If you're dealing with highly sensitive data, encrypting the drives after the fact and "losing" the key (as suggested in the original post) will not even come close to meeting the requirements for data destruction. What they're worried about is that a sufficiently determined forensic analysis with sophisticated equipment could recover magnetic traces of the previous (in this case unencrypted) data from the platters. Your suggested "solution" actually makes things worse, by adding the possibility that all copies of the key haven't been destroyed, thereby allowing the data to be easily decrypted.
Depending on how sensitive the data is, a multi-pass wipe of the entire drive with varying data patterns may be sufficient to satisfy the security requirements. But if the contract explicitly stipulates physical destruction of the media, then you must physically destroy the media... or risk jail time.
If the data isn't in fact sensitive, but the requirement for physical destruction of the equipment was written into the contract anyway, then someone screwed up.
If they can fix whatever is killing the performance of the on-chip caches (previous reviews indicated that the L3 appears to be a bottleneck) and/or figure out how to get the clock speeds up (it supposedly has deeper pipelines than K10, so it theoretically should clock higher), Bulldozer could still be a competitive part. This is, of course, dependent on AMD surviving for long enough to do that. I wonder how long they can get by on their GPU revenues?
Picky, picky... OK how about we go with: "From a technical perspective, AMD's 64-bit extensions were a bit of a kludge. But providing 64-bit capabilities while maintaining backward compatibility was a very shrewd move which gave the computing industry exactly what it needed at the time."
I never said real-world considerations were meaningless. But it is certainly possible to look at a technology and go, "That's a pretty sick hack." To take your argument to its logical conclusion x86 would be the best processor architecture of all time, and MS Windows would be the best OS, since they've come to dominate their respective markets -- i.e., they have accounted for "real-world considerations" better than any of their competitors. But from a purely engineering perspective they're a mess.
AMD's 64-bit extensions arguably weren't a better technology either; they just happened to be in the right place at the right time, with a solution that maintained backward compatibility with the existing x86 code base. This, more than anything else, is what kept Itanium from ever gaining traction outside of a few niche server platforms -- when Intel caved and adopted AMD's 64-bit extensions, that was the final nail in Itanium's coffin.
I hesitate to call the i860 VLIW. Yes, it could fetch and execute an integer instruction and a FP instruction in parallel; but does that really qualifiy as VLIW? Seems more like SLIW (Sorta Long Instruction Word) to me!;-)
I don't see how HP contracting with Intel to continue Itanium support is a problem. Nor do I see Oracle deciding to stop supporting Itanium as lawsuit-worthy either. Both companies need to stop slinging stupid lawsuits at each other, and refocus on producing computer hardware and software. It is sad that business success in the tech industry is now measured by who has the bigger team of lawyers, not by who has the best engineers.
Why are we even buying critical components such as these from China?
There's some pressure to use more COTS (Commercial Off-The-Shelf) components to control costs. Yes, believe it or not the US military is actually starting to worry about cost-effectiveness!
A lot of the "cool shit" is manufactured in China these days, because they have cheap labor and lax-to-nonexistent environmental regulations. While a lot of the cutting edge R&D still occurs in the US, once a technology is commercialized we have a hard time competing on cost; at that point production moves offshore and the domestic plants shut down.
The US doesn't have a monopoly on bleeding edge R&D either; other countries are coming up with innovative ideas with potential military applications too!
The company I currently work for makes stuff for the US military. While final assembly is necessarily carried out in the US, some of the components are indeed sourced from China (and Israel, actually). The customer isn't thrilled with this, but accepts it because there aren't any alternatives that don't involve jacking the cost of the finished product up by close to an order of magnitude.
I'm not defending the corporate entities that backed this. But the fact that their motives and methods are questionable still does not change the fact that Usenet is much less important today than it was 10-15 years ago. Pretty much all of the legitimate use cases for Usenet -- and most of the illegitimate ones as well! -- have already been supplanted by other technologies.
Oh, I didn't say it wasn't a significant event. I just don't think Usenet is particularly practical any more, for a number of reasons. We probably need a replacement that is truly P2P (to the end user), instead of being sort-of-P2P (just between the established NNTP providers).
Well, someone should come up with a P2P protocol to do something similar (discussion threads organized by topic), without needing an upstream provider (other than a bare Internet connection). Essentially a BitTorrent version of NNTP.
For most people, web-based services are a better medium for online discussions.
NNTP was never a particularly good protocol for distributing large binaries; it is unreliable, and places unreasonable storage demands on the NNTP hosting providers, which in turn leads to short retention times for binaries. It was just that all of the alternatives that existed 20 years ago were worse! Modern P2P protocols fill that role now, and do a better job.
