Stock ownership does not imply compatible corporate
culture and unified interests. Consider Apple,
Microsoft owns Apple stock. Does that make Microsoft a friend of Apple?
Novell offerred $210M for SuSE according to the article, that may be a bit low. I personally use SuSE and would like to see them continue to do well.
Perhaps others can give details, my memory is a bit fuzzy, but I don't remember their stewardship of Unix System Laboratories to be especially good or bad. SuSE may be in a position to become a much larger player in the Unix arena, given Redhat's recent change in direction. I wonder how IBM will react (IBM is using SuSE internally, how well does Novell's management get along with IBM?).
This model is a a nice start, but would benefit from a few refinements. I'm not sure I have time to work out the math here and now, so I'll leave that as an exercise for the student:-).
Some specific suggestions include:
Consider adding carrying capacity,
which is quite critical in arctic populations, since
there is substantially less biomass and hence food in arctic environments (due to reduced solar energy).
Additionally, your equation appears to assume that the sex ratio (male to female) is 1:1, but I'm not sure that is true (it may be but might not be).
Finally, the rate of predation should depend on the ability of predators to encounter prey, and your predation rate term is independent of the number of lemmings in the environment.
Finally, homogeneous mixing models are not good for large populations with spatial diversity. In particular, when population is sparse, variability in the population begins to dominate, while for large populations mean behavior dominates.
I'm not sure why, but X under SuSE seems to have
a long slow memory leak for me too. I'm running
8.2 (upgraded from 8.0) but somehow I've got
over 118 MB allocated to X, which doesn't make
sense. Of course Mozilla wants another 82 MB.
Other than that SuSE has been smooth.
I've not felt HD based lockups like the parent
complained about.
First off, let me say the work is interesting
and provides a nice practical experimental approach. However, as good as this was,
it could still be improved and made even better.
I know this is more work, but perhaps a more fair test might be to compare default installs with each other and then compare more highly tuned installs.
This might give a sense of what novices and experts can get out of both systems. I did like the benchmarks, but there may be some (unintentional statistical) bias due to your familiarity with Linux.
Additionally, could you tell us what linux distribution you used. It is important, since the supporting utilities in an O.S. impact its overall behavior (in the http server benchmarks).
I'm a linux user, and rarely fire up a windows box, so this begs the question,
are there good Linux drivers for Canon printers?
I'm far from being an expert on inkjet printers,
my lab owns a couple HP 990 inkjets which seem fine
for the low volume color printing we do (for monochrome, we use laser jets), although ink is
expensive, quality is fine for what we want. On a side note,
I've noticed that
LinuxPrinting.Org
does not seem to give encouraging reports for Canon and Lexmark drivers.
I'm not privy to his techniques, but he may be
hardwiring the compiled kernel for the target
architecture to get more speed (recall that
when programming, using early binding
times trade off flexibility for speed).
Yodaiken's a smart guy, so I may not have
guessed his tricks.
Embedded devices may not need to do
things like hardware discovery, plug and
play configuration, etc. since their
hardware configuration may be
constant (so this stuff could be compiled into the
kernel). Additionally, booting the kernel is
different than doing various daemon startups and file system initializations, network configuration,
etc. that one typically wants for non-desktop devices.
While grammar may be an issue, the title has
a misspelled Attacking as Aattacking
(or perhaps it is a Dutch spelling, since they
are generous with vowels, at least we know it
isn't Welsh, since if it were Welsh there
wouldn't be any vowels:-)).
The paper was written by six different authors, all of whom are very well respected in the security community. I think that covers your concerns about "peer review.
In peer reviewed forums the forum appoints people to read and review the papers, they don't just take the author's word for it. Even smart people get stuff wrong, which is why external review is needed.
This is open source, figure out where to submit your patches or else you are nothing but an arm chair security expert.
