OpenSSL does not create Mod_SSL... they are not affiliated, as far as I know... ASF creates Mod_SSL for Apache 2.0.x (while www.modssl.org creates the Apache 1.3.x ones).
I assume you are referring to the new versions of OpenSSL released? I do not know for a fact that the OpenSSL release affects Mod_SSL releases, particularly since Mod_SSL for 2.0.x is related to ASF releases of Apache 2.0.x.
Someone please correct me if I'm drastically wrong here regarding Apache 2.0.x and Mod_SSL 2.0.x (and point me to the documentation that proves otherwise).
The clips will work with Windows Media Player (7.1 and up with the 9.0 codecs ON Windows (for now)) so if you don't have Windows and Windows Media Player, not using IE is a mute point anyhow!.
I, checked out the clips (in case you are remotely interested)... here's what I thought.
First, my hardware and software:
AMD Athlon XP 1900+ 512MB DDR 266 Memory ATI Radeon 8500 LE 128 MB DDR Ram AGP 4X (Running at 1024 x 768 32-bit "True" color) Creative Soundblaster Live! 5.1 PCI Asus Nforce motherboard Windows Media Player for XP 8.00.00.4487 Windows XP Professional Service Pack 1 I custom built this machine
The first couple of clips (2 versions of the "Liquid" trailer in different bit rates) were a bit choppy at times and were very grainy. I was not overly impressed until I saw the next few clips...
Pinball, Indy, and Snowboard (in descending order of most impressive first) were a whole different story. There was VERY little grain in these demos and they were all 3D renderings (which is different than the "Liquid" trailer that was conventional chemical film digitized). The sound was also more dynamic and the video performance (frame rates was much better, as advertised, when using high bit rates and low "grain".
I suspect much of the performance degradation in the first film was due to the grain of the original film.
This would seem to be an interesting option for films that were all digitally filmed (like Pixar films / Shrek / Final Fantasy / Star Wars Episode II, etc) and have a high resolution, extremely low "grain" master to go from!
As for performance, all the video clips used between 70 and 90 percent of CPU resources (before the film clips were opened, the CPU usage was measured at or below 2 percent, consistently). The lower "grain" clips were smooth video playback and audio synced well to the video. The higher "grain" clips had, at times, choppy video playback, but the audio stayed synced (so the video framerate is sacrificed in lieu of "sufficient" resources).
In conclusion, I have pretty modest, yet by no means slow hardware, and I am able to view this video in most cases in high quality (and the visual quality was stunning on the computer rendered clips) and full frame rates. I find the quality to be exceptional and on video cards that can actually output HDTV (or HDTVs that can input DVI from computers) the quality must be fantastic! This doesn't seem, however, to be a viable option for set top units as there is a massive amount of processing power required to get decent frame rates! DVD players max out at around $300 now for high end equipment, why would you pay $1000 for a set top box with enough horsepower to decode this type of video?
In contrast, I have a Sigma Designs, Real Magic X-Card Hardware MPEG-2 and MPEG-4 Progressive scan Decoder (PCI Card) with Digital HDTV video out and Digital Audio (Dolby Digital 5.1) outs. Watching DVDs through this uses less than 10% of my CPU time and very little memory as most of the resources used come from the decoder card. The quality is stunning on a regular TV (I do not own HDTV so I can't vouch for how it looks on that, but can imagine some great quality! I am able to watch the DVD output on my monitor through the decoder card and a video "overlay" and the quality is likewise stunning and at much higher resolution!).
I just don't see how anyone would pay for a set top box (with this format running off of linux) with enough horsepower to play this format when a high end DVD player or LaserDisc player will get the job done much cheaper (at least for now)!
Maybe users should have to each run their own instance of Apache on separate IP addresses (they have to if they want to run an HTTPS secured web site, anyway).
Of course, this negates the whole point of IPv4 address conservation that name-based virtual hosts afford.
What if you could do name-based virtual hosting with each user running their own instance of Apache (using a single IP for Port 80 virtual hosts (machine-wide), which is probably most of what is on the server anyhow)? Port 443 virtual hosts will need their own IPs anyhow.
Anyone know if that's doable, and if so, how?
Of course, the other option is to run all web sites as "users" (http://yoursite.net/~username/) instead of virtual hosts. Then you can force users to run cgis through a cgi-wrapper like CGIWrap. Needless to say, this is not suitable for an ISP environment and for people / organizations that own their own domain names.
