So, who will step forward and remove such authorities from the CA list? Mozilla? Opera? Microsoft even?
Something tells me that no one will and nothing will happen. The dust will settle, the offending CA will, at best, adjust their practices slightly but not effectively - and within 6 months we'll see more CAs pop up left and right using the same broken procedures.
There's just too much money involved in this game. Owning a CA authority is effectively a license to print money and the beancounters everywhere will just keep on repeating their mistakes over and over in order to "streamline" the process for "optimized revenues". I would even go as far to suspect that this *might* be a PR stunt to drive more people into the horridly expensive "green addressbar" certs (and wait for it, we'll see more colors in the future, for even more security!).
The only technically correct way out of this would be to abandon this broken and tainted system altogether. But it's not gonna happen, VeriSign and friends will make sure of that with all their weight.
Nah, don't really think so. The thing about revolutions (in the civil war sense) is that they usually happen despite (or even because) prior attempts have been shutdown violently. It takes quite a bit of pressure and wrongdoing to drive a society into violent resistance. The US is obviously nowhere near that point, I still don't see what's so amusing about his statement anyways...
Well, GP didn't talk about a threat, maybe check your reading comprehension? In fact, GP argued that the lack of tendencies towards a revolution in our spoiled society indicates that the government can't be *that* bad after all.
I don't know what GP was referring to but why is referring to the american revolution a chuckle in this context? Because you don't see it happen? Well, then doesn't that prove his point that the government apparently does some things right?
I wouldn't say it was wasteful. For 99,99% of people even the current firefox is more than fast enough. Those same users likely care a bit more about being able to enjoy niceties like Adblock or enter new levels of development productivity via Firebug etc. That's where Firefox gets its market share from, not some 10% performance difference.
Also I cannot see what is so particularly zippy about chrome. Running FF, IE, Opera and chrome side-by-side in my vmware here I can only say that opera still "feels" the quickest but they're all pretty much on par...
Do you remember when Firefox came out as an alternative browser and its main focus was being on slim and fast? Well, those days are gone and we now have a bloated monster which takes for-fucking-ever to boot on my slower machine.
They're working on it. If you dare you can take a look at a nightly and see for yourself. For me it's now almost as fast as opera and that is under linux. Firefox used to be a real dog under linux, mind you, even worse than the windows version.
Why is this, I really want to know?
Well, I guess they can only do so much. We have tons of new features and an amazing Addon-System by now, the guys who developed all that probably couldn't focus on performance at the same time. But the good news is, as said, it's improving and one of your next fox updates will give you a nice speed boost.
It's a slippery slope. The anecdote (true or not) has some merit, but in reality you're often not looking at the upgrade of one server but at the upgrade of n servers. Remember that the sheer act of doing hardware maintenance (always at the risk of something breaking etc.) incurs a cost, too.
Moreover, the resident parts of a webapp (excl. cache) should *indeed* not exceed 512M, except for very special cases or esoteric languages. If your app needs more than that then it likely either has a leak or suffers from bad programming practices, both will lead to even more memory consumption in the future.
Apparently they did that just recently, it was on a german tv show yesterday. Here's the link to the study, if you're so inclined.
The result was that real accupuncture and fake accupuncture both yielded an improvement in roughly 43% of patients each - there was no significant difference.
So, it seems there really is a chance of getting better when someone sticks a few needles into your body. It doesn't matter at all where these needles are placed, though.
lumping them all together simply because there's no "data," as you choose to consider it, and calling them a scam isn't any more valid.
Well, but there is data.
Quite a few double-blind studies have been carried out in the area of homeopathy and other alternate medics. Unfortunately(?) most of them come to the same conclusion: There is no measurable effect (i.e. the measured effect is indistinguishable from the placebo control group).
Why should I trust a methodology that has either been proven ineffective, or worse, whose proponents refuse to allow/support proper studies?
We don't refuse these things because they use funny smelling herbs instead of funny colored pills. We refuse them because, so far, there is no evidence (for a sane person) that any of this stuff actually *works*.
It probably depends on the quality of your powergrid, too. I've heard the american grid, on average, delivers much more fragile and "dirty" electrons than, for example, the european grid.
I guess it makes a difference whether your PSU has to deal with spikes and brownouts on a daily/weekly basis or whether it's just humming along on nominal line voltage.