Sad as it may be, this was probably inevitable. I was pretty active on Usenet back in the day (1990s), and look back on that time with a fair bit of nostalgia; but I don't use it any more. Technology has moved on, and Usenet is an anachronism. The last couple of times I poked my nose into the groups I used to frequent, they were full of spam with very little (if any) worthwhile discussion taking place. The poor S/N ratio makes it pretty much unusable.
Usenet's primary purpose these days seems to be the distribution of spam and illicit copyrighted content. I've wondered how long it would be able to continue flying "under the radar" when many of the other popular file sharing services were getting hammered by the **AA and their henchmen.
While Usenet is essentially a distributed system, users still require an upstream provider, and these providers are quite vulnerable to legal pressure. It looks like Usenet's day of reckoning may be at hand; the incoming asteroid is on a collision course.
Also many groups do not want binaries in their groups and users have been known to get removed.
How do you remove a user from a distributed system with no central point of control? You might be able to get their upstream provider to cut them off, but they can just find another one pretty easily.
Ehh...? I've been using Ubuntu for 3+ years now on multiple systems, and don't recall ever having a problem with getting the CD to boot. Sounds to me like your burner is flaky... or you're buying crap media.
Most computers new enough to run a default install of Ubuntu decently should be capable of USB boot (and will have a DVD drive too, for that matter). So while the plan is indeed flawed, it is a flaw which will not affect very many people.
Last sentence above should have been: "What they cannot do is retroactively take back anyone's rights to continue using/modifying/distributing the old GPLed version(s)."
(Sorry for replying to my own post, but I figured that needed clarification...)
When Mentor Graphics bought Code Sourcery, they continued developing the closed-course one and discontinued, then deleted, the GPL variant. It's unclear to me if that's kosher, as the closed variant must contain code that had been GPLed at one point.
As long as they hold the copyright on all of the code in question (or any code they don't hold the copyright on is under a permissive non-copyleft license like BSD or Apache), it is completely kosher. It would be a pretty standard case of a dual license, much like the licensing model Oracle uses for MySQL. There is nothing in the GPL that compels the original developer to continue supporting a package against their will (other than providing the GPLed version of the source code on request to people they've distributed the package to in the past). Nor is there any prohibition against taking all future versions of the codebase proprietary, as long as the proprietary version does not include GPLed code owned by others.
The thing that you don't seem to grasp is that GPLed code is still be owned by someone; it is not the same thing as being in the public domain. If all of the code in an application was written by the same entity (or the copyrights have been signed over to them), then that entity can make future versions of the application proprietary if they want. What they cannot do is retroactively take back anyone's rights to continue using/modifying the old GPLed version(s).
The company best known for this is Google. Past applicants tell tales of a head-spinning battery of coding problems, riddles, and brain teasers, many of which seem only tangential to the task of software development.
...and those electrons will eventually be replenished. So I guess if you want to nit-pick, you could say that downloading an e-Book theoretically increases the mass of the device by a minuscule amount the next time it is recharged. But the amount of stored charge in the flash memory is going to be much smaller than the error bars on the amount of charge the battery can hold, so it is of course all "lost in the noise" anyway.
Didn't one of the principal maintainers of Scientific Linux recently jump ship to take a job at Redhat? I'm not sure how big the team is, or whether this will have a significant impact on Scientific Linux's future...
I haven't been following the situation too closely for the past few months, but not long ago there was a lot of turmoil at the top of the CentOS project, and some people were starting to question its future viability. Have those issues all been resolved?
I believe the guy's analysis is incorrect. I believe there is a mass gain, but most of it is not related to the energy required to "[keep electrons] still rather than allowing them to float around".
Writing a '0' to a flash memory cell involves injecting electrons into a "floating gate", producing a (permanent) net negative charge on the gate. So a flash device which has been written to contains a net surplus of electrons (i.e. an overall negative charge), compared to one that is blank. The increase in mass comes mostly from the fact that you've simply got more electrons in the chip, not from an increased energy level.
It depends on the specific skills and industry specialization. Among (many) other things, I've been intermittently doing embedded C code for 2+ decades. If the half-life rule applied here, then my embedded C coding skills would be roughly 1/1000th as marketable today as they were 20 years ago. Embedded C is still used in the defense and avionics industries (among others)... there's still fair demand for it (though admittedly not the sort of demand there was 10 or 20 years ago).
So in spite of early claims to the contrary, it is on the same order of magnitude as Chernobyl after all. Based on the new data, I wonder how large of an area around the facility needs to be abandoned, and for how long...
