I did, in fact, read that part. I was not, however, referring to the overhead of purchasing more machinery; Xen virtualization may not require different hardware for each service, but it does require a unique memory space for each virtual server, and that is costly in terms of system resources.
The post proposes a pretty novel solution---maintain separate hosts for each server---but it seems really inefficient. I mean, Xen as I understand it will run full operating systems in each of its virtual domains, including separate kernels and whatever else the system needs running.
Why not just work with chroot jails? They accomplish the same thing---keeping things isolated from dangerous interaction with the rest of the system---but without the ridiculous performance overhead of running entire and discrete systems for each service provided.
[...] Good introductions to game theory would be welcome, [...]
You and a partner commit a crime, and are arrested. In the interrogation room, you learn that the two of you will each go to jail for 2 years if neither of you says anything; however, if you testify against your partner, you'll get off free while he ends up with 6 years. If both of you confess, you both go to jail for 4 years. What do you do?
You are playing a game where you are given $50, and then asked whether you would like to take it as is, or flip a fair coin. If you make the latter choice and turn up heads, then your total amount will be doubled to $100; if you turn up tails, then the amount will be halved. Do you take the $50, or take your chance with the coin?
You appear on a game show where, at some point, you are told to pick one of three doors. Behind one of these doors is a prize; behind the other two, nothing. You pick a door. The host then declares that he will open one of the empty doors. Having done this, he offers you a chance to switch to the other, single remaining door. Do you switch, or do you stay?
All of the BSDs currently have excellent package-management systems that can elegantly handle both binary and source packages. pkgsrc in particular is a really nice system---further, it has the advantage of not being tied to one OS. Although it is developed primarily for NetBSD, it can be used from any of the other BSDs, Linux, several Unices, and even Windows (with Internix, i.e. Windows Services for Unix).
In fact, it's definitely worth checking NetBSD out; the 2.x line has been really interesting, and development is continuing to move forward at a rapid pace. If you're on a single-processor system, it's arguably one of the best-performing OSes available at the moment, and it in general will work. Add that to the fact that you could probably port it to your toaster if you were dedicated enough, and it's worth giving serious consideration to as an alternative to Debian, or indeed anything else.
this further propagates the idea of centralized identity management.
Christ on a cracker, I know this is Slashdot, but could you at the very least read the summary?
The system utilizes decentralized servers to authenticate users, and aims to replace centralized ID systems such as Microsoft's Passport and SixApart's TypeKey.
The systems I have used do confirm your order, but like many such confirmations they're of little value since you reflexively click through them.
Of course, having a confirmation dialog for every case is stupid---that's no better than just accepting it without any checks, and probably worse because of the nuisance presented to the user. What's being suggested isn't that, but rather a sanity check; if a really big number is entered, ask if the user is sure they want to do that, but don't say anything for expected inputs.
When people talk about scripting languages, they often talk about things that are more toward having a developer be able to slap something together rally quickly and get a demo out the door in minutes. How fast the thing runs or how well the thing scales or how large a system you can build tend to be secondary considerations....
This is nit-picking, I know, but I was under the impression that scripting languages were actually defined by the presence of an actively-running interpreter during execution, making it possible to, e.g., construct and execute statements at runtime with things like PHP's exec() or Lua's do(file|string) functions (see: http://www.lua.org/pil/8.html for discussion on dofile and Lua's status as a scripting language). I wasn't aware that capability for rapid prototyping or language speed had anything to do with it.
Taking that into consideration, then, would Java with JIT qualify as an interpreted or compiled language? I'm not sure, myself---any thoughts?
That aside, a solid interview. Java looks to be pretty interesting; though in its current form it does bug the hell out of me (System.out.println()? Yeah, yeah, OO, but come on, three nested levels of scope just to get to a command line?), its progress has been impressive, and it's an innovative idea.
You're assuming, in calling these people idiots, that what they're doing is unintentional.
If web coding were easily doable by hand with a text editor, would they get much in the way of sales for FrontPage? If web applications were ubiquitous thanks to a fully functional browser, do you think people would continue to fork over such obscene amounts of cash for MS Office?
Is this crazy? Over-the-top? Probably. But for a company that has so many brilliant researchers among its ranks, isn't it odd that their web browser is so shoddy, yet they still continue to pour money and development time into it rather than let someone else take over?
There's Plan 9 and Inferno. I haven't had much opportunity to experiment with either one, but they both look really interesting. There's also Hurd, but as far as I can tell (which admittedly isn't very far) it's currently about where it was in the nineties in terms of actually working.
You know, I just thought the same thing. Furthermore, I'm pretty sure most other geeks who read the summary (not the article---this is Slashdot for chrissakes) also had a similar thought.
Considering Mauritius' relatively small size, this begs the question... is it possible to slashdot a country?
