People being interrogated would frequently be asked to sit with their palms face down on a piece of cloth, usually stuck to the chair. After the interrogation, the cloth would be removed and placed in a jar for later analysis. I don't believe it's ever been admissible as evidence in any western court, but that's obviously what the whole DHS "proof" is all about.
Quite why one would invest so many resources in this when fingerprints and DNA are already reliable forms of identification I don't know, and I strongly suspect that the "indicator" of deception will be flawed for much the same reasons the results of a polygraph are flawed - I can understand how someone who's stressed might well emit a different sort of sweat than someone who's just hot, but trying to define a "liars sweat" reeks (hohoho) of pseudoscience to me.
Who knows, maybe there's something in it, maybe the article is making too much of things, maybe I've got my paranoid hat on. But it still seems worryingly like the whole "this man is the serial killer cos his writing is all weird" argument to me.
One thing I don't understand is the seemingly common paranoia towards "executable code" in the discussions here.
TBH, I think you're more in agreement with them than you think - people are up in arms about executable code in documents *because* it's often so poorly implemented and the parsers have problems with it, resulting in vuln after vuln. I'm not against executable code in documents myself, per se - but I'm wary of anything that makes extensive use of it simply because it's been such a huge attack vector on pretty much every major document format/app ever. Since it's Car Analogy Day I'll say it's a bit like people who say cars with electric motors are shit - it's not that they're a fundamentally bad idea in themselves, it's just that most people haven't got the technical details even mostly right yet.
One thing I've been curious about - on x86, is it possible to use the NX flag for things like embedded code? Obviously it still needs the parser to correctly identify things like "bytes 10-452439 are data, 452440-456375 are code" or whatever but is there any reason it can't be implemented for run-of-the-mill document programs? Does anything implement it already?
If any of the forces involved in WW1 hadn't used machine guns, it wouldn't have devolved into the stalemate massacre it turned into. Every side deployed machine guns heavily, and every side had shortages at the beginning of the war - the british were still in the process of upgrading from their Maxims to the Vickers when war broke out http://en.wikipedia.org/wiki/Vickers_machine_gun. Only the germans, who had started the transition away from the maxim in 1908, had a notably larger presence with more modern machine guns.
Granted, the brits didn't use their machine guns half as effectively as the axis forces did in the opening stages of the war either, (brits hadn't really been at the receiving end of machine guns before so they had no idea that they'd need as many as they ended up using) but hence why outfits like the machine gun corps were founded.</derail>
If they'd have called it Rain Man, they're highly likely to incur the wrath of the MPAA for infringing the copyright of MGM/UA. Whilst the casino might only beat you up a little, the MPAA will take away your house (unless you have a credit line to the local whorehouse or a senator in your pocket).
Why *wouldn't* you run windows on Linux if you had the chance?!
From a seasoned VMware ESX admin speaking from an operational standpoint;
First, I'll explain a few things. Servers today are so mind-bogglingly powerful that even with virtualisation overhead they're easily capable of providing more than enough grunt for hordes of enterprise crapware that, due to shoddy programming or testing, would otherwise be sitting on $7000-worth of barely-utilised tin since the support agreement stipulates "we refuse to support you if you install so much as a text editor on the same machine" - I'm sure anyone else in any SME will agree that this sort of thing is rife. Throwing patch cycles to the side, my number one problem with these legions of power-sucking high-maintenance windows servers is shoddy drivers/firmware.
ESX, itself a highly specialised Linux-based OS, builds on Linux's rock-solid hardware stability and abstracts away everything so that all windows sees is a unified blend of generic hardware, for which VMware provides their own set of (high quality) drivers, plus some old ones that have worked in windows since the year dot - think OSX on steroids. The ESX boxes basically have the highest uptimes in our entire organisation, plus clustering them is an absolute cinch. Large scale storage is provided by a fibre-attached EMC SAN, which coincidentally also runs a highly specialised Linux-based OS providing CIFS, NFS or dedicated block devices (LUNs). Tools such as P2V make cloning a physical box into a virtual machine a point'n'click operation limited only by your network throughput, and you can even do nifty things like resize that 5% used 137GB filesystem into a 10GB virtual disc.
Furthermore, thanks to LVM-alikes, you can take an instant snapshot of a system. This allows you to do things like make a snapshot, install patch XYZ, do regression testing and whatnot and roll back if things are unsatisfactory. With windows' reputation for patches not being entirely reliable, this is an utter godsend for development and testing.
So at the end of the day, running windows on top of gets you: Better "hardware" reliability The ability to consolidate X U's/Y Watts worth of servers into (X-n) U's/(Y-n) Watts worth of servers, leading to lower overall datacentre expenditure Built-in clustering for people with shared storage Built-in failover Much more robust and/or cheaper methods for development, testing, patch management
The only downside* to ESX is cost - it's not cheap. And an alliance between RH (pretty much the corporate face of Linux, especially for windows shops) and Microsoft is likely to send the cost for ESX down before the fruits of it's labour become evident. As long as TFA is correct that there's no IP ownership bollocks going on, this is a win for everybody.
* Not to say that ESX isn't without its flaws, but it certainly has less than most apps you run into in this business. I've heard that VMware is a very much engineer-driven company, and that's true from my POV.
Disclaimer: I don't work for VMware, but when I can dispense with 96U's worth of servers, shave 8kW of our datacentre power budget, increase availability plus reduce downtime at no cost in performance then you colour me impressed. There's no reason why a competing VM system can't do the same thing.
Erm... maybe I'm being exceptionally dense and/or ignorant of kernel build policies (IANA Kernel Coder), but isn't there really only one mainline kernel that's targeted for driver development?
(please bare in mind the many, many distros, dependencies, package types, kernel revisions which drivers would need to be developed for. Source code is great, but I don't want the hassle of compiling it thanks)
Distros - all follow the mainline kernel, more or less. Most distros don't expect driver devs outside the kernel team to do any work on tweaking a driver for $distro - if a distro really wanted to much about with custom driver code, the kernel team (quite rightly) should request them to do it themselves. For niche cases, you get some kernel forks (uClinux for example).