Slashdot Mirror
If you're dealing with highly sensitive data, encrypting the drives after the fact and "losing" the key (as suggested in the original post) will not even come close to meeting the requirements for data destruction. What they're worried about is that a sufficiently determined forensic analysis with sophisticated equipment could recover magnetic traces of the previous (in this case unencrypted) data from the platters. Your suggested "solution" actually makes things worse, by adding the possibility that all copies of the key haven't been destroyed, thereby allowing the data to be easily decrypted.
Depending on how sensitive the data is, a multi-pass wipe of the entire drive with varying data patterns may be sufficient to satisfy the security requirements. But if the contract explicitly stipulates physical destruction of the media, then you must physically destroy the media... or risk jail time.
If the data isn't in fact sensitive, but the requirement for physical destruction of the equipment was written into the contract anyway, then someone screwed up.
If they can fix whatever is killing the performance of the on-chip caches (previous reviews indicated that the L3 appears to be a bottleneck) and/or figure out how to get the clock speeds up (it supposedly has deeper pipelines than K10, so it theoretically should clock higher), Bulldozer could still be a competitive part. This is, of course, dependent on AMD surviving for long enough to do that. I wonder how long they can get by on their GPU revenues?
Picky, picky... OK how about we go with: "From a technical perspective, AMD's 64-bit extensions were a bit of a kludge. But providing 64-bit capabilities while maintaining backward compatibility was a very shrewd move which gave the computing industry exactly what it needed at the time."
I never said real-world considerations were meaningless. But it is certainly possible to look at a technology and go, "That's a pretty sick hack." To take your argument to its logical conclusion x86 would be the best processor architecture of all time, and MS Windows would be the best OS, since they've come to dominate their respective markets -- i.e., they have accounted for "real-world considerations" better than any of their competitors. But from a purely engineering perspective they're a mess.
AMD's 64-bit extensions arguably weren't a better technology either; they just happened to be in the right place at the right time, with a solution that maintained backward compatibility with the existing x86 code base. This, more than anything else, is what kept Itanium from ever gaining traction outside of a few niche server platforms -- when Intel caved and adopted AMD's 64-bit extensions, that was the final nail in Itanium's coffin.
I hesitate to call the i860 VLIW. Yes, it could fetch and execute an integer instruction and a FP instruction in parallel; but does that really qualifiy as VLIW? Seems more like SLIW (Sorta Long Instruction Word) to me! ;-)
I don't see how HP contracting with Intel to continue Itanium support is a problem. Nor do I see Oracle deciding to stop supporting Itanium as lawsuit-worthy either. Both companies need to stop slinging stupid lawsuits at each other, and refocus on producing computer hardware and software. It is sad that business success in the tech industry is now measured by who has the bigger team of lawyers, not by who has the best engineers.
Why are we even buying critical components such as these from China?
There's some pressure to use more COTS (Commercial Off-The-Shelf) components to control costs. Yes, believe it or not the US military is actually starting to worry about cost-effectiveness!
A lot of the "cool shit" is manufactured in China these days, because they have cheap labor and lax-to-nonexistent environmental regulations. While a lot of the cutting edge R&D still occurs in the US, once a technology is commercialized we have a hard time competing on cost; at that point production moves offshore and the domestic plants shut down.
The US doesn't have a monopoly on bleeding edge R&D either; other countries are coming up with innovative ideas with potential military applications too!
The company I currently work for makes stuff for the US military. While final assembly is necessarily carried out in the US, some of the components are indeed sourced from China (and Israel, actually). The customer isn't thrilled with this, but accepts it because there aren't any alternatives that don't involve jacking the cost of the finished product up by close to an order of magnitude.
Apple has billions in the bank because they have all their stuff built in China...
I'm not defending the corporate entities that backed this. But the fact that their motives and methods are questionable still does not change the fact that Usenet is much less important today than it was 10-15 years ago. Pretty much all of the legitimate use cases for Usenet -- and most of the illegitimate ones as well! -- have already been supplanted by other technologies.
Oh, I didn't say it wasn't a significant event. I just don't think Usenet is particularly practical any more, for a number of reasons. We probably need a replacement that is truly P2P (to the end user), instead of being sort-of-P2P (just between the established NNTP providers).
Well, someone should come up with a P2P protocol to do something similar (discussion threads organized by topic), without needing an upstream provider (other than a bare Internet connection). Essentially a BitTorrent version of NNTP.
For most people, web-based services are a better medium for online discussions.
NNTP was never a particularly good protocol for distributing large binaries; it is unreliable, and places unreasonable storage demands on the NNTP hosting providers, which in turn leads to short retention times for binaries. It was just that all of the alternatives that existed 20 years ago were worse! Modern P2P protocols fill that role now, and do a better job.
