Uh-huh. Currently, Textmaker's asking me to spew a tarball into/opt or wherever.
How about integrating with the OS packaging system? It's the first concern in my mind when I think about supporting this across multiple desktops along with all the other apps we support.
This was a report of request failures, not uptime!
It's quite possible to manage a server farm of many boxes that are regularly updated and rebooted without having a single request refused. Techniques like loadbalancing, reverse proxying and simple scheduled address handover make high-availability a reality today.
We're a largish (>250 servers) Debian site. Actually, when I say site, I really mean about twenty sites scattered over three continents. We use Woody (Debian 3.0) with a few of our packages, and that setup works pretty well. In our environment, APT shines as a tool for managing the distribution of packages to a very diverse range of servers. The team running this is capable but of small size. It does help that the team manager is a Debian developer:}
Although we rely on it, the release cycle really does screw us from time to time, and in the long drag before Woody finally released, we seriously contemplated a bunch of alternative distributions. The joke emerged at the time - about the two main flavours of Debian, being of course: Debian/Stale and Debian/Broken:)
Assuming that you accept the FSF's gospel of What Is Free, you'll find that RMS already explicitly regards the BSD license as a free software license.
Definitions here.
I actually heard this on the ABC radio news whilst driving to work this morning.
Unfortunately they managed to summarise it in the most bogus form possible, and I quote (roughly)
"Existing Internet links could run six thousand times as fast!".
Even New Scientist, normally a beacon of good science journalism, is really dumbing it down to the noise level.
The analogy they gave is most ironic -
Steven Low, who led the Caltech team, likens the way the internet works now to driving a car while looking only 10 metres ahead. You slowly increase the car's speed until an obstacle comes into view, but then you have to hit the brakes.
"This is OK for driving slowly in a parking lot," says Low. But on the open road you need to be able to look further ahead: "That's what we are doing with Fast TCP."
... as my car sat, motionless, on the congested freeway...
The Cisco equivalent of this is called Network-Based Application Recognition (NBAR). Rather than use regular expressions, Cisco ship PDLMs (Packet Description Language Modules) that can loaded and unloaded whilst IOS is running, much like you'd get by combining Netfilter's ip_conntrack_helper modules with the ideas these guys have.
(I still think they should be doing this inside Netfilter rather than qdisc)
NBAR can also be - and is - used to filter network worms at ISP borders, by matching the specially-crafted URLs used to compromise vulnerable systems. For example, here's the Cisco config to catch the Nimda worm.
IMNVHO this would be better done in the netfilter (aka iptables) kernel subsystem than in the qdisc system. Not only can it then be used for more than just rate limiting (but also for firewalling, transparent proxying etc), but there is limited similar functionality already available in the patch tree (the STRING match) that could be extended to run regular expressions. Importantly, netfilter can communicate with the qdisc subsystem by tagging packates appropriately, enabling the rate-limiting and advanced queueing already discussed. I'm sure that the core work already done could be ported from one subsystem to to the other, although perhaps not overnight.
The fwsnort tool has proved the concept, I think, by translating rules from the Snort intrusion detection system into iptables rulesets.
For more complex protocols, such as FTP or IRC DCC, you'd also get Netfilter's connection-tracking support code for free.
I also think beginners will find the iptables tool easier to deal with that the tc tool, which has a steeper learning curve.
Caldera was created in 1994 by a team of Novell Linux enthusiasts, headed by Ransom Love. It received seed capital from Novell CEO Ray Noorda. We'd meet Caldera in these years and they professed their ambition was to "get SCO".
McBride has nearly finished the job of destroying SCO from the inside out. Maybe that's a secret part of his job description; a more Machiavellian plot could scarcely be hatched. In which case, he could reasonably expect a sizeable payout.
I'm using JBuilder 8 this week. It's as good as any other desktop application on my Thinkpad R32. Sometimes I demo it to people and the coup de grace is always "... and it's written in java." which is usually responded with "but... I thought java was slow!".
Bad interactive java is easy to write, just like bad MFC applications are easy to write.
1. Sue IBM. 2. Irritate the dinosaur. 3. Get bought by dinosaur.
The reason for this being that SCO is on the way down, down, down. The only way to rescue shareholder value at this point from total obliviion is a large injection of equity. Since no-one is likely to weigh in with the millions needed, the best way to obtain that equity is to replace it with those of a more stable stock.
i.e. get bought by IBM.
It's a high-risk, last-ditch strategy by a failing company.
Re:What really stuck out to me
on
Spam, Milord
·
· Score: 1
One approach might be to use certificates for identifying the source mail server.
I have turned on TLS (the SMTP crypto layer) on my mailserver; it will use it wherever ESMTP says it can be negotiated. Looking at todays inbound mail logs, I see only 387 TLS connections out of 12787.
Although TLS itself doesn't provide hard authentication, it could be used to force verification. However, there would have to be much wider acceptance first.
The fact that TLS also provides encryption is a privacy bonus and should be the main selling point. (Except to Big Brother governments, of course).
The only issue would be with very high volume mail sites such as the most popular mailing lists, which would need crypto hardware to support them.
Slashdot Mirror
Uh-huh. Currently, Textmaker's asking me to spew a tarball into /opt or wherever.
