Actually, I'd put the rash of windows attacks down to a few reasons:
1) People run Windows on the desktop, and the architecture is shared with the server line. Makes it easy to go with what you know. Criminal activity tends to start in one's comfort zone at the start. Which I think explains the more numerous attacks against IIS instead of Apache.
2) Market share. Windows desktops make up the majority. Which makes it a big fat target for botnets.
3) Architectural flaws. Easy to exploit. Somewhat subjective.
SELinux makes a lot of sense at the server level, where you have change control and aren't running random applications without some sort of plan. The default on a server can easily be "deny, unless allowed".
On the desktop? Not so much, although it can serve as a useful way to reinforce browser sandboxing. On a desktop, the goal should more be "we know this application is risky, so let's lock it down".
Bots are plentiful, insecure windows boxes are extremely abundant and it will be easy for them to acquire more, they probably haven't even diverted all of their current resources to this attack.
I would postulate that crackable boxes being plentiful is a side-effect of the relatively benign nature of most infections. Slowing down the box or connection is nothing more then a minor inconvenience to most users. But if you start interfering with the user (rapid pop-up windows, crashes, other problems), they're much more likely to go get the machine fixed or to learn how to secure it. (Akin to being sick enough that you go to the doctor's office rather then just tough it out.)
However, if malware goes back to the days of yore where machines were frequently wiped and data destroyed, then I think users are going to be much more likely to sit up and take notice. A significant portion of users will even start to take preventative (or curative, if already infected) action. If you make it scary enough that the major news outlets carry the story, you might see a marked reduction in the number of crackable boxes. Now instead of just sniffles, you've got a good chance of mortality (loss of all data on the box).
Granted, you're fighting people's inertia to do nothing at all.
Possibly LCD TVs, like the 40" 1920x1080 sized displays.
I've seen the same issue though. I have a 19" 1680x1050 display and a 22" 1680x1050 display. Same resolution, but the 19" was just a tiny bit too small for my taste. (We won't talk about the 15" 1680x1050 display built into my T61p... I set the DPI setting in Windows to 120 DPI and frequently have to zoom in on web pages.)
So in general, there are two pixel densities out there. One is down around 0.24-0.25mm, the other is up around 0.28-0.29mm. For older users, I strongly suggest seeking LCDs at the upper end of the scale.
For example, at 19" widescreen a 1440x900 display has a pixel size of around 0.295mm. The same resolution in a 17" display is a 0.255mm pixel size.
For the 1920x1200 resolution, there are 24" displays at 0.27mm or 25.5" displays at 0.287mm.
The Firefox developer community most certainly does care about its users, but the users don't necessarily know that they want, much less could benefit from, process separation.
The problems with the current Firefox single-threaded model for everything have been apparent to all but the most casual users for at least 3 years now. Constant lockups and stuttering when you'd open up tabs in the background, the issue where the browser seems to hang while looking up or retrieving content, or the crashes that would take down the entire browser instead of just one window or one tab.
Which is why there's a lot of "what took you so long" sentiment going around. This is not simply an issue that cropped up because Google did multi-threading with Chrome.
Notice of your house being demolished on Tuesday can be put up in a dark cellar with no stairs at the bottom of a locked filing cabinet in a disused lavatory of the planning office guarded by a Leopard.
Except that there is no leopard there, only a sign reading "Beware of Leopard".
Eh, CIS pretty much got steam-rolled by TCP/IP, USENET, and SMTP.
Back in the early 90s, I spent a lot of time and money keeping up on tech trends, drivers, software fixes, etc via CIS. I used it in offline mode using TapCIS and an offline reader that began with an "R". It was the only way to keep connection charges to a minimum and still manage to read message threads for an hour or two per day.
Up until about '92 or '93 (give or take a year), it was *the* place to go for online technical support. Every major computer / software vendor had a forum, or at least a section of a forum where you could get support. But you couldn't communicate with AOL members, or Prodigy members, or people with SMTP addresses.
Then the internet rolled around, along with the web browser. Companies found it a lot less expensive to roll out websites to distribute software and to use SMTP, web forms/forums, or USENET to handle support. Which led to a drastic drop in content on CIS compared to what you could get on the internet.
I'm going to say that I probably used CIS up until '94 or so, but the writing was definitely on the wall by then. They couldn't adapt fast enough, at a cheap enough price, to stay on the radar as "the place to be for tech".
There's a lot of things that I miss about CIS. Moderated discussions, with the ability to browse messages offline are probably the thing I miss most. SMTP based mailing lists come the closest to meeting that description.
I think you are doing something horribly wrong. I haven't had a virus in 15 years or so.
That you know of.
There's a lot more infection vectors then there were 5 years ago. Even with all of the security patches over the years, we're still losing the race to lock things down before for-profit crackers manage to exploit things. And they're a lot more subtle then they used to be. A lot of the trojans, key loggers, and the like are silent installs with no outward signs (other then network traffic).
