They are atheros based, so there's the issue of occasional wireless drop-outs that may be fixed in openwrt snapshots (check svn changelog for late November '11), but that's a lot better than the wndr4500 and other broadcom SOC devices that are proprietary and difficult to reverse engineer.
Also, the wndr3700 is hard to brick, and easy to tftp to. There are similar atheros-based devices like the buffalo wzr-hp-g300nh (2.4GHz-only) and ag300nh (2.4 + 5 GHz), but they're harder to flash and maybe have quality control problems on transmit power (some people complain).
I think the point is that the pharma/food industries generally aren't recruiting kids to produce propaganda like flu shot or Got Milk PSAs. The media giants, in contrast, generally don't have as many scruples.
The media industry is more desperate than those other industries. It doesn't matter whether you're for copyright or against it, virtually everyone without a large vested interest is against current absurd copyright terms, anti-circumvention, ACTA, etc. So the people trying to create propaganda supporting current copyright laws are desperate to expand their "piracy is theft" meme, and one of the things desperate people do is use non-rational means to persuade people.
This is not so much about creating an anti-piracy PSA (they could hire a media firm to do it for 5 figures, which is peanuts), but rather to indoctrinate the children into the belief that piracy is bad by enticing a bunch of young impressionable kids to regurgitate the industry's talking points.
(Unrelated, but worth noting since you brought it up: Trying to counter the Got Milk stuff could run into food libel laws.)
"Pulls just a little power" for a desktop computer maybe, but compared to embedded wireless routers that are going to draw 5-15W (good ones closer to 5, I put 15W because the at&t 2wire uverse proprietary box draws something like 16-17W), or even an atom system which will probably draw 20-30W, it'll pull many times that. The good old wrt54gl I have pulls 2 to 3 watts.
Figure 1W is roughly $1/yr in costs (+- 10-20% depending on your energy provider), if you don't need more capability than a wireless router provides, even if you already had old hardware, you're likely to pay more over a couple years to power a headless desktop box than you would to pay retail for a wireless router + power. A modern video card at idle will draw about the same order of magnitude of power as an entire embedded router, too.
Do not say anything. Tell them to fuck off and don't address in particular or in general anything they alleged.
The *only* time you open your mouth to an agency (public or private) that is investigating you, whether it's the IRS, police, feds, or the BSA, is through a lawyer. That would typically take the form of a *response* to a demand letter.
A consultation and getting a response letter written by a good lawyer may run you circa $1-2k, but if the alternative is getting sued by the BSA or shutting down your company, it may be worth it.
You are infringing on my client's patent 2938562906716 relating to a method by which CEOs can maximize shareholder value by settling frivolous patent lawsuits for less than the cost of a full legal defense.
We are prepared prepared to defend our patent all the way to the Supreme Court if necessary.
My client wishes to advise you that in order to settle this lawsuit, you will have to pay an additional $500,000 in royalties for using his patent.
I trust we will be receiving a check from you soon.
Double NAT works tolerably well if you set up your interior router as DMZPlus under the 2wire router config. DMZplus eats incoming ICMP traffic, so if you have MTU problems on your vpn link, the link may appear to be dead, but you can probably fix it by manually reducing the vpn's mtu. VOIP shouldn't be a problem; SIP uses tcp/udp so you can forward that through like any other app even if you don't use DMZplus.
The 2wire routers also have horrible routing capability, so getting a static IP block is a bad idea, and the 2wires are also very picky about what's on their local layer-2 network. Plugging a device onto the 2wire's visible ethernet (i.e. not behind another router) and giving the device multiple IPs, or switching its IPs, is a great way to confuse the 2wire router. The firmware was written by morons.
Recommendations for 2wire router users: get another router (my current favorite is the buffalo wzr-hp-g300nh, 32mb flash 64mb ram, comes with branded dd-wrt and can be easily flashed with openwrt). Put that router behind the 2wire in dmzplus mode. Connect a switch to the interior router and connect everything to that.