Re:Soo... When can NT users use this?
on
Apache 2.0.45 Released
·
· Score: 2, Interesting
Update: In Win32, the compiled 2.0.44 mod_ssl.so (DSO) works just fine with the Apache Group 2.0.45 MSI installer package. Just add the DSO, your conf file(s), OpenSSL keys, and you're good to go!
Looks like the API is actually remaining stable (as advertised) at least in Win32, in mod_ssl! Way to go Apache Group!!!
I used the compiled mod_ssl from 2.0.44 on 2.0.45... this is on the Win2k Apache. In this case, mod_ssl 2.0.44 openssl 0.9.7a win32.
It looks like the modules really DON'T have to be recompiled all the time... hopefully, the vulnerabilities don't extend to the mod_ssl 2.0.44 code as well... sigh.
Re:Soo... When can NT users use this?
on
Apache 2.0.45 Released
·
· Score: 5, Informative
Well, I've been using Apache 2.0.x Mod_SSL OpenSSL since, Apache 2.0.35, on Windows NT 5 (Win2k). Get a compiler the instructions are available publicly.
The only reason it is not pre-compiled for binary release (win32) with OpenSSL by Apache Group is legal concerns over strong encryption:
"This version is only available at present in a -no_ssl flavor, due to ongoing questions of strong crypto redistribution. When a binary build with mod_ssl compiled in is made available, the -no_ssl flavor will remain as an option for those in jurisdictions that restrict ssl encryption, as well as those T8 prohibited from downloading from the ASF's US-based servers."Source:
Apache 2.0.44 and the latest OpenSSL 0.9.7a were, well, a bit of a challenge to compile, but it's done (and that was mostly to do with OpenSSL 0.9.7a). Now on to 2.0.45!
Had the original poster READ the article he was posting about rather than skimmed, he would have seen that the test pitted top of the line consumer grade X-86 hardware against top of the line Dual G4 Mac hardware... to quote the article:
"The showdown pitted a single-processor Dell 3.06GHz Pentium 4 and a 1.25GHz dual-processor Power Mac G4 (the fastest Mac then available). The contest compared renderings of files created in Adobe After Effects, Illustrator and Photoshop software."Source:
Incidentally, a single processor P4 machine is not by any means top of the line PC hardware. Perhaps they are too embarrassed to show what would happen with top of the line X-86 hardware (non-server class, lets stick to workstation vs. workstation hardware)... A Dual Intel Xeon processor (Xeons are currently running at a peak of 3.06 Ghz) box with a workstation class graphics accelerator instead of the gaming graphics cards you can get for the mac (GeForce 4 IS a gaming graphics card!... THIS is a workstation graphics card)... I betcha price is comparable at that level of X-86 hardware.
Not to mention, to add insult to injury for Apple, the single processor Pentium 4 3.06 Ghz PC (which I'm sure retailed for $1000 - $2000 USD less than the Apple box) whipped the Power Mac in EVERY category of the comparison. I'm sure Apple's own proprietary "equivalent" software runs faster on MacOS than the Adobe software. Perhaps they should open some of the tricks they are hiding to accomplish that to Adobe, one of the companies that made Apple what it is today!
Oh yeah, and one day, if Apple has the balls, they should compare top PC-Workstation hardware to top Mac-Workstation hardware. To make it fair (and cut the whining), limit the PC-Workstation to the retail price of a top of the line Mac-Workstation (that is currently $3,799 without a monitor!)... then compare those machines and see the embarrasing truth (well, embarrasing to Apple, who claims that the "turbocharged Power Mac rips through digital video and 3D projects faster than Pentiums can say 'uncle.' " Source:)
I wish Apple would move to X86... if they can convince people of that much BS and stir up what can only be called religious Mac worship, they would probably do great (and make much more profit) if they switch OSX to X86 and built the same PowerMacs on X86 hardware... maybe the Opteron, who knows:) They've got enough of a name where they could just pull it off and, aesthetically speaking, they are ahead of the X86 world, for now. Plus, being *nix based now, it should be a simpler move than it would have been before!
Re:Unproven = untrustworthy = low SAT scores!
on
Synthetic Vision
·
· Score: 1
The main reason the military does what it does is the following:
If a soldier is carrying a piece of equipment into battle, it has to be tested by soldiers under simulated military environments for years to make sure it is durable, in the worst possible environments, stress, and possible misuses for years. As the saying goes... "..it happens".