Dependencies - yup, some drivers have dependencies on certain userspace libraries - linuxtv is one that springs to mind. However, let's say you're targeting kernel 1.2.3 and $distro only supports 1.2.distro-4 What doesn't happen is the hardware company writes a billion different patches, rather they write a driver for 1.2.3 and, if $distro cares enough, they'll backport it (along with upgraded userspace if needed), or just tell users to wait until the next version. Most distros often provide a way to do both.
Package types - irrelevant. Patches to the kernel aren't supplied as a.deb or whatever that Linux installs on the kernel build server. If it's not in a git branch, it'll be a tarball or a simple diff, depending on the size/complexity of the patch.
Kernel revisions - see dependencies. The beauty of providing an open source driver for your companies hardware is that once it's written and published, the FOSS community are free to keep it forwards and backwards compatible for as long as anyone cares to edit the code. As a company, your compatibility maintenance costs drop, leaving you more time to spend fixing bugs in or speeding up the functional parts of the driver.
Source code - yup, it is indeed great. Been using Linux since 2001 and I think the last time I had to resort to compiling my own kernel modules was in about 2004 (for the at-the-time hot off the presses DVB card I'd just bought), unless you count my foray with Gentoo).
As I'm sure others will have pointed out by now, there are a great deal of companies that do employ linux devs because, for the niches their hardware sits in, Linux development does make an awful lot of sense, especially in the area of server tin - Intel even provide full source for their desktop lineup to, as do a great many other manufacturers. Most are content to provide limited documentation in the event they don't wish to provide programming resources themselves.
Not to say that lots of companies don't provide Linux support because they see it as a money pit - I'm sure alot do. But getting your hardware supported under a wide variety of Linux distros is nowhere nearly as hard as your post makes out.
Video games, generally being an arbitrary collection of binary information (typically expressed by electron progression through [semi]conductive materials), have effectively zero mass and since the amount of kinetic energy inherent in any body is proportional to the square of the mass, you can only literally kill someone with a video game by using a localised black hole and/or particle accelerator to get the data to near the speed of light.
Secondary effects, such as that of the media carrying the "static" copy of the data (usually a small circular device made of hydrocarbon polymers) offer limited offensive possibilities in the terms of discus-like protectiles, or fragmented discs used as makeshift knives (although, technically, the data is no longer intact and therefore cannot be truly defined as a still being a video game). Long term exposure to phosphors emanating from cathode ray tubes sometimes used to display the visual interpretation of the data have also been linked to melenomas and/or rhomboid iris syndrome.
Hence, it seems reasonable to me that those of us who chose to travel ourselves around in disturbingly fast-moving piles of iron should have some mandatory skill at it. The worst casualty you're likely to get from computer games is someone who stoved their own head in after accidentally playing a copy of ET.
In summary: Person with a six pack of beers in a 2-ton lump of steel travelling at 60mph == dangerous fucktard Person with a six pack of beers on a couch playing Mario Kart with his mates == non-dangerous
The most galling thing is that I'll be willing to bet my salary that indie labels will have a very hard time getting their hands on any of the moolah. I only listen to indie labels as a result of my detestation of Big Media practices, and thanks to sites like Bleep (first no-hassle "big label" MP3 download store in the UK) I've been introduced to literally hundreds of acts that never get any exposure in the mainstream press, and have purchased entire back catalogues as a result. Maybe I'm jumping the gun and there's going to be payments allocated based on the amounts of sales you shift, but by prior performance I suspect this will be "big three" only.
Yet again, just more cartel protectionism.
Still, at least a universal tax will make downloading legal, right?
In principle, yes, it shouldn't be necessary to have to provide a big salary to attract the best teachers to the profession.
But the problem is that some of the most valuable core skills in teaching will often net you double the salary and double the prospects for promotion in the private sector than they will in your local comprehensive. Once you throw in long hours, interminable bureaucracy, very high stress and kids that really don't want to be taught and have no concept of discipline, teaching becomes a very unappealing profession to all but the most dedicated or those willing to sacrifice themselves. To me at least, any career that involves such a high degree of martyrdom is lunacy, no matter how much a kick I get out of sharing my knowledge.
Being a teacher for a private school is another matter, but the situation in many state schools is dire. And I'm one of those people who believes that a good education should be available to everyone, because in the long run it benefits everyone.
I could be wrong, but aren't region-free DVD players not only easy to come by, but actively encouraged in europe? Every time I've seen one for sale (e.g. take this example from Amazon, something like number 6 in a search for "multi region dvd player" http://www.amazon.co.uk/Philips-DVP5980-Multi-region-capable-Upscaling/dp/B000Q7ZCO6/ref=sr_1_4?ie=UTF8&s=electronics&qid=1233234235&sr=8-4 with the sequence in the first review) there's usually always been information provided to show you how to unlock the firmware. I'd assume that if it was horribly illegal, people like Amazon would take it down for fear of lawsuits...?
Anecdotally, I've also seen lots of DVD players bollocks up (freezes, stuttering, unreasonably long layer transitions) when region codes are enabled, but start working perfectly once the region-free hack has been applied - almost certainly crappy region protection firmware, but to the end user the cause is irrelevant. My parents cheap-ass DVD player even granted you access to the skip buttons during those interminably irritating "You've just bought this legitimate DVD... NOW DON'T BUY ANY PIRATE ONES YOU FILTHY THIEVING SCUM" and "Seeing as you bought this movie, we thought we'd like to remind you that this isn't the only DVD in the world and other films actually exist AND WE FEEL SO STRONGLY ABOUT THIS WE'RE GOING TO TELL YOU EVERY TIME YOU SETTLE DOWN TO WATCH A FILM" intros. My parents aren't techies, but had the nouse to google the region free sequence for it on their own simply because they wanted a way to skip all that shite.
Plus, buying other-region DVD is similarly easy in the UK (and I assume the rest of europe), if it wasn't I wouldn't buy half as much stuff as I do - there's craploads of stuff that has never been released in region 2 and I don't see why I or anyone else should have some idiotically myopic copyright lobbyist label me a criminal for trying to buy stuff.
Disclaimer: when I was a penniless student, I downloaded all sorts of stuff. Now I have a job, I've not downloaded anything illegally for years, including all the stuff I downloaded. Which included loads of things I wouldn't otherwise have watched.