The only things that need to be on the 2wire's local layer 2 lan are the interior router and the uverse cable DVR if you get TV as well (and if you get voip through uverse then you probably need that on the 2wire's ethernet domain too).
#!/usr/bin/ruby # I would have put this on github, but first it's horrible code and second I don't want my slashdot identity linked to my github one. # create database 2wire; use 2wire; # create TABLE readings (timestamp TIMESTAMP DEFAULT NOW(), port INT NOT NULL, txbytes BIGINT, rxbytes BIGINT, txpackets BIGINT, rxpackets BIGINT, txerrors BIGINT, rxerrors BIGINT, primary key `dateport` (timestamp, port));
series = `curl -s 'http://172.16.0.1/xslt?PAGE=C_2_0'`
(activeport, activeline) = [ nil, nil ] data = Array.new
series.each_line {|line|
if activeline == 4 then activeport = nil; activeline = nil end
if activeport then
line =~/.*([0-9]*).*/
$1 == "--" ? value=0 : value=$1.to_i
data[activeport].push value
activeline += 1
elsif line =~/rowlabel.*Port ([0-9]+) / then
activeline = 1
activeport = $1.to_i
data[activeport] = Array.new if data[activeport].nil?
end }
1.upto(data.size - 1) {|port| # remember data is a zero-based array, but the ports from 2wire are positive integers
(txbytes, txpackets, txerrors, rxbytes, rxpackets, rxerrors) = data[port]
`mysql 2wire -e "INSERT INTO readings (port, txbytes, rxbytes, txpackets, rxpackets, txerrors, rxerrors) \
VALUES (#{port}, #{txbytes}, #{rxbytes}, #{txpackets}, #{rxpackets}, #{txerrors}, #{rxerrors})"` }
512MB? What kind of a joke is that? My two older boxes (2-3.5 years old) both have 8GB, and this one has 12GB and is about to get upgraded to 24GB.
The last computer I had with 512MB was a p3-1ghz back in 2001. At the same time I built a dual p3-1ghz with 1GB ram, so 512MB was the lower end of what was acceptable even back then.
I have trouble believing a modern browser (chrome or FF) could even run on a system with 512MB ram. That system must swap a lot.
Great. A duopoly instead of a monopoly. I feel SO much better.
Unfortunately, for wired, there is no competition with Vzn. I can't get Verizon's fios where I live; it's either AT&T's capped uverse, AT&T's capped DSL, or comcast's capped cable.
I suppose you haven't seen Ann Druyan (Sagan's ex-wife) or Carolyn Porco (Sagan's inspiration for the "Ellie" character in Contact) speak on the subject of science vs religion. They are a) rational; b) passionate about science; c) great communicators. You can't ask for more, from a man or a woman.
The problem is that students (and people generally) are not entirely rational. A clever rhetorician can make science out to be a joke, while making their religion seem like the one true path. This bill is the beginning of a conversion of educational institutions into churches. Slick religious speakers will slowly worm their way into education under the guise of being "creation scientists".
And by "religion" and "church" I'm referring to the sort that promote the idea of personal gods. Deism and other nebulous religions (particularly some notable Eastern religions) where "God" is isomorphic to "Nature" or "Laws of physics" I have no real complaint with, other than that their followers sometimes don't realize that those are isomorphic.
The American adversarial criminal-law system could use some serious adjustments, but the way it stands now, the government will do everything it can to put Manning in prison for a suitably long period of time so the gov can claim a political win. Federal judges are not likely to stand up for justice, either.
The only chance Manning has of even a small amount of justice is to be represented by a good legal team. That requires lots of money, in the U.S. Justice is not only about whether the jury reaches the correct verdict. It is also about whether there is an effective advocate for both sides, and a fair arbitrator. In the U.S., the fairness of a particular judge can vary quite a lot, so the only way to ensure a little bit of justice is to have the most effective legal defense team you can put together.
