2. How exactly DOES one monitor >100mbit full-duplex traffic using only a single 100mbit port:) ? (dropped packets are a significant reality on a busy network)
Simple, you connect your firewall to a hub on each interface. You then connect your hub to the switches (or routers) that carry network traffic for each interface. On that same hub you connect your IDS, running in stealth mode. The IDS will pick up all packets, since a hub simply repeats all traffic out every port. Those packets that are dropped outbound from the firewall will be caught by the firewall syslogs. Inbound packets that are dropped are going to be of little concern if they are dropped prior to the firewall interface.
The best analogy for defending your networks is a castle. Castles have moats, walls and an inner keep, all to protect the treasures of the kingdom (jewels, the princess, etc.). But, none of that does you any good without sentries watching the moat and walls who can report to the Captain of the Watch anything out of the norm. Your network defense should consist of a hardened router(the moat), firewall and DMZ (walls), and your private networks (the keep). You should have intrusion detection systems, syslogs from routers and firewalls and regular system monitoring (sentries). All of this should be parsed by a system that provides alerts for key events (report to the Captain of the Watch) and is also checked regularly by humans.
Funny, I can have my SNORT installation log to Oracle, MSSQL Server, MySQL, PostGreSQL, etc. And I can perform vulnerability assessments, etc. By adding on ACID (from CERT) and logsnorter, I can integrate my firewall logs and view everything through a very nice web UI. Best of all, except for the hardware I run it on, and the work, my IDS and vulnerability assessment platform hasn't cost me a dime.
And your "superior SQL Server 2000" has more holes than swiss cheese, which is why I'm using MySQL in a secured, private network, for my logs.
But, at least for now, this effort is really aimed at the hardware. Today we can see the beginnings of self-healing hardware in place. Some enterprise systems can already phone home when they have a HARDWARE problem, and let the support folks know that there is a problem. And with systems like Sun's SunFire x800 series servers, the sys admin can dynamically reconfigure the system to de-allocated bad CPU's or memory, I/O boards can be removed hot, etc. So, the next logical step is for the server to de-allocate the CPU that failed itself, and send an alert, probably via SNMP, to the sys admin. By doing it dynamically the server keeps running, albeit with a reduced work capacity. Even better would be to have "spare" CPU boards in the box that could be immediately allocated to replace the failed board. All of this is possible today, with human intervention. The point is to get the system to be able to do it without human intervention.
On the software side, I think it will take a bit longer. Some things, like database optimizers, possibly can be done right now. But, my observations (I'm not a DBA) of the database world indicate that most database optimizers aren't truly self-tuning/healing. Instead they can tune or heal for known conditions and make assumptions about how you want your database optimized. Most real DBA's hate this and have to spend extra time shutting off the self-optimizing functions and then performing their own optimization for their own real world scenario.
I included maintenance contracts in my off the cuff tape library price, assuming the selection of the IBM 3584 library and a 5 year life cycle. The 500 tapes is assuming a 2:1 compression ration, not necessarily what is actually achievable.
The other thing I didn't point out is that SAN solutions that are over 5 TB are generally custom solutions architected for a very specific environment. That raises the price because you are now talking about bringing in consultants (like me) who cost you $250 to $350 an hour, and needing hundreds of their hours. You could certainly implement a bunch of NAS boxes with big ATA drives in them for a few hundred thousand. But the system would be so I/O bound that it would be of no use to anyone.
I think you're $2 million price tag is low personally, for 20 TB. I have architected several data marts and data warehouses. The price for small to medium SAN's (say up to 5 TB) is about $150/GB, giving a price for a 1 TB SAN of $153,600, or just under $800,000 for 5 TB. Once you get over 5 TB the technology changes dramatically. Things that are part of the SAN cost:
IF you use Tivoli Storage Manager for your backup/recovery solution (it uses the least tapes per GB backed up of any solution) you will need about 500 LTO tapes, at an average cost per tape of $110. That is $55,000. A tape library that can handle that many tapes online will cost you about $400,000. The software will cost you over $100,000. You see how the numbers start adding up? Throw in consultants at $300/hour (this isn't a skill set you pick up over night). 16 port fiber switches with GBIC's will cost you $25,000 each, how many of those will you need? Or do you need Director Class switches (likely), better quadruple that price for the switches. HBA's are $1500 a pop, you need two in every server, minimum, for redundancy. Your disk arrays have to extremely fast to keep up with the demand for data from the servers, or you will be I/O bound. We aren't talking about MaxAttach NAS here.
