The topics you are taking aren't useful to getting a job, nobody is going to ask you questions from those classes in an interview.
The subject content is invaluable in critical thinking and problem solving that is often sorely lacking among many vocational school graduates. In fact vocational school people don't really have the background to understand why things work the way they do - certain problems will always allude them.
So while they won't help you at all in getting the job - they will help you keep (and succeed) at the job.
So I bought the Das Keyboard when it was first mentioned on Slashdot a few months ago. It's basically a OEM Keytronic keyboard -- probably $25 at Frys.
I am a former Fujitsu 47xx series fan -- being a touch typer who types 120 wpm+ the fact it didn't have any markings really didn't affect me. Extra points for intimidating those around me.
I like the fact it's a native USB keyboard so in can use it with my Vaio TR3A and not have one of those annoying little dongles. I also bought one of the dongles to work with the 4725 but I think it drew too much juice and didn't work -- perhaps Sony it's giving enough power to the USB bus. So I bought a Kensington powered USB hub.. but of course now i'm dragging around too much crap.
i'm probably going to buy one of the happy hacking keyboards, it will fit with the super tiny laptop I have.
the only thing I can say about the das keyboard is don't buy one.. the quality sucks.
Ditto - although we are currently a big Mysql user, my admins have been pushing me hard to buy a support contract (even though we've had no issues for 3 years).. we were going to buy a contract just because we felt we wanted to contribute [and we're finally in a financial position to do it]
but i guarantee NOBODY in my office will even consider buying a mysql contract.
Associating your company name with SCO is like stating that a small outbreak of leporsy happened in the lunchroom -- after that I swear the green jello will never quite taste the same.
No that doesn't make any sense. Hitatchi's won't add a 256mb flash disk because they can't put that on the spec's.
For example for the same cost which one do you buy: 1. x brand laptop with 1gb flash memory 2. hitachi brand laptop with 768mb of memory and 256mb of flash.
99.9999% of consumers aren't smart enough to make the comarison, even if Hitatchi claims their battery lasts longer -- it doesn't matter because it's impossible to prove, Brand X will claim the same battery life (which is difficult to measure by any standard). And of course Brand X has more memory so personally i'd buy that one.
You and I both know the hitatchi would end up needing to the same amount of physical ram to compete -- and therefore will end up costing $35-$50 more simply because it has the built in flash drive, and that increase in price would ultimately make it less attractive to the consumer. Why would Hitatchi do that? Educating consumers is hard and expensive.
Also the ram buffer can be put to better use when the laptop is plugged in -- even if it does consume more power and heat when it's not plugged in.
NOTE: I've spoken with laptop designers and suggested they add a flash disk, but not for the reason you suggest. Laptop with flash disks could pop in and out of hibernate in like 2 or 3 seconds instead of the normal 30 seconds to minute of current systems. For certain applications this would make them much more attractive. (I would personally give a lot of purchasing preference to a laptop that could do a full boot in 5 seconds -- i'd easily spend an extra $100 for this feature)
I remember when I got a computer that had a 32mb of memory, I copied my Windows 3.0 onto a ram disk in xpanded memory and it started and initialized in about 4 seconds. Wowee! Pretty much everything sense then has been a disappointment.
No no no.. A CF-Card is *WAY* too slow. Plus residential memory sticks aren't designed to be durable enough to withstand the normal read/write operations required by a database, nor do they typically have the bandwidth (so even though the seek time is very fast, the bandwidth on most types of residential memory cards is pathetic). DO NOT USE CF-CARDS IN YOUR SERVERS THEY WILL DIE AND YOU WILL BE SCREWED.
Yes -- I agree. BitMicro stuff is expensive, though if you are doing a quantity purchase you can get a better price. One of their primary customers is the military (they use 'em in Missles) so I think they are accustomed to charging too much.:-)
If you can't do a quantity purchase then talk to some other friends who are admins and you all go in together and they'll cut you a deal.
But even at at retail a 1gb drive (which is WAY MORE THAN MOST PEOPLE NEED FOR THEIR BINLOGS) should give you a 40-50% performance boost on updates/inserts/deletes for MySQL -- even more if you use replication. You tell me where you're gonna put a $1000 and get those numbers.
They also claim to have a special patented method for how they write to the drive to spread the writes around so that the drive doesn't burn up and so they claim it has an equivalent MTBF than a hard disk (I think most drives around 30 years these days, and they claim 25 years on their stuff)...
Anyway.. bottom line: don't use a CF-Card, I bet most ATA-2 IDE drives could beat the bandwidth on one of those.
div_2n? Did you ride the short bus to school or what?
I said: I'd definitely put one of these in my laptop since it would save on power.
I didn't say use one of these drives for a server -- I said use a PURE flash drive to store binglogs -- but the article touts the drives as some sort of new invention and I was merely pointing out that using flash hard disks isn't new.
But since we're on the subject -- why not run one of these drives in a server? especially any server which does frequent writes and then reads of data --- seems like it'd give you a performance bump there as well (think temp files).
There have been several vendors of Flash Based hard disks for a while. This is the first hybrid flash+magnetic drive -- and even this isn't all that different of an idea than say a Compaq smart array controller with battery backed write cache which used NVRAM to store data. It's innovative and i'd definitely buy a laptop that had it.
I think many slashdotters will miss the big picture. This is mostly a power saving utility -- and it could offer performance gains assuming the files you use are available on the flash and the drive doesn't need to be spun up. (Of course when the drive DOES need to get spun up, plan on having a *really* long access time so I think this will be negligble). Buy basically it means you can leave auto-save on Microsoft Word enabled and not drain your battery.
BUT since we're on the subject i'm a huge fan of flash only drives, they have several special applications because of their access times (in nanoseconds instead of milliseconds), extremely reliable (no moving parts, read/write cycles in the billions + ECC checking) and high bandwith they are NOT ideal for situations such as swap (JUST BUY MORE RAM IT'S CHEAPER AND FASTER!!) but instead they are perfect for situations were you need persistent storage of highly accessible files e.g. binlogs on a database.