This has nothing to do with whether Manning is guilty or innocent. It's about the U.S.'s failboat legal system, and Paypal deciding unilaterally (or more likely with some pressure from.gov stooges) to make it harder for any voice other than the government's voice to be heard adequately at trial.
There is also much more than just whether Manning is guilty or innocent. Even if we all stipulate to illegal actions Manning allegedly took to release classified information, there's the matter of appropriate punishment, which cannot be decided without a fair and equitable legal process.
The government will spend millions if not tens of millions prosecuting Manning. To deny Manning the ability to raise funds for his defense is a miscarriage of justice. If Paypal had an ounce of civic awareness, they would realize this, but sadly they appear to care only about publicity and government pressure.
What does IRV have to do with the discussion in this thread branch, which is about Approval Voting vs a Condorcet Variant (Schulze, specifically)?
IRV for single-winner elections is broken in similar ways to Plurality Voting, which is why you hear those complaints. They're just as true in IRV as they are in Plurality (first-past-the-post) voting. What IRV does is give the illusion that 3rd parties are better represented. Both encourage strategic voting which marginalizes alternative candidates.
IRV for multi-winner elections isn't quite so bad, but it still makes no sense to use it compared to other superior methods that can be used for both single- and multi-winner elections.
Obviously we have a hacker at SourceForge, climbin' in your cvs, snatchin' your projects up, tryin' to infect them so y'all need to sign your commits, switch to git/hg, sign your commits, switch to git/hg, sign your commits, switch to git/hg... hide your binaries too, cuz they're infecting everything out here...
A study using proper sampling wouldn't necessarily mean anything, either.
Software project A could have more vulnerabilities than project B. If attackers are more interested in B for some reason, maybe it's more popular or the sites running it are more interesting, B could have more "discovered" vulnerabilities.
A correct study would have to pay someone to do a thorough security audit of source code for n major open source and closed source software projects, which would be extremely expensive, and getting that many NDAs from major closed-source companies would be difficult.
Only a government or some large corporation could pay for that. I think I recall reading that simply doing a FIPS validation of openssl (or was it mozilla's nss?) would have cost around 1-2 million dollars if they hadn't been an open source project and had free help from various entities. And FIPS certification is a functional audit, not a security audit.
A lot of drupal code is written by professional developers and web designers/consultants who build drupal sites for clients. It is more rarely a hobby. When modules are unmaintained, it's usually because it was a one-off module for a site, and the module didn't turn out to be useful for other sites. Maybe the developer or client realized it wasn't even good for the site it was intended for.
Not as much work as dealing with traditional RAID arrays. I end up having to RMA and/or replace a few disks a year, and while software raid keeps me from losing data in almost every case, it's a PITA. I'd much rather have that stuff managed automatically by a distributed filesystem. The next external disk enclosure I build is going to be part of a ceph filesystem or something similar. Then I'll reformat my recently built external 6TB raid-6 array and add those to the unified (e.g. ceph) filesystem as well.
In the last year and a half (all of these are SATA, none more than 3 years old):
- An older seagate in my windows box had its power connector catch fire. - A 1TB WD green drive started failing SMART self-tests soon after installation. - The other 1TB WD green drive (twin of the one that failed) has a few offline uncorrectables, but I'm not in the mood to replace it yet. - Both of a pair of 1.5TB seagates (7200.10) are on the fritz; the controller returns errors and resets one or the other every few hours - neither drive gets kicked out of the raid array, but it freezes disk access to the array for 10-20 seconds which has been extremely aggravating. I'm in the process (slowly) of moving data from them onto a newly built external 6TB raid-6 array. - One of a pair of new 1TB WD blacks in my (several month old) main workstation last week started making horrific scraping noises and failing SMART checks. (I'm replicating that raid-1 array to a third replacement disk as I type this, and then the broken one is getting RMA'd).