You get the point I hope. $20 million is probably reasonable actually.
Many, many posts here on this issue strike me as coming from folks who seem surprised that a wealthy corporation would fight tooth and nail to preserve the practices, legal and illegal, that made it rich.
I'm not surprised that they fight tooth and nail. I dislike their tactics, I find them to be, as I understand the law and ethics, both illegal and unethical.I am not a lawyer, so I may be wrong. But, by my ethical standards their behavior is wrong. I express that. It doesn't mean I think they will automatically stop just cause I'm upset, or because they read my post on/. I think it will take a combination of legal action and consumer action. And most likely a change of the senior executives. Leopards don't change their spots.
The reality is that no single company and computing paradigm has dominated the computer industry for more than a decade or two. This industry changes too quickly, and in ways unforeseen by the powers that be, for that to happen. I think that 5, or at most 10, years from now we will wonder why we made such a fuss about MS. Kind of like IBM in the 1960's and 1970's. A little thing called the microchip and a little upstart called Intel changed the face of computing completely and left IBM scrambling to catch up. They almost succeeded, but there was never any hope that the IBM corporate culture of the time would allow the IBM employees pushing the PC to truly be successful. MS already appears to be falling prey to the same tendency, EVEN THOUGH Bill Gates is fully aware of his history.
Chances are many people at Microsoft think they are behaving ethically, and there's a strong case for that view.
While one can make a case that MS is behaving ethically, it won't hold water any more than when Standard Oil tried to make the same case nearly a century ago.
I'm paying the same $50 for Myst 3:Exile that I paid for Riven and the original Myst. The fact is, software prices have stayed relatively constant while hardware costs were in a freefall.
Since inflation has been running at 3 to 5 percent a year, you would then expect to AT LEAST pay that much more for software, using your argument that the cost of producing software is the same or more than it was in the past. Additionally we should factor in the increases in salaries in the IT industry, especially for programmers. So, the reality is, when taking into consideration inflation and such, you are paying less, in real terms, for Myst 3 than you did for the original Myst, and it's probably a far better product (I don't play Myst, I have no idea).
Furthermore it's a buyer's market right now, because demand is down (don't believe me, check out the deals you can get on anything, from cars, to software, to computers to home electronis, to... well, I'm sure you get the point). When demand is down, the suppliers drop prices to try and sell their products. This is elementary economics, Adam Smith formulated the concept over 200 years ago. Microsoft's software continues to go up in price, not down or stay the same, at a time when the demand for the product is low. Either they missed out on how the market works in their economics classes, or they have a captive market. I'm not making this up. This was brought out in testimony during the Anti-trust trial. The Economics Professor who testified wrote a thesis on this in the mid 1980's. He was actually a Microsoft expert witness, and it was fairly embarassing when the prosecution started asking these questions. The argument is not ridiculous, it's how the market works, when you have healthy competition.
From the article: "Microsoft has been forced to make it possible to hide these programs as part of a deal it brokered with the US Department of Justice during a long-running dispute over fair competition."
I read the whole article. Statements like this sound like Microsoft is complying with a final settlement. They aren't, they are doing this on their own initiative to try and head off a stiff penalty imposed by the Judge.
In the health insurance industry, which I happen to work in, large SMP or MPP machines are used for data warehousing and fraud and abuse detection. Machines ranging from 16 to 64 CPU's (generally UltraSPARC or IBM Power). When you are dealing with claims records for 5 or 10 million beneficiaries over a 5 or 10 year time span you need a lot of processing power and disk space. The data warehouses are used for trend analysis, fraud investigation and the like. Anyone with a background in statistics knows just how much number crunching we are talking about.
One of the areas this is meaningful is data warehousing. There are three major competitors in the very large data warehousing environment and one wanna be competitor:
NCR Teradata and Worldmark MPP servers
IBM DB2 and IBM pSeries clusters (MPP again)
Sun SunFire 15K and Sybase IQ Multiplex (SMP)
Oracle is trying to compete in this space and not really succeeding. Their model is sort of MPP, based on Oracle Real Application Clusters
MPP, or massively parallel processing, is the typical solution for very large (generally anything over 3 or 4 terabytes) data warehouses. Sun and Sybase are trying hard to crack the market with their SMP (symmetric multi-processing) solution, which is actually very promising. The major benefit to SMP processing is simplicity, one server to maintain, one OS, no cluster, no cluster interconnect. With Linux potentially pushing into the large SMP space we will have the potential for competition to the MPP data warehouse solutions, which are incredibly expensive to purchase and maintain.