Certainly you can do decent Raid via software, but (normall) why would you want to? That is to say, why load down the CPU when you can offload the task to dedicated hardware?
Well, first and foremost because you get a documented, open on-disk format which offers better chances for recovery when your raidset goes belly up in a really bad way (multi-disk failure, controller writing crap, silent bit rot, etc.). With a softraid you can just pop the remaining disks into an entirely new machine and start working on it with standard tools. With a hardware card: Good luck asking 3ware, LSI or HP for data recovery services after one of their controllers busted up.
In practice, even porting a perfectly sync'ed RAID-set from one machine to another is a bit of a gamble as compatibility even between minor BIOS-revisions varies. And better forget about moving a degraded or otherwise damaged RAID anywhere...
Furthermore softraid trumps all but the very high end cards in RAID-10 performance. A modern multi-GHZ CPU won't break a sweat over a few xor's - not so the flimsy dedicated CPUs on many raid cards. And since RAID10 is the only raid-level that's still interesting nowadays I don't see many use cases for hardware-raid anymore.
Well, I wouldn't even malign hardware raid for performance alone. Hardware raid is a bad idea for much better reasons, such as reliance on single vendors, non-portable on-disk formats, unknown failure modes etc. And RAID5, soft or hard, is a horrible idea with today's disk sizes anyways.
And what's wrong with the PCIe performance in the xfires? We haven't seen any problems so far. If you buy their POS controller instead of your "HP pleasure" then who's to blame?
Well, that sounds better. Yes, RAID5 is taxing the CPU but then again you don't normally use RAID5 in a box that is supposed to host I/O intensive apps.
About a year ago we benchmarked a few hardware RAID cards (3ware, LSI, adaptec) versus linux mdraid and found that only the very high end cards ($1000 range) could actually saturate our 16 SCA disks. mdraid had no problems maxing out the disks (on Dual Xeons iirc), admittedly under significant CPU load.
Some people are celebrating already. And I think we need more of that. If a few more high profile sites dared to tell Joe Sixpack to shove it and get a real browser that could probably accelerate the demise of IE significantly.
Push harder I say, the giant is tumbling and we, the builders of the web, should continue to show Microsoft where its place is.
Well, depends on what is more valuable, his time or his money. He said SOHO, thus many people assumed his budget will probably not stretch into the netapp/EMC realm. Thing is, for the price of real plug'n'pray NAS that will actually push at GigE speeds you can easily hire someone to assemble a box for you - and still save money.
If you have the dough and really don't care then don't ask slashdot. Call up netapp, they'll be glad to sell you a v3000 or similar box in a shiny package. For a premium they'll also send someone to plug it in for you.
Amen for FreeNas. A NAS appliance that can saturate a GBit link (or two) is usually advertised as such. You don't find these things in the low-end because Joe Sixpack doesn't care and the components to support GigE ain't cheap by "cheap NAS standards".
Thus your choices are to buy a "real" NAS from a real vendor that you can talk to, a low-range device will run in the $1500 ballpark, without drives. Or you just get/assemble an off-the-shelf beige box, add drives, throw FreeNas on it, configure half a day and be done. This should be doable in the $600 range, depending on your capacity requirements.
Well, I'll stick with my point: written reports are just no vehicle for a healthy work relationship. This may work in other professions but in the programming field it's simply a No-Go. Demanding a paper trail from everyone "just in case" just poisons the atmosphere for no good reason.
A problem-employee doesn't normally show up overnight, it's a process. There will be plenty of opportunities to demand a paper-trail from this particular employee if that's really your weapon of choice. Yes, it may take a bit longer to actually get rid of him when the paperwork is not already in place. But if you have problem-employees often enough for that to bother you, you should really review your recruiting practices and overall corporate culture.
Well, I didn't bother to include Perl because everybody knows it's the 800 pound gorilla. 20 years of script hacking don't just go away, whereas python and ruby only started gaining traction in the last 5ish years.
PS: Thinking about it more, maybe not even *that* complicated after all. The voting machine could indeed just display the list of PINs after the user is done voting. "Pin 1234 for reps", "Pin 1235 for dems" etc.
