which is probably why the financial institution is looking into this project. Way more linux admins than mainframe-qualified systems admins err sysprogs
package management and update/patch distribution do contribute a great deal to a secure system.
Microsoft just happened to flunk this particular aspect of "secure by design"(i.e. applying a patch that reinstalls a component that was removed for security is pretty bad), at least compared to debian, and several others. The Granularity aspect of microsoft's packages is especially lacking. Think on how a single "package" provides a smtp server, a web server, an indexing/search engine,an nntp server, the admin for all the above and several other components, including a web api(front page) that needs to be reinstalled on every client site with EVERY upgrade...
A lot of those "design decisions" were based when marketing seemed to have overruled engineering... Otherwise, a better update/packaging system would: 1) have been provided by microsoft, not a partner supplying parts, while microsoft supplied another, and huge fees levied for developers to use it 2) have been ready by windows 98 or so 3) been more granular (i.e been less oriented towards "Oh this office 2010 is better than office 2009!" and more towards "We have improved the word component of Office 2009 and it's now Office 2009.2")
In this case, the low-marketability of security alone might explain why apple and linux are better at it than Microsoft. Microsoft could market refrigerators in Antarctica... Linux and Apple, have enjoyed no such successes, they however, have been more successful in putting together different "marketable units".
Quick question can rpmpan's author tell us if he's has a plan for turning his site into an apt-repository for those of us who use apt-rpm(and probably be useful to others). *has fingers itching to add that to my/etc/apt/sources.list already*
As far as I am aware, mailscanner (http://mailscanner.info/) has a list of viruses it quietly deletes, and notifies for other viruses. Wouldn't it make sense to spread this usage to other antivirus platforms? i.e. to reserve the reporting of viruses for viruses whose origin can be predicted with some confidence?
well I for one am not returning to any single-chat client unless I can run multiple identities in the same instance. Trillian allows that, and will refine it in their next version(2.0) unfortunately for me, I couldn't get the beta(which uses jabber, somehow) to work for me. Hopefully by then, they will fix all this.
Err, in the military, that's called a losse cannon... and can get someone courtmartialed. Are politics really that unimportant? If a political party is a way for ideas to be grouped, so people don't have 235000 candidates on each ticket... Then these people are either fighting the system, or "deniable" help for his ideas.
Where I live, someone who would organize a campaign of homeless people sticking posters for 5cents for a candidate would be considered "an agent of the candidate" whether or not the candidate knew about it. It's part of the rules. If Dean wants to improve the system, doesn't he have first to show he can work the system in an ethical way? (on the premise that spammers are a legal, unethical way to sell products)
The carrier is math... Matrix calculus to be specific, probably because most math teachers use fortran for their computer needs. Practically every math teacher I've had, and a bunch of CS classes to, used ijk to iterate, mapping i to the x array, j to the y and k to the z.
Forced competition and a forced monopoly are two sides of the same coin: force. The only solution is freedom. The freedom to compete, or cooperate, as you see fit, to present your best ideas to the public for sale and let them take it or leave it. But not the freedom to stop anyone else from doing the same. That's capitalism. That would be deregulation.
Let companies compete -- or co-operate, at their own discretion -- to build power plants and power lines, to run power lines all the way to homes. Then let's see if deregulation fails. But until that happens, you don't really have deregulation, and you don't really have capitalism.
Wouldn't it be better to allow freedom AND protect citizen's rights? Isn't that why we have a goverment?
To allow individuals to cooperate together, to get a better deal than alone, and protect those of us from each other's freedoms(kinda like an umpire?). You've pegged every disadvantage of the current situation exactly, but your solution could create just the reverse of what we have, with the exact opposite faults, and in end end, be as much of a problem as what we have(just different).