In fact, let's drop everything we're doing right now and... and what? Take those warlords out of power? Forcibly? Killing how many? Are you suggesting we should go in there and somehow instill democracy? That has, after all, worked so well in Iraq, Afghanistan, Vietnam, North Korea, Haiti, Panama, Kosovo, Iran, and India. All of the unrest in the world is clearly proportional to the amount of time we spend on things not directly related to it, and if we actively try to stop it, it will recognize our efforts and just be nice and go away.
So let's just stop all development of technology, any progress at all, and focus all of our efforts singularly on making everybody happy and healthy. Never mind the fact that this hasn't happened yet in all of human history; if we just stop progressing and think really hard about it, I'm sure the silver bullet will fall right out of our stagnant asses.
Those Mauritian pigs. Progressing on their own rather than getting involved with every little problem in the entire world. How dare they, those rich snobs.
Probably not without a lot of tweaking and extra work. Windows' desktop environment is fundamentally different from X, so I don't think that a full port of KDE is a reasonable expectation. There are, however, some nice Windows clones of *nix shells (e.g., http://www.bb4win.org/), and there is of course always Litestep.
Well, with things like Beowulf clusters that can be built from commodity hardware, things like password-cracking are becoming easier...
On the other hand, why bother wasting computer time on passwords when companies publicly transport them, unencrypted, on plain backup tape? Really, all you can do to ensure password safety is use a variety of passwords at different places, to prevent one idiot dot-com from screwing your whole identity over. Personally, I predict that social engineering and simply taking advantage of lax business practices will continue to be much more popular than actual brute-force cracking until quantum computers become widely available.
DataHand is where it's at. Seriously, if I ever find myself with a spare $500, I am definitely getting one of those.
Admittedly, Kinesis keyboads look cool too, but being able to type anything just by twitching your fingers in certain directions by miniscule amounts? Come on.
The signing of open-source packages are to prevent download corruption usually.
No, that is not what md5sums are for. Corrupted downloads can be prevented with a simple CRC check; MD5's goal as a cryptographic hash function is to verify that data received from an untrusted source, e.g., a mirror site for a software download or an unknown computer user (with a cryptographic key) is identical to data that a trusted source distributed in some way. Being able to generate meaningful collisions in a cryptographic checksum is a very, very bad thing; a malicious attacker can forge digitally signed documents and convince users that arbitrary binary downloads are in fact safe and trusted programs.
Because mobile phones and calculators aren't as fast or as accurate, and they can cause some serious damage to the mind.
Seriously, while we can't all be expected to multiply massive numbers in our heads and find arbitrary roots of numbers mentally, the more math we can do without resorting to pulling out an external tool, the better. Good mental math techniques have beaten out calculators---with the overhead of punching in the numbers and making sure you didn't make a mistake, to say nothing of having to dig through a pocket or a purse and pull the thing out, then in the case of a mobile phone flip through all of the menus to get to the calculator application---time and time again. Further, mental math is much less error-prone; if you're working on an external device, it is very easy to press the wrong operator and come up with a completely screwed answer, or worse, to press a wrong number and wind up with something that sounds reasonable but is in fact off. Regardless of how good human interface gets, nothing that depends on human input will ever beat the speed of human thought, and calculators invariably add another point of failure to the process.
Even aside from that, knowing "how to achieve what the calculator does" is fundamentally important in understanding higher-math concepts. You might be able to commit to memory that performing x function on y set of numbers yields z result, but if you never fully grok why that result is yielded, then your understanding will be severely limited. The commitment to memory of compartmentalized and seemingly unrelated facts and figures, despite being so overused by primary and secondary schooling systems in most civilized countries, is an inefficient tool compared to concept learning, and will ultimately lead to a society of people utterly incapable of innovation for lack of awareness of the why behind any of the many hows that they have memorized.
In short, calculators provide no benefit over a strong set of mental tools in any of the tasks to which they are set until after the completion of at least secondary-level education, they stunt the mind, and they ultimately contribute to society's decline. Using a calculator for things that are genuinely too difficult to do by head is fine, and indeed the mathematical community stands to benefit from results yielded by calculators, but for things as fundamental as what they are used for in most current school systems (addition, multiplication, division, subtraction, et al), calculators are not only pointless but harmful.
Meanwhile, don't mind those people walking off with that case full of tape storing all of your company's sensitive information entirely unencrypted.
It really is disturbing to see how many companies think that becoming a Big Brother figure to their employees is a reasonable or effective substitute for a good---or even any---security policy.
Actually, has anyone out there run into any issues with OpenOffice as a substitute for M$ Office? I'm considering switching everything over, especially after reading this article.
If you find yourself typing anything in another language for any reason, be prepared for a world of hurt. OO.o will intermittently switch to English at random intervals and start marking all of your words as misspelled until you select the whole text and manually switch it to the other language (through the ungainly interface of the font selection dialog, IIRC.) I haven't found much in the way of actual documentation of this problem, but I've seen it happen on a few entirely unrelated occasions with different people.