How about integrating with the OS packaging system? It's the first concern in my mind when I think about supporting this across multiple desktops along with all the other apps we support.
J
They even have the same primary author, James Clark, producer of the ubiquitous expat XML parser.
DSSSL is Scheme-based, and Scheme is a rarefied dialect of LISP.
Thus turns the circle.
This is impossible, because SCO was Caldera, and Caldera's entire business was distributing Linux.
Let's remember that "SCO" is just a name now. Everything else that used to be "SCO" is now Tarantella.
"Up to 80 percent of those Linux desktops will be equipped with VMWare," it says here (my italics).
Do you think they could be any more vague?
Let's mentally replace the words "up to" with the less-than-or-equal-to-sign <= to understand that statement.
In other news... up to 80% of people enjoy reading Microsoft propaganda newscasts!
This was a report of request failures, not uptime!
It's quite possible to manage a server farm of many boxes that are regularly updated and rebooted without having a single request refused. Techniques like loadbalancing, reverse proxying and simple scheduled address handover make high-availability a reality today.
IE is an email client now? or were you not paying attention?
Although we rely on it, the release cycle really does screw us from time to time, and in the long drag before Woody finally released, we seriously contemplated a bunch of alternative distributions. The joke emerged at the time - about the two main flavours of Debian, being of course: Debian/Stale and Debian/Broken :)
Assuming that you accept the FSF's gospel of What Is Free, you'll find that RMS already explicitly regards the BSD license as a free software license. Definitions here.
Perhaps we could use the rotating penguins to drive a generating turbine ;)
I'd love to see the fireworks when SCO tries to sue the NSA.
I actually heard this on the ABC radio news whilst driving to work this morning.
Unfortunately they managed to summarise it in the most bogus form possible, and I quote (roughly)
"Existing Internet links could run six thousand times as fast!".
Even New Scientist, normally a beacon of good science journalism, is really dumbing it down to the noise level.
The analogy they gave is most ironic -
... as my car sat, motionless, on the congested freeway ...
Maybe this is a better example. Cisco vs Code Red.
The Cisco equivalent of this is called Network-Based Application Recognition (NBAR). Rather than use regular expressions, Cisco ship PDLMs (Packet Description Language Modules) that can loaded and unloaded whilst IOS is running, much like you'd get by combining Netfilter's ip_conntrack_helper modules with the ideas these guys have.
(I still think they should be doing this inside Netfilter rather than qdisc)
NBAR can also be - and is - used to filter network worms at ISP borders, by matching the specially-crafted URLs used to compromise vulnerable systems. For example, here's the Cisco config to catch the Nimda worm.
IMNVHO this would be better done in the netfilter (aka iptables) kernel subsystem than in the qdisc system. Not only can it then be used for more than just rate limiting (but also for firewalling, transparent proxying etc), but there is limited similar functionality already available in the patch tree (the STRING match) that could be extended to run regular expressions. Importantly, netfilter can communicate with the qdisc subsystem by tagging packates appropriately, enabling the rate-limiting and advanced queueing already discussed. I'm sure that the core work already done could be ported from one subsystem to to the other, although perhaps not overnight.
The fwsnort tool has proved the concept, I think, by translating rules from the Snort intrusion detection system into iptables rulesets.
For more complex protocols, such as FTP or IRC DCC, you'd also get Netfilter's connection-tracking support code for free.
I also think beginners will find the iptables tool easier to deal with that the tc tool, which has a steeper learning curve.
Quoting Andrew Orlowski in el Register:
McBride has nearly finished the job of destroying SCO from the inside out. Maybe that's a secret part of his job description; a more Machiavellian plot could scarcely be hatched. In which case, he could reasonably expect a sizeable payout.
I'm using JBuilder 8 this week. It's as good as any other desktop application on my Thinkpad R32. Sometimes I demo it to people and the coup de grace is always "... and it's written in java." which is usually responded with "but... I thought java was slow!".
Bad interactive java is easy to write, just like bad MFC applications are easy to write.
I'd like to thank SCO for making the GPL distribution of Linux a high-throughput broadband affair!
-K
Nonono... the business plan is:
1. Sue IBM.
2. Irritate the dinosaur.
3. Get bought by dinosaur.
The reason for this being that SCO is on the way down, down, down. The only way to rescue shareholder value at this point from total obliviion is a large injection of equity. Since no-one is likely to weigh in with the millions needed, the best way to obtain that equity is to replace it with those of a more stable stock.
i.e. get bought by IBM.
It's a high-risk, last-ditch strategy by a failing company.
- K
(wondering how long the link will survive)
One approach might be to use certificates for identifying the source mail server.
I have turned on TLS (the SMTP crypto layer) on my mailserver; it will use it wherever ESMTP says it can be negotiated. Looking at todays inbound mail logs, I see only 387 TLS connections out of 12787.
Although TLS itself doesn't provide hard authentication, it could be used to force verification. However, there would have to be much wider acceptance first.
The fact that TLS also provides encryption is a privacy bonus and should be the main selling point. (Except to Big Brother governments, of course).
The only issue would be with very high volume mail sites such as the most popular mailing lists, which would need crypto hardware to support them.
That would be the old-fashioned part; "misspelling" being misspelled.