It's too much management overhead to deal with these failures piecemeal. The future for large low-maintenance storage arrays is to use something like ceph or Isilon's (commercial) OneFS to automatically manage redundancy to avoid data loss, while allowing full use of disks of any size.
Compared to zfs, which is the only other quasi-mainstream filesystem that has copy-on-write (which gives snapshots for free) and data checksums, btrfs is almost always faster. Most of btrfs's slowness is due to those two features. Comparing ext4 speed to btrfs speed is not fair unless you disable both with -o nodatacow.
Without COW and checksumming, btrfs is closer to ext4. Even so, except for applications that are reading or writing massive amounts of data, I'd rather have data integrity and SSD wear leveling and free read-only snapshots instead of maximum speed.
By that reasoning, almost nobody is a vegan or vegetarian. There's plenty of insect contamination of processed foods in the U.S. and Western Europe, too.
Far from being dismayed that it wrecks the purity of my nominally vegan diet -- one of the staples of my diet is Kashi cereal for breakfast -- I'm thrilled that I'm getting at least a little bit of extra protein, nutrients, and B12 from that contamination.
I pretty much agree with you that going vegetarian or vegan can be dangerous, and I'd eat whole insects if they were available. However, it does not have to be dangerous. Anyone with access to a western-style grocery store with a wide variety of produce can develop a very healthy diet while sticking to nominally vegan products with only trace amounts of insect parts and rodent droppings. The only issue in a sufficiently varied vegan diet is B12 (since it's only produced by bacteria in the guts of animals*), which is available in a ton of nutritional supplements (particularly as even omnivores are cutting back on meat consumption). It's now even being added to a variety of non-meat non-dairy products... I see it all the time as an additive in soy milk.
The problem with the Asian "vegetarian" diets you cite is not that they're vegetarian, but that they're not varied enough. They have only one or two types of grains and legumes, typically, only a few staple fruits and a few staple vegetables. Furthermore, regional lack of variety in nutrients in the ground might lead to deficiencies in nutrients even in more well-balanced diets. While "green" foodies object to consuming fruits and vegetables that are not locally produced, one thing that does do is help provide a more varied trace mineral profile.
* There was some indication that certain algae may produce a form of B12 that's usable, but I don't know if that's been confirmed.
Nonsense. Most people can survive just fine long-term on a reasonably balanced vegan diet. If you're getting skin sores after a week there is something wrong with you and you should see a doctor. Most people can survive on water for a week without developing such serious problems. The immune system in normal people does not break down so severely after a week of poor nutrition, even assuming your vegan diet is poor. It's worth noting that going vegan does not mean cutting out meat. For the majority of westerners, whose diet already consists primarily of meat, sugar, and fat (oils of various kinds), cutting out meat would indeed be catastrophic long-term (though not after a week). A good vegan diet means cutting out meat, but also going out of your way to eat a variety of fruits and vegetables and seeds, nuts, and whole-grains, when you didn't before.
Vegetarians do not eat chicken by definition. If they eat chicken caesar salads or fish, they are by definition not vegetarians.
Vegetarians who eat fish are pescatarians, not pescapalians.
Slashdot Mirror
Oops, the dual band buffalo is wzr-hp-ag300h, not -nh.
Atheros:
Netgear wndr3700v1: 8MB flash, 64MB ram
Netgear wndr3700v2: 16MB flash, 64MB ram
Netgear wndr3800: 16MB flash, 128MB ram
Buffalo wzr-hp-g300nh: 32MB flash, 64MB ram (more chance of a lemon than the netgear wndr series)
Buffalo wzr-hp-ag300h: 32MB flash, 128MB ram
Broadcom
Netgear wndr4000: 8MB flash 64MB ram (BCM4718 ?)
Netgear wndr4500: 128MB flash 128MB ram (BCM4706 ?)
Linksys/Cisco e3000: 8MB flash 64MB ram (BCM4718 ?)
Linksys/Cisco e4200: 16MB flash 64MB ram (BCM4718 ?)
