If you could shoot sufficiently fast, you could deploy an airfoil when coming back down to stay in orbit. It would obviously still be an orbit which passed through a significant amount of atmosphere, but if you fold the wings again afterwards you should be able to get some orbits in before the air slows you down too much.
DNS is just a database. You can store anything you want in it. If you're storing something you want lots of people to care about, it's best to get a dedicated record type for it, but if you just want to play around you can use TXT records. There is a record type for certificates.
So yes, you can do
www.example.com IN TXT "this server should only be contacted by HTTPS. Do not gopher!"
but web browsers are not likely to ask for that record. Feel free to develop a browser which does or ask the browser developers to include this feature.
Try reading the flow label discussion currently going on in the appropriate working group. Then come back to me and tell me that the flow label will be useful for anything within the next 5 years.
Looking at port numbers is required for data retention, it is useful for load balancing, and it is essential for modern NIC's. Only the load balancing case can be solved by the flow label, unless the working group manages to mandate that flow labels MUST be delivered unchanged to the other end.
And yes, the port numbers do not always exist, not everything is UDP or TCP or SCTP or RDS... Basically that leaves tunnelled or encrypted traffic and ICMP. Once encryption moves to the NIC, they can do queueing for encrypted flows too, and then the same problem applies.
Saying that router vendors are doing it wrong is entirely unhelpful, because their customers cannot do their jobs without this functionality.
Many of the real expensive routers need to care about much more than the destination address. They need to be able to identify flows based on other parts of the packet; otherwise the ISP cannot fulfil their data retention obligations under the law in most parts of the world, these days.
IPv6 has made this a lot harder because the UDP or TCP port number is no longer at a fixed offset from the start of the packet. Instead the router has to parse variable-length extra headers. The same applies to "smart" ethernet cards which are multiqueue or have receive offload. They have exactly the same need.
How about the war crime of handing prisoners of war over to Iraqi forces, knowing that these prisoners would be tortured and/or killed.
Note: I am not accusing the US of doing this; it has so far only been proven that Danish and British forces did it. We can hope they were the only countries to commit such war crimes.
So far Wikileaks has proven that Danish troops committed war crimes in Iraq with the help of the British forces and had direct orders from the Danish government to do so in a way which enabled the government to hide this fact from the Parliament.
As far as I am concerned, whoever leaked this should be given Ridderkorset.
Wikileaks used to just publish a lot of stuff, which was then almost entirely ignored. It was only when they started actively working with the press in a more traditional way that they managed to get anyone to notice. This is a lot more work than just posting stuff on a web site, so that limits their productivity.
If the press had just been doing their job and assigned investigative journalists to the leaks without having to be spoon-fed, Wikileaks would probably still be exactly as it was.
It's hard to see why "taking away the choice between a traditional hard drive and SSD" would be innovation. Why would it be innovation that something is baseline rather than only fitted on certain models?
The available certificate servers which are Free Software tend to be rather user-unfriendly. Maintaining certificate revocation lists and handling certificates for different purposes (mail, web, code, client authentication, vpn...) are needlessly time-consuming chores. Obviously any competent system administrator can script their way out of it, but in this case it is a rather large effort.
I would be very happy to hear about an easier solution.
Yes, see my other comment to this article. It has been shown that Danish forces helped capture prisoners who where then turned over to Iraqi forces, where the Danish forces knew that the prisoners would be tortured and/or killed. It has led to the revelation of the fact that the Danish forces, on orders from the government, made arrangements to keep this hidden from Parliament.
What it hasn't led to is actual prosecutions for war crimes. We can only hope that justice will prevail.
We have a duty as citizens to keep the government in check. It is unlikely that people living under Taliban rule would see much benefit from Wikileaks, even in the unlikely event that Wikileaks could acquire some information. They would likely find it difficult to access Wikileaks, and even if they did get some damning information about the Taliban, it is unlikely that they would be able to vote them out of power...
Wikileaks has a value in democracies, where we have the chance to act on the information.
