Heh. My favorite quote on the subject of creationism in general is, "If God went to so much trouble to make it look like the universe is billions of years old, maybe we should believe him."
And his point was, correctly, that for this applictaion, that doesn't make much difference.
As long as your time to render one frame is 2. More memory bandwidth would be nice, but that is a function of SGI hardware, not their OS, and x86 is catching up to many of the low to midrange machines from the likes of SGI.
What it needs is a low overhead OS that can support lots of memory, and runs on hardware that when something goes wrong, they can swap out the machine and worry about fixing it later.
The fact is, for a fixed investment, Linux on x86 will render more frames faster than any other platform out there. It is easier to find admins, and easier to customize for your needs. The node cost is cheap enough that you can just swap them out if something breaks, and in my experience SGIs hardware is unreliable crap compared to other UNIX vendors, and about on par with high quality x86 servers.
Also, I think the claim that IRIX is the best OS for ncpus >> 2 is a bit misleading. The ccNUMA archetecture scales much better than shared memory multi-processing. I don't know how well IRIX would run on a 32 CPU shared memory computer with uniform memory access. I suspect well, but not as well as you might imagine. There are other OSes that do this well (Linux doesn't yet, though it is getting there)
I will worry about Linux having IO bottlenecks at 2 GB/s when there exists x86 hardware with half that bandwidth available.
Well, I think we could really get to enjoy bumping a 1.4 GHz Athlon to 2.2 GHz once there start to be motherboards with dual DDR channels (4.2 GB/s)
There is still a latency problem, but intelligent caching and compiler design can mitigate that problem, especially if there is a bandwidth surplus available for speculative fetching.
Eventually, to conquer the latency beast, we will need to move more memory closer to the CPU. To do that is going to take moving to serial interconnects for lower pin counts, and reducing the physical footprint on the mainboard.
Unfortunately, as RAMBUS found out, running several hundred MHz over a motherboard trace is difficult. There is noise from other channels, stray capacitence, that sort of thing. This is especially bad if you use a multi-point bus systems. My guess is that eventually we will have to move to a point-to-point serial memory bus. This has the advantage of maintaining low latency, while scaling bandwidth with the number of memory modules.
Amen. I worked at a company that had a reasonably sucessful game division, in that it almost broke even (at least until they shut it down).
Over the past 2 years, just about every game company has been bought, gone under, or had massive layoffs (often on the order of 1/2-2/3 the workforce). Good games are extremely expensive to make, hardcore games have very high standards, and there is so much competition that games don't stay on the shelves long.
Sorry if that wasn't clear. Yes, I know this article is about making wootz damascus steel. But there are lots of knife makers selling pattern welded damascus steel. In fact, I think it is a requirement for becoming a master knifesmith, to demonstrate a damascus steel blade.
I was trying to make the point that what these guys are doing is different than what you are going to see called damascus steel at a local knife show.
Well, first I think your 90% is a little high. I know lots and lots of Linux users (myself included) that either have no Windows machines at home, or think that almost no game is worth the hassle of rebooting everytime they want to play.
I myself fall into the second category. I keep contemplating getting myself a tasty Athlon as a windows machine to run games, but I think I am just going to go the PSX2 route instead.
That isn't true at all. There are many individuals, companies, manufacturers, schools, and foriegn governments to whom the low cost nature of free software is a huge incentive.
I use Linux mostly for idealogical and technical reasons, but it certainly doesn't hurt that it saves me a few bucks I can spend on hardware.
Given the cost for W2K server + client licenses, the cost makes a huge difference for companies running webserver farms. In many cases not as important as the technical issues, but important none the less.
TiVo could have probably used WinCE, VxWorks, or QNX on the TiVo. But I am sure the $0/unit software licensing costs of Linux makes a huge difference to their bottom line.
Schools, especially outside the US, are deploying Linux left and right, because especially on low cost hardware, the cost of windows is a big chunk of system price.
So, yes, when we speak of free software, we mean freedom, but many people use Linux because that includes the freedom to copy it without paying licensing fees.
What you describe is pattern-welded steel, a technique used to mimic the appearence of true Damascus Steel.
This article is talking about the real deal, which was made through a combinations of impurities in the stock (Vandium is what these guys used) and etching the finished blade. Persumably the reason the secret was originally lost was that there were only a few mines that produced the right stock to make it, and when they were exausted, masters stopped teaching their apprentices how to do it.
Any place you see selling non-antique Damascus steel is actually using pattern welding.
There are no patent royalties for software MP3 decoders. Software encoders, and hardware decoders and encoders have royalties of a few dollars / unit. MP3Pro is (IIRC) about twice the money.
So, the people that really care at this point are A) people who want a free encoder to rip their CDs without violating any patents, and B) manufacturers of (especially) low cost hardware MP3 players.
Ogg also theoretically can be a lot smaller than an MP3 of comprable bitrate. Again, this really is a very good thing when you are trying to store as much as you can on a 32 MB compact flash card.
End users will care about it when they get hardware that supports Ogg and they want to use the same files with Winamp and their new Rio player.
Heh, the funny thing is, quantum computers (if they can ever be built) are analog computers. And the great thing is, it looks like we can still do normalization on them, solving the only problem that makes digital computers preferable to analog ones.
I also think it is funny how the supposedly "revolutionary" fuzzy logic from a few years ago was really nothing but an attempt to emulate an analog control circuit with digital microcontrollers.
Well, there is no law that says you need to run X to do graphics. In fact, for many purposes, linuxfb + OpenGL would be far preferable to lugging around the bloat of an X server, even one as small as this. The PS/2 is seriously lacking in RAM for a general purpose device. If you are only going to run one application/one window at a time, X is mostly wasted space.
There is a big difference between an "normal" EULA and the GPL:
The GPL grants you the privlege of copying, redistributing, and making derivitive works of copyrighted material, in exchange for agreeing to certain provisions. You only need to agree to the GPL if you want to do one of the above. When you buy GPL software, you are buying the software. If you so choose, the GPL provides you with a superset of the rights you atomatically get by buying a copy.
"normal" EULA's attempt to specify how you can and can't use the software in any case. They claim that you haven't purchased a copy, and you don't have the right to use the software as you wish.
Whether the courts would choose to recognize this distinction depends on how much corporate america bribes them.
In any case, this has no direct bearing on the liability issue.
Re:But I just got 2.4.7 working right!!!
on
Linux 2.4.8 is Out
·
· Score: 4, Informative
In case you didn't realize it: You should run "make oldconfig" after patching your kernel to make sure everything is in order, and to see what new options there are (I didn't see any in this one)
Re:Perhaps we should reconsider...
on
Code Red III
·
· Score: 2
Yeah, but the webserver would be off. There is not vulnerability until it is turned back on. The goal is, if someone actually uses their webserver, they will notice it is off, and when they turn it on, the first thing they will see is "you need to install this patch". If they don't use it, they will never notice it is off, and they will be immune to all further IIS worms.
Re:and another thing...
on
Code Red III
·
· Score: 2
I don't have any objection to ISPs doing that *by default*. I just think they should be able to selectively unblock that for customers who want it, with the stipulation that if you or your computer do bad things with it (like get code red) they will shut of access completely until you fix it.
@Home just unilaterally shut of all port 80 access (they have had netbios ports shut off all along, I believe).
Sure I can move my web server to port 81 or 8080, but as a responsible netizen, it pisses me off that I have to.
And don't whine about me using your bandwidth. I use my web server for personal use, on a service I paid for. It probably uses a whole 100 KB/day. If ATT@Home can't handle that, they need to upgrade their pipe.
Re:Microsoft should be sued
on
Code Red III
·
· Score: 2
The difference between guns and windows is that guns do damage when working as designed. A gun is designed to destroy things you point it at, and that is what it does. It can be used legally or illegally, and manufacturers really can't do much about it.
IIS is causing damage because of a design flaw. If you bought a gun and it blew up in your hand due to a design flaw, the manufacturer would certainly be at fault.
I am not convinced that MS should be lible for this, I am just saying that your analogy is flawed, and that in the world of physical products, MS would be hit with a billion dollar lawsuit right now.
Re:Microsoft should be sued
on
Code Red III
·
· Score: 2
A lot of people have said that other software packages can install IIS without telling the user about it.
I also don't know what the details of how to install IIS on W2KPro are, but I bet it isn't that hard to do "accidentally" -- If nothing else, I can see people just checking everything "just in case" without realizing that that meant that it would run automatically on boot.
Re:Perhaps we should reconsider...
on
Code Red III
·
· Score: 2
The funny thing is, if you ISP terminates web services to all of their clients because (say) 10% of them are infected, they come out of it clean, and can hide behind a service agreement.
If I disable someone's web server because they are actively trying to infect my computer with a virus , I am liable for any damages, even ones they make up.
Despite the fact that almost nobody reads, and fewer understand their ISP service agreements, if I put up a "service agreement" on my web server that says "by accessing this web server you agree that you are not infected by the code red virus. If I determine that you are, you agree that I may take any necessary actions to protect my services, including but not limited to automated installation of anti-virus software..." It doesn't count, since I can't have any expectation that someone infected by code red would ever see the agreement.
Re:Perhaps we should reconsider...
on
Code Red III
·
· Score: 3, Interesting
I have been seriously considering the "counterattach" method for a while now (as opposed to a self replicating anti-virus, which I am firmly opposed to).
I guess part of the problem is you have to install not only the patch, but a service pack, and people who seem to know something about windows think that is hard to do remotely.
Here is another thought: Just write a counter strike that A) deletes code red and the back doors B) turns off IIS and disables it from starting at boot, and C) changes the homepage to something that says "Please install these patches, your system has been infected by Code Red."
This is based on the assumption that 99% of the people who haven't patched their webservers don't use them and have forgotten (or never knew) IIS was installed.
I don't know what encryption PDF uses, but I think it is pretty strong.
In both WEP and PDF, the problem is not with the algorithms, but with their implementation. WEP uses a pitifully bad IV generator, plus uses the key straight up, rather than hasing an ASCII string to a binary value.
PDF simply cannot be made secure since it relies on transfering the key to the users computer and decrypting the PDF with it. Once you get the key, you can decrypt it yourself.
DeCSS was cracked because Xing forgot to swizzle their key in the binary, and it was extracted. At that point, another weakness allowed the extraction of more keys -- I don't know if that was a protocol or algorithm problem.
The lesson here is that security is much harder than just encrypting things. SSL, SSH, PGP, etc. were all designed as secure protocols. That was their entire goal, and the designers knew a lot about security. DeCSS, PDF, and WEP were all designed as bullet-item features within other products, and no special attention was paid to the overall security of the system.
It is also a question of mentality. Encryption algorithms are designed by academic researchers or the like, who expect the algorithm to be publically examined by their peers for any possible weakness. Software (and hardware) engineers usually don't believe in their hearts that people will try very hard to break their products, or that it would be "practically impossible" without the necessary documentation.
He actually said that he used to set up the refreshes to happen at the minute rollover, but it generated really high peak traffic from people leaving the window open. So he switched to the 1 minute refresh to spread it out.
Most UNIX window managers will let you put any window always on top...
I already have. But they aren't scanning for port 80 servers, they are just filtering it at their routers. On the other hand, the arp storm that had been going on for the past 4 days died this morning.
Given that Windows * is basically always a "server", I choose to intepret "servers" as "public servers". I use ssh, ftp, and HTTP for personal use only, and I am going to be really upset if/when they block my port. ATT@Home already has machines that routinely scan for news servers (authorized-scan1.security.home.net -- I love portsentry). They could easily scan for codered infected machines as well.
Dolby has invested sweat, and regular equity in this system. It is entirely their perrogative, to control who can use it.
First, as others have mentioned, this is about an independent implementation of AC-3, presumably, Dolby is claiming it is violating some patent of theirs, though I would refuse to take action until they actually specify which patent(s) the believe are being infringed on.
Second, your quote above is a huge are of misconception about intellectual property. Unlike physical property, which is considered a right, intellectual propery "rights" are granted by the government to encourage creativity for the public good. IP laws must then balance the incentives to the creator with the utility to the public. Any laws or practices in contradition with this goal (cough, DMCA, cough) are unconstitutional.
Obviously, I am talking about the US here, but since most of the rest of the world doesn't allow software patents, I think that is reasonable.
I think software patents are always harmful to the public, so they should be abolished. Hardware/device patents are rapidly approaching the point of being counter-productive.
Slashdot Mirror
Heh. My favorite quote on the subject of creationism in general is, "If God went to so much trouble to make it look like the universe is billions of years old, maybe we should believe him."
And his point was, correctly, that for this applictaion, that doesn't make much difference.
As long as your time to render one frame is 2. More memory bandwidth would be nice, but that is a function of SGI hardware, not their OS, and x86 is catching up to many of the low to midrange machines from the likes of SGI.
What it needs is a low overhead OS that can support lots of memory, and runs on hardware that when something goes wrong, they can swap out the machine and worry about fixing it later.
The fact is, for a fixed investment, Linux on x86 will render more frames faster than any other platform out there. It is easier to find admins, and easier to customize for your needs. The node cost is cheap enough that you can just swap them out if something breaks, and in my experience SGIs hardware is unreliable crap compared to other UNIX vendors, and about on par with high quality x86 servers.
Also, I think the claim that IRIX is the best OS for ncpus >> 2 is a bit misleading. The ccNUMA archetecture scales much better than shared memory multi-processing. I don't know how well IRIX would run on a 32 CPU shared memory computer with uniform memory access. I suspect well, but not as well as you might imagine. There are other OSes that do this well (Linux doesn't yet, though it is getting there)
I will worry about Linux having IO bottlenecks at 2 GB/s when there exists x86 hardware with half that bandwidth available.
Well, I think we could really get to enjoy bumping a 1.4 GHz Athlon to 2.2 GHz once there start to be motherboards with dual DDR channels (4.2 GB/s)
There is still a latency problem, but intelligent caching and compiler design can mitigate that problem, especially if there is a bandwidth surplus available for speculative fetching.
Eventually, to conquer the latency beast, we will need to move more memory closer to the CPU. To do that is going to take moving to serial interconnects for lower pin counts, and reducing the physical footprint on the mainboard.
Unfortunately, as RAMBUS found out, running several hundred MHz over a motherboard trace is difficult. There is noise from other channels, stray capacitence, that sort of thing. This is especially bad if you use a multi-point bus systems. My guess is that eventually we will have to move to a point-to-point serial memory bus. This has the advantage of maintaining low latency, while scaling bandwidth with the number of memory modules.
Amen. I worked at a company that had a reasonably sucessful game division, in that it almost broke even (at least until they shut it down).
Over the past 2 years, just about every game company has been bought, gone under, or had massive layoffs (often on the order of 1/2-2/3 the workforce). Good games are extremely expensive to make, hardcore games have very high standards, and there is so much competition that games don't stay on the shelves long.
Sorry if that wasn't clear. Yes, I know this article is about making wootz damascus steel. But there are lots of knife makers selling pattern welded damascus steel. In fact, I think it is a requirement for becoming a master knifesmith, to demonstrate a damascus steel blade.
I was trying to make the point that what these guys are doing is different than what you are going to see called damascus steel at a local knife show.
Well, first I think your 90% is a little high. I know lots and lots of Linux users (myself included) that either have no Windows machines at home, or think that almost no game is worth the hassle of rebooting everytime they want to play.
I myself fall into the second category. I keep contemplating getting myself a tasty Athlon as a windows machine to run games, but I think I am just going to go the PSX2 route instead.
That isn't true at all. There are many individuals, companies, manufacturers, schools, and foriegn governments to whom the low cost nature of free software is a huge incentive.
I use Linux mostly for idealogical and technical reasons, but it certainly doesn't hurt that it saves me a few bucks I can spend on hardware.
Given the cost for W2K server + client licenses, the cost makes a huge difference for companies running webserver farms. In many cases not as important as the technical issues, but important none the less.
TiVo could have probably used WinCE, VxWorks, or QNX on the TiVo. But I am sure the $0/unit software licensing costs of Linux makes a huge difference to their bottom line.
Schools, especially outside the US, are deploying Linux left and right, because especially on low cost hardware, the cost of windows is a big chunk of system price.
So, yes, when we speak of free software, we mean freedom, but many people use Linux because that includes the freedom to copy it without paying licensing fees.
Ah. My mistake. Did they at one time have a free license for software decoding, or a % of revenue deal (which would be $0 for free software)?
What you describe is pattern-welded steel, a technique used to mimic the appearence of true Damascus Steel.
This article is talking about the real deal, which was made through a combinations of impurities in the stock (Vandium is what these guys used) and etching the finished blade. Persumably the reason the secret was originally lost was that there were only a few mines that produced the right stock to make it, and when they were exausted, masters stopped teaching their apprentices how to do it.
Any place you see selling non-antique Damascus steel is actually using pattern welding.
There are no patent royalties for software MP3 decoders. Software encoders, and hardware decoders and encoders have royalties of a few dollars / unit. MP3Pro is (IIRC) about twice the money.
So, the people that really care at this point are A) people who want a free encoder to rip their CDs without violating any patents, and B) manufacturers of (especially) low cost hardware MP3 players.
Ogg also theoretically can be a lot smaller than an MP3 of comprable bitrate. Again, this really is a very good thing when you are trying to store as much as you can on a 32 MB compact flash card.
End users will care about it when they get hardware that supports Ogg and they want to use the same files with Winamp and their new Rio player.
Heh, the funny thing is, quantum computers (if they can ever be built) are analog computers. And the great thing is, it looks like we can still do normalization on them, solving the only problem that makes digital computers preferable to analog ones.
I also think it is funny how the supposedly "revolutionary" fuzzy logic from a few years ago was really nothing but an attempt to emulate an analog control circuit with digital microcontrollers.
Well, there is no law that says you need to run X to do graphics. In fact, for many purposes, linuxfb + OpenGL would be far preferable to lugging around the bloat of an X server, even one as small as this. The PS/2 is seriously lacking in RAM for a general purpose device. If you are only going to run one application/one window at a time, X is mostly wasted space.
There is a big difference between an "normal" EULA and the GPL:
The GPL grants you the privlege of copying, redistributing, and making derivitive works of copyrighted material, in exchange for agreeing to certain provisions. You only need to agree to the GPL if you want to do one of the above. When you buy GPL software, you are buying the software. If you so choose, the GPL provides you with a superset of the rights you atomatically get by buying a copy.
"normal" EULA's attempt to specify how you can and can't use the software in any case. They claim that you haven't purchased a copy, and you don't have the right to use the software as you wish.
Whether the courts would choose to recognize this distinction depends on how much corporate america bribes them.
In any case, this has no direct bearing on the liability issue.
In case you didn't realize it: You should run "make oldconfig" after patching your kernel to make sure everything is in order, and to see what new options there are (I didn't see any in this one)
Yeah, but the webserver would be off. There is not vulnerability until it is turned back on. The goal is, if someone actually uses their webserver, they will notice it is off, and when they turn it on, the first thing they will see is "you need to install this patch". If they don't use it, they will never notice it is off, and they will be immune to all further IIS worms.
I don't have any objection to ISPs doing that *by default*. I just think they should be able to selectively unblock that for customers who want it, with the stipulation that if you or your computer do bad things with it (like get code red) they will shut of access completely until you fix it.
@Home just unilaterally shut of all port 80 access (they have had netbios ports shut off all along, I believe).
Sure I can move my web server to port 81 or 8080, but as a responsible netizen, it pisses me off that I have to.
And don't whine about me using your bandwidth. I use my web server for personal use, on a service I paid for. It probably uses a whole 100 KB/day. If ATT@Home can't handle that, they need to upgrade their pipe.
The difference between guns and windows is that guns do damage when working as designed. A gun is designed to destroy things you point it at, and that is what it does. It can be used legally or illegally, and manufacturers really can't do much about it.
IIS is causing damage because of a design flaw. If you bought a gun and it blew up in your hand due to a design flaw, the manufacturer would certainly be at fault.
I am not convinced that MS should be lible for this, I am just saying that your analogy is flawed, and that in the world of physical products, MS would be hit with a billion dollar lawsuit right now.
A lot of people have said that other software packages can install IIS without telling the user about it.
I also don't know what the details of how to install IIS on W2KPro are, but I bet it isn't that hard to do "accidentally" -- If nothing else, I can see people just checking everything "just in case" without realizing that that meant that it would run automatically on boot.
The funny thing is, if you ISP terminates web services to all of their clients because (say) 10% of them are infected, they come out of it clean, and can hide behind a service agreement.
If I disable someone's web server because they are actively trying to infect my computer with a virus , I am liable for any damages, even ones they make up.
Despite the fact that almost nobody reads, and fewer understand their ISP service agreements, if I put up a "service agreement" on my web server that says "by accessing this web server you agree that you are not infected by the code red virus. If I determine that you are, you agree that I may take any necessary actions to protect my services, including but not limited to automated installation of anti-virus software..." It doesn't count, since I can't have any expectation that someone infected by code red would ever see the agreement.
I have been seriously considering the "counterattach" method for a while now (as opposed to a self replicating anti-virus, which I am firmly opposed to).
I guess part of the problem is you have to install not only the patch, but a service pack, and people who seem to know something about windows think that is hard to do remotely.
Here is another thought: Just write a counter strike that A) deletes code red and the back doors B) turns off IIS and disables it from starting at boot, and C) changes the homepage to something that says "Please install these patches, your system has been infected by Code Red."
This is based on the assumption that 99% of the people who haven't patched their webservers don't use them and have forgotten (or never knew) IIS was installed.
SSL uses RC4, same as WEP.
I don't know what encryption PDF uses, but I think it is pretty strong.
In both WEP and PDF, the problem is not with the algorithms, but with their implementation. WEP uses a pitifully bad IV generator, plus uses the key straight up, rather than hasing an ASCII string to a binary value.
PDF simply cannot be made secure since it relies on transfering the key to the users computer and decrypting the PDF with it. Once you get the key, you can decrypt it yourself.
DeCSS was cracked because Xing forgot to swizzle their key in the binary, and it was extracted. At that point, another weakness allowed the extraction of more keys -- I don't know if that was a protocol or algorithm problem.
The lesson here is that security is much harder than just encrypting things. SSL, SSH, PGP, etc. were all designed as secure protocols. That was their entire goal, and the designers knew a lot about security. DeCSS, PDF, and WEP were all designed as bullet-item features within other products, and no special attention was paid to the overall security of the system.
It is also a question of mentality. Encryption algorithms are designed by academic researchers or the like, who expect the algorithm to be publically examined by their peers for any possible weakness. Software (and hardware) engineers usually don't believe in their hearts that people will try very hard to break their products, or that it would be "practically impossible" without the necessary documentation.
He actually said that he used to set up the refreshes to happen at the minute rollover, but it generated really high peak traffic from people leaving the window open. So he switched to the 1 minute refresh to spread it out.
Most UNIX window managers will let you put any window always on top...
I already have. But they aren't scanning for port 80 servers, they are just filtering it at their routers. On the other hand, the arp storm that had been going on for the past 4 days died this morning.
Given that Windows * is basically always a "server", I choose to intepret "servers" as "public servers". I use ssh, ftp, and HTTP for personal use only, and I am going to be really upset if/when they block my port. ATT@Home already has machines that routinely scan for news servers (authorized-scan1.security.home.net -- I love portsentry). They could easily scan for codered infected machines as well.
First, as others have mentioned, this is about an independent implementation of AC-3, presumably, Dolby is claiming it is violating some patent of theirs, though I would refuse to take action until they actually specify which patent(s) the believe are being infringed on.
Second, your quote above is a huge are of misconception about intellectual property. Unlike physical property, which is considered a right, intellectual propery "rights" are granted by the government to encourage creativity for the public good. IP laws must then balance the incentives to the creator with the utility to the public. Any laws or practices in contradition with this goal (cough, DMCA, cough) are unconstitutional.
Obviously, I am talking about the US here, but since most of the rest of the world doesn't allow software patents, I think that is reasonable.
I think software patents are always harmful to the public, so they should be abolished. Hardware/device patents are rapidly approaching the point of being counter-productive.