The ciscos from what I've read are very picky about nvram size.
wndr3700 or 3800.
They are atheros based, so there's the issue of occasional wireless drop-outs that may be fixed in openwrt snapshots (check svn changelog for late November '11), but that's a lot better than the wndr4500 and other broadcom SOC devices that are proprietary and difficult to reverse engineer.
Also, the wndr3700 is hard to brick, and easy to tftp to. There are similar atheros-based devices like the buffalo wzr-hp-g300nh (2.4GHz-only) and ag300nh (2.4 + 5 GHz), but they're harder to flash and maybe have quality control problems on transmit power (some people complain).
...is actually 3.0.6. kernel.org is back up but it's not updating properly.
I think the point is that the pharma/food industries generally aren't recruiting kids to produce propaganda like flu shot or Got Milk PSAs. The media giants, in contrast, generally don't have as many scruples.
The media industry is more desperate than those other industries. It doesn't matter whether you're for copyright or against it, virtually everyone without a large vested interest is against current absurd copyright terms, anti-circumvention, ACTA, etc. So the people trying to create propaganda supporting current copyright laws are desperate to expand their "piracy is theft" meme, and one of the things desperate people do is use non-rational means to persuade people.
This is not so much about creating an anti-piracy PSA (they could hire a media firm to do it for 5 figures, which is peanuts), but rather to indoctrinate the children into the belief that piracy is bad by enticing a bunch of young impressionable kids to regurgitate the industry's talking points.
(Unrelated, but worth noting since you brought it up: Trying to counter the Got Milk stuff could run into food libel laws.)
"Pulls just a little power" for a desktop computer maybe, but compared to embedded wireless routers that are going to draw 5-15W (good ones closer to 5, I put 15W because the at&t 2wire uverse proprietary box draws something like 16-17W), or even an atom system which will probably draw 20-30W, it'll pull many times that. The good old wrt54gl I have pulls 2 to 3 watts.
Figure 1W is roughly $1/yr in costs (+- 10-20% depending on your energy provider), if you don't need more capability than a wireless router provides, even if you already had old hardware, you're likely to pay more over a couple years to power a headless desktop box than you would to pay retail for a wireless router + power. A modern video card at idle will draw about the same order of magnitude of power as an entire embedded router, too.
Do not say anything. Tell them to fuck off and don't address in particular or in general anything they alleged.
The *only* time you open your mouth to an agency (public or private) that is investigating you, whether it's the IRS, police, feds, or the BSA, is through a lawyer. That would typically take the form of a *response* to a demand letter.
A consultation and getting a response letter written by a good lawyer may run you circa $1-2k, but if the alternative is getting sued by the BSA or shutting down your company, it may be worth it.
If you use noscript, about 90% (made-up large percentage) of the web is broken or functionally degraded.
No problem. I'll just run GNU Hurd.
Mr. Whitehurst, CEO, Redhat, Inc:
You are infringing on my client's patent 2938562906716 relating to a method by which CEOs can maximize shareholder value by settling frivolous patent lawsuits for less than the cost of a full legal defense.
We are prepared prepared to defend our patent all the way to the Supreme Court if necessary.
My client wishes to advise you that in order to settle this lawsuit, you will have to pay an additional $500,000 in royalties for using his patent.
I trust we will be receiving a check from you soon.
Yours,
Slimy Lawyer, Esq.
Already posted a solution for that.
http://ask.slashdot.org/comments.pl?sid=2120414&cid=36004040
Double NAT works tolerably well if you set up your interior router as DMZPlus under the 2wire router config. DMZplus eats incoming ICMP traffic, so if you have MTU problems on your vpn link, the link may appear to be dead, but you can probably fix it by manually reducing the vpn's mtu. VOIP shouldn't be a problem; SIP uses tcp/udp so you can forward that through like any other app even if you don't use DMZplus.