The Iraq leak showed that Danish soldiers were patrolling with a few token British soldiers, so that the Danish soldiers would not have to capture anyone. This was done because there was worries that prisoners captured by the Danish forces could not be handed over to the Iraqis. It was known that the Iraqis tortured and killed prisoners who had been handed over.
So basically the Danish forces knew full well that they were complicit in torture, and the government felt it could avoid blame by just bringing British soldiers with them -- enabling them to truthfully say "no, we have not handed prisoners over to the Iraqi forces" when asked in Parliament. And the excuse of the Danish soldiers? "We were just following orders". Right, I wonder where we heard that one before.
Unfortunately members of the Parliament are immune to prosecution in Denmark, so we cannot try them for war crimes. Maybe once the government changes, but I bet the new government won't allow it, just like George Bush hasn't been indicted even though we have his written confession.
Formula 1 cars are hampered by restrictions because the drivers can't handle 10G+ in the turns and because there is a limit to how survivable you can make 500km/h crashes. Take away the restrictions and you would immediately see a significant reduction in lap times, but the drivers wouldn't last long.
Then there are some transactions which cannot really be done other than in cash, such as taxi rides.
Why those? I can't remember the last time I paid cash for a cab. In the old days they did offline transactions, but these days they just connect via GPRS.
That isn't necessarily true. For an example look up the Via Nano design and check it out. They have placed a good chunk of silicon specially designed for crypto and RNG, with higher AES and Blowfish going through that chip like crap through a goose. Now I can't picture Intel and AMD suddenly deciding to just add a big chunk of silicon for a specific job like that which would only help in certain roles.
It's a shame you can't picture it, because at least Intel has already implemented AES acceleration. I haven't followed AMD closely, but I doubt they'll let themselves fall behind for long.
You can gain 30% CPU efficiency just by picking the L series Xeons. Or delaying your purchase by a year. Chip architectures are only orders-of-magnitude faster than other architectures at specific jobs in the small window until the other CPU designers catch up. Notice SSE vs. Altivec, or the various dedicated crypto/hash instructions.
The only place where it makes sense to have different architectures for different jobs is in GPU's, and you can already mix-and-match those to your heart's content.
They did effectively drop a single x86 CPU into one of the Itanium chips. However, since the (Windows) customers wanted to use x86 programs almost exclusively, they weren't so impressed with their new Itaniums performing like 400MHz Celerons.
There is practically no reason to prefer a specific instruction set for specific tasks. POWER isn't incredibly fast because it uses the POWER instruction set; you could use the exact same design techniques to make an incredibly fast ARM (or even x86, with a little more trickery). Good luck with selling a $20k ARM or x86 though.
We find that blade servers make do with less power than 1U servers, per rack. Higher efficiency makes up for the (admittedly modest) density gains. If you avoid spinning disks and go with the Intel Xeon L-series, you can do 16 blade servers in an HP 7000 enclosure on 2kW average.
And as to centralised storage, you generally lose on latency and cost and rack space. You gain some efficiency and convenience from being able to reassign storage space even without downtime, but it seems silly to place high-performance low-latency SSD's behind a fibre channel or iSCSI fabric. 10Gbps ethernet is also fairly power hungry still, although that will improve.
Shared storage is great if you actually have a need for it, like if you want to be able to move virtual instances between servers or have multiple servers write to the same file system. Without that need it offers few advantages and quite a few disadvantages.
What scenarios are you envisaging where you need high-density computing power and large amounts of local storage ?
I need high density because rack units in shared hosting are awfully expensive and power is even worse.
If I can move the applications which need (somewhat) large amounts of local storage away from 1U-servers and onto blade servers, I have gained significant density, saved power, and avoided the usual 1U cable chaos.
Slashdot Mirror
If you could shoot sufficiently fast, you could deploy an airfoil when coming back down to stay in orbit. It would obviously still be an orbit which passed through a significant amount of atmosphere, but if you fold the wings again afterwards you should be able to get some orbits in before the air slows you down too much.
DNS is just a database. You can store anything you want in it. If you're storing something you want lots of people to care about, it's best to get a dedicated record type for it, but if you just want to play around you can use TXT records. There is a record type for certificates.
