"However, I do find it worrisome that several jurors basically said that they convicted him because they didn't like him."
You're a juror just out of a long trial, and a reporter points a microphone at you and asks you what you thought. Are you really going to give a long list of all the evidence you saw, or do you think you might be tempted to just say something pat about the personality of the accused and be done with it?
So which is the best way to understand the kernel (basically How Linux works) for someone that starts from scratch? Any guide, e-book, tool anyone would like to recommend me?
One great way to start is to install git and, once a week or so, use it to download, build, and install the latest development kernel on your hardware. Some day you'll find that something that worked in week n doesn't work any more in week n+1. Report the problem and work with the developers to figure out what broke.
And, yeah, there's some good general overviews--I'd recommend the books by Jon Corbet and Robert Love--but it all makes more sense when you've got a real down-to-earth problem to look at.
I would like to see a link somewhere in/proc that points to the location of kernel source code used to build the currently running kernel.
Of course, chances are if you're patching kernels and such then the source at that path will change, and you'll forget about it.
The reason that, e.g.,/proc/config.gz is useful, is that that config file is actually built in to the running kernel image. So it's pretty hard for it to get out of sync with the running kernel. But few people are going to want the entire kernel source tree copied into their kernel image, so that trick's not going to work here.
The better way to solve this problem is using the kernel version number; e.g. if you're building from a git repository, the name of the git commit that the kernel was actually built from is automatically included:
# uname -r
2.6.26-rc4-00107-g4b7a993
But you can do this sort of thing yourself--see e.g. CONFIG_LOCALVERSION in the kernel config.
Yep. Most bugs are in drivers and architecture-specific code (that's where most of the code is!), and unfortunately it's unrealistic to expect everyone who changes a piece of code to retest with all of the (possibly obscure) hardware the change might theoretically have affected.
The only time anyone's wanted to look at my laptop, I was entering Canada. They asked me wether I had any hate speech or child pornography (and felt the need to reassure me that "we aren't looking for regular pornography"). I booted the laptop, logged in, and showed the Canadian custom's guy where to find the Gnome search dialog was. I didn't watch to see what he was looking for, but I think he only spent a minute or two at it.
If someone in power can easily identify you at will then it is quite simply impossible for you to post anonymously
When https came into use, it didn't suddenly become impossible to run a server without a certificate.
Similarly, if the Washington Post starts requiring you to prove your identity, that doesn't require Slashdot to suddenly start doing the same. You can even post to both if you want, using your real identity for the Post and a pseudonym for Slashdot.
That's no different from how things already work. Different sites require different procedures to get an account. If the Washington Post wants to require that you use your real name, and provide phone number/address to help them verify that if necessary--fine, it'll be interesting to say how that works. Like I say, that'd be no different from their letters to the editor policy.
I think that forums that allow anonymous speech have a place--I just don't think that *all* forums should have to do that. Forum operators should have some freedom to set policies as they see fit, and we all benefit from experimenting with a variety of models.
I'm confused. What bizarre notion of "free speech" are you working from that would *force* anyone hosting any forum to allow you to post whatever you want? Am I an evil censor because my home page lacks a "post a comment!" button? What if I accepted comments by email and posted my favorites on my home page? And how would it be different if I turned on some blog software and started weeding out the crap after the fact?
People who host conversations are free to set the rules. If you don't like the rules, find some other forum. Or set up your own--it's never been easier or cheaper to do so.
When government regulation, policies of an isp monopoly, or whatever, prevent you from doing that--then you can complain about censorship. Till then you're just doing the equivalent of complaining about the rules people set in their own living rooms.
And, sure, I think there's some value to mostly unmoderated forums that allow anonymous speech, etc. I just don't think that *all* of them have to be that way. There's room for multiple approaches to forum moderation to coexist, and we should encourage experimentation.
Are you nuts? What happens when you decide to inform someone on the internet of your opinion regarding GWB and his ridiculous "Warr on Terrah" and that person just happens to have links to GWB and decides to give his "old college buddy' at Versign a call and have them yank your "internet priveleges"
Newspapers have long hosted public forums where contributors are identified by name (and they do try to verify those identities)--they're generally called "letters to the editor" pages.