One of the biggest drawbacks to Linux adoption in the commercial Enterprise space is its lack of SMP scalability. If the SGI platform works out we will start seeing Linux scaling into an arena that will allow for acceptance in the Enterprise.
Well, I have to say I goofed. Yes, with Mozilla 1.1 (I have no idea about Netscape 7) it does indeed work with the MS Program Access and Defaults applet. When I first installed Win2K SP3, none of the ISV software worked with it. I hadn't upgraded Mozilla yet. I did this morning, and I can indeed make it the system default, hide IE, etc. However, IE is still there, and half the system still uses it (like Windows Explorer, for example). I was basing what I said off experience from a few weeks ago. Oh well.
But here's the real issue. I don't want to install IE or Windows Media Player. I don't like the products, and I don't like the EULA that comes with them. Since I must install them if I install Windows, I went with a better, in my opinion, solution than Microsoft's window dressing solution. I got rid of Windows on my home PC.
So, do you break the law whenever you want to unless someone forces you not to? Come on. What's with double standards. Either you obey the law, or you don't. Either you behave ethically, or you don't, irregardless of whether someone makes you do it or not. I'm not castigating the MS crew for doing what made them rich, I'm castigating them for breaking the law. These guys could have gotten rich without breaking the law. They have a fairly decent business model, their products are user friendly, by and large. The Win95 GUI is one of the best and easiest to use for a desktop operating system. It is quite possible to get rich and behave ethically. The folks running MS don't behave ethically, and that's my problem with them.
The main problem with this article is that BBC makes it sound as if there was already a final settlement in the anti-trust case. Nowhere in the entire article do they point out that there is only a proposed settlement, and that Microsoft's actions are being taken to try and forestall more restrictive penalties by the government. And, finally, the method used for "hiding" the MS software doesn't help much for those who don't want to use them because the other software manufacturers have to write their software to take advantage of the changes. Of course none have done it yet, so you actually cannot change your default browser to Netscape right now, no matter what MS says.
None of that is MS bashing. This is. MS is a monopoly. They know they are a monopoly. People like Steve Ballmer within the executive circle of MS have no intention of letting go of their monopoly. Unless Judge Kollar-Kotelly takes very restrictive and punitive measures against MS they will just continue to do this, again and again. The obvious solution, one which would actually benefit the country economically, is to first penalize the company for it's actions, and then, after the penalty phase, split the company into at least two parts, perhaps three, with each new company restricted in a fashion that will help to prevent future monopolistic behavior. The first time I bought MS Office (Office 95 Pro) its cost was 10% of the cost of a reasonable PC ($200 vs. $2,000). Now the cost of MS Office is $499 (Office XP Pro). A reasonable PC is about $1,000 (office automation, web surfing, etc. not a gaming machine). Not only is Office XP not 250% better than Office 95, it's not even 100% better. I refuse to use Office anymore. Unfortunately at work I have to, since it is our company standard. That may change, according to some rumblings I'm hearing. In the meantime I will never again spend any of my own money on MS products.
Sorry, you can't justify your crime because they did something wrong. If you use someone's wireless network, whether they secured it or not, without their permission, it is illegal. Whether their signal is interfering with your phone or not. If their wireless equipment is FCC certified and they have it set to factory defaults they aren't doing anything wrong. If that causes interference on your wireless phone, you need to complain to the FCC and the manufacturer, not try to justify illegally using your neighbor's network.
For that matter, can I bring in my own computer to work? Should they get to spy on that?
Given that the vast majority of all attacks and break ins of corporate networks are internal in nature rather than external, a company policy that you cannot use your own PC within the company network is valid. A company policy that you can bring your own PC in, but it has to be checked out by the desktop support and security admins before you can use it, and after that it has to conform to corporate PC standards, is all right. I see nothing at all wrong with that.
Run a keylogger or a sniffer against your personal PC that they allowed you to bring in? Only if they do it with all PC's in the network. If yours is being singled out, no.