This is a very unfair characterization of Gutmann's work. I read the posted article, and in it Peter Gutmann gives thoughtful analysis and cogent suggestions about how to fix the problems (although the complete rework of vtun sound's it will take a lot of time). I would much prefer Gutmann to do his analysis than have him doing package maintenance, he is far from being an arm chair security expert. I don't think it is an issue of his skill, it is an issue of how he should be allocating his time, and I think he is doing the right sorts of things for the community.
Perhaps RIAA execs and their lawyers use SBC. I wonder how the RIAA and their lawyers would feel if SBC would publish in great detail their network activities for the public to see. Perhaps SBC could offer immediate and full disclosure on that information if the RIAA wishes to agitate for disclosure of internet activities of individuals.
Given the amount of effort that people expend on
trying to break systems these days, Theo's record is quite good. It is really unfair to characterize Theo and the OpenBSD community as a bunch of stonewalling liars who won't disclose vulnerabilities and fix them. On the contrary they are exceptionally thorough and proactive in their approach to reliability and security. The last time such an exploit was found they did not hesitate to update the page.
Perhaps you'd like to disclose which O/S you run and tell us how many vulnerabilities it has had over a similar time frame?
I can't say I know all the ethical details, but over time, my respect for the Beatles music has grown
(I'm old enough to remember when the band was
still together). In particular, I underestimated
just how good Ringo Starr really was as a drummer.
Not being a drummer, I still don't think I can
fully appreciate him, but he kept perfect time
for some very difficult pieces and when he
joined the band he was actually an established
star (relative to the other members).
In general I think of all the Beatles, Ringo's talent tends to be the most underrated.
I think as a whole, the Beatles were relatively
sophisticated, prolific, and had a higher percentage of good quality music as a proportion of the repertoire than other bands. Other great musicians of their era, e.g. Elvis (o.k. he was a bit before them), the Doors,the Who, the Rolling Stones, the Beach Boys, Elton John (although he came later) all did good work, but not to the extent of the Beatles.
The number of Beatles songs that people listen to 30/40 years later is an indicator of their quality.
They should have offered to go to bat for this
family, did they do it? This was their high profile opportunity to challenge the RIAA and challenge them for gathering data on a minor.
Even worse, popular media never brings up the idea that copyright protection extending 70 years past the creator's death just might be a little more than needed to fulfill the original purpose of copyright -- encouraging creators to share their work.
Actually this just triggered a realization that if this law was in effect back in 1940, Disney's Pinocchio might have required licensing of the story. It would be interesting to know if
Disney licensed Pinocchio or treated it as
public domain work, since Carlo Collodi (the author) died in 1890 and Disney's film was made in 1940.
Peoiple like you just LOVE to use the 'break into someone's house' or similar analogy.
Bzzt, Wrong Answer, Thanks for Playing!
People like me HATE situational ethics and presumptious fools telling us what we must like and dislike.
Hint: A PUBLICALLY ACCESSABLE web server is not the same as someone's house!!
Reading a file off a computer is not the same as pawing through someone's underwear drawer!
Let me be real clear (but surely some a public disclosure is made that discloses a vulnerability of your banks web server, telling 3vil h4x0rz a cool 'sploit that they use to get your personal identification numbers which they release to some L33T DOODZ. If I tell people how to break into your house, you should be mad, even if I don't do it myself. Similarly, if I disclose how to break into your personal information, you should also be mad, because it is personal private and possibly even valuable like say the kind of stuff found in someones house. That aspect of the analogy is not flawed.
How would you know it is really a white hat and NOT a blackhat?
Umm, the Whitehat contacts you and lets you know of the problem, while the Blackhat doesn't?
Ah, but there's the rub. Often the so called white hat tells everyone, and even if they tell only you, your privacy and security have been compromised without your consent. If some guy tells your significant other about the color of their lingerie, and tells them that they were just testing their security, your going to be cool with that because they are a white hat, right?
