This is out there even for Slashdot conspiracy theories. Are you seriously trying to claim that the Republicans are preparing the military for a coup d'etat? And you genuinely think that, purely by virtue of party affiliation, the military will actually go along with this?!
Well, I guess they need to do it to combat the systematic infiltration of our nation's educational systems by Democratic pot-smoking radicals, who as we all know are trying to corrupt our youths into sharing their absurd moral relativism and casual attitude toward sex. So in the end it'll be a battle between the military and the nation's stoned and post-coital youth. (I think the Republicans might win that one.)
Go ahead and mod me flamebait, because I am. (Well, I tried to be a little funny too. I don't believe a word of my second paragraph, but you know it's a popular conspiracy theory among some Republicans.) But it boggles the mind that anyone could possibly be so insanely paranoid as to buy Superjhemp's last paragraph, and at least 3 people are. Well, maybe I should give the mods the benefit of the doubt; I was totally on board with him until his concluding "theory." But still!
Easy enough. I do not trust Steam's "security" well enough to give it any sensitive information. Furthermore, I want a copy on a CD so that, if Steam breaks for whatever reason (which it likes to do), I can still install and play the game I bought.
I have no objection to preloading per se. Well, it does use up my bandwidth, hard drive space, and CPU power for something which is going to remain useless for at least another month. But my main objections are security concerns and the lack of a CD image.
Considering that I don't really gain anything from doing this, I'm not going to. I'll just go buy the game when it comes out, or a week later, or whatever. Any excitement I had for HL2 has been wiped out by Steam, the constant delays, and Valve's treatment of its paying customers. I think that's why you see all the bashing: people are pissed because they feel Valve are treating them like shit since they know we'll buy HL2 no matter what they do. It doesn't have anything to do with preloading, but anger will find expression where it will, not necessarily where it makes sense.
Basic security is not difficult. If you know the rule of "If you don't need it, turn it off," you know everything you need to about basic security. Hackers, like just about all criminals, go for the path of least resistance. If you take basic precautions, you'll defend yourself against everyone who isn't out to get you personally.
In short, find a hosting company with a lot of Windows servers nearby IP-wise. This is, sadly, not a troll or flamebait, it's my experience. Apache is not what you have to worry about, it's scripts you run. Every single non-targeted exploit of a Unix machine I've seen (that is, compromises that don't target a particular site or person) has been the result of a buggy script. And usually a script that's installed on a ton of systems, so the hackers can compromise many machines with the same attack. Most of them are looking for warez dump sites or launching points for DDoSes. It's not worth their time to target individuals.
It might be that when they say "the Google of structured data" they don't refer to popularity at all, in fact. They might just mean that you can use Google to search just about any kind of unstructured data, whereas previously searches worked best when narrowed to a specific area. (Forum posts, sales sites, etc.) So if this product really will work well with all kinds of structured data, with no modifications to the basic algorithm, I might consider that "another Google."
I, personally, can think of a couple uses for this sort of technology. I know of at least one really awesome way I could use it at work (spotting compromised servers based on nmap scans, which is currently very difficult for a variety of reasons). I imagine marketing, sales, and management folks could think of a hundred more, since they also tend to work with huge volumes of structured data - so much data that it's tedious, error-prone, or flat-out impossible to go over it by hand. Specialized solutions exist, no question, but they are, of course, specialized. Wouldn't it be great if you could use one program to do it all? That's what Google has done for Internet searches.
I don't want this to turn into a diatribe against the UN, but don't ever mistake it for a neutral, impartial, or unbiased agency. That's the exact opposite of what it is. It's more like the sum of all the biases and partisanship in the entire world, and it just happens that most of them cancel each other out via all the elaborate balances in the system.
Bugs in the filesystem are not permissible. People are willing to take occasional downtime and the loss of small pieces of data. They won't stand for an entire filesystem getting corrupted. Think back to the early days of open source "alternative filesystems" like ReiserFS, XFS, and JFS. They all had growing pains, and some people (like me) still haven't forgotten them. If MS ship WinFS with major bugs in it, it'll hurt them badly, especially if their new products rely on the presence of WinFS. (People won't stop using Windows, they'll just use NTFS instead.)
Imagine that the next versions of SQL Server and Exchange both rely on WinFS. If people aren't using WinFS, they won't be using SQL Server and Exchange. That's a big, big problem. I mean, look at the open source world. How many apps are there which really take advantage of all the features present in XFS, JFS, and ReiserFS? Almost none. It's because they have a history of dubious reliability, so people (and hence distros) have been slow to adopt them. That's precisely what MS are afraid of. They can't roll out WinFS until they know it's reliable enough that people won't be afraid to take advantage of its new features.