I have done a bit of security consulting, mostly firewalls and intrusion detection, and in my mind sniffing hotmail or logging keystrokes is something you only do when you have a reasonable suspicion that they employee is breaking the rules. If the government were to do this to all hotmail and yahoo users on the assumption that terrorists use those services and that justifies their action the whole country would howl. I think monitoring employees across the board falls in the same category, not to mention it's a horrible waste of resources that could be focused on something else that is more productive and less controversial.
Re:Tanks are too heavy, so...
on
Electric Armor
·
· Score: 2
This new reactive armor will not alleviate the problem. Tanks carry as much armor as they do to defeat kinetic energy weapons, not shaped charge weapons. As it stands today the M1 tank is extremely difficult for ground forces to kill, even with a direct hit by a tank main gun or a heavy anti-tank missile, assuming of course that the crew is well trained. The development of rail gun, or other other advanced kinetic energy weapons, will obsolete the current armor of tanks.
I said: However, any commander who sends tanks into an urban environment deserves what he gets. US Army doctrine specifically witholds heavy armor from urban terrain.
The US Army agrees with you. That's what infantry is for. These "fancy manuevers" work well in most non urban terrain, but will not work well at all in mountains or urban settings. American commanders won't use tanks in a city. The Russian commanders who sent tanks and infantry fighting vehicles into urban terrain were guarunteeing a defeat for themselves as even semi-trained, ill-equipped guerrilla forces can defeat mechanized units in that environment.
Re:RPG's $10 and are extraordinarily widespread
on
Electric Armor
·
· Score: 2
The M1's armor is specifically designed to deal with tank main guns and heavy anti-tank missiles on it's front slope. The flank armor is designed to deal with RPG's and light cannon (like the 25 mm chain gun on the Bradley). It is sloped so that the shaped charge jet stream has two problems to deal with simultaneously. The first is that the energy is deflecting upwards due to the sloping. The second is that the lower on the turret you strike with the RPG the more armor you have to penetrate.
I had an RPG (probably an RPG-7) hit the flank of my turret during Desert Storm. It damaged a sponson box (used for tool stowage) and the paint. It did not penetrate the first layer of the armor.
Most current gen launchers allow you to set up the tripod with the missile and walk some ways away with the control box. Presto, return fire will miss you quite nicely!
Which is why the US Army has what is known as a "Sagger Drill" (Sagger was the first Soviet ATGM with stand off launch capability). At the announcement of Sagger Sagger Sagger all tank crews in a platoon (four tanks) immediately put suppressive fire on the launch site (which is quite obvious due to smoke, the missile, etc) and for 100 meters left and right. The launch signature is not negligible when using thermal sights, which M1 crews do as a matter of doctrine, night or day. At the same time all tanks pop red phosphorus smoke (defeats thermal sites) and begin moving in what's known as a "Sagger Dance", random turns left and right. This drill was originally created by the Israeli Army during the 1973 Yom Kippur war and was perfected by them and by NATO. It has proved quite effective at defeating ATGM attacks. At the same time the tank platoon leader is calling for artillery fire on the positions where the ATGM was launched from. The battalion's organic mortar platoon can usually respond to the call for fire in less than 5 minutes (that is assuming they are not ready to fire when it comes in). If they are in firing positions they can respond with at least one tube firing HE in less than 90 seconds. The mortar fire will make it dangerous, to say the least, for other ATGM crews. If the ATGM was fired from a vehicle then the tank platoon has an even easier job, accelerate, perform a movement to contact drill (punch, punch left, or punch right) and engage the enemy vehicles, while moving cross country at 30+ miles per hour.
ATGM's are effective when used in mass, with combined arms tactics. On their own they are ineffective. In urban situations they are extremely effective. However, any commander who sends tanks into an urban environment deserves what he gets. US Army doctrine specifically witholds heavy armor from urban terrain.
Over all your points are correct, but they don't take into account the abilities of a well trained tank platoon. Nor what will happen when an ATGM ambush is launched against a company team composed of 2 tank platoons and 1 infantry platoon, which is how armor companies are normally configured in combat.
Re:RPG's $10 and are extraordinarily widespread
on
Electric Armor
·
· Score: 2
The M1E1, also known as the M1 IP, the version of the M1 in production until about 1986 or so, had laminate armor equivalent to about 1100 mm of rolled homogeneous steel. The current versions, the M1A1C and M1A2 certainly have better armor, but the equivalency rating is classified.
Re:RPG's $10 and are extraordinarily widespread
on
Electric Armor
·
· Score: 2
Yes, but when your computer character dies you go get a beer. When you decide to go head to head with a real M1 and all you have is four RPG's and are successful, let me know.