I'd be interested to hear how easy it is to get hold of region free players in the US and elsewhere.
Been buying my own phones at full retail price (usually circa £300) since about 2002. Every year I get the "do you want to upgrade to a new Nokiericsung Eleventytron with LASERS?!" call, and say no (primarily because I'm damn picky about my mobiles, and 95% of the ones offered as "free" are junk with shitty flashy UIs and the battery life of a Game Gear.
Upshot? They no longer have a bargaining chip to get me to sign a new contract. They know I can get cheaper deals elsewhere and transfer my number with minimal hassle. They also know I've had the same contract for ten years. So every year, my contract gets cheaper, I get more free texts, more free calls, free minutes across europe, even bills paid for. Opposed to friends with similar contracts and usage patterns over the years who have opted to take the phone, I reckon I'm saving on the order of £150-£200/yr which, if you're happy to not always have the latest and greatest mobile, seems like a great deal to me.
Last time I did a Debian install (netinstall), it didn't give me any "defaults" apart from a kernel, base OS, login prompt and a text editor. I consider myself an experienced user, and not only does Debian make very little sway on suggesting defaults, it even makes switching away from the defaults (e.g. setting $EDITOR system-wide via system-alternatives) very easy. It's not that the defaults are bad, it's that advanced users are very used to their own particular setup, and Debian caters to this by making it easy (for advanced users;).
Granted, I imagine if you download a full fat installation CD you might have Gnome or something on there by default, but as TFA sort-of points out, being a less desktop-focussed distro, Debian is forever destined for server tin for most users and is therefore far more likely to be doing a number of dogsbody tasks (i.e. more and more varied packages) than an ubuntu desktop machine (whose graphical package manager doesn't even include most of the packages available BUT makes things like multimedia much more streamlined than Debian).
Disclaimer: been using linux for about a decade, debian on all my servers ('cept the RH/CentOS ones at work), ubuntu on all my desktops/laptops and I love both. They're superficially similar to the extent that they feel to me a bit like XP vs Server 2003 - their strengths lie in different mutually supportive areas. Or should I rephrase that as a car analogy?;)
As another poster pointed out, in being the domain of the sysadmin, Debian users are more likely to be pragmatic and pick the best tool for the job, which in alot of cases might invole picking, say, Kontact for email, Enlightenment as a window manager, xscreensaver for eyecandy and a bunch of other possibilities. "Newbie" users of ubuntu are, of course, more likely to go with the defaults since they're either just beginning their foray with it and rarely have explored it, or linux, that much.
You let your kids outside? If I had my way I'd imprison irresponsible parents like you who put their kids' lives in great danger.
Personally, I've solved the entire problem by encasing my children in polycarbonate resin which forms an airtight barrier between the sanctity of the child and the outside world - such as the aforementioed tendon infections, not to mention other fatal hazards such as necrotising fasciitis, piranha bees, country and western, homosexuality and religious freedom - which your pathetic padding does absolutely NOTHING to protect them from. You can't be too careful when it comes to exposing children to the world they find themselves living in.
So far I haven't had any complaints from the kids, their behaviour has improved immensely and they've even stopped over-eating and watching TV.
It's a pretty nice GUI frontend to the (admittedly arcane) mkvmerge and friends that runs on windows, mac and linux. I use it all the time, and like any good CLI frontend should it tells you the command line it's using to aid in your future scripting efforts.
Dunno if mine is the exception that (dis)proves the rule or whatever, but I've had the same contract with Vodafone in the UK for just under 10 years, and I've been buying my own phones since 2001/2002. Every 12 months I get a phone call from Vodafone telling me my contract is up for renewal and would I like to upgrade my phone, every time I say no. They always (unfailingly always) offer me more and more ludicrous deals in order to keep my custom - in the form of cuts in the monthly tariff, extra free minutes, free minutes now usable in business hours, free minutes now usable across all networks, free minutes now usable in Europe off-peak, £75 rebate, no tariff for 6 months... and it's not even like I make alot of calls, and I find it impossible to go over my rolling 1000 free texts.
Anyone out there acquainted with the mobile telco industry able to inform us exactly how much of your average monthly bill is allocated to subsidising the "Oooh, Shiny!" people who get a new phone every 6-12 months?
Seriously, judging by what my friends pay for similar tariffs, I've saved myself an utter packet by buying sensible phones for ~£300 every few years rather than the flash-du-jour that most people end up with. Not trying to sound like a smug elitist prick, this originally started out as me thinking throwing away perfectly functional tech for the sake of a shinier thing distasteful, until I found out how much leverage it gave me with my contract.
Why they are not common place I'll never understand.
Because: a) They're expensive b) If your details are "leaked", and you have a secure password, and you didn't lose your keyfob or leave it lying around a random IP in Russia, then the onus is on the bank to prove they didn't accidentally leak your details, rather than the current assumption that "Oh, you let people know when your birthday is/let people know what your mothers maiden name is/didn't patch windows in time for the latest 0-day/didn't patch your antivirus/look at the SSL certificate closely enough/examine your ISP DNS servers for the Kaminsky bug/reverse engineer your OS kernel to check for rootkits, therefore it's your fault your data got leaked!" - almsot all of which involve the victim having to prove a negative. My boss at work had all of these excuses come at him over the phone when his month-old debit card took about a grand out of his account before he noticed.
I asked at my bank for an account that came with a SecurID token, and was told I'd need at least 50k in order to get one. We use SecurID extensively at work, and although pricey it's not *that* expensive, especially when customers like myself are willing to fork out extra just for the privilege of helping the bank improve their security practices. The only explanations I can come up with for it not being more widespread is either due to inertia/laziness or unwillingness to publicise any data breaches so as to limit public liability.
Damnit, forgot to reply to the rest of your comment:)
The test I did was just a random snapshot of part of our file server copied onto our backup system; tested it with XFS, JFS and ext3 with ACL's enabled and disabled. Basically wrote a script that did repeated read/write requests on random files within the snapshot and found that the aggregate time for the ext3 + ACL's was consistently longer than JFS + ACL's - not by a huge amount (think it was only something like generally 1-2% longer than the same test without ACL's) but as I was already leaning to JFS it made my mind up.
