Very helpful, but of course, if someone can modify the binary that is getting distributed, what would stop them from modifying the checksum?
Gentoo includes the checksum in its ports tree which is stored locally, rather than downloading it at the time of installation. It's certainly possible that the checksum would be made of a trojaned port and committed to the ports tree, but the window of opportunity for such an attack is relatively slim -- basically it's only possible when the port is being created, and presumably the maintainers are somewhat diligent about looking out for this sort of thing.
When installing a port, Gentoo checks the (locally stored) checksum against the tarball it has retrieved from the authoritative source.
(Those familiar with Gentoo should feel free to substitute "ebuild" for "port" and "portage" for "the ports tree".)
If a manufacturer can produce on his already written off obsolete production line at the request of a large buyer (this means they will sell *everything*) he can produce at a very low cost with a very small overhead, so the buyer can get very low prices.
I see your point, but just to play Devil's advocate here: what's stopping Intel/Nvidia or whoever from gouging the heck out of Microsoft on pricing for the Xbox's particular processor/motherboard?
If I (as a hypothetical large manufacturer) know that Microsoft needs to buy a product whose supply I control, I certainly might be tempted to maximize profits regardless of whether or not my actual cost to produce the part had come down over time.
Nvidia almost certainly won't adopt such a strategy; they need Microsoft much more than Microsoft needs them, and the near certainty that Microsoft would go with ATI for Xbox2 if Nvidia didn't cater to Microsoft's needs is undoubtedly a strong argument in favor of passing along any and all cost savings.
Intel can probably afford to be a little less tractable, though I imagine if AMD weren't such a constant threat (at least on the performance level) they might be more inclined to reap the maximum possible benefits and even increase the price of their processors as time went by.
Many of the parts are quite OLD. That includes the hard drive, RAM, CPU, and now even the GPU.
The problem with this is your assumption that as computer parts get older, they get cheaper. While this would likely be the case if companies like Intel continued to produce the same volume of their older chips while simultaneously producing newer and faster ones, this is not what happens in the industry.
As manufacturers introduce newer products, they steadily ramp down production on older models, for obvious reasons -- they have a limited production capacity, and there is no point in using most of it on obsolete products that are no longer in high demand. Thus, while the price on e.g. a Pentium 800 will decline as faster processors come out, it will never converge on $0. At some point the manufacturer will halt and even increase the cost of the part to compensate for the revenue they may have gained making a better/faster model.
Go visit www.pricewatch.com and look at the CPU prices. Sure, for the most part the Pentium IIIs cost less than the Pentium 4s, but not uniformly so (ignoring the Tualatin models which are a special case). Compare particularly the Pentium 4 1.5 GHz part with the Pentium III 850.
Same holds for hard drives. You're not going to find a new hard drive for under $50 regardless of whether or not models with 3x the capacity are available for $10 more.
And don't even start with RAM -- the prices there are quite volatile and as likely to increase as not, though certainly the long term trend is down. Older most definitely does not equal cheaper in this area, either.
So yes, it's true that Microsoft's costs have gone down, but I would argue that the decline in costs is not as significant as you seem to believe, and certainly far from being "dirt cheap."
If you photocopy a page out of a book from the library, is that _stealing_? No. But it is copyright infringement (unless you have permission), and copyright infringement is illegal.
Whether or not it is copyright infringement depends on a number of factors, even in your hypothetical example:
The length of the book. One page out of 4,000 would be more likely to be considered fair use, one page out of three not so likely.
Your purpose in making the copy. Academic research, review, and several other purposes are specifically excluded from being considered copyright infringement on the face of it, although there are certainly limits.
Finally, the copyright status of the book is important. Shakespeare's works have long since passed into the public domain, so a photocopy of a few lines from one of the Bard's plays is not copyright infringement. Copying the footnotes, on the other hand, might be, since those were likely written much more recently.
Notice that for any of these fair uses, I don't have to contact anyone for permission at all. Your attitude, that any copying without the copyright holder's express consent automatically equals copyright infringement, is the same mentality that the RIAA and MPAA are trying to promote.
But presently this is not true, at least for non-digital works, and our fair use rights are important enough that we should not willingly adopt the notion that any "unauthorized" use is automatically infringing and illegal.
Would be nice if it was more like ssh where you need not coorporations manipulating ignorant web surfers with big warnings.
Actually, SSL with self-signed certificates is very much like SSH. Ever noticed that the first time you connect to a given hostname, ssh makes a big fuss about how it's never dealt with that host/IP combo before and asks you explicitly if you want to trust it?
The same thing happens with SSL if your certificates aren't signed by a CA. The dialog box that appears states that no one is vouching for the identity of this host and asks you if you want to trust it anyhow. Actually I believe Mozilla now has an option where you can ignore future warnings from the site, meaning it functions much like ssh: warns you the first time if it's someone it hasn't dealt with before, and then encrypts the channel and moves on.
The reason this isn't considered ideal is that encrypted communications is only half the goal; remember SSL is about securing e-commerce, not encrypting shell sessions. So there's another objective: certifying the identity of the server you're connected to. It's all very well if your connection to the online pet food store is encrypted, but if someone has poisoned your DNS entries then what you believe is the pet food store might just be a hacker lying in wait to record credit card numbers for orders his unsuspecting victims place.
Encryption doesn't help you if you can't trust the guy on the other end of the line. Note that this is true even in the case of ssh; if someone has root access on your destination machine it is trivial to capture your password and any other information you send.
Certificates are there to solve this trust problem. How is our erstwhile pet food shopper supposed to know whether his destination is the 'real' petsfoodonline.com he has seen advertised everywhere? Well, simple: a certification authority who performs some form of identity verification has issued a certificate saying that petsfoodonline.com is in fact responsible for the server you're connected to.