While the quality of a device may indeed be extremely high and it is supposed to last forever, until it is put through every form of hell that military testing can dream of, it will not be rushed into service.
This is why, to the US military, unproven = untrustworthy. They would rather put a weapon that can (and has proven to be able to) be put through the living hell of war... (explosions, environmental hazards, shock, being dropped, being handled by people far less than gingerly)... and still function to spec in the hands of its soldiers.
This is why John and Susie Q Taxpayer put up with the years of testing. When it's their son in combat using the new "untested laser" weapon and it falls into mud, or crude oil (muddying the lens that focuses the beam) and their son is killed by an enemy shooting a WWII era rifle that has proven to fire 100% of the time with any level of damage to it because he couldn't shoot first... John and Susie Q Taxpayer will sue the living bejeezus out of the U.S. government, or at the very least, get on TV 24/7 for 15 minutes of fame to "let everyone know" that the U.S. sends their boys out to combat with "unproven" and faulty (is how they will see it) weapons their lives depend on.
Besides, as for the US putting out old technology (because of the amount of time it is tested)... it just so happens that in a lot of aspects, the US is far ahead of the international curve on Technology anyhow (remember, by the time we find out about weapons very existence, they are no longer sensitive to "national security"... (ie, there's much better stuff in the lab, or just released to the field that we aren't allowed to see)).
Take the F-22... it's publicly known of now, but that plane is about 10 years old. Remember the age of the Stealth fighter and Bomber!
As per the Iraqis using new technology in combat... sure it's a possibility... but also remember public GPS has been dumbed down for the war to extreme innacuracy (100 yds of accuracy now, AT best, 300 yds at worst). The military band of GPS is, of course, still highly accurate!
Besides, an iPaq won't protect you from a 4000 lb satellite guided bomb. Not to mention, we have these little bombs that explode above their targets... H-bombs, I think they call them... if all else fails.
"The Windows Server 2003 family provides a significantly enhanced command-line infrastructure, letting administrators perform most management tasks without using a graphical user interface. Of special importance is the ability to perform a wide range of tasks by accessing the information store enabled by Windows Management Instrumentation (WMI)."Source:
Re:Unproven = untrustworthy = low SAT scores!
on
Synthetic Vision
·
· Score: 1
You have contradicted yourself, TIME "It has become one of the most critically acclaimed gadgets of the past two years..." has PROVEN it.
In the eyes of the military, the analogy "(Unproven = untrustworthy)" IS very much true. Since this is a device that would primarily be used by the military it falls greatly into that step of logic.
Scenario: You are in the military, at war, in a firefight... with your life and the life of your comrades in jeopardy, would you rather fight with an older rifle that time has proven never jams, or with the brand new one with the fancy gadgets on it (that has never been used before other than at the "proving grounds" of the contractor that manufactured it. It had "perfect" test results in their in house testing since day one but has never been discharged by a soldier before, needless to say, in combat)?
I choose the "proven" rifle every time I am faced with a choice like that and know if I operate it correctly I will get the results I expect.
Lest we forget as well that some departments need to do testing for weeks or months before they apply patches.
At least they've made some sort of workaround that lets you test the patch out first before applying it to production servers. Granted they just provide the workaround for NT4 servers but hey, it's marginally better than them saying to NT4 server owners "too bad, upgrade now or be vulnerable" (though that is undoubtedly the plan).
I will have to say, though, one of the prettiest cases I've ever seen was this one... it'd make a pretty cool Linux box today (with some hardware modification)!
Okey dokey, but I'm still talking about story in a game.
Well, kids with short attention spans also watch TV for hours on end (and in a row)... the fact that they are on the surface doing only one thing (watching TV) doesn't make it an activity that doesn't cater to people with short attention spans. TV shows are constantly broken up into manageable pieces for such people, then even more manageably sized commercials.
I think many of these games are very similar in a lot of respects. They allow people to finish smaller goals very quickly so they don't lose their attention span. When a task is huge (like the end of Final Fantasy X) instead of one 30 minute fight, it is a bunch of very short fights against smaller segments of the monster or whatever is being slain.
Oh, and I don't mean that I only want to see adventure games revived... I'd be more interested in seeing new genres that focus more on story-telling than on the action.