So yes, you can do
www.example.com IN TXT "this server should only be contacted by HTTPS. Do not gopher!"
but web browsers are not likely to ask for that record. Feel free to develop a browser which does or ask the browser developers to include this feature.
Try reading the flow label discussion currently going on in the appropriate working group. Then come back to me and tell me that the flow label will be useful for anything within the next 5 years.
Looking at port numbers is required for data retention, it is useful for load balancing, and it is essential for modern NIC's. Only the load balancing case can be solved by the flow label, unless the working group manages to mandate that flow labels MUST be delivered unchanged to the other end.
And yes, the port numbers do not always exist, not everything is UDP or TCP or SCTP or RDS... Basically that leaves tunnelled or encrypted traffic and ICMP. Once encryption moves to the NIC, they can do queueing for encrypted flows too, and then the same problem applies.
Saying that router vendors are doing it wrong is entirely unhelpful, because their customers cannot do their jobs without this functionality.
Many of the real expensive routers need to care about much more than the destination address. They need to be able to identify flows based on other parts of the packet; otherwise the ISP cannot fulfil their data retention obligations under the law in most parts of the world, these days.
IPv6 has made this a lot harder because the UDP or TCP port number is no longer at a fixed offset from the start of the packet. Instead the router has to parse variable-length extra headers. The same applies to "smart" ethernet cards which are multiqueue or have receive offload. They have exactly the same need.
How about the war crime of handing prisoners of war over to Iraqi forces, knowing that these prisoners would be tortured and/or killed.
Note: I am not accusing the US of doing this; it has so far only been proven that Danish and British forces did it. We can hope they were the only countries to commit such war crimes.
Iraq and Afghanistan leaks, for all the screaming and hollering of the anti-war crowd, actually don't contain any damning evidence of war crimes.
The leaks contain proofs of Danish and British war crimes.
So far Wikileaks has proven that Danish troops committed war crimes in Iraq with the help of the British forces and had direct orders from the Danish government to do so in a way which enabled the government to hide this fact from the Parliament.
As far as I am concerned, whoever leaked this should be given Ridderkorset.
Wikileaks used to just publish a lot of stuff, which was then almost entirely ignored. It was only when they started actively working with the press in a more traditional way that they managed to get anyone to notice. This is a lot more work than just posting stuff on a web site, so that limits their productivity.
If the press had just been doing their job and assigned investigative journalists to the leaks without having to be spoon-fed, Wikileaks would probably still be exactly as it was.
It's hard to see why "taking away the choice between a traditional hard drive and SSD" would be innovation. Why would it be innovation that something is baseline rather than only fitted on certain models?
Hasn't ethernet pretty much won over Fibre Channel?
HP's firmware writers are really crap. At least they DO fix issues eventually, even if they "only" affect Linux.
The only upside is that all the other vendors seem to be at least as bad, in some cases significantly worse.
You get quite far with a single 2.5" disk these days, and that's easy to fit in every tiny server. 8 spinning disks is niche.
The available certificate servers which are Free Software tend to be rather user-unfriendly. Maintaining certificate revocation lists and handling certificates for different purposes (mail, web, code, client authentication, vpn...) are needlessly time-consuming chores. Obviously any competent system administrator can script their way out of it, but in this case it is a rather large effort.
I would be very happy to hear about an easier solution.
Yes, see my other comment to this article. It has been shown that Danish forces helped capture prisoners who where then turned over to Iraqi forces, where the Danish forces knew that the prisoners would be tortured and/or killed. It has led to the revelation of the fact that the Danish forces, on orders from the government, made arrangements to keep this hidden from Parliament.
What it hasn't led to is actual prosecutions for war crimes. We can only hope that justice will prevail.
We have a duty as citizens to keep the government in check. It is unlikely that people living under Taliban rule would see much benefit from Wikileaks, even in the unlikely event that Wikileaks could acquire some information. They would likely find it difficult to access Wikileaks, and even if they did get some damning information about the Taliban, it is unlikely that they would be able to vote them out of power...