I think extending that model onto the internet would be an interesting experiment. I very much doubt it would threaten forums like Slashdot which allow anonymous speech; both could have their advantages, and I suspect most people will continue to prefer the Slashdots of the world. But we haven't figured out how to host the ideal public conversation yet, and we should encourage experimentation.
And, by the way, I think the George Bush administration has been awful, and I'm quite happy to be posting that opinion under my own name. It's safe to do so, and I encourage others to do the same. That kind of speech is vital to the health of a democracy.
IIRC, today's PCs have high-resolution timers available that surpass the old 14.318MHz clock chip.
Last I checked the actual time source used for file timestamps was actually jiffies, so even though the filesystem inode may in theory have space for lots of precision, in practice the resolution is only hundredths of a second.
That's a problem if you're trying to use the timestamp to decide whether a file has changed or not--if you happen to check the time between two writes that come within (say) a millisecond of each other, then you may not ever see the second write. (E.g., consider the case where you're an nfs client trying to check whether your cached data for a file is still up-to-date.)
The article title is inaccurate (the press release specifically say they're avoiding the *consumer* desktop, not desktops in general), and misleading (note they're *avoiding* the consumer desktop market, as they always have, not dropping anything new). The release specifically claims that they continue to support Fedora, their enterprise desktop, and their "global" desktop.
They're doing what I'd expect most companies would do in the face of a large entrenched competitor: finding a few niches where they can compete and using those as toeholds to justify further development. And they do a lot of desktop development.
Has America gotten so fat and lazy that 6 to 8 lbs is considered a huge burden?
You got it backwards. May people never carry their laptop more than 100 feet, between the car and the desk.
If you actually walk a few miles to work, or walk around places when you travel (as opposed doing everything with a rental car), you really notice the difference between a 2-pound and a 6-pound laptop....
The only problem I now have is with dual monitor support.
In the 8.04 beta, the System->Preferences->Screen Resolution dialog (gnome-display-properties) is aware of multiple monitors. I've used that only once, very briefly (for a projector), so while it was adequate for my purposes, I can't say whether this problem is completely solved yet.
and you'll see some contributions, though not as many as from Novell/Suse.
The authors of this paper are basically doing a souped-up version of the above, extracting author/committer information from the git history. (Though with some specialized scripts, and after having done a lot of work to track down author affiliations in case where people post from different addresses, misspell their names, etc., etc.)
The NSA is a huge organization, does a lot of different things, and as a result, it can--like a lot of large companies and agencies--seem a bit schizophrenic.
NSA employees have made significant contributions to Linux already, and there have been the usual arguments over design choices that any such project faces, but there's never been the smallest suggestion of any subterfuge.
OpenSolaris's work is conducted in the light of day, and I doubt the NSA's participation will be any more nefarious there.
Part of the NSA's mandate seems to be to improve the security of everybody's operating systems. That's work that can benefit all of us, is exactly the sort of work that a "national security agency" *should* do, and we should encourage it, while still condemning the projects we disapprove of.
That's a possibility regardless of size (it probably has more to do with size-to-developer ratio) and closed vs. open source. (Surely the occasional disgruntled employee gets a back door into closed source software.) And it depends on the details of their process.
I think the Linux kernel process, for example, would be relatively resistant to that kind of attack, since it favors very small incremental patches that are (ideally) always reviewed on public mailing lists. Not that it's perfect, of course. If I were to attack it I suppose I'd probably try to hide the backdoor in a largish patch in the git tree of someone maintaining an obscure driver or filesystem.
So it depends on the details--a public process is a positive, and a major positive in my opinion, but it can certainly be outweighed by other problems, like an inadequate developer community or poor review process.
"Unless you went through the code yourself, don't trust it. Maybe you can trust the maintainer of that code, but either way you end up trusting a third party."
I've never read through Wiles's proof of the Fermat conjecture, but I'd still bet my life on its correctness, because I understand the process by which it was reviewed.
I don't claim free software is free of problems. But, other things being equal, I *do* trust code that I know could be publicly reviewed by anyone over code that couldn't be.
Oh, good grief--since the original poster didn't specify units, and since it's highly unlikely the running time would be exactly n log n for any choice of units, and since it's pretty common to leave out the O() in casual conversation, the only sensible interpretation is that the O() was implied....
It is truly unfortunate that programmers of my generation aren't as prone to participate because they bring a much broader and deeper experience if for no other reason than years of working in the industry.