Early half of the 2000s, we saw nary a single infection in our company and associates. Second half of the 2000s, infections galore. It's not the end of the world, but it's not a pretty sight either at the moment. My mental bet is whether javascript and Flash will end up as pariahs by 2015 (which will pretty much kill ad revenue).
Lock your systems down. Disable javascript, flash, and Adobe PDF (3 of the common vectors). Take preventative actions like making backups, snapshots, and doing offsite storage.
But don't make the assumption that you've not been infected.
We've already migrated our internal applications away from MS SQL and switched over to PostgreSQL. Once we got up to speed on pgsql's design and security, migration was not that hard.
I want to say that v8.1 was probably the first reasonable version for us with the native Windows executables instead of having to depend on Cygnus.
Mostly, we're tired of worrying about licensing issues, and tired of paying for constant upgrades. A Linux box running pgsql is a heck of a lot less expensive over the long run. (Plus the ability to script things in bash / perl / python / etc is a strong selling point.)
Re:What compares to Access on PostgreSQL?
on
PostgreSQL 8.4 Out
·
· Score: 1
Eh... OpenOffice Base is still a joke compared to MS-Access.
It works fine, if you're using it against an external data source. But because the ODB file format is basically a ZIP, trying to store anything other then a trivial amount of data in an ODB is going to be a bad bad thing.
And it's easier to import/export data out of MS-Access tables (or to even load/save the data to/from remote databases) then in OOBase. Instead, there's a whole ecosystem of for-pay tools that you have to buy in order to move data around with Open Office.
(There are simply a lot of times where you want to give the user their own copy of data to play with, where you don't have to worry about database connectivity, and everything is contained in a single file. MS-Access serves this purpose well, allowing you GUI access to the data tables, the ability to create ad-hoc queries or reports. Without having to jump through hoops to then export/import. You can even link together disparate data sources in an MS-Access file.)
I skipped Vista entirely, but fully plan on jumping to Win7 sometime next year (probably early-2010). At that point, 8GB RAM installed will be common and I'll be installing the 64bit version of Win7.
Depending on how it goes, we may even do upgrades of existing machines to Win7 64bit (from XP 32bit). Most of our machines are dual or quad core units with the option to install up to 4GB of RAM (most have 2GB). Which is something that we were absolutely not considering for Vista.
32bit is basically done, stick a fork in it level of done. Game developers need to get with the times. (They should have seen the writing on the wall back when Vista 64bit was released.)
We're well past the point where 8GB of RAM is not unheard of on the desktop. The usual pricing right now for 4GB (2x2GB) configuration is around $50-$60 if you buy it direct. Give it another year and I expect to see 8GB as the standard with 16GB as a reasonable upgrade.
At which point we're rapidly going past what 32bit Windows can handle gracefully. Even with PAE, the maximum is 64GB of addressable memory. XP 32bit is limited to 4GB per Wikipedia's PAE article (as is Vista 32bit and Win7 32bit). Only the server OSs work with more then 4GB of RAM in 32bit mode.
64bit Win7 Ultimate and Professional is supposed to support up to 192GB of RAM. (Compared to 8GB for Home Basic and Starter, with 16GB for Home Premium.)
You act as if every site that is using those formats is acting maliciously. It's simply not true. Even in the rare case a mainstream site would be attacked, you would find out about it within a day and be able to take action. Not a big deal and definitely not common.
There are quite a few more maliciously defaced sites out there then you'd expect. Most of these attacks rely either on server exploits (SQL injection, PHP exploits, whatever) or weak password security (attacking FTP accounts). Once the attacker is in, they then slip injection code (javascript, a link to a hostile website, opening up a PDF in a background window, loading a hostile Flash object) whose purpose is to attack the visitor's machine and to plant code.
We're not typically talking the mainstream / first tier websites. These attacks are typically more oriented at the hundreds / thousands / millions of second tier websites (recipes, hobbies, pets, health, etc). Sites that you might not even remember going to visit after you find out that your machine has been compromised. Places where the site owner does not have the expertise to properly secure their site.
At the moment, it's a race to the bottom. Will browser makers be able to eliminate infections via Javascript / Flash / PDF before the users revolt and start blocking all JS/Flash/PDF by default? At which point, the only advertising that will work; will once again be DHTML, animated images, or plain text.
While I use ext3 for everything, mostly because it "just works" in 99% of cases, it has a few big issues. Mainly the slowness when deleting very large (>1GB) files or directories with lots of files.
So it tends to be a bit slow for Maildir storage or multimedia storage.
But who's gonna spend from 30 mins to an hour in WoW going to a lowbie area and back just to help somebody else? let alone sell or give out stuff to random newbies. From what I've heard playing the lv1-60 content in WoW these days is pretty much like playing a single-player RPG, except with a monthly fee, and that's very much a result of long travel times, IMHO.