Suppose we got a system in which multiple providers could supply each and every citizen on the grid. Your connection to the grid and its maintenance would fall to a power transmission service provider. Their job is to supply connectivity. (Kinda like isps now, name chosen to emphasise this) You pay a certain amount to your ptsp every month, and get surcharged if you overuse. They in turn select from one or more power suppliers(hopefully many, like bandwidth suppliers now). You get a good deal, as in the case of a power supplier going down, your PTSP can negotiate the contract from a position of strength and get good SLAs and punitive clauses if power goes down. This also enables deals with out-of-state power suppliers, as the distribution of the power is cut from the transmission(again this is a similar model as the ISPs, as few 1000-subscribers can pay for transatlantic cable, but reaching that finland server can still provide a worthwhile download)
This also puts maintenance high on their list, as when they can't transmit power to your house, they can't bill you for it, and like bandwidth, power is not that easy to store... So a PTSP will want high-quality power-distribution equipment, just like an ISP wouldn't use an ethernet unmanaged hub for its backbone.
A PTSP would work on getting "cheap" power, within guidelines of existing equipment and standards(and have tho show their math/graphs fot it) if not to you then to the competition authorities... Just like ISPs have to show network statistics to their business clients. It changes the dynamics we have now, by allowing more accountability, and encouraging required maintenance(if not optional let's make this network "better" maintenance). I'd propose against any power producer owning stock in distribution of course, but then I'm from a place where the Gvmt still owns power, and it's one of the parts of the gvmt that aren't in the red...)
interesting point, however a few people were mentioning "pick your generator" and my point was "where's the competition in distribution?" You CAN pick your isp now... Where can I pick my power distibution company? (ok so here(QC) it's regulated tighter, both production and distribution, than you'd believe possible, the only part of government that's making some money... plus our ice storm of a few months back made them clean up their act...)
Considering Quebec's power grid had power to sell to our NYS neighours(that was a spokesperson on tv), but couldn't, because their grid was down, this seems more like a distribution problem, than a production problem.
Building new plants, which are competing, but having a monopoly on the last mile is just going to create another ILEC/CLEC mess... Maybe if government would deregulate the HARD parts(last mine, getting power from source X Y or Z to consumer A without overloads brownouts or blackouts) perhaps it might work. But lately deregulation has been "we have this industry which needs a huge capital influx that shows up on the government's budget this election year, let's privatise and deregulate it...
Deregulation "might" make sense if you deregulated the every day money industry, but you wouldn't have competition there(it's too hard, and the margins would be too thin for "real" competition)
What's even more stupid is that the only infraction one could possibly infer from a filename, is the use of trademarked material in the filename itself. As usual, lawyers can't make the difference between name and content.
Some of that however, has nothing to do with FS design though, browser start speed has dns components, thread starting, tuning.
OS booting also has lots more factors than just the filesystem(on one of my systems, using XFS, even a dirty start and fsck of five filesystems, the part before the fsck is only 1% of the start of the machine, why? dns resolution by the daemons I need started near the end of boot)
That was sarcasm, not fact...
I just meant to imply that the markets I've been exposed to, the weight marketing is given outweighs engineering almost every time. (in the context of: engineering has to do what marketing tells it, but marketing seldom listens when engineering tells it anything)
Of course - the designers and managers need to understand the domain well enough so that they can vouch for a close mapping between the marketing claims and the product design.
Who checks for that mapping? Someone in marketing, of course....
I always thought marketing's job was to find arguments for you to BUY a product.
This has the interesting corollaries as follows:
1) if it makes you think "I don't need this product" marketing can either remove it, or not do its job properly 2) if you buy a product but never use it, marketing did a splendid job 3) caveat emptor is a nice concept, to be applied whenever marketing is involved... 4) marketing claims things will operate as advertised, but it's usually engineering's job to see that it does, hence marketing can make a lot of impossible predictions in a lot of cases 5) a lot of these "impendence mismatches" between marketing and engineering have a lot to do with language... a good marketer for an engineering firm speaks both marketing and engineering jargons. 6) consumer associations in my area(Quebec) have a job to check that claims are backed by fact, but they are woefully understaffed. By understaffed I mean they do NOT screen ALL of the advertising, but wait for a complaint. Of course, that may just mean we can't afford to right-staff that office.
quick question, what mount options were used on each? Wouldn't e3fs appear slower than the others if it was data-journaling? (I read the article a bit fast, but I didn't see any "how we tested") Also wouldn't a good test take at least two hours on each filesystem?