Sad as it may be, this was probably inevitable. I was pretty active on Usenet back in the day (1990s), and look back on that time with a fair bit of nostalgia; but I don't use it any more. Technology has moved on, and Usenet is an anachronism. The last couple of times I poked my nose into the groups I used to frequent, they were full of spam with very little (if any) worthwhile discussion taking place. The poor S/N ratio makes it pretty much unusable.
Usenet's primary purpose these days seems to be the distribution of spam and illicit copyrighted content. I've wondered how long it would be able to continue flying "under the radar" when many of the other popular file sharing services were getting hammered by the **AA and their henchmen.
While Usenet is essentially a distributed system, users still require an upstream provider, and these providers are quite vulnerable to legal pressure. It looks like Usenet's day of reckoning may be at hand; the incoming asteroid is on a collision course.
RIP Usenet.
Also many groups do not want binaries in their groups and users have been known to get removed.
How do you remove a user from a distributed system with no central point of control? You might be able to get their upstream provider to cut them off, but they can just find another one pretty easily.
The post I was responding to specifically referred to CDs not booting. The bug you linked to relates to USB boot disks, not CDs.
Burning an ISO to a CD works regardless of the version of the OS being used to do the burning.
Ehh...? I've been using Ubuntu for 3+ years now on multiple systems, and don't recall ever having a problem with getting the CD to boot. Sounds to me like your burner is flaky... or you're buying crap media.
Most computers new enough to run a default install of Ubuntu decently should be capable of USB boot (and will have a DVD drive too, for that matter). So while the plan is indeed flawed, it is a flaw which will not affect very many people.
Last sentence above should have been: "What they cannot do is retroactively take back anyone's rights to continue using/modifying/distributing the old GPLed version(s)."
(Sorry for replying to my own post, but I figured that needed clarification...)
From the original news post:
When Mentor Graphics bought Code Sourcery, they continued developing the closed-course one and discontinued, then deleted, the GPL variant. It's unclear to me if that's kosher, as the closed variant must contain code that had been GPLed at one point.
As long as they hold the copyright on all of the code in question (or any code they don't hold the copyright on is under a permissive non-copyleft license like BSD or Apache), it is completely kosher. It would be a pretty standard case of a dual license, much like the licensing model Oracle uses for MySQL. There is nothing in the GPL that compels the original developer to continue supporting a package against their will (other than providing the GPLed version of the source code on request to people they've distributed the package to in the past). Nor is there any prohibition against taking all future versions of the codebase proprietary, as long as the proprietary version does not include GPLed code owned by others.
The thing that you don't seem to grasp is that GPLed code is still be owned by someone; it is not the same thing as being in the public domain. If all of the code in an application was written by the same entity (or the copyrights have been signed over to them), then that entity can make future versions of the application proprietary if they want. What they cannot do is retroactively take back anyone's rights to continue using/modifying the old GPLed version(s).
The company best known for this is Google. Past applicants tell tales of a head-spinning battery of coding problems, riddles, and brain teasers, many of which seem only tangential to the task of software development.
Been there, done that, flunked the quiz!
...and those electrons will eventually be replenished. So I guess if you want to nit-pick, you could say that downloading an e-Book theoretically increases the mass of the device by a minuscule amount the next time it is recharged. But the amount of stored charge in the flash memory is going to be much smaller than the error bars on the amount of charge the battery can hold, so it is of course all "lost in the noise" anyway.
Didn't one of the principal maintainers of Scientific Linux recently jump ship to take a job at Redhat? I'm not sure how big the team is, or whether this will have a significant impact on Scientific Linux's future...
I haven't been following the situation too closely for the past few months, but not long ago there was a lot of turmoil at the top of the CentOS project, and some people were starting to question its future viability. Have those issues all been resolved?
I believe the guy's analysis is incorrect. I believe there is a mass gain, but most of it is not related to the energy required to "[keep electrons] still rather than allowing them to float around".
Writing a '0' to a flash memory cell involves injecting electrons into a "floating gate", producing a (permanent) net negative charge on the gate. So a flash device which has been written to contains a net surplus of electrons (i.e. an overall negative charge), compared to one that is blank. The increase in mass comes mostly from the fact that you've simply got more electrons in the chip, not from an increased energy level.
It depends on the specific skills and industry specialization. Among (many) other things, I've been intermittently doing embedded C code for 2+ decades. If the half-life rule applied here, then my embedded C coding skills would be roughly 1/1000th as marketable today as they were 20 years ago. Embedded C is still used in the defense and avionics industries (among others)... there's still fair demand for it (though admittedly not the sort of demand there was 10 or 20 years ago).
So in spite of early claims to the contrary, it is on the same order of magnitude as Chernobyl after all. Based on the new data, I wonder how large of an area around the facility needs to be abandoned, and for how long...