You can easily bump up the performance of MySQL or Oracle using one of these drives for A LOT less
There is a company called BitMicro http://www.bitmicro.com/ which produces ATA and SCSI, and Fibre Channel flash only hard disks. Using a flash only drive you will get a dramatic performance bump in any transaction database by storing the transaction files on the database.
Imagine spending a whole dime!!!! How absurd and wasteful. I accomplished the same thing for -$0.01 using the following components: 1. Large piece of duct tape (appx value $0.04) 2. Used piece of bubble gum from under desk. (FREE) 3. Piece of string I found on floor (FREE) 4. Bailing wire procured from neighbors fence (FREE) 5. Plus I found nickel in my couch cushion while doing this project. Whoop! (value -$0.05)
If anybody is interested I'll writeup an article detailing how it works and post pictures.
I'm thinking about forming a corporation to sell kits for $0.01 -- (nickel included). I bet I could do a 2x or 3x markup and sell it for -$0.03. Phase one: we collect underpants. Phase two: ??? Phase three: profit! Of course it will work -- You don't know much about corporations do you? Us gnomes are geniuses at corporations.
Wow.. Okay for the record -- I didn't mean to start a troll war. Arrgh.. trolls. Hate trolls.
I apologize.. first off I was up late last night hacking a Third Party TAPI service provider that integrates as a SIP Proxy (hobby), and then I got abruptly woken up because our VOIP carrier decided to magically change our rates and disable our account because they blew through our prepaid balance. (Arrgh!).. bad morning. To the individual who pointed out I was angry -- bonus points.
In my sleep deprived state -- I *incorrectly* expressed what I was trying to say, or if you go back and re-read it, I misconstrued that perhaps the serial # has something to do with TTL. FOR THE RECORD: TTL AND SERIAL # ARE NOT RELATED. That isn't what I meant (you all should know that?!?!?), what I meant was that if you don't bump the TTL then your own nameserver if you do a SIGHUP won't show the changes and you can set the TTL to whatever you want and it won't do a bit of good. Classic newbie mistake.
Also while we're on the subject of TTL's I that our nameserver is actually setup to increase TTL's less than 24 hours to 24 hours. I believe thats in an RFC or best practices guide I read somewhere. I do know that TTL is a recommendation, thats all. It should be set to a sane and reasonable number, and so if you don't set it to something I consider SANE and REASONABLE, I will do it for you.
As far as the astute individual who pointed out that ridiculously low TTL's are necessary for things like MX record cut overs -- yeah, well little grasshopper -- please stop lecturing me and go get me my coffee. See with MX records, if the primary isn't reachable, it's possible to have a secondary. And you probably ought to think about leaving the first box there, setup to forward mail to the NEW BOX --- since (call it a hunch) there's at least one piece of mail that is going to be sent by a screwed up mailserver. Heck.. i'm just happy when they attempt to send mail to my MX record instead of my A record (Thanks Micro$oft!)
Anyway.. I apologize to all who had to read this.. I broke the first rule of Slashdot.. Don't read slashdot angry -- because slashdot posts will do little to calm your nerves.
Hmm.. or is the first rule of slashdot - don't talk about slashdot?
Listen -- We are SOA for around 11,000 domains. Both myself and the other uber-admins get tickets like this "escalated" when some clueless newbie wet behind the ears freaking junior admin DOESN'T RTFM and doesn't realize that if the serial #'s don't change then TTL is ignored.
We interface with nearly every major ISP -- I assure you, their name servers are configured just fine --- It's yours that is broke.
For those of you who just aren't DNS afficiandos -- so how retarded is this? Well here is another story ideas for slashdot that is along the same lines:
OMG! Two major RG vendors (NetGear and Dlink) don't follow RFC798 (TCP). See when I block port 80 on my firewall, the web stops working -- Imagine the whole web stops working by blocking just one little port. This is a huge problem! It needs to be addressed!
How about this little doosey: I've just uncovered a SCO/Microsoft conspiracy. They've apparently teamed up because after reinstalling Windows XP onto another partition XP disabled my Linux partition -- the boot menu doesn't come up anymore. Clearly Microsoft is doing this to help SCO protect their intellectual property! Quick tell Groklaw!!!!
If you don't get either of the two above -- I can't help you. (seriously -- WTF are you reading slashdot for??)
I swear.. they let anybody read slashdot these days!
Have a lawyer write them a letter, send it certified.
Explain in the letter that they either need to respond to you in writing how to transfer your domain name or you will be taking them to small claims court for the amount of the domain, along with the value of your time ($100/hr). Explain you would like to solve this amicably. If they respond - you win!
If they don't, then take the letter to a judge and get a judgement against them. If they show up - you win!
If they don't, You also win! File the appropriate paperwork to the court and let them know you intend to place a lean on the companies assets.
Now, write Tucows/e-Nom a letter explaining that you have a court order to liquidate their assets. Ask if the account is in good standing and if it has any values (your attorney will be able to put this into legalease for you).. tell them you intend to sell their reseller account. At the very minimum this will get the attention of somebody at those respective registrars.
If it doesn't -- hire a company to seize and sell their reseller account and liquidate their assets, then you buy it on eBay! Whoohoo! Now you get your domain back and you've got your own registrar. Hurray!
ps> if all this seems like too much work, then try finding another tucows reseller who can contact somebody at tucows to get the domain transferred to them. Tucows sucks, but they suck less if you're a reseller.
DNS poisoning is not new. Using it for fraud is new. Defending against it (if you're Google) is difficult, but not impossible.
I swear -- Technical people need to stop addressing these problems with solutions that are technically elegant but unrealistic. Yeah, lets secure all the nameservers on the Net! sure that'll work. Hell, we've only been doing DNS poisoning attacks for what? 12 years or so? hey well at least we finally got sendmail secure. Doh!