They want you to buy another disc, not go make your own.
And until we sue them for thinking that's ok, they will keep pressuring us to do exactly that, and to turn that into law, it's on their path to greatest profit. They have to be stopped now(no yesterday, but now's as good as we'll get).
I have a better idea, have the RIAA spell out what they like/don't like. I shouldn't have to be a lawyer to be a consumer.
Interesting way to put this, yet the Lawyers clearly made it part of the law that you don't have to be a lawyer to know the law(that ignorance of the law is no defense part)
If you don't want to do illegal things, you should know the law. This isn't like software, where the EULA is an attempt to get you to abandon or limit your fair use rights, using small text(or shrink-wrap) to prevent you from reading an agreement you will be bound to obey.
Right on... And let's not forget the advantage of a new version to redesign around old bugs...
A lot of people on this thread don't like how nat isn't bidirectional, and how that affects games. Well let's MAKE those games "ipv6 compatible" by making sure they play better with non-public ips... We have the perfect excuse, we're rewriting a LARGE portion of the ip stack.
I can just see the tv ads, you want to play on my net, play by the rules.
(out of mod points) Hear Hear, People put in a distro what works, so if the poster's software is good/has a userbase which matches the distro, the only thing left to do is write packages of the type of a favored distros, so the maintainers have something to work with.
I see the poster has done some of that, by mentioning fink and an rpm on the page. You might also want to get one or more packages that use your software list you as a dependancy, to hurry the adoption of your package.
Some employers/corporate citizen's rights have been so inflated recently, sometimes it seems that the owners of those corporations have twice as much rights as everyone else. Can we scale back those corporate rights so the rest of us can go back on living?
Maybe, but they're also focusing your attention on "Linux" not on IBM's Linux Solutions, or Compaq's...
They still keep the focus on the "independant from big business" part of Linux
All of those things do not have to be 1) secret 2) once-only 3) if you pay for someone else, it's YOUR bankaccount an electronic voting system without biometric verification wouldn't cut it, imho
Slashdot Mirror
which is probably why the financial institution is looking into this project. Way more linux admins than mainframe-qualified systems admins err sysprogs
ever heard of ssh-enabled managed switches?
I was hoping I wouldn't be the only one to see this coincidence :)
package management and update/patch distribution do contribute a great deal to a secure system.
Microsoft just happened to flunk this particular aspect of "secure by design"(i.e. applying a patch that reinstalls a component that was removed for security is pretty bad), at least compared to debian, and several others. The Granularity aspect of microsoft's packages is especially lacking.
Think on how a single "package" provides a smtp server, a web server, an indexing/search engine,an nntp server, the admin for all the above and several other components, including a web api(front page) that needs to be reinstalled on every client site with EVERY upgrade...
A lot of those "design decisions" were based when marketing seemed to have overruled engineering... Otherwise, a better update/packaging system would:
1) have been provided by microsoft, not a partner supplying parts, while microsoft supplied another, and huge fees levied for developers to use it
2) have been ready by windows 98 or so
3) been more granular (i.e been less oriented towards "Oh this office 2010 is better than office 2009!" and more towards "We have improved the word component of Office 2009 and it's now Office 2009.2")
In this case, the low-marketability of security alone might explain why apple and linux are better at it than Microsoft. Microsoft could market refrigerators in Antarctica... Linux and Apple, have enjoyed no such successes, they however, have been more successful in putting together different "marketable units".
Quick question /etc/apt/sources.list already*
can rpmpan's author tell us if he's has a plan for turning his site into an apt-repository for those of us who use apt-rpm(and probably be useful to others).
