Yes, the Newton used "soups" (essentially simple databases) for data storage instead of a filesystem, but I never had the impression that this was because of flash memory. I believe it had more to do with reducing the size and complexity of applications by having long-term storage use the same data format as heap storage. On the Newton, you didn't have to "format" data when storing it to a soup or "parse" it when reading it. As far as applications were concerned, soups stored associative arrays just like the rest of NewtonScript did.
Soups were stored in a flat namespace rather than a hierarchical one, largely because the Newton was designed as a single-user device where each application worked with a single data set. The flat namespace and standard data format encouraged data sharing between applications: it was trivially easy to lookup a name in the address book, for example.
The original Palm OS also used "databases" in a flat namespace rather than a filesystem, and for largely the same reasons. Again, I don't think that flash memory had much to do with it. In fact, when Palm OS started supporting external flash memory cards, they used the FAT filesystem (for compatibility with digital cameras and desktop card readers) rather than porting their existing database format.
Protect SSH by disabling password logins
on
Ubuntu Servers Hacked
·
· Score: 2, Interesting
On my company's server, I solved the attempted SSH break-in problem by disabling password logins via SSH altogether. Only publicKey logins are allowed. The break-in attempts have completely stopped (or at least they are turned away so quickly that there's not even a security log message for them).
Only a few computers have my public/private key pair on them (the private key is encrypted, of course), and I keep an extra copy on a USB thumb drive in case of emergency. If someone needs access to the server, I can use one of the existing logins to install their public key so that they can login.
I highly recommend this solution to anyone who can manage it. It's much more straightforward than trying to maintain blacklists.
The Nokia N800 is essentially always on, so I think it qualifies as "instant on". Assuming that you have the WiFi set to turn off after a few minutes of inactivity, it can sleep for a few days without needing a recharge, and will wake up as soon as you tap on the screen.
Yes, you can shut it down completely, and if you do it takes about 30 seconds to boot. But in practice you don't tend to use it that way.
Since the new tracks without DRM are going to be encoded at twice the bitrate, only half as many songs will fit on your iPod. So if Apple's strategy becomes popular, this has the potential to drive the purchase of larger, more expensive iPods.
Of course, it could very well drive the purchase of larger players from other companies, too. But an awful lot of people are going to stick with the iPod brand and interface, and just look for more capacity.
I predict that within a week or so Sophos will follow-up this report with a "clarification" saying that they didn't actually mean it, that Microsoft Windows is a secure operating system when properly configured, etc., etc. The language will be such that anyone with an ounce of sense will realize that Microsoft has tightened the thumbscrews on them and essentially forced a retraction.
In my original post Rolling back - what do YOU do? I suggested it would be helpful if there were a log, in human-readable form, which listed all things that are Created, Read, Updated, or Deleted.
The Advanced Disk Drive Restore screen of GoBack provides exactly such a log. The log lists, with timestamps, every file created, modified, replaced, renamed or deleted, every directory created, and every process launched. It also lists "System Safe Points" that it believes your disk could safely be reverted to.
Even if you didn't use the restore capability, the log might be worthwhile on its own.
Well, recently I installed two Symantec products that _claim_ to be able to restore the system to a previous state. I haven't had the opportunity to really test either one of them yet, but I do feel a bit safer.
The first product is Norton GoBack, which reserves a certain percentage of hard disk space to maintain an undo history for your hard drive. Theoretically, if you have a bad software install or update, you can simply revert your hard disk to its state before the update. There might be issues with user documents created in that time getting reverted as well, but as long as you were careful you should be able to copy those files to another disk, revert the disk with the problem, and copy the files back. (There may also be built-in support for excluding certain files from being reverted -- I haven't checked.) You'd also need to notice the problem before GoBack's undo buffer got full and started forgetting things.
The second product is Symantec Ghost, which is a backup and disk cloning utility. You can set up Ghost to perform an incremental backup before any software installation. I have mine set up to backup the system disk to another drive before each install. At my company we use EMC Retrospect for network backups, but Retrospect is not really good for restoring a system disk to a bootable state. From what I've heard, Ghost should be able to do this smoothly.
Personally, I'd love to have a dual-core laptop as a portable development machine.
I work in the handheld space where most development is done with device emulators that run as a separate process and communicate with the debugger via a network socket. We also use emulators to test HotSync/ActiveSync. A dual core processor should be able to give the (already slow) emulator its own CPU, leaving the other CPU free to talk to me.:)
It's a shame that no Palm OS 6 Cobalt devices have actually made it to market, because PalmSource has done a lot right in that version of the Palm OS to provide a sound security model.