We also use AIX at work, and JFS on our shiny POWER6 boxes is an absolute joy - much like XFS on x86 hardware perhaps, JFS feels gimped on Linux once you've seen what it can do in AIX. Lovely stuff.
Indeed, XFS under Linux - never lucky enough to get my hands on any IRIX kit but a bit before my time in any case.
As t'other poster has said, XFS was designed with bulletproof power in mind - whether IRIX boxes had battery-backed everything I don't know, but XFS has problems with any power outage since it uses system RAM extensively as a write-through cache; even a battery-backed RAID card won't help you there.
XFS is a pretty good filesystem and no mistake, I just think JFS is a better one. ext4 looks to brings most of the advantages of both into the mainstream though, which is a good thing (if several years late IMHO...!).
I've used JFS extensively for several years now, including power outages when the discs were under load - and I've never had anything fail to correctly fsck when the power came back up. fsck is also far, far faster than ext3 or XFS and CPU loading is *way* lower than XFS, whilst maintaining comparable throughput. I don't like XFS for the simple reason that if you don't have bulletproof power you will be restoring from backup. And when you've been in the job for as little as a few years you soon come to realise that *nothing* is bulletproof. Even triple-UPSed, six diesel generators, four seperate power lines and a five nines SLA with your data centre are no protection against a hung-over techie pulling the power cables from the wrong server.
JFS also gets ACL access "for free"; if you use it like I use it, as the backed for a Samba server (~300 users) with a complicated ACL structure, JFS is much faster. Last time I fiddled with ACL's under ext3, I found they introduced a small, but percetible, increase in filesystem latency - don't know if this has been fixed, but using ACLs under JFS incurs no penalties, at least as far as my testing goes [citation needed]
IMHO JFS is one of the hidden gems of Linux - fast under varying workloads, robust, frags up nowhere near as badly as ext2/3 when getting full, incredibly simple... the only downsides I'm aware of are that you can't shrink it and the fact that no-one seems to "support" it.
Agreed, there's not really much point to many of the benches.
True, all other things being equal if you have two identically performing filesystems but one ramps the CPU higher than the other for a given throughput, you'd expect the more conservative filesystem to finish the CPU-bound benchmark the quickest.
However, this is no reason to make approx. half of your tests mostly CPU/memory/graphics bound where I/O performs a minimal role. Where are the rest of the IOMeter profiles? Where's the time to do 10,000 inserts in postgres? Where's the time to create, cat and delete 1000 4kB files? How long to do an `ls` on a filesystem containing a million directories? Heck, where's even `time cp/mnt/ramdisk/testfile/mnt/ext4testdisc`? Please remember that hard disc benchmarks will be affected in normal use by the speed of the filesystem running on them.
Don't mean to rant, but Phoronix is practically one of the only sites still doing regular hardware and software reviews under Linux, just that sometimes I feel like their methodologies are totally flawed or included just for the hell of it. Either way, valid tests tend to get lost in the noise.
Would have liked to see some JFS benchmarks too, but I do realise that even mentioning JFS makes me evidently psychotic;) I've generally found it the best performing filesystem all-round (fast as XFS where it counts but with considerably better resiliency IME), it just feels a bit like the forgotten bastard stepchild...
Maybe because at the moment there are very few applications of an Internet connection for which you'd notice the difference between 1mbit and 10mbit....sayeth someone who doesn't live in a shared house, in my opinion.
TBH, with web pages often reaching a megabyte when you factor in the images, I'm happy of any extra speed I can get. Three youtube/iplayer streams is enough to make a 1Mbps connection appear slow. My parents in Wales have a 2Mb line that operates at ~1Mb and when me and my sis are back for winter hols it's painfully slow. Something to do with that law of data expanding to fill all available space - as soon as broadband became widespread, lots of colossally huge pages appeared - ubiquitous flash, ever bigger and more annoying ad banners, AJAX (although this is usually compressed), high-latency links to a billion ad servers per page load (IMHO the real justification for ad blocking).
To be fair, I live in a house of four fairly heavy internet users (no-one uses P2P much but we average about 1GB of HTTP traffic a day, and that's *with* a caching proxy server and judicious null routing of ad servers). We read lots of sites, talk to alot of people, download alot of music and streaming movies. TBH when we're all using the net even the 6Mb we have can feel awfully slow, and this is from one of the UK's better ISP's (Zen Internet).
Not saying that 1Mb is useless, but to me there's certainly a huge difference between 1Mb and 10Mb for my internet/web habits, along with most of my friends, and this is before we even get started on torrents and the like.
Others have said it, but Zen are a far superior ISP to PlusNet in almost every way.
IIRC PlusNet were acquired a year or two ago by BT, with another old-skool stalwart Pipex being acquired by Tiscali - in both cases customer service bombed shortly thereafter.
Moving between alot of shared housing, I've used alot of ISP's and Zen are still the only one I'd ever recommend. Very little bullshit - they're perfectly up front about their bandwidth policies and what it'll cost you if you go over, they have by far the most reliable connection I've used on a consumer grade line, their latencies are some of the lowest in the UK and their tech support are friendly, knowledgeable (yes, really!) and you rarely spend more than a few minutes on hold. If you tell the techs "your DNS servers are down" (they never are), they'll actually say "let me just check that..." instead of forcing you through the usual rigmarole of rebooting windows, opening IE...
May sound like a bit of a gushing endorsement by a shill, but they're just so far removed from almost every other consumer broadband company yet they still seem to exist on customer goodwill alone. But then basic rule of thumb in the UK at least seems to be that if an ISP advertises on TV, they're automatically shite:)/not a Zen employee, just a happy customer
Slashdot Mirror
Not with 8GB of RAM it isn't... plus keeping 8GB of disc around for swap that you'll only ever use for hibernation is a waste IMHO.
Suspend is an option of course (wakeup time of less than a second on my 2GB and 4GB laptops) but means you have to keep the thing powered.