Does this prevent all scams? Of course not. You still don't know if petsfoodonline is really trustworthy, nor can you be 100% sure that someone hasn't simply stolen the certificate from that server and set it up on one they control. Certification authorities are part of the security process, not the entire thing. End users and server admins still have significant responsibility.
Without CAs it would be more challenging to determine who to trust online. Some sort of distributed web-of-trust application could probably ease that burden substantially, but then companies would need to win the trust of thousands of independent webs rather than simply paying a flat fee. Thus the CAs, for online vendors, are simply one of the costs of doing business.
That said, I am sure CAs charge more than what it costs them to provide their service, as I don't think their identity checking is all too thorough. What might be preferable is if different classes of certificates existed: higher security for online shopping/banking; lower security and lower cost for general opt-in type services such as webmail. The browser padlock icon could change colors to reflect this or perhaps have a number superimposed on it, or something. Companies could pay more for a higher level of certification, and vendors could charge significantly more for their highest levels. Such a hypothetical ultra-secure rating could even involve a security audit of the target servers and a risk analysis of likelihood of intrusion, rather than merely being a "pay us this and we'll tell everyone you're awesome" option. But I don't see this happening any time soon.
Personally, I use self-signed certificates, and instruct my users to simply add my CA to their Trusted CAs (which is fairly easy to do and no one has had trouble with it.) The main problem with this is that it doesn't scale, to multiple users, whereas the main problem with CAs is that they don't scale (cost-effectively) to multiple servers.
How exactly is the behavior you are complaining about -- inaccuracies in headline and submitter comments and delayed coverage of old news -- atypical for Slashdot? One might argue that they are very much old hat for regular readers.
More to the point, you're wrong about many of the 'issues' you raise. Point two, that it is called (null) instead of null, is just being pedantic, and I am quite skeptical regarding its accuracy.
If one were inclined to pick nits, one might observe that the theme is Bluecurve, not "Blue Curve", but I'm feeling generous and so I'll let it pass.
And finally, in case you missed it, there was a story about Red Hat 8.0 on Monday, when it was released. I have no idea why there's another one, but the story was reported as news when it actually was news, and here it is again.
One of the joys of Slashdot is that over the days and months and years, you see familiar stories reappear and can recapture the joy you felt when reading them initially. The main page is like an endless parade of friendly faces, each one smiling and saying, "It's been a while. Take a break, read me again, let's catch up."
I have always believed that this happens because the editors firmly believe, like Faulkner before them, that there are truly no new stories. In the vast span of human existence, tales of greed and altruism, life and death, nobility and depravity, wonder and Red Hat point releases, have all been played out countless times in the same familiar manner. Only the faces change. To my mind this is a very humanistic sentiment, and I cherish those editors who recognize this fundamental truth of our existence.
Or as this guy has done. IDE controlers. Some of which alow up to 4 chanels (I.e. 8 drives). I actualy built a test server with over a terabyte of storage space.
I am sure you are already aware of this, but for those who aren't: performance wise, it's not a good idea to attach more than one IDE drive to a given channel. You will lose a solid 30% of your performance, easily.
So while IDE is certainly the cheapest way to exceed a terabyte in storage, it might be better to use a controller like 3Ware's Escalade 7800/7850, which offers 8 IDE channels on one card, decent performance, and excellent Linux support to boot. The main drawback being that it costs significantly more than a two channel Promise card.
Disclaimer: I do not work for 3Ware, though I am a satisfied customer of theirs (own an Escalade 6400).
This is wildly off-topic, but so it goes. I have a question about the various distributed computing Cancer Research projects. How is the intellectual property (new cancer fighting molecule blueprints, or what not) handled?
With distributed.net there weren't really any such concerns, and they were very clear about the breakdown of prize money. United Devices seems far less open about their plans for the IP generated. Don't get me wrong -- I'm not looking for a cut of the profits or anything so crass, and I concede that it's nearly certain that I or someone I know will get cancer at some point, meaning an argument could be made that participating is in my own best interest.
And yet the question still bothers me. If the government wanted to raise my taxes by $50 a year so they could give the money to a private company who claimed it could produce a cure for cancer eventually, I would frown upon that. Sure, the government sticks me for larger amounts going to less important causes.
The fact remains that the company (United Devices) or university (Stanford) stands to make quite a lot of money if the project is successful. Yet, if their success owes everything to millions of people willing to donate CPU cycles in the hopes of finding a cure, why should that cure then become their sole property? Because they took a few risks? Setting up a website, getting the word out, and writing a simple client is surely not enough to overshadow and minimize the importance of the contributions others made.
Basically, I would be eager to participate, but I would want some form of written, public assurance that if a cure is found, it will be made available at cost to the millions of people who need it, not encumbered with patents that drive the price to stratospheric levels. United Devices mentions that $37 billion is spent on cancer-fighting drugs; I'd like to know that they plan on substantially reducing that figure, rather than trying to simply get in on a piece of the action with the cancer-fighting molecules crafted for them by millions of unpaid volunteers.
Would I donate CPU cycles to help the makers of Tylenol come up with an improved painkiller? Hardly. I doubt you would find many takers. So, their goals are different. What if they told you it was to be an improved painkiller that also prevented cancer? And that the effort might produce several lucrative painkiller-only drugs along the way to a painkiller-cancer-fighter drug?
My point is that if both United Devices and Tylenol intend to reap all the profits from the labor of others, there is no real difference between the two.
It's not all about what kde / gnome has done wrong to make life a living hell for new users
Come on people, try and have a little freakin perspective here. "Life a living hell for new users"? Yeah, sure. Somehow I don't think this Red Hat build would've made it out of Quality Assurance if this were the case. I can picture it now:
Project Lead: So, what do our testers in QA think of Red Hat 8.0?
