They already do random checks of yachts passing near but outside U.S. waters: a colleague from years ago was stopped and searched (politely) by the U.S. Coast Guard on his way from Bermuda back to New Brunswick.
The U.S. has been publicly telling their own citizens reentering the country via the U.S. Customs and Immigration post at the Toronto airport that they will require
passports to re-enter the country as of this year.
The person at the kiosk beside me asked the guard how they could keep him, a U.S. citizen, out and she said "that's the law".
Well citizen, let's see... I see here you're a member of the National Guard on callup. I'm afraid you can't leave the country without an exit visa signed by the Secretary of the Army. Please return to your base for a free trip to a different foreign country.
But I would use the Google Voice service to try your laptop first and then fall back to a cheap pay-as-you-go cellphone number, for all the times when you don't have your laptop conveniently available.
And Nehalem is an all in-order design, so they can scale out to very large numbers
of cores or register-and-decoder sets on a single chip. That helps offset the huge
bottleneck of trying to go to molasses-slow
main memory on every cache miss, by allowing another thread to run.
Something I notice is also true of the newest Power chip. Mind you, I'd want enough cores to host 128 threads in order to at least match the new SPARCs, but that can come along later (;-))
I'm a bit surprised this is only seeing the light now: as we get
smaller and faster, the number of errors observed goes up
amazingly.
Back in the stone age, Cray computers didn't even have
parity memory, partly because they were willing to re-run programs
but mostly because errors were unlikely. Cray himself famously said
"parity is for farmers".
These days, errors are very common, and I'm literally
amazed that x86s don't have better-than-ECC error
detection and correction. All the commercial Unix vendors
have them.
It's a problem when a government pays for a report from an
uninterested third party, and gets a quickie rewrite of a
pressure-group's screed. And a dishonest one at that.
Michael Geist writes: Update (5:15): Brian Jackson of IT Business reports that the Minister's office acknowledges spending $15,000 on the report. It plans to follow up on the issues raised in my post.
randomsearch writes: Sun may have overlooked one thing: Apple don't actually make much money from the app store
The benefits are adoption and credibility, which Java needs more of. So
long as it breaks even, a Java store will
make the language more attractive to end-users.
Well down the road, this will drive more business for the company owning Java, just like having an OS used in
university labs eventually drives more business for the company that owns
the OS.
They didn't give dates for the three
genrations they describe, but the generations themselves were
"simple" refresh DPU with line-drawing and text primitives, pick correaltion
Vector transformation and clipping DPUs, in image spec, and
DPUs with modelling transformations and viewing operations.
Each was built with limited programmability and on near-current but cheper technologies, to get a good cost/performance ratio, and then either did not advance, thus becoming shelfware, as described, or instead
or gained more programmability sufficient to make the ma CPU in their own right. In the latter case, someone then invented a new DPU to offload the CPU of all that annoying graphics stuff (;-))
The intro says to include... other tasks that [were] once handled by the CPU.
In fact, there is a regular cycle of
inventing video add-on processors, seeing them
spread, then seeing the CPUs catch up and make the older video processor technology obsolete, moving the work back to the CPU.
Then, of course, someone invents a new video co-processor (;-))
Foley and Van Dam, in Fundamental of Interactive Computer Graphics called this "the wheel of karma" or the
"wheel of reincarnation", and described three generations before 1984.
I suspect the current effort is more directed toward building fast vector processors, rather than short-lived video-only devices. Certainly that's the direction one of the Intel researchers suggested she was headed.
It is possible (as other commentators
have noted) to split your traffic between
the VPN to work and your regular connection
to the internet.
However, this means that instead of trusting you to keep your machine secure, your employer is trusting everyone
you can connect to. Many moons ago, a supplier to two competing banks found out he'd exposed one bank to the other, and earned a
life-threatening lawsuit in the process (;-))
If your employer has no sensitive information on the network you can VPN into, a split tunnel is a good idea. If they have confidential information on the network, it's a poor one, and if they have information shared with customers or connections to customers, it's a company-ending one.
In principle, you could use Mandatory
Access Control rules in SE Linux to protect against this: I've done exactly that using Trusted Solaris, at the expense of a huge chunk of effort but it's out of the question in a Windows shop.
rolfwind writes: Imagine "Windows 7 integrated with Microsoft's new browser Firefox!"
You don;t have to imagine: this is what
Microsoft alreadytried with Java,
extending it with MS-only functionality. Only the trademark agreement with Sun protected Java uses from embrace, extend and extinguish. MS had to start an entire new language project in order to copy Java, and give it a new name thus losing name recognition.
MS fanboys use C#: everyone else uses Java, unextended and unextinguished. Now if they'd just add apply... (;-))
The proposal is to give licensees
the same kind of protections as buyers, to close off the scam of "licensing" a product with more restrictions than allowed when selling it.
The writer just wanted to get
more attention, so he puffed it up with an imaginary threat to developers.
Oracle wanted the hardware, so they could
become the kind of top-to-bottom solution that IBM used to be in the Mainframe days.