There are still people who do that. Others put their wares up on the Auction House for cheap. Or keep their generosity within the guild or alliance. And players outlevel gear so fast now.
Travel times have very little to do with any of that. The problem is more (as to why lower level zones feel empty) is that you level so fast (maybe 2-3 hours per level in the 20s and 30s) that you quickly move from zone to zone and then leave for Outland at 58. (Blizzard keeps increasing the rate of XP gain for lower levels).
So at the most, you're spending only 10-20 hours in a single zone before moving on. And that's if the quest chains that you're following don't send you elsewhere before then.
Quests are probably the 2nd major reason why you rarely find people on the same page. Quest XP will double or triple the rate of XP gain compared to just sitting somewhere and killing mobs ala EQ grind camp style. That means there's a huge incentive for completing your quests. If you happen to have a leveling companion who is also on the same quests, great. Otherwise you'll find that it's like trying to synchronize two very different schedules.
No, they use it because it introduces massive downtime that is easy to justify as you can get some players even believe it is for their own good.
I'll state right up front that you're off base, close minded, and completely lacking in aesthetics.
I played EQ back in the days of Velious. Traveling from Faydwer (eastern continent on Norrath) to Erudin (western continent) by foot, was about a 2-3 hour journey. So, if you wanted to travel that way (for free), you expended playing time. The land felt huge, absolutely epic. Or you could pay for a port (spend money, or make friends) by a druid or wizard who would whisk you and 4 others to a far corner of the globe. Or you could simply level up as a wizard/druid and move yourself around. This all had some interesting side effects:
1. You'd typically stay in an area for a few days a time, and your local reputation mattered. Everyone knew who the troublemakers were, who the cheaters were, who the kill-stealers were, etc. Assholes tended to find their life difficult. Druids and Wizards would often refuse to port an asshole, which meant they were stuck running and taking the boat if they wanted to escape their reputation.
2. The population remained spread out. Because travel was difficult, players would not move willy-nilly from hot spot to hot spot. Unless you had strong reason to level elsewhere, most people stayed and leveled up near their home city.
3. Travel became an adventure in its own right. Not everyone's cup of tea, but to a great many of us, we enjoyed the epic crossing of Norrath. It was part of the pleasure of playing.
So things were in good shape, right up until SOE decided to (a) put in the free teleports up to the moon (b) completely trivialize travel between major cities in Planes of Power and (c) create a central, neutral city, with bankers and a place to sell.
- The population immediately flocked to the "best" leveling zone. Which resulted in tremendous lag, kill-stealing, competition for camping spots, and general bad manners all the way around.
- Assholes could now move from zone to zone easily, escaping their local reputation. The game world became much more anonymous, and the Internet Fuckwad Theory became to apply.
- Faction and exploration (two aspects of the game that many people enjoyed) became a joke. Which basically left "killing things" and "getting phat lewt".
- The world immediately shrunk in apparent size. It lost a lot of the epic feel prior to the introduction of free travel.
- The small economy centered around the buying / selling / bartering of ports was destroyed. This impacted quite a few players and could've been averted by not making travel free. (Yes, waiting for a druid/wizard to come by a druid circle or wizard spire was a pain at times. We would've been happy to pay about double the going rate to an NPC who would port us without waiting.)
- Old world cities immediately became ghost towns. Large portions of the world became abandoned.
From what I've seen, Blizzard's World of Warcraft gets it just about right:
- Initial exploration on foot or mounted, unlocks gryphon / bat locations allowing you to return reasonably quickly to those locations in the future. (The exception being the southern half of Kalimdor for Alliance characters due to all the major Alliance cities being situated at the north end of the continent.)
- Travel on the gryphons/bats is not free. Nor is it immediate. Which means that sometimes you'll see people pay mages for portals to distant cities. In addition, the gryphons function as yet another money sink (lowering the rate of inflation).
- There are central travel hubs like Shattrath and Dalaran, where you can easily get to any major city in an instant. If you set your hearthstone there, you are never more then 30 minutes (the cooldown on your hearthstone) from any major city on Azeroth.
- The auction house and class / profession trainer
Mmm, I pretty much plan on moving PCs to Win7 (we skipped Vista) starting in 2010. A lot of it depends on the economy and how soon we run out of stockpiled WinXP licenses.
More likely, 2nd half of 2010 for us. Which should be just about the time that SP1 comes out.
Still on the fence about upgrades. All of our boxes are dual-core, 64bit, 2GHz+, with at least 2GB RAM. Bumping them up to 4GB would be inexpensive and will probably be enough for Win7.