QA Manager: Oh, it's great! They love the ease of installation, the sexy new themes, the way it's easy to find the program they are looking for, whether it be a web browser or a word processor.
Project Lead: Any complaints?
QA Manager: Well, ordinarily I wouldn't bring this up, but since you asked, 99 out of 100 testers say the minor alterations to KDE, such as making the slipshod KOffice suite harder to launch so they can marvel over what a terrible job of opening Word documents it does, and changing a couple About boxes they have never opened, have made their life a living hell. Never mind that this is just a day job, no sir -- it's hell for them 24/7 and no getting past that. Most say they can no longer sleep at night, as their dreams are haunted by emaciated KDE developers crying out in anguish. One claimed his dog bolted from his house, never to be seen again, after Mozilla came up instead of Konqueror. Another got into a terrible accident because he was so preoccupied with guilt over his part in butchering KDE.
Project Lead: Oh that's terrible! We must not release this distro into the world! Quick, let's start over. I hear Slackware and Gentoo are doing great things on the ease of use front.
QA Manager: Yes sir! Our focus groups have reported that secretaries and housewives everywhere wish their computing experience included more compiling software for a 0.00001% increase in speed and less out-of-the-box functionality. Not that we could really go so far as to call Red Hat 8.0 "functional" with so many life-is-a-living-hell bugs plaguing it.
No, I wasn't. I stand corrected. I believe I was thinking about another game, possibly UT 2003, which was going to ship with Windows + Linux binaries in the box, with the Mac version to follow by Christmas. I think it's commendable that Blizzard got a Mac version out so quickly; as I recall there have been significant delays before certain titles (Starcraft?) made an appearance on the Macintosh platform.
I apologize for my error. I hope it didn't detract too much from my point, which was largely that Wine isn't as much of a lost cause as people sometimes suggest.
Linux + Wine -- very weak on the windows side too many things don't run correctly
I'm curious as to what it is that Wine can't handle under Linux. Personally, I feel that Windows shines in two major areas: its Office suite, and its games.
Now, Codeweavers Wine can run Office 2000 really well; I haven't tried the freely downloadable version, but as I believe Codeweavers contributes all their improvements back to the Wine project under the GPL, I imagine it runs Office also. Codeweavers Wine also runs Lotus Notes, Visio, and Internet Explorer 5.5.
A year or so ago IE on Linux would've been a no-brainer; now, with Mozilla in such nice shape, it's hard to get too excited about that possibility. But it does exist.
As for games, well, Transgaming's WineX is currently exceeding many people's expectations with regard to DirectX gaming on Linux. Heck, they had Warcraft 3 working within a couple weeks after it launched. Where's Warcraft 3 for OSX? Thought so. Combined with recent vendor support for Linux (Neverwinter Nights, Unreal Tournament 2003, Doom 3 when it is released) things are looking up on the native front as well.
So characterizing "Linux + Wine" as very weak is grossly unfair. Of the 20 or so applications I run under Windows on a regular basis, I'd say more than half work readily enough under Linux + Wine, and solid replacements are available for most of the rest (Gaim for AIM, Mozilla for IE, native ssh for PuTTY, etc.)
About the only major products I can think of that still don't run are Adobe's line (Photoshop, Illustrator, Premiere, Pagemaker, etc), and honestly I haven't attempted to get them working. I could be wrong, but I'm sure that if Wine has progressed to the point where it can run Microsoft's prized applications, it can probably handle third-party apps that are less intertwined with the inner workings of Windows.
I would say all that's preventing Linux from being truly competitive on the desktop is a little more third party support (Adobe ports would be awesome) and a little more spit and polish for the GUIs. Red Hat's decision to focus more effort on the desktop segment undoubtedly heralds good things for this area in the future.
In short, I think you're wrong to dismiss Wine out of hand. I also think the main thing OSX gives you is a pretty interface, which is great if that's what you want, but not necessarily wonderful in the "bang-for-your-buck" department.
I'll stick to Linux, keep my free software principles, and save my money for those who give back to the community. Like the Wine projects and Red Hat. And meanwhile I too will have a PC that "just works," and I won't have to sound like a PR plant whenever I post, to boot.
Solaris 2.9, the current release, contains many single-identity tools, but they're all add-ons to the basic OS rather than being truly integrated with it. I think that Solaris 3.0 will change all that...
Correct me if I'm wrong, but isn't Solaris on version 9 or something? Someone who knows more about Solaris than I do want to tackle this?
Who needs a warranty, you ask? Well (and I say this without intending to be patronizing) it's obvious you've never had an encounter with a truly awful line of hard drives.
Funny the story should be about Western Digital. You see, earlier this year I purchased a 40 GB Western Digital hard drive when setting up a new computer. Within a matter of weeks the drive had developed a click of death.
I RMA'd it and got a replacement. The replacement lasted only 5 days before it developed a similar problem. Unfortunately, between the time I had ordered the first drive and the time the first drive had failed, I had set up a server-type system with another of these Western Digital 40 GB drives.
At this point I was genuinely worried, as of the three 40 GB WD drives I had encountered, two had died on me. I decided to pursue a RAID-1 option for my server, though I also concluded that the 40 GB WD drives were not reliable enough to be trusted even in a RAID-1 configuration. It seemed likely both would fail. I searched Google for stories about 40 GB drives (at the time these had the best price/capacity ratio) from each of the major manufacturers. Seagate came up without any horror stories, so I bought a couple of their drives. However, while I was installing the Seagates, the WD 40 GB drive decided its time had come and developed the click of death. It's been 6 months and neither of those Seagate drives have failed.
Meanwhile, back to the WD drive. The second one having failed, I set about trying to have it RMA'd. Unfortunately, WD had sent me a replacement drive which was no longer under warranty. This was predictably unfuriating, yet there was nothing I could do -- Western Digital would not provide a replacement for a drive whose serial number indicated it was no longer warrantied, period. Furthermore, the failed 40 GB drive from the server was *also* not under warranty, despite being purchased only a little over a month in the past and dated May 2001.