"Ok then, how about a new game genre. One with a story (by the way, a story is not, 20 online friends walk into a room to kill a monster or each other) maybe?"
Sorry if you thought the word "Anymore" insinuated that I thought older games "were totally void of any such cases". If you'll notice I also posted up something about wanting adventure games back.
Perhaps I'm reminiscing about adventure games and wishing we could get some of these going again (I don't mind FPS and all the other new genres out there, I won't play them but anyone who wants to is more than welcome to, I just want to see if someone goes in a direction again where story is most important rather than just being filler between fighting and battles... how about funny games? Leisure Suit Larry anyone?!? Sam and Max)
I think there must be at least some people out there who, like me, don't find any of the current gaming options even remotely what they're looking for.
Of course! I'd give it away for free first (until you're hooked) then slowly phase in a subscription and get the recurring paypal payments until I retire and buy an island!
But really, I think it would actually be cool to explore multiplayer as a problem solving game... It'd be like the SourceForge of games.
Ok then, how about a new game genre. One with a story (by the way, a story is not, 20 online friends walk into a room to kill a monster or each other) maybe?
It seems that with these ridiculously fast graphics cards out there a move towards games that are like being immersed in the *story* not just visual effects and sound effects of a movie would be possible.
I guess the types of games we have reflect the times and how kids are these days (with very short attention spans)... Games are very much about doing something and getting an instant payoff right now (walk into a room, see something or someone, shoot and kill them (it's not even important why you're shooting and killing them anymore other than they are the "bad guys").
And, hey, if they MUST use first person, why not a first person multi-player game WITH a story... imagine king's quest first person where you walk around a 3d environment... what if you took your friends along with you for the quest? That way you can chat with them and you can all cooperatively solve problems / puzzles / decide on things?
Well, fortunately for the people in the project, many of the good game engines out there originated from the work of people like them (that started from scratch).
And who knows, maybe they'll even develop some kind of new game genre that is better than recycling the game engines everyone else licenses or clones (ahem, FPS, can we come up with a new genre?).
The thing is, while it is ultimately better for the greater security that the public knows of these security holes so they can demand they are fixed there is an element of bureaucracy that slows or halts the correction of flaws.
In the computer world this is also clearly possible, but it seems that Open Source Software projects typically transcend sophomoric bickering to quickly address security issues and correct them.
In the government world... while I'd love to believe that everyone knowing of security problems would force governments (particularly the one I live in, the U.S.) to immediately plug the holes in security, this is not likely to be the case.
Can you imagine as a security issue is widely publicized, the government sets up an exploration committee to see if people really care about it enough so if they budget for its repair it will not hurt them politically?
Also, a major issue here is that security problems outside of the computer world require time to implement! The cement trucks don't start mobilizing the second information is posted on the web to plug (physical) holes in walls! They don't roll until someone pays them and before that, until someone decides what to do. Even when that happens, physical security is not something that can always be immediately plugged!
So, to surmise, no, I'm not comfortable knowing that security problems exist and are simply kept secrets, but at the same time, at least in dealing with factors such as I've discussed above, I think that making all of it publicly available will not help in the way that is ideologically thought by the original poster of this story.
The success of such practices in the computer world are largely in part to the existing infrastructure of, for instance, Open Source Software projects. They allow this system to work.
For this to work with other systems, it would require some fundamental changes to how the bureaucracy of such systems works and has "set up shop". This will take some time (and first and foremost, *strong* reasons to demand such a change).
And, the thing is, the best reason to use the web for up to date exploit information instead of a book (if you must know of all the exploits as this person wants to) is that by the time a book actually hits a shelf at a bookstore on "current" exploits, it is already extremely out of date.
I agree, understanding how your server software works will help you understand what can potentially be exploited on it! It is infinitely more useful to understand how Apache works than to *only* get a list of currently known exploits. Both should be intelligently employed together.
I think also important is, following strict policies of enabling functionality only when it is necessary *and* securable. If new features are not currently securable, they are potentially dangerous and probably not worth the risk they pose to data on an otherwise secure system in exchange for their benefits.
Slashdot Mirror
So, let me get this straight...
By 2010, we should double the current tech jobs... so 2 * 0 = 0
How convenient, why not be bold and say they will triple!
Or, is 2010 supposed to be when the tech job sector will return?
