Of course, the 'optimal' angle varies throughout the year, but there isn't much drop off for relatively small angles. Doesn't mean they don't work, just less energy is gathered.
The article isn't explicite about this, although they do say something about the round beads helping to gather the sunlight. The implication is that these are a lot less sensitive to variation of the incoming angle of the rays, which not only gives you the flexibility to put them on more surfaces, but also means the efficiency is higher in the morning or evening than conventional panels.
Now, what I want to know is how hard is it going to be to mold these into the deck of a boat? And is the coating durable enough to take walking on it? I guess the top protective layer could be epoxy for good abrasion resistance.
This is realy cool, particularly if you can make it cheaply enough. So what if you can't get above the 11-17% range of efficiency if you can easily make a much larger surface. Further, you might be able to create more complex circuits than just an array of photovoltaic cells, and really give the whole concept of wearable computers a boost. Active matrix displays would be nice.
As to your second question, You could potentially plug all of the disks (or arrays) into an ethernet switch and use them individually, but it's more likely you'd put some kind of front end in place to handle the filesystem tasks. Most filesystems assume they have sole ownership of the disks and can't share partitions between multiple live nodes. You would still gain the ability to partition big disks into smaller chunks per-compute node if you connected the disks directly (and maybe some failover capability) but that would probably be offset by the inability to share data.
Right, you will have boxes of drives on the SAN, just like with current FC based SANs. From what I've seen, the host OSs have to manage 'drive allocation', and as you say, typically this will be whole drive at a time (important for partitioning the I/O load between spindles anyway). The addition of authentication protocals probably would help in binding the drive to a particular system as well.
Since the other reason you want a SAN is for reliability, you're going to want redundancy in the connections anyway. If the drives themselves are iSCSI, they would probably only have one connection per drive anyway (well, maybe not, FC drives are often dual channel, right?). In any case, you'd have dual channels to each system and storage array as well as redundant switches or routers to eliminate all single points of failure.
There are some hints in the article that compatibility issues could become significant quickly. Since at the most basic level, this will be a normal routed TCP/IP network, I'm sure the vendors have all sorts of ideas for 'support' protocols to run on the SAN with the iSCSI packets. It states that people are 'chomping at the bit' to add more protocols, but the committe wants to hold things stable for at least a year for things to sort out. The whole thing could be sunk by various players doing the 'embrace and extend' dance in ways that tend away from full multi-vendor interoperability.
Without reading all the specs and proposals, it is easy to guess that protocols to provide for automatic device detection and allocation would be very useful from a system design perspective, but would also need to be part of the standard to acheive continued support for multi-vendor SANs. Another likely area is RAID support (configuring, fault detection and reporting, rebuilding and maintanance, etc.). Logically, a RAID controller is just another node on the network, but it lies between the hosts and storage devices.
Note to people who think this is something like Serial ATA, it isn't. Serial ATA is a point to point protocal, and it probably is asymetric to boot. TCP/IP is a symetric routed network, so it is a different animal altogether. OTOH, there is no reason why a storage array couldn't be iSCSI on the outside and SATA to the drives (expect products like this from some vendors).
Needs to be provisioned under a contract that doesn't restrict re-selling of the bandwidth. Really, only home DSL and broadband connections are restricted in this way. Yes, this will cost quite a bit more, but you just need to have enough neighbors on the network to justify it. This probably isn't worth doing for just a couple of nodes anyway (mostly because of 'support' issues).
It is very cool that more HW and SW are becoming available to do this sort of thing. You still probably want a service provider that does the support, or a community based organization to fill this role (as in one of the links in the story). I'm going to keep watching this and looking for an opportunity to jump in.
"Publish" is ambiguous here. What we want and need is to have the raw case law data made available to everyone in a timely manner and digitally. Yes, it is right and appropriate that commercial interests can make derivitive works that they own and control (cross-referencing, compiling to CD, and much more), but it is not right that the raw data is unavailable.
I seem to recall debates about this from a long time back (probably on NetNews, or something) where two important issues were discussed. 1) The government contracts with commercial entities to record and publish the case law as it emerges from the courts (one or both of these companies was mentioned, IIRC), and 2) people were trying to work on creating public databases not encumbered by IP ownership. Anybody have any references to this, or know what has happened?
It seems to me that if the raw data is technically public domain, that it would be legal to obtain copies from commercial sources (or even 'borrow' them), and extract the raw data by stripping out all the page numbers, indexes and other proprietary content. Logically, you should now have something that is completely "public domain", and be able to do what you want with it. This would be the same thing as taking a published book where the copyright to the original work is expired, and scanning it, re-typesetting it (i.e. changing all the fonts, layout, page numbering, removing later forwards, etc.). AFAIK, this would be completely legal since you are only copying the parts not under any copyright restriction.