I replaced it with a Seagate drive, at my own expense. A couple months later, a friend of mine had his hard drive crash during a game of Warcraft. He brought it over and I swapped his crashed drive with a spare Seagate 40 GB disk I had available. I told him not to worry about paying me back, as his drive was the same size and from June 2001, and thus presumably under warranty.
Unfortunately, the manufacturer of the drive was none other than Western Digital. And, wonder of wonders, the drive was also not covered by warranty, despite being only a little over a year old.
There are a couple conclusions you should draw from this. First, never buy a Western Digital 40 GB hard disk. Also never be generous and replace a friend's failed Western Digital 40 GB hard disk with one from a reliable vendor expecting to receive a replacement for his defective disk.
Second, it's quite likely that hard disk vendors are already covertly removing warranty coverage from products that are simply too unreliable to support cost-effectively. In all honesty I was amazed to see that Western Digital claimed to offer a "3 year manufacturer warranty", when I have two very real and very defective drives only a little over a year in age which are not covered by their 3 year warranty.
I am not accusing Western Digital of being more unreliable than is average, but every manufacturer has a bad line now and again. Warranties are there to prevent customers from getting screwed. Reducing warranty protection to one year is nearly as bad as eliminating it entirely -- don't forget that a lot of drives aren't going to sell right away.
So it isn't a question of letting the drive run for 4 years and then replacing it when it fails. It's a question of whether or not the $120 you spent on a recent model is going to get flushed straight down the toilet when it fails 3 days after purchase and the manufacturer won't provide a warranty replacement and the store insists that the manufacturer has sole responsibility for any warranty issues.
My own personal opinion is that the US is at the top of world super powers, with China in a distant second (thanks to it being basicially a 3rd world country with some 1st world technology) and the EU in a far distant third (simply due to their many varied opinions thanks to the fact that they are in fact different countries).
I understand that you are using "3rd world country" in the popular sense of meaning "poor backwards country with an unpleasant/unstable government structure," but this is not a correct use of the term.
Actually, the "world" designations date to the Cold War era you discuss; the USA and its allies (essentially, Europe and Japan) were the First World nations. The USSR and its allies (Eastern Europe, numerous others) formed the Second World nations. Every other country got lumped into the generic Third World category.
Given this, I would say that for a while China was a Second World nation, and has since become a First World one, as they are essentially an ally of the United States at this point.
In summation: the First/Second/Third World categories are (obsolete) political designations, not economic ones.
Actually, calling it "sci-fi" is generally frowned upon. The Sci-Fi Channel, for instance, is a great example of true "sci-fi". Glitzy (cheesy?), over-the-top, all-for-effect, thoughtless mass-media crap.
I have seen an amusing alternative pronunciation for "sci-fi" that I can't source at the moment, though it may or may not have been Locus. I read that some SF writers like to pronounce it "skiffy," to emphasize their disdain for the label. Works for me, and it's fun to say, too.
The cryptographic handshake ISN'T a metaphor. It's what's actually happening AS he unlocks the car with his remote.
You are wrong. If it was a description of events, the line in question would read something like:
As he aimed his remote at it and initiated the cryptographic handshake, unlocking the doors, he spotted the guy leaning against the car.
The author's use of "i.e." -- which unabbreviated is "id est" in Latin, or "that is" in English -- means that the sentence should be read as follows:
As he aimed his remote at it and initiated the cryptographic handshake -- that is to say, he unlocked the doors -- he spotted the guy leaning against the car.
As the sentence was written, this latter reading is the correct one. Thus "cryptographic handshake" is a metaphor, thus I can criticize it on those grounds.
Poor writing.
on
0wnz0red
·
· Score: 2, Interesting
Maybe it's just my dislike of l33t-speak in general, but I think this story is atrocious. No, really. Take this example from the second page:
As he aimed his remote at it and initiated the cryptographic handshake -- i.e., unlocked the doors -- he spotted the guy leaning against the car.
Come on! "Cryptographic handshake" as a metaphor for unlocking a car door? Here's a quick writing lesson: if your metaphor is so abstruse that you have to explain it immediately thereafter, you should just cut it.
The writer is clearly enthralled by his own cleverness and understanding of computer lingo past the point where he could be expected to construct a narrative that normal people might enjoy.
Consider the paragraph on the first page where he mentions that the protagonist loses commit privileges on CVS. I know what CVS is, but that's beside the point. I shouldn't have to, because CVS doesn't relate to the story at all! The story is filled with little things like that, things that conspire to make it inaccessible to the average reader for no discernible reason, unless that reason is to heighten its appeal to the (presumed) minority of those interested in computers who give a damn about keeping the average user out of their party.
It's like the whole thing was written by someone who goes around calling everyone uninvolved in the computer industry "sheeple" or "lusers" and automatically assumes that they don't get it, for various definitions of "it", just because their existence doesn't revolve around a microprocessor.
Personally I think the use of l33t-speak is symptomatic of such a juvenile mentality, and should have been a major red flag. If this guy is one of SF's bright young stars, give me the old luminaries any day of the week.
RAID 5 is not for performance. It's only for data integrity. Yes it does stripe but sucks for general I/O. If you want performance use striping w/o parity.
Untrue. All commonly used levels of RAID (0,1,5,1+0) can offer some performance boost. RAID 0 is typically the highest-performing, but is completely lacking in redundancy and is unattractive for that reason. With RAID 1 you can get increased read speeds (more targets to read from). RAID 5 also offers better read/write speed, although you usually need dedicated hardware to offset the performance hit from the parity calculations. RAID 0+1 gives you faster reads and faster writes, and scales really nicely in terms of performance and reliability.
