We used to have cloud computing in the mainframe days: IBM ran a data center somewhere, and you connected to it via a leased line. The only way you knew its location was from the size of your phone bill (;-))
Joking aside, cloud computing really is just a buzzword change. Like any other outsourcing effort, you are at the mercy of the vendor and the government of the country they're in. Chose your suppliers based on the SLA they'll offer you, and the country of the candidate suppliers based on the rights they honor.
A large U.S. company of my acquaintance outsourced their data center successfully, and followed up by outsourcing their software development, in both cases to well-known and reasonably reliable providers.
Thinking they were on to a good thing, they then outsourced software maintenance. Some months later, they realized that that had accidentally given up control over the maintenance budget by giving up control of the maintenance itself. Their costs started to rise, as the outsourcer started fixing all the new bugs, plus all the bugs they'd skipped over during development. This was bad, as the whole idea was to save money!
To get control of their budget and their software once more, they had to reverse the previous two steps, actually hiring people away from the former outsourcer, getting them visas and moving them the the U.S., all during a previous recession.
Then their hardware company went out of business, and they had to port all the software. They were very pleased that they'd "in-sourced", as that could have put them out of business if they'd had to go back to the outsourcer when they were cash-poor.
The University of Toronto used to use Kraft's Programmers and Managers: The Routinization of Computer Programming in the United States (Heidelberg Science Library) as a text on the subject. The students routinely poo-poohed it, saying "that can't happen to me".
Those of us who had been working for few years had quite a different opinion of it (:-))
A few copies are still available from Amazon and others of the used-book dealers.
Especially ones using Windows, so every one of their employees is at risk of being required to give up the truecrypt password for the hidden partition that they didn't create. Not a desirable state of affairs, either for the police or for the employee...
--dave
It's B1 in the old (stringent) rating scheme, and can be configured to provide a lot of protection against theft of data, via
- mandatory access controls (not changeable by the process or user)
- secure path (knowing it's really you at the keyboard)
- covert channel analysis (genuinely hard, this is often "ongoing")
- audit (which eventually runs you out of disk (;-))
There is some protection against attack, but more or less as a side-effect of protecting against spies leaving with data.
People assume slowdowns are always linear, so they get the wrong answers, and under-provision all the time (;-))
Assume a really fast activation in 1/10 second, on a machine that's always got 10 CPUs free for the activation jobs. Each CPU will activate 10 phones in 1 second, but if 11 people per CPU request activation, the 11th will wait a full tenth before they start, plus 1/10 second to do the work. The 12th will wait 2/10 plus 1/10 to do the work, and so on.
100,000 people / 10 CPUs = a load of 10,000 users. Plug that into the queuing equation from which I got the above, and the average time to activate will be 999.1 seconds, or 16 minutes. Not fun!
The actual case is probably a lot worse, with slow activations and overloaded servers, but any time when you can get a really large number of users trying to do something in a short period of time, the average time to do the work will be scary large. Unless they just happen to be within the first 10 callers, of course!
That means that you need to temporarily allocate a hugely larger number of resources than you'd expect on first glance. If you and your manager don't already know that the response time curve looks like a hockey stick, you can easily get into a career-limiting situation by under-planning for a predicted overload.
If I want to let other programs make progress, I'll put myself to sleep for human kinds of time periods, like "the rest of the second" for small waits, 1-3 seconds for big ones, and up to 10 if I can signal the human with something like a watch cursor.
Linux is not unusual in seeing developers call gettimeofday/gethrtime with wild abandon, thus slowing the programs they're trying to measure the time of (;-)) For this reason, Solaris time calls are register/location reads, and ethe code sequences are so short that they fit into the the syscall dispatch table. Therefor the caller never really enters the OS at all to get the time.
The interesting new work on locks is "transactional memory", and there's a series of articles about it and Linux memory in general at LWN. See Memory part 8: Future technologies by Ulrich Drepper.
The hardware they describe as the testbeds are SPARCs.
You know the party trick of asking if anyone in a group has the same birthday as someone else?
In a 40-person group, you have would expect to have about 11% of the people match. Surprise, you have a 90% chance of a match! That's because there are 720-odd different pairs in 40 people (the Birthday Paradox)
Now ask what happens if you have 20 criminals and 2000 honest travelers that that you're trying to match using a programs that has a 99.99 accuracy, or 0.001 error rate. My leaky brain says you have the same 90% chance of a match... or in this case, a mismatch and the arrest of an innocent person.