My own favourite, about which I've posted before, is to gradually (but exponentially) increase the delay between entries, so after 1 failure, you can retry in 1 second; after 2 failures, 3 seconds. The third failure locks it for 9 seconds, and by the time the brute-forcer is on the 5th time, he'll be waiting almost a minute and a half (and rapidly increasing --you can only do 9 tries the first hour).
Back in the mid-90s, that's how Lotus Notes authentication worked. Every attempt would result in a longer and longer delay. I'm pretty sure there was an upper end on how long the delay could grow to, and a timeout before it would revert back to normal.
The other thing that Lotus Notes did was to put a random (1-4) number of Xs into the password field each time you entered a character of your password. Which made passwords appear longer then they might actually be.
RAID-10 can be done with as few as (4) drives, but always an even number. It's basically RAID-0 laid over top of RAID-1 mirror pairs. Usually, you'll use an additional drive as a hot-spare to allow for quick rebuilds without manual intervention.
RAID-5 requires at least 3 disks (2 data, 1 parity), RAID-6 requires at least 4 disks (2 data, 2 parity).
2.5" SSDs in a RAID-6 configuration with one hot spare could be pretty interesting. Say (8) port RAID controller configured as 5 data, 2 parity, 1 hot spare. There are now 2.5" drive mounts that fit (4) SATA 2.5" drives in a 5.25" bay in hot-plug slots.
Now, how many of you *actually* stuff another device in your laptop bag to read books?
I do, but I use the Sony PRS-505 unit to do so. It's a wonderful device for leisure reading (fiction, stuff without lots of pictures/diagrams). I've had mine for about a year and a half now and I still prefer it over paper books.
Another wonderful feature is that my eyes get tired, I can boost the display font size, reducing eye strain.
- For a basic office machine, 2 or 4 cores is plenty, individual core speed doesn't matter much. It's usually whatever CPU gives me the most cores in the lowest power factor and costs less then $100. The 45W CPUs are my favorite. Given RAM prices now, the choice between 2GB or 4GB is a coin flip for XP installs. (I'll generally go with 4GB to avoid an upgrade down the road.)
- For a game box, the speed of an individual core does matter. So I'll spend more on the CPU to get a faster dual, triple, or quad core. Quad is a bit overkill, but sometimes dual isn't enough. But I still won't pay more then about $300 for a single CPU, and preferably closer to $200-$240.
I really like low power CPUs for office machines. It means quiet operation with low fan speeds. We may even switch over to 2.5" laptop hard drives soon to shave another 8W or so off of the power usage. Maybe... (the cost to mount a 2.5" drive inside a box designed for 3.5" drives tends to negate the power savings).
When I rebuild my game box next year (probably using Win7), I figure 8GB or 16GB with quad-core will be the minimums.
There are also two sides to depression. Externally influenced, triggered by stressors such as job loss, deaths in the family / community / circle of friends, or other major life changing events. Then there's the internal side, where the depressed individual can't stop focusing on every bad thing that they've done, said, chosen, etc.
External events come and go, but can be very overwhelming in the short-term. The internal side tends to be more chronic and permanent as the individual builds up more and more negative experiences (and pretty much ignores anything positive that happens, or discounts it).
For a chronic sufferer, we're talking sleepless nights where you lay awake as your mind chases down all of the bad memories. All of those regrets that you've ever had ("why did I do that", "why did I say that") circle and circle around your head for hours on end. Now, it's normal to have regret and feel sadness, but it's not normal to dwell on a mistake for weeks and months at a time, night after night. Even when you recognize the pattern and apply coping skills learned in therapy, it can be a bit like putting a finger in a leaky dike.
Eventually, things spiral downwards. Sometimes accelerated by outside influences such as those mentioned above. You can have loss of focus, difficulty doing simple things (everything seems like a big production, so you procrastinate), job performance plummets, and you often feel like you're living behind a fog. At that point, often you start to experience a real pain. Sorta like stress pain, but very much a constant pain that you try different things to get away from (sleep, alcohol, drugs, sex, gambling, risk taking).
At the end of that cycle, I found myself curled up on the floor in my living room, middle of the day, just wishing that the pain would stop. At that point, you're tired of it all, and pretty much just want it to end. My red flag was researching suicide methods online, looking for a sure-kill method. The next morning I woke up (without trying anything) and went to the doctor's office to get help.
Chronic long-term depression sucks donkey balls. It was a wonderful day when the medications and therapy (to learn good coping skills) started working. Every month, I'd go back to the doctor and realize that I felt twice as good as the previous month, which felt twice as good as the month before that.
In fact, I can easily tell when I've missed a few days of medication, because I find myself laying awake at night, once again thinking about all the stupid things that I've done in the past rather then looking forward. The meds don't make me "happy", they just bring me closer to "normal" where I can deal with things and don't feel overwhelmed.