The only way we're going to be able to stop bad guys is to start having applications that use more than one protocol to verify integrity AND start building in stronger indepedent crypto behind the scenes making it much much much harder to spoof. You don't have to change the whole protocol stack we just need to share more information across protocols. Right now, when you compromise one protocol, you own the box. Aiiee!
I'm actually happy this happened -- because I've felt the Net needed a big overhaul for a while. My parents can't safely use the Internet, neither can yours. And all us gunslingers who could keep them safe are too busy securing our damn nameserver, and dealing with joe jobs to do anything about it. The solution requires a more comprehensive look at the problem.
If the bad guys are specifically targeting google with DNS poisoning, it's reasonable to assume it will undermine peoples faith in Google. (ATTENTION FLAMERS: YES, I am aware the request was hijacked long before it got to Google -- but the end user won't be because they don't have a clue what DNS stands for or how it works).
Seriously - your mom/dad would take away from an explanation of DNS hijacking was "Go to google, get a virus" (read the previous article posted earlier today about how people don't understand technobabble)..
Does anybody else besides me find this whole thing incredibly ironic? People will see Google as being the problem, even though it's almost definitely Microsofts fault. Damn.. sucks to be Google. (Okay, yeah.. honestly i'd love to have Googlesque problems, but also the Googlesque resources to solve them!)
Anyway I think this sort of article hopefully illustrates to Google why they need to start promoting a secure browser WHICH isn't subject to malware attacks such as IE really is in their best interest -- and although it has a minimal cost impact to them, it has a huge long term impact to the net community. Honestly, I believe if Google offered a "safer" online experience -- i'd put my parents on it in a second, I think everybody here would too. I don't trust Yahoo, MSN, Ask Jeeves, etc. or any of those companies with the tender care of my parents Internet experience.
I say Google - rather than just "firefox", because if Google put Gbrowser on their homepage you know it'd have a 30% usershare virtually overnight -- maybe more. They install the google toolbar, it transmits information about where you're surfing to google -- BUT it also checks with Google to make sure you're at a "safe site" --
OKAY so you want a real example -- how about a simple one -- why not a modified robots.txt with an entry that included a list of the valid IP's for the SOA for your root domain for the next 30 days. Boom, they already pick up robots.txt -- BUT now they can authenticate that the DNS wasn't posioned using google toolbar. Sexy huh?
I've got lots of ideas like this -- there are probably 5 things sites could *OPTIONALLY* do, that merge application stacks -- but at the same time it would make it necessary for a phiser to compromise MULTIPLE hosts, across MULTIPLE protocols -- thereby making it *statistically* impossible.
(NOTE: If I seem brilliant it's only because i'm standing on the shoulders of Giants. I love how SPF uses DNS to authenticate mail servers -- it's non-intrusive, but an illustrative example of the types of solutions that we as a technical community need to solve problems)
It's just a different word for each account/vendor. And the word expires. And we can tell who's looking up the word. And customers can't remember the word -- so this way they can just look it up.:-)
No, for our staff our we have an SSL site to generate the keys.
The keys are only good for a few days, the partners (and there are only a handful of them) have a separate login to our extranet that allows them to generate keys based on their company.
The keys are only good for a few days (currently 7) AND they identify the company they came from to customer when they authenticate the key.
I work for an an e-commerce software company that processes several million dollars in sales a month.
In the past few weeks we've had scam artists targeting our customers offering to do free SEO analysis only to get in and download their customer base.
They claim to be partners of ours, and they tell the business they need admin access to do the study and they'll give them a free report.
Of course they get in, as admin, then they download the order history and customer list and start calling the customers saying "we had a problem with your order can you please verify your credit card number ending in [last 4 digits]" and most honest people happily oblige by repeating the valid credit card number over the phone. Then they ask for the CVV/CID # Yeoch! Fortunately a lot of our sales go through Paypal which isn't subject to that sort of phraud.
I figure a single break in could easily net them 50,000 valid credit cards. Very scary.
I suspect the calls originate from hacked out IP Phones.
Here's how we fixed the problem so that our customers they could verify the identity of our staff and our legitimate partners:
Re:Seems like a hard way of doing things...
on
Capturing Genesis
·
· Score: 1
I wondered the same thing. If you read the article it seems letting it land by parachute takes the chance that the samples inside the unit will get damaged.
Although not obvious, I think this little doosey will dramatically improve Mozillas installed base.
Clone PC makers are always looking for a way to make a few extra bucks on a PC - the fact is by removing IE and replacing it with Mozilla and installing AdBar those PC's will (after a few years) generate more revenue than they made by selling the PC -- this leads to an interesting model of being able to sell computers at near zero cost, or at least to raise their margins.
I would venture to guess that the majority of the computers sold never have their default browsers changed.
So do the community a favor - next time your in a clone shop ask if they install Mozilla by default on all new systems? Then when they say "No" ask "Okay, so whats the catch -- why are you guys leaving money on the table" then they say "huh" then you explain why they ought to be installing Mozilla with AdBar and they'll start getting checks every month from Google.
Ironic isn't it? Just imagine what would happen to Mozillas #'s if a Compaq or a Dell did that? Even a tier 2 seller like Tiger (who hawks stuff on QVC).
I apologize in advance for the length, I keep meaning to write this up and publish it so we've got some prior art when some consciouly devoid person attempts to patent this.
I don't know if this counts as machine learning, but here are two plug-ins i've toyed with writing which I believe would change how people use the Internet:
IDEA 1: Distributed password synchronization: Rationalization - People often pick BAD passwords and use them at hundreds of sites - because when they goto a site from another computer it doesn't know my password so i'll have to guess it. (Just remembering the login names required for each site is a pain in the ass).. you could use a mechanism like AIM (AOL Instant Messenger) or IRC to message the password stores contents between two or more computers. It doesn't need to be realtime, the computers just need to meet online every day or two to sync up details. This will become *phenomially* important as lots of sites on the web transition to a pay to play model.