OpenSSL does not create Mod_SSL... they are not affiliated, as far as I know... ASF creates Mod_SSL for Apache 2.0.x (while www.modssl.org creates the Apache 1.3.x ones).
I assume you are referring to the new versions of OpenSSL released? I do not know for a fact that the OpenSSL release affects Mod_SSL releases, particularly since Mod_SSL for 2.0.x is related to ASF releases of Apache 2.0.x.
Someone please correct me if I'm drastically wrong here regarding Apache 2.0.x and Mod_SSL 2.0.x (and point me to the documentation that proves otherwise).
The clips will work with Windows Media Player (7.1 and up with the 9.0 codecs ON Windows (for now)) so if you don't have Windows and Windows Media Player, not using IE is a mute point anyhow!.
I, checked out the clips (in case you are remotely interested)... here's what I thought.
First, my hardware and software:
AMD Athlon XP 1900+
512MB DDR 266 Memory
ATI Radeon 8500 LE 128 MB DDR Ram AGP 4X (Running at 1024 x 768 32-bit "True" color)
Creative Soundblaster Live! 5.1 PCI
Asus Nforce motherboard
Windows Media Player for XP 8.00.00.4487
Windows XP Professional Service Pack 1
I custom built this machine
The first couple of clips (2 versions of the "Liquid" trailer in different bit rates) were a bit choppy at times and were very grainy. I was not overly impressed until I saw the next few clips...
Pinball, Indy, and Snowboard (in descending order of most impressive first) were a whole different story. There was VERY little grain in these demos and they were all 3D renderings (which is different than the "Liquid" trailer that was conventional chemical film digitized). The sound was also more dynamic and the video performance (frame rates was much better, as advertised, when using high bit rates and low "grain".
I suspect much of the performance degradation in the first film was due to the grain of the original film.
This would seem to be an interesting option for films that were all digitally filmed (like Pixar films / Shrek / Final Fantasy / Star Wars Episode II, etc) and have a high resolution, extremely low "grain" master to go from!
As for performance, all the video clips used between 70 and 90 percent of CPU resources (before the film clips were opened, the CPU usage was measured at or below 2 percent, consistently). The lower "grain" clips were smooth video playback and audio synced well to the video. The higher "grain" clips had, at times, choppy video playback, but the audio stayed synced (so the video framerate is sacrificed in lieu of "sufficient" resources).
In conclusion, I have pretty modest, yet by no means slow hardware, and I am able to view this video in most cases in high quality (and the visual quality was stunning on the computer rendered clips) and full frame rates. I find the quality to be exceptional and on video cards that can actually output HDTV (or HDTVs that can input DVI from computers) the quality must be fantastic! This doesn't seem, however, to be a viable option for set top units as there is a massive amount of processing power required to get decent frame rates! DVD players max out at around $300 now for high end equipment, why would you pay $1000 for a set top box with enough horsepower to decode this type of video?
In contrast, I have a Sigma Designs, Real Magic X-Card Hardware MPEG-2 and MPEG-4 Progressive scan Decoder (PCI Card) with Digital HDTV video out and Digital Audio (Dolby Digital 5.1) outs. Watching DVDs through this uses less than 10% of my CPU time and very little memory as most of the resources used come from the decoder card. The quality is stunning on a regular TV (I do not own HDTV so I can't vouch for how it looks on that, but can imagine some great quality! I am able to watch the DVD output on my monitor through the decoder card and a video "overlay" and the quality is likewise stunning and at much higher resolution!).
I just don't see how anyone would pay for a set top box (with this format running off of linux) with enough horsepower to play this format when a high end DVD player or LaserDisc player will get the job done much cheaper (at least for now)!
Maybe users should have to each run their own instance of Apache on separate IP addresses (they have to if they want to run an HTTPS secured web site, anyway).
Of course, this negates the whole point of IPv4 address conservation that name-based virtual hosts afford.
What if you could do name-based virtual hosting with each user running their own instance of Apache (using a single IP for Port 80 virtual hosts (machine-wide), which is probably most of what is on the server anyhow)? Port 443 virtual hosts will need their own IPs anyhow.
Anyone know if that's doable, and if so, how?
Of course, the other option is to run all web sites as "users" (http://yoursite.net/~username/) instead of virtual hosts. Then you can force users to run cgis through a cgi-wrapper like CGIWrap. Needless to say, this is not suitable for an ISP environment and for people / organizations that own their own domain names.