Slashdot Mirror
Actually, I'd put the rash of windows attacks down to a few reasons:
1) People run Windows on the desktop, and the architecture is shared with the server line. Makes it easy to go with what you know. Criminal activity tends to start in one's comfort zone at the start. Which I think explains the more numerous attacks against IIS instead of Apache.
2) Market share. Windows desktops make up the majority. Which makes it a big fat target for botnets.
3) Architectural flaws. Easy to exploit. Somewhat subjective.
SELinux makes a lot of sense at the server level, where you have change control and aren't running random applications without some sort of plan. The default on a server can easily be "deny, unless allowed".
On the desktop? Not so much, although it can serve as a useful way to reinforce browser sandboxing. On a desktop, the goal should more be "we know this application is risky, so let's lock it down".
Catholics might believe that, but protestants(?) go the "symbolic" route.
Bots are plentiful, insecure windows boxes are extremely abundant and it will be easy for them to acquire more, they probably haven't even diverted all of their current resources to this attack.
I would postulate that crackable boxes being plentiful is a side-effect of the relatively benign nature of most infections. Slowing down the box or connection is nothing more then a minor inconvenience to most users. But if you start interfering with the user (rapid pop-up windows, crashes, other problems), they're much more likely to go get the machine fixed or to learn how to secure it. (Akin to being sick enough that you go to the doctor's office rather then just tough it out.)
However, if malware goes back to the days of yore where machines were frequently wiped and data destroyed, then I think users are going to be much more likely to sit up and take notice. A significant portion of users will even start to take preventative (or curative, if already infected) action. If you make it scary enough that the major news outlets carry the story, you might see a marked reduction in the number of crackable boxes. Now instead of just sniffles, you've got a good chance of mortality (loss of all data on the box).
Granted, you're fighting people's inertia to do nothing at all.
Possibly LCD TVs, like the 40" 1920x1080 sized displays.
I've seen the same issue though. I have a 19" 1680x1050 display and a 22" 1680x1050 display. Same resolution, but the 19" was just a tiny bit too small for my taste. (We won't talk about the 15" 1680x1050 display built into my T61p... I set the DPI setting in Windows to 120 DPI and frequently have to zoom in on web pages.)
So in general, there are two pixel densities out there. One is down around 0.24-0.25mm, the other is up around 0.28-0.29mm. For older users, I strongly suggest seeking LCDs at the upper end of the scale.
For example, at 19" widescreen a 1440x900 display has a pixel size of around 0.295mm. The same resolution in a 17" display is a 0.255mm pixel size.
For the 1920x1200 resolution, there are 24" displays at 0.27mm or 25.5" displays at 0.287mm.
Which version of Nagios? I thought part of the v3 was that checks could be one in parallel. (Or maybe I need to go back and read documentation.)
(My only complaint with Nagios at the moment is convincing it to play nicely in a SELinux enforcing environment.)
The Firefox developer community most certainly does care about its users, but the users don't necessarily know that they want, much less could benefit from, process separation.
The problems with the current Firefox single-threaded model for everything have been apparent to all but the most casual users for at least 3 years now. Constant lockups and stuttering when you'd open up tabs in the background, the issue where the browser seems to hang while looking up or retrieving content, or the crashes that would take down the entire browser instead of just one window or one tab.
Which is why there's a lot of "what took you so long" sentiment going around. This is not simply an issue that cropped up because Google did multi-threading with Chrome.
What took so long?
Notice of your house being demolished on Tuesday can be put up in a dark cellar with no stairs at the bottom of a locked filing cabinet in a disused lavatory of the planning office guarded by a Leopard.
Except that there is no leopard there, only a sign reading "Beware of Leopard".
Eh, CIS pretty much got steam-rolled by TCP/IP, USENET, and SMTP.
Back in the early 90s, I spent a lot of time and money keeping up on tech trends, drivers, software fixes, etc via CIS. I used it in offline mode using TapCIS and an offline reader that began with an "R". It was the only way to keep connection charges to a minimum and still manage to read message threads for an hour or two per day.
Up until about '92 or '93 (give or take a year), it was *the* place to go for online technical support. Every major computer / software vendor had a forum, or at least a section of a forum where you could get support. But you couldn't communicate with AOL members, or Prodigy members, or people with SMTP addresses.
Then the internet rolled around, along with the web browser. Companies found it a lot less expensive to roll out websites to distribute software and to use SMTP, web forms/forums, or USENET to handle support. Which led to a drastic drop in content on CIS compared to what you could get on the internet.
I'm going to say that I probably used CIS up until '94 or so, but the writing was definitely on the wall by then. They couldn't adapt fast enough, at a cheap enough price, to stay on the radar as "the place to be for tech".
There's a lot of things that I miss about CIS. Moderated discussions, with the ability to browse messages offline are probably the thing I miss most. SMTP based mailing lists come the closest to meeting that description.
I think you are doing something horribly wrong. I haven't had a virus in 15 years or so.
