You're misunderstanding Alan Cox's message. The way djb is suggesting is to chroot() to somewhere empty and then drop root privileges so you can't chroot() again.
(It's really unfortunate that you have to be root to chroot() to start with.)
The 1970 rule of thumb is well known but isn't meant to be taken entirely seriously. It's a good starting assumption, though, unless you have evidence to show that you're looking at something truly new. (I guess one candidate would be anything to do with fractals, which weren't really discovered back in 1970.)
In this case, hypertext was demonstrated by Douglas Engelbart in his famous 1968 demonstration, and certainly dates to before that.
It depends what you mean by 'stress'... if by having redundant power supplies to withstand power outages, and that kind of physical thing, then yes.
If you just mean parallel processing and not collapsing under heavy load, well, that's mostly a software issue. Even the cheesiest and nastiest consumer hard disk today has more sustained throughput than a mainframe disk of thirty years ago. I am sure that most cellphone operating systems wouldn't cope too well if you tried running ten thousand Java applets for data entry, yet a single mainframe with text terminals could cope. However this is software not hardware. Run a system 370 emulator on your PC, find some way to connect the terminals, and it'll hum along just fine. The main difference between a PC and a mainframe is reliability, not speed.
FTR - I talked to someone I know who works in this area and this is what he said:
Well normally producers get credits for producing the same amount of electricity in a less carbon intensive way (e.g. improving a power station so that it burns less coal, building a windfarm etc) but in this case, the credits actually come for using less electricity (energy efficiency on the demand side) so in that case, the credits would go to the entity that is implementing the efficiency measures that produce the saving. The electricity companies wouldn't claim this, partly because they are not really involved and have no way of accurately measuring the savings, which would occur on the site of the consumer.
So hopefully no double counting!
In this case they are actually issuing 'energy efficiency certificates' (probably a US state or federal programme that rewards energy efficiency measures using tradable certificates) so not really 'carbon credits' as such (the amount of greenhouse gases saved would depend on how carbon intensive is the electricity in the electricity grid). Real 'carbon credits' are measured in tonnes of CO2 equivalent, whereas these are measured in terms on megawatt hours of electricity saved.
People had their own little sandbox in the old days too. If you were paying large sums for an account on a timesharing system, you'd want to be sure that some idiot wasn't chewing all your CPU time or memory. And you certainly wouldn't want other people having access to your files. Hence the elaborate systems to virtualize and isolate each instance, and quota out system resources fairly.
Please remember that in computing, nothing new has been invented since 1970.
Granting carbon credits for cutting your electricity bill seems like double-counting to me. The whole point is meant to be that the carbon quotas apply at the point where carbon dioxide is emitted. For example, a coal-fired power station could close down and be replaced by a tidal power station, generating carbon credits which can be sold on. If in turn a user of electricity gets credited for using less (even though the power they are buying didn't generate carbon to start with), that is clearly bogus.
So if only the producer of CO2 emissions must pay for carbon emissions (or get subsidized for reducing them, which amounts to the same thing in marginal cost terms), how is there any incentive for people to cut electricity use? Because the cost of buying CO2 quota is passed down as part of their electricity bill. The economic incentive for moving to a more efficient computer is a lower power bill, just as it's always been.
In a sense you are right, but taking that definition makes it very hard to pin down anything as corruption; even a government could argue that everything it does (for example, suppressing news reporting of bad news) is in the national interest in the long term. So I think a better definition is that any corrupt practice, such as offering bribes, is corruption, even if it does serve the interests of the corporation doing it.
Both offering and receiving a bribe is corruption. (Not just 'anti-competitive behaviour', which in itself is not a crime.) But there is no evidence that Microsoft offered a bribe in this or any other case.
Awesome! Now to get a refund from those sneaky 'gigabit Ethernet' vendors who are offering 7% less network capacity than promised, or the dishonest processor makers selling '2.4 gigahertz' chips...
Anti-competitive behaviour is not the same as corruption. Again - do you have any evidence at all that Microsoft has been offering bribes even once, let alone 'throughout the entire history of the company'?
It may be completely obvious to you that Microsoft is corrupt and a bully, and a lot of people on Slashdot agree with that, but if you want to convince others you need a much higher standard of proof. So let's see some evidence, please.
I can think of the OOXML standardization debacle but nothing points to that being corruption rather than just lobbying.
The comments on the blog posting provide the clearest possible proof that the Mandriva user community doesn't really have two brain cells to rub together. A shame, because back in the day Linux-Mandrake was a good distribution and its userbase wasn't entirely composed of ranting cluebies. Choice picks:
Stupid for Nigeria, now that South Africa uses Ubunta; they'll surely get hacked.
This letter needs to be followed up. I urge the readers to send this to your local attorney-general or comparable legal authority.
