I'm one of the people out at I/O that was given one, but I've only taken it out of the box to look at it so far (too many sessions, not enough time).
To go along with the expensive design part. The device has a lot of mass. It was designed to sit on a table, and be interacted with locally. The top half of the Q spins (I believe as a volume control, but I have not had a chance to set it up yet) If you look at the breakdown diagrams they briefly show in the introduction video - there's also a complex set of components inside of the device. So that increases the assembly cost as well.
It's not meant to be a simple video player, nor just a slave to the TV. Hooking it up to a TV is technically optional.
I'm glad it is being produced in the US - we need more companies demanding device manufacture and assembly in the US - it will only help drive down the US assembly costs due to volume. We used to (10 years ago) do a LOT of assembly in the US for all sorts of devices, but the economic downturns drove a lot of assembly over seas (increasing some costs, decreasing others).
He's not trying to complete on price w/ Microsoft; So there's nothing stopping him from buying an official controller for each one he builds to get the interface hardware. It just becomes part of the BOM cost.
Then he just has to replace the buttons and joysticks with ones that work for his end-users.
The issue is not that people can/can't stop at two beers. It's that they could have stopped at one beer, waited 75 minutes for it to metabolize fully, then drive home. At that point the device could still say they are over the limit, due to a programming bug. We don't know how well it was implemented, what the failure conditions are, how it handles those failure conditions, etc.
So the issue is: Would you like to be convicted of a crime you didn't commit, all because some people can't stop at two beers?
I just bought one of these, and I'm really happy with it so far. I have it setup as a shared drive for the computers in the house. It's embedded Linux, easily hackable (just drop a shell script in a specific location, and it starts running your own stuff on startup) So getting telnet access is quick, and there's a Debian port for the processor it runs, if you want more.
With the 2-disk mirror I have setup, I get about 6MB/s write performance (not bad considering it's over SMB...), It supports gigabit, but my machines do not, so no tests without the Network bottleneck.
They also just put out a 4-slot version, the DNS-343, which allows for RAID5.
You're looking for an Inductive Amplifier. They are commonly used for tracing wires to pick up the tone from the tone generator you put on the other end of the wire.
Yes, xp_cmdshell is disabled by default in SQL 2005, but do you seriously think every site is running SQL 2005 on their servers?
Now, on the SQL being a local administrator. In researching this one to show you where it says it, Microsoft seems to have change their guidelines since I last looked them up (and good for them, I'm gonna start pushing the new guidelines at work to the DBA team)
Years before, with SQL 2000 (And pretty much every bit of what I said applied to SQL 2000), Microsoft said you had to have setup the SQL service account as a local administrator on the machine. There are still some remnants of this policy: http://support.microsoft.com/kb/239885 Where it's explicitly said to make sure the user is a local administrator (NT4, SQL 2000 and SQL 7).
Now, Microsoft says "If you don't want the SQL service account to be a member of the local administrators group" (and they do recommend against it as well, but how many lazy admins are gonna do that...) You merely have to grant the account the following rights: Act as Part of the Operating System = SeTcbPrivilege
Bypass Traverse Checking = SeChangeNotify
Lock Pages In Memory = SeLockMemory
Log on as a Batch Job = SeBatchLogonRight
Log on as a Service = SeServiceLogonRight
Replace a Process Level Token = SeAssignPrimaryTokenPrivilege And make sure the file system and registry permissions are granted to your service account user.
Yes, MSSQL installs by default with only windows security mode enabled. So you have a few options for connecting your application to the DB: 1. Add the user the web app runs under to the SQL server, and used integrated security. 2. Turn on SQL security, and create a user for the application to use. 3. (seriously, I've seen this in my travels) Setup a COM+ component that does database access, running under the same account as the SQL server, so they "don't have to worry about permission problems"
I've seen programmers do all three in my time, depending on what they are more comfortable with. Sometimes, I see them just use the magical SA account, to login to the database. Again, having a proper DBA would prevent stupid things like this, but not every place has a proper DBA (or a person that can truly act like one part time)
I've seen all sorts of stupid things, including most of the above, some by admins that should know better, some by admins that have very little clue what a database is, and just "need to get this app working" Some were recommendations by the vendor of a product at the time of install. Many of these practices have gotten better over the years, but some have not.