Slashdot Mirror
There's a better article about SNORT and ACID on LinuxWorld. Also, if you want to investigate SNORT, check out the following links:
2. How exactly DOES one monitor >100mbit full-duplex traffic using only a single 100mbit port :) ? (dropped packets are a significant reality on a busy network)
Simple, you connect your firewall to a hub on each interface. You then connect your hub to the switches (or routers) that carry network traffic for each interface. On that same hub you connect your IDS, running in stealth mode. The IDS will pick up all packets, since a hub simply repeats all traffic out every port. Those packets that are dropped outbound from the firewall will be caught by the firewall syslogs. Inbound packets that are dropped are going to be of little concern if they are dropped prior to the firewall interface.
The best analogy for defending your networks is a castle. Castles have moats, walls and an inner keep, all to protect the treasures of the kingdom (jewels, the princess, etc.). But, none of that does you any good without sentries watching the moat and walls who can report to the Captain of the Watch anything out of the norm. Your network defense should consist of a hardened router(the moat), firewall and DMZ (walls), and your private networks (the keep). You should have intrusion detection systems, syslogs from routers and firewalls and regular system monitoring (sentries). All of this should be parsed by a system that provides alerts for key events (report to the Captain of the Watch) and is also checked regularly by humans.
Funny, I can have my SNORT installation log to Oracle, MSSQL Server, MySQL, PostGreSQL, etc. And I can perform vulnerability assessments, etc. By adding on ACID (from CERT) and logsnorter, I can integrate my firewall logs and view everything through a very nice web UI. Best of all, except for the hardware I run it on, and the work, my IDS and vulnerability assessment platform hasn't cost me a dime.
And your "superior SQL Server 2000" has more holes than swiss cheese, which is why I'm using MySQL in a secured, private network, for my logs.
But, at least for now, this effort is really aimed at the hardware. Today we can see the beginnings of self-healing hardware in place. Some enterprise systems can already phone home when they have a HARDWARE problem, and let the support folks know that there is a problem. And with systems like Sun's SunFire x800 series servers, the sys admin can dynamically reconfigure the system to de-allocated bad CPU's or memory, I/O boards can be removed hot, etc. So, the next logical step is for the server to de-allocate the CPU that failed itself, and send an alert, probably via SNMP, to the sys admin. By doing it dynamically the server keeps running, albeit with a reduced work capacity. Even better would be to have "spare" CPU boards in the box that could be immediately allocated to replace the failed board. All of this is possible today, with human intervention. The point is to get the system to be able to do it without human intervention.
On the software side, I think it will take a bit longer. Some things, like database optimizers, possibly can be done right now. But, my observations (I'm not a DBA) of the database world indicate that most database optimizers aren't truly self-tuning/healing. Instead they can tune or heal for known conditions and make assumptions about how you want your database optimized. Most real DBA's hate this and have to spend extra time shutting off the self-optimizing functions and then performing their own optimization for their own real world scenario.
I included maintenance contracts in my off the cuff tape library price, assuming the selection of the IBM 3584 library and a 5 year life cycle. The 500 tapes is assuming a 2:1 compression ration, not necessarily what is actually achievable.
The other thing I didn't point out is that SAN solutions that are over 5 TB are generally custom solutions architected for a very specific environment. That raises the price because you are now talking about bringing in consultants (like me) who cost you $250 to $350 an hour, and needing hundreds of their hours. You could certainly implement a bunch of NAS boxes with big ATA drives in them for a few hundred thousand. But the system would be so I/O bound that it would be of no use to anyone.
- Disk Arrays
- Fiber Channel infrastructure (i.e. switches, HBA's, etc.)
- Tape Libraries
- Tapes
- Storage Management Software
- Backup/Recovery Software
- Disaster Recovery
- Ethernet and Fiber network management tools
- Raised Floor space, power, air
- People costs, including consultants
IF you use Tivoli Storage Manager for your backup/recovery solution (it uses the least tapes per GB backed up of any solution) you will need about 500 LTO tapes, at an average cost per tape of $110. That is $55,000. A tape library that can handle that many tapes online will cost you about $400,000. The software will cost you over $100,000. You see how the numbers start adding up? Throw in consultants at $300/hour (this isn't a skill set you pick up over night). 16 port fiber switches with GBIC's will cost you $25,000 each, how many of those will you need? Or do you need Director Class switches (likely), better quadruple that price for the switches. HBA's are $1500 a pop, you need two in every server, minimum, for redundancy. Your disk arrays have to extremely fast to keep up with the demand for data from the servers, or you will be I/O bound. We aren't talking about MaxAttach NAS here.You get the point I hope. $20 million is probably reasonable actually.