Wait until they discover Windoze still runs on top of DOS and uses Winsock DLL for communications. ROTFLMAO
Has anyone provided the tiniest bit of evidence that Microsoft paid the Nigerian government? Or even that they had any influence at all in the decision? Plenty of people install Windows on a PC without a personal visit from Steve Ballmer, just as you and I run Linux without Linus's personal intervention. Perhaps the Nigerians just decided they like Windows more.
'Someone' might object to content in Wikipedia, but not anyone whose opinion I care about. I see no reason to cower behind an anonymous name for fear of offending 'someone'.
In totalitarian countries it may be different. But even there you need a way to measure reputation and track individual users, if only to distinguish between real people and astroturf campaigns by government supporters. It's a hard problem.
That's exactly the point. If you're not prepared to stand by your contribution under your real name, and have it be part of the public record that you wrote it, then you can't add it to Citizendium. (You can of course post on thousands of other websites such as this one.)
IMHO, using your real name isn't so much about hard accountability, having someone to sue, or other legalistic FUD. It's more about setting an appropriate atmosphere for discussion, where you remember that the Internet is a part of the real world rather than separate from it, and that online discussion is a conversation between real people and not avatars or cyber-personalities. You'd use your real name if you were contributing code to Linux, or writing a letter to a newspaper; contributing to an online knowledge base should be no different.
Perhaps in some Office Space corporate environment having an online presence could lose you a job. I think it is more likely to help you get one. When I get CVs through for possible new hires I like to Google the candidate's name and see what he has contributed online. Someone who is a total nonentity with zero relevant hits doesn't impress me much.
It is, perhaps, a superb improvement on what there was before - binary, undocumented file formats. Yes, Microsoft OOXML is a bit crap. But if you're used to struggling to decode proprietary office formats (as de Icaza is; he wrote Gnumeric) then it must seem like a big leap forwards. There are lots of rather crufty standards which are used only because of the large adopted base - like Internet mail, for example.
'superb' is going a bit far - but OOXML is not as terrible as people paint it to be. Because it's from Microsoft it's pretty guaranteed to get a bad press on places like Slashdot. You should read de Icaza's Slashdot comment on the subject.
As new threats to freedom are identified, we should try to defend against them. Switching to a new licence is a hassle, but would you rather ignore the problem?
The GPL's goal is to make sure the software is free for all its users (not just free for some of them depending on whether the vendor deigned to give them the needed hardware keys or patent licences). That simple goal has not changed. If the licence text has become more complex, that is because the threats it needs to overcome have become more complex.
As long as you licence your code under 'GPLv3 or later', there won't be a big problem when the next attack on freedom comes and GPLv4 becomes necessary.
Yes, hardware virtualization opens up new possibilities for exploits, but the discussion was about whether running a virtualization layer makes you more secure on the hardware you already have. Given a particular PC, which presumably has the virtualization instructions built into its CPU by Intel or AMD, will it be more secure running plain OpenBSD, or running OpenBSD on top of some hypervisor?
If you choose not to run a virtualization layer, that doesn't (as far as I know) make you any safer from rootkits like Blue Pill.
If you run a virtualization layer, that doesn't (as far as I know) make you more vulnerable to rootkits.
In any case, a rootkit can work only once you've already compromised the system. What happens once the system is compromised is not really relevant; we take it for granted that an attacker with root access can do anything he or she wants. The question of security mostly hinges on preventing someone from getting the unauthorized access in the first place.
So I don't think that the existence of these rootkits is an argument to say that virtualization layers will increase or decrease security.
Yup - do lots of computations in parallel across the whole length of the molecule and it makes a lot of sense. A single Turing machine with a tiny number of states doesn't.
Wolfram's hype about molecular computers is hogwash. Yes, any molecular computer would need to be simple and follow simple rules like a Turing machine. But there's no way you'd actually build one using the Turing machine structure, moving left and right along a linear tape. The simplest algorithms taking linear time on an ordinary general-purpose computer can take quadratic time or worse when implemented on a one-dimensional Turing machine. A TM is a universal computer in that it can imitate any other, but that doesn't say anything about how long it will take to do so. Any finite number of steps is fine, no matter how slow. A TM is a thought experiment, not a device for practical computing.
If you really built a molecular device you'd surely build a machine for a specific application, rather than making a general-purpose programmable molecule and then feeding it an input program laboriously written out on an N-colour tape.
That said, this is a nifty theoretical achievement - finding arguably the simplest universal computer possible - and who knows, perhaps the small definition of this TM will allow others to prove further things about computation in general.
Universal didn't request the shutdown of the whole site, only that it stop distributing works still under US copyright. I think the site was hosted in Canada, so the legality of this is arguable (IANAL); but anyway, closing the whole site was the site owner's choice, since he didn't have time to carefully remove all of the still-copyright works.