I was recently reading some article from First Monday on the general topic of the erosion of the public space in science in this issue. The "privatization" of science is a very disturbing trend, and I claim it threatens to do long term dammage to future prosperity and freedom. This story is just another visible aspect of the "Architectures of Control" that threaten the emergence of Free and Open societies based on widespread sharing of information.
Will hack anything they can; they don't limit themselves to software and a little computer hardware. How many/.ers have rebuilt an auto engine? I have done a couple in my day, and I'd bet the percentage is way more than the general population. There are way to many comments on this story that stereotype people on/. without any consideration of reality.
And on the diversity front; yes, engineers as a group are a lot more white and male than the population and even many other professions, but that doesn't mean we don't value diversity. We just don't have much time for a 'token' anything. I hope they can find a couple of competent participants that are not white males to spice up their show, but it will flop if these people don't add something to the teams they are on.
The question I have is whether participants are paid. I would volunteer in a heartbeat if they made it worth my while, but I don't have time to just contribute my valuable time to their money making operation. I also think the concept could be a lot cooler if it wasn't so much of a race as a true engineering competition. You could still factor in time as a bonus for shorter time taken, but rushing through things rarely makes for good engineering.
You could also downplay the 'wars' part of it and mix in some footage of a wide variety of wild and weird engineering feets, projects and competitions. Highlights of the 2.70 contest from MIT would always be good for a side story. For those who don't know the reference, '2.70' is the course number for a mechnical engineering design course that features a design competition where you get a box of parts and a goal, and teams just go at it. It has been featured on some programs in the past (Scientific American is one such program AFIAK). Just a thought.
Do judges not get telemarketing calls, or are they just not bothered by them? Conspiracy theory might suggest that telemarketers are careful not to call judges so that they won't understand why the public hates this so much.
What bothers me the most about this is that the primary consideration here is there ability to sell and share this information with other entities. If they have a business relationship with you, at least there is some justification for them calling, although it is weak if they are selling other services. On the other hand, they do have to be more careful with customers, since they might decide to 'opt-out' of their service altogether.
I second the comments that if VMWare doesn't keep offering some value over what free software can produce, they don't deserve to survive. Besides, Plex is likely to only cover part of any complete solution, which could include commercial components (note that Plex is LGPL). Further, a free version would find applications that nobody would pay for a product to have this feature (often, just get another machine is the option). Testing gets mentioned a lot. You could set up a machine with a number of different versions of OSs, and even completely different OSs just to have a variety of environments to test in (software development QA processes for example). You probably would use the system sequentially anyway, but you wouldn't need to reboot, all the versions are just there. Hell, if you partitioned the I/O, you could run them together, particularly in a few years as the CPU generations roll along.
It really is a different concept than VMWare anyway. VMWare is hosted in one of the OSs (I know they have at least Linux and some versions of Windows, probably more), where this VM runs on top of the hardware (if I understand correctly). One thing I do wonder about, though. By putting it between a hardware abstraction layer and the hardware, a huge part of the job is to support the variety of available hardware.
One of the crowning achievements of Linux is the variety of hardware that is supported. That's always been the biggest problem for any PC OS that isn't from MS, lack of driver support, and this goes for the commercial PC UNIX vendors from the beginning (no doubt, OS/2 as well). Linux has pretty much solved this problem, and it has been a very hard problem (i.e. it takes lots of resources in the Linux community). So, aren't they taking on this problem with Plex86, or do they somehow piggyback on Linux drivers? That's certainly what I would try for if I were designing it.
If you had a natural three valued technology for digital storage, transmision and logic gates, this would be the most natural digital representation system. Few people realize that the map between physical symbols (high vs low volts, current on vs off (or reversed), stored charge, magnetic domains,...) and logical value is arbitrary. We only have binary because a two valued system is the easiest for most technologies to implement, but three valued systems have a number of interesting symmetries (integer_max == -(neg_integer_max) for one) that binary systems don't.
Without arguing the case again here, I think the court bend over backwards to see this act as 'limited'. This was the best chance to win a victory for truth and justice, and Congress, bought and paid for the the copyright interests, is likely only to extend these terms more, making a total sham of the concept of 'limited', as if they haven't already.
Not really a joke, but my favorite way to count in base 3 is a system where the digits are +, 0 and -. You can represent positive and negative numbers without an extra symbol. Place values are just like regular base 3 numbers (1, 3, 9, 27,...). 2 (base 10) would be '+-', or 8 -> '+0-', etc.
So, your point is that the managers at most companies are stupid? I'll buy that to a point, but eventually people do wise up.