Don't give me a whole bunch of rants about how it'd be insecure or whatnot. It can be designed securely, there are LOTS of ways to do it - and frankly it'd more secure than me using the same password for Paypal and for "joejob.cz" which both happen to require email address as a login.
------
IDEA 2: The second requires a bit more coordination but would be PHENOMINALLY USEFUL to the Internet community and catapult FireFox into the most secure browser available. OR translated: I'd install it on my parents computer, and tell them never to surf the Internet using IE because it's not secure [as would all the other readers here]. (Right now FireFox offers no substantial security advantage over IE, it's just less exploited, and by choosing firefox certain sites just don't work - so i'd never tell my parents to use it)
Use the existing spam infrastructure to blacklist phishing sites - use metrics for past traffic, current traffic, perhaps is the site listed in google and arrive at a fraud score for the page, let users flag it as a Phishing site if it appears to be one. All this arrives at the fraud score (e.g. PageRank)..
It doesn't have to be perfect, but you COULD say that a reputable company would have a "4 or 5" and a new company would have a "3" and a fake site would have a "0".. Color code it from Blue (Safe) to Red (questionable) and change the color of the window. I can tell my mom and grandmother to check the color BEFORE they put in their passwords (also the distributed password thing makes joejob'ing harder since users can be encouraged to use MUCH stronger passwords which they won't/don't have to remember)
This also brings up some interesting challenges/opportunities for the folks at Google - let me explain. If you use Page Rank as one of the metrics and when the PR is zero you can't get above a 1 or 2 - then it means every phishing site will need to be registered in google. The google toolbar already checks PR when I first go to a site - so no biggie, so does Alexa, and all the others.
BUT what is key is the folks at Google are *really good* at recognizing duplicate content under multiple domains. Phising sites are built to look like their legitimate counterparts. By keying off certain big sites (eBay, Paypal, CitiBank, etc.) and letting google vet a site 30 days BEFORE the public it gives Google the opportunity to potentially alert law enforcement BEFORE it went into the index, if it is indeed a phishing site then law enforcement could either have the site shutdown OR let it go into the index and be sitting there waiting to nab whoever tries to get the passwords (remember, whoever is CHECKING for the phishing site is the "phisherman". It'd be giving the good guys a head start in the cloak and dagger game. To be fair the score should be based on the composite of MULTIPLE sites and SPAM filters, thereby not giving preference to Google - it could be applied to any index.
I find it ironic that the vast majority of the people who are writing on this thread are stealing Internet access from work.
This is a double standard - you either use it at work for work, and use it at home for home, or you use 'em both for both - and work pays for work, and YOU pay for home.
And for all you flamers who want to write back and tell me you're on your break, or this is personal time or whatever - seriously, sit down and do the math and figure out how much time you spend trolling on slashdot instead of doing your job and following up with your customers.
I'm sick of this, the truth must be told before the end of my days.
The truth is that Linus Torvalds isn't real, or at least he wasn't, he's was fictional character made up by me. A few years ago, around 1987 I was doing some snooping around the NSA's mainframes and I broke into one of their spy satellites. I decided it'd be fun to hack around, so I wrote my own custom firmware for the satellite and attempted to do a soft load and retask it to spy on Soeil MoonFrye (the chick who played Punky Brewster) but alas I had a bug in my code and acidentally stuck it in a geosychronous orbit over the antarctic. [mind you satellites stuck over the antartic are hard to retask since there's no momentum, they're just spinning in place].. Now.. I was bragging in the IRC channel #3l33t3H4x0rZZZuR0\/\/|\|3dBIm3333!! and then some flamer made the comment "what good is it". So I explain to the little bitch about the infinite monkey theorum and how I'm working on a corellary called the infinite penguin theorum and how I needed the satellite stuck there.
To make a long borning story short I used my owned NSA spy satellite to track the courting rituals of the antarctic emporer penguin - and based on the number of times each penguin copulated each day I had a relatively simple algorithm that generated assembler. Well after a year or so, I tried compiling it and would you believe those horney penguins built an entire microkernel! Well I couldn't very well tell people this story since not only would it be incredibly hard to reproduce the results, but the statue of limitations hadn't run out at the time (actually the entire mess is still considered classified by the government) -- but still, I was young, and impressionable, and I thought this was too coool!! So I decided to invent this Linus character (who ironically has this weird fetish for penguins!).. well next thing I new people were contributing to this project from around the world.
Now.. the guy everybody knows is Linus in front of the camera, and from behind the keyboard is actually an imposter. His real name is Sven Hiccopolous, he sent an email to my Linux email address a few years ago and asked if I could help him sneak into the country -- well my coyote days had long since been over. But then I figured to myself that my satellite was going to fall out of orbit eventually, and this little fruitcake had the requisite penguin fetish, so I told him that he could assume the identity of "Linus" and then US companies would offer him a job even though he had no marketable skillset and barely spoke english. (Yes, a masters in computer science from the University of Helsinki is worth about as much as used piece of toilet paper here in the states).
Next thing you know Sven here is a national hero, on the cover of forbes, and what-not. To this day Sven will still adamately deny that the infinite penguin theorum even exists - let alone it's pivotal role in his rise to fame. If you don't believe me, just ask him.
Seriously, selling products for less in other countries encourages businesses to leave the united states.
I can't blame a company who outsources work to another country because its less expensive. I can BLAME an American company who intentionally lowers prices in other countries and rapes us here in the states.
Slashdot Mirror
The topics you are taking aren't useful to getting a job, nobody is going to ask you questions from those classes in an interview.
The subject content is invaluable in critical thinking and problem solving that is often sorely lacking among many vocational school graduates. In fact vocational school people don't really have the background to understand why things work the way they do - certain problems will always allude them.
