Because we all know that some high school kid with enough time to submit his biased rantings to Wikipedia must be the ultimate authority. After all, it's on Wikipedia, and Wikipedia is decent and holy open-source knowledge portal that can't ever be wrong.
Please stop using Wikipedia as a reference for anything but the most apolitical, factual topics... you'll seem a lot more credible.
This model has proven to work for companies like Redhat, Mysql, Suse and others as well.
I do not think this word "proven" means what you think it means. MySQL is still burning venture capital. Suse lost money before being swallowed by Novell, which loses money on Linux. RedHat has only been in the black only since 2003.
Features, price point, etc will rule the day. This has NEVER been the Microsoft business model and I think all of here are well aware of it.
It used to be the Microsoft business model. WordPerfect and Lotus 1-2-3 were once as dominant as Word and Excel. Microsoft was the up-and-comer trying to do it better and cheaper while maintaining compatibilty with the incumbent. And WP and Lotus tried to block MS by tweaking file formats and application behaviors.
The same thing is true of Netware. Early versions of Windows NT had all sorts of Netware migration and compatibility tools. Novell, which had like 90% market share for file and print servers, modified things every so often to frustrate Microsoft's compatibility efforts.
Heck, competition still is the Microsoft business model in market where they are not dominant. One example would be SQL reporting services. This new product is going head-to-head with marletplace bullies Crystal/BusinessObjects & Cognos. They're providing conversion utilities for Crystal reports at the least, and a good portion of the functionality for a fraction of the price.
The "big guys" always try to screw the little guy in any competitive market. That's the way of the world. And yes, that includes Google.
Just because all you freaking lemmings move out to a place where there's no water, the rest of us have to pay for it? No thank you. I will not subsidize your stupidity.
And if you try to mess with our great lake, remember that Chicago is "the city of broad shoulders." We'll kick your commie pinko coastal asses off the continent.
They theoretically support IMAP 4 and POP3 too but for some reason I really don't know, people on Exchange servers either uses Outlook, Entourage or licensed (?) stuff like Apple OS X Mail to get their mail from Exchange servers.
POP3 and IMAP4 work just fine on Exchange server; I used Thunderbird as my mail client for a time there just to see what all the hype was about. But most organizations use the other clients with Exchange because they offer features not available with IMAP4 and POP3. Like public folders, group scheduling, delegation for administrtive assistants, folder-level permissions, server-side rule creation, etc.
Group scheduling is the killer app for Exchange in my company: conference rooms, projectors, laptops, lunch service and the like are all reserved by the users themselves. We would have to build a separate app to handle the scheduling all that stuff, and it wouldn't be integrated with the mail client and calendaring application that people use every day. With Exchange, all the users have to do is invite a conference room to a meeting along with other people, and it accepts automatically if it is available.
Outlook & Exchange Server already support vCard and iCal. I think there must be something more to this RSS stuff. Group calendaring is specifically mentioned (which iCal does not support AFAIK).
And if you're interested in furthering manifest destiny (in a more polically correct form...there's no Indians on Mars), there's other things you can only learn by putting a man on Mars, like learning the long-term health concerns.
A bold experiment with a human life... why don't we send a chimp first instead? NASA got that part right the first time around.
Note to PETA members: I am not joking, a chimp's life is worth less than a human's life, at least to me. And to just about anyone else with common sense.
BTW, if you want your data to be safer may I recommend a RAID solution to help maintain your data, if that is too expensive a solution you can probably save some cost with DVD back-ups since I doubt you have a tape drive lying around and they aren't exactly cheap.
RAID is not a substitute for backing up your data. RAID protects you against a hard disk crash, but does not protect against fire, flood, theft, accidental deletion, or any of a million other things. You always need to have a copy of your backups OFF-SITE, no matter what. DVD+RW is currently the cheapest way to do this for a home user, followed by a removable HD cage.
The software you linked appears quite dodgy. The vendor's main site provides no description whatsoever of how it works. There's no FAQ, or support forum. Other that the description that it "doesn't rely on signatures". And "It became possible due to the newly developed solutions and algorithms that allow distinguishing spy program activities from those of any other application installed in the system." That sounds like Snake Oil to me.
If you're going to continue shilling for RaySoft, you should let them know that reputable software vendors don't hide information from their customers. They will tell you openly how their software works, and what behavior to expect. They typically and rely on patents and copyrights, not a "super-secret formula", to protect their intellectualy property.
Completely secure, eh? Firefox has had 100 entires in the CVE database. The Foxie plug-in wouldn't have provided any additional protection against the majority of these vulnerabilities.
