I was lucky enough to get to play around with a Niagara 1 demo unit a year or so ago, and it was mediocre as a general-purpose server. The system was amazingly fast if you could keep its 32 threads saturated (and I notice that the new one is 64 threads), but if you were only running, say, 8 threads, you would do as well on a more mundane server. I don't have the exact numbers here, but from what I recall:
The first test was a "make" test. On my desktop machine (generic dual-core Athlon), configure for some large software package (BerkeleyDB, I think, to run more benchmarks on) took a minute, and make -j 3 took 5. On the Niagara, configure took 5 minutes, and make -j 40 took only one.
For high-concurrency database benchmarks, the cost of synchronization made the Niagara slower than a standard AMD-based server. For a less concurrent load, the Niagara was of course much faster. Interestingly, a dual-core server performed much better here than a dual-processor single-core server, because the synchronization cost was lower.
For web applications, the Niagara did well for simple applications, but introduced unacceptable latencies for more CPU-intensive ones.
For anything floating-point, the original Niagara choked due to its single FPU, but that's what the T2 is supposed to fix.
How long until this triggers an epileptic seizure in some poor unfortunate - and worse still, would whoever's wielding it be able to tell the difference between the potentially life-threatening seizure and the normal reaction? Epileptic seizures are not generally life-threatening by themselves, except that they shut you down for a minute or so. So unless you're swimming or driving a car, it's not a big problem. And if you are doing one of these things, a disorienting strobe light is almost as dangerous.
This could actually be a problem, much more than epileptics: what's the range of effect of these things, and will they "blind and disorient" nearby drivers?
Their excuse: "As soon as we allow untrusted operating systems back onto our network, malware will be back with a vengeance." Whose excuse? The cable companies wouldn't the group trying to rationalize banning Linux. I mean, I'm sure that was just a typo, but you have to understand: there is a fair amount of money tied up in seeing through this ridiculous argument.
The only thing stopping PSP from being a general-purpose gaming computer is the lockout chip. You're giving an example of a device in a specialized, proprietary, vertically integrated market with a lock keeping it from being slightly less specialized, a condition that would seriously hurt Sony. You're using that to argue that an open, commoditized market (which has become more and more open and commoditized over the past 20 years) of general-purpose devices will suddenly become entirely closed, proprietary, vertical and special-purpose, despite the extreme disadvantage that this would pose to almost all of the players. I suppose it could happen, but it sounds unlikely to me.
In another comment to this article, jmorris42 suggested just such a dystopia. I thought his scenario was unlikely, to put it mildly. So did a few other posters.
even most of the "white hat" hackers are "cybercriminals" Checking http://en.wikipedia.org/wiki/Hacker_definition_con troversy gives Linus Torvalds as an example of a hacker of the "other definition"... in what way is he a cybercriminal? Usually "hats" only apply to security researchers, not to any clever programmer. It is not uncommon (but perhaps not as common as GP implied) for "white hat" security researchers to break overly restrictive computer crime laws in the course of their jobs, which would indeed make them cybercriminals. Of course, someone who does this regularly is likely to be classed as a "grey hat".
Residential Internet service providers also have a strong commercial incentive to keep malware off their networks and off their other customers' PCs, and if Trusted Computing proponents manage to convince e.g. Comcast and Verizon that Trusted Network Connect can do that, then Trusted Network Connect it is. If Trusted Windows were that good and that popular, there wouldn't be any more malware.
Tell that to Sony Computer Entertainment, maker of the PSP handheld computer. Oh, come off it. "Computer" means a general-purpose machine, not a purpose-designed gaming console with an ARM, a D pad and 4 action buttons. Or do you think there won't be any more general-purpose computers in 10 years?
All of them bundle cameras, PDAs, MP3 players, and a kitchen sink with a battery life of 2 hours, all for the low price of $350 or more... I used to agree with the minimalist sentiment for exactly this reason. But then I looked on Amazon, and saw things like the w810i for $0.01 (-$100 after rebates). Now, that's a periodic deal; the w810i is currently $-20 after rebates. Similarly with the RAZRv3. Of course, that's with service. But even considering that, mp3-player-camera-pda phones are not much more expensive than truly minimal ones: no phone is going to be cheaper than, say, -$100 with service. Blackberries and smartphones are more expensive: most of them are a cent or even more, but I'll bet you can swing it.