And probably you aren't the only person thinking that. Surely there are managers out there looking to hire people to work on Linux/Apache/whatever-floats-your-boat who share that opinion. Sounds like a good way to market yourself.
Though don't think you'll be as unusual as all that--plenty of people are working on Linux for Red Hat, IBM, etc., after years working on proprietary systems.
Where in there am I supposed to find time to sit in front of my machine spending hours debugging code for an OSS project?
During that block of time that ran from 9am to 5pm?
If open source is what you're interested in--enough so that given some free time you'd consider working on it just for fun--it'd be smart to look into that possibility seriously.
OK, I can understand why people wouldn't: even if in the long term it'll be 9-5, in the short term you'd almost certainly have to put in extra time for the job search, and part of that might be volunteering on some project(s) to learn about them and to demonstrate your interest. But it'd be a mistake to just assume that the opportunities aren't out there.
Why they have a sliding price scale is beyond me...they're supposed to be a non-profit, building the things for the poorest people in the world, and yet...the fewer you buy, the more you pay...
It's cheaper per unit to fulfill a larger order than a smaller one.
Yup. And if not, how the heck am I (as an access point administrator) supposed to communicate this permission? Do I have to personally go tell everyone in the general vicinity that they have my permission?
Traditional drives average over 10ms to seek from one part of the disk to another. Those seeks can add up fast for something like application startup--where you're reading in the executable, a bunch of libraries, probably some configuration files, the data for it to work on, etc., all of it probably scattered all over the disk. So it's not surprising that application and OS startup are two tests where they found these drives were a big win....
You just quit, so you clearly are not a completely loyal employee.
Nobody sensible has "loyalty" at the top (ok, anywhere on) their reasons for doing good work. Besides the obvious "to get paid":
for the pleasure of a job well done.
to build up a reputation as someone trustworthy, competent, and professional.
to develop mutually beneficial long-term relationships with people in their field. (People often change jobs multiple times during their career, while staying in the same field. The employee that's quitting today may be back in a few years, may want a referral, etc.)
Because you care about the progress of your industry--some people get really excited about trying to bring the world better cell phones, or whatever. Just because you now think you can do that better in company B now doesn't necessarily mean you sabotaging company A is suddenly going to look like a great idea.
Because it tells employees that they're not expected to have any sense of professionalism and ethics.
Because it shows a lack of respect for the employee's work: even for someone that's tired of their current job, the desire to tie up loose ends and ensure a smooth transition is natural for someone with any pride in their work.
Its just MS playing it safe, if I told my employer that I was leaving for our biggest competitor I think I wouldnt be allowed to sit around for the next two weeks out of concern that I could be gathering information.
So you want to know why it's a problem for the employer? Well, for starters, I'd think it would make it more than a little difficult to hire people with any sense of self-respect or pride in their work.
And why would they be giving their notice if they're interested in industrial espionage? Wouldn't they be better off getting the spying out of the way first?
I don't know what environment you're working and living in that's convinced you that this is a universal practice, but personally I'd advise getting out of it ASAP.
Slashdot Mirror
"However, I do find it worrisome that several jurors basically said that they convicted him because they didn't like him." You're a juror just out of a long trial, and a reporter points a microphone at you and asks you what you thought. Are you really going to give a long list of all the evidence you saw, or do you think you might be tempted to just say something pat about the personality of the accused and be done with it?
One great way to start is to install git and, once a week or so, use it to download, build, and install the latest development kernel on your hardware. Some day you'll find that something that worked in week n doesn't work any more in week n+1. Report the problem and work with the developers to figure out what broke.
And, yeah, there's some good general overviews--I'd recommend the books by Jon Corbet and Robert Love--but it all makes more sense when you've got a real down-to-earth problem to look at.
Of course, chances are if you're patching kernels and such then the source at that path will change, and you'll forget about it.
The reason that, e.g., /proc/config.gz is useful, is that that config file is actually built in to the running kernel image. So it's pretty hard for it to get out of sync with the running kernel. But few people are going to want the entire kernel source tree copied into their kernel image, so that trick's not going to work here.