Slashdot Mirror
So, who will step forward and remove such authorities from the CA list? Mozilla? Opera? Microsoft even?
Something tells me that no one will and nothing will happen. The dust will settle, the offending CA will, at best, adjust their practices slightly but not effectively - and within 6 months we'll see more CAs pop up left and right using the same broken procedures.
There's just too much money involved in this game. Owning a CA authority is effectively a license to print money and the beancounters everywhere will just keep on repeating their mistakes over and over in order to "streamline" the process for "optimized revenues". I would even go as far to suspect that this *might* be a PR stunt to drive more people into the horridly expensive "green addressbar" certs (and wait for it, we'll see more colors in the future, for even more security!).
The only technically correct way out of this would be to abandon this broken and tainted system altogether.
But it's not gonna happen, VeriSign and friends will make sure of that with all their weight.
Nah, don't really think so.
The thing about revolutions (in the civil war sense) is that they usually happen despite (or even because) prior attempts have been shutdown violently. It takes quite a bit of pressure and wrongdoing to drive a society into violent resistance. The US is obviously nowhere near that point, I still don't see what's so amusing about his statement anyways...
Well, GP didn't talk about a threat, maybe check your reading comprehension?
In fact, GP argued that the lack of tendencies towards a revolution in our spoiled society indicates that the government can't be *that* bad after all.
Hell yeah, that one was a bargain.
I had mine clocked at at 400MHz and iirc saved about $200 over an equivalent "real" PII.
I don't know what GP was referring to but why is referring to the american revolution a chuckle in this context?
Because you don't see it happen? Well, then doesn't that prove his point that the government apparently does some things right?
I wouldn't say it was wasteful. For 99,99% of people even the current firefox is more than fast enough. Those same users likely care a bit more about being able to enjoy niceties like Adblock or enter new levels of development productivity via Firebug etc. That's where Firefox gets its market share from, not some 10% performance difference.
Also I cannot see what is so particularly zippy about chrome. Running FF, IE, Opera and chrome side-by-side in my vmware here I can only say that opera still "feels" the quickest but they're all pretty much on par...
They're working on it. If you dare you can take a look at a nightly and see for yourself. For me it's now almost as fast as opera and that is under linux. Firefox used to be a real dog under linux, mind you, even worse than the windows version.
Well, I guess they can only do so much. We have tons of new features and an amazing Addon-System by now, the guys who developed all that probably couldn't focus on performance at the same time. But the good news is, as said, it's improving and one of your next fox updates will give you a nice speed boost.
Mmmmmm. Bagle!
Hmmm. What if that promise was made under torture?
I'm just wondering if tickling my boss really hard could help my job security.
It's a slippery slope.
The anecdote (true or not) has some merit, but in reality you're often not looking at the upgrade of one server but at the upgrade of n servers.
Remember that the sheer act of doing hardware maintenance (always at the risk of something breaking etc.) incurs a cost, too.
Moreover, the resident parts of a webapp (excl. cache) should *indeed* not exceed 512M, except for very special cases or esoteric languages.
If your app needs more than that then it likely either has a leak or suffers from bad programming practices, both will lead to even more memory consumption in the future.
Yes. His approach would only help people who use their phones primarily to *gasp* make phone calls. Blasphemy?
Apparently they did that just recently, it was on a german tv show yesterday.
Here's the link to the study, if you're so inclined.
The result was that real accupuncture and fake accupuncture both yielded an improvement in roughly 43% of patients each - there was no significant difference.
So, it seems there really is a chance of getting better when someone sticks a few needles into your body. It doesn't matter at all where these needles are placed, though.
Well, but there is data.
Quite a few double-blind studies have been carried out in the area of homeopathy and other alternate medics. Unfortunately(?) most of them come to the same conclusion: There is no measurable effect (i.e. the measured effect is indistinguishable from the placebo control group).
Why should I trust a methodology that has either been proven ineffective, or worse, whose proponents refuse to allow/support proper studies?
We don't refuse these things because they use funny smelling herbs instead of funny colored pills. We refuse them because, so far, there is no evidence (for a sane person) that any of this stuff actually *works*.
It probably depends on the quality of your powergrid, too.
I've heard the american grid, on average, delivers much more fragile and "dirty" electrons than, for example, the european grid.