And don't forget that this is not an evolution of NTFS or FAT, it's a completely new animal. Not just in the data structures that are stored on the disk, but in the whole concept of what a filesystem is and how it's to be used. The fact that it's all new code makes it hard to debug; the fact that it's a new paradigm (apologies) makes it almost impossible. How can you know the new features are bug-free if there are no programs which use the new features?
Well, next time buy a DVD player that you know will be compatible. There are review sites on the Internet rating how well players do with different media types. They also list features, like support of strange-bitrate VCDs and SVCDs, DVD-on-CD, etc. An invaluable resource. That's how I decided on mine, and wouldn't you know, when it arrived (after being ordered sight unseen) it had a sticker on it saying "Plays DVD+/-R/RW discs." (And it does, though it's pretty sensitive to scratches. In my experience, much like all consumer electronics and recordable media.)
I'm sorry, but when you're talking about hard drives, there is no "atomic." It's as simple as a power failure while the disk drive is in the middle of writing a block (albeit a block sent atomically by the OS). Or as simple as a RAID controller with a write cache, or a hard drive with a write cache. Or hell, you could lose power while bits are flying across the controller cables.
And yeah, you'd better believe it happens. The BSDs use a similar approach called SoftUpdates (basically odrered writes). If power craps out in the middle of a write, you will have corruption. The main advantage is that, because writes aren't scattered all over, you only lose the file(s) you were most recently working on. This focuses the damage, it doesn't reduce it at all.
And yet the RFID-enabled badge I use to open doors at work needs to be 1 inch away from the wall-mounted sensor. Perhaps if I carried a package of condoms in my khaki pants to work...
Lets face it, you're not going to "see" very detailed pictures on your cell phone.
What sports fan needs them? I don't need to see anything to know that the guy jogging to catch a fly ball to center is Johnny Damon. I don't need to see anything to know the guy dropping back to throw a pass is Tom Brady. Ditto for Joe Thornton and Sergei Samsonov, and while I don't follow basketball, I'm sure those who do can spot Paul Pierce. (Actually, even I could identify Pierce, just not anyone else on the team. I really can identify everyone on the Red Sox and Bruins by their general size and "manner" alone. And, because I'm a Sox and Bruins fan, I can do the same for the Yankees and Canadiens.)
All I need is a sketch of the action. Play-by-play and a little imagination will fill in the details. I'm sure I'll miss some things, but if all I get is an AP-written game summary, I'll miss all of them. The excitement of seeing a game-winning home run live can't compare to the excitement of reading about it the next day.
You're right, the key is "cheap." Clusters don't offer the same level of performance as supercomputers. I don't think you'd disagree with that statement. What they do is offer a similar level of performance - once unattainable by desktops or even high-end servers, and here I mean real high-end servers instead of just quad Opterons or the like - for probably a tenth the cost.
But even then, there are legitimate needs for supercomputers. A traditional PC-based server solution will address probably 99% of all problems. An inexpensive cluster will get you 99.9%. But there's that remaining 0.1%, and that's the target audience for whom Cray and similar companies exist.
The fact that PCs can be used almost unmodified to create supercomputers and high-speed clusters is remarkable, and says tremendously good things about the flexibility and power of the architecture as a whole. But there are just places it can't go, not yet. For example, you know how you never get 99% efficiency with 100 megabit ethernet? You're lucky to get 70% with gigabit, and 50% is a pretty common figure. PCI-X, at least at the speeds we're talking about here, is so rare now that it's hardly cheaper than custom supercomputer-style solutions - effectively because it is a custom supercomputer-style solution. I don't think we'll ever see common systems, even midrange servers, with more than one 16X PCI-X slot.
I really think this is what Cray mean here. Not that Linux-based clusters have no use, but that there is still a significant market for which they are suboptimal. And, in all probability, will always remain suboptimal. However fast PCs get, however popular PCI-X and similar high-speed buses become, supercomputers will just get faster to match... and computational problems will get harder to go along with them. I just don't see the need for supercomputers, at some level, ever going away.
(I hope people find my comment useful in some way. I elected to post it rather than mod down the idiot posting flamebait about Macs in reply to you. And here's hoping people don't interpret this as karma whoring, since usually if you say "This will get modded down" it doesn't. But... oh, hell. I don't even know which Slashdot rule of thumb applies to my post at this point.)
Another common type of attack, though not spam-related, is the Distributed Relay Denial of Service. A recent Slashdot story covered the Politically Conceived Denial of Service.