I also dispute your point about the position of MS on the 'food chain'. MS development environments and tools have never been all that significant when organizations plan and implement 'enterprise' class systems to their own specifications. Sure, if you are slapping something together to scratch an itch..., but if you are really going to spend some bucks on a project that has to deliver value over a number of years, your going to worry about standards and protecting the investment.
I know that a lot of projects, particularly in small or mid-sized companies, just get thrown together and nobody ever thinks about the long-term, but these are time bombs for any organization that has them. Eventually somebody gets burned. If I had to guess, I would say this is as much a source of the growing anti-MS sentiment as the apparent low priority the MS puts on security related problems. Managers don't have to fully understand this the way I am explaining it to know that they have been screwed by using MS tools for critical systems.
WRT the question posed, I think it is just as important to build the database with negative cases where organizations are hurt because they didn't protect their future by using open standards. It is the only way to ensure you will have migration paths and good choices available down the road.
I was hoping they went further
on
Creating Your Own CA
·
· Score: 2, Informative
Pretty disappointing. Anyone at/. that is interested in CAs and such should already be aware that OpenSSL has all the functions for manipulating the various file formats involved if you have the time to grok the command line interface to all of this.
I can give you more help right here and clear up some stuff they glossed over. First, a certificate is not a public key, but it includes the public key, and it is signed by the private key of the Certificate Authority (CA). In the example, a 'root' or self-signed certificate is created. The private key is typically password protected when it is stored (you can see it prompting for that password in the script).
He doesn't show you what you have to do to create the '.csr' file that is used to create the actual site certificate, but this is what is called the Certificate Request. Also, the '.key' file should be created in a separate step. The process is that when someone wants a certificate, they generate a request on their computer that includes all the 'name' information (as displayed in article) and the public key. The private key is generated at the same time, but it should never leave the site generating the request, and additional steps should be taken to protect it from being exposed. The article implies that the key pair is generated by the command given, but I don't think it is (a separate step is needed to create the.csr file, and it should be created then).
A few more notes: your new '.crt' (the certificate) file will show up in 'newcerts' (if not, then 'certs'), the 'serial' file is the serial number of the next (or last) cert issued, and the 'crl' subdir is for the "Certificate Revocation List" all CAs should have one, and it should list all the certificates issued by this authority that have been revoked (by serial number, I think). AFAIK, this is the biggest hole in the process. To correctly verify the validity of a cert, you should always check the cert's serial number against the CRL, but where to you get the CRL? There must be a standard way to get the current CRL from a CA, but does a browser or other client have any function to get it before validating a certificate? Nothing I've seen indicates that clients do this so I doubt whether revocation is ever effective in a practical sense.
Now, what would be really cool is if someone wrapped the functions to create a certificate request with a few web pages and provided a howto describing how to set this up and really run your own CA. If I was doing it, I would keep the CAs private key on external media (a floppy or CD/R), and only put it in the system when I need it to sign certs and CRLs. Isolating the system you use for this is better, but you do still have to get the requests in and the certs or CRLs out.
One final comment. It is just about impossible to actually protect the private key for a typical web server. Or at least protect it from root exploits. This is because you have to either not use a password so that your web server can restart without a password, or have some script that provides the password on startup of the web server. The only other choice is to have someone actually type it whenever a server needs to be restarted, and I don't have to point out here what a pain this would be for a big server farm.
We heard the same thing in the '80s when UNIX vendors were virtually taking over the mid-range computing platforms and all the second tier players with proprietary OSs were dropping like flies. The skills are there if you need them, particularly in this down market. Further, there are lots of consulting firms that would jump at any new OS business.
Give me 8 people who can navigate a Linux distribution and have decent systems and programming skills, and I'll beat those 40 low to middle end developers that you hired at a drop of a hat. It is not unusual to find that productivity varies by a factor of 10 to 100 in typical group of programmers, so it means nothing to say that you can find N people with X skill.
Further, I claim that OS programming languages and environments are more standards compliant than all the crap MS is peddling, and any quality systems architect will put a big emphasis on designing with well established open standards. Investment in software systems is always a long term deal, and the only way to protect that investment is by sticking with standards that do not depend on the success of a particular vendor.
If the people running the project suck, you can just maintain a better fork if you want. With shared source, you might not even be able to distribute your patches to other customers suffering your fate. The point is that true OS gives the control to the ultimate consumer, and anything less isn't worth that much. Why contribute your work to something that another private entity owns and controls?