*has fingers itching to add that to my
As far as I am aware, mailscanner (http://mailscanner.info/) has a list of viruses it quietly deletes, and notifies for other viruses. Wouldn't it make sense to spread this usage to other antivirus platforms? i.e. to reserve the reporting of viruses for viruses whose origin can be predicted with some confidence?
well I for one am not returning to any single-chat client unless I can run multiple identities in the same instance. Trillian allows that, and will refine it in their next version(2.0) unfortunately for me, I couldn't get the beta(which uses jabber, somehow) to work for me. Hopefully by then, they will fix all this.
Err, in the military, that's called a losse cannon... and can get someone courtmartialed. Are politics really that unimportant?
If a political party is a way for ideas to be grouped, so people don't have 235000 candidates on each ticket... Then these people are either fighting the system, or "deniable" help for his ideas.
Where I live, someone who would organize a campaign of homeless people sticking posters for 5cents for a candidate would be considered "an agent of the candidate" whether or not the candidate knew about it. It's part of the rules. If Dean wants to improve the system, doesn't he have first to show he can work the system in an ethical way? (on the premise that spammers are a legal, unethical way to sell products)
The carrier is math... Matrix calculus to be specific, probably because most math teachers use fortran for their computer needs. Practically every math teacher I've had, and a bunch of CS classes to, used ijk to iterate, mapping i to the x array, j to the y and k to the z.
Wouldn't it be better to allow freedom AND protect citizen's rights? Isn't that why we have a goverment?
To allow individuals to cooperate together, to get a better deal than alone, and protect those of us from each other's freedoms(kinda like an umpire?). You've pegged every disadvantage of the current situation exactly, but your solution could create just the reverse of what we have, with the exact opposite faults, and in end end, be as much of a problem as what we have(just different).
Suppose we got a system in which multiple providers could supply each and every citizen on the grid. Your connection to the grid and its maintenance would fall to a power transmission service provider. Their job is to supply connectivity. (Kinda like isps now, name chosen to emphasise this) You pay a certain amount to your ptsp every month, and get surcharged if you overuse. They in turn select from one or more power suppliers(hopefully many, like bandwidth suppliers now). You get a good deal, as in the case of a power supplier going down, your PTSP can negotiate the contract from a position of strength and get good SLAs and punitive clauses if power goes down. This also enables deals with out-of-state power suppliers, as the distribution of the power is cut from the transmission(again this is a similar model as the ISPs, as few 1000-subscribers can pay for transatlantic cable, but reaching that finland server can still provide a worthwhile download)
This also puts maintenance high on their list, as when they can't transmit power to your house, they can't bill you for it, and like bandwidth, power is not that easy to store... So a PTSP will want high-quality power-distribution equipment, just like an ISP wouldn't use an ethernet unmanaged hub for its backbone.
A PTSP would work on getting "cheap" power, within guidelines of existing equipment and standards(and have tho show their math/graphs fot it) if not to you then to the competition authorities... Just like ISPs have to show network statistics to their business clients. It changes the dynamics we have now, by allowing more accountability, and encouraging required maintenance(if not optional let's make this network "better" maintenance). I'd propose against any power producer owning stock in distribution of course, but then I'm from a place where the Gvmt still owns power, and it's one of the parts of the gvmt that aren't in the red...)
interesting point, however a few people were mentioning "pick your generator" and my point was "where's the competition in distribution?"
You CAN pick your isp now...
Where can I pick my power distibution company? (ok so here(QC) it's regulated tighter, both production and distribution, than you'd believe possible, the only part of government that's making some money... plus our ice storm of a few months back made them clean up their act...)
Considering Quebec's power grid had power to sell to our NYS neighours(that was a spokesperson on tv), but couldn't, because their grid was down, this seems more like a distribution problem, than a production problem.
Building new plants, which are competing, but having a monopoly on the last mile is just going to create another ILEC/CLEC mess... Maybe if government would deregulate the HARD parts(last mine, getting power from source X Y or Z to consumer A without overloads brownouts or blackouts) perhaps it might work. But lately deregulation has been "we have this industry which needs a huge capital influx that shows up on the government's budget this election year, let's privatise and deregulate it...