Most British also won't have a clue what Myanmar is, since they all know it as Burma.
http://news.bbc.co.uk/1/hi/magazine/7013943.stm
</derail>
This is just precious - the Stasi in the GDR (east germany to most) did exactly the same thing with their suspects.
http://www.spiegel.de/international/germany/0,1518,484561,00.html
http://scent-lab.blogspot.com/2008/07/body-odor-preserved-and-exhibited-at.html
People being interrogated would frequently be asked to sit with their palms face down on a piece of cloth, usually stuck to the chair. After the interrogation, the cloth would be removed and placed in a jar for later analysis. I don't believe it's ever been admissible as evidence in any western court, but that's obviously what the whole DHS "proof" is all about.
Quite why one would invest so many resources in this when fingerprints and DNA are already reliable forms of identification I don't know, and I strongly suspect that the "indicator" of deception will be flawed for much the same reasons the results of a polygraph are flawed - I can understand how someone who's stressed might well emit a different sort of sweat than someone who's just hot, but trying to define a "liars sweat" reeks (hohoho) of pseudoscience to me.
Who knows, maybe there's something in it, maybe the article is making too much of things, maybe I've got my paranoid hat on. But it still seems worryingly like the whole "this man is the serial killer cos his writing is all weird" argument to me.
One thing I don't understand is the seemingly common paranoia towards "executable code" in the discussions here.
TBH, I think you're more in agreement with them than you think - people are up in arms about executable code in documents *because* it's often so poorly implemented and the parsers have problems with it, resulting in vuln after vuln. I'm not against executable code in documents myself, per se - but I'm wary of anything that makes extensive use of it simply because it's been such a huge attack vector on pretty much every major document format/app ever. Since it's Car Analogy Day I'll say it's a bit like people who say cars with electric motors are shit - it's not that they're a fundamentally bad idea in themselves, it's just that most people haven't got the technical details even mostly right yet.
One thing I've been curious about - on x86, is it possible to use the NX flag for things like embedded code? Obviously it still needs the parser to correctly identify things like "bytes 10-452439 are data, 452440-456375 are code" or whatever but is there any reason it can't be implemented for run-of-the-mill document programs? Does anything implement it already?
?!
If any of the forces involved in WW1 hadn't used machine guns, it wouldn't have devolved into the stalemate massacre it turned into. Every side deployed machine guns heavily, and every side had shortages at the beginning of the war - the british were still in the process of upgrading from their Maxims to the Vickers when war broke out http://en.wikipedia.org/wiki/Vickers_machine_gun. Only the germans, who had started the transition away from the maxim in 1908, had a notably larger presence with more modern machine guns.
Granted, the brits didn't use their machine guns half as effectively as the axis forces did in the opening stages of the war either, (brits hadn't really been at the receiving end of machine guns before so they had no idea that they'd need as many as they ended up using) but hence why outfits like the machine gun corps were founded.</derail>
If they'd have called it Rain Man, they're highly likely to incur the wrath of the MPAA for infringing the copyright of MGM/UA. Whilst the casino might only beat you up a little, the MPAA will take away your house (unless you have a credit line to the local whorehouse or a senator in your pocket).
Now I'm not sure whether I'm joking or not...
Well, I hope this somewhat shorter post won't not waste any more of your precious time, Mr. AC :)
Why *wouldn't* you run windows on Linux if you had the chance?!
From a seasoned VMware ESX admin speaking from an operational standpoint;
First, I'll explain a few things. Servers today are so mind-bogglingly powerful that even with virtualisation overhead they're easily capable of providing more than enough grunt for hordes of enterprise crapware that, due to shoddy programming or testing, would otherwise be sitting on $7000-worth of barely-utilised tin since the support agreement stipulates "we refuse to support you if you install so much as a text editor on the same machine" - I'm sure anyone else in any SME will agree that this sort of thing is rife. Throwing patch cycles to the side, my number one problem with these legions of power-sucking high-maintenance windows servers is shoddy drivers/firmware.
ESX, itself a highly specialised Linux-based OS, builds on Linux's rock-solid hardware stability and abstracts away everything so that all windows sees is a unified blend of generic hardware, for which VMware provides their own set of (high quality) drivers, plus some old ones that have worked in windows since the year dot - think OSX on steroids. The ESX boxes basically have the highest uptimes in our entire organisation, plus clustering them is an absolute cinch. Large scale storage is provided by a fibre-attached EMC SAN, which coincidentally also runs a highly specialised Linux-based OS providing CIFS, NFS or dedicated block devices (LUNs). Tools such as P2V make cloning a physical box into a virtual machine a point'n'click operation limited only by your network throughput, and you can even do nifty things like resize that 5% used 137GB filesystem into a 10GB virtual disc.
Furthermore, thanks to LVM-alikes, you can take an instant snapshot of a system. This allows you to do things like make a snapshot, install patch XYZ, do regression testing and whatnot and roll back if things are unsatisfactory. With windows' reputation for patches not being entirely reliable, this is an utter godsend for development and testing.
So at the end of the day, running windows on top of gets you:
Better "hardware" reliability
The ability to consolidate X U's/Y Watts worth of servers into (X-n) U's/(Y-n) Watts worth of servers, leading to lower overall datacentre expenditure
Built-in clustering for people with shared storage
Built-in failover
Much more robust and/or cheaper methods for development, testing, patch management
The only downside* to ESX is cost - it's not cheap. And an alliance between RH (pretty much the corporate face of Linux, especially for windows shops) and Microsoft is likely to send the cost for ESX down before the fruits of it's labour become evident. As long as TFA is correct that there's no IP ownership bollocks going on, this is a win for everybody.
* Not to say that ESX isn't without its flaws, but it certainly has less than most apps you run into in this business. I've heard that VMware is a very much engineer-driven company, and that's true from my POV.
Disclaimer: I don't work for VMware, but when I can dispense with 96U's worth of servers, shave 8kW of our datacentre power budget, increase availability plus reduce downtime at no cost in performance then you colour me impressed. There's no reason why a competing VM system can't do the same thing.
Erm... maybe I'm being exceptionally dense and/or ignorant of kernel build policies (IANA Kernel Coder), but isn't there really only one mainline kernel that's targeted for driver development?