Not that IE is any better, but "completely secure"? Where can I get some of what you're smoking?
I always wondered why AMD (or even Intel) wouldn't use an industry-standard benchmark like SPEC_int_rate in the naming of their processors. This would cover multi-core/multi-threaded CPUs, as well as the memory subsystem that CPU/chipset supports.
For example, the SPEC_int_rate for an Opteron 280 is 37.5, and the SPEC_int_rate for an Opteron 270, is 31.9. So why not call them the "375" and "320", respectively? Maybe adding a "-2" to indicate they are dual-processor capable.
Simple, honest marketing does in fact work. Especially with the sorts of numbers-oriented people that do IT purchasing. I always look at SPEC_int_rate when buying server systems. Yeah, it's a synthetic benchmark, but it's the only benchmark I've found that just about every system has been tested with. And it correlates real-world performance across processor architectures fairly well.
It's also the reason we now are buying Opterons for our server room. SPEC seemed to indicate they would be much faster for the same money. We bought one, tested it, and low-and-behold it was much faster than our Xeon boxes, to about the same degree SPEC indicated.
In today's 3GHz plus dual-core world, I'd happily give up, say, 5% worth of performance in exchange for a completely stable, secure system.
The problem is, buffer overruns are not the only type of security vulnerability. There are actually a lot of good tools to find simple buffer overflows in C/C++ source code. But a lot of vulnerabilities are far more subtle than buffer overruns. Type-safe, bounds-checked languages are not "magically perfectly secure"; they are simply tools to prevent the programmer from having to worry about certain issues.
Buffer overruns are merely the low-hanging fruit in the vulnerability space, because of widespread poor C/C++ coding practices. But even with perfect input validation, there are still situations (like intra-application privilege escalation, or race conditions) that are not easy to find in code nor uncover in a beta test.
Umm... there's no such thing as an "Outlook 2000 server". If you're talking about Exchange 2000 server's version of OWA, you're talking about a 5+ year old app. A stupid UI design decision from that long ago doesn't have anything to do with how well Microsoft does AJAX.
OWA 2000 actually improved quite a bit with the service packs for Exchagne 2000 Server. 2000 SP3 was pretty damn good. However, Outlook Web Access *2003* is an amazing imitation of the Outlook 2003 client interface in a browser. And SP2 for Exchange 2003 has even more enhancements.
You can't compare a 5-year old pioneering AJAX app to Gmail; that's hardly fair. Comparing OWA 2003sp2 to Gmail is fair.
Good catch. That's what I get for cut-and-pasting the formula from a PDF into text.
I think the calculations I made about relative complexity in another part of this thread are correct, though. The Excel formula I used for those calculations was:
So adding a single bit to a 640-bit RSA key makes it just about 3.4% stronger. This cannot be easily extrapolated, though, because of the non-linear complexity of GFNS. A 1025-bit RSA key is only about 2.6% stronger than a 1024-bit key, for example.
Re:Processor time?
on
RSA-640 Factored
·
· Score: 2, Informative
Surprisingly, lowly Excel was able to handle this math for me. It looks like a 1024-bit number will take about 73,500 times as long as a 640-bit number to factor using GNFS. Which correlates to about 2.4 million Opteron-years, based on the German factoring of RSA-640.
My understanding of GNFS is that only the sieving steps are trivial to parallelize. The final steps must be performed on a single machine with huge memory. So perhaps a 1024-bit RSA number is even safer than my math indicates, as it may be that no machine which can handle the final steps for a 1024-bit number exists.
Re:Processor time?
on
RSA-640 Factored
·
· Score: 2, Interesting
Assuming 50W per Opteron and 5 months continuous operation, I calculate they spent at least US$1400 on electricity alone (based on Chicago electric prices, I'm not sure if it's more orless over there).
And that figure ignores the electriciy used by the other components in the computers (be they servers, workstations, or whatever).
Still, the $30K in prize money goes a long way toward paying the electric bill.
Re:Processor time?
on
RSA-640 Factored
·
· Score: 4, Informative
single binary digit doubles the search space needed
We're not talking about symmetric cryptography here. We're dealing with large prime numbers and lots of funny math. The General Number Field Sieve factoring algorithm is not O(2^n) like a brute force search on AES would be. The actual order of growth of the GNFS algorithm is:
O(e^(1.9229+O(1))*ln(n)^(1/3)*ln(ln(n))^(2/3))
This can be found numerous places on the web. So adding one bit to your RSA key does far, far less for you than adding one bit to symmetric cipher like AES. You can do the math yourself, but you'll find that you need to add >>1 bits to an RSA key to double its strength.