In my experience, LaTeX has been much nicer to me. I've pulled out a few hairs getting it working with e.g. MLA format (it doesn't seem to be very friendly to the formats used by the humanities in general, probably because it's much more commonly used for scientific or mathematical documents), but editing is much cleaner and faster without my having to worry about the format as I write the content, and it can be spellchecked with the full power of ispell---to say nothing of the fact that its output is nothing short of gorgeous. YMMV, though, and for all that might be wrong with OOo, it's undoubtedly better at least than MS Office.
Slashdot Mirror
I did, in fact, read that part. I was not, however, referring to the overhead of purchasing more machinery; Xen virtualization may not require different hardware for each service, but it does require a unique memory space for each virtual server, and that is costly in terms of system resources.
The post proposes a pretty novel solution---maintain separate hosts for each server---but it seems really inefficient. I mean, Xen as I understand it will run full operating systems in each of its virtual domains, including separate kernels and whatever else the system needs running.
Why not just work with chroot jails? They accomplish the same thing---keeping things isolated from dangerous interaction with the rest of the system---but without the ridiculous performance overhead of running entire and discrete systems for each service provided.
"Is that a wifi hotspot in your pants, or are you just happy to see me?"
You and a partner commit a crime, and are arrested. In the interrogation room, you learn that the two of you will each go to jail for 2 years if neither of you says anything; however, if you testify against your partner, you'll get off free while he ends up with 6 years. If both of you confess, you both go to jail for 4 years. What do you do?
You are playing a game where you are given $50, and then asked whether you would like to take it as is, or flip a fair coin. If you make the latter choice and turn up heads, then your total amount will be doubled to $100; if you turn up tails, then the amount will be halved. Do you take the $50, or take your chance with the coin?
You appear on a game show where, at some point, you are told to pick one of three doors. Behind one of these doors is a prize; behind the other two, nothing. You pick a door. The host then declares that he will open one of the empty doors. Having done this, he offers you a chance to switch to the other, single remaining door. Do you switch, or do you stay?
All of the BSDs currently have excellent package-management systems that can elegantly handle both binary and source packages. pkgsrc in particular is a really nice system---further, it has the advantage of not being tied to one OS. Although it is developed primarily for NetBSD, it can be used from any of the other BSDs, Linux, several Unices, and even Windows (with Internix, i.e. Windows Services for Unix).
In fact, it's definitely worth checking NetBSD out; the 2.x line has been really interesting, and development is continuing to move forward at a rapid pace. If you're on a single-processor system, it's arguably one of the best-performing OSes available at the moment, and it in general will work. Add that to the fact that you could probably port it to your toaster if you were dedicated enough, and it's worth giving serious consideration to as an alternative to Debian, or indeed anything else.
Christ on a cracker, I know this is Slashdot, but could you at the very least read the summary?
Of course, having a confirmation dialog for every case is stupid---that's no better than just accepting it without any checks, and probably worse because of the nuisance presented to the user. What's being suggested isn't that, but rather a sanity check; if a really big number is entered, ask if the user is sure they want to do that, but don't say anything for expected inputs.
From TFA:
This is nit-picking, I know, but I was under the impression that scripting languages were actually defined by the presence of an actively-running interpreter during execution, making it possible to, e.g., construct and execute statements at runtime with things like PHP's exec() or Lua's do(file|string) functions (see: http://www.lua.org/pil/8.html for discussion on dofile and Lua's status as a scripting language). I wasn't aware that capability for rapid prototyping or language speed had anything to do with it.
Taking that into consideration, then, would Java with JIT qualify as an interpreted or compiled language? I'm not sure, myself---any thoughts?
That aside, a solid interview. Java looks to be pretty interesting; though in its current form it does bug the hell out of me (System.out.println()? Yeah, yeah, OO, but come on, three nested levels of scope just to get to a command line?), its progress has been impressive, and it's an innovative idea.
You're assuming, in calling these people idiots, that what they're doing is unintentional.
If web coding were easily doable by hand with a text editor, would they get much in the way of sales for FrontPage? If web applications were ubiquitous thanks to a fully functional browser, do you think people would continue to fork over such obscene amounts of cash for MS Office?
Is this crazy? Over-the-top? Probably. But for a company that has so many brilliant researchers among its ranks, isn't it odd that their web browser is so shoddy, yet they still continue to pour money and development time into it rather than let someone else take over?
Anyone know if the DragonFlyBSD people are considering going anywhere with this? It seems right up their alley.
There's Plan 9 and Inferno. I haven't had much opportunity to experiment with either one, but they both look really interesting. There's also Hurd, but as far as I can tell (which admittedly