Then again, there's size, weight and battery life. But really, the RAZR and the w810i are both pretty small, and both get pretty good battery life: 7 hours of talk time and more than a week of standby, or something like that. I'm using the RAZR and the w810i just as an example. It just turns out that a camera and an mp3 player don't cost much money, space or battery life.
Of course, if you don't like the complexity, you're about out of luck...
I don't understand you people. It's a possibility that open-source software soon won't be able to play mainstream movies. (It can't legally play them now, IIRC, but that doesn't stop anyone.) Linux already can't run most commercial software, at least not without messy and dubiously-legal WINE hacking. But ISPs cutting off network services? Websites refusing to connect to open source browsers or operating systems? Laptops that block Linux installations? These are exceedingly unlikely.
Why? Because all ISPs, all computer vendors and most websites have a strong commercial incentive to allow users access, regardless of their software. You pay your ISP for a connection, and in general they don't give a shit how you use it, as long as they're not missing an opportunity to upsell you. Computer vendors want to sell you hardware; they don't care what you run on said hardware as long as they don't have to provide tech support. Commerce websites don't care what you're running as long as you buy stuff. Other websites care that you're not running an ad blocker, but that's about it.
Of course, Microsoft could bribe or blackmail these guys, but that'd get shot down faster than you can say "RICO". There are enough Linux sympathizers in the corporate world to bankroll the lawsuit, too.
Palladium has been around for two years, and all we've seen with it is enterprise security. Yes, they'll probably use it for DRM eventually. I know, you have to be vigilant, but that doesn't mean you have to be paranoid.
Algebra isn't mandatory in your school? In my school, everyone had to take it. He probably means commutative algebra, which may not be required even for math majors.
Uh, thanks a lot for the lesson on RSA, but actually I'm a security researcher. (Maybe I'm being trolled? Eh, whatever.)
"Fewer equations than variables" can't ever prove something like this, because there's always enough information to decrypt. That is, an attacker could, if he had lots of time, try every x and see which one encrypts to y. There had better only be one of them, because otherwise the intended recipient can't decrypt either.
While that would take basically forever, you don't need to try every x. You can recover the decryption exponent b (usually called d, for decryption) from a (usually called e, for encryption) if you can find the factors of c (usually called n). Factoring is hard. Nobody knows how to do it in a reasonable amount of time, even on a supercomputer, when n is really big (hundreds of digits). But there's no proof that it can't be done quickly, and n has to be bigger and bigger as people make faster computers and smarter factoring algorithms. Nor is there a proof that you need to factor n. For instance, if a is fairly small (like, say, 3) and some partial information is available about x (say, you know the structure of the message and can guess most of the fields), then you can find x anyway. That's why people usually set a=17 or so.
The point is that with something like public-key encryption using an Open Source algorithm, the only thing that has to be kept secret, and does not even have to be shared with the other party, is the decryption key. And you can prove that (if you've studied enough maths). Err, not so much. Proofs of security always assume that some problem or another is hard. For instance, if you can't factor numbers or break hashes, then you can't break Rabin's signature scheme (caution: random oracles required; void where prohibited). That's all well and good until someone breaks your hash or factors your public key. Oh, and hey, SHA1 and MD5 (hashes) are both broken.
Often the problem sounds suspiciously like the scheme itself. For instance, Diffie-Hellman-like schemes are secure unless you can solve the so-called "Diffie-Hellman problem."
Block ciphers typically carry no guarantees whatsoever, since they aren't based on the sort of mathematical structure that public-key systems use. The best you can say about them is usually, "Well, we used a conservative design, and haven't been able to break it with certain classes of known existing attacks."
This isn't to say that provable security is useless, just that its guarantees may not be as strong as you think.
But from a moral/political point of view, it is wrong/unwise for the **IA to be selective in their pursuits of 'violators' of their clients' copyrighted works, and doubly so in the public eye (as public officials are "role models", and also a generally privileged class). Oh, come off it. They're suing people who upload/download thousands of songs over p2p, not people who give mix tapes to their dads.