Now, if you have only ever dealt with SQL 2005 (which is MUCH more secure by default, but still prone to admins and programmers doing stupid things, and no one can prevent that) Then yea, most of the stuff I said does not apply.
Yea, you can probably set enough permissions to not require local admin rights, but seriously, the places we're talking about already are too lazy to sanitize database inputs, do you really thing all of their practices are top-notch security wise?
And so concludes another episode of "Hey, with how lazy some people are, I could see if happen."
Amusingly, with the set of services used in this exploit, it's possible to gain "root" access if the user the webapp is connecting to the database with has the SA role on the SQL server.
On a Microsoft SQL server, there's a system stored procedure called xp_cmdshell, this allows you to run arbitrary commands under the permissions of the account the database is running under. And because Microsoft requires the user running SQL server to be a local administrator for the service to start, you have gained "root" access.
You have to be an SA to do run this command (there are ways to give other access), so it's slightly limited. Although, I would be surprised if none of the affected machines webapps weren't connecting as sa...
Finally, something to do while circling the Philadelphia airport for 30 minutes waiting for your turn to land. I've never had as many late flights as when I was flying into and out of PHL.
I think you missed his point. He was saying that so many programs are MySQL only that, even if you use PostgreSQL (or anything else) you still might end up needing a MySQL server because many apps only support MySQL.
As far as personal projects, use personally use PostgreSQL. I think you'll be very happy, as there is plenty of room to grow with that RDBMS.
Last time I was in the market for a new printer, I got a laser all in one (HP 3052). That was 6 months ago, and I'm still on the toner cartridge that came with it. Of course, the woman and I are relatively light on the printer (only a few hundred pages since we got it)
It cost me about $300 to buy, so there's a significant initial investment. But it's very fast, reliable, and toner is very cheap compared to ink, and lasts a long time.
My previous laser lasted me 10 years. I expect this one to do the same.
I have used a Rimuhosting VPS for my personal server for over 3 years now, and I've been very happy with the reliability and performance I've gotten (and that was even before they switched to Xen, after the switch performance got even better!)
I have not used the support staff much, but the few times I've interacted with them they've been knowledgeable and always get stuff done quickly.
Our Server room has a small box on the wall that mainly monitors our UPS. It hooks up with alarm wire contacts (normally closed/normally open) And also has a temprature sensor. When an alarm triggers it calls pre-programmed phone numbers in sequence, and tells you which alarms are going off (and the room temprature). It also has a noise level monitoring system too, if the noise level gets too high, it will call you and let you listen to the room via it's built in microphone. All you need is a power outlet, and an analog phone line.
This box is the series we use. I don't work for them, it's just worked well for us, so I figured I'd share.
Data corruption has nothing to do with data integrity.
Data corruption is caused by either a software bug, or hardware problems, and it's a problem with the data as it's layed out in the database's backing file. This type of failure can happen with any RDBMS. I've personally had it happen a few times with MSSQL server. All times were easily repaired with either a re-index of the table, or a partial table restore.
Data integrity is the database ensuring that when you want to have an entry in another table for each row in a table, that you do.
While vesa is a standard method for accessing video card functions, it dosn't have all of the features that some native card drivers do, and some operations have do be done by the CPU instead of being hardware accelerated by the graphics adapter.
I have setup a thin client system using older hardware, and while testing out options I tested using the vesa X server vs the X server for the chipset. At least to me, there was a noticeable speed difference in bit-blt operations (such as when moving a window around on the screen).
Vesa would be acceptable in most cases, but with a little extra work, I can use the lower-end machines for a little bit more then I would otherwise be able to, by using a native video card X server when it's available.
Why not just let linux handle the raiding of the drives? No special hardware needed ourside of the drive controllers you already need to hook the drives up.
For more information check: man md
Also RAID 5 is distributed parity raid, no data loss if only one drive goes. it takes two failures to lose data on a raid 5 array.
You should try a nice Java IDE with a form designing tool, like Netbeans. You'd be supprised how fast you can make a full featured Java GUI application (once you get to used to the new IDE of course, every platform has learning curves, including VB).