IBM failed to prevent it, so now they're loudly saying "sour grapes! sour grapes!"
I suspect the commentators who missed why IBM and Oracle wanted Sun were the same ones who said IBM and Sun were doomed technologies, and that
the future was NT 4 on Intel x86-32.
And to answer the question literally, you put your marketers on marketing the company while you put your lawyers on working on the merger. I assume they're different people (;-))
Indeed: Canada has stronger copyright
laws than the U.S., but the "industry
groups" who compile the data that makes
up the "Special 301" process really really
want to blame someone else.
The good-quality pirate copies aren't
camcorded: they're copies of the DVDs
sent to reviewers, or professionally
recorded in the projection-rooms of
the theaters they're playing in.
So they improved InnoDB to make
MySql more attractive to the small
folks. If they become as big as
eBay and PayPal, they probably
will switch to Oracle (;-))
This is a solved problem in computer science, circa December 1985 (;-))
That's when the "orange book" came out, defining a range of trusted computer systems for the U.S. Department of Defense, rated rather like students:
A is very good, but few achieve it
B is OK, B+ (actually B2) is better
C is unacceptable, unless you don't care, in which case, anything goes, and
D is garbage.
The part of the B2 standard you care about is called "mandatory access control" (MAC), which says that even
if you want to email a secret to your partner the spy, it won't work.
To make MAC work, you have levels, like public, restricted, confidential and secret, and categories like administration, infrastructure, trade, international relations and religion. You investigate people and then assign them to the appropriate "compartment", such as public & trade, or secret & international relations. The computer's security kernel keeps the international secrets from flowing electronically to the public trade person. It doesn't keep
the international relations person from whispering the secrets into the trade person's ear, but it stops them from doing so inside the computer or it's network.
Where do you get a trusted OS? From
any US computer company, specifically including Red Hat. I used to use Trusted Solaris, snidely known as "the word processor for Generals" to protect my customers from each other, even if some of their data and staff lived on the same machine.
Some of the other features of trusted OSs also mitigate typical Windows or Unix attacks, such as privilege escalation by subverting root. You can
still subvert root, but you'll find yourself running at system-low, below
the level that can get at any secure data (;-))
It's not trivial: you need to train security admins as well as sysadmins, but it's a good first step.
Note that most commercial folks will tell you you don't need B2. That's because all they knows is C or
"common criteria", and C just isn't good enough.
Slashdot Mirror
They already do random checks of yachts passing near but outside U.S. waters: a colleague from years ago was stopped and searched (politely) by the U.S. Coast Guard on his way from Bermuda back to New Brunswick.
--dave
The U.S. has been publicly telling their own citizens reentering the country via the U.S. Customs and Immigration post at the Toronto airport that they will require passports to re-enter the country as of this year.
The person at the kiosk beside me asked the guard how they could keep him, a U.S. citizen, out and she said "that's the law".
--dave
Well citizen, let's see... I see here you're a member of the National Guard on callup. I'm afraid you can't leave the country without an exit visa signed by the Secretary of the Army. Please return to your base for a free trip to a different foreign country.
--dave
But I would use the Google Voice service to try your laptop first and then fall back to a cheap pay-as-you-go cellphone number, for all the times when you don't have your laptop conveniently available.
Thanks, I was indeed thinking of Atom. For some reason I associated them with one another...
I double-checked, and the new power chip is (mostly) in-order, even at the cost of giving away clock speed.
I'll be interested in seeing what IBM is up to in the Power 7 time period.
And Nehalem is an all in-order design, so they can scale out to very large numbers of cores or register-and-decoder sets on a single chip. That helps offset the huge bottleneck of trying to go to molasses-slow main memory on every cache miss, by allowing another thread to run. Something I notice is also true of the newest Power chip. Mind you, I'd want enough cores to host 128 threads in order to at least match the new SPARCs, but that can come along later (;-))
--dave
Indeed! Intel is being penny-wise and pound-foolish.
--dave
I'm a bit surprised this is only seeing the light now: as we get smaller and faster, the number of errors observed goes up amazingly.
Back in the stone age, Cray computers didn't even have parity memory, partly because they were willing to re-run programs but mostly because errors were unlikely. Cray himself famously said "parity is for farmers".
These days, errors are very common, and I'm literally amazed that x86s don't have better-than-ECC error detection and correction. All the commercial Unix vendors have them.
--dave
It's a problem when a government pays for a report from an uninterested third party, and gets a quickie rewrite of a pressure-group's screed. And a dishonest one at that.
--dave
Jane and Finch.
--dave
Michael Geist writes: Update (5:15): Brian Jackson of IT Business reports that the Minister's office acknowledges spending $15,000 on the report. It plans to follow up on the issues raised in my post.
randomsearch writes: Sun may have overlooked one thing: Apple don't actually make much money from the app store
The benefits are adoption and credibility, which Java needs more of. So long as it breaks even, a Java store will make the language more attractive to end-users.
Well down the road, this will drive more business for the company owning Java, just like having an OS used in university labs eventually drives more business for the company that owns the OS.