Wikileaks has a value in democracies, where we have the chance to act on the information.
The Iraq leak showed that Danish soldiers were patrolling with a few token British soldiers, so that the Danish soldiers would not have to capture anyone. This was done because there was worries that prisoners captured by the Danish forces could not be handed over to the Iraqis. It was known that the Iraqis tortured and killed prisoners who had been handed over.
So basically the Danish forces knew full well that they were complicit in torture, and the government felt it could avoid blame by just bringing British soldiers with them -- enabling them to truthfully say "no, we have not handed prisoners over to the Iraqi forces" when asked in Parliament. And the excuse of the Danish soldiers? "We were just following orders". Right, I wonder where we heard that one before.
Unfortunately members of the Parliament are immune to prosecution in Denmark, so we cannot try them for war crimes. Maybe once the government changes, but I bet the new government won't allow it, just like George Bush hasn't been indicted even though we have his written confession.
Formula 1 cars are hampered by restrictions because the drivers can't handle 10G+ in the turns and because there is a limit to how survivable you can make 500km/h crashes. Take away the restrictions and you would immediately see a significant reduction in lap times, but the drivers wouldn't last long.
Then there are some transactions which cannot really be done other than in cash, such as taxi rides.
Why those? I can't remember the last time I paid cash for a cab. In the old days they did offline transactions, but these days they just connect via GPRS.
That isn't necessarily true. For an example look up the Via Nano design and check it out. They have placed a good chunk of silicon specially designed for crypto and RNG, with higher AES and Blowfish going through that chip like crap through a goose. Now I can't picture Intel and AMD suddenly deciding to just add a big chunk of silicon for a specific job like that which would only help in certain roles.
It's a shame you can't picture it, because at least Intel has already implemented AES acceleration. I haven't followed AMD closely, but I doubt they'll let themselves fall behind for long.
Good luck with getting OS vendors to maintain 3 versions of all libraries instead of "just" 2.
You can gain 30% CPU efficiency just by picking the L series Xeons. Or delaying your purchase by a year. Chip architectures are only orders-of-magnitude faster than other architectures at specific jobs in the small window until the other CPU designers catch up. Notice SSE vs. Altivec, or the various dedicated crypto/hash instructions.
The only place where it makes sense to have different architectures for different jobs is in GPU's, and you can already mix-and-match those to your heart's content.
They did effectively drop a single x86 CPU into one of the Itanium chips. However, since the (Windows) customers wanted to use x86 programs almost exclusively, they weren't so impressed with their new Itaniums performing like 400MHz Celerons.
There is practically no reason to prefer a specific instruction set for specific tasks. POWER isn't incredibly fast because it uses the POWER instruction set; you could use the exact same design techniques to make an incredibly fast ARM (or even x86, with a little more trickery). Good luck with selling a $20k ARM or x86 though.
We find that blade servers make do with less power than 1U servers, per rack. Higher efficiency makes up for the (admittedly modest) density gains. If you avoid spinning disks and go with the Intel Xeon L-series, you can do 16 blade servers in an HP 7000 enclosure on 2kW average.
And as to centralised storage, you generally lose on latency and cost and rack space. You gain some efficiency and convenience from being able to reassign storage space even without downtime, but it seems silly to place high-performance low-latency SSD's behind a fibre channel or iSCSI fabric. 10Gbps ethernet is also fairly power hungry still, although that will improve.
Shared storage is great if you actually have a need for it, like if you want to be able to move virtual instances between servers or have multiple servers write to the same file system. Without that need it offers few advantages and quite a few disadvantages.
It was poor code quality. It took 2 years to get the bugs to a bearable level. Not that it's bug free now, see Pulseaudio bugs in Fedora.
And Lennart Poettering is following the exact same pattern on the Fedora mailing lists as always.
What scenarios are you envisaging where you need high-density computing power and large amounts of local storage ?
I need high density because rack units in shared hosting are awfully expensive and power is even worse.
If I can move the applications which need (somewhat) large amounts of local storage away from 1U-servers and onto blade servers, I have gained significant density, saved power, and avoided the usual 1U cable chaos.