Distros - all follow the mainline kernel, more or less. Most distros don't expect driver devs outside the kernel team to do any work on tweaking a driver for $distro - if a distro really wanted to much about with custom driver code, the kernel team (quite rightly) should request them to do it themselves. For niche cases, you get some kernel forks (uClinux for example).
Dependencies - yup, some drivers have dependencies on certain userspace libraries - linuxtv is one that springs to mind. However, let's say you're targeting kernel 1.2.3 and $distro only supports 1.2.distro-4 What doesn't happen is the hardware company writes a billion different patches, rather they write a driver for 1.2.3 and, if $distro cares enough, they'll backport it (along with upgraded userspace if needed), or just tell users to wait until the next version. Most distros often provide a way to do both.
Package types - irrelevant. Patches to the kernel aren't supplied as a .deb or whatever that Linux installs on the kernel build server. If it's not in a git branch, it'll be a tarball or a simple diff, depending on the size/complexity of the patch.
Kernel revisions - see dependencies. The beauty of providing an open source driver for your companies hardware is that once it's written and published, the FOSS community are free to keep it forwards and backwards compatible for as long as anyone cares to edit the code. As a company, your compatibility maintenance costs drop, leaving you more time to spend fixing bugs in or speeding up the functional parts of the driver.
Source code - yup, it is indeed great. Been using Linux since 2001 and I think the last time I had to resort to compiling my own kernel modules was in about 2004 (for the at-the-time hot off the presses DVB card I'd just bought), unless you count my foray with Gentoo).
As I'm sure others will have pointed out by now, there are a great deal of companies that do employ linux devs because, for the niches their hardware sits in, Linux development does make an awful lot of sense, especially in the area of server tin - Intel even provide full source for their desktop lineup to, as do a great many other manufacturers. Most are content to provide limited documentation in the event they don't wish to provide programming resources themselves.
Not to say that lots of companies don't provide Linux support because they see it as a money pit - I'm sure alot do. But getting your hardware supported under a wide variety of Linux distros is nowhere nearly as hard as your post makes out.
Video games, generally being an arbitrary collection of binary information (typically expressed by electron progression through [semi]conductive materials), have effectively zero mass and since the amount of kinetic energy inherent in any body is proportional to the square of the mass, you can only literally kill someone with a video game by using a localised black hole and/or particle accelerator to get the data to near the speed of light.
Secondary effects, such as that of the media carrying the "static" copy of the data (usually a small circular device made of hydrocarbon polymers) offer limited offensive possibilities in the terms of discus-like protectiles, or fragmented discs used as makeshift knives (although, technically, the data is no longer intact and therefore cannot be truly defined as a still being a video game). Long term exposure to phosphors emanating from cathode ray tubes sometimes used to display the visual interpretation of the data have also been linked to melenomas and/or rhomboid iris syndrome.
Hence, it seems reasonable to me that those of us who chose to travel ourselves around in disturbingly fast-moving piles of iron should have some mandatory skill at it. The worst casualty you're likely to get from computer games is someone who stoved their own head in after accidentally playing a copy of ET.
In summary:
Person with a six pack of beers in a 2-ton lump of steel travelling at 60mph == dangerous fucktard
Person with a six pack of beers on a couch playing Mario Kart with his mates == non-dangerous
The most galling thing is that I'll be willing to bet my salary that indie labels will have a very hard time getting their hands on any of the moolah. I only listen to indie labels as a result of my detestation of Big Media practices, and thanks to sites like Bleep (first no-hassle "big label" MP3 download store in the UK) I've been introduced to literally hundreds of acts that never get any exposure in the mainstream press, and have purchased entire back catalogues as a result. Maybe I'm jumping the gun and there's going to be payments allocated based on the amounts of sales you shift, but by prior performance I suspect this will be "big three" only.
Yet again, just more cartel protectionism.
Still, at least a universal tax will make downloading legal, right?
In principle, yes, it shouldn't be necessary to have to provide a big salary to attract the best teachers to the profession.
But the problem is that some of the most valuable core skills in teaching will often net you double the salary and double the prospects for promotion in the private sector than they will in your local comprehensive. Once you throw in long hours, interminable bureaucracy, very high stress and kids that really don't want to be taught and have no concept of discipline, teaching becomes a very unappealing profession to all but the most dedicated or those willing to sacrifice themselves. To me at least, any career that involves such a high degree of martyrdom is lunacy, no matter how much a kick I get out of sharing my knowledge.
Being a teacher for a private school is another matter, but the situation in many state schools is dire. And I'm one of those people who believes that a good education should be available to everyone, because in the long run it benefits everyone.
I could be wrong, but aren't region-free DVD players not only easy to come by, but actively encouraged in europe? Every time I've seen one for sale (e.g. take this example from Amazon, something like number 6 in a search for "multi region dvd player" http://www.amazon.co.uk/Philips-DVP5980-Multi-region-capable-Upscaling/dp/B000Q7ZCO6/ref=sr_1_4?ie=UTF8&s=electronics&qid=1233234235&sr=8-4 with the sequence in the first review) there's usually always been information provided to show you how to unlock the firmware. I'd assume that if it was horribly illegal, people like Amazon would take it down for fear of lawsuits...?
Anecdotally, I've also seen lots of DVD players bollocks up (freezes, stuttering, unreasonably long layer transitions) when region codes are enabled, but start working perfectly once the region-free hack has been applied - almost certainly crappy region protection firmware, but to the end user the cause is irrelevant. My parents cheap-ass DVD player even granted you access to the skip buttons during those interminably irritating "You've just bought this legitimate DVD... NOW DON'T BUY ANY PIRATE ONES YOU FILTHY THIEVING SCUM" and "Seeing as you bought this movie, we thought we'd like to remind you that this isn't the only DVD in the world and other films actually exist AND WE FEEL SO STRONGLY ABOUT THIS WE'RE GOING TO TELL YOU EVERY TIME YOU SETTLE DOWN TO WATCH A FILM" intros. My parents aren't techies, but had the nouse to google the region free sequence for it on their own simply because they wanted a way to skip all that shite.
Plus, buying other-region DVD is similarly easy in the UK (and I assume the rest of europe), if it wasn't I wouldn't buy half as much stuff as I do - there's craploads of stuff that has never been released in region 2 and I don't see why I or anyone else should have some idiotically myopic copyright lobbyist label me a criminal for trying to buy stuff.