I suspect, therefor, that trying to match bad drivers will produce a scary false positive rate!
--dave
[I also suspect I have the group sizes wrong: someone with a brain, please feel free to fix the numbers]
In countries which have a dictator, he's the biggest threat to free speech, and pretty well everything else. If one has an overweening government, like the Soviet Union did, they're the biggest threat. Similarly if one has an oligarchy, as the U.S. did in the "gilded age", they'll do their best to silence you.
Countries which had their governments organized to provide for check and balances, and whose police powers were used to mitigate the rise of the oligarchs were the places where one legitimately had free speech.
Whenever an imbalance of power arises, though, one of the classic forms of corruption is for the powerful to use their powers to silence anyone who doesn't treat them with fawning respect.
They reorder full blocks to encode data in the orderings within the list of blocks for a given file. That's why they "do not require storage of any additional information on the filesystem" and why "a capacity of up to 24 bits/cluster can be achieved on a half-empty disk". If they wrote to additional blocks they (1) would be adding additional data to the filesystem, (2) would have no limit to the data that could be hidden and (3) would lose it as soon as one started writing additional information to the disk and used the empty blocks.
"The first prong mandates the disclosure of Internet provider customer information without court oversight. Under current privacy laws, providers may voluntarily disclose customer information but are not required to do so. The new system would require the disclosure of customer name, address, phone number, email address, Internet protocol address, and a series of device identification numbers.
While some of that information may seem relatively harmless, the ability to link it with other data will often open the door to a detailed profile about an identifiable person. Given its potential sensitivity, the decision to require disclosure without any oversight should raise concerns within the Canadian privacy community.
The second prong requires Internet providers to dramatically re-work their networks to allow for real-time surveillance. The bill sets out detailed capability requirements that will eventually apply to all Canadian Internet providers. These include the power to intercept communications, to isolate the communications to a particular individual, and to engage in multiple simultaneous interceptions."
Alas, the translation was: --- 3 For the persons referred to in 1 and 2 of Article I of the same, the information given upon subscription of a contract by a user or when creating an account: [...] g) The password and the information needed to verify or change it, in their latest updated version; --
That means if you have established a password, they must provide it.
The person who wrote the snarky comment wasn't the president, and I'm not the president, so suggesting he find an easier job is a bit off-topic.
He (or she, some year or other) is legally responsible for everything his minions do, but unless he's omniscient and has infinite time, cannot be to blame for everything. Thus conscious, stated policies of president-and-administration X are legitimate targets for personal criticisms, but holdovers from X-1 are not.
It's a tiny bit dishonest to say "the X administration" unless it was a conscious policy of X, not something that you can expect to see from X-1 and x+1. It also appears in the topic sentence of the cited article, which is a tip-off:
If someone wants you to believe something that isn't true, it will appear in the first sentence, even if it logically doesn't belong there or seems jarring. That's a psychological trick that dates back to the ancient Greeks. It was reputedly a specific teaching of the sophists[1].
.--dave
[1] citation needed, although it was on my Plato course several centuries ago...
Slashdot Mirror
We used to have cloud computing in the mainframe days: IBM ran a data center somewhere, and you connected to it via a leased line. The only way you knew its location was from the size of your phone bill (;-))
Joking aside, cloud computing really is just a buzzword change. Like any other outsourcing effort, you are at the mercy of the vendor and the government of the country they're in. Chose your suppliers based on the SLA they'll offer you, and the country of the candidate suppliers based on the rights they honor.
--dave
A large U.S. company of my acquaintance outsourced their data center successfully, and followed up by outsourcing their software development, in both cases to well-known and reasonably reliable providers.
Thinking they were on to a good thing, they then outsourced software maintenance. Some months later, they realized that that had accidentally given up control over the maintenance budget by giving up control of the maintenance itself. Their costs started to rise, as the outsourcer started fixing all the new bugs, plus all the bugs they'd skipped over during development. This was bad, as the whole idea was to save money!
To get control of their budget and their software once more, they had to reverse the previous two steps, actually hiring people away from the former outsourcer, getting them visas and moving them the the U.S., all during a previous recession.
Then their hardware company went out of business, and they had to port all the software. They were very pleased that they'd "in-sourced", as that could have put them out of business if they'd had to go back to the outsourcer when they were cash-poor.