So while they won't help you at all in getting the job - they will help you keep (and succeed) at the job.
So I bought the Das Keyboard when it was first mentioned on Slashdot a few months ago. It's basically a OEM Keytronic keyboard -- probably $25 at Frys.
.. but of course now i'm dragging around too much crap.
.. the quality sucks.
I am a former Fujitsu 47xx series fan -- being a touch typer who types 120 wpm+ the fact it didn't have any markings really didn't affect me. Extra points for intimidating those around me.
I like the fact it's a native USB keyboard so in can use it with my Vaio TR3A and not have one of those annoying little dongles. I also bought one of the dongles to work with the 4725 but I think it drew too much juice and didn't work -- perhaps Sony it's giving enough power to the USB bus. So I bought a Kensington powered USB hub
i'm probably going to buy one of the happy hacking keyboards, it will fit with the super tiny laptop I have.
the only thing I can say about the das keyboard is don't buy one
Ditto - although we are currently a big Mysql user, my admins have been pushing me hard to buy a support contract (even though we've had no issues for 3 years) .. we were going to buy a contract just because we felt we wanted to contribute [and we're finally in a financial position to do it]
but i guarantee NOBODY in my office will even consider buying a mysql contract.
Associating your company name with SCO is like stating that a small outbreak of leporsy happened in the lunchroom -- after that I swear the green jello will never quite taste the same.
Yes, I routinely feel dumber after watching Fox news.
There are also several people here in my office which after listening to them for a little while I feel dumber.
It all makes such perfect sense.
No that doesn't make any sense.
Hitatchi's won't add a 256mb flash disk because they can't put that on the spec's.
For example for the same cost which one do you buy:
1. x brand laptop with 1gb flash memory
2. hitachi brand laptop with 768mb of memory and 256mb of flash.
99.9999% of consumers aren't smart enough to make the comarison, even if Hitatchi claims their battery lasts longer -- it doesn't matter because it's impossible to prove, Brand X will claim the same battery life (which is difficult to measure by any standard). And of course Brand X has more memory so personally i'd buy that one.
You and I both know the hitatchi would end up needing to the same amount of physical ram to compete -- and therefore will end up costing $35-$50 more simply because it has the built in flash drive, and that increase in price would ultimately make it less attractive to the consumer. Why would Hitatchi do that? Educating consumers is hard and expensive.
Also the ram buffer can be put to better use when the laptop is plugged in -- even if it does consume more power and heat when it's not plugged in.
NOTE: I've spoken with laptop designers and suggested they add a flash disk, but not for the reason you suggest. Laptop with flash disks could pop in and out of hibernate in like 2 or 3 seconds instead of the normal 30 seconds to minute of current systems. For certain applications this would make them much more attractive. (I would personally give a lot of purchasing preference to a laptop that could do a full boot in 5 seconds -- i'd easily spend an extra $100 for this feature)
I remember when I got a computer that had a 32mb of memory, I copied my Windows 3.0 onto a ram disk in xpanded memory and it started and initialized in about 4 seconds. Wowee! Pretty much everything sense then has been a disappointment.
No no no..
:-)
..
A CF-Card is *WAY* too slow. Plus residential memory sticks aren't designed to be durable enough to withstand the normal read/write operations required by a database, nor do they typically have the bandwidth (so even though the seek time is very fast, the bandwidth on most types of residential memory cards is pathetic). DO NOT USE CF-CARDS IN YOUR SERVERS THEY WILL DIE AND YOU WILL BE SCREWED.
Yes -- I agree. BitMicro stuff is expensive, though if you are doing a quantity purchase you can get a better price. One of their primary customers is the military (they use 'em in Missles) so I think they are accustomed to charging too much.
If you can't do a quantity purchase then talk to some other friends who are admins and you all go in together and they'll cut you a deal.
But even at at retail a 1gb drive (which is WAY MORE THAN MOST PEOPLE NEED FOR THEIR BINLOGS) should give you a 40-50% performance boost on updates/inserts/deletes for MySQL -- even more if you use replication. You tell me where you're gonna put a $1000 and get those numbers.
They also claim to have a special patented method for how they write to the drive to spread the writes around so that the drive doesn't burn up and so they claim it has an equivalent MTBF than a hard disk (I think most drives around 30 years these days, and they claim 25 years on their stuff).
Anyway.. bottom line: don't use a CF-Card, I bet most ATA-2 IDE drives could beat the bandwidth on one of those.
div_2n? Did you ride the short bus to school or what?
I said:
I'd definitely put one of these in my laptop since it would save on power.
I didn't say use one of these drives for a server -- I said use a PURE flash drive to store binglogs -- but the article touts the drives as some sort of new invention and I was merely pointing out that using flash hard disks isn't new.
But since we're on the subject -- why not run one of these drives in a server? especially any server which does frequent writes and then reads of data --- seems like it'd give you a performance bump there as well (think temp files).
There have been several vendors of Flash Based hard disks for a while. This is the first hybrid flash+magnetic drive -- and even this isn't all that different of an idea than say a Compaq smart array controller with battery backed write cache which used NVRAM to store data. It's innovative and i'd definitely buy a laptop that had it.
I think many slashdotters will miss the big picture. This is mostly a power saving utility -- and it could offer performance gains assuming the files you use are available on the flash and the drive doesn't need to be spun up. (Of course when the drive DOES need to get spun up, plan on having a *really* long access time so I think this will be negligble). Buy basically it means you can leave auto-save on Microsoft Word enabled and not drain your battery.
BUT since we're on the subject i'm a huge fan of flash only drives, they have several special applications because of their access times (in nanoseconds instead of milliseconds), extremely reliable (no moving parts, read/write cycles in the billions + ECC checking) and high bandwith they are NOT ideal for situations such as swap (JUST BUY MORE RAM IT'S CHEAPER AND FASTER!!) but instead they are perfect for situations were you need persistent storage of highly accessible files e.g. binlogs on a database.