And my point is that I'm sure he could have used the five years a lot better on the outside doing something useful and interesting. Also, I find what he did to be useful and interesting, if ill-advised. A deep understanding of security and security systems is a valuable thing, and he probably couldn't have gained as much knowledge at the time doing it completely legally. Your description of "a regular guy who fucked up and got famous for it" just doesn't ring true. I maintain that he wouldn't have been interesting if his hacking skills weren't truely remarkable, and on some level, that is how you should judge the government's response. They were amazed at how hard it was to catch him, and there reaction because it was out of fear was way out of proportion to the crimes.
If you don't have the capacity to be useful or interesting, then get a boring job and don't bother us with it. Kevin is interesting, and although he would not have the fame for me to learn about it (maybe), I'm quite certain he would/could have found appropriate outlets.
If you want to be a computer "rock star", I can think of a lot better ways than spending X years in jail.
Try to do something truely useful and interesting, and you should be able to generate sufficient attention. Fame brings as much unwanted attention as it does the good kind. The truth is that there are a lot of key contributors to OS that are mostly know in the specific development community that they work in. Actually, without slashdot, I wouldn't know what I do about the handful that I have heard of. Except for the few lik Linus, RMS and a very few others, the fame is rather limited anyway.
As others have pointed out, he abused trust that should never have been given.
On the other hand, if it is true that someone in his Lawyers office was "spying" on his defense team, then they were abusing positions of trust in a much bigger way. I find the governments behavior in all of this to be much more troubling than Kevin's, they are after all "officers of the court". Yes, there are special circumstances where they may lie and cheat to catch a criminal, but lies and distortions in the courtroom are more than an abuse of trust, they are an abuse of the justice system. If we can't rely on their truethfulness in the courtroom, then the whole house of cards falls down.
Did you read any of the interview? What illegal activities does he still advocate? Even with the question of "what would you say to script-kiddies who idolize you", he tells them to set up a private LAN to "practice" breaking in or challenge your friends to make attempts with each other's systems. To me, he appears to be completely on the "white hat" side now, and to have learned his lessons well. Based on some stuff I had read in the past, I had thought he done more actual dammage in some cases, but I'm willing to think a lot of this was exagerated. If you believe his accound (and I have no reason not to at this point), even his past activities were more grey than black.
I say good luck to you, Kevin, and keep using your tallents for good, not evil;-)
The parent post is right, if they had known there was a fatal problem with the craft when it was in orbit, there is a lot that could have been done.
Yes, the contigencies were limited by a number of factors, but I can't immagine that the situation was nearly as bad as the one on Apollo 13. First analysis of the options didn't give much hope, and even the survival solution that they came up with wasn't exactly "ideal" (i.e. lots could have gone wrong with it, still).
Bottom line is that if they knew they already had a problem that prevented safe re-entry, they would have been strongly motivated to find a solution. IMHO, the biggest human failing here was using the idea that "we can't do anything anyway" as part of the decision making process. If there was any concern that the outcome would be "breaking up on re-entry", they shouldn't have stopped until they could assure themselves that the rist as minimal. The parent post is right, this is a human failing, not a system or hardware failure. Not as blatantly so as with the Challenger disaster (pure management failure), but the whole point of hiring a lot of very bright people to work on these programs is to allow them to use their judgement in these situations.
You're right on here, it is only much later that the capitalists themselves start to use the term and attempt to remove the negative associations.
If you look at the last century, I think it is pretty clear that market capitalism is very effective at efficiently allocating scarce resources. It can break down in the limits (monopolies are only effiecient for the monopoly, and bad policies can cause things to break down as in the '30s), but for most mainstream economic activities, it is hard to beat. I would even go so far as to claim that it is an essential part of any fair and efficient economic system, as long as there is regulation from abuse, and it is only applied where it makes sense.
On the other hand, it can be terribly innefficient when applied to some situations. Can anyone point to a situation where "information markets" are a good thing? To the extent that companies are able to commercially exploit an idea through exclusive ownership, they have also set up the situation where both the customer and the competition are thinking about how to re-create the technology as their own. Everyone decries the NIH syndrom, but it is inevitable where information is traded as property.
Without doing a research paper on the subject, I can point to several examples of the ineffectiveness of "information markets" as a concept. Why do you thing RAMBUS failed and is now resorting to legal tactics for profitability? You just can't sell and idea without revealing it, and once it is out, it is really difficult to keep others from exploiting it. Note that you don't (can't) patent or copyright an idea itself, just particular expressions of it. In general, I don't see many companies with a workable business model selling the intellectual property rights to system components or technologies. They can and do sell complete products and services, but the idea that you could build a SOC (system on chip) composed from sub-chip units bought from different vendors has never developed.
Take a look at the system software market as well. Either you build an OS to support the hardware systems you want to sell, or you attempt to build a monopoly. Nothing else seems to work very well. One other thing works, Open/Free source development is the one workable model because it allows a community to develop around shared IP, and customers and system designers benefit. You no longer have to have a huge organization that is vertically integrated so they can control everything.