--dave
The University of Toronto used to use Kraft's Programmers and Managers: The Routinization of Computer Programming in the United States (Heidelberg Science Library) as a text on the subject. The students routinely poo-poohed it, saying "that can't happen to me".
Those of us who had been working for few years had quite a different opinion of it (:-))
A few copies are still available from Amazon and others of the used-book dealers.
--dave
Especially ones using Windows, so every one of their employees is at risk of being required to give up the truecrypt password for the hidden partition that they didn't create. Not a desirable state of affairs, either for the police or for the employee...
--dave
Bravo to the EP. Now if we could get Canada to grow a backbone...
--dave
It's B1 in the old (stringent) rating scheme, and can be configured to provide a lot of protection against theft of data, via
- mandatory access controls (not changeable by the process or user)
- secure path (knowing it's really you at the keyboard)
- covert channel analysis (genuinely hard, this is often "ongoing")
- audit (which eventually runs you out of disk (;-))
There is some protection against attack, but more or less as a side-effect of protecting against spies leaving with data.
--dave
.. we have a demoligarchy: we get to elect our preference from a pool of candidates approved (or at least not too disapproved of) by the oligarchs.
--dave (with only a little bit of tongue-in-cheek) c-b
Thanks, I indeed said that wrong! It's actually the 21st. The equation does do it correctly, fortunately (I use qef and jmt, by the way)
--dave
People assume slowdowns are always linear, so they get the wrong answers, and under-provision all the time (;-))
Assume a really fast activation in 1/10 second, on a machine that's always got 10 CPUs free for the activation jobs. Each CPU will activate 10 phones in 1 second, but if 11 people per CPU request activation, the 11th will wait a full tenth before they start, plus 1/10 second to do the work. The 12th will wait 2/10 plus 1/10 to do the work, and so on.
100,000 people / 10 CPUs = a load of 10,000 users. Plug that into the queuing equation from which I got the above, and the average time to activate will be 999.1 seconds, or 16 minutes. Not fun!
The actual case is probably a lot worse, with slow activations and overloaded servers, but any time when you can get a really large number of users trying to do something in a short period of time, the average time to do the work will be scary large. Unless they just happen to be within the first 10 callers, of course!
That means that you need to temporarily allocate a hugely larger number of resources than you'd expect on first glance. If you and your manager don't already know that the response time curve looks like a hockey stick, you can easily get into a career-limiting situation by under-planning for a predicted overload.
--dave (wearing his capacity planner hat) c-b
If I want to let other programs make progress, I'll put myself to sleep for human kinds of time periods, like "the rest of the second" for small waits, 1-3 seconds for big ones, and up to 10 if I can signal the human with something like a watch cursor.
--dave
You don't run the sql in silicon to speed things up, you worry about the speed of joins in main memory.
--dave
Linux is not unusual in seeing developers call gettimeofday/gethrtime with wild abandon, thus slowing the programs they're trying to measure the time of (;-)) For this reason, Solaris time calls are register/location reads, and ethe code sequences are so short that they fit into the the syscall dispatch table. Therefor the caller never really enters the OS at all to get the time.
The interesting new work on locks is "transactional memory", and there's a series of articles about it and Linux memory in general at LWN. See Memory part 8: Future technologies by Ulrich Drepper. The hardware they describe as the testbeds are SPARCs.
--dave
You know the party trick of asking if anyone in a group has the same birthday as someone else? In a 40-person group, you have would expect to have about 11% of the people match. Surprise, you have a 90% chance of a match! That's because there are 720-odd different pairs in 40 people (the Birthday Paradox)
Now ask what happens if you have 20 criminals and 2000 honest travelers that that you're trying to match using a programs that has a 99.99 accuracy, or 0.001 error rate. My leaky brain says you have the same 90% chance of a match... or in this case, a mismatch and the arrest of an innocent person.
I suspect, therefor, that trying to match bad drivers will produce a scary false positive rate!
--dave
[I also suspect I have the group sizes wrong: someone with a brain, please feel free to fix the numbers]
Groklaw also identified this as FUD, also known as "trying the case in the newspapers".
--dave
They have for some years, and Unix before that.
Other faculties use various combinations of Windows and Macs.
--dace
In countries which have a dictator, he's the biggest threat to free speech, and pretty well everything else.
If one has an overweening government, like the Soviet Union did, they're the biggest threat.