Deregulation "might" make sense if you deregulated the every day money industry, but you wouldn't have competition there(it's too hard, and the margins would be too thin for "real" competition)
What's even more stupid is that the only infraction one could possibly infer from a filename, is the use of trademarked material in the filename itself. As usual, lawyers can't make the difference between name and content.
Some of that however, has nothing to do with FS design though, browser start speed has dns components, thread starting, tuning. OS booting also has lots more factors than just the filesystem(on one of my systems, using XFS, even a dirty start and fsck of five filesystems, the part before the fsck is only 1% of the start of the machine, why? dns resolution by the daemons I need started near the end of boot)
That was sarcasm, not fact... I just meant to imply that the markets I've been exposed to, the weight marketing is given outweighs engineering almost every time. (in the context of: engineering has to do what marketing tells it, but marketing seldom listens when engineering tells it anything)
Who checks for that mapping? Someone in marketing, of course....
I always thought marketing's job was to find arguments for you to BUY a product.
This has the interesting corollaries as follows:
1) if it makes you think "I don't need this product" marketing can either remove it, or not do its job properly
2) if you buy a product but never use it, marketing did a splendid job
3) caveat emptor is a nice concept, to be applied whenever marketing is involved...
4) marketing claims things will operate as advertised, but it's usually engineering's job to see that it does, hence marketing can make a lot of impossible predictions in a lot of cases
5) a lot of these "impendence mismatches" between marketing and engineering have a lot to do with language... a good marketer for an engineering firm speaks both marketing and engineering jargons.
6) consumer associations in my area(Quebec) have a job to check that claims are backed by fact, but they are woefully understaffed. By understaffed I mean they do NOT screen ALL of the advertising, but wait for a complaint. Of course, that may just mean we can't afford to right-staff that office.
quick question, what mount options were used on each? Wouldn't e3fs appear slower than the others if it was data-journaling? (I read the article a bit fast, but I didn't see any "how we tested") Also wouldn't a good test take at least two hours on each filesystem?
I thought perl was released december 18th...
Did I miss something?
I have a better idea, have the RIAA spell out what they like/don't like. I shouldn't have to be a lawyer to be a consumer.
Interesting way to put this, yet the Lawyers clearly made it part of the law that you don't have to be a lawyer to know the law(that ignorance of the law is no defense part)
If you don't want to do illegal things, you should know the law. This isn't like software, where the EULA is an attempt to get you to abandon or limit your fair use rights, using small text(or shrink-wrap) to prevent you from reading an agreement you will be bound to obey.
Right on...
And let's not forget the advantage of a new version to redesign around old bugs...
A lot of people on this thread don't like how nat isn't bidirectional, and how that affects games. Well let's MAKE those games "ipv6 compatible" by making sure they play better with non-public ips... We have the perfect excuse, we're rewriting a LARGE portion of the ip stack.
I can just see the tv ads, you want to play on my net, play by the rules.
(out of mod points)
Hear Hear,
People put in a distro what works, so if the poster's software is good/has a userbase which matches the distro, the only thing left to do is write packages of the type of a favored distros, so the maintainers have something to work with.
I see the poster has done some of that, by mentioning fink and an rpm on the page. You might also want to get one or more packages that use your software list you as a dependancy, to hurry the adoption of your package.
I'm out of modpoints, but RIGHT ON!
Some employers/corporate citizen's rights have been so inflated recently, sometimes it seems that the owners of those corporations have twice as much rights as everyone else. Can we scale back those corporate rights so the rest of us can go back on living?
Maybe, but they're also focusing your attention on "Linux" not on IBM's Linux Solutions, or Compaq's... They still keep the focus on the "independant from big business" part of Linux
All of those things do not have to be
1) secret
2) once-only
3) if you pay for someone else, it's YOUR bankaccount
an electronic voting system without biometric verification wouldn't cut it, imho