That you know of.
There's a lot more infection vectors then there were 5 years ago. Even with all of the security patches over the years, we're still losing the race to lock things down before for-profit crackers manage to exploit things. And they're a lot more subtle then they used to be. A lot of the trojans, key loggers, and the like are silent installs with no outward signs (other then network traffic).
Early half of the 2000s, we saw nary a single infection in our company and associates. Second half of the 2000s, infections galore. It's not the end of the world, but it's not a pretty sight either at the moment. My mental bet is whether javascript and Flash will end up as pariahs by 2015 (which will pretty much kill ad revenue).
Lock your systems down. Disable javascript, flash, and Adobe PDF (3 of the common vectors). Take preventative actions like making backups, snapshots, and doing offsite storage.
But don't make the assumption that you've not been infected.
We've already migrated our internal applications away from MS SQL and switched over to PostgreSQL. Once we got up to speed on pgsql's design and security, migration was not that hard.
I want to say that v8.1 was probably the first reasonable version for us with the native Windows executables instead of having to depend on Cygnus.
Mostly, we're tired of worrying about licensing issues, and tired of paying for constant upgrades. A Linux box running pgsql is a heck of a lot less expensive over the long run. (Plus the ability to script things in bash / perl / python / etc is a strong selling point.)
Eh... OpenOffice Base is still a joke compared to MS-Access.
It works fine, if you're using it against an external data source. But because the ODB file format is basically a ZIP, trying to store anything other then a trivial amount of data in an ODB is going to be a bad bad thing.
And it's easier to import/export data out of MS-Access tables (or to even load/save the data to/from remote databases) then in OOBase. Instead, there's a whole ecosystem of for-pay tools that you have to buy in order to move data around with Open Office.
(There are simply a lot of times where you want to give the user their own copy of data to play with, where you don't have to worry about database connectivity, and everything is contained in a single file. MS-Access serves this purpose well, allowing you GUI access to the data tables, the ability to create ad-hoc queries or reports. Without having to jump through hoops to then export/import. You can even link together disparate data sources in an MS-Access file.)
I skipped Vista entirely, but fully plan on jumping to Win7 sometime next year (probably early-2010). At that point, 8GB RAM installed will be common and I'll be installing the 64bit version of Win7.
Depending on how it goes, we may even do upgrades of existing machines to Win7 64bit (from XP 32bit). Most of our machines are dual or quad core units with the option to install up to 4GB of RAM (most have 2GB). Which is something that we were absolutely not considering for Vista.
32bit is basically done, stick a fork in it level of done. Game developers need to get with the times. (They should have seen the writing on the wall back when Vista 64bit was released.)
We're well past the point where 8GB of RAM is not unheard of on the desktop. The usual pricing right now for 4GB (2x2GB) configuration is around $50-$60 if you buy it direct. Give it another year and I expect to see 8GB as the standard with 16GB as a reasonable upgrade.
At which point we're rapidly going past what 32bit Windows can handle gracefully. Even with PAE, the maximum is 64GB of addressable memory. XP 32bit is limited to 4GB per Wikipedia's PAE article (as is Vista 32bit and Win7 32bit). Only the server OSs work with more then 4GB of RAM in 32bit mode.
64bit Win7 Ultimate and Professional is supposed to support up to 192GB of RAM. (Compared to 8GB for Home Basic and Starter, with 16GB for Home Premium.)
You act as if every site that is using those formats is acting maliciously. It's simply not true. Even in the rare case a mainstream site would be attacked, you would find out about it within a day and be able to take action. Not a big deal and definitely not common.
There are quite a few more maliciously defaced sites out there then you'd expect. Most of these attacks rely either on server exploits (SQL injection, PHP exploits, whatever) or weak password security (attacking FTP accounts). Once the attacker is in, they then slip injection code (javascript, a link to a hostile website, opening up a PDF in a background window, loading a hostile Flash object) whose purpose is to attack the visitor's machine and to plant code.
We're not typically talking the mainstream / first tier websites. These attacks are typically more oriented at the hundreds / thousands / millions of second tier websites (recipes, hobbies, pets, health, etc). Sites that you might not even remember going to visit after you find out that your machine has been compromised. Places where the site owner does not have the expertise to properly secure their site.
At the moment, it's a race to the bottom. Will browser makers be able to eliminate infections via Javascript / Flash / PDF before the users revolt and start blocking all JS/Flash/PDF by default? At which point, the only advertising that will work; will once again be DHTML, animated images, or plain text.
While I use ext3 for everything, mostly because it "just works" in 99% of cases, it has a few big issues. Mainly the slowness when deleting very large (>1GB) files or directories with lots of files.
So it tends to be a bit slow for Maildir storage or multimedia storage.