This is because you compiled Opera with the -$qwxsd -O49 -l3 flags. If you had used -$qwxsf -O49 -l3 like any sane person, it would work just fine. N00b.
In my downtown Chicago apartment I have the option for 10 Mbps cable for $40 per month, 6Mbps cable for $30 per month from a different provider, up to 6 Mbps DSL for $70 from one of a dozen CLECs, 2 Mbps DSL for $19.95 from the incumbent, and a large number of WiFi providers that I can reach out my 10th floor window (T-Mobile has the best signal).
So competition and lower prices will come to areas of high population density in the US. And some of those providers will realize there is too much competition in the Chicago market, and try to service Minneapolis or Indianapolis instead.
So I feel more regulation is *not* the answer. Regulation gives us cheerful, customer-driven entities like the DMV, Ma Bell, and the Post Office. Not a dozen companies competing for my dollars on service and price.
If that is the case, I would just write a connection manager to always use only the max limit of connections and save our company a crap load of cash.
Ahh, but that's where they nail you with the license. As I recall from a heated conversation with an MS licensing representative: for SQL server, if the DB services are exposed to the public internet at large, no matter what the means of indirection (web servers, app servers, your own connection manager, etc.) you are required to pay per-CPU licensing fees. Per-seat or concurrent-connection licensed editions of SQL can only be used for *internal* applications. This even applies in the case of database replication; you cannot replicate transactions from a per-CPU licensed public server to a per-seat licensed internal server. They both need to have per-CPU licenses.
This language is in the license, not the code, so circumventing the connection or query governor to use a "smaller" edition of SQL Server to run a web site would violate said license.
Oracle, DB2, and even things like WebLogic all have similar licensing schemes. The small/free/developer editions are only allowed for limited use behind your firewall. This encourages development on the platform, and increases the chances of the sale of a big-ticket installation as applications grow up and out.
Then the admins blindly install Sun updates and we all get to be Sun's gunieapigs learning side-effects.
This differs from MSCEs, how again?
Because Sun is supposed to be "better" than the commodity stuff. Enterprise & carrier grade. Right?
I remember when folks used to pay those big monthly dollars to Sun, IBM, et. all because they tested just about everything thoroughly for you on an exact copy of your production environment. That's why they were called service contracts. Of course you couldn't do anything non-standard with the box or you'd break the SLA, and executives are basically cheap at their core, so the world moved on in search of greater flexibility and more downtime. So now we have Linux and Windows on x86.
Slashdot Mirror
Because we all know that some high school kid with enough time to submit his biased rantings to Wikipedia must be the ultimate authority. After all, it's on Wikipedia, and Wikipedia is decent and holy open-source knowledge portal that can't ever be wrong.
Please stop using Wikipedia as a reference for anything but the most apolitical, factual topics... you'll seem a lot more credible.
I do not think this word "proven" means what you think it means. MySQL is still burning venture capital. Suse lost money before being swallowed by Novell, which loses money on Linux. RedHat has only been in the black only since 2003.
Features, price point, etc will rule the day. This has NEVER been the Microsoft business model and I think all of here are well aware of it.
It used to be the Microsoft business model. WordPerfect and Lotus 1-2-3 were once as dominant as Word and Excel. Microsoft was the up-and-comer trying to do it better and cheaper while maintaining compatibilty with the incumbent. And WP and Lotus tried to block MS by tweaking file formats and application behaviors.
The same thing is true of Netware. Early versions of Windows NT had all sorts of Netware migration and compatibility tools. Novell, which had like 90% market share for file and print servers, modified things every so often to frustrate Microsoft's compatibility efforts.
Heck, competition still is the Microsoft business model in market where they are not dominant. One example would be SQL reporting services. This new product is going head-to-head with marletplace bullies Crystal/BusinessObjects & Cognos. They're providing conversion utilities for Crystal reports at the least, and a good portion of the functionality for a fraction of the price.
The "big guys" always try to screw the little guy in any competitive market. That's the way of the world. And yes, that includes Google.
Just because all you freaking lemmings move out to a place where there's no water, the rest of us have to pay for it? No thank you. I will not subsidize your stupidity.
And if you try to mess with our great lake, remember that Chicago is "the city of broad shoulders." We'll kick your commie pinko coastal asses off the continent.