Yes you can install both A.rpm and B.rpm. You just have to do it at the same time. "rpm -ivh A.rpm B.rpm" There are many packages that have cyclic dependancies, mostly libraries and their respective -devel packages.
urpmi is a wrapper around rpm, apt-get is a wrapper around dpkg. I don't have enough experience playing with Gentoo to say anything about it's package management system.
Yea, remote management isn't fun. Especially when you want to upgrade the os on the machine. My method has always been to build a replacement, ship it, and then have the on-site guys swap the boxes. But that only works in some situations. Otherwise I use things like HP's Remote Insight boards (gives you network based monitor, keyboard, and mouse in hardware. You can even power off/on the machine with it.)
Yea, I'm still a little afraid of doing network upgrades on production servers. Of course, I'm scared of ANY upgrades on production servers.
I'm currently nursing a RedHat 8 box along, custom building security fix packages as I need to. Once I get a little time I plan on upgrading it, but a little rework needs to be done on a few apps that run on it before that can happen.
I upgraded my laptop from Fedora Core 2 to Fedora Core 3 just fine. Put the FC3 cd in, boot it, and select "Upgrade", I did the same thing from Fedora Core 1 to Fedora Core 2. I even upgraded Redhat 9 to Fedora Core 1. What's the big deal here? It's worked exactly like this since I started on redhat in the 5.2 days, and probably before that too, but I didn't use RH before that version.
On other systems I've even done upgrades on Fedora Core with YUM.
Also, please tell me what's wrong with RPM. Don't bring apt-get into this, cause RPM isn't a repository installer. If you want to talk software repository based install, you need to compare dpkg to RPM, and apt-get to YUM.
I'm tired of people saying RPM sucks, and then comparing RPM to apt-get. I know, it's the "cool thing" to make fun of RPM.
Slashdot Mirror
I'm one of the people out at I/O that was given one, but I've only taken it out of the box to look at it so far (too many sessions, not enough time).
To go along with the expensive design part. The device has a lot of mass. It was designed to sit on a table, and be interacted with locally. The top half of the Q spins (I believe as a volume control, but I have not had a chance to set it up yet) If you look at the breakdown diagrams they briefly show in the introduction video - there's also a complex set of components inside of the device. So that increases the assembly cost as well.
It's not meant to be a simple video player, nor just a slave to the TV. Hooking it up to a TV is technically optional.
I'm glad it is being produced in the US - we need more companies demanding device manufacture and assembly in the US - it will only help drive down the US assembly costs due to volume. We used to (10 years ago) do a LOT of assembly in the US for all sorts of devices, but the economic downturns drove a lot of assembly over seas (increasing some costs, decreasing others).
He's not trying to complete on price w/ Microsoft; So there's nothing stopping him from buying an official controller for each one he builds to get the interface hardware. It just becomes part of the BOM cost.
Then he just has to replace the buttons and joysticks with ones that work for his end-users.
As one of the people that would MUCH prefer this style of practice:
Is there a good way to find Doctors that practice EBM, or will I have to call around and ask each one what their take is?
The issue is not that people can/can't stop at two beers. It's that they could have stopped at one beer, waited 75 minutes for it to metabolize fully, then drive home. At that point the device could still say they are over the limit, due to a programming bug. We don't know how well it was implemented, what the failure conditions are, how it handles those failure conditions, etc.
So the issue is: Would you like to be convicted of a crime you didn't commit, all because some people can't stop at two beers?
Twod think it was Arrrrbys! But it's actually Long John Silver's.
The question is, how much of that 37.64% is actually AVG in disguise...
I just bought one of these, and I'm really happy with it so far. I have it setup as a shared drive for the computers in the house. It's embedded Linux, easily hackable (just drop a shell script in a specific location, and it starts running your own stuff on startup) So getting telnet access is quick, and there's a Debian port for the processor it runs, if you want more.
With the 2-disk mirror I have setup, I get about 6MB/s write performance (not bad considering it's over SMB...), It supports gigabit, but my machines do not, so no tests without the Network bottleneck.
They also just put out a 4-slot version, the DNS-343, which allows for RAID5.