But who's gonna spend from 30 mins to an hour in WoW going to a lowbie area and back just to help somebody else? let alone sell or give out stuff to random newbies. From what I've heard playing the lv1-60 content in WoW these days is pretty much like playing a single-player RPG, except with a monthly fee, and that's very much a result of long travel times, IMHO.
There are still people who do that. Others put their wares up on the Auction House for cheap. Or keep their generosity within the guild or alliance. And players outlevel gear so fast now.
Travel times have very little to do with any of that. The problem is more (as to why lower level zones feel empty) is that you level so fast (maybe 2-3 hours per level in the 20s and 30s) that you quickly move from zone to zone and then leave for Outland at 58. (Blizzard keeps increasing the rate of XP gain for lower levels).
So at the most, you're spending only 10-20 hours in a single zone before moving on. And that's if the quest chains that you're following don't send you elsewhere before then.
Quests are probably the 2nd major reason why you rarely find people on the same page. Quest XP will double or triple the rate of XP gain compared to just sitting somewhere and killing mobs ala EQ grind camp style. That means there's a huge incentive for completing your quests. If you happen to have a leveling companion who is also on the same quests, great. Otherwise you'll find that it's like trying to synchronize two very different schedules.
No, they use it because it introduces massive downtime that is easy to justify as you can get some players even believe it is for their own good.
I'll state right up front that you're off base, close minded, and completely lacking in aesthetics.
I played EQ back in the days of Velious. Traveling from Faydwer (eastern continent on Norrath) to Erudin (western continent) by foot, was about a 2-3 hour journey. So, if you wanted to travel that way (for free), you expended playing time. The land felt huge, absolutely epic. Or you could pay for a port (spend money, or make friends) by a druid or wizard who would whisk you and 4 others to a far corner of the globe. Or you could simply level up as a wizard/druid and move yourself around. This all had some interesting side effects:
1. You'd typically stay in an area for a few days a time, and your local reputation mattered. Everyone knew who the troublemakers were, who the cheaters were, who the kill-stealers were, etc. Assholes tended to find their life difficult. Druids and Wizards would often refuse to port an asshole, which meant they were stuck running and taking the boat if they wanted to escape their reputation.
2. The population remained spread out. Because travel was difficult, players would not move willy-nilly from hot spot to hot spot. Unless you had strong reason to level elsewhere, most people stayed and leveled up near their home city.
3. Travel became an adventure in its own right. Not everyone's cup of tea, but to a great many of us, we enjoyed the epic crossing of Norrath. It was part of the pleasure of playing.
So things were in good shape, right up until SOE decided to (a) put in the free teleports up to the moon (b) completely trivialize travel between major cities in Planes of Power and (c) create a central, neutral city, with bankers and a place to sell.
- The population immediately flocked to the "best" leveling zone. Which resulted in tremendous lag, kill-stealing, competition for camping spots, and general bad manners all the way around.
- Assholes could now move from zone to zone easily, escaping their local reputation. The game world became much more anonymous, and the Internet Fuckwad Theory became to apply.
- Faction and exploration (two aspects of the game that many people enjoyed) became a joke. Which basically left "killing things" and "getting phat lewt".
- The world immediately shrunk in apparent size. It lost a lot of the epic feel prior to the introduction of free travel.
- The small economy centered around the buying / selling / bartering of ports was destroyed. This impacted quite a few players and could've been averted by not making travel free. (Yes, waiting for a druid/wizard to come by a druid circle or wizard spire was a pain at times. We would've been happy to pay about double the going rate to an NPC who would port us without waiting.)
- Old world cities immediately became ghost towns. Large portions of the world became abandoned.
From what I've seen, Blizzard's World of Warcraft gets it just about right:
- Initial exploration on foot or mounted, unlocks gryphon / bat locations allowing you to return reasonably quickly to those locations in the future. (The exception being the southern half of Kalimdor for Alliance characters due to all the major Alliance cities being situated at the north end of the continent.)
- Travel on the gryphons/bats is not free. Nor is it immediate. Which means that sometimes you'll see people pay mages for portals to distant cities. In addition, the gryphons function as yet another money sink (lowering the rate of inflation).
- There are central travel hubs like Shattrath and Dalaran, where you can easily get to any major city in an instant. If you set your hearthstone there, you are never more then 30 minutes (the cooldown on your hearthstone) from any major city on Azeroth.
- The auction house and class / profession trainer
Mmm, I pretty much plan on moving PCs to Win7 (we skipped Vista) starting in 2010. A lot of it depends on the economy and how soon we run out of stockpiled WinXP licenses.
More likely, 2nd half of 2010 for us. Which should be just about the time that SP1 comes out.
Still on the fence about upgrades. All of our boxes are dual-core, 64bit, 2GHz+, with at least 2GB RAM. Bumping them up to 4GB would be inexpensive and will probably be enough for Win7.