If you ask and tell theam your going to try to hack. Then they will tighten security. Thats exactly why you can't tell theam. You have to just do it. at a random time without theam knowing , then see if they catch it. Thats the only true way to "test" Do it Blind or it is not real. A BlackHat will never ask or tell you when.
Let's try a little analogy and see how you like tha argument.
If I ask you and tell you that I'm going to access your bank account, then you will just tighten security. This is exactly why I need to access your bank account at a random time without you knowing, then see if you catch it. That's the only true way to "test".
It would seem that this argument is weak, because if some whitehat got your social security number, bank info, etc. you'd be upset. How would you know it is really a white hat and NOT a blackhat?
We had aa retired clown as a teacher in middle school, and pound for pound he was probably the strongest guy there (we had an ex U.S. football player, he was definitely the strongest). If you go to a circus and watch what the clowns do, they are often very athletic. Still it is kind of a strange stunt they did.
And similar games seem to get fairly mixed play at our local arcade, but I'd guess it is still about 2
guys to 1 girl I see playing. Girls are coming into the arcade more, and not just to find their boy friends. Driving games and (to a lesser extent) Soul Calibur II seem popular with the girls.
I've tried Redhat, Mandrake, SuSE distros
(and FreeBSD, but that is a different story).
I've not tried server editions of RH or SuSe,
however we do get the professional editions.
Mandrake installed easily, but I felt their QA
was weak, we reported some glitches in their installs and watched successive releases not make simple fixes. Mandrake appears more interested in features and less interested in stability/quality, and I felt at the time that Mandrake was not
easier than Redhat or SuSE.
I've used Redhat the most extensively.
Redhat has integration testing problems.
However, redhat has more packages on rpmfind.net,
which can be useful.
SuSE's been my desktop system at home and it has been quite good. SuSE professional edition is likely to be available in boxed sets in stores
(redhat sounds like they my discontinue that mode of distribution) and my dept. is internally showing signs of preferring SuSE over Redhat,
meaning, I'll probably switch to go with the flow.
A few observations worth keeping in mind are:
I've yet to try gentoo, perhaps I'll go that
way eventually. In general package management
on Linux distros appears to be a weak point
(and I've gotten a few not so great kernels as
well). The FreeBSD package management system
is good stuff (but that might be because of their
integration testing model).
SuSE professional edition has more stuff than
Redhat's out of the box. SuSE provides more browsers (they weren't stuck at netscape 4.79),
and some non-free software (e.g. Opera, acroread)
which I use regularly. However, it can be
harder to find SuSE RPMs not bundled with the distro.
SuSE's YAST seems to be a more functional
gui driven admin tool than Redhat's control panel,
and has a much more consistent interface
across versions.
Redhat has some very helpful device driver
developers and has contributed substantially to
the kernel. I've had some positive interactions
with the dptio driver writers.
SuSE's business model is different. We buy
a few SuSE boxed sets and maintain many machines
cheaply (downloading bugfixes is free). Redhat has a more restrictive model for maintenance, since they charge on a subscription model.
I graduated from a decent engineering school (RPI) in 1998. My advice comes in a variety of flavors:
What makes for a good advisor/program/topic
There is a famous fable, which
states that choice of advisor is more important
than choice of topic. While this may be overstated, good advisors have a sense of what is interesting and provide interesting directions.
However, be wary of working with really big names,
often they are very hard on their students.
Try to determine how they treat their students and
what sort of time frame and rate do they graduate
at.
Getting the right advisor is more important
than going to a fancy school. E.g. if say, Don Knuth came out of retirement and went to teach at some relatively unknown University with a new Ph.D. program, his
recommendation would still carry significant weight. However, good programs tend to have more good people (which is why they are good) and a larger program can carry on more ambitous research projects.
Before going to grad school,
try to pick one or 2 areas to focus on and target those areas. If you like say Data Mining, read
the recent conferences and see who is doing interesting work. Often a few good people will be at the same institution with a small focus group working on a particular problem.