You're looking for an Inductive Amplifier. They are commonly used for tracing wires to pick up the tone from the tone generator you put on the other end of the wire.
Yes, xp_cmdshell is disabled by default in SQL 2005, but do you seriously think every site is running SQL 2005 on their servers?
Now, on the SQL being a local administrator. In researching this one to show you where it says it, Microsoft seems to have change their guidelines since I last looked them up (and good for them, I'm gonna start pushing the new guidelines at work to the DBA team)
Years before, with SQL 2000 (And pretty much every bit of what I said applied to SQL 2000), Microsoft said you had to have setup the SQL service account as a local administrator on the machine. There are still some remnants of this policy: http://support.microsoft.com/kb/239885 Where it's explicitly said to make sure the user is a local administrator (NT4, SQL 2000 and SQL 7).
Now, Microsoft says "If you don't want the SQL service account to be a member of the local administrators group" (and they do recommend against it as well, but how many lazy admins are gonna do that...) You merely have to grant the account the following rights:
Act as Part of the Operating System = SeTcbPrivilege
Bypass Traverse Checking = SeChangeNotify
Lock Pages In Memory = SeLockMemory
Log on as a Batch Job = SeBatchLogonRight
Log on as a Service = SeServiceLogonRight
Replace a Process Level Token = SeAssignPrimaryTokenPrivilege
And make sure the file system and registry permissions are granted to your service account user.
Yes, MSSQL installs by default with only windows security mode enabled. So you have a few options for connecting your application to the DB:
1. Add the user the web app runs under to the SQL server, and used integrated security.
2. Turn on SQL security, and create a user for the application to use.
3. (seriously, I've seen this in my travels) Setup a COM+ component that does database access, running under the same account as the SQL server, so they "don't have to worry about permission problems"
I've seen programmers do all three in my time, depending on what they are more comfortable with. Sometimes, I see them just use the magical SA account, to login to the database. Again, having a proper DBA would prevent stupid things like this, but not every place has a proper DBA (or a person that can truly act like one part time)
I've seen all sorts of stupid things, including most of the above, some by admins that should know better, some by admins that have very little clue what a database is, and just "need to get this app working" Some were recommendations by the vendor of a product at the time of install. Many of these practices have gotten better over the years, but some have not.
Now, if you have only ever dealt with SQL 2005 (which is MUCH more secure by default, but still prone to admins and programmers doing stupid things, and no one can prevent that) Then yea, most of the stuff I said does not
apply.
Yea, you can probably set enough permissions to not require local admin rights, but seriously, the places we're talking about already are too lazy to sanitize database inputs, do you really thing all of their practices are top-notch security wise?
And so concludes another episode of "Hey, with how lazy some people are, I could see if happen."
Amusingly, with the set of services used in this exploit, it's possible to gain "root" access if the user the webapp is connecting to the database with has the SA role on the SQL server.
On a Microsoft SQL server, there's a system stored procedure called xp_cmdshell, this allows you to run arbitrary commands under the permissions of the account the database is running under. And because Microsoft requires the user running SQL server to be a local administrator for the service to start, you have gained "root" access.
You have to be an SA to do run this command (there are ways to give other access), so it's slightly limited. Although, I would be surprised if none of the affected machines webapps weren't connecting as sa...
A lawn, overgrown with an ingredient that is currently expensive, and critical to beer making...
That's a problem I'd love to have!
Finally, something to do while circling the Philadelphia airport for 30 minutes waiting for your turn to land. I've never had as many late flights as when I was flying into and out of PHL.
I think you missed his point. He was saying that so many programs are MySQL only that, even if you use PostgreSQL (or anything else) you still might end up needing a MySQL server because many apps only support MySQL.
As far as personal projects, use personally use PostgreSQL. I think you'll be very happy, as there is plenty of room to grow with that RDBMS.
Last time I was in the market for a new printer, I got a laser all in one (HP 3052). That was 6 months ago, and I'm still on the toner cartridge that came with it. Of course, the woman and I are relatively light on the printer (only a few hundred pages since we got it)
It cost me about $300 to buy, so there's a significant initial investment. But it's very fast, reliable, and toner is very cheap compared to ink, and lasts a long time.
My previous laser lasted me 10 years. I expect this one to do the same.