You had fenceposts?! Such opulence! In my day we only had fence rails! We would have killed for fenceposts!
And we had none of those fancy-shmancy printouts you kids are raving about these days. No, sir, we had rocks -- rocks with illegible binary output scrawled on them with a piece of chalk! And we liked it!
I don't mean to be critical, but I think your third step needs a little work. Honestly, how far can you throw a monitor? Especially one of the newer, 75 pound CRT monsters? It'll just land on the ground a few feet away from your building, and it'll be pretty obvious where it came from.
Thus I have taken the liberty of revising your list:
Open Windows
Look out for children/animals. (Either for targets, or non-targets.)
In the world I live, procedural is dead... and in the future I move into oo is allready left behind us, as there are far more efficient ways: aspect oriented and subject oriented programming for instance.
Personally, I'm holding out for Programmer Oriented Programming, in which I sit back drinking coffee whilst the IDE orders me a pizza, plays a random selection of my favorite music and monitors Slashdot for new articles.
POP -- not efficient, not maintainable, but very good for morale.
Or, no -- wait! Surely it couldn't be that this is just another manifestation of My CPU's Got More Megahertz Than Yours syndrome?
Gee, or maybe it could be that the people interested in getting one of the new 40x burners don't actually have a 32x burner already, or even one at all! Could it be that such people might appreciate a review that evaluates the current top performers and recommends the best value for their money?
Oh, I forgot. Your post is just a manifestation of the "My Computer's Now Outdated and Since I Can't Brag Any More All I Can Do is Whine About How Mine Still Works Just Great" syndrome.
Slashdot Mirror
Gentoo includes the checksum in its ports tree which is stored locally, rather than downloading it at the time of installation. It's certainly possible that the checksum would be made of a trojaned port and committed to the ports tree, but the window of opportunity for such an attack is relatively slim -- basically it's only possible when the port is being created, and presumably the maintainers are somewhat diligent about looking out for this sort of thing.
When installing a port, Gentoo checks the (locally stored) checksum against the tarball it has retrieved from the authoritative source.
(Those familiar with Gentoo should feel free to substitute "ebuild" for "port" and "portage" for "the ports tree".)
I see your point, but just to play Devil's advocate here: what's stopping Intel/Nvidia or whoever from gouging the heck out of Microsoft on pricing for the Xbox's particular processor/motherboard?
If I (as a hypothetical large manufacturer) know that Microsoft needs to buy a product whose supply I control, I certainly might be tempted to maximize profits regardless of whether or not my actual cost to produce the part had come down over time.
Nvidia almost certainly won't adopt such a strategy; they need Microsoft much more than Microsoft needs them, and the near certainty that Microsoft would go with ATI for Xbox2 if Nvidia didn't cater to Microsoft's needs is undoubtedly a strong argument in favor of passing along any and all cost savings.
Intel can probably afford to be a little less tractable, though I imagine if AMD weren't such a constant threat (at least on the performance level) they might be more inclined to reap the maximum possible benefits and even increase the price of their processors as time went by.
The problem with this is your assumption that as computer parts get older, they get cheaper. While this would likely be the case if companies like Intel continued to produce the same volume of their older chips while simultaneously producing newer and faster ones, this is not what happens in the industry.
As manufacturers introduce newer products, they steadily ramp down production on older models, for obvious reasons -- they have a limited production capacity, and there is no point in using most of it on obsolete products that are no longer in high demand. Thus, while the price on e.g. a Pentium 800 will decline as faster processors come out, it will never converge on $0. At some point the manufacturer will halt and even increase the cost of the part to compensate for the revenue they may have gained making a better/faster model.
Go visit www.pricewatch.com and look at the CPU prices. Sure, for the most part the Pentium IIIs cost less than the Pentium 4s, but not uniformly so (ignoring the Tualatin models which are a special case). Compare particularly the Pentium 4 1.5 GHz part with the Pentium III 850.
Same holds for hard drives. You're not going to find a new hard drive for under $50 regardless of whether or not models with 3x the capacity are available for $10 more.
And don't even start with RAM -- the prices there are quite volatile and as likely to increase as not, though certainly the long term trend is down. Older most definitely does not equal cheaper in this area, either.
So yes, it's true that Microsoft's costs have gone down, but I would argue that the decline in costs is not as significant as you seem to believe, and certainly far from being "dirt cheap."
Whether or not it is copyright infringement depends on a number of factors, even in your hypothetical example:
Notice that for any of these fair uses, I don't have to contact anyone for permission at all. Your attitude, that any copying without the copyright holder's express consent automatically equals copyright infringement, is the same mentality that the RIAA and MPAA are trying to promote.
But presently this is not true, at least for non-digital works, and our fair use rights are important enough that we should not willingly adopt the notion that any "unauthorized" use is automatically infringing and illegal.
Actually, SSL with self-signed certificates is very much like SSH. Ever noticed that the first time you connect to a given hostname, ssh makes a big fuss about how it's never dealt with that host/IP combo before and asks you explicitly if you want to trust it?
The same thing happens with SSL if your certificates aren't signed by a CA. The dialog box that appears states that no one is vouching for the identity of this host and asks you if you want to trust it anyhow. Actually I believe Mozilla now has an option where you can ignore future warnings from the site, meaning it functions much like ssh: warns you the first time if it's someone it hasn't dealt with before, and then encrypts the channel and moves on.
The reason this isn't considered ideal is that encrypted communications is only half the goal; remember SSL is about securing e-commerce, not encrypting shell sessions. So there's another objective: certifying the identity of the server you're connected to. It's all very well if your connection to the online pet food store is encrypted, but if someone has poisoned your DNS entries then what you believe is the pet food store might just be a hacker lying in wait to record credit card numbers for orders his unsuspecting victims place.