I guess it makes a difference whether your PSU has to deal with spikes and brownouts on a daily/weekly basis or whether it's just humming along on nominal line voltage.
Well, first and foremost because you get a documented, open on-disk format which offers better chances for recovery when your raidset goes belly up in a really bad way (multi-disk failure, controller writing crap, silent bit rot, etc.). With a softraid you can just pop the remaining disks into an entirely new machine and start working on it with standard tools. With a hardware card: Good luck asking 3ware, LSI or HP for data recovery services after one of their controllers busted up.
In practice, even porting a perfectly sync'ed RAID-set from one machine to another is a bit of a gamble as compatibility even between minor BIOS-revisions varies. And better forget about moving a degraded or otherwise damaged RAID anywhere...
Furthermore softraid trumps all but the very high end cards in RAID-10 performance. A modern multi-GHZ CPU won't break a sweat over a few xor's - not so the flimsy dedicated CPUs on many raid cards.
And since RAID10 is the only raid-level that's still interesting nowadays I don't see many use cases for hardware-raid anymore.
Well, I wouldn't even malign hardware raid for performance alone. Hardware raid is a bad idea for much better reasons, such as reliance on single vendors, non-portable on-disk formats, unknown failure modes etc. And RAID5, soft or hard, is a horrible idea with today's disk sizes anyways.
And what's wrong with the PCIe performance in the xfires? We haven't seen any problems so far.
If you buy their POS controller instead of your "HP pleasure" then who's to blame?
Well, that sounds better.
Yes, RAID5 is taxing the CPU but then again you don't normally use RAID5 in a box that is supposed to host I/O intensive apps.
About a year ago we benchmarked a few hardware RAID cards (3ware, LSI, adaptec) versus linux mdraid and found that only the very high end cards ($1000 range) could actually saturate our 16 SCA disks.
mdraid had no problems maxing out the disks (on Dual Xeons iirc), admittedly under significant CPU load.
If ink/toner costs are a serious concern for your company then you probably have bigger problems.
Some people are celebrating already.
And I think we need more of that. If a few more high profile sites dared to tell Joe Sixpack to shove it and get a real browser that could probably accelerate the demise of IE significantly.
Push harder I say, the giant is tumbling and we, the builders of the web, should continue to show Microsoft where its place is.
Well, depends on what is more valuable, his time or his money. He said SOHO, thus many people assumed his budget will probably not stretch into the netapp/EMC realm.
Thing is, for the price of real plug'n'pray NAS that will actually push at GigE speeds you can easily hire someone to assemble a box for you - and still save money.
If you have the dough and really don't care then don't ask slashdot. Call up netapp, they'll be glad to sell you a v3000 or similar box in a shiny package. For a premium they'll also send someone to plug it in for you.
Wrong. Go do your homework.
Amen for FreeNas.
A NAS appliance that can saturate a GBit link (or two) is usually advertised as such. You don't find these things in the low-end because Joe Sixpack doesn't care and the components to support GigE ain't cheap by "cheap NAS standards".
Thus your choices are to buy a "real" NAS from a real vendor that you can talk to, a low-range device will run in the $1500 ballpark, without drives.
Or you just get/assemble an off-the-shelf beige box, add drives, throw FreeNas on it, configure half a day and be done. This should be doable in the $600 range, depending on your capacity requirements.
Well, I'll stick with my point: written reports are just no vehicle for a healthy work relationship. This may work in other professions but in the programming field it's simply a No-Go.
Demanding a paper trail from everyone "just in case" just poisons the atmosphere for no good reason.
A problem-employee doesn't normally show up overnight, it's a process. There will be plenty of opportunities to demand a paper-trail from this particular employee if that's really your weapon of choice. Yes, it may take a bit longer to actually get rid of him when the paperwork is not already in place. But if you have problem-employees often enough for that to bother you, you should really review your recruiting practices and overall corporate culture.
Well, I didn't bother to include Perl because everybody knows it's the 800 pound gorilla. 20 years of script hacking don't just go away, whereas python and ruby only started gaining traction in the last 5ish years.
PS: Thinking about it more, maybe not even *that* complicated after all.
The voting machine could indeed just display the list of PINs after the user is done voting.
"Pin 1234 for reps", "Pin 1235 for dems" etc.