POP3 and IMAP4 work just fine on Exchange server; I used Thunderbird as my mail client for a time there just to see what all the hype was about. But most organizations use the other clients with Exchange because they offer features not available with IMAP4 and POP3. Like public folders, group scheduling, delegation for administrtive assistants, folder-level permissions, server-side rule creation, etc.
Group scheduling is the killer app for Exchange in my company: conference rooms, projectors, laptops, lunch service and the like are all reserved by the users themselves. We would have to build a separate app to handle the scheduling all that stuff, and it wouldn't be integrated with the mail client and calendaring application that people use every day. With Exchange, all the users have to do is invite a conference room to a meeting along with other people, and it accepts automatically if it is available.
Outlook & Exchange Server already support vCard and iCal. I think there must be something more to this RSS stuff. Group calendaring is specifically mentioned (which iCal does not support AFAIK).
RAID is not a substitute for backing up your data. RAID protects you against a hard disk crash, but does not protect against fire, flood, theft, accidental deletion, or any of a million other things. You always need to have a copy of your backups OFF-SITE, no matter what. DVD+RW is currently the cheapest way to do this for a home user, followed by a removable HD cage.
He invaded Kuwait back in 1990, and for a few weeks there, it cost me an arm and a leg to fill up my conversion van. Bastard.
The software you linked appears quite dodgy. The vendor's main site provides no description whatsoever of how it works. There's no FAQ, or support forum. Other that the description that it "doesn't rely on signatures". And "It became possible due to the newly developed solutions and algorithms that allow distinguishing spy program activities from those of any other application installed in the system." That sounds like Snake Oil to me.
If you're going to continue shilling for RaySoft, you should let them know that reputable software vendors don't hide information from their customers. They will tell you openly how their software works, and what behavior to expect. They typically and rely on patents and copyrights, not a "super-secret formula", to protect their intellectualy property.
Completely secure, eh? Firefox has had 100 entires in the CVE database. The Foxie plug-in wouldn't have provided any additional protection against the majority of these vulnerabilities.
Not that IE is any better, but "completely secure"? Where can I get some of what you're smoking?
I always wondered why AMD (or even Intel) wouldn't use an industry-standard benchmark like SPEC_int_rate in the naming of their processors. This would cover multi-core/multi-threaded CPUs, as well as the memory subsystem that CPU/chipset supports.
For example, the SPEC_int_rate for an Opteron 280 is 37.5, and the SPEC_int_rate for an Opteron 270, is 31.9. So why not call them the "375" and "320", respectively? Maybe adding a "-2" to indicate they are dual-processor capable.
Simple, honest marketing does in fact work. Especially with the sorts of numbers-oriented people that do IT purchasing. I always look at SPEC_int_rate when buying server systems. Yeah, it's a synthetic benchmark, but it's the only benchmark I've found that just about every system has been tested with. And it correlates real-world performance across processor architectures fairly well.
It's also the reason we now are buying Opterons for our server room. SPEC seemed to indicate they would be much faster for the same money. We bought one, tested it, and low-and-behold it was much faster than our Xeon boxes, to about the same degree SPEC indicated.
The problem is, buffer overruns are not the only type of security vulnerability. There are actually a lot of good tools to find simple buffer overflows in C/C++ source code. But a lot of vulnerabilities are far more subtle than buffer overruns. Type-safe, bounds-checked languages are not "magically perfectly secure"; they are simply tools to prevent the programmer from having to worry about certain issues.
Buffer overruns are merely the low-hanging fruit in the vulnerability space, because of widespread poor C/C++ coding practices. But even with perfect input validation, there are still situations (like intra-application privilege escalation, or race conditions) that are not easy to find in code nor uncover in a beta test.
Umm... there's no such thing as an "Outlook 2000 server". If you're talking about Exchange 2000 server's version of OWA, you're talking about a 5+ year old app. A stupid UI design decision from that long ago doesn't have anything to do with how well Microsoft does AJAX.
OWA 2000 actually improved quite a bit with the service packs for Exchagne 2000 Server. 2000 SP3 was pretty damn good. However, Outlook Web Access *2003* is an amazing imitation of the Outlook 2003 client interface in a browser. And SP2 for Exchange 2003 has even more enhancements.
You can't compare a 5-year old pioneering AJAX app to Gmail; that's hardly fair. Comparing OWA 2003sp2 to Gmail is fair.
Good catch. That's what I get for cut-and-pasting the formula from a PDF into text.
2 /3))
I think the calculations I made about relative complexity in another part of this thread are correct, though. The Excel formula I used for those calculations was:
=EXP(1.9229*POWER(k*LN(2),1/3)*POWER(LN(k*LN(2)),
where k is the number of bits in the number to be factored. In the original formula n=2^k, so ln(n) = k*ln(2). Or did I screw seomthing else up?