Encryption doesn't help you if you can't trust the guy on the other end of the line. Note that this is true even in the case of ssh; if someone has root access on your destination machine it is trivial to capture your password and any other information you send.
Certificates are there to solve this trust problem. How is our erstwhile pet food shopper supposed to know whether his destination is the 'real' petsfoodonline.com he has seen advertised everywhere? Well, simple: a certification authority who performs some form of identity verification has issued a certificate saying that petsfoodonline.com is in fact responsible for the server you're connected to.
Does this prevent all scams? Of course not. You still don't know if petsfoodonline is really trustworthy, nor can you be 100% sure that someone hasn't simply stolen the certificate from that server and set it up on one they control. Certification authorities are part of the security process, not the entire thing. End users and server admins still have significant responsibility.
Without CAs it would be more challenging to determine who to trust online. Some sort of distributed web-of-trust application could probably ease that burden substantially, but then companies would need to win the trust of thousands of independent webs rather than simply paying a flat fee. Thus the CAs, for online vendors, are simply one of the costs of doing business.
That said, I am sure CAs charge more than what it costs them to provide their service, as I don't think their identity checking is all too thorough. What might be preferable is if different classes of certificates existed: higher security for online shopping/banking; lower security and lower cost for general opt-in type services such as webmail. The browser padlock icon could change colors to reflect this or perhaps have a number superimposed on it, or something. Companies could pay more for a higher level of certification, and vendors could charge significantly more for their highest levels. Such a hypothetical ultra-secure rating could even involve a security audit of the target servers and a risk analysis of likelihood of intrusion, rather than merely being a "pay us this and we'll tell everyone you're awesome" option. But I don't see this happening any time soon.
Personally, I use self-signed certificates, and instruct my users to simply add my CA to their Trusted CAs (which is fairly easy to do and no one has had trouble with it.) The main problem with this is that it doesn't scale, to multiple users, whereas the main problem with CAs is that they don't scale (cost-effectively) to multiple servers.
How exactly is the behavior you are complaining about -- inaccuracies in headline and submitter comments and delayed coverage of old news -- atypical for Slashdot? One might argue that they are very much old hat for regular readers.
More to the point, you're wrong about many of the 'issues' you raise. Point two, that it is called (null) instead of null, is just being pedantic, and I am quite skeptical regarding its accuracy.
If one were inclined to pick nits, one might observe that the theme is Bluecurve, not "Blue Curve", but I'm feeling generous and so I'll let it pass.
And finally, in case you missed it, there was a story about Red Hat 8.0 on Monday, when it was released. I have no idea why there's another one, but the story was reported as news when it actually was news, and here it is again.
One of the joys of Slashdot is that over the days and months and years, you see familiar stories reappear and can recapture the joy you felt when reading them initially. The main page is like an endless parade of friendly faces, each one smiling and saying, "It's been a while. Take a break, read me again, let's catch up."
I have always believed that this happens because the editors firmly believe, like Faulkner before them, that there are truly no new stories. In the vast span of human existence, tales of greed and altruism, life and death, nobility and depravity, wonder and Red Hat point releases, have all been played out countless times in the same familiar manner. Only the faces change. To my mind this is a very humanistic sentiment, and I cherish those editors who recognize this fundamental truth of our existence.
Kudos to you, Slashdot staff!
I am sure you are already aware of this, but for those who aren't: performance wise, it's not a good idea to attach more than one IDE drive to a given channel. You will lose a solid 30% of your performance, easily.
So while IDE is certainly the cheapest way to exceed a terabyte in storage, it might be better to use a controller like 3Ware's Escalade 7800/7850, which offers 8 IDE channels on one card, decent performance, and excellent Linux support to boot. The main drawback being that it costs significantly more than a two channel Promise card.
Disclaimer: I do not work for 3Ware, though I am a satisfied customer of theirs (own an Escalade 6400).
With distributed.net there weren't really any such concerns, and they were very clear about the breakdown of prize money. United Devices seems far less open about their plans for the IP generated. Don't get me wrong -- I'm not looking for a cut of the profits or anything so crass, and I concede that it's nearly certain that I or someone I know will get cancer at some point, meaning an argument could be made that participating is in my own best interest.
And yet the question still bothers me. If the government wanted to raise my taxes by $50 a year so they could give the money to a private company who claimed it could produce a cure for cancer eventually, I would frown upon that. Sure, the government sticks me for larger amounts going to less important causes.
The fact remains that the company (United Devices) or university (Stanford) stands to make quite a lot of money if the project is successful. Yet, if their success owes everything to millions of people willing to donate CPU cycles in the hopes of finding a cure, why should that cure then become their sole property? Because they took a few risks? Setting up a website, getting the word out, and writing a simple client is surely not enough to overshadow and minimize the importance of the contributions others made.
Basically, I would be eager to participate, but I would want some form of written, public assurance that if a cure is found, it will be made available at cost to the millions of people who need it, not encumbered with patents that drive the price to stratospheric levels. United Devices mentions that $37 billion is spent on cancer-fighting drugs; I'd like to know that they plan on substantially reducing that figure, rather than trying to simply get in on a piece of the action with the cancer-fighting molecules crafted for them by millions of unpaid volunteers.
Would I donate CPU cycles to help the makers of Tylenol come up with an improved painkiller? Hardly. I doubt you would find many takers. So, their goals are different. What if they told you it was to be an improved painkiller that also prevented cancer? And that the effort might produce several lucrative painkiller-only drugs along the way to a painkiller-cancer-fighter drug?
My point is that if both United Devices and Tylenol intend to reap all the profits from the labor of others, there is no real difference between the two.
Come on people, try and have a little freakin perspective here. "Life a living hell for new users"? Yeah, sure. Somehow I don't think this Red Hat build would've made it out of Quality Assurance if this were the case. I can picture it now:
Project Lead: So, what do our testers in QA think of Red Hat 8.0?