The 2wire routers also have horrible routing capability, so getting a static IP block is a bad idea, and the 2wires are also very picky about what's on their local layer-2 network. Plugging a device onto the 2wire's visible ethernet (i.e. not behind another router) and giving the device multiple IPs, or switching its IPs, is a great way to confuse the 2wire router. The firmware was written by morons.
Recommendations for 2wire router users: get another router (my current favorite is the buffalo wzr-hp-g300nh, 32mb flash 64mb ram, comes with branded dd-wrt and can be easily flashed with openwrt). Put that router behind the 2wire in dmzplus mode. Connect a switch to the interior router and connect everything to that.
The only things that need to be on the 2wire's local layer 2 lan are the interior router and the uverse cable DVR if you get TV as well (and if you get voip through uverse then you probably need that on the 2wire's ethernet domain too).
Matt Dillon complains about the 2wire router: http://leaf.dragonflybsd.org/mailarchive/users/2011-02/msg00074.html
#!/usr/bin/ruby
# I would have put this on github, but first it's horrible code and second I don't want my slashdot identity linked to my github one.
# create database 2wire; use 2wire;
# create TABLE readings (timestamp TIMESTAMP DEFAULT NOW(), port INT NOT NULL, txbytes BIGINT, rxbytes BIGINT, txpackets BIGINT, rxpackets BIGINT, txerrors BIGINT, rxerrors BIGINT, primary key `dateport` (timestamp, port));
series = `curl -s 'http://172.16.0.1/xslt?PAGE=C_2_0'`
(activeport, activeline) = [ nil, nil ]
data = Array.new
series.each_line {|line| /.*([0-9]*).*/ /rowlabel.*Port ([0-9]+) / then
if activeline == 4 then activeport = nil; activeline = nil end
if activeport then
line =~
$1 == "--" ? value=0 : value=$1.to_i
data[activeport].push value
activeline += 1
elsif line =~
activeline = 1
activeport = $1.to_i
data[activeport] = Array.new if data[activeport].nil?
end
}
1.upto(data.size - 1) {|port| # remember data is a zero-based array, but the ports from 2wire are positive integers
(txbytes, txpackets, txerrors, rxbytes, rxpackets, rxerrors) = data[port]
`mysql 2wire -e "INSERT INTO readings (port, txbytes, rxbytes, txpackets, rxpackets, txerrors, rxerrors) \
VALUES (#{port}, #{txbytes}, #{rxbytes}, #{txpackets}, #{rxpackets}, #{txerrors}, #{rxerrors})"`
}
512MB? What kind of a joke is that? My two older boxes (2-3.5 years old) both have 8GB, and this one has 12GB and is about to get upgraded to 24GB.
The last computer I had with 512MB was a p3-1ghz back in 2001. At the same time I built a dual p3-1ghz with 1GB ram, so 512MB was the lower end of what was acceptable even back then.
I have trouble believing a modern browser (chrome or FF) could even run on a system with 512MB ram. That system must swap a lot.
Great. A duopoly instead of a monopoly. I feel SO much better.
Unfortunately, for wired, there is no competition with Vzn. I can't get Verizon's fios where I live; it's either AT&T's capped uverse, AT&T's capped DSL, or comcast's capped cable.
I suppose you haven't seen Ann Druyan (Sagan's ex-wife) or Carolyn Porco (Sagan's inspiration for the "Ellie" character in Contact) speak on the subject of science vs religion. They are a) rational; b) passionate about science; c) great communicators. You can't ask for more, from a man or a woman.
The problem is that students (and people generally) are not entirely rational. A clever rhetorician can make science out to be a joke, while making their religion seem like the one true path. This bill is the beginning of a conversion of educational institutions into churches. Slick religious speakers will slowly worm their way into education under the guise of being "creation scientists".
And by "religion" and "church" I'm referring to the sort that promote the idea of personal gods. Deism and other nebulous religions (particularly some notable Eastern religions) where "God" is isomorphic to "Nature" or "Laws of physics" I have no real complaint with, other than that their followers sometimes don't realize that those are isomorphic.