What the student should be trying to do
Learn to finish - you must also learn to say no to projects that distract you from your goals. Pick a project and stick with it. Students
who drift between projects often start many and finish none. If you have trouble finishing projects a Ph.D. is not for you.
Familiarize yourself with the literature -
Read the major conference articles. You can't possibly read everything however, that will paralyze you. Pick a sub topic and survey it.
Keep your research active - many students
and faculty get paralyzed because no project seems good enough, so they pick some hard open ended problem and get stuck in a "tar pit". Being deep doesn't mean being narrow.
Try to do work that gets cited. Writing
a lot of papers is important, but being read and known in the community is important.
Go to conferences - try to go to one early
in your academic program (before you even publish) to see what the leaders in your discipline are doing and to get a sense of the currently interesting research directions. You can pick a hard topic that seems important, but it helps
if others agree that it is important.
Hiring Related
Timing matters when searching for a job, especially at the Ph.D. level. A Ph.D. can be thought of as a certification, sort of like a driver's license, it doesn't mean you are Mario Andretti, nor does it mean that people lacking the certification are incompetent. Most Ph.D.s are expected to specialize and extend the state of the art. A Ph.D. in a theoretical topic can generally expect greater difficulty in finding a good position (unless they do landmark work) while a hands on type may fare better. If you are in Computer Science, you would be well advised to look at the Taulbee survey (see the CRA website
for this an more information), which gives an annual salary survey and dicsusses the outlook for Ph.D. placement. When I started (early 1990's) the outlook was quite poor, and I went against the grain. I was lucky that I got out at a good (nearly optimal) time.
Nah, the right thing is to have them drive out for a business meeting, and instead of you showing up, have a stream of vendors come in and pitch their wares to the spammers. Perhaps if they realize that being mislead and finding out that they had to listen to advertisements instead of using their time developing opportunities or commmunication, they might take the hint.
Slashdot Mirror
Stock ownership does not imply compatible corporate culture and unified interests. Consider Apple, Microsoft owns Apple stock. Does that make Microsoft a friend of Apple?
Novell offerred $210M for SuSE according to the article, that may be a bit low. I personally use SuSE and would like to see them continue to do well. Perhaps others can give details, my memory is a bit fuzzy, but I don't remember their stewardship of Unix System Laboratories to be especially good or bad. SuSE may be in a position to become a much larger player in the Unix arena, given Redhat's recent change in direction. I wonder how IBM will react (IBM is using SuSE internally, how well does Novell's management get along with IBM?).
I'm not sure why, but X under SuSE seems to have a long slow memory leak for me too. I'm running 8.2 (upgraded from 8.0) but somehow I've got over 118 MB allocated to X, which doesn't make sense. Of course Mozilla wants another 82 MB. Other than that SuSE has been smooth. I've not felt HD based lockups like the parent complained about.
I know this is more work, but perhaps a more fair test might be to compare default installs with each other and then compare more highly tuned installs. This might give a sense of what novices and experts can get out of both systems. I did like the benchmarks, but there may be some (unintentional statistical) bias due to your familiarity with Linux.
Additionally, could you tell us what linux distribution you used. It is important, since the supporting utilities in an O.S. impact its overall behavior (in the http server benchmarks).
I'm a linux user, and rarely fire up a windows box, so this begs the question, are there good Linux drivers for Canon printers? I'm far from being an expert on inkjet printers, my lab owns a couple HP 990 inkjets which seem fine for the low volume color printing we do (for monochrome, we use laser jets), although ink is expensive, quality is fine for what we want. On a side note, I've noticed that LinuxPrinting.Org does not seem to give encouraging reports for Canon and Lexmark drivers.
Actually Tom Neff has a good reputation, but most of us aren't ready for the kinds of positions he fills.