QA Manager: Oh, it's great! They love the ease of installation, the sexy new themes, the way it's easy to find the program they are looking for, whether it be a web browser or a word processor.
Project Lead: Any complaints?
QA Manager: Well, ordinarily I wouldn't bring this up, but since you asked, 99 out of 100 testers say the minor alterations to KDE, such as making the slipshod KOffice suite harder to launch so they can marvel over what a terrible job of opening Word documents it does, and changing a couple About boxes they have never opened, have made their life a living hell. Never mind that this is just a day job, no sir -- it's hell for them 24/7 and no getting past that. Most say they can no longer sleep at night, as their dreams are haunted by emaciated KDE developers crying out in anguish. One claimed his dog bolted from his house, never to be seen again, after Mozilla came up instead of Konqueror. Another got into a terrible accident because he was so preoccupied with guilt over his part in butchering KDE.
Project Lead: Oh that's terrible! We must not release this distro into the world! Quick, let's start over. I hear Slackware and Gentoo are doing great things on the ease of use front.
QA Manager: Yes sir! Our focus groups have reported that secretaries and housewives everywhere wish their computing experience included more compiling software for a 0.00001% increase in speed and less out-of-the-box functionality. Not that we could really go so far as to call Red Hat 8.0 "functional" with so many life-is-a-living-hell bugs plaguing it.
I apologize for my error. I hope it didn't detract too much from my point, which was largely that Wine isn't as much of a lost cause as people sometimes suggest.
I'm curious as to what it is that Wine can't handle under Linux. Personally, I feel that Windows shines in two major areas: its Office suite, and its games.
Now, Codeweavers Wine can run Office 2000 really well; I haven't tried the freely downloadable version, but as I believe Codeweavers contributes all their improvements back to the Wine project under the GPL, I imagine it runs Office also. Codeweavers Wine also runs Lotus Notes, Visio, and Internet Explorer 5.5.
A year or so ago IE on Linux would've been a no-brainer; now, with Mozilla in such nice shape, it's hard to get too excited about that possibility. But it does exist.
As for games, well, Transgaming's WineX is currently exceeding many people's expectations with regard to DirectX gaming on Linux. Heck, they had Warcraft 3 working within a couple weeks after it launched. Where's Warcraft 3 for OSX? Thought so. Combined with recent vendor support for Linux (Neverwinter Nights, Unreal Tournament 2003, Doom 3 when it is released) things are looking up on the native front as well.
So characterizing "Linux + Wine" as very weak is grossly unfair. Of the 20 or so applications I run under Windows on a regular basis, I'd say more than half work readily enough under Linux + Wine, and solid replacements are available for most of the rest (Gaim for AIM, Mozilla for IE, native ssh for PuTTY, etc.)
About the only major products I can think of that still don't run are Adobe's line (Photoshop, Illustrator, Premiere, Pagemaker, etc), and honestly I haven't attempted to get them working. I could be wrong, but I'm sure that if Wine has progressed to the point where it can run Microsoft's prized applications, it can probably handle third-party apps that are less intertwined with the inner workings of Windows.
I would say all that's preventing Linux from being truly competitive on the desktop is a little more third party support (Adobe ports would be awesome) and a little more spit and polish for the GUIs. Red Hat's decision to focus more effort on the desktop segment undoubtedly heralds good things for this area in the future.
In short, I think you're wrong to dismiss Wine out of hand. I also think the main thing OSX gives you is a pretty interface, which is great if that's what you want, but not necessarily wonderful in the "bang-for-your-buck" department.
I'll stick to Linux, keep my free software principles, and save my money for those who give back to the community. Like the Wine projects and Red Hat. And meanwhile I too will have a PC that "just works," and I won't have to sound like a PR plant whenever I post, to boot.
Solaris 2.9, the current release, contains many single-identity tools, but they're all add-ons to the basic OS rather than being truly integrated with it. I think that Solaris 3.0 will change all that...
Correct me if I'm wrong, but isn't Solaris on version 9 or something? Someone who knows more about Solaris than I do want to tackle this?
That would be the infamous Windows NT Service Pack 6, which had many issues, not least among them breaking the Lotus Notes client for non-admins.
Funny the story should be about Western Digital. You see, earlier this year I purchased a 40 GB Western Digital hard drive when setting up a new computer. Within a matter of weeks the drive had developed a click of death.
I RMA'd it and got a replacement. The replacement lasted only 5 days before it developed a similar problem. Unfortunately, between the time I had ordered the first drive and the time the first drive had failed, I had set up a server-type system with another of these Western Digital 40 GB drives.
At this point I was genuinely worried, as of the three 40 GB WD drives I had encountered, two had died on me. I decided to pursue a RAID-1 option for my server, though I also concluded that the 40 GB WD drives were not reliable enough to be trusted even in a RAID-1 configuration. It seemed likely both would fail. I searched Google for stories about 40 GB drives (at the time these had the best price/capacity ratio) from each of the major manufacturers. Seagate came up without any horror stories, so I bought a couple of their drives. However, while I was installing the Seagates, the WD 40 GB drive decided its time had come and developed the click of death. It's been 6 months and neither of those Seagate drives have failed.
Meanwhile, back to the WD drive. The second one having failed, I set about trying to have it RMA'd. Unfortunately, WD had sent me a replacement drive which was no longer under warranty. This was predictably unfuriating, yet there was nothing I could do -- Western Digital would not provide a replacement for a drive whose serial number indicated it was no longer warrantied, period. Furthermore, the failed 40 GB drive from the server was *also* not under warranty, despite being purchased only a little over a month in the past and dated May 2001.