And let's not forget the Systemwide Offensive Linking All Remote Internet Sites, a truly ghastly crime against nature, itself second only to the destructive powers of the terrorist organization known as the Society for the Literal Annihilation of Sites Hosting Data Oriented to Technology (motto: Nothing Ever Withstands the Society; Fear Our Response. Now Eventually Readers Duplicate Stories, Stories That Unfortunately Flopped the First Time, Horribly. Although Taco May Attempt to Tend Things, Evil Results Somehow.)
This message brought to you by the Key Atomic Benefits Office of Mankind.
Believe it or not, most web surfers are not anti-advertising. We don't love it, sure; but we get it on TV and radio, in magazines and movies, at ball games, on buses, milk cartons, t-shirts, and bananas, and written on the sky. We're used to it. But we expect a certain amount of restraint on the part of webmasters. A recognition that we are not simply ad-viewing machines. We don't object to seeing banners, even pretty big ones, or "Sponsored Links," as long as there are only one or two banners (plus a link box or a larger square ad) per page. We kind of think interactive ads (i.e. Flash and Java ones) are cool and fun to play with, even if we don't care about the product being advertised. But we aren't fans of how they make our browser run slow as molasses, and we hate the ones that make loud sounds or talk to us. We don't like "busy" ads, ones with crap dancing or shaking or what have you. We don't like ads that try to fool you into clicking on them by pretending to be a system message or moving under your mouse just when you're about to click on a link (ESPN.com's horrible "slide-down" ad does this to me all the time). And we don't like ads slathered so heavily over a page, even if they are subtle and small, that it takes 45 seconds to load because of all the JavaScript (ESPN.com again). And if we're already paying for the goddamn site? We don't just expect a little consideration, we demand it.
Popup blockers are real popular. Ad blockers aren't. That's because most people are reasonable and understand that ads are necessary to keep the Internet free, or at least very cheap. But if they keep pushing... This applies to the non-virtual world, too (Spider-man on first base). We'll only tolerate so much, even when we accept that much of the world is ad-driven.
Your best suggestion is #4, simply because it's the only method that's really effective. Problem is that if you lose your CD key you're screwed. #5 is nice too, but it makes you dangerously subject to phishing scams. I really think this is the way to go, but we need some way of improving the situation. And it still won't help with games focusing mainly on the single-player experience, like Doom 3, unless you require an Internet connection. Maybe that's the way to go. It's kind of the path Valve are taking with HL2.
I'd also like to point out that #7 is the main reason we need #3. That is, if you didn't include the PDF manual on the game CD, it would be a major selling point.
Well, basically, there is a kind of data structure called a hash table. The idea there is that you take an arbitrary-length key and convolve it so you get a fixed-length, shorter result called a "hash." The hash is then used as an index into some other kind of data structure, typically a flat array. This lets you get very fast accses to anything in the hash table, provided that your hashing function is a good one. The main factor which hurts hashes is a function that doesn't evenly spread data across the entire table. Consider the English language. Some letters start words much more frequently than others. Using the first letter of the key would therefore be a bad hash function, since there would be a lot of keys with the same hash and several with almost none.
So, very simply, collisions are when a hash function takes two different input keys and produces the same hash for both as output. Going with our English-language library example from above, "Stevenson, Robert Louis" and "Sheridan, John" would both produce the same hash ("S"). That's all there is to a collision. They are inevitable when you take longer strings and turn them into shorter ones.
Now what this has to do with security may be becoming clearer. Because SHA1 and MD5 are good, general-purpose algorithms, they are used in lots of places. They are used to store your password. (You enter your password, the system runs MD5 or whatever against it, then stores that. When you need to verify your password, it runs the same process and compares the hashed versions.) They are also used as "digital signatures" to verify that the content of an object hasn't changed. And they are, of course, used in hash tables with a lot of disparate entries.
But this is genuinely not something you should be worried about. Like I said, collisions are inevitable. But the computational effort required to find one is far from trivial. It's much easier for someone to crack your password using a dictionary-based attack or social engineering or pretty much anything else, at least for now. When you should worry is if someone finds a way to take a hash and use that to produce something which, when hashed again, will result in the original: that is, two-way hashing. MD5 and SHA1 are both allegedly one-way hashes, so you cannot ever go from the hash to any sort of original data. This is why they're secure for passwords and the like. But if that should turn out to be wrong...
I can't speak much to specifics about MD5 and SHA1 because I don't really have the background in math to do so. (I have the background to write a computer program implementing the algorithms, but I can't explain why they work so well.) MD5 is older and has been suspected to be not-so-good for a few years now. SHA1 is newer and better. That's about all I can tell you.
That's exactly right. NVIDIA's continuing high-quality support for FreeBSD and Linux has made me an avid supporter of their cards. Let's be honest: they aren't making any money off this. There just aren't enough Linux gamers (and even fewer FreeBSD ones) for it to be worthwhile for them, but they're doing it anyway. That counts for a hell of a lot in my book.