Not only does the OS provide for digital signing of code, it provides secure databases where only signed applications can access the data. You can control which databases are synchronized to the desktop, and even which applications can access screen buffers (to prevent screen-scraping).
Hopefully either Palm OS 6 Cobalt or its Linux-based successors will make it into actual devices soon. It would be a huge step toward powerful, secure PDAs.
The discussion here got me thinking: Why not codify and automate the existing practice of posting MD5/SHA-1 checksums at the originating web site, and then storing the full content on mirrors? If this were built into FireFox (or an extension), wouldn't this go a long way to making the downloading of open software safer?
The originating web site could post an XML file containing a checksum and a list of mirror sites. The FireFox download manager would take care of choosing a mirror (or asking the user to choose one), downloading the file, and checking the file against the checksum. If the checksum doesn't match, the download gets a big red X through it and the user gets a very serious warning if they try to open the file.
I'm sure someone will point out that BitTorrrent already handles many of these problems, and does it much more efficiently and powerfully. And I agree that it would be great to have a BitTorrent extension for FireFox. But the fact is that MD5 checksums and mirror sites are the de-facto standard for open source software distribution right now, because they're so easy to implement. Why not clean up this system a bit so that average users can benefit from it?
--Stuart
FireFly and FireLite from SmartDisk
on
Portable Storage?
·
· Score: 2, Interesting
I've had a FireLite drive from SmartDisk for a couple of years now, and have been extremely happy with it. The drive fits in a shirt pocket (just barely), it's bus powered so you don't need any power adapters, only weighs 6 oz, comes in either USB 2.0 or Firewire, with capacities from 20 - 80 GB. The drive is fanless and extremely quiet. Plus, the smooth metal case and lights look cool.
If you want something even smaller, they have a FireFly drive that's only 3.3 ounces.
Although my setup doesn't use digital certificates, I've had luck with IPSecuritas by Lobotomo software for configuring VPN under Mac OS X. It's a free utility that simply configures Mac OS X's underlying Kame/Racoon implementation. It appears to have support for importing digital certificates for authentication.
I'm a Palm software developer, and I have to admit that this announcement took me completely by surprise. A year or two ago, Sony was responsible for a substantial part of the growth and innovation in this space. Jog dial and high-resolution color screens both came first from Sony, and recently they even developed their own ARM-based processor for their handhelds. I guess I had just assumed that things were cruising along there as usual...
That said, they weren't always the easiest company to work with. Often, the new models would come out so fast that we couldn't keep track of them, and a customer tech support email would be our first indication that something new was available. They had a tendency to keep certain APIs (like their camera API) private, and even their public APIs might be released to developers months after devices had shipped. I don't think a simulator for the TH55 was ever released.
But despite the problems, I'm sorry to see them go. Sony injected an energy into the Palm handheld market that I don't think can be matched by the other manufacturers.
--Stuart
Certification of handheld apps has never caught on
on
The Future of Symbian
·
· Score: 4, Informative
I attended a handheld software developers conference last year where many of the talks were given by Symbian and Sony/Ericsson. They were trying to recruit developers to their platform, but it quickly became clear that they had little understanding of the commercial market for handheld software.
The wireless carriers are accustomed to controlling both the handset that customers use and all of the software on that handset. Now that handsets have become smartphones, most of the carriers would like to maintain their position at the top of the customer foodchain by pre-certifying the software that can run on customer handsets and controlling the installation and sales of that software through the carrier's web portal. I don't really blame them: Revenues from voice traffic are declining, and so far revenues from data traffic aren't increasing fast enough to make up the difference.
The problem is that independent software vendors don't want to buy into this system. Developing software for handhelds is difficult -- more difficult than developing similar desktop software because of the constrained resources on a handheld. Despite this, prices for handheld software are generally lower than for desktop software because customers perceive these to be "small" applications that should have "small" prices.
Certification makes life more difficult for independent software vendors without providing much in return. It adds another expense to the software development process. It discourages frequent updates to the software (which customers generally like) by increasing the time and cost of each release.
Worse, if certification is manditory, it prevents the customer from trying the software before purchasing it, and it prevents developers from testing and refining the software with real customers before certifying it.
In my experience, these certification programs never achieve enough "brand awareness" from customers to become a factor in their purchasing decision. Companies look for and require certifications before making purchases, but individuals rarely do. So the software developer doesn't derive any benefit from the additional hassle and expense of getting certified.