I replaced it with a Seagate drive, at my own expense. A couple months later, a friend of mine had his hard drive crash during a game of Warcraft. He brought it over and I swapped his crashed drive with a spare Seagate 40 GB disk I had available. I told him not to worry about paying me back, as his drive was the same size and from June 2001, and thus presumably under warranty.
Unfortunately, the manufacturer of the drive was none other than Western Digital. And, wonder of wonders, the drive was also not covered by warranty, despite being only a little over a year old.
There are a couple conclusions you should draw from this. First, never buy a Western Digital 40 GB hard disk. Also never be generous and replace a friend's failed Western Digital 40 GB hard disk with one from a reliable vendor expecting to receive a replacement for his defective disk.
Second, it's quite likely that hard disk vendors are already covertly removing warranty coverage from products that are simply too unreliable to support cost-effectively. In all honesty I was amazed to see that Western Digital claimed to offer a "3 year manufacturer warranty", when I have two very real and very defective drives only a little over a year in age which are not covered by their 3 year warranty.
I am not accusing Western Digital of being more unreliable than is average, but every manufacturer has a bad line now and again. Warranties are there to prevent customers from getting screwed. Reducing warranty protection to one year is nearly as bad as eliminating it entirely -- don't forget that a lot of drives aren't going to sell right away.
So it isn't a question of letting the drive run for 4 years and then replacing it when it fails. It's a question of whether or not the $120 you spent on a recent model is going to get flushed straight down the toilet when it fails 3 days after purchase and the manufacturer won't provide a warranty replacement and the store insists that the manufacturer has sole responsibility for any warranty issues.
I believe you use 'tune2fs' to turn it off. If you format a floppy with ext2 it'll give you more details.
7) ????
8) Profi... just kidding.
I understand that you are using "3rd world country" in the popular sense of meaning "poor backwards country with an unpleasant/unstable government structure," but this is not a correct use of the term.
Actually, the "world" designations date to the Cold War era you discuss; the USA and its allies (essentially, Europe and Japan) were the First World nations. The USSR and its allies (Eastern Europe, numerous others) formed the Second World nations. Every other country got lumped into the generic Third World category.
Given this, I would say that for a while China was a Second World nation, and has since become a First World one, as they are essentially an ally of the United States at this point.
In summation: the First/Second/Third World categories are (obsolete) political designations, not economic ones.
I have seen an amusing alternative pronunciation for "sci-fi" that I can't source at the moment, though it may or may not have been Locus. I read that some SF writers like to pronounce it "skiffy," to emphasize their disdain for the label. Works for me, and it's fun to say, too.
The cryptographic handshake ISN'T a metaphor. It's what's actually happening AS he unlocks the car with his remote.
You are wrong. If it was a description of events, the line in question would read something like:
As he aimed his remote at it and initiated the cryptographic handshake, unlocking the doors, he spotted the guy leaning against the car.
The author's use of "i.e." -- which unabbreviated is "id est" in Latin, or "that is" in English -- means that the sentence should be read as follows:
As he aimed his remote at it and initiated the cryptographic handshake -- that is to say, he unlocked the doors -- he spotted the guy leaning against the car.
As the sentence was written, this latter reading is the correct one. Thus "cryptographic handshake" is a metaphor, thus I can criticize it on those grounds.
As he aimed his remote at it and initiated the cryptographic handshake -- i.e., unlocked the doors -- he spotted the guy leaning against the car.
Come on! "Cryptographic handshake" as a metaphor for unlocking a car door? Here's a quick writing lesson: if your metaphor is so abstruse that you have to explain it immediately thereafter, you should just cut it.
The writer is clearly enthralled by his own cleverness and understanding of computer lingo past the point where he could be expected to construct a narrative that normal people might enjoy.
Consider the paragraph on the first page where he mentions that the protagonist loses commit privileges on CVS. I know what CVS is, but that's beside the point. I shouldn't have to, because CVS doesn't relate to the story at all! The story is filled with little things like that, things that conspire to make it inaccessible to the average reader for no discernible reason, unless that reason is to heighten its appeal to the (presumed) minority of those interested in computers who give a damn about keeping the average user out of their party.
It's like the whole thing was written by someone who goes around calling everyone uninvolved in the computer industry "sheeple" or "lusers" and automatically assumes that they don't get it, for various definitions of "it", just because their existence doesn't revolve around a microprocessor.
Personally I think the use of l33t-speak is symptomatic of such a juvenile mentality, and should have been a major red flag. If this guy is one of SF's bright young stars, give me the old luminaries any day of the week.
Untrue. All commonly used levels of RAID (0,1,5,1+0) can offer some performance boost. RAID 0 is typically the highest-performing, but is completely lacking in redundancy and is unattractive for that reason. With RAID 1 you can get increased read speeds (more targets to read from). RAID 5 also offers better read/write speed, although you usually need dedicated hardware to offset the performance hit from the parity calculations. RAID 0+1 gives you faster reads and faster writes, and scales really nicely in terms of performance and reliability.
And we had none of those fancy-shmancy printouts you kids are raving about these days. No, sir, we had rocks -- rocks with illegible binary output scrawled on them with a piece of chalk! And we liked it!
Thus I have taken the liberty of revising your list:
Personally, I'm holding out for Programmer Oriented Programming, in which I sit back drinking coffee whilst the IDE orders me a pizza, plays a random selection of my favorite music and monitors Slashdot for new articles.
POP -- not efficient, not maintainable, but very good for morale.
Gee, or maybe it could be that the people interested in getting one of the new 40x burners don't actually have a 32x burner already, or even one at all! Could it be that such people might appreciate a review that evaluates the current top performers and recommends the best value for their money?
Oh, I forgot. Your post is just a manifestation of the "My Computer's Now Outdated and Since I Can't Brag Any More All I Can Do is Whine About How Mine Still Works Just Great" syndrome.