I've read the replies posted so far and the vast majority of the problems are with tightened security in Vista tripping up many programs that are badly written (or well written, but based on bad security assumptions). This actually encourages me to upgrade. I am pleased that Microsoft is finally doing something about the Windows security mess with installers writing random files all over the filesystem and apps that expect admin rights by default.
Slashdot Mirror
You're misunderstanding Alan Cox's message. The way djb is suggesting is to chroot() to somewhere empty and then drop root privileges so you can't chroot() again.
(It's really unfortunate that you have to be root to chroot() to start with.)
In his pockets he had $9,000,000M million American USD dollars in his pockets.
The 1970 rule of thumb is well known but isn't meant to be taken entirely seriously. It's a good starting assumption, though, unless you have evidence to show that you're looking at something truly new. (I guess one candidate would be anything to do with fractals, which weren't really discovered back in 1970.)
In this case, hypertext was demonstrated by Douglas Engelbart in his famous 1968 demonstration, and certainly dates to before that.
It depends what you mean by 'stress'... if by having redundant power supplies to withstand power outages, and that kind of physical thing, then yes.
If you just mean parallel processing and not collapsing under heavy load, well, that's mostly a software issue. Even the cheesiest and nastiest consumer hard disk today has more sustained throughput than a mainframe disk of thirty years ago. I am sure that most cellphone operating systems wouldn't cope too well if you tried running ten thousand Java applets for data entry, yet a single mainframe with text terminals could cope. However this is software not hardware. Run a system 370 emulator on your PC, find some way to connect the terminals, and it'll hum along just fine. The main difference between a PC and a mainframe is reliability, not speed.
FTR - I talked to someone I know who works in this area and this is what he said:
People had their own little sandbox in the old days too. If you were paying large sums for an account on a timesharing system, you'd want to be sure that some idiot wasn't chewing all your CPU time or memory. And you certainly wouldn't want other people having access to your files. Hence the elaborate systems to virtualize and isolate each instance, and quota out system resources fairly.
Please remember that in computing, nothing new has been invented since 1970.
Granting carbon credits for cutting your electricity bill seems like double-counting to me. The whole point is meant to be that the carbon quotas apply at the point where carbon dioxide is emitted. For example, a coal-fired power station could close down and be replaced by a tidal power station, generating carbon credits which can be sold on. If in turn a user of electricity gets credited for using less (even though the power they are buying didn't generate carbon to start with), that is clearly bogus.
So if only the producer of CO2 emissions must pay for carbon emissions (or get subsidized for reducing them, which amounts to the same thing in marginal cost terms), how is there any incentive for people to cut electricity use? Because the cost of buying CO2 quota is passed down as part of their electricity bill. The economic incentive for moving to a more efficient computer is a lower power bill, just as it's always been.
In a sense you are right, but taking that definition makes it very hard to pin down anything as corruption; even a government could argue that everything it does (for example, suppressing news reporting of bad news) is in the national interest in the long term. So I think a better definition is that any corrupt practice, such as offering bribes, is corruption, even if it does serve the interests of the corporation doing it.
Both offering and receiving a bribe is corruption. (Not just 'anti-competitive behaviour', which in itself is not a crime.) But there is no evidence that Microsoft offered a bribe in this or any other case.
Awesome! Now to get a refund from those sneaky 'gigabit Ethernet' vendors who are offering 7% less network capacity than promised, or the dishonest processor makers selling '2.4 gigahertz' chips...
I'll get one when it can print something almost, but not quite, entirely unlike tea.
Anti-competitive behaviour is not the same as corruption. Again - do you have any evidence at all that Microsoft has been offering bribes even once, let alone 'throughout the entire history of the company'?
It may be completely obvious to you that Microsoft is corrupt and a bully, and a lot of people on Slashdot agree with that, but if you want to convince others you need a much higher standard of proof. So let's see some evidence, please.
I can think of the OOXML standardization debacle but nothing points to that being corruption rather than just lobbying.
The comments on the blog posting provide the clearest possible proof that the Mandriva user community doesn't really have two brain cells to rub together. A shame, because back in the day Linux-Mandrake was a good distribution and its userbase wasn't entirely composed of ranting cluebies. Choice picks:
Stupid for Nigeria, now that South Africa uses Ubunta; they'll surely get hacked.
This letter needs to be followed up. I urge the readers to send this to your local attorney-general or comparable legal authority.
Wait until they discover Windoze still runs on top of DOS and uses Winsock DLL for communications. ROTFLMAO
Has anyone provided the tiniest bit of evidence that Microsoft paid the Nigerian government? Or even that they had any influence at all in the decision? Plenty of people install Windows on a PC without a personal visit from Steve Ballmer, just as you and I run Linux without Linus's personal intervention. Perhaps the Nigerians just decided they like Windows more.