It's going to come down to this: Customers who are willing to pay a premium to get a smartphone are going to want one where they can install whatever software they want, not just software "certified" by the carrier. Most software developers will try to market directly to these customers rather than dealing with the extra cost and hassle of certification.
Suppose that each spammer in your example above had to endure a 3 sec latency before the SMTP session would begin. That would add a net 300,000 seconds to their delivery time (using your numbers of 100,000 emails).
Yes, but there's nothing to require the spammer to wait for the first connection to finish before starting another one.
Couldn't a spammer get around that simply by using a multithreaded process to send the spam? At any given time most threads would be idle waiting for an SMTP connection, but they wouldn't be using any CPU time. The spammer might have to do some tuning to find the right number of threads to use, but it seems to me that properly tuned, the overall throughput would be the same as it is now.
If you're serious about to-dos, take a look at Life Balance. It will not only maintain your to-do list, but help you prioritize it and show you (in pie charts) how you've been spending your time.
Slashdot Mirror
Yes, the Newton used "soups" (essentially simple databases) for data storage instead of a filesystem, but I never had the impression that this was because of flash memory. I believe it had more to do with reducing the size and complexity of applications by having long-term storage use the same data format as heap storage. On the Newton, you didn't have to "format" data when storing it to a soup or "parse" it when reading it. As far as applications were concerned, soups stored associative arrays just like the rest of NewtonScript did.
Soups were stored in a flat namespace rather than a hierarchical one, largely because the Newton was designed as a single-user device where each application worked with a single data set. The flat namespace and standard data format encouraged data sharing between applications: it was trivially easy to lookup a name in the address book, for example.
The original Palm OS also used "databases" in a flat namespace rather than a filesystem, and for largely the same reasons. Again, I don't think that flash memory had much to do with it. In fact, when Palm OS started supporting external flash memory cards, they used the FAT filesystem (for compatibility with digital cameras and desktop card readers) rather than porting their existing database format.
On my company's server, I solved the attempted SSH break-in problem by disabling password logins via SSH altogether. Only publicKey logins are allowed. The break-in attempts have completely stopped (or at least they are turned away so quickly that there's not even a security log message for them).
Only a few computers have my public/private key pair on them (the private key is encrypted, of course), and I keep an extra copy on a USB thumb drive in case of emergency. If someone needs access to the server, I can use one of the existing logins to install their public key so that they can login.
I highly recommend this solution to anyone who can manage it. It's much more straightforward than trying to maintain blacklists.
--Stuart
The Nokia N800 is essentially always on, so I think it qualifies as "instant on". Assuming that you have the WiFi set to turn off after a few minutes of inactivity, it can sleep for a few days without needing a recharge, and will wake up as soon as you tap on the screen.
Yes, you can shut it down completely, and if you do it takes about 30 seconds to boot. But in practice you don't tend to use it that way.
Since the new tracks without DRM are going to be encoded at twice the bitrate, only half as many songs will fit on your iPod. So if Apple's strategy becomes popular, this has the potential to drive the purchase of larger, more expensive iPods.
Of course, it could very well drive the purchase of larger players from other companies, too. But an awful lot of people are going to stick with the iPod brand and interface, and just look for more capacity.
I predict that within a week or so Sophos will follow-up this report with a "clarification" saying that they didn't actually mean it, that Microsoft Windows is a secure operating system when properly configured, etc., etc. The language will be such that anyone with an ounce of sense will realize that Microsoft has tightened the thumbscrews on them and essentially forced a retraction.
--Stuart
The Advanced Disk Drive Restore screen of GoBack provides exactly such a log. The log lists, with timestamps, every file created, modified, replaced, renamed or deleted, every directory created, and every process launched. It also lists "System Safe Points" that it believes your disk could safely be reverted to.
Even if you didn't use the restore capability, the log might be worthwhile on its own.
Well, recently I installed two Symantec products that _claim_ to be able to restore the system to a previous state. I haven't had the opportunity to really test either one of them yet, but I do feel a bit safer.
The first product is Norton GoBack, which reserves a certain percentage of hard disk space to maintain an undo history for your hard drive. Theoretically, if you have a bad software install or update, you can simply revert your hard disk to its state before the update. There might be issues with user documents created in that time getting reverted as well, but as long as you were careful you should be able to copy those files to another disk, revert the disk with the problem, and copy the files back. (There may also be built-in support for excluding certain files from being reverted -- I haven't checked.) You'd also need to notice the problem before GoBack's undo buffer got full and started forgetting things.