Better than nothing, but I don't see any HTTP Strict-Transport-Security: header.
The American adversarial criminal-law system could use some serious adjustments, but the way it stands now, the government will do everything it can to put Manning in prison for a suitably long period of time so the gov can claim a political win. Federal judges are not likely to stand up for justice, either.
The only chance Manning has of even a small amount of justice is to be represented by a good legal team. That requires lots of money, in the U.S. Justice is not only about whether the jury reaches the correct verdict. It is also about whether there is an effective advocate for both sides, and a fair arbitrator. In the U.S., the fairness of a particular judge can vary quite a lot, so the only way to ensure a little bit of justice is to have the most effective legal defense team you can put together.
This has nothing to do with whether Manning is guilty or innocent. It's about the U.S.'s failboat legal system, and Paypal deciding unilaterally (or more likely with some pressure from .gov stooges) to make it harder for any voice other than the government's voice to be heard adequately at trial.
There is also much more than just whether Manning is guilty or innocent. Even if we all stipulate to illegal actions Manning allegedly took to release classified information, there's the matter of appropriate punishment, which cannot be decided without a fair and equitable legal process.
The government will spend millions if not tens of millions prosecuting Manning. To deny Manning the ability to raise funds for his defense is a miscarriage of justice. If Paypal had an ounce of civic awareness, they would realize this, but sadly they appear to care only about publicity and government pressure.
What does IRV have to do with the discussion in this thread branch, which is about Approval Voting vs a Condorcet Variant (Schulze, specifically)?
IRV for single-winner elections is broken in similar ways to Plurality Voting, which is why you hear those complaints. They're just as true in IRV as they are in Plurality (first-past-the-post) voting. What IRV does is give the illusion that 3rd parties are better represented. Both encourage strategic voting which marginalizes alternative candidates.
IRV for multi-winner elections isn't quite so bad, but it still makes no sense to use it compared to other superior methods that can be used for both single- and multi-winner elections.
Obviously we have a hacker at SourceForge, climbin' in your cvs, snatchin' your projects up, tryin' to infect them so y'all need to sign your commits, switch to git/hg, sign your commits, switch to git/hg, sign your commits, switch to git/hg... hide your binaries too, cuz they're infecting everything out here...
A study using proper sampling wouldn't necessarily mean anything, either.
Software project A could have more vulnerabilities than project B. If attackers are more interested in B for some reason, maybe it's more popular or the sites running it are more interesting, B could have more "discovered" vulnerabilities.
A correct study would have to pay someone to do a thorough security audit of source code for n major open source and closed source software projects, which would be extremely expensive, and getting that many NDAs from major closed-source companies would be difficult.
Only a government or some large corporation could pay for that. I think I recall reading that simply doing a FIPS validation of openssl (or was it mozilla's nss?) would have cost around 1-2 million dollars if they hadn't been an open source project and had free help from various entities. And FIPS certification is a functional audit, not a security audit.
A lot of drupal code is written by professional developers and web designers/consultants who build drupal sites for clients. It is more rarely a hobby. When modules are unmaintained, it's usually because it was a one-off module for a site, and the module didn't turn out to be useful for other sites. Maybe the developer or client realized it wasn't even good for the site it was intended for.
Not as much work as dealing with traditional RAID arrays. I end up having to RMA and/or replace a few disks a year, and while software raid keeps me from losing data in almost every case, it's a PITA. I'd much rather have that stuff managed automatically by a distributed filesystem. The next external disk enclosure I build is going to be part of a ceph filesystem or something similar. Then I'll reformat my recently built external 6TB raid-6 array and add those to the unified (e.g. ceph) filesystem as well.
In the last year and a half (all of these are SATA, none more than 3 years old):
- An older seagate in my windows box had its power connector catch fire.
- A 1TB WD green drive started failing SMART self-tests soon after installation.
- The other 1TB WD green drive (twin of the one that failed) has a few offline uncorrectables, but I'm not in the mood to replace it yet.