AFAIK, Gibson is the originator of this term. His use of it in his books and stories is probably not the first example. Anyone know of earlier citations?
God, things are screwed up. I'm reading Mother Jones and it makes sense while traditional media is clueless or conspiratory.
When have you ever know the "traditional media" to have a clue? Whether or not any specific counter-cultural source of news is in line with your politics and philosophy, they are much more likely to expose a kernel of the truth. The talking heads of the networks and cable news vendors pretend to be unbiased and neutral, all the while they are spouting the corporate angle of their owners and sponsors.
In many cases, knowledge is a primary source of bias, and if the knowledge is valid, then the bias is a good thing. Yes, there are times when the only way to find the answer is to empty your head of preconceptions, but more often they claim to be "unbiased" is just a cover for willful ignorance.
He has an awfully big collection of really dangerous technology experiments. A lot of comments here about how blowing things up relates to intelligence. I've got to believe he is pretty good and careful about being safe, since it doesn't appear that anyone has been killed of maimed in any of these experiments.
Not sure I would want him for a neighbor, though. I looked at much the stuff about chemically launching golf balls, culminating with the chrome plated tube from the hydrolics of a constuction machine. They estimated 2500 mph or about Mach 2 and a distance of 10km. I've got to wonder where the golf ball came down for that attempt, hope it didn't hit anything.
Actually, I was referring to AIX, not Linux. Does AIX run on the other platforms? What are we talking about here; they have mainframes, RS6K, AS400 and all the PC stuff (laptops, rack stuff and desktops). In the old days they would have had serveral other oddball architectures too, but I imagine all the midrange business stuff has been consolidated in the AS400 line. Anyone remember the Series/1 machines? I did some assembly language work on one of those. How about the 5110? Writing accounting software in basic on one of those put me through school.
You'd think case sensitivity could be specific to the language of the library. Ok, you need a convention for calling out from a case-insensitive library or program, and that would make entry points that use mixed case or one different than the "common" convention inaccessable to the case-insensitive code, but nothing would break.
If you need to support one-case environments, it's going to be hard to fully link these to more flexible environments. This goes for any mismatch in legal characters in external identifiers unless you have some complex standard for creating mappings or something.
Slashdot Mirror
The article isn't explicite about this, although they do say something about the round beads helping to gather the sunlight. The implication is that these are a lot less sensitive to variation of the incoming angle of the rays, which not only gives you the flexibility to put them on more surfaces, but also means the efficiency is higher in the morning or evening than conventional panels.
Now, what I want to know is how hard is it going to be to mold these into the deck of a boat? And is the coating durable enough to take walking on it? I guess the top protective layer could be epoxy for good abrasion resistance.
This is realy cool, particularly if you can make it cheaply enough. So what if you can't get above the 11-17% range of efficiency if you can easily make a much larger surface. Further, you might be able to create more complex circuits than just an array of photovoltaic cells, and really give the whole concept of wearable computers a boost. Active matrix displays would be nice.
Right, you will have boxes of drives on the SAN, just like with current FC based SANs. From what I've seen, the host OSs have to manage 'drive allocation', and as you say, typically this will be whole drive at a time (important for partitioning the I/O load between spindles anyway). The addition of authentication protocals probably would help in binding the drive to a particular system as well.
Since the other reason you want a SAN is for reliability, you're going to want redundancy in the connections anyway. If the drives themselves are iSCSI, they would probably only have one connection per drive anyway (well, maybe not, FC drives are often dual channel, right?). In any case, you'd have dual channels to each system and storage array as well as redundant switches or routers to eliminate all single points of failure.
There are some hints in the article that compatibility issues could become significant quickly. Since at the most basic level, this will be a normal routed TCP/IP network, I'm sure the vendors have all sorts of ideas for 'support' protocols to run on the SAN with the iSCSI packets. It states that people are 'chomping at the bit' to add more protocols, but the committe wants to hold things stable for at least a year for things to sort out. The whole thing could be sunk by various players doing the 'embrace and extend' dance in ways that tend away from full multi-vendor interoperability.
Without reading all the specs and proposals, it is easy to guess that protocols to provide for automatic device detection and allocation would be very useful from a system design perspective, but would also need to be part of the standard to acheive continued support for multi-vendor SANs. Another likely area is RAID support (configuring, fault detection and reporting, rebuilding and maintanance, etc.). Logically, a RAID controller is just another node on the network, but it lies between the hosts and storage devices.