Something else interesting from my math:
Bits|GNFS complexity
640|1.78448E+21
641|1.84589E+21
So adding a single bit to a 640-bit RSA key makes it just about 3.4% stronger. This cannot be easily extrapolated, though, because of the non-linear complexity of GFNS. A 1025-bit RSA key is only about 2.6% stronger than a 1024-bit key, for example.
Surprisingly, lowly Excel was able to handle this math for me.
It looks like a 1024-bit number will take about 73,500 times as long as a 640-bit number to factor using GNFS. Which correlates to about 2.4 million Opteron-years, based on the German factoring of RSA-640.
Here's a table:
bits|GNFS complexity
384| 8.09434E+16
512| 1.75249E+19
640| 1.78448E+21
768| 1.07460E+23
896| 4.37451E+24
1024|1.31176E+26
1536|1.30666E+31
2048|1.52656E+35
3072|5.77594E+41
4096|1.28186E+47
My understanding of GNFS is that only the sieving steps are trivial to parallelize. The final steps must be performed on a single machine with huge memory. So perhaps a 1024-bit RSA number is even safer than my math indicates, as it may be that no machine which can handle the final steps for a 1024-bit number exists.
Assuming 50W per Opteron and 5 months continuous operation, I calculate they spent at least US$1400 on electricity alone (based on Chicago electric prices, I'm not sure if it's more orless over there).
And that figure ignores the electriciy used by the other components in the computers (be they servers, workstations, or whatever).
Still, the $30K in prize money goes a long way toward paying the electric bill.
We're not talking about symmetric cryptography here. We're dealing with large prime numbers and lots of funny math. The General Number Field Sieve factoring algorithm is not O(2^n) like a brute force search on AES would be. The actual order of growth of the GNFS algorithm is:
This can be found numerous places on the web. So adding one bit to your RSA key does far, far less for you than adding one bit to symmetric cipher like AES. You can do the math yourself, but you'll find that you need to add >>1 bits to an RSA key to double its strength.
This is because you compiled Opera with the -$qwxsd -O49 -l3 flags. If you had used -$qwxsf -O49 -l3 like any sane person, it would work just fine. N00b.
In my downtown Chicago apartment I have the option for 10 Mbps cable for $40 per month, 6Mbps cable for $30 per month from a different provider, up to 6 Mbps DSL for $70 from one of a dozen CLECs, 2 Mbps DSL for $19.95 from the incumbent, and a large number of WiFi providers that I can reach out my 10th floor window (T-Mobile has the best signal).
So competition and lower prices will come to areas of high population density in the US. And some of those providers will realize there is too much competition in the Chicago market, and try to service Minneapolis or Indianapolis instead.
So I feel more regulation is *not* the answer. Regulation gives us cheerful, customer-driven entities like the DMV, Ma Bell, and the Post Office. Not a dozen companies competing for my dollars on service and price.
Ahh, but that's where they nail you with the license. As I recall from a heated conversation with an MS licensing representative: for SQL server, if the DB services are exposed to the public internet at large, no matter what the means of indirection (web servers, app servers, your own connection manager, etc.) you are required to pay per-CPU licensing fees. Per-seat or concurrent-connection licensed editions of SQL can only be used for *internal* applications. This even applies in the case of database replication; you cannot replicate transactions from a per-CPU licensed public server to a per-seat licensed internal server. They both need to have per-CPU licenses.
This language is in the license, not the code, so circumventing the connection or query governor to use a "smaller" edition of SQL Server to run a web site would violate said license.
Oracle, DB2, and even things like WebLogic all have similar licensing schemes. The small/free/developer editions are only allowed for limited use behind your firewall. This encourages development on the platform, and increases the chances of the sale of a big-ticket installation as applications grow up and out.
How, exactly? Where in the US (or any other) constitution is your "right" to use a privately owned service for free specified?
If you don't like the privacy policy, don't use Google services.
JPEG
Because Sun is supposed to be "better" than the commodity stuff. Enterprise & carrier grade. Right?
I remember when folks used to pay those big monthly dollars to Sun, IBM, et. all because they tested just about everything thoroughly for you on an exact copy of your production environment. That's why they were called service contracts. Of course you couldn't do anything non-standard with the box or you'd break the SLA, and executives are basically cheap at their core, so the world moved on in search of greater flexibility and more downtime. So now we have Linux and Windows on x86.