Simply the fact that Windows Firewall can be turned off by another application is enough to tell me Microsoft has goofed again.
I did in fact RTFA, though it's slow as hell already, and I didn't see what evidence they had in support of this claim. I saw they made it, but not what provoked it. I mean, in Linux other applications can turn off the firewall quite easily: iptables -P INPUT ACCEPT. Does SP2 not require you to be an Administrator (or Power User) to do this?
In any event, it's obvious this is not a cure-all since it won't block outgoing connections. But it's still a big improvement and ought to immunize XP users against at least one class of attacks. In fact, coupled with a virus (especially an email virus) scanner it ought to wipe out 99.95% of all Windows desktop compromises. That's a pretty damn big step and we should credit MS for taking it, even if it doesn't go quite as far as we'd like.
We humans like things to be black and white. In order for someone to qualify as a hero, we need to be able to dismiss their little personal failings - sometimes they aren't so little - and focus on the good things they've done. That makes dead heroes much easier to come by, as we, as a society, are reluctant to speak ill of the dead.
In some cases, also, the danger is not always clear. In the 60s it was obvious that space flight was dangerous. Everyone knew it. But after 40 years, it's become so commonplace to us that it takes a disaster to make us realize this isn't the same as driving to work every day. It's like the whole 9/11 firefighter thing. We all consider them heroes now, years after the fact; but as time passes and there are no more national catastrophes, the memory fades until eventually it'll be Just Another Job.
I have a friend who's Jewish, and he confessed to me one time that he often felt very singled-out. Anyway, it was a big deal for him, and he often felt very alone at college. One time when we were talking about this (he was feeling especially down that day), I asked him why he went where he did instead of a place like Brandeis, where he'd be in the majority. And he told me that he did it because he needed to learn to live in the real world, where Jews are often few and far between. Going to Brandeis would be more fun, he said, but he'd have to make the transition sooner or later - and better to make it when all your expenses are still paid by your parents, instead of when you're living truly on your own for the first time.
It struck me as a very wise point of view to have. And it's one I think applies here. You can go with single-sex classes, sure. But once these women graduate, they're going to be in environments where, quite often, they are the only women in the department or on the shift. If they can't take that, well, it's better to find out before you dump $40k+ getting an education in a field where you won't be working.
It's way more of a problem outside the States than in it, simply because nobody here drives stick any more. It's mainly a commentary on our attitude toward cars, sadly, which is why all the good ones come from Europe: Americans think of cars primarily as a means of getting from A to B. For those of us who think of the car not as a means, but an end... we learn to drive stick and make denigrating remarks to our loser friends who only know how to drive automatics. (Though in reality this makes us secretly relieved, since we know they will never ask to drive our expensive German sportscars and we will not have to embarrass them by explaining in detail why they couldn't handle a Real Car.)
Ah, but this is the way gun control is being pursued. Gun manufacturers are being sued and put on trial for the actions of sociopaths who buy their products. The argument is that certain types of guns have no legitimate purpose outside of crime, and so the manufacturers are profiting off an illegal enterprise. Sound familiar? You can't but fully-automatic weapons any more, or so I understand; but there are several semiautomatic guns out there which can, with a few modifications, be made fully automatic. So there's considerable hand-wringing not just over automatic weapons, but also semiautos which can be turned into autos; but the NRA is too powerful to ban those entirely, so they just want to get rid of the equipment needed to make the transformation.
The situation is more directly analagous than you might think. (Note that I'm fairly undecided on the issue, myself. I dearly wish I could own a Colt M4A1, presumably because I am insecure in my manhood or played too much CS back in the day, but I certainly don't feel I have a need for a gun.)
I wouldn't call that "inexpensive." I just bought four 160GB SATA drives (best dollar/GB ratio at the moment), a 3ware SATA RAID controller, and a 4U SuperMicro case with 7 hot-swap SATA bays. Total cost was about $1200, or about $2.67/GB. With an 8-port controller instead, and 7 disks, that would put the total cost at about $1650, or $1.72/GB, for 960GB (1120GB if you count the parity drive).
For a simple home mass storage solution, I'd go with whatever's cheapest. The XServe might be a joy to manage in a data center, but it's overkill for a problem like this.
That's a very good point, and you're right, it is a bit of a myth. I like your last scenario the best. But as far as contract programming goes, remember that there are a finite number of tasks which need doing, and only a small subset of those are viable targets for open source. So yeah, I can write some piece of software that helps me employer and open source it; but if it's so geared to my employer's specific requirements and line of business, it's not going to be of use to anyone. So really, it's de facto no different from a regular old internal, private app.