- Both of a pair of 1.5TB seagates (7200.10) are on the fritz; the controller returns errors and resets one or the other every few hours - neither drive gets kicked out of the raid array, but it freezes disk access to the array for 10-20 seconds which has been extremely aggravating. I'm in the process (slowly) of moving data from them onto a newly built external 6TB raid-6 array.
- One of a pair of new 1TB WD blacks in my (several month old) main workstation last week started making horrific scraping noises and failing SMART checks. (I'm replicating that raid-1 array to a third replacement disk as I type this, and then the broken one is getting RMA'd).
It's too much management overhead to deal with these failures piecemeal. The future for large low-maintenance storage arrays is to use something like ceph or Isilon's (commercial) OneFS to automatically manage redundancy to avoid data loss, while allowing full use of disks of any size.
Compared to zfs, which is the only other quasi-mainstream filesystem that has copy-on-write (which gives snapshots for free) and data checksums, btrfs is almost always faster. Most of btrfs's slowness is due to those two features. Comparing ext4 speed to btrfs speed is not fair unless you disable both with -o nodatacow.
http://www.phoronix.com/scan.php?page=article&item=btrfs_zfs_ssd&num=1
see page 4 for btrfs random write performance, which blows away both zfs and ext4 on hdds.
Without COW and checksumming, btrfs is closer to ext4. Even so, except for applications that are reading or writing massive amounts of data, I'd rather have data integrity and SSD wear leveling and free read-only snapshots instead of maximum speed.
By that reasoning, almost nobody is a vegan or vegetarian. There's plenty of insect contamination of processed foods in the U.S. and Western Europe, too.
Far from being dismayed that it wrecks the purity of my nominally vegan diet -- one of the staples of my diet is Kashi cereal for breakfast -- I'm thrilled that I'm getting at least a little bit of extra protein, nutrients, and B12 from that contamination.
I pretty much agree with you that going vegetarian or vegan can be dangerous, and I'd eat whole insects if they were available. However, it does not have to be dangerous. Anyone with access to a western-style grocery store with a wide variety of produce can develop a very healthy diet while sticking to nominally vegan products with only trace amounts of insect parts and rodent droppings. The only issue in a sufficiently varied vegan diet is B12 (since it's only produced by bacteria in the guts of animals*), which is available in a ton of nutritional supplements (particularly as even omnivores are cutting back on meat consumption). It's now even being added to a variety of non-meat non-dairy products... I see it all the time as an additive in soy milk.
The problem with the Asian "vegetarian" diets you cite is not that they're vegetarian, but that they're not varied enough. They have only one or two types of grains and legumes, typically, only a few staple fruits and a few staple vegetables. Furthermore, regional lack of variety in nutrients in the ground might lead to deficiencies in nutrients even in more well-balanced diets. While "green" foodies object to consuming fruits and vegetables that are not locally produced, one thing that does do is help provide a more varied trace mineral profile.
* There was some indication that certain algae may produce a form of B12 that's usable, but I don't know if that's been confirmed.
Nonsense. Most people can survive just fine long-term on a reasonably balanced vegan diet. If you're getting skin sores after a week there is something wrong with you and you should see a doctor. Most people can survive on water for a week without developing such serious problems. The immune system in normal people does not break down so severely after a week of poor nutrition, even assuming your vegan diet is poor. It's worth noting that going vegan does not mean cutting out meat. For the majority of westerners, whose diet already consists primarily of meat, sugar, and fat (oils of various kinds), cutting out meat would indeed be catastrophic long-term (though not after a week). A good vegan diet means cutting out meat, but also going out of your way to eat a variety of fruits and vegetables and seeds, nuts, and whole-grains, when you didn't before.
Vegetarians do not eat chicken by definition. If they eat chicken caesar salads or fish, they are by definition not vegetarians.
Vegetarians who eat fish are pescatarians, not pescapalians.