-Ubuntu: I had a lot of hope for this one. That is till it failed to start up after installing because the kernel was not compatible with my system (via epia). Of course this has been known for 6 months, no solutions were given anywhere and no notices were given during the install itself. I do not have time to recompile a kernel so I said F it. Really? What Ubuntu and what EPIA? I'm running Dapper on an EPIA M and Feisty on an EPIA EN right now, and they both work fine. I would say they worked out of the box, but Feisty was beta when I installed it and still had the broken RAID issue (I don't think that was VIA-specific). I expect it would work without any fidgeting now.
Under current copyright law software is no different than hardware or apples or nail clippers. It's still considered a tangible good that is purchased and sold (or licensed). I'm sorry, but this just isn't true. Physical property is private ownership of an object; intellectual property is the right to control copying, distribution or use of an otherwise public piece of art or information. Physical property violations (like stealing) are usually crimes; intellectual property violations (like copyright infringement) usually aren't: they're torts. There are no exceptions to physical property laws for research and educational uses. And as much as Mark Helprin might want it to last forever, intellectual property is usually ceded completely to the public after some (theoretically) limited amount of time.
It should also be clear that illegally using software you haven't paid for (and can't afford, or otherwise weren't going to buy) is different from stealing (or refusing to pay for) hardware. In particular, because the marginal cost of a pirated copy of software is essentially zero, "stealing" software you weren't going to buy is very nearly Pareto optimal. Hardware theft is not. That is, if I pirate Windows, and wouldn't have bought it, then I gain something and Microsoft loses nothing (though it is possible that Microsoft's competitors have lost a sale). If I steal a computer, whomever I stole it from is out a computer. If they're a vendor, they're out the revenue they'd get from selling it: since I stole it, they can't sell it to someone else.
I'm not saying here that copyright infringement should be legal, just that it's very different from theft, both legally and ethically.
Note the "they probably won't even read the modified contract" bit. True, but they won't sign it either. Company policy is almost always to refuse to sign it no matter what the changes are. In fact, since the contract is between you and the company, not between you and the employee, they probably don't have the authority to agree to whatever changes you made.
There's an obvious reason for this: even if the salesperson reads the contract, he doesn't understand it except at a very high level. Hacking out paragraphs from the contract (particularly at the request of the customer) could lead to the contract being unenforceable, customer not paying, or even a lawsuit the company. Consider the situation we're discussing: OP suggested that you modify the contract to take out the "we make no guarantees, we might packet-shape, bandwidths are peak, you can't sue us" section, then suing if they packet-shape.
Companies only care about larger contracts that cost them a sizeable amount of money... Also true. So if your business is worth their lawyer's time to approve a modified contract, you have a shot.
So does this detect the driver speaking on a cell phone or simply someone in the car talking on a cell phone? Most cars on the road no passengers, only the driver. The cop can see whether you have a passenger. Heck, he can just not use this system in the carpool lane.
I saw a presentation by the Goodmail people (or maybe it was a nearly identical competitor?). Basically, they maintain huge lists of IPs and domain names that are associated with spam, or not. More or less an RBL. This service is then contracted out to ISPs, who pay some nominal fee for spam lookups.
The fee that Goodmail charges senders goes to two places. One, it pays for Goodmail to audit them, make sure they're not spammers, and keep them on the Goodmail whitelist. The audits require continuously low complain rates, stricter-than-CAN-SPAM opt-in and opt-out practices, and so on. Secondly, Goodmail monitors their clients' spam status on other RBLs, and investigates and tries to fix the problem if they end up there. (Sometimes it's a mistake and they contact the RBL people; sometimes the machine got hacked and they contact the company.)
Furthermore, it has to be said that 1/4 cent per message really isn't that much. I'd gladly pay that much if it would eliminate spam (which it won't, but just saying). And if they jack up the price later, well, the Internet is an open place, and other configurations or protocols will come out for free.