You can easily bump up the performance of MySQL or Oracle using one of these drives for A LOT less
There is a company called BitMicro http://www.bitmicro.com/ which produces ATA and SCSI, and Fibre Channel flash only hard disks.
Using a flash only drive you will get a dramatic performance bump in any transaction database by storing the transaction files on the database.
Honestly the $0.10 bracket is so 2004.
Imagine spending a whole dime!!!! How absurd and wasteful. I accomplished the same thing for -$0.01 using the following components:
1. Large piece of duct tape (appx value $0.04)
2. Used piece of bubble gum from under desk. (FREE)
3. Piece of string I found on floor (FREE)
4. Bailing wire procured from neighbors fence (FREE)
5. Plus I found nickel in my couch cushion while doing this project. Whoop! (value -$0.05)
If anybody is interested I'll writeup an article detailing how it works and post pictures.
I'm thinking about forming a corporation to sell kits for $0.01 -- (nickel included). I bet I could do a 2x or 3x markup and sell it for -$0.03.
Phase one: we collect underpants.
Phase two: ???
Phase three: profit!
Of course it will work -- You don't know much about corporations do you? Us gnomes are geniuses at corporations.
Wow .. Okay for the record -- I didn't mean to start a troll war. Arrgh.. trolls. Hate trolls.
.. first off I was up late last night hacking a Third Party TAPI service provider that integrates as a SIP Proxy (hobby), and then I got abruptly woken up because our VOIP carrier decided to magically change our rates and disable our account because they blew through our prepaid balance. (Arrgh!) .. bad morning. To the individual who pointed out I was angry -- bonus points.
.. I apologize to all who had to read this .. I broke the first rule of Slashdot.. Don't read slashdot angry -- because slashdot posts will do little to calm your nerves.
I apologize
In my sleep deprived state -- I *incorrectly* expressed what I was trying to say, or if you go back and re-read it, I misconstrued that perhaps the serial # has something to do with TTL. FOR THE RECORD: TTL AND SERIAL # ARE NOT RELATED. That isn't what I meant (you all should know that?!?!?), what I meant was that if you don't bump the TTL then your own nameserver if you do a SIGHUP won't show the changes and you can set the TTL to whatever you want and it won't do a bit of good. Classic newbie mistake.
Also while we're on the subject of TTL's I that our nameserver is actually setup to increase TTL's less than 24 hours to 24 hours.
I believe thats in an RFC or best practices guide I read somewhere. I do know that TTL is a recommendation, thats all. It should be set to a sane and reasonable number, and so if you don't set it to something I consider SANE and REASONABLE, I will do it for you.
As far as the astute individual who pointed out that ridiculously low TTL's are necessary for things like MX record cut overs -- yeah, well little grasshopper -- please stop lecturing me and go get me my coffee.
See with MX records, if the primary isn't reachable, it's possible to have a secondary. And you probably ought to think about leaving the first box there, setup to forward mail to the NEW BOX --- since (call it a hunch) there's at least one piece of mail that is going to be sent by a screwed up mailserver.
Heck.. i'm just happy when they attempt to send mail to my MX record instead of my A record (Thanks Micro$oft!)
Anyway
Hmm.. or is the first rule of slashdot - don't talk about slashdot?
Waaa.. Waaa.. somebody ignored my TTL.
Listen -- We are SOA for around 11,000 domains. Both myself and the other uber-admins get tickets like this "escalated" when some clueless newbie wet behind the ears freaking junior admin DOESN'T RTFM and doesn't realize that if the serial #'s don't change then TTL is ignored.
We interface with nearly every major ISP -- I assure you, their name servers are configured just fine --- It's yours that is broke.
For those of you who just aren't DNS afficiandos -- so how retarded is this? Well here is another story ideas for slashdot that is along the same lines:
OMG! Two major RG vendors (NetGear and Dlink) don't follow RFC798 (TCP). See when I block port 80 on my firewall, the web stops working -- Imagine the whole web stops working by blocking just one little port. This is a huge problem! It needs to be addressed!
How about this little doosey:
I've just uncovered a SCO/Microsoft conspiracy. They've apparently teamed up because after reinstalling Windows XP onto another partition XP disabled my Linux partition -- the boot menu doesn't come up anymore. Clearly Microsoft is doing this to help SCO protect their intellectual property! Quick tell Groklaw!!!!
If you don't get either of the two above -- I can't help you. (seriously -- WTF are you reading slashdot for??)
I swear
Have a lawyer write them a letter, send it certified.
.. tell them you intend to sell their reseller account. At the very minimum this will get the attention of somebody at those respective registrars.
Explain in the letter that they either need to respond to you in writing how to transfer your domain name or you will be taking them to small claims court for the amount of the domain, along with the value of your time ($100/hr). Explain you would like to solve this amicably.
If they respond - you win!
If they don't, then take the letter to a judge and get a judgement against them.
If they show up - you win!
If they don't, You also win!
File the appropriate paperwork to the court and let them know you intend to place a lean on the companies assets.
Now, write Tucows/e-Nom a letter explaining that you have a court order to liquidate their assets.
Ask if the account is in good standing and if it has any values (your attorney will be able to put this into legalease for you)
If it doesn't -- hire a company to seize and sell their reseller account and liquidate their assets, then you buy it on eBay! Whoohoo! Now you get your domain back and you've got your own registrar. Hurray!
ps> if all this seems like too much work, then try finding another tucows reseller who can contact somebody at tucows to get the domain transferred to them. Tucows sucks, but they suck less if you're a reseller.
DNS poisoning is not new. Using it for fraud is new. Defending against it (if you're Google) is difficult, but not impossible.
..
I swear -- Technical people need to stop addressing these problems with solutions that are technically elegant but unrealistic.