You can see a bit of a recognition of this problem in the software industry too, or at least you could before OSS started savaging its bottom line. Microsoft have been talking about subscription-based models for years because they don't think they can get people to keep buying their stuff any more. Windows 98 does everything most people need it to, so they aren't pressed to upgrade; but MS have to spend considerable resources continuing to support that platform. So they get their big one-time profit at the moment of purchase, but after that they get almost nothing. If people stick with 98 long enough, MS start losing big cash (relatively speaking). This is what I worry about when I think of the OSS business model: aside from services, it seems like the money might be severely front-loaded. So right now it works, because there's a crapload of innovation and new products. But in five years, when most of the critical apps have already been written? Will we see enough new (or at least newly discovered) needs to offset that?
1 : Red Herring. People who receive this treatment are generally whining or complaining. That's a way to shrug them off, because developers have no time to waste with such people. People who want to help post on bugzilla, explain to the author, tell him about the problem, without feeling compelled to say that the product "sucks".
That's certainly the case sometimes, but not always. Several times I've gotten the "You want it, you write it" reply when requesting new features, like supporting a database other than MySQL. If the developers would reply "I just don't have time to add this feature, I have to focus on supporting the stuff most people have or prefer," that's fine. I understand that many people are doing these projects in their free time. But many developers, in my experience, get extremely huffy when you suggest that something could be done better a different way. They take it as a personal attack. Then usually they get on their high horses about "You wouldn't have anything if not for me, and you'll get what features I want and you'll damn well like it."
It's hardly unique to the OSS world, as it's a human failing. I think it's mainly that, in the OSS world, you have more direct access to the actual developers, and because they write their programs for free they tend to identify more with them. So any complaint about the program is interpreted, by the developer in this case, as an attack on the developer himself. Probably Bill Gates feels the same way when we talk shit about Windows (or Microsoft), believe it or not. I don't think anyone doubts he has a big emotional attachment to his company and its flagship products.
2 : Never in the explanation did he explain why Open Source doesn't allow you to go under the hood. YOU CAN. That's a fact. If you don't, that's no fault of Open Source (or Free Software)
He doesn't say that it doesn't allow you. He says that, in practice, most projects are sufficiently complex that most people are unable to. There's always a big startup cost involved in learning a new program. The bigger the program, the biggest the cost. While compartmentalization using libraries in such will help reduce this, if you don't know the libraries either, you're still looking at a big expenditure of time. And most of us have jobs and other priorities.
So it's not that you can't dig in and modify the code. It's that 99.995% of Linux users lack either the ability or time to do so. The "You can modify the source, so it's better" argument isn't wrong; it's just misleading.
3 : classic misunderstandig. We're talking about freedom here, not gratis. Stupid really, as all he says is then offtopic.
No, the misunderstanding is on your end. He explicitly mentions the classic example of how to make money off free (as in speech) software: services. He also points out, quite correctly, that there's no way for an individual or small group to make any money off this. If you and a buddy write some great app, how on earth are you going to make money off it? A tiny company hasn't got the resources to provide "services" the way IBM or RedHat can.
I mean, think of all those shareware games that the Mac people keep trotting out as examples that gaming on their platform doesn't suck. Those people wouldn't be able to make those games if they were open source. The market for services is too small, and even if there were one, the developers wouldn't have the manpower to provide it.
4 : I've never heard this one. Clearly, nobody sane would state that. Perhaps he forgot the word "often" in the sentence.
He's discussing myths, after all. If he said "often," then it wouldn't be a myth.
On #5, we agree.
6 : Even if people choose for you, more choice is always better (think monopoly). Even more stupid. Having more choice doesn't preven
A director and former executive VP of Intel also wrote an editorial, for the Wall Street Journal no less, bringing up mostly the same points. He's concerned that even stuff like CPUs could be considered "inducements" under this bill. He doesn't think that would ultimately fly in the courts, but he says it would have a really chilling effect on innovation. He used Intel as an example. If this bill had been around back when Intel were starting out, they might not have been able to get investment because of legal concerns. So it doesn't even matter if anyone actually prosecuted under the bill: its mere existence would be enough to discourage investment and innovation.
The mere fact that Wired and the WSJ are both running stories against this bill suggest it has zero chance of ever passing. But it's nice to see a traditional print newspaper warm to some of the issues near and dear to nerd hearts.
Slashdot Mirror
Well, I guess they need to do it to combat the systematic infiltration of our nation's educational systems by Democratic pot-smoking radicals, who as we all know are trying to corrupt our youths into sharing their absurd moral relativism and casual attitude toward sex. So in the end it'll be a battle between the military and the nation's stoned and post-coital youth. (I think the Republicans might win that one.)