My own favourite, about which I've posted before, is to gradually (but exponentially) increase the delay between entries, so after 1 failure, you can retry in 1 second; after 2 failures, 3 seconds. The third failure locks it for 9 seconds, and by the time the brute-forcer is on the 5th time, he'll be waiting almost a minute and a half (and rapidly increasing --you can only do 9 tries the first hour).
Back in the mid-90s, that's how Lotus Notes authentication worked. Every attempt would result in a longer and longer delay. I'm pretty sure there was an upper end on how long the delay could grow to, and a timeout before it would revert back to normal.
The other thing that Lotus Notes did was to put a random (1-4) number of Xs into the password field each time you entered a character of your password. Which made passwords appear longer then they might actually be.
RAID-10 can be done with as few as (4) drives, but always an even number. It's basically RAID-0 laid over top of RAID-1 mirror pairs. Usually, you'll use an additional drive as a hot-spare to allow for quick rebuilds without manual intervention.
RAID-5 requires at least 3 disks (2 data, 1 parity), RAID-6 requires at least 4 disks (2 data, 2 parity).
2.5" SSDs in a RAID-6 configuration with one hot spare could be pretty interesting. Say (8) port RAID controller configured as 5 data, 2 parity, 1 hot spare. There are now 2.5" drive mounts that fit (4) SATA 2.5" drives in a 5.25" bay in hot-plug slots.
Now, how many of you *actually* stuff another device in your laptop bag to read books?
I do, but I use the Sony PRS-505 unit to do so. It's a wonderful device for leisure reading (fiction, stuff without lots of pictures/diagrams). I've had mine for about a year and a half now and I still prefer it over paper books.
Another wonderful feature is that my eyes get tired, I can boost the display font size, reducing eye strain.
My rules of thumb:
- For a basic office machine, 2 or 4 cores is plenty, individual core speed doesn't matter much. It's usually whatever CPU gives me the most cores in the lowest power factor and costs less then $100. The 45W CPUs are my favorite. Given RAM prices now, the choice between 2GB or 4GB is a coin flip for XP installs. (I'll generally go with 4GB to avoid an upgrade down the road.)
- For a game box, the speed of an individual core does matter. So I'll spend more on the CPU to get a faster dual, triple, or quad core. Quad is a bit overkill, but sometimes dual isn't enough. But I still won't pay more then about $300 for a single CPU, and preferably closer to $200-$240.
I really like low power CPUs for office machines. It means quiet operation with low fan speeds. We may even switch over to 2.5" laptop hard drives soon to shave another 8W or so off of the power usage. Maybe... (the cost to mount a 2.5" drive inside a box designed for 3.5" drives tends to negate the power savings).
When I rebuild my game box next year (probably using Win7), I figure 8GB or 16GB with quad-core will be the minimums.
There are also two sides to depression. Externally influenced, triggered by stressors such as job loss, deaths in the family / community / circle of friends, or other major life changing events. Then there's the internal side, where the depressed individual can't stop focusing on every bad thing that they've done, said, chosen, etc.
External events come and go, but can be very overwhelming in the short-term. The internal side tends to be more chronic and permanent as the individual builds up more and more negative experiences (and pretty much ignores anything positive that happens, or discounts it).
For a chronic sufferer, we're talking sleepless nights where you lay awake as your mind chases down all of the bad memories. All of those regrets that you've ever had ("why did I do that", "why did I say that") circle and circle around your head for hours on end. Now, it's normal to have regret and feel sadness, but it's not normal to dwell on a mistake for weeks and months at a time, night after night. Even when you recognize the pattern and apply coping skills learned in therapy, it can be a bit like putting a finger in a leaky dike.
Eventually, things spiral downwards. Sometimes accelerated by outside influences such as those mentioned above. You can have loss of focus, difficulty doing simple things (everything seems like a big production, so you procrastinate), job performance plummets, and you often feel like you're living behind a fog. At that point, often you start to experience a real pain. Sorta like stress pain, but very much a constant pain that you try different things to get away from (sleep, alcohol, drugs, sex, gambling, risk taking).
At the end of that cycle, I found myself curled up on the floor in my living room, middle of the day, just wishing that the pain would stop. At that point, you're tired of it all, and pretty much just want it to end. My red flag was researching suicide methods online, looking for a sure-kill method. The next morning I woke up (without trying anything) and went to the doctor's office to get help.
Chronic long-term depression sucks donkey balls. It was a wonderful day when the medications and therapy (to learn good coping skills) started working. Every month, I'd go back to the doctor and realize that I felt twice as good as the previous month, which felt twice as good as the month before that.
In fact, I can easily tell when I've missed a few days of medication, because I find myself laying awake at night, once again thinking about all the stupid things that I've done in the past rather then looking forward. The meds don't make me "happy", they just bring me closer to "normal" where I can deal with things and don't feel overwhelmed.