Many, many posts here on this issue strike me as coming from folks who seem surprised that a wealthy corporation would fight tooth and nail to preserve the practices, legal and illegal, that made it rich.
I'm not surprised that they fight tooth and nail. I dislike their tactics, I find them to be, as I understand the law and ethics, both illegal and unethical.I am not a lawyer, so I may be wrong. But, by my ethical standards their behavior is wrong. I express that. It doesn't mean I think they will automatically stop just cause I'm upset, or because they read my post on /. I think it will take a combination of legal action and consumer action. And most likely a change of the senior executives. Leopards don't change their spots.
The reality is that no single company and computing paradigm has dominated the computer industry for more than a decade or two. This industry changes too quickly, and in ways unforeseen by the powers that be, for that to happen. I think that 5, or at most 10, years from now we will wonder why we made such a fuss about MS. Kind of like IBM in the 1960's and 1970's. A little thing called the microchip and a little upstart called Intel changed the face of computing completely and left IBM scrambling to catch up. They almost succeeded, but there was never any hope that the IBM corporate culture of the time would allow the IBM employees pushing the PC to truly be successful. MS already appears to be falling prey to the same tendency, EVEN THOUGH Bill Gates is fully aware of his history.
Chances are many people at Microsoft think they are behaving ethically, and there's a strong case for that view.
While one can make a case that MS is behaving ethically, it won't hold water any more than when Standard Oil tried to make the same case nearly a century ago.
I'm paying the same $50 for Myst 3:Exile that I paid for Riven and the original Myst. The fact is, software prices have stayed relatively constant while hardware costs were in a freefall.
Since inflation has been running at 3 to 5 percent a year, you would then expect to AT LEAST pay that much more for software, using your argument that the cost of producing software is the same or more than it was in the past. Additionally we should factor in the increases in salaries in the IT industry, especially for programmers. So, the reality is, when taking into consideration inflation and such, you are paying less, in real terms, for Myst 3 than you did for the original Myst, and it's probably a far better product (I don't play Myst, I have no idea).
Furthermore it's a buyer's market right now, because demand is down (don't believe me, check out the deals you can get on anything, from cars, to software, to computers to home electronis, to ... well, I'm sure you get the point). When demand is down, the suppliers drop prices to try and sell their products. This is elementary economics, Adam Smith formulated the concept over 200 years ago. Microsoft's software continues to go up in price, not down or stay the same, at a time when the demand for the product is low. Either they missed out on how the market works in their economics classes, or they have a captive market. I'm not making this up. This was brought out in testimony during the Anti-trust trial. The Economics Professor who testified wrote a thesis on this in the mid 1980's. He was actually a Microsoft expert witness, and it was fairly embarassing when the prosecution started asking these questions. The argument is not ridiculous, it's how the market works, when you have healthy competition.
From the article: "Microsoft has been forced to make it possible to hide these programs as part of a deal it brokered with the US Department of Justice during a long-running dispute over fair competition."
I read the whole article. Statements like this sound like Microsoft is complying with a final settlement. They aren't, they are doing this on their own initiative to try and head off a stiff penalty imposed by the Judge.
In the health insurance industry, which I happen to work in, large SMP or MPP machines are used for data warehousing and fraud and abuse detection. Machines ranging from 16 to 64 CPU's (generally UltraSPARC or IBM Power). When you are dealing with claims records for 5 or 10 million beneficiaries over a 5 or 10 year time span you need a lot of processing power and disk space. The data warehouses are used for trend analysis, fraud investigation and the like. Anyone with a background in statistics knows just how much number crunching we are talking about.
I have two words too. Hitachi Lightning! Incredible bandwidth to the disks, very redundant, and better priced than Symmetrix.