I have used a Rimuhosting VPS for my personal server for over 3 years now, and I've been very happy with the reliability and performance I've gotten (and that was even before they switched to Xen, after the switch performance got even better!)
I have not used the support staff much, but the few times I've interacted with them they've been knowledgeable and always get stuff done quickly.
Our Server room has a small box on the wall that mainly monitors our UPS. It hooks up with alarm wire contacts (normally closed/normally open) And also has a temprature sensor. When an alarm triggers it calls pre-programmed phone numbers in sequence, and tells you which alarms are going off (and the room temprature). It also has a noise level monitoring system too, if the noise level gets too high, it will call you and let you listen to the room via it's built in microphone. All you need is a power outlet, and an analog phone line.
This box is the series we use. I don't work for them, it's just worked well for us, so I figured I'd share.
Data corruption has nothing to do with data integrity.
Data corruption is caused by either a software bug, or hardware problems, and it's a problem with the data as it's layed out in the database's backing file. This type of failure can happen with any RDBMS. I've personally had it happen a few times with MSSQL server. All times were easily repaired with either a re-index of the table, or a partial table restore.
Data integrity is the database ensuring that when you want to have an entry in another table for each row in a table, that you do.
While vesa is a standard method for accessing video card functions, it dosn't have all of the features that some native card drivers do, and some operations have do be done by the CPU instead of being hardware accelerated by the graphics adapter.
I have setup a thin client system using older hardware, and while testing out options I tested using the vesa X server vs the X server for the chipset. At least to me, there was a noticeable speed difference in bit-blt operations (such as when moving a window around on the screen).
Vesa would be acceptable in most cases, but with a little extra work, I can use the lower-end machines for a little bit more then I would otherwise be able to, by using a native video card X server when it's available.
Why not just let linux handle the raiding of the drives? No special hardware needed ourside of the drive controllers you already need to hook the drives up.
For more information check: man md
Also RAID 5 is distributed parity raid, no data loss if only one drive goes. it takes two failures to lose data on a raid 5 array.
Actually they are including anything up to midnight PST on April 7th Per the Captain/CEO (Look for Cleaver's post, right at the top)
You should try a nice Java IDE with a form designing tool, like Netbeans. You'd be supprised how fast you can make a full featured Java GUI application (once you get to used to the new IDE of course, every platform has learning curves, including VB).
Fedora with yum: yum install app
Yes you can install both A.rpm and B.rpm. You just have to do it at the same time. "rpm -ivh A.rpm B.rpm" There are many packages that have cyclic dependancies, mostly libraries and their respective -devel packages.
urpmi is a wrapper around rpm, apt-get is a wrapper around dpkg. I don't have enough experience playing with Gentoo to say anything about it's package management system.
Yea, remote management isn't fun. Especially when you want to upgrade the os on the machine. My method has always been to build a replacement, ship it, and then have the on-site guys swap the boxes. But that only works in some situations. Otherwise I use things like HP's Remote Insight boards (gives you network based monitor, keyboard, and mouse in hardware. You can even power off/on the machine with it.)
Yea, I'm still a little afraid of doing network upgrades on production servers. Of course, I'm scared of ANY upgrades on production servers.
I'm currently nursing a RedHat 8 box along, custom building security fix packages as I need to. Once I get a little time I plan on upgrading it, but a little rework needs to be done on a few apps that run on it before that can happen.
I upgraded my laptop from Fedora Core 2 to Fedora Core 3 just fine. Put the FC3 cd in, boot it, and select "Upgrade", I did the same thing from Fedora Core 1 to Fedora Core 2. I even upgraded Redhat 9 to Fedora Core 1. What's the big deal here? It's worked exactly like this since I started on redhat in the 5.2 days, and probably before that too, but I didn't use RH before that version.
On other systems I've even done upgrades on Fedora Core with YUM.
Also, please tell me what's wrong with RPM. Don't bring apt-get into this, cause RPM isn't a repository installer. If you want to talk software repository based install, you need to compare dpkg to RPM, and apt-get to YUM.
I'm tired of people saying RPM sucks, and then comparing RPM to apt-get. I know, it's the "cool thing" to make fun of RPM.