'Someone' might object to content in Wikipedia, but not anyone whose opinion I care about. I see no reason to cower behind an anonymous name for fear of offending 'someone'.
In totalitarian countries it may be different. But even there you need a way to measure reputation and track individual users, if only to distinguish between real people and astroturf campaigns by government supporters. It's a hard problem.
That's exactly the point. If you're not prepared to stand by your contribution under your real name, and have it be part of the public record that you wrote it, then you can't add it to Citizendium. (You can of course post on thousands of other websites such as this one.)
IMHO, using your real name isn't so much about hard accountability, having someone to sue, or other legalistic FUD. It's more about setting an appropriate atmosphere for discussion, where you remember that the Internet is a part of the real world rather than separate from it, and that online discussion is a conversation between real people and not avatars or cyber-personalities. You'd use your real name if you were contributing code to Linux, or writing a letter to a newspaper; contributing to an online knowledge base should be no different.
Perhaps in some Office Space corporate environment having an online presence could lose you a job. I think it is more likely to help you get one. When I get CVs through for possible new hires I like to Google the candidate's name and see what he has contributed online. Someone who is a total nonentity with zero relevant hits doesn't impress me much.
It is, perhaps, a superb improvement on what there was before - binary, undocumented file formats. Yes, Microsoft OOXML is a bit crap. But if you're used to struggling to decode proprietary office formats (as de Icaza is; he wrote Gnumeric) then it must seem like a big leap forwards. There are lots of rather crufty standards which are used only because of the large adopted base - like Internet mail, for example.
'superb' is going a bit far - but OOXML is not as terrible as people paint it to be. Because it's from Microsoft it's pretty guaranteed to get a bad press on places like Slashdot. You should read de Icaza's Slashdot comment on the subject.
I think that Gusty Gibbon might not have the very letast version of the Lunix kernle.
As new threats to freedom are identified, we should try to defend against them. Switching to a new licence is a hassle, but would you rather ignore the problem?
The GPL's goal is to make sure the software is free for all its users (not just free for some of them depending on whether the vendor deigned to give them the needed hardware keys or patent licences). That simple goal has not changed. If the licence text has become more complex, that is because the threats it needs to overcome have become more complex.
As long as you licence your code under 'GPLv3 or later', there won't be a big problem when the next attack on freedom comes and GPLv4 becomes necessary.
Yes, hardware virtualization opens up new possibilities for exploits, but the discussion was about whether running a virtualization layer makes you more secure on the hardware you already have. Given a particular PC, which presumably has the virtualization instructions built into its CPU by Intel or AMD, will it be more secure running plain OpenBSD, or running OpenBSD on top of some hypervisor?
If you choose not to run a virtualization layer, that doesn't (as far as I know) make you any safer from rootkits like Blue Pill.
If you run a virtualization layer, that doesn't (as far as I know) make you more vulnerable to rootkits.
In any case, a rootkit can work only once you've already compromised the system. What happens once the system is compromised is not really relevant; we take it for granted that an attacker with root access can do anything he or she wants. The question of security mostly hinges on preventing someone from getting the unauthorized access in the first place.
So I don't think that the existence of these rootkits is an argument to say that virtualization layers will increase or decrease security.
Yup - do lots of computations in parallel across the whole length of the molecule and it makes a lot of sense. A single Turing machine with a tiny number of states doesn't.
Wolfram's hype about molecular computers is hogwash. Yes, any molecular computer would need to be simple and follow simple rules like a Turing machine. But there's no way you'd actually build one using the Turing machine structure, moving left and right along a linear tape. The simplest algorithms taking linear time on an ordinary general-purpose computer can take quadratic time or worse when implemented on a one-dimensional Turing machine. A TM is a universal computer in that it can imitate any other, but that doesn't say anything about how long it will take to do so. Any finite number of steps is fine, no matter how slow. A TM is a thought experiment, not a device for practical computing.
If you really built a molecular device you'd surely build a machine for a specific application, rather than making a general-purpose programmable molecule and then feeding it an input program laboriously written out on an N-colour tape.
That said, this is a nifty theoretical achievement - finding arguably the simplest universal computer possible - and who knows, perhaps the small definition of this TM will allow others to prove further things about computation in general.
Universal didn't request the shutdown of the whole site, only that it stop distributing works still under US copyright. I think the site was hosted in Canada, so the legality of this is arguable (IANAL); but anyway, closing the whole site was the site owner's choice, since he didn't have time to carefully remove all of the still-copyright works.
I've read the replies posted so far and the vast majority of the problems are with tightened security in Vista tripping up many programs that are badly written (or well written, but based on bad security assumptions). This actually encourages me to upgrade. I am pleased that Microsoft is finally doing something about the Windows security mess with installers writing random files all over the filesystem and apps that expect admin rights by default.