Update: In Win32, the compiled 2.0.44 mod_ssl.so (DSO) works just fine with the Apache Group 2.0.45 MSI installer package. Just add the DSO, your conf file(s), OpenSSL keys, and you're good to go!
Looks like the API is actually remaining stable (as advertised) at least in Win32, in mod_ssl! Way to go Apache Group!!!
Actually (and an update from previous post),
I used the compiled mod_ssl from 2.0.44 on 2.0.45... this is on the Win2k Apache. In this case, mod_ssl 2.0.44 openssl 0.9.7a win32.
It looks like the modules really DON'T have to be recompiled all the time... hopefully, the vulnerabilities don't extend to the mod_ssl 2.0.44 code as well... sigh.
Well, I've been using Apache 2.0.x Mod_SSL OpenSSL since, Apache 2.0.35, on Windows NT 5 (Win2k). Get a compiler the instructions are available publicly.
The only reason it is not pre-compiled for binary release (win32) with OpenSSL by Apache Group is legal concerns over strong encryption:
"This version is only available at present in a -no_ssl flavor, due to ongoing questions of strong crypto redistribution. When a binary build with mod_ssl compiled in is made available, the -no_ssl flavor will remain as an option for those in jurisdictions that restrict ssl encryption, as well as those T8 prohibited from downloading from the ASF's US-based servers." Source:
Apache 2.0.44 and the latest OpenSSL 0.9.7a were, well, a bit of a challenge to compile, but it's done (and that was mostly to do with OpenSSL 0.9.7a). Now on to 2.0.45!
Had the original poster READ the article he was posting about rather than skimmed, he would have seen that the test pitted top of the line consumer grade X-86 hardware against top of the line Dual G4 Mac hardware... to quote the article:
"The showdown pitted a single-processor Dell 3.06GHz Pentium 4 and a 1.25GHz dual-processor Power Mac G4 (the fastest Mac then available). The contest compared renderings of files created in Adobe After Effects, Illustrator and Photoshop software." Source:
Incidentally, a single processor P4 machine is not by any means top of the line PC hardware. Perhaps they are too embarrassed to show what would happen with top of the line X-86 hardware (non-server class, lets stick to workstation vs. workstation hardware)... A Dual Intel Xeon processor (Xeons are currently running at a peak of 3.06 Ghz) box with a workstation class graphics accelerator instead of the gaming graphics cards you can get for the mac (GeForce 4 IS a gaming graphics card!... THIS is a workstation graphics card)... I betcha price is comparable at that level of X-86 hardware.
Not to mention, to add insult to injury for Apple, the single processor Pentium 4 3.06 Ghz PC (which I'm sure retailed for $1000 - $2000 USD less than the Apple box) whipped the Power Mac in EVERY category of the comparison. I'm sure Apple's own proprietary "equivalent" software runs faster on MacOS than the Adobe software. Perhaps they should open some of the tricks they are hiding to accomplish that to Adobe, one of the companies that made Apple what it is today!
Oh yeah, and one day, if Apple has the balls, they should compare top PC-Workstation hardware to top Mac-Workstation hardware. To make it fair (and cut the whining), limit the PC-Workstation to the retail price of a top of the line Mac-Workstation (that is currently $3,799 without a monitor!)... then compare those machines and see the embarrasing truth (well, embarrasing to Apple, who claims that the "turbocharged Power Mac rips through digital video and 3D projects faster than Pentiums can say 'uncle.' " Source:)
I wish Apple would move to X86... if they can convince people of that much BS and stir up what can only be called religious Mac worship, they would probably do great (and make much more profit) if they switch OSX to X86 and built the same PowerMacs on X86 hardware... maybe the Opteron, who knows :) They've got enough of a name where they could just pull it off and, aesthetically speaking, they are ahead of the X86 world, for now. Plus, being *nix based now, it should be a simpler move than it would have been before!
The main reason the military does what it does is the following:
If a soldier is carrying a piece of equipment into battle, it has to be tested by soldiers under simulated military environments for years to make sure it is durable, in the worst possible environments, stress, and possible misuses for years. As the saying goes... "..it happens".
While the quality of a device may indeed be extremely high and it is supposed to last forever, until it is put through every form of hell that military testing can dream of, it will not be rushed into service.