The better way to solve this problem is using the kernel version number; e.g. if you're building from a git repository, the name of the git commit that the kernel was actually built from is automatically included:
# uname -r
2.6.26-rc4-00107-g4b7a993
But you can do this sort of thing yourself--see e.g. CONFIG_LOCALVERSION in the kernel config.
Yep. Most bugs are in drivers and architecture-specific code (that's where most of the code is!), and unfortunately it's unrealistic to expect everyone who changes a piece of code to retest with all of the (possibly obscure) hardware the change might theoretically have affected.
The only time anyone's wanted to look at my laptop, I was entering Canada. They asked me wether I had any hate speech or child pornography (and felt the need to reassure me that "we aren't looking for regular pornography"). I booted the laptop, logged in, and showed the Canadian custom's guy where to find the Gnome search dialog was. I didn't watch to see what he was looking for, but I think he only spent a minute or two at it.
When https came into use, it didn't suddenly become impossible to run a server without a certificate.
Similarly, if the Washington Post starts requiring you to prove your identity, that doesn't require Slashdot to suddenly start doing the same. You can even post to both if you want, using your real identity for the Post and a pseudonym for Slashdot.
That's no different from how things already work. Different sites require different procedures to get an account. If the Washington Post wants to require that you use your real name, and provide phone number/address to help them verify that if necessary--fine, it'll be interesting to say how that works. Like I say, that'd be no different from their letters to the editor policy.
I think that forums that allow anonymous speech have a place--I just don't think that *all* forums should have to do that. Forum operators should have some freedom to set policies as they see fit, and we all benefit from experimenting with a variety of models.
I'm confused. What bizarre notion of "free speech" are you working from that would *force* anyone hosting any forum to allow you to post whatever you want? Am I an evil censor because my home page lacks a "post a comment!" button? What if I accepted comments by email and posted my favorites on my home page? And how would it be different if I turned on some blog software and started weeding out the crap after the fact?
People who host conversations are free to set the rules. If you don't like the rules, find some other forum. Or set up your own--it's never been easier or cheaper to do so.
When government regulation, policies of an isp monopoly, or whatever, prevent you from doing that--then you can complain about censorship. Till then you're just doing the equivalent of complaining about the rules people set in their own living rooms.
And, sure, I think there's some value to mostly unmoderated forums that allow anonymous speech, etc. I just don't think that *all* of them have to be that way. There's room for multiple approaches to forum moderation to coexist, and we should encourage experimentation.
Newspapers have long hosted public forums where contributors are identified by name (and they do try to verify those identities)--they're generally called "letters to the editor" pages.
I think extending that model onto the internet would be an interesting experiment. I very much doubt it would threaten forums like Slashdot which allow anonymous speech; both could have their advantages, and I suspect most people will continue to prefer the Slashdots of the world. But we haven't figured out how to host the ideal public conversation yet, and we should encourage experimentation.
And, by the way, I think the George Bush administration has been awful, and I'm quite happy to be posting that opinion under my own name. It's safe to do so, and I encourage others to do the same. That kind of speech is vital to the health of a democracy.
Last I checked the actual time source used for file timestamps was actually jiffies, so even though the filesystem inode may in theory have space for lots of precision, in practice the resolution is only hundredths of a second.
That's a problem if you're trying to use the timestamp to decide whether a file has changed or not--if you happen to check the time between two writes that come within (say) a millisecond of each other, then you may not ever see the second write. (E.g., consider the case where you're an nfs client trying to check whether your cached data for a file is still up-to-date.)
The article title is inaccurate (the press release specifically say they're avoiding the *consumer* desktop, not desktops in general), and misleading (note they're *avoiding* the consumer desktop market, as they always have, not dropping anything new). The release specifically claims that they continue to support Fedora, their enterprise desktop, and their "global" desktop.
They're doing what I'd expect most companies would do in the face of a large entrenched competitor: finding a few niches where they can compete and using those as toeholds to justify further development. And they do a lot of desktop development.
Seems reasonable to me.
Google for "Dell Ubuntu", follow the "shop for ubuntu" link, then look at what OS is installed: "Ubuntu Linux version 7.10 with DVD Playback".
I assume they licensed some proprietary linux dvd-playing software. Not idea, but what can you do.
You got it backwards. May people never carry their laptop more than 100 feet, between the car and the desk.