Embedded devices may not need to do things like hardware discovery, plug and play configuration, etc. since their hardware configuration may be constant (so this stuff could be compiled into the kernel). Additionally, booting the kernel is different than doing various daemon startups and file system initializations, network configuration, etc. that one typically wants for non-desktop devices.
While grammar may be an issue, the title has a misspelled Attacking as Aattacking (or perhaps it is a Dutch spelling, since they are generous with vowels, at least we know it isn't Welsh, since if it were Welsh there wouldn't be any vowels :-)).
Perhaps RIAA execs and their lawyers use SBC. I wonder how the RIAA and their lawyers would feel if SBC would publish in great detail their network activities for the public to see. Perhaps SBC could offer immediate and full disclosure on that information if the RIAA wishes to agitate for disclosure of internet activities of individuals.
Perhaps you'd like to disclose which O/S you run and tell us how many vulnerabilities it has had over a similar time frame?
I think as a whole, the Beatles were relatively sophisticated, prolific, and had a higher percentage of good quality music as a proportion of the repertoire than other bands. Other great musicians of their era, e.g. Elvis (o.k. he was a bit before them), the Doors,the Who, the Rolling Stones, the Beach Boys, Elton John (although he came later) all did good work, but not to the extent of the Beatles.
The number of Beatles songs that people listen to 30/40 years later is an indicator of their quality.
They should have offered to go to bat for this family, did they do it? This was their high profile opportunity to challenge the RIAA and challenge them for gathering data on a minor.
People like me HATE situational ethics and presumptious fools telling us what we must like and dislike.
Let me be real clear (but surely some a public disclosure is made that discloses a vulnerability of your banks web server, telling 3vil h4x0rz a cool 'sploit that they use to get your personal identification numbers which they release to some L33T DOODZ. If I tell people how to break into your house, you should be mad, even if I don't do it myself. Similarly, if I disclose how to break into your personal information, you should also be mad, because it is personal private and possibly even valuable like say the kind of stuff found in someones house. That aspect of the analogy is not flawed.Let's try a little analogy and see how you like tha argument.
If I ask you and tell you that I'm going to access your bank account, then you will just tighten security. This is exactly why I need to access your bank account at a random time without you knowing, then see if you catch it. That's the only true way to "test".
It would seem that this argument is weak, because if some whitehat got your social security number, bank info, etc. you'd be upset. How would you know it is really a white hat and NOT a blackhat?
We had aa retired clown as a teacher in middle school, and pound for pound he was probably the strongest guy there (we had an ex U.S. football player, he was definitely the strongest). If you go to a circus and watch what the clowns do, they are often very athletic. Still it is kind of a strange stunt they did.
And similar games seem to get fairly mixed play at our local arcade, but I'd guess it is still about 2 guys to 1 girl I see playing. Girls are coming into the arcade more, and not just to find their boy friends. Driving games and (to a lesser extent) Soul Calibur II seem popular with the girls.
Mandrake installed easily, but I felt their QA was weak, we reported some glitches in their installs and watched successive releases not make simple fixes. Mandrake appears more interested in features and less interested in stability/quality, and I felt at the time that Mandrake was not easier than Redhat or SuSE.
I've used Redhat the most extensively. Redhat has integration testing problems. However, redhat has more packages on rpmfind.net, which can be useful.
SuSE's been my desktop system at home and it has been quite good. SuSE professional edition is likely to be available in boxed sets in stores (redhat sounds like they my discontinue that mode of distribution) and my dept. is internally showing signs of preferring SuSE over Redhat, meaning, I'll probably switch to go with the flow.
A few observations worth keeping in mind are:
SuSE's YAST seems to be a more functional gui driven admin tool than Redhat's control panel, and has a much more consistent interface across versions.
Nah, the right thing is to have them drive out for a business meeting, and instead of you showing up, have a stream of vendors come in and pitch their wares to the spammers. Perhaps if they realize that being mislead and finding out that they had to listen to advertisements instead of using their time developing opportunities or commmunication, they might take the hint.