Yeah, lets secure all the nameservers on the Net! sure that'll work. Hell, we've only been doing DNS poisoning attacks for what? 12 years or so? hey well at least we finally got sendmail secure. Doh!
The only way we're going to be able to stop bad guys is to start having applications that use more than one protocol to verify integrity AND start building in stronger indepedent crypto behind the scenes making it much much much harder to spoof. You don't have to change the whole protocol stack we just need to share more information across protocols. Right now, when you compromise one protocol, you own the box. Aiiee!
I'm actually happy this happened -- because I've felt the Net needed a big overhaul for a while. My parents can't safely use the Internet, neither can yours. And all us gunslingers who could keep them safe are too busy securing our damn nameserver, and dealing with joe jobs to do anything about it. The solution requires a more comprehensive look at the problem.
If the bad guys are specifically targeting google with DNS poisoning, it's reasonable to assume it will undermine peoples faith in Google. (ATTENTION FLAMERS: YES, I am aware the request was hijacked long before it got to Google -- but the end user won't be because they don't have a clue what DNS stands for or how it works).
Seriously - your mom/dad would take away from an explanation of DNS hijacking was "Go to google, get a virus" (read the previous article posted earlier today about how people don't understand technobabble)
Does anybody else besides me find this whole thing incredibly ironic? People will see Google as being the problem, even though it's almost definitely Microsofts fault. Damn.. sucks to be Google. (Okay, yeah.. honestly i'd love to have Googlesque problems, but also the Googlesque resources to solve them!)
Anyway I think this sort of article hopefully illustrates to Google why they need to start promoting a secure browser WHICH isn't subject to malware attacks such as IE really is in their best interest -- and although it has a minimal cost impact to them, it has a huge long term impact to the net community. Honestly, I believe if Google offered a "safer" online experience -- i'd put my parents on it in a second, I think everybody here would too. I don't trust Yahoo, MSN, Ask Jeeves, etc. or any of those companies with the tender care of my parents Internet experience.
I say Google - rather than just "firefox", because if Google put Gbrowser on their homepage you know it'd have a 30% usershare virtually overnight -- maybe more. They install the google toolbar, it transmits information about where you're surfing to google -- BUT it also checks with Google to make sure you're at a "safe site" --
OKAY so you want a real example -- how about a simple one -- why not a modified robots.txt with an entry that included a list of the valid IP's for the SOA for your root domain for the next 30 days. Boom, they already pick up robots.txt -- BUT now they can authenticate that the DNS wasn't posioned using google toolbar. Sexy huh?
I've got lots of ideas like this -- there are probably 5 things sites could *OPTIONALLY* do, that merge application stacks -- but at the same time it would make it necessary for a phiser to compromise MULTIPLE hosts, across MULTIPLE protocols -- thereby making it *statistically* impossible.
(NOTE: If I seem brilliant it's only because i'm standing on the shoulders of Giants. I love how SPF uses DNS to authenticate mail servers -- it's non-intrusive, but an illustrative example of the types of solutions that we as a technical community need to solve problems)
That's effectively what is it.
:-)
It's just a different word for each account/vendor. And the word expires. And we can tell who's looking up the word. And customers can't remember the word -- so this way they can just look it up.
No, for our staff our we have an SSL site to generate the keys.
The keys are only good for a few days, the partners (and there are only a handful of them) have a separate login to our extranet that allows them to generate keys based on their company.
The keys are only good for a few days (currently 7) AND they identify the company they came from to customer when they authenticate the key.
I work for an an e-commerce software company that processes several million dollars in sales a month.
/ authkey.php
In the past few weeks we've had scam artists targeting our customers offering to do free SEO analysis only to get in and download their customer base.
They claim to be partners of ours, and they tell the business they need admin access to do the study and they'll give them a free report.
Of course they get in, as admin, then they download the order history and customer list and start calling the customers saying "we had a problem with your order can you please verify your credit card number ending in [last 4 digits]" and most honest people happily oblige by repeating the valid credit card number over the phone. Then they ask for the CVV/CID # Yeoch!
Fortunately a lot of our sales go through Paypal which isn't subject to that sort of phraud.
I figure a single break in could easily net them 50,000 valid credit cards. Very scary.
I suspect the calls originate from hacked out IP Phones.
Here's how we fixed the problem so that our customers they could verify the identity of our staff and our legitimate partners:
http://webdoc.zoovy.com/info/index.php?GOTO=guide
I wondered the same thing.
If you read the article it seems letting it land by parachute takes the chance that the samples inside the unit will get damaged.
Although not obvious, I think this little doosey will dramatically improve Mozillas installed base.
Clone PC makers are always looking for a way to make a few extra bucks on a PC - the fact is by removing IE and replacing it with Mozilla and installing AdBar those PC's will (after a few years) generate more revenue than they made by selling the PC -- this leads to an interesting model of being able to sell computers at near zero cost, or at least to raise their margins.
I would venture to guess that the majority of the computers sold never have their default browsers changed.
So do the community a favor - next time your in a clone shop ask if they install Mozilla by default on all new systems? Then when they say "No" ask "Okay, so whats the catch -- why are you guys leaving money on the table" then they say "huh" then you explain why they ought to be installing Mozilla with AdBar and they'll start getting checks every month from Google.
Ironic isn't it?
Just imagine what would happen to Mozillas #'s if a Compaq or a Dell did that? Even a tier 2 seller like Tiger (who hawks stuff on QVC).
AdBar is an awesome idea, kudos to the author!
I apologize in advance for the length, I keep meaning to write this up and publish it so we've got some prior art when some consciouly devoid person attempts to patent this.
.. you could use a mechanism like AIM (AOL Instant Messenger) or IRC to message the password stores contents between two or more computers. It doesn't need to be realtime, the computers just need to meet online every day or two to sync up details. This will become *phenomially* important as lots of sites on the web transition to a pay to play model.