Disclaimer: when I was a penniless student, I downloaded all sorts of stuff. Now I have a job, I've not downloaded anything illegally for years, including all the stuff I downloaded. Which included loads of things I wouldn't otherwise have watched.
I'd be interested to hear how easy it is to get hold of region free players in the US and elsewhere.
Been buying my own phones at full retail price (usually circa £300) since about 2002. Every year I get the "do you want to upgrade to a new Nokiericsung Eleventytron with LASERS?!" call, and say no (primarily because I'm damn picky about my mobiles, and 95% of the ones offered as "free" are junk with shitty flashy UIs and the battery life of a Game Gear.
Upshot? They no longer have a bargaining chip to get me to sign a new contract. They know I can get cheaper deals elsewhere and transfer my number with minimal hassle. They also know I've had the same contract for ten years. So every year, my contract gets cheaper, I get more free texts, more free calls, free minutes across europe, even bills paid for. Opposed to friends with similar contracts and usage patterns over the years who have opted to take the phone, I reckon I'm saving on the order of £150-£200/yr which, if you're happy to not always have the latest and greatest mobile, seems like a great deal to me.
Last time I did a Debian install (netinstall), it didn't give me any "defaults" apart from a kernel, base OS, login prompt and a text editor. I consider myself an experienced user, and not only does Debian make very little sway on suggesting defaults, it even makes switching away from the defaults (e.g. setting $EDITOR system-wide via system-alternatives) very easy. It's not that the defaults are bad, it's that advanced users are very used to their own particular setup, and Debian caters to this by making it easy (for advanced users ;).
Granted, I imagine if you download a full fat installation CD you might have Gnome or something on there by default, but as TFA sort-of points out, being a less desktop-focussed distro, Debian is forever destined for server tin for most users and is therefore far more likely to be doing a number of dogsbody tasks (i.e. more and more varied packages) than an ubuntu desktop machine (whose graphical package manager doesn't even include most of the packages available BUT makes things like multimedia much more streamlined than Debian).
Disclaimer: been using linux for about a decade, debian on all my servers ('cept the RH/CentOS ones at work), ubuntu on all my desktops/laptops and I love both. They're superficially similar to the extent that they feel to me a bit like XP vs Server 2003 - their strengths lie in different mutually supportive areas. Or should I rephrase that as a car analogy? ;)
As another poster pointed out, in being the domain of the sysadmin, Debian users are more likely to be pragmatic and pick the best tool for the job, which in alot of cases might invole picking, say, Kontact for email, Enlightenment as a window manager, xscreensaver for eyecandy and a bunch of other possibilities. "Newbie" users of ubuntu are, of course, more likely to go with the defaults since they're either just beginning their foray with it and rarely have explored it, or linux, that much.
£0.02
You let your kids outside? If I had my way I'd imprison irresponsible parents like you who put their kids' lives in great danger.
Personally, I've solved the entire problem by encasing my children in polycarbonate resin which forms an airtight barrier between the sanctity of the child and the outside world - such as the aforementioed tendon infections, not to mention other fatal hazards such as necrotising fasciitis, piranha bees, country and western, homosexuality and religious freedom - which your pathetic padding does absolutely NOTHING to protect them from. You can't be too careful when it comes to exposing children to the world they find themselves living in.
So far I haven't had any complaints from the kids, their behaviour has improved immensely and they've even stopped over-eating and watching TV.
mkvtoolnix?
It's a pretty nice GUI frontend to the (admittedly arcane) mkvmerge and friends that runs on windows, mac and linux. I use it all the time, and like any good CLI frontend should it tells you the command line it's using to aid in your future scripting efforts.
http://www.videohelp.com/toolsimages/mkvtoolnix_609.jpg
Dunno if mine is the exception that (dis)proves the rule or whatever, but I've had the same contract with Vodafone in the UK for just under 10 years, and I've been buying my own phones since 2001/2002. Every 12 months I get a phone call from Vodafone telling me my contract is up for renewal and would I like to upgrade my phone, every time I say no. They always (unfailingly always) offer me more and more ludicrous deals in order to keep my custom - in the form of cuts in the monthly tariff, extra free minutes, free minutes now usable in business hours, free minutes now usable across all networks, free minutes now usable in Europe off-peak, £75 rebate, no tariff for 6 months... and it's not even like I make alot of calls, and I find it impossible to go over my rolling 1000 free texts.
Anyone out there acquainted with the mobile telco industry able to inform us exactly how much of your average monthly bill is allocated to subsidising the "Oooh, Shiny!" people who get a new phone every 6-12 months?
Seriously, judging by what my friends pay for similar tariffs, I've saved myself an utter packet by buying sensible phones for ~£300 every few years rather than the flash-du-jour that most people end up with. Not trying to sound like a smug elitist prick, this originally started out as me thinking throwing away perfectly functional tech for the sake of a shinier thing distasteful, until I found out how much leverage it gave me with my contract.
Tinfoil hat: perched at a jaunty angle.
Why they are not common place I'll never understand.
Because:
a) They're expensive
b) If your details are "leaked", and you have a secure password, and you didn't lose your keyfob or leave it lying around a random IP in Russia, then the onus is on the bank to prove they didn't accidentally leak your details, rather than the current assumption that "Oh, you let people know when your birthday is/let people know what your mothers maiden name is/didn't patch windows in time for the latest 0-day/didn't patch your antivirus/look at the SSL certificate closely enough/examine your ISP DNS servers for the Kaminsky bug/reverse engineer your OS kernel to check for rootkits, therefore it's your fault your data got leaked!" - almsot all of which involve the victim having to prove a negative. My boss at work had all of these excuses come at him over the phone when his month-old debit card took about a grand out of his account before he noticed.
I asked at my bank for an account that came with a SecurID token, and was told I'd need at least 50k in order to get one. We use SecurID extensively at work, and although pricey it's not *that* expensive, especially when customers like myself are willing to fork out extra just for the privilege of helping the bank improve their security practices. The only explanations I can come up with for it not being more widespread is either due to inertia/laziness or unwillingness to publicise any data breaches so as to limit public liability.