The second product is Symantec Ghost, which is a backup and disk cloning utility. You can set up Ghost to perform an incremental backup before any software installation. I have mine set up to backup the system disk to another drive before each install. At my company we use EMC Retrospect for network backups, but Retrospect is not really good for restoring a system disk to a bootable state. From what I've heard, Ghost should be able to do this smoothly.
Personally, I'd love to have a dual-core laptop as a portable development machine.
I work in the handheld space where most development is done with device emulators that run as a separate process and communicate with the debugger via a network socket. We also use emulators to test HotSync/ActiveSync. A dual core processor should be able to give the (already slow) emulator its own CPU, leaving the other CPU free to talk to me. :)
--Stuart
It's a shame that no Palm OS 6 Cobalt devices have actually made it to market, because PalmSource has done a lot right in that version of the Palm OS to provide a sound security model.
Not only does the OS provide for digital signing of code, it provides secure databases where only signed applications can access the data. You can control which databases are synchronized to the desktop, and even which applications can access screen buffers (to prevent screen-scraping).
Hopefully either Palm OS 6 Cobalt or its Linux-based successors will make it into actual devices soon. It would be a huge step toward powerful, secure PDAs.
The originating web site could post an XML file containing a checksum and a list of mirror sites. The FireFox download manager would take care of choosing a mirror (or asking the user to choose one), downloading the file, and checking the file against the checksum. If the checksum doesn't match, the download gets a big red X through it and the user gets a very serious warning if they try to open the file.
I'm sure someone will point out that BitTorrrent already handles many of these problems, and does it much more efficiently and powerfully. And I agree that it would be great to have a BitTorrent extension for FireFox. But the fact is that MD5 checksums and mirror sites are the de-facto standard for open source software distribution right now, because they're so easy to implement. Why not clean up this system a bit so that average users can benefit from it?
--Stuart
If you want something even smaller, they have a FireFly drive that's only 3.3 ounces.
--Stuart
That said, they weren't always the easiest company to work with. Often, the new models would come out so fast that we couldn't keep track of them, and a customer tech support email would be our first indication that something new was available. They had a tendency to keep certain APIs (like their camera API) private, and even their public APIs might be released to developers months after devices had shipped. I don't think a simulator for the TH55 was ever released.
But despite the problems, I'm sorry to see them go. Sony injected an energy into the Palm handheld market that I don't think can be matched by the other manufacturers.
--Stuart
The wireless carriers are accustomed to controlling both the handset that customers use and all of the software on that handset. Now that handsets have become smartphones, most of the carriers would like to maintain their position at the top of the customer foodchain by pre-certifying the software that can run on customer handsets and controlling the installation and sales of that software through the carrier's web portal. I don't really blame them: Revenues from voice traffic are declining, and so far revenues from data traffic aren't increasing fast enough to make up the difference.
The problem is that independent software vendors don't want to buy into this system. Developing software for handhelds is difficult -- more difficult than developing similar desktop software because of the constrained resources on a handheld. Despite this, prices for handheld software are generally lower than for desktop software because customers perceive these to be "small" applications that should have "small" prices.
Certification makes life more difficult for independent software vendors without providing much in return. It adds another expense to the software development process. It discourages frequent updates to the software (which customers generally like) by increasing the time and cost of each release.
Worse, if certification is manditory, it prevents the customer from trying the software before purchasing it, and it prevents developers from testing and refining the software with real customers before certifying it.
In my experience, these certification programs never achieve enough "brand awareness" from customers to become a factor in their purchasing decision. Companies look for and require certifications before making purchases, but individuals rarely do. So the software developer doesn't derive any benefit from the additional hassle and expense of getting certified.
It's going to come down to this: Customers who are willing to pay a premium to get a smartphone are going to want one where they can install whatever software they want, not just software "certified" by the carrier. Most software developers will try to market directly to these customers rather than dealing with the extra cost and hassle of certification.
Yes, but there's nothing to require the spammer to wait for the first connection to finish before starting another one.
Couldn't a spammer get around that simply by using a multithreaded process to send the spam? At any given time most threads would be idle waiting for an SMTP connection, but they wouldn't be using any CPU time. The spammer might have to do some tuning to find the right number of threads to use, but it seems to me that properly tuned, the overall throughput would be the same as it is now.
--Stuart
If you're serious about to-dos, take a look at Life Balance. It will not only maintain your to-do list, but help you prioritize it and show you (in pie charts) how you've been spending your time.
</shameless-plug>
--Stuart