..
.. Color code it from Blue (Safe) to Red (questionable) and change the color of the window. I can tell my mom and grandmother to check the color BEFORE they put in their passwords (also the distributed password thing makes joejob'ing harder since users can be encouraged to use MUCH stronger passwords which they won't/don't have to remember)
I don't know if this counts as machine learning, but here are two plug-ins i've toyed with writing which I believe would change how people use the Internet:
IDEA 1: Distributed password synchronization: Rationalization - People often pick BAD passwords and use them at hundreds of sites - because when they goto a site from another computer it doesn't know my password so i'll have to guess it. (Just remembering the login names required for each site is a pain in the ass)
Don't give me a whole bunch of rants about how it'd be insecure or whatnot. It can be designed securely, there are LOTS of ways to do it - and frankly it'd more secure than me using the same password for Paypal and for "joejob.cz" which both happen to require email address as a login.
------
IDEA 2: The second requires a bit more coordination but would be PHENOMINALLY USEFUL to the Internet community and catapult FireFox into the most secure browser available. OR translated: I'd install it on my parents computer, and tell them never to surf the Internet using IE because it's not secure [as would all the other readers here]. (Right now FireFox offers no substantial security advantage over IE, it's just less exploited, and by choosing firefox certain sites just don't work - so i'd never tell my parents to use it)
Use the existing spam infrastructure to blacklist phishing sites - use metrics for past traffic, current traffic, perhaps is the site listed in google and arrive at a fraud score for the page, let users flag it as a Phishing site if it appears to be one. All this arrives at the fraud score (e.g. PageRank)
It doesn't have to be perfect, but you COULD say that a reputable company would have a "4 or 5" and a new company would have a "3" and a fake site would have a "0"
This also brings up some interesting challenges/opportunities for the folks at Google - let me explain. If you use Page Rank as one of the metrics and when the PR is zero you can't get above a 1 or 2 - then it means every phishing site will need to be registered in google. The google toolbar already checks PR when I first go to a site - so no biggie, so does Alexa, and all the others.
BUT what is key is the folks at Google are *really good* at recognizing duplicate content under multiple domains. Phising sites are built to look like their legitimate counterparts. By keying off certain big sites (eBay, Paypal, CitiBank, etc.) and letting google vet a site 30 days BEFORE the public it gives Google the opportunity to potentially alert law enforcement BEFORE it went into the index, if it is indeed a phishing site then law enforcement could either have the site shutdown OR let it go into the index and be sitting there waiting to nab whoever tries to get the passwords (remember, whoever is CHECKING for the phishing site is the "phisherman".
It'd be giving the good guys a head start in the cloak and dagger game. To be fair the score should be based on the composite of MULTIPLE sites and SPAM filters, thereby not giving preference to Google - it could be applied to any index.
Okay this is more of an infr
I find it ironic that the vast majority of the people who are writing on this thread are stealing Internet access from work.
This is a double standard - you either use it at work for work, and use it at home for home, or you use 'em both for both - and work pays for work, and YOU pay for home.
And for all you flamers who want to write back and tell me you're on your break, or this is personal time or whatever - seriously, sit down and do the math and figure out how much time you spend trolling on slashdot instead of doing your job and following up with your customers.
I'm sick of this, the truth must be told before the end of my days.
.. Now .. I was bragging in the IRC channel #3l33t3H4x0rZZZuR0\/\/|\|3dBIm3333!! and then some flamer made the comment "what good is it". So I explain to the little bitch about the infinite monkey theorum and how I'm working on a corellary called the infinite penguin theorum and how I needed the satellite stuck there.
.. well next thing I new people were contributing to this project from around the world.
.. the guy everybody knows is Linus in front of the camera, and from behind the keyboard is actually an imposter. His real name is Sven Hiccopolous, he sent an email to my Linux email address a few years ago and asked if I could help him sneak into the country -- well my coyote days had long since been over. But then I figured to myself that my satellite was going to fall out of orbit eventually, and this little fruitcake had the requisite penguin fetish, so I told him that he could assume the identity of "Linus" and then US companies would offer him a job even though he had no marketable skillset and barely spoke english. (Yes, a masters in computer science from the University of Helsinki is worth about as much as used piece of toilet paper here in the states).
The truth is that Linus Torvalds isn't real, or at least he wasn't, he's was fictional character made up by me. A few years ago, around 1987 I was doing some snooping around the NSA's mainframes and I broke into one of their spy satellites. I decided it'd be fun to hack around, so I wrote my own custom firmware for the satellite and attempted to do a soft load and retask it to spy on Soeil MoonFrye (the chick who played Punky Brewster) but alas I had a bug in my code and acidentally stuck it in a geosychronous orbit over the antarctic. [mind you satellites stuck over the antartic are hard to retask since there's no momentum, they're just spinning in place]
To make a long borning story short I used my owned NSA spy satellite to track the courting rituals of the antarctic emporer penguin - and based on the number of times each penguin copulated each day I had a relatively simple algorithm that generated assembler. Well after a year or so, I tried compiling it and would you believe those horney penguins built an entire microkernel! Well I couldn't very well tell people this story since not only would it be incredibly hard to reproduce the results, but the statue of limitations hadn't run out at the time (actually the entire mess is still considered classified by the government) -- but still, I was young, and impressionable, and I thought this was too coool!! So I decided to invent this Linus character (who ironically has this weird fetish for penguins!)
Now
Next thing you know Sven here is a national hero, on the cover of forbes, and what-not. To this day Sven will still adamately deny that the infinite penguin theorum even exists - let alone it's pivotal role in his rise to fame. If you don't believe me, just ask him.
Seriously, selling products for less in other countries encourages businesses to leave the united states.
I can't blame a company who outsources work to another country because its less expensive.
I can BLAME an American company who intentionally lowers prices in other countries and rapes us here in the states.