--dave
Each was built with limited programmability and on near-current but cheper technologies, to get a good cost/performance ratio, and then either did not advance, thus becoming shelfware, as described, or instead or gained more programmability sufficient to make the ma CPU in their own right. In the latter case, someone then invented a new DPU to offload the CPU of all that annoying graphics stuff (;-))
--dave
The intro says to include ... other tasks that [were] once handled by the CPU.
In fact, there is a regular cycle of inventing video add-on processors, seeing them spread, then seeing the CPUs catch up and make the older video processor technology obsolete, moving the work back to the CPU. Then, of course, someone invents a new video co-processor (;-))
Foley and Van Dam, in Fundamental of Interactive Computer Graphics called this "the wheel of karma" or the "wheel of reincarnation", and described three generations before 1984.
I suspect the current effort is more directed toward building fast vector processors, rather than short-lived video-only devices. Certainly that's the direction one of the Intel researchers suggested she was headed.
--dave
Toronto seem fine, and it's foreign (;-))
--dave
It is possible (as other commentators have noted) to split your traffic between the VPN to work and your regular connection to the internet.
However, this means that instead of trusting you to keep your machine secure, your employer is trusting everyone you can connect to. Many moons ago, a supplier to two competing banks found out he'd exposed one bank to the other, and earned a life-threatening lawsuit in the process (;-))
If your employer has no sensitive information on the network you can VPN into, a split tunnel is a good idea. If they have confidential information on the network, it's a poor one, and if they have information shared with customers or connections to customers, it's a company-ending one.
In principle, you could use Mandatory Access Control rules in SE Linux to protect against this: I've done exactly that using Trusted Solaris, at the expense of a huge chunk of effort but it's out of the question in a Windows shop.
--dave
I was speaking slightly tongue-in-cheek: I normally tease Mac fanboys (;-))
--dave
rolfwind writes: Imagine "Windows 7 integrated with Microsoft's new browser Firefox!"
You don;t have to imagine: this is what Microsoft already tried with Java, extending it with MS-only functionality. Only the trademark agreement with Sun protected Java uses from embrace, extend and extinguish. MS had to start an entire new language project in order to copy Java, and give it a new name thus losing name recognition.
MS fanboys use C#: everyone else uses Java, unextended and unextinguished. Now if they'd just add apply... (;-))
--dave
The proposal is to give licensees the same kind of protections as buyers, to close off the scam of "licensing" a product with more restrictions than allowed when selling it.
The writer just wanted to get more attention, so he puffed it up with an imaginary threat to developers.
--dave
They should be listing any bribes they paid for approving OOXML (;-))
P--dave
Oracle wanted the hardware, so they could become the kind of top-to-bottom solution that IBM used to be in the Mainframe days. IBM failed to prevent it, so now they're loudly saying "sour grapes! sour grapes!"
I suspect the commentators who missed why IBM and Oracle wanted Sun were the same ones who said IBM and Sun were doomed technologies, and that the future was NT 4 on Intel x86-32.
And to answer the question literally, you put your marketers on marketing the company while you put your lawyers on working on the merger. I assume they're different people (;-))
--dave
Indeed: Canada has stronger copyright laws than the U.S., but the "industry groups" who compile the data that makes up the "Special 301" process really really want to blame someone else.
The good-quality pirate copies aren't camcorded: they're copies of the DVDs sent to reviewers, or professionally recorded in the projection-rooms of the theaters they're playing in.
--dave
So they improved InnoDB to make MySql more attractive to the small folks. If they become as big as eBay and PayPal, they probably will switch to Oracle (;-))
--dave
Excellent, thanks!
--dave
This is a solved problem in computer science, circa December 1985 (;-))
That's when the "orange book" came out, defining a range of trusted computer systems for the U.S. Department of Defense, rated rather like students:
The part of the B2 standard you care about is called "mandatory access control" (MAC), which says that even if you want to email a secret to your partner the spy, it won't work. To make MAC work, you have levels, like public, restricted, confidential and secret, and categories like administration, infrastructure, trade, international relations and religion. You investigate people and then assign them to the appropriate "compartment", such as public & trade, or secret & international relations. The computer's security kernel keeps the international secrets from flowing electronically to the public trade person. It doesn't keep the international relations person from whispering the secrets into the trade person's ear, but it stops them from doing so inside the computer or it's network.
Where do you get a trusted OS? From any US computer company, specifically including Red Hat. I used to use Trusted Solaris, snidely known as "the word processor for Generals" to protect my customers from each other, even if some of their data and staff lived on the same machine.
Some of the other features of trusted OSs also mitigate typical Windows or Unix attacks, such as privilege escalation by subverting root. You can still subvert root, but you'll find yourself running at system-low, below the level that can get at any secure data (;-))
It's not trivial: you need to train security admins as well as sysadmins, but it's a good first step.
Note that most commercial folks will tell you you don't need B2. That's because all they knows is C or "common criteria", and C just isn't good enough.
--dave