Note to people who think this is something like Serial ATA, it isn't. Serial ATA is a point to point protocal, and it probably is asymetric to boot. TCP/IP is a symetric routed network, so it is a different animal altogether. OTOH, there is no reason why a storage array couldn't be iSCSI on the outside and SATA to the drives (expect products like this from some vendors).
It is very cool that more HW and SW are becoming available to do this sort of thing. You still probably want a service provider that does the support, or a community based organization to fill this role (as in one of the links in the story). I'm going to keep watching this and looking for an opportunity to jump in.
I seem to recall debates about this from a long time back (probably on NetNews, or something) where two important issues were discussed. 1) The government contracts with commercial entities to record and publish the case law as it emerges from the courts (one or both of these companies was mentioned, IIRC), and 2) people were trying to work on creating public databases not encumbered by IP ownership. Anybody have any references to this, or know what has happened?
It seems to me that if the raw data is technically public domain, that it would be legal to obtain copies from commercial sources (or even 'borrow' them), and extract the raw data by stripping out all the page numbers, indexes and other proprietary content. Logically, you should now have something that is completely "public domain", and be able to do what you want with it. This would be the same thing as taking a published book where the copyright to the original work is expired, and scanning it, re-typesetting it (i.e. changing all the fonts, layout, page numbering, removing later forwards, etc.). AFAIK, this would be completely legal since you are only copying the parts not under any copyright restriction.
I was recently reading some article from First Monday on the general topic of the erosion of the public space in science in this issue. The "privatization" of science is a very disturbing trend, and I claim it threatens to do long term dammage to future prosperity and freedom. This story is just another visible aspect of the "Architectures of Control" that threaten the emergence of Free and Open societies based on widespread sharing of information.
And on the diversity front; yes, engineers as a group are a lot more white and male than the population and even many other professions, but that doesn't mean we don't value diversity. We just don't have much time for a 'token' anything. I hope they can find a couple of competent participants that are not white males to spice up their show, but it will flop if these people don't add something to the teams they are on.
The question I have is whether participants are paid. I would volunteer in a heartbeat if they made it worth my while, but I don't have time to just contribute my valuable time to their money making operation. I also think the concept could be a lot cooler if it wasn't so much of a race as a true engineering competition. You could still factor in time as a bonus for shorter time taken, but rushing through things rarely makes for good engineering.
You could also downplay the 'wars' part of it and mix in some footage of a wide variety of wild and weird engineering feets, projects and competitions. Highlights of the 2.70 contest from MIT would always be good for a side story. For those who don't know the reference, '2.70' is the course number for a mechnical engineering design course that features a design competition where you get a box of parts and a goal, and teams just go at it. It has been featured on some programs in the past (Scientific American is one such program AFIAK). Just a thought.
Do judges not get telemarketing calls, or are they just not bothered by them? Conspiracy theory might suggest that telemarketers are careful not to call judges so that they won't understand why the public hates this so much.
What bothers me the most about this is that the primary consideration here is there ability to sell and share this information with other entities. If they have a business relationship with you, at least there is some justification for them calling, although it is weak if they are selling other services. On the other hand, they do have to be more careful with customers, since they might decide to 'opt-out' of their service altogether.
It really is a different concept than VMWare anyway. VMWare is hosted in one of the OSs (I know they have at least Linux and some versions of Windows, probably more), where this VM runs on top of the hardware (if I understand correctly). One thing I do wonder about, though. By putting it between a hardware abstraction layer and the hardware, a huge part of the job is to support the variety of available hardware.
One of the crowning achievements of Linux is the variety of hardware that is supported. That's always been the biggest problem for any PC OS that isn't from MS, lack of driver support, and this goes for the commercial PC UNIX vendors from the beginning (no doubt, OS/2 as well). Linux has pretty much solved this problem, and it has been a very hard problem (i.e. it takes lots of resources in the Linux community). So, aren't they taking on this problem with Plex86, or do they somehow piggyback on Linux drivers? That's certainly what I would try for if I were designing it.
If you had a natural three valued technology for digital storage, transmision and logic gates, this would be the most natural digital representation system. Few people realize that the map between physical symbols (high vs low volts, current on vs off (or reversed), stored charge, magnetic domains, ...) and logical value is arbitrary. We only have binary because a two valued system is the easiest for most technologies to implement, but three valued systems have a number of interesting symmetries (integer_max == -(neg_integer_max) for one) that binary systems don't.
Without arguing the case again here, I think the court bend over backwards to see this act as 'limited'. This was the best chance to win a victory for truth and justice, and Congress, bought and paid for the the copyright interests, is likely only to extend these terms more, making a total sham of the concept of 'limited', as if they haven't already.