One of the areas this is meaningful is data warehousing. There are three major competitors in the very large data warehousing environment and one wanna be competitor:
- NCR Teradata and Worldmark MPP servers
- IBM DB2 and IBM pSeries clusters (MPP again)
- Sun SunFire 15K and Sybase IQ Multiplex (SMP)
- Oracle is trying to compete in this space and not really succeeding. Their model is sort of MPP, based on Oracle Real Application Clusters
MPP, or massively parallel processing, is the typical solution for very large (generally anything over 3 or 4 terabytes) data warehouses. Sun and Sybase are trying hard to crack the market with their SMP (symmetric multi-processing) solution, which is actually very promising. The major benefit to SMP processing is simplicity, one server to maintain, one OS, no cluster, no cluster interconnect. With Linux potentially pushing into the large SMP space we will have the potential for competition to the MPP data warehouse solutions, which are incredibly expensive to purchase and maintain.One of the biggest drawbacks to Linux adoption in the commercial Enterprise space is its lack of SMP scalability. If the SGI platform works out we will start seeing Linux scaling into an arena that will allow for acceptance in the Enterprise.
Well, I have to say I goofed. Yes, with Mozilla 1.1 (I have no idea about Netscape 7) it does indeed work with the MS Program Access and Defaults applet. When I first installed Win2K SP3, none of the ISV software worked with it. I hadn't upgraded Mozilla yet. I did this morning, and I can indeed make it the system default, hide IE, etc. However, IE is still there, and half the system still uses it (like Windows Explorer, for example). I was basing what I said off experience from a few weeks ago. Oh well.
But here's the real issue. I don't want to install IE or Windows Media Player. I don't like the products, and I don't like the EULA that comes with them. Since I must install them if I install Windows, I went with a better, in my opinion, solution than Microsoft's window dressing solution. I got rid of Windows on my home PC.
So, do you break the law whenever you want to unless someone forces you not to? Come on. What's with double standards. Either you obey the law, or you don't. Either you behave ethically, or you don't, irregardless of whether someone makes you do it or not. I'm not castigating the MS crew for doing what made them rich, I'm castigating them for breaking the law. These guys could have gotten rich without breaking the law. They have a fairly decent business model, their products are user friendly, by and large. The Win95 GUI is one of the best and easiest to use for a desktop operating system. It is quite possible to get rich and behave ethically. The folks running MS don't behave ethically, and that's my problem with them.
The main problem with this article is that BBC makes it sound as if there was already a final settlement in the anti-trust case. Nowhere in the entire article do they point out that there is only a proposed settlement, and that Microsoft's actions are being taken to try and forestall more restrictive penalties by the government. And, finally, the method used for "hiding" the MS software doesn't help much for those who don't want to use them because the other software manufacturers have to write their software to take advantage of the changes. Of course none have done it yet, so you actually cannot change your default browser to Netscape right now, no matter what MS says.
None of that is MS bashing. This is. MS is a monopoly. They know they are a monopoly. People like Steve Ballmer within the executive circle of MS have no intention of letting go of their monopoly. Unless Judge Kollar-Kotelly takes very restrictive and punitive measures against MS they will just continue to do this, again and again. The obvious solution, one which would actually benefit the country economically, is to first penalize the company for it's actions, and then, after the penalty phase, split the company into at least two parts, perhaps three, with each new company restricted in a fashion that will help to prevent future monopolistic behavior. The first time I bought MS Office (Office 95 Pro) its cost was 10% of the cost of a reasonable PC ($200 vs. $2,000). Now the cost of MS Office is $499 (Office XP Pro). A reasonable PC is about $1,000 (office automation, web surfing, etc. not a gaming machine). Not only is Office XP not 250% better than Office 95, it's not even 100% better. I refuse to use Office anymore. Unfortunately at work I have to, since it is our company standard. That may change, according to some rumblings I'm hearing. In the meantime I will never again spend any of my own money on MS products.
Sorry, you can't justify your crime because they did something wrong. If you use someone's wireless network, whether they secured it or not, without their permission, it is illegal. Whether their signal is interfering with your phone or not. If their wireless equipment is FCC certified and they have it set to factory defaults they aren't doing anything wrong. If that causes interference on your wireless phone, you need to complain to the FCC and the manufacturer, not try to justify illegally using your neighbor's network.
For that matter, can I bring in my own computer to work? Should they get to spy on that?
Given that the vast majority of all attacks and break ins of corporate networks are internal in nature rather than external, a company policy that you cannot use your own PC within the company network is valid. A company policy that you can bring your own PC in, but it has to be checked out by the desktop support and security admins before you can use it, and after that it has to conform to corporate PC standards, is all right. I see nothing at all wrong with that.