On the other hand, you have to understand who Goodmail's clients are. They're softcore spammers. They're "confirmed opt-in" marketers, which means people that send you mail that you probably didn't want if you forget to uncheck the "please spam me" box on service agreements. And their mail will no longer be filtered by your ISP's spam filter. Blah.
Well, since it's a contract, you could strike out the sections you don't like, sign it, and then let them instantly refuse to sign it (they probably won't even read the new contract). There, fixed that for you. You really should use the "preview" button, you know?
Sounds like a security flaw to me... Is the Flashed memory CRC'd and stored on the HD for verification? First, I'm not sure how this would be a security flaw. I mean, if you can write to the flash (which is on a PCI-e mini-card inside the computer), then you can write to the hard drive anyway.
Second, I'll bet it's checksummed in some way in case the flash goes bad.
Third, using "CRC" and "security" in the same statement is just wrong. An attacker can do evil things with your data and still give it whatever CRC he wants.
The price is as high as the owner says it is. But if the price is too high, then the property will not sell. The actual value of the property is whatever you can, in fact, sell it for. Publilius Syrus notwithstanding, this is incorrect in the free market: the owner's valuation of the property matters, too. This isn't his asking price, but the maximum amount of money $X such that if the owner were given $X and his property stolen and put on auction, he would bid $X-epsilon to take it back.
Because there is a significant cost in the use of new property, particularly houses (between moving expenses, time and effort, social effects and whatever), the owner's valuation of a particular property is likely to be greater than everyone else's. After all, if he didn't think think this were true, he'd put it up for sale.
For example, I have a rock (it's one of those tiger-repelling rocks) for which I ask one hundred billion dollars. But, unless you're frequently harassed by tigers, that's probably not your valuation of the rock. If I took your rock by force, and gave you one hundred billion dollars, would you offer me $99,999,999,999 to have your rock back?
Think of how rapidly computers depreciate in value. The computer market isn't very rational, but depreciation of cars and computers in this way is somewhat rational. In addition to shipping, tax and so on, a third party doesn't trust the seller, or the seller's assessment of the computer's condition. Nor does he trust that he will be able to get the manufacturer's warranty, or that all the standard components will be included. There's also the risk of problems not likely to be covered by a manufacturer's warranty, such as dead pixels, a subtle whine, or what have you.
That being said, does 11"x11"x2" for $519.97 work for you? While technically you fulfilled the grandparent's requirements, it should be noted that the machine you linked is near the absolute bottom of the barrel for new computers. Its hard drive is slightly bigger than the Mini's, because it's 3.5" instead of 2.5". However, it has no optical drive, 256MB RAM, a VIA C3 (not even a C7) processor, and VIA integrated graphics. It doesn't even have DVI out like the Mac Mini has, nor does it have gigabit ethernet.
The baseline Mac Mini's Core 1 Duo processor ought to outperform the C3 by about a factor of 6, and a factor of 10 or more if you need floating point. It has twice as much RAM which is more than twice as fast, and an optical drive. And while Intel integrated graphics chips are slow, they beat VIA graphics hands down.
As it happens, the PC is significantly overpriced: if you want to go VIA, you can get better components for a lower price (and I should know, I built such a PC). But it would be difficult to make any EPIA system perform anywhere near a Mac Mini for anything taxing other than crypto.
There was a guy whose Mac+ survived a Slashdotting. The website was static and mostly text, and he was running some kind of hardcore minimalist webserver (thttpd, I think), but stayed up and stayed responsive.
Slashdot Mirror
I was lucky enough to get to play around with a Niagara 1 demo unit a year or so ago, and it was mediocre as a general-purpose server. The system was amazingly fast if you could keep its 32 threads saturated (and I notice that the new one is 64 threads), but if you were only running, say, 8 threads, you would do as well on a more mundane server. I don't have the exact numbers here, but from what I recall:
The first test was a "make" test. On my desktop machine (generic dual-core Athlon), configure for some large software package (BerkeleyDB, I think, to run more benchmarks on) took a minute, and make -j 3 took 5. On the Niagara, configure took 5 minutes, and make -j 40 took only one.