Not really a joke, but my favorite way to count in base 3 is a system where the digits are +, 0 and -. You can represent positive and negative numbers without an extra symbol. Place values are just like regular base 3 numbers (1, 3, 9, 27, ...). 2 (base 10) would be '+-', or 8 -> '+0-', etc.
I also dispute your point about the position of MS on the 'food chain'. MS development environments and tools have never been all that significant when organizations plan and implement 'enterprise' class systems to their own specifications. Sure, if you are slapping something together to scratch an itch ..., but if you are really going to spend some bucks on a project that has to deliver value over a number of years, your going to worry about standards and protecting the investment.
I know that a lot of projects, particularly in small or mid-sized companies, just get thrown together and nobody ever thinks about the long-term, but these are time bombs for any organization that has them. Eventually somebody gets burned. If I had to guess, I would say this is as much a source of the growing anti-MS sentiment as the apparent low priority the MS puts on security related problems. Managers don't have to fully understand this the way I am explaining it to know that they have been screwed by using MS tools for critical systems.
WRT the question posed, I think it is just as important to build the database with negative cases where organizations are hurt because they didn't protect their future by using open standards. It is the only way to ensure you will have migration paths and good choices available down the road.
I can give you more help right here and clear up some stuff they glossed over. First, a certificate is not a public key, but it includes the public key, and it is signed by the private key of the Certificate Authority (CA). In the example, a 'root' or self-signed certificate is created. The private key is typically password protected when it is stored (you can see it prompting for that password in the script).
He doesn't show you what you have to do to create the '.csr' file that is used to create the actual site certificate, but this is what is called the Certificate Request. Also, the '.key' file should be created in a separate step. The process is that when someone wants a certificate, they generate a request on their computer that includes all the 'name' information (as displayed in article) and the public key. The private key is generated at the same time, but it should never leave the site generating the request, and additional steps should be taken to protect it from being exposed. The article implies that the key pair is generated by the command given, but I don't think it is (a separate step is needed to create the .csr file, and it should be created then).
A few more notes: your new '.crt' (the certificate) file will show up in 'newcerts' (if not, then 'certs'), the 'serial' file is the serial number of the next (or last) cert issued, and the 'crl' subdir is for the "Certificate Revocation List" all CAs should have one, and it should list all the certificates issued by this authority that have been revoked (by serial number, I think). AFAIK, this is the biggest hole in the process. To correctly verify the validity of a cert, you should always check the cert's serial number against the CRL, but where to you get the CRL? There must be a standard way to get the current CRL from a CA, but does a browser or other client have any function to get it before validating a certificate? Nothing I've seen indicates that clients do this so I doubt whether revocation is ever effective in a practical sense.
Now, what would be really cool is if someone wrapped the functions to create a certificate request with a few web pages and provided a howto describing how to set this up and really run your own CA. If I was doing it, I would keep the CAs private key on external media (a floppy or CD/R), and only put it in the system when I need it to sign certs and CRLs. Isolating the system you use for this is better, but you do still have to get the requests in and the certs or CRLs out.
One final comment. It is just about impossible to actually protect the private key for a typical web server. Or at least protect it from root exploits. This is because you have to either not use a password so that your web server can restart without a password, or have some script that provides the password on startup of the web server. The only other choice is to have someone actually type it whenever a server needs to be restarted, and I don't have to point out here what a pain this would be for a big server farm.
Give me 8 people who can navigate a Linux distribution and have decent systems and programming skills, and I'll beat those 40 low to middle end developers that you hired at a drop of a hat. It is not unusual to find that productivity varies by a factor of 10 to 100 in typical group of programmers, so it means nothing to say that you can find N people with X skill.
Further, I claim that OS programming languages and environments are more standards compliant than all the crap MS is peddling, and any quality systems architect will put a big emphasis on designing with well established open standards. Investment in software systems is always a long term deal, and the only way to protect that investment is by sticking with standards that do not depend on the success of a particular vendor.
If the people running the project suck, you can just maintain a better fork if you want. With shared source, you might not even be able to distribute your patches to other customers suffering your fate. The point is that true OS gives the control to the ultimate consumer, and anything less isn't worth that much. Why contribute your work to something that another private entity owns and controls?
If you don't have the capacity to be useful or interesting, then get a boring job and don't bother us with it. Kevin is interesting, and although he would not have the fame for me to learn about it (maybe), I'm quite certain he would/could have found appropriate outlets.
Try to do something truely useful and interesting, and you should be able to generate sufficient attention. Fame brings as much unwanted attention as it does the good kind. The truth is that there are a lot of key contributors to OS that are mostly know in the specific development community that they work in. Actually, without slashdot, I wouldn't know what I do about the handful that I have heard of. Except for the few lik Linus, RMS and a very few others, the fame is rather limited anyway.