This is why, to the US military, unproven = untrustworthy. They would rather put a weapon that can (and has proven to be able to) be put through the living hell of war... (explosions, environmental hazards, shock, being dropped, being handled by people far less than gingerly)... and still function to spec in the hands of its soldiers.
This is why John and Susie Q Taxpayer put up with the years of testing. When it's their son in combat using the new "untested laser" weapon and it falls into mud, or crude oil (muddying the lens that focuses the beam) and their son is killed by an enemy shooting a WWII era rifle that has proven to fire 100% of the time with any level of damage to it because he couldn't shoot first... John and Susie Q Taxpayer will sue the living bejeezus out of the U.S. government, or at the very least, get on TV 24/7 for 15 minutes of fame to "let everyone know" that the U.S. sends their boys out to combat with "unproven" and faulty (is how they will see it) weapons their lives depend on.
Besides, as for the US putting out old technology (because of the amount of time it is tested)... it just so happens that in a lot of aspects, the US is far ahead of the international curve on Technology anyhow (remember, by the time we find out about weapons very existence, they are no longer sensitive to "national security"... (ie, there's much better stuff in the lab, or just released to the field that we aren't allowed to see)).
Take the F-22... it's publicly known of now, but that plane is about 10 years old. Remember the age of the Stealth fighter and Bomber!
As per the Iraqis using new technology in combat... sure it's a possibility... but also remember public GPS has been dumbed down for the war to extreme innacuracy (100 yds of accuracy now, AT best, 300 yds at worst). The military band of GPS is, of course, still highly accurate!
Besides, an iPaq won't protect you from a 4000 lb satellite guided bomb. Not to mention, we have these little bombs that explode above their targets... H-bombs, I think they call them... if all else fails.
According to the MS Web Site for Win2k3 Server...
"The Windows Server 2003 family provides a significantly enhanced command-line infrastructure, letting administrators perform most management tasks without using a graphical user interface. Of special importance is the ability to perform a wide range of tasks by accessing the information store enabled by Windows Management Instrumentation (WMI)." Source:
You have contradicted yourself, TIME "It has become one of the most critically acclaimed gadgets of the past two years..." has PROVEN it.
In the eyes of the military, the analogy "(Unproven = untrustworthy)" IS very much true. Since this is a device that would primarily be used by the military it falls greatly into that step of logic.
Scenario: You are in the military, at war, in a firefight... with your life and the life of your comrades in jeopardy, would you rather fight with an older rifle that time has proven never jams, or with the brand new one with the fancy gadgets on it (that has never been used before other than at the "proving grounds" of the contractor that manufactured it. It had "perfect" test results in their in house testing since day one but has never been discharged by a soldier before, needless to say, in combat)?
I choose the "proven" rifle every time I am faced with a choice like that and know if I operate it correctly I will get the results I expect.
Lest we forget as well that some departments need to do testing for weeks or months before they apply patches.
At least they've made some sort of workaround that lets you test the patch out first before applying it to production servers. Granted they just provide the workaround for NT4 servers but hey, it's marginally better than them saying to NT4 server owners "too bad, upgrade now or be vulnerable" (though that is undoubtedly the plan).
How about if the old Laptop TFT screen gets built into the side of the PC case? Like those glass windows everyone bores out of the case.
Of course, then, ultimately, you'll end up with something like this...
Model III
- or -
Sony's new all-in-one
- or -
Datapoint 2200
- and an Osborne computer mentioned elsewhere in the thread -
Osborne executive 3
I will have to say, though, one of the prettiest cases I've ever seen was this one... it'd make a pretty cool Linux box today (with some hardware modification)!
Sharp MZ40K System 2
I guess all-in-ones are somewhat en-vogue again. It just figures an all-in-one-(esque) case mod for a regular tower case is in order.
That sounds like it :) I'll give it a try!
Okey dokey, but I'm still talking about story in a game.
Well, kids with short attention spans also watch TV for hours on end (and in a row)... the fact that they are on the surface doing only one thing (watching TV) doesn't make it an activity that doesn't cater to people with short attention spans. TV shows are constantly broken up into manageable pieces for such people, then even more manageably sized commercials.
I think many of these games are very similar in a lot of respects. They allow people to finish smaller goals very quickly so they don't lose their attention span. When a task is huge (like the end of Final Fantasy X) instead of one 30 minute fight, it is a bunch of very short fights against smaller segments of the monster or whatever is being slain.
I've tried Thief 2, it was a bit boring to me... It had some story, but wasn't what I was looking for.