Maybe I should take the blue pill.
Damnit, forgot to reply to the rest of your comment :)
The test I did was just a random snapshot of part of our file server copied onto our backup system; tested it with XFS, JFS and ext3 with ACL's enabled and disabled. Basically wrote a script that did repeated read/write requests on random files within the snapshot and found that the aggregate time for the ext3 + ACL's was consistently longer than JFS + ACL's - not by a huge amount (think it was only something like generally 1-2% longer than the same test without ACL's) but as I was already leaning to JFS it made my mind up.
We also use AIX at work, and JFS on our shiny POWER6 boxes is an absolute joy - much like XFS on x86 hardware perhaps, JFS feels gimped on Linux once you've seen what it can do in AIX. Lovely stuff.
Indeed, XFS under Linux - never lucky enough to get my hands on any IRIX kit but a bit before my time in any case.
As t'other poster has said, XFS was designed with bulletproof power in mind - whether IRIX boxes had battery-backed everything I don't know, but XFS has problems with any power outage since it uses system RAM extensively as a write-through cache; even a battery-backed RAID card won't help you there.
XFS is a pretty good filesystem and no mistake, I just think JFS is a better one. ext4 looks to brings most of the advantages of both into the mainstream though, which is a good thing (if several years late IMHO...!).
I've used JFS extensively for several years now, including power outages when the discs were under load - and I've never had anything fail to correctly fsck when the power came back up. fsck is also far, far faster than ext3 or XFS and CPU loading is *way* lower than XFS, whilst maintaining comparable throughput. I don't like XFS for the simple reason that if you don't have bulletproof power you will be restoring from backup. And when you've been in the job for as little as a few years you soon come to realise that *nothing* is bulletproof. Even triple-UPSed, six diesel generators, four seperate power lines and a five nines SLA with your data centre are no protection against a hung-over techie pulling the power cables from the wrong server.
JFS also gets ACL access "for free"; if you use it like I use it, as the backed for a Samba server (~300 users) with a complicated ACL structure, JFS is much faster. Last time I fiddled with ACL's under ext3, I found they introduced a small, but percetible, increase in filesystem latency - don't know if this has been fixed, but using ACLs under JFS incurs no penalties, at least as far as my testing goes [citation needed]
IMHO JFS is one of the hidden gems of Linux - fast under varying workloads, robust, frags up nowhere near as badly as ext2/3 when getting full, incredibly simple... the only downsides I'm aware of are that you can't shrink it and the fact that no-one seems to "support" it.
Agreed, there's not really much point to many of the benches.
True, all other things being equal if you have two identically performing filesystems but one ramps the CPU higher than the other for a given throughput, you'd expect the more conservative filesystem to finish the CPU-bound benchmark the quickest.
However, this is no reason to make approx. half of your tests mostly CPU/memory/graphics bound where I/O performs a minimal role. Where are the rest of the IOMeter profiles? Where's the time to do 10,000 inserts in postgres? Where's the time to create, cat and delete 1000 4kB files? How long to do an `ls` on a filesystem containing a million directories? Heck, where's even `time cp /mnt/ramdisk/testfile /mnt/ext4testdisc`? Please remember that hard disc benchmarks will be affected in normal use by the speed of the filesystem running on them.
Don't mean to rant, but Phoronix is practically one of the only sites still doing regular hardware and software reviews under Linux, just that sometimes I feel like their methodologies are totally flawed or included just for the hell of it. Either way, valid tests tend to get lost in the noise.
Would have liked to see some JFS benchmarks too, but I do realise that even mentioning JFS makes me evidently psychotic ;) I've generally found it the best performing filesystem all-round (fast as XFS where it counts but with considerably better resiliency IME), it just feels a bit like the forgotten bastard stepchild...
Maybe because at the moment there are very few applications of an Internet connection for which you'd notice the difference between 1mbit and 10mbit. ...sayeth someone who doesn't live in a shared house, in my opinion.
TBH, with web pages often reaching a megabyte when you factor in the images, I'm happy of any extra speed I can get. Three youtube/iplayer streams is enough to make a 1Mbps connection appear slow. My parents in Wales have a 2Mb line that operates at ~1Mb and when me and my sis are back for winter hols it's painfully slow. Something to do with that law of data expanding to fill all available space - as soon as broadband became widespread, lots of colossally huge pages appeared - ubiquitous flash, ever bigger and more annoying ad banners, AJAX (although this is usually compressed), high-latency links to a billion ad servers per page load (IMHO the real justification for ad blocking).
To be fair, I live in a house of four fairly heavy internet users (no-one uses P2P much but we average about 1GB of HTTP traffic a day, and that's *with* a caching proxy server and judicious null routing of ad servers). We read lots of sites, talk to alot of people, download alot of music and streaming movies. TBH when we're all using the net even the 6Mb we have can feel awfully slow, and this is from one of the UK's better ISP's (Zen Internet).
Not saying that 1Mb is useless, but to me there's certainly a huge difference between 1Mb and 10Mb for my internet/web habits, along with most of my friends, and this is before we even get started on torrents and the like.
Others have said it, but Zen are a far superior ISP to PlusNet in almost every way.
IIRC PlusNet were acquired a year or two ago by BT, with another old-skool stalwart Pipex being acquired by Tiscali - in both cases customer service bombed shortly thereafter.
Moving between alot of shared housing, I've used alot of ISP's and Zen are still the only one I'd ever recommend. Very little bullshit - they're perfectly up front about their bandwidth policies and what it'll cost you if you go over, they have by far the most reliable connection I've used on a consumer grade line, their latencies are some of the lowest in the UK and their tech support are friendly, knowledgeable (yes, really!) and you rarely spend more than a few minutes on hold. If you tell the techs "your DNS servers are down" (they never are), they'll actually say "let me just check that..." instead of forcing you through the usual rigmarole of rebooting windows, opening IE...
May sound like a bit of a gushing endorsement by a shill, but they're just so far removed from almost every other consumer broadband company yet they still seem to exist on customer goodwill alone. But then basic rule of thumb in the UK at least seems to be that if an ISP advertises on TV, they're automatically shite :) /not a Zen employee, just a happy customer