On the other hand, if it is true that someone in his Lawyers office was "spying" on his defense team, then they were abusing positions of trust in a much bigger way. I find the governments behavior in all of this to be much more troubling than Kevin's, they are after all "officers of the court". Yes, there are special circumstances where they may lie and cheat to catch a criminal, but lies and distortions in the courtroom are more than an abuse of trust, they are an abuse of the justice system. If we can't rely on their truethfulness in the courtroom, then the whole house of cards falls down.
I say good luck to you, Kevin, and keep using your tallents for good, not evil ;-)
Yes, the contigencies were limited by a number of factors, but I can't immagine that the situation was nearly as bad as the one on Apollo 13. First analysis of the options didn't give much hope, and even the survival solution that they came up with wasn't exactly "ideal" (i.e. lots could have gone wrong with it, still).
Bottom line is that if they knew they already had a problem that prevented safe re-entry, they would have been strongly motivated to find a solution. IMHO, the biggest human failing here was using the idea that "we can't do anything anyway" as part of the decision making process. If there was any concern that the outcome would be "breaking up on re-entry", they shouldn't have stopped until they could assure themselves that the rist as minimal. The parent post is right, this is a human failing, not a system or hardware failure. Not as blatantly so as with the Challenger disaster (pure management failure), but the whole point of hiring a lot of very bright people to work on these programs is to allow them to use their judgement in these situations.
If you look at the last century, I think it is pretty clear that market capitalism is very effective at efficiently allocating scarce resources. It can break down in the limits (monopolies are only effiecient for the monopoly, and bad policies can cause things to break down as in the '30s), but for most mainstream economic activities, it is hard to beat. I would even go so far as to claim that it is an essential part of any fair and efficient economic system, as long as there is regulation from abuse, and it is only applied where it makes sense.
On the other hand, it can be terribly innefficient when applied to some situations. Can anyone point to a situation where "information markets" are a good thing? To the extent that companies are able to commercially exploit an idea through exclusive ownership, they have also set up the situation where both the customer and the competition are thinking about how to re-create the technology as their own. Everyone decries the NIH syndrom, but it is inevitable where information is traded as property.
Without doing a research paper on the subject, I can point to several examples of the ineffectiveness of "information markets" as a concept. Why do you thing RAMBUS failed and is now resorting to legal tactics for profitability? You just can't sell and idea without revealing it, and once it is out, it is really difficult to keep others from exploiting it. Note that you don't (can't) patent or copyright an idea itself, just particular expressions of it. In general, I don't see many companies with a workable business model selling the intellectual property rights to system components or technologies. They can and do sell complete products and services, but the idea that you could build a SOC (system on chip) composed from sub-chip units bought from different vendors has never developed.
Take a look at the system software market as well. Either you build an OS to support the hardware systems you want to sell, or you attempt to build a monopoly. Nothing else seems to work very well. One other thing works, Open/Free source development is the one workable model because it allows a community to develop around shared IP, and customers and system designers benefit. You no longer have to have a huge organization that is vertically integrated so they can control everything.
AFAIK, Gibson is the originator of this term. His use of it in his books and stories is probably not the first example. Anyone know of earlier citations?
When have you ever know the "traditional media" to have a clue? Whether or not any specific counter-cultural source of news is in line with your politics and philosophy, they are much more likely to expose a kernel of the truth. The talking heads of the networks and cable news vendors pretend to be unbiased and neutral, all the while they are spouting the corporate angle of their owners and sponsors.
In many cases, knowledge is a primary source of bias, and if the knowledge is valid, then the bias is a good thing. Yes, there are times when the only way to find the answer is to empty your head of preconceptions, but more often they claim to be "unbiased" is just a cover for willful ignorance.
Not sure I would want him for a neighbor, though. I looked at much the stuff about chemically launching golf balls, culminating with the chrome plated tube from the hydrolics of a constuction machine. They estimated 2500 mph or about Mach 2 and a distance of 10km. I've got to wonder where the golf ball came down for that attempt, hope it didn't hit anything.
Actually, I was referring to AIX, not Linux. Does AIX run on the other platforms? What are we talking about here; they have mainframes, RS6K, AS400 and all the PC stuff (laptops, rack stuff and desktops). In the old days they would have had serveral other oddball architectures too, but I imagine all the midrange business stuff has been consolidated in the AS400 line. Anyone remember the Series/1 machines? I did some assembly language work on one of those. How about the 5110? Writing accounting software in basic on one of those put me through school.
If you need to support one-case environments, it's going to be hard to fully link these to more flexible environments. This goes for any mismatch in legal characters in external identifiers unless you have some complex standard for creating mappings or something.