to ask my opinions on connecting millions of computers together. I sketched out some ideas for something that became known as the OSI stack... haha." sorry about that, I always laugh when I think about it.. anyhoo, said exploratory group will include many non-scientists who are supposed to "have people" that can give them answers. The answers are related to questions like "if I fire up Oakridge to build a whole shitload more nukes and create a few more jobs, will I get re-elected?" and "will landing Bruce Willis on an asteroid somehow turn around my state's (California's) economy and get me re-elected or maybe set me up for a presidential bid?"
After 10 years and some insane amount of "research money" later (read: meetings at Pebble Beach and Augusta and 3 martinit lunches with "their people") some how they will scratch together a proposal with about 50000 "riders" on it because no way in hell can they vote down the asteroid defense initiative. So in exchange for it we'll also get some shit about The Salt Lake becoming one of the Great Lakes, some kind of abortion advertising ban, and a new video game tax. Then the fundamental meat of the bill will be to build some kind of impossible to construct trillion dollar space laser or nuke launching platform that won't actually stop an asteroid anyways.
And that is how a bill becomes a law. I think there was a saturday morning cartoon short that described all of this.
The worst part of these attacks is that if you properly proxy firewall, they can't happen.
Instead of trying to get money out of them (look at all the young pirates bitching about being sued for a few grand, they don't have money) why don't we just cut their link for a period of time, say 8 days? It's short enough that you can deal but long enough to really piss you off so you had better make sure you don't let that stuff happen.
I know there are a bunch of Ada hackers out there and people with other languages they are advocating and trying to protect, this seems like an ideal task to prove your prowess and the strength of your tool set by building a better SSH server and client. I'd love to see some network infrastructure servers done in Ada.