Go ahead and mod me flamebait, because I am. (Well, I tried to be a little funny too. I don't believe a word of my second paragraph, but you know it's a popular conspiracy theory among some Republicans.) But it boggles the mind that anyone could possibly be so insanely paranoid as to buy Superjhemp's last paragraph, and at least 3 people are. Well, maybe I should give the mods the benefit of the doubt; I was totally on board with him until his concluding "theory." But still!
I have no objection to preloading per se. Well, it does use up my bandwidth, hard drive space, and CPU power for something which is going to remain useless for at least another month. But my main objections are security concerns and the lack of a CD image.
Considering that I don't really gain anything from doing this, I'm not going to. I'll just go buy the game when it comes out, or a week later, or whatever. Any excitement I had for HL2 has been wiped out by Steam, the constant delays, and Valve's treatment of its paying customers. I think that's why you see all the bashing: people are pissed because they feel Valve are treating them like shit since they know we'll buy HL2 no matter what they do. It doesn't have anything to do with preloading, but anger will find expression where it will, not necessarily where it makes sense.
In short, find a hosting company with a lot of Windows servers nearby IP-wise. This is, sadly, not a troll or flamebait, it's my experience. Apache is not what you have to worry about, it's scripts you run. Every single non-targeted exploit of a Unix machine I've seen (that is, compromises that don't target a particular site or person) has been the result of a buggy script. And usually a script that's installed on a ton of systems, so the hackers can compromise many machines with the same attack. Most of them are looking for warez dump sites or launching points for DDoSes. It's not worth their time to target individuals.
I, personally, can think of a couple uses for this sort of technology. I know of at least one really awesome way I could use it at work (spotting compromised servers based on nmap scans, which is currently very difficult for a variety of reasons). I imagine marketing, sales, and management folks could think of a hundred more, since they also tend to work with huge volumes of structured data - so much data that it's tedious, error-prone, or flat-out impossible to go over it by hand. Specialized solutions exist, no question, but they are, of course, specialized. Wouldn't it be great if you could use one program to do it all? That's what Google has done for Internet searches.
I don't want this to turn into a diatribe against the UN, but don't ever mistake it for a neutral, impartial, or unbiased agency. That's the exact opposite of what it is. It's more like the sum of all the biases and partisanship in the entire world, and it just happens that most of them cancel each other out via all the elaborate balances in the system.
Imagine that the next versions of SQL Server and Exchange both rely on WinFS. If people aren't using WinFS, they won't be using SQL Server and Exchange. That's a big, big problem. I mean, look at the open source world. How many apps are there which really take advantage of all the features present in XFS, JFS, and ReiserFS? Almost none. It's because they have a history of dubious reliability, so people (and hence distros) have been slow to adopt them. That's precisely what MS are afraid of. They can't roll out WinFS until they know it's reliable enough that people won't be afraid to take advantage of its new features.
And don't forget that this is not an evolution of NTFS or FAT, it's a completely new animal. Not just in the data structures that are stored on the disk, but in the whole concept of what a filesystem is and how it's to be used. The fact that it's all new code makes it hard to debug; the fact that it's a new paradigm (apologies) makes it almost impossible. How can you know the new features are bug-free if there are no programs which use the new features?
Well, next time buy a DVD player that you know will be compatible. There are review sites on the Internet rating how well players do with different media types. They also list features, like support of strange-bitrate VCDs and SVCDs, DVD-on-CD, etc. An invaluable resource. That's how I decided on mine, and wouldn't you know, when it arrived (after being ordered sight unseen) it had a sticker on it saying "Plays DVD+/-R/RW discs." (And it does, though it's pretty sensitive to scratches. In my experience, much like all consumer electronics and recordable media.)
And yeah, you'd better believe it happens. The BSDs use a similar approach called SoftUpdates (basically odrered writes). If power craps out in the middle of a write, you will have corruption. The main advantage is that, because writes aren't scattered all over, you only lose the file(s) you were most recently working on. This focuses the damage, it doesn't reduce it at all.
And yet the RFID-enabled badge I use to open doors at work needs to be 1 inch away from the wall-mounted sensor. Perhaps if I carried a package of condoms in my khaki pants to work...
All I need is a sketch of the action. Play-by-play and a little imagination will fill in the details. I'm sure I'll miss some things, but if all I get is an AP-written game summary, I'll miss all of them. The excitement of seeing a game-winning home run live can't compare to the excitement of reading about it the next day.
But even then, there are legitimate needs for supercomputers. A traditional PC-based server solution will address probably 99% of all problems. An inexpensive cluster will get you 99.9%. But there's that remaining 0.1%, and that's the target audience for whom Cray and similar companies exist.