If you actually walk a few miles to work, or walk around places when you travel (as opposed doing everything with a rental car), you really notice the difference between a 2-pound and a 6-pound laptop....
In the 8.04 beta, the System->Preferences->Screen Resolution dialog (gnome-display-properties) is aware of multiple monitors. I've used that only once, very briefly (for a projector), so while it was adequate for my purposes, I can't say whether this problem is completely solved yet.
The authors of this paper are basically doing a souped-up version of the above, extracting author/committer information from the git history. (Though with some specialized scripts, and after having done a lot of work to track down author affiliations in case where people post from different addresses, misspell their names, etc., etc.)
The NSA is a huge organization, does a lot of different things, and as a result, it can--like a lot of large companies and agencies--seem a bit schizophrenic.
NSA employees have made significant contributions to Linux already, and there have been the usual arguments over design choices that any such project faces, but there's never been the smallest suggestion of any subterfuge.
OpenSolaris's work is conducted in the light of day, and I doubt the NSA's participation will be any more nefarious there.
Part of the NSA's mandate seems to be to improve the security of everybody's operating systems. That's work that can benefit all of us, is exactly the sort of work that a "national security agency" *should* do, and we should encourage it, while still condemning the projects we disapprove of.
That's a possibility regardless of size (it probably has more to do with size-to-developer ratio) and closed vs. open source. (Surely the occasional disgruntled employee gets a back door into closed source software.) And it depends on the details of their process. I think the Linux kernel process, for example, would be relatively resistant to that kind of attack, since it favors very small incremental patches that are (ideally) always reviewed on public mailing lists. Not that it's perfect, of course. If I were to attack it I suppose I'd probably try to hide the backdoor in a largish patch in the git tree of someone maintaining an obscure driver or filesystem. So it depends on the details--a public process is a positive, and a major positive in my opinion, but it can certainly be outweighed by other problems, like an inadequate developer community or poor review process.
"Unless you went through the code yourself, don't trust it. Maybe you can trust the maintainer of that code, but either way you end up trusting a third party." I've never read through Wiles's proof of the Fermat conjecture, but I'd still bet my life on its correctness, because I understand the process by which it was reviewed. I don't claim free software is free of problems. But, other things being equal, I *do* trust code that I know could be publicly reviewed by anyone over code that couldn't be.
Oh, good grief--since the original poster didn't specify units, and since it's highly unlikely the running time would be exactly n log n for any choice of units, and since it's pretty common to leave out the O() in casual conversation, the only sensible interpretation is that the O() was implied....
And probably you aren't the only person thinking that. Surely there are managers out there looking to hire people to work on Linux/Apache/whatever-floats-your-boat who share that opinion. Sounds like a good way to market yourself.
Though don't think you'll be as unusual as all that--plenty of people are working on Linux for Red Hat, IBM, etc., after years working on proprietary systems.
During that block of time that ran from 9am to 5pm?
If open source is what you're interested in--enough so that given some free time you'd consider working on it just for fun--it'd be smart to look into that possibility seriously.
OK, I can understand why people wouldn't: even if in the long term it'll be 9-5, in the short term you'd almost certainly have to put in extra time for the job search, and part of that might be volunteering on some project(s) to learn about them and to demonstrate your interest. But it'd be a mistake to just assume that the opportunities aren't out there.
It's cheaper per unit to fulfill a larger order than a smaller one.
Yup. And if not, how the heck am I (as an access point administrator) supposed to communicate this permission? Do I have to personally go tell everyone in the general vicinity that they have my permission?
Traditional drives average over 10ms to seek from one part of the disk to another. Those seeks can add up fast for something like application startup--where you're reading in the executable, a bunch of libraries, probably some configuration files, the data for it to work on, etc., all of it probably scattered all over the disk. So it's not surprising that application and OS startup are two tests where they found these drives were a big win....
Nobody sensible has "loyalty" at the top (ok, anywhere on) their reasons for doing good work. Besides the obvious "to get paid":
So you want to know why it's a problem for the employer? Well, for starters, I'd think it would make it more than a little difficult to hire people with any sense of self-respect or pride in their work.
And why would they be giving their notice if they're interested in industrial espionage? Wouldn't they be better off getting the spying out of the way first?
I don't know what environment you're working and living in that's convinced you that this is a universal practice, but personally I'd advise getting out of it ASAP.