Oh, and I don't mean that I only want to see adventure games revived... I'd be more interested in seeing new genres that focus more on story-telling than on the action.
Well,
As I said in the post you replied to:
"Ok then, how about a new game genre. One with a story (by the way, a story is not, 20 online friends walk into a room to kill a monster or each other) maybe?"
Sorry if you thought the word "Anymore" insinuated that I thought older games "were totally void of any such cases". If you'll notice I also posted up something about wanting adventure games back.
Perhaps I'm reminiscing about adventure games and wishing we could get some of these going again (I don't mind FPS and all the other new genres out there, I won't play them but anyone who wants to is more than welcome to, I just want to see if someone goes in a direction again where story is most important rather than just being filler between fighting and battles... how about funny games? Leisure Suit Larry anyone?!? Sam and Max)
I think there must be at least some people out there who, like me, don't find any of the current gaming options even remotely what they're looking for.
Of course! I'd give it away for free first (until you're hooked) then slowly phase in a subscription and get the recurring paypal payments until I retire and buy an island!
But really, I think it would actually be cool to explore multiplayer as a problem solving game... It'd be like the SourceForge of games.
Ok then, how about a new game genre. One with a story (by the way, a story is not, 20 online friends walk into a room to kill a monster or each other) maybe?
It seems that with these ridiculously fast graphics cards out there a move towards games that are like being immersed in the *story* not just visual effects and sound effects of a movie would be possible.
I guess the types of games we have reflect the times and how kids are these days (with very short attention spans)... Games are very much about doing something and getting an instant payoff right now (walk into a room, see something or someone, shoot and kill them (it's not even important why you're shooting and killing them anymore other than they are the "bad guys").
Yep,
And, hey, if they MUST use first person, why not a first person multi-player game WITH a story... imagine king's quest first person where you walk around a 3d environment... what if you took your friends along with you for the quest? That way you can chat with them and you can all cooperatively solve problems / puzzles / decide on things?
Well, fortunately for the people in the project, many of the good game engines out there originated from the work of people like them (that started from scratch).
And who knows, maybe they'll even develop some kind of new game genre that is better than recycling the game engines everyone else licenses or clones (ahem, FPS, can we come up with a new genre?).
Adventure games?
I agree with you in practice.
The thing is, while it is ultimately better for the greater security that the public knows of these security holes so they can demand they are fixed there is an element of bureaucracy that slows or halts the correction of flaws.
In the computer world this is also clearly possible, but it seems that Open Source Software projects typically transcend sophomoric bickering to quickly address security issues and correct them.
In the government world... while I'd love to believe that everyone knowing of security problems would force governments (particularly the one I live in, the U.S.) to immediately plug the holes in security, this is not likely to be the case.
Can you imagine as a security issue is widely publicized, the government sets up an exploration committee to see if people really care about it enough so if they budget for its repair it will not hurt them politically?
Also, a major issue here is that security problems outside of the computer world require time to implement! The cement trucks don't start mobilizing the second information is posted on the web to plug (physical) holes in walls! They don't roll until someone pays them and before that, until someone decides what to do. Even when that happens, physical security is not something that can always be immediately plugged!
So, to surmise, no, I'm not comfortable knowing that security problems exist and are simply kept secrets, but at the same time, at least in dealing with factors such as I've discussed above, I think that making all of it publicly available will not help in the way that is ideologically thought by the original poster of this story.
The success of such practices in the computer world are largely in part to the existing infrastructure of, for instance, Open Source Software projects. They allow this system to work.
For this to work with other systems, it would require some fundamental changes to how the bureaucracy of such systems works and has "set up shop". This will take some time (and first and foremost, *strong* reasons to demand such a change).
Exactly :)
And, the thing is, the best reason to use the web for up to date exploit information instead of a book (if you must know of all the exploits as this person wants to) is that by the time a book actually hits a shelf at a bookstore on "current" exploits, it is already extremely out of date.
I agree, understanding how your server software works will help you understand what can potentially be exploited on it! It is infinitely more useful to understand how Apache works than to *only* get a list of currently known exploits. Both should be intelligently employed together.
I think also important is, following strict policies of enabling functionality only when it is necessary *and* securable. If new features are not currently securable, they are potentially dangerous and probably not worth the risk they pose to data on an otherwise secure system in exchange for their benefits.