For high-concurrency database benchmarks, the cost of synchronization made the Niagara slower than a standard AMD-based server. For a less concurrent load, the Niagara was of course much faster. Interestingly, a dual-core server performed much better here than a dual-processor single-core server, because the synchronization cost was lower.
For web applications, the Niagara did well for simple applications, but introduced unacceptable latencies for more CPU-intensive ones.
For anything floating-point, the original Niagara choked due to its single FPU, but that's what the T2 is supposed to fix.
This could actually be a problem, much more than epileptics: what's the range of effect of these things, and will they "blind and disorient" nearby drivers?
It's more like a series of tubes...
Then again, there's size, weight and battery life. But really, the RAZR and the w810i are both pretty small, and both get pretty good battery life: 7 hours of talk time and more than a week of standby, or something like that. I'm using the RAZR and the w810i just as an example. It just turns out that a camera and an mp3 player don't cost much money, space or battery life.
Of course, if you don't like the complexity, you're about out of luck...
I don't understand you people. It's a possibility that open-source software soon won't be able to play mainstream movies. (It can't legally play them now, IIRC, but that doesn't stop anyone.) Linux already can't run most commercial software, at least not without messy and dubiously-legal WINE hacking. But ISPs cutting off network services? Websites refusing to connect to open source browsers or operating systems? Laptops that block Linux installations? These are exceedingly unlikely.
Why? Because all ISPs, all computer vendors and most websites have a strong commercial incentive to allow users access, regardless of their software. You pay your ISP for a connection, and in general they don't give a shit how you use it, as long as they're not missing an opportunity to upsell you. Computer vendors want to sell you hardware; they don't care what you run on said hardware as long as they don't have to provide tech support. Commerce websites don't care what you're running as long as you buy stuff. Other websites care that you're not running an ad blocker, but that's about it.
Of course, Microsoft could bribe or blackmail these guys, but that'd get shot down faster than you can say "RICO". There are enough Linux sympathizers in the corporate world to bankroll the lawsuit, too.
Palladium has been around for two years, and all we've seen with it is enterprise security. Yes, they'll probably use it for DRM eventually. I know, you have to be vigilant, but that doesn't mean you have to be paranoid.
And yes, I run Linux.
Uh, thanks a lot for the lesson on RSA, but actually I'm a security researcher. (Maybe I'm being trolled? Eh, whatever.)
"Fewer equations than variables" can't ever prove something like this, because there's always enough information to decrypt. That is, an attacker could, if he had lots of time, try every x and see which one encrypts to y. There had better only be one of them, because otherwise the intended recipient can't decrypt either.
While that would take basically forever, you don't need to try every x. You can recover the decryption exponent b (usually called d, for decryption) from a (usually called e, for encryption) if you can find the factors of c (usually called n). Factoring is hard. Nobody knows how to do it in a reasonable amount of time, even on a supercomputer, when n is really big (hundreds of digits). But there's no proof that it can't be done quickly, and n has to be bigger and bigger as people make faster computers and smarter factoring algorithms. Nor is there a proof that you need to factor n. For instance, if a is fairly small (like, say, 3) and some partial information is available about x (say, you know the structure of the message and can guess most of the fields), then you can find x anyway. That's why people usually set a=17 or so.
In Soviet Russia, Beowulf cluster imagines you!
Often the problem sounds suspiciously like the scheme itself. For instance, Diffie-Hellman-like schemes are secure unless you can solve the so-called "Diffie-Hellman problem."
Block ciphers typically carry no guarantees whatsoever, since they aren't based on the sort of mathematical structure that public-key systems use. The best you can say about them is usually, "Well, we used a conservative design, and haven't been able to break it with certain classes of known existing attacks."
This isn't to say that provable security is useless, just that its guarantees may not be as strong as you think.
It doesn't support Padlock, though.
That's the "handling" part.
It should also be clear that illegally using software you haven't paid for (and can't afford, or otherwise weren't going to buy) is different from stealing (or refusing to pay for) hardware. In particular, because the marginal cost of a pirated copy of software is essentially zero, "stealing" software you weren't going to buy is very nearly Pareto optimal. Hardware theft is not. That is, if I pirate Windows, and wouldn't have bought it, then I gain something and Microsoft loses nothing (though it is possible that Microsoft's competitors have lost a sale). If I steal a computer, whomever I stole it from is out a computer. If they're a vendor, they're out the revenue they'd get from selling it: since I stole it, they can't sell it to someone else.
I'm not saying here that copyright infringement should be legal, just that it's very different from theft, both legally and ethically.
There's an obvious reason for this: even if the salesperson reads the contract, he doesn't understand it except at a very high level. Hacking out paragraphs from the contract (particularly at the request of the customer) could lead to the contract being unenforceable, customer not paying, or even a lawsuit the company. Consider the situation we're discussing: OP suggested that you modify the contract to take out the "we make no guarantees, we might packet-shape, bandwidths are peak, you can't sue us" section, then suing if they packet-shape. Companies only care about larger contracts that cost them a sizeable amount of money... Also true. So if your business is worth their lawyer's time to approve a modified contract, you have a shot.
I saw a presentation by the Goodmail people (or maybe it was a nearly identical competitor?). Basically, they maintain huge lists of IPs and domain names that are associated with spam, or not. More or less an RBL. This service is then contracted out to ISPs, who pay some nominal fee for spam lookups.
The fee that Goodmail charges senders goes to two places. One, it pays for Goodmail to audit them, make sure they're not spammers, and keep them on the Goodmail whitelist. The audits require continuously low complain rates, stricter-than-CAN-SPAM opt-in and opt-out practices, and so on. Secondly, Goodmail monitors their clients' spam status on other RBLs, and investigates and tries to fix the problem if they end up there. (Sometimes it's a mistake and they contact the RBL people; sometimes the machine got hacked and they contact the company.)
Furthermore, it has to be said that 1/4 cent per message really isn't that much. I'd gladly pay that much if it would eliminate spam (which it won't, but just saying). And if they jack up the price later, well, the Internet is an open place, and other configurations or protocols will come out for free.
On the other hand, you have to understand who Goodmail's clients are. They're softcore spammers. They're "confirmed opt-in" marketers, which means people that send you mail that you probably didn't want if you forget to uncheck the "please spam me" box on service agreements. And their mail will no longer be filtered by your ISP's spam filter. Blah.
Second, I'll bet it's checksummed in some way in case the flash goes bad.
Third, using "CRC" and "security" in the same statement is just wrong. An attacker can do evil things with your data and still give it whatever CRC he wants.
Because there is a significant cost in the use of new property, particularly houses (between moving expenses, time and effort, social effects and whatever), the owner's valuation of a particular property is likely to be greater than everyone else's. After all, if he didn't think think this were true, he'd put it up for sale. For example, I have a rock (it's one of those tiger-repelling rocks) for which I ask one hundred billion dollars. But, unless you're frequently harassed by tigers, that's probably not your valuation of the rock. If I took your rock by force, and gave you one hundred billion dollars, would you offer me $99,999,999,999 to have your rock back? Think of how rapidly computers depreciate in value. The computer market isn't very rational, but depreciation of cars and computers in this way is somewhat rational. In addition to shipping, tax and so on, a third party doesn't trust the seller, or the seller's assessment of the computer's condition. Nor does he trust that he will be able to get the manufacturer's warranty, or that all the standard components will be included. There's also the risk of problems not likely to be covered by a manufacturer's warranty, such as dead pixels, a subtle whine, or what have you.
The baseline Mac Mini's Core 1 Duo processor ought to outperform the C3 by about a factor of 6, and a factor of 10 or more if you need floating point. It has twice as much RAM which is more than twice as fast, and an optical drive. And while Intel integrated graphics chips are slow, they beat VIA graphics hands down.
As it happens, the PC is significantly overpriced: if you want to go VIA, you can get better components for a lower price (and I should know, I built such a PC). But it would be difficult to make any EPIA system perform anywhere near a Mac Mini for anything taxing other than crypto.
There was a guy whose Mac+ survived a Slashdotting. The website was static and mostly text, and he was running some kind of hardcore minimalist webserver (thttpd, I think), but stayed up and stayed responsive.