Run a keylogger or a sniffer against your personal PC that they allowed you to bring in? Only if they do it with all PC's in the network. If yours is being singled out, no.
I have done a bit of security consulting, mostly firewalls and intrusion detection, and in my mind sniffing hotmail or logging keystrokes is something you only do when you have a reasonable suspicion that they employee is breaking the rules. If the government were to do this to all hotmail and yahoo users on the assumption that terrorists use those services and that justifies their action the whole country would howl. I think monitoring employees across the board falls in the same category, not to mention it's a horrible waste of resources that could be focused on something else that is more productive and less controversial.
This new reactive armor will not alleviate the problem. Tanks carry as much armor as they do to defeat kinetic energy weapons, not shaped charge weapons. As it stands today the M1 tank is extremely difficult for ground forces to kill, even with a direct hit by a tank main gun or a heavy anti-tank missile, assuming of course that the crew is well trained. The development of rail gun, or other other advanced kinetic energy weapons, will obsolete the current armor of tanks.
I said: However, any commander who sends tanks into an urban environment deserves what he gets. US Army doctrine specifically witholds heavy armor from urban terrain.
The US Army agrees with you. That's what infantry is for. These "fancy manuevers" work well in most non urban terrain, but will not work well at all in mountains or urban settings. American commanders won't use tanks in a city. The Russian commanders who sent tanks and infantry fighting vehicles into urban terrain were guarunteeing a defeat for themselves as even semi-trained, ill-equipped guerrilla forces can defeat mechanized units in that environment.
The M1's armor is specifically designed to deal with tank main guns and heavy anti-tank missiles on it's front slope. The flank armor is designed to deal with RPG's and light cannon (like the 25 mm chain gun on the Bradley). It is sloped so that the shaped charge jet stream has two problems to deal with simultaneously. The first is that the energy is deflecting upwards due to the sloping. The second is that the lower on the turret you strike with the RPG the more armor you have to penetrate.
I had an RPG (probably an RPG-7) hit the flank of my turret during Desert Storm. It damaged a sponson box (used for tool stowage) and the paint. It did not penetrate the first layer of the armor.
Most current gen launchers allow you to set up the tripod with the missile and walk some ways away with the control box. Presto, return fire will miss you quite nicely!
Which is why the US Army has what is known as a "Sagger Drill" (Sagger was the first Soviet ATGM with stand off launch capability). At the announcement of Sagger Sagger Sagger all tank crews in a platoon (four tanks) immediately put suppressive fire on the launch site (which is quite obvious due to smoke, the missile, etc) and for 100 meters left and right. The launch signature is not negligible when using thermal sights, which M1 crews do as a matter of doctrine, night or day. At the same time all tanks pop red phosphorus smoke (defeats thermal sites) and begin moving in what's known as a "Sagger Dance", random turns left and right. This drill was originally created by the Israeli Army during the 1973 Yom Kippur war and was perfected by them and by NATO. It has proved quite effective at defeating ATGM attacks. At the same time the tank platoon leader is calling for artillery fire on the positions where the ATGM was launched from. The battalion's organic mortar platoon can usually respond to the call for fire in less than 5 minutes (that is assuming they are not ready to fire when it comes in). If they are in firing positions they can respond with at least one tube firing HE in less than 90 seconds. The mortar fire will make it dangerous, to say the least, for other ATGM crews. If the ATGM was fired from a vehicle then the tank platoon has an even easier job, accelerate, perform a movement to contact drill (punch, punch left, or punch right) and engage the enemy vehicles, while moving cross country at 30+ miles per hour.
ATGM's are effective when used in mass, with combined arms tactics. On their own they are ineffective. In urban situations they are extremely effective. However, any commander who sends tanks into an urban environment deserves what he gets. US Army doctrine specifically witholds heavy armor from urban terrain.
Over all your points are correct, but they don't take into account the abilities of a well trained tank platoon. Nor what will happen when an ATGM ambush is launched against a company team composed of 2 tank platoons and 1 infantry platoon, which is how armor companies are normally configured in combat.
The M1E1, also known as the M1 IP, the version of the M1 in production until about 1986 or so, had laminate armor equivalent to about 1100 mm of rolled homogeneous steel. The current versions, the M1A1C and M1A2 certainly have better armor, but the equivalency rating is classified.
Yes, but when your computer character dies you go get a beer. When you decide to go head to head with a real M1 and all you have is four RPG's and are successful, let me know.