The fact that PCs can be used almost unmodified to create supercomputers and high-speed clusters is remarkable, and says tremendously good things about the flexibility and power of the architecture as a whole. But there are just places it can't go, not yet. For example, you know how you never get 99% efficiency with 100 megabit ethernet? You're lucky to get 70% with gigabit, and 50% is a pretty common figure. PCI-X, at least at the speeds we're talking about here, is so rare now that it's hardly cheaper than custom supercomputer-style solutions - effectively because it is a custom supercomputer-style solution. I don't think we'll ever see common systems, even midrange servers, with more than one 16X PCI-X slot.
I really think this is what Cray mean here. Not that Linux-based clusters have no use, but that there is still a significant market for which they are suboptimal. And, in all probability, will always remain suboptimal. However fast PCs get, however popular PCI-X and similar high-speed buses become, supercomputers will just get faster to match... and computational problems will get harder to go along with them. I just don't see the need for supercomputers, at some level, ever going away.
(I hope people find my comment useful in some way. I elected to post it rather than mod down the idiot posting flamebait about Macs in reply to you. And here's hoping people don't interpret this as karma whoring, since usually if you say "This will get modded down" it doesn't. But... oh, hell. I don't even know which Slashdot rule of thumb applies to my post at this point.)
Another common type of attack, though not spam-related, is the Distributed Relay Denial of Service. A recent Slashdot story covered the Politically Conceived Denial of Service.
And let's not forget the Systemwide Offensive Linking All Remote Internet Sites, a truly ghastly crime against nature, itself second only to the destructive powers of the terrorist organization known as the Society for the Literal Annihilation of Sites Hosting Data Oriented to Technology (motto: Nothing Ever Withstands the Society; Fear Our Response. Now Eventually Readers Duplicate Stories, Stories That Unfortunately Flopped the First Time, Horribly. Although Taco May Attempt to Tend Things, Evil Results Somehow.)
This message brought to you by the Key Atomic Benefits Office of Mankind.
Popup blockers are real popular. Ad blockers aren't. That's because most people are reasonable and understand that ads are necessary to keep the Internet free, or at least very cheap. But if they keep pushing... This applies to the non-virtual world, too (Spider-man on first base). We'll only tolerate so much, even when we accept that much of the world is ad-driven.
I'd also like to point out that #7 is the main reason we need #3. That is, if you didn't include the PDF manual on the game CD, it would be a major selling point.
So, very simply, collisions are when a hash function takes two different input keys and produces the same hash for both as output. Going with our English-language library example from above, "Stevenson, Robert Louis" and "Sheridan, John" would both produce the same hash ("S"). That's all there is to a collision. They are inevitable when you take longer strings and turn them into shorter ones.
Now what this has to do with security may be becoming clearer. Because SHA1 and MD5 are good, general-purpose algorithms, they are used in lots of places. They are used to store your password. (You enter your password, the system runs MD5 or whatever against it, then stores that. When you need to verify your password, it runs the same process and compares the hashed versions.) They are also used as "digital signatures" to verify that the content of an object hasn't changed. And they are, of course, used in hash tables with a lot of disparate entries.
But this is genuinely not something you should be worried about. Like I said, collisions are inevitable. But the computational effort required to find one is far from trivial. It's much easier for someone to crack your password using a dictionary-based attack or social engineering or pretty much anything else, at least for now. When you should worry is if someone finds a way to take a hash and use that to produce something which, when hashed again, will result in the original: that is, two-way hashing. MD5 and SHA1 are both allegedly one-way hashes, so you cannot ever go from the hash to any sort of original data. This is why they're secure for passwords and the like. But if that should turn out to be wrong...
I can't speak much to specifics about MD5 and SHA1 because I don't really have the background in math to do so. (I have the background to write a computer program implementing the algorithms, but I can't explain why they work so well.) MD5 is older and has been suspected to be not-so-good for a few years now. SHA1 is newer and better. That's about all I can tell you.
Forgive me for the glorified "me too" post.
In any event, it's obvious this is not a cure-all since it won't block outgoing connections. But it's still a big improvement and ought to immunize XP users against at least one class of attacks. In fact, coupled with a virus (especially an email virus) scanner it ought to wipe out 99.95% of all Windows desktop compromises. That's a pretty damn big step and we should credit MS for taking it, even if it doesn't go quite as far as we'd like.
In some cases, also, the danger is not always clear. In the 60s it was obvious that space flight was dangerous. Everyone knew it. But after 40 years, it's become so commonplace to us that it takes a disaster to make us realize this isn't the same as driving to work every day. It's like the whole 9/11 firefighter thing. We all consider them heroes now, years after the fact; but as time passes and there are no more national catastrophes, the memory fades until eventually it'll be Just Another Job.
It struck me as a very wise point of view to have. And it's one I think applies here. You can go with single-sex classes, sure. But once these women graduate, they're going to be in environments where, quite often, they are the only women in the department or on the shift. If they can't take that, well, it's better to find out before you dump $40k+ getting an education in a field where you won't be working.
It's way more of a problem outside the States than in it, simply because nobody here drives stick any more. It's mainly a commentary on our attitude toward cars, sadly, which is why all the good ones come from Europe: Americans think of cars primarily as a means of getting from A to B. For those of us who think of the car not as a means, but an end... we learn to drive stick and make denigrating remarks to our loser friends who only know how to drive automatics. (Though in reality this makes us secretly relieved, since we know they will never ask to drive our expensive German sportscars and we will not have to embarrass them by explaining in detail why they couldn't handle a Real Car.)
The situation is more directly analagous than you might think. (Note that I'm fairly undecided on the issue, myself. I dearly wish I could own a Colt M4A1, presumably because I am insecure in my manhood or played too much CS back in the day, but I certainly don't feel I have a need for a gun.)
For comparison, your XServe prices come to:
1.00TB: $5.27/GB
1.75TB: $3.77/GB
3.50TB: $2.76/GB
For a simple home mass storage solution, I'd go with whatever's cheapest. The XServe might be a joy to manage in a data center, but it's overkill for a problem like this.
You can see a bit of a recognition of this problem in the software industry too, or at least you could before OSS started savaging its bottom line. Microsoft have been talking about subscription-based models for years because they don't think they can get people to keep buying their stuff any more. Windows 98 does everything most people need it to, so they aren't pressed to upgrade; but MS have to spend considerable resources continuing to support that platform. So they get their big one-time profit at the moment of purchase, but after that they get almost nothing. If people stick with 98 long enough, MS start losing big cash (relatively speaking). This is what I worry about when I think of the OSS business model: aside from services, it seems like the money might be severely front-loaded. So right now it works, because there's a crapload of innovation and new products. But in five years, when most of the critical apps have already been written? Will we see enough new (or at least newly discovered) needs to offset that?
That's certainly the case sometimes, but not always. Several times I've gotten the "You want it, you write it" reply when requesting new features, like supporting a database other than MySQL. If the developers would reply "I just don't have time to add this feature, I have to focus on supporting the stuff most people have or prefer," that's fine. I understand that many people are doing these projects in their free time. But many developers, in my experience, get extremely huffy when you suggest that something could be done better a different way. They take it as a personal attack. Then usually they get on their high horses about "You wouldn't have anything if not for me, and you'll get what features I want and you'll damn well like it."
It's hardly unique to the OSS world, as it's a human failing. I think it's mainly that, in the OSS world, you have more direct access to the actual developers, and because they write their programs for free they tend to identify more with them. So any complaint about the program is interpreted, by the developer in this case, as an attack on the developer himself. Probably Bill Gates feels the same way when we talk shit about Windows (or Microsoft), believe it or not. I don't think anyone doubts he has a big emotional attachment to his company and its flagship products.
He doesn't say that it doesn't allow you. He says that, in practice, most projects are sufficiently complex that most people are unable to. There's always a big startup cost involved in learning a new program. The bigger the program, the biggest the cost. While compartmentalization using libraries in such will help reduce this, if you don't know the libraries either, you're still looking at a big expenditure of time. And most of us have jobs and other priorities.
So it's not that you can't dig in and modify the code. It's that 99.995% of Linux users lack either the ability or time to do so. The "You can modify the source, so it's better" argument isn't wrong; it's just misleading.
No, the misunderstanding is on your end. He explicitly mentions the classic example of how to make money off free (as in speech) software: services. He also points out, quite correctly, that there's no way for an individual or small group to make any money off this. If you and a buddy write some great app, how on earth are you going to make money off it? A tiny company hasn't got the resources to provide "services" the way IBM or RedHat can.
I mean, think of all those shareware games that the Mac people keep trotting out as examples that gaming on their platform doesn't suck. Those people wouldn't be able to make those games if they were open source. The market for services is too small, and even if there were one, the developers wouldn't have the manpower to provide it.
He's discussing myths, after all. If he said "often," then it wouldn't be a myth.
On #5, we agree.
The mere fact that Wired and the WSJ are both running stories against this bill suggest it has zero chance of ever passing. But it's nice to see a traditional print newspaper warm to some of the issues near and dear to nerd hearts.
Oh, here's the link to the WSJ article, but it probably requires (pay) subscription.