Similarly if one has an oligarchy, as the U.S. did in the "gilded age", they'll do their best to silence you.
Countries which had their governments organized to provide for check and balances, and whose police powers were used to mitigate the rise of the oligarchs were the places where one legitimately had free speech.
Whenever an imbalance of power arises, though, one of the classic forms of corruption is for the powerful to use their powers to silence anyone who doesn't treat them with fawning respect.
--dave
They reorder full blocks to encode data in the orderings within the list of blocks for a given file. That's why they "do not require storage of any additional information on the filesystem" and why "a capacity of up to 24 bits/cluster can be achieved on a half-empty disk".
If they wrote to additional blocks they (1) would be adding additional data to the filesystem, (2) would have no limit to the data that could be hidden and (3) would lose it as soon as one started writing additional information to the disk and used the empty blocks.
See instead the abstract from Science Direct:
http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6V8G-51BBKRS-1&_user=10&_coverDate=01%2F31%2F2011&_rdoc=1&_fmt=high&_orig=gateway&_origin=gateway&_sort=d&_docanchor=&view=c&_acct=C000050221&_version=1&_urlVersion=0&_userid=10&md5=ee913861b3d05b46b905bd4d52ca9380&searchtype=a
First mention of bundling "lawfull access" (aka monitoring) and crime bills for passage within 100 days.
http://www.vancouversun.com/business/Conservative+majority+would+bundle+crime+bills/4580146/story.html
Link to Conservative platform containing the promise
http://www.conservative.ca/media/ConservativePlatform2011_ENs.pdf
Search for "100 days"
Subsequent comments:
http://www.michaelgeist.ca/content/blogsection/0/126/10/10/
"The first prong mandates the disclosure of Internet provider customer information without court oversight. Under current privacy laws, providers may voluntarily disclose customer information but are not required to do so. The new system would require the disclosure of customer name, address, phone number, email address, Internet protocol address, and a series of device identification numbers.
While some of that information may seem relatively harmless, the ability to link it with other data will often open the door to a detailed profile about an identifiable person. Given its potential sensitivity, the decision to require disclosure without any oversight should raise concerns within the Canadian privacy community.
The second prong requires Internet providers to dramatically re-work their networks to allow for real-time surveillance. The bill sets out detailed capability requirements that will eventually apply to all Canadian Internet providers. These include the power to intercept communications, to isolate the communications to a particular individual, and to engage in multiple simultaneous interceptions."
Alas, the translation was:
---
3 For the persons referred to in 1 and 2 of Article I of the same, the information given upon subscription of a contract by a user or when creating an account:
[...]
g) The password and the information needed to verify or change it, in their latest updated version;
--
That means if you have established a password, they must provide it.
Bummer! I was hoping the summary was wrong.
--dave
Bother!
Try http://books.google.ca/books?hl=en&lr=&id=U94VEnENPgAC&oi=fnd&pg=PA220&ots=SRv0On1u8v&sig=mHnzZACgP8Cq8CJ5cZwKLvTHDQk#v=onepage&q&f=false
--dave
The prof cites Meseguer's Solving the inheritance anomaly in concurrent object-oriented programming as an example of the problems of trying to mix OO with other concerns, in this case concurrency.
If the tool doesn't work, pick a better one!
--dave (who uses O-O happily for non-parallel tasks) c-b
Hadn't thought of it. --dave
Then we probably agree that the commentator should have identified the culprit, rather than being lazy and blaming the administration of the week.
--dave
The person who wrote the snarky comment wasn't the president, and I'm not the president, so suggesting he find an easier job is a bit off-topic.
He (or she, some year or other) is legally responsible for everything his minions do, but unless he's omniscient and has infinite time, cannot be to blame for everything. Thus conscious, stated policies of president-and-administration X are legitimate targets for personal criticisms, but holdovers from X-1 are not.
And people are more often ignorant than stupid...
--dave
It's a tiny bit dishonest to say "the X administration" unless it was a conscious policy of X, not something that you can expect to see from X-1 and x+1. It also appears in the topic sentence of the cited article, which is a tip-off:
If someone wants you to believe something that isn't true, it will appear in the first sentence, even if it logically doesn't belong there or seems jarring. That's a psychological trick that dates back to the ancient Greeks. It was reputedly a specific teaching of the sophists[1].
.--dave
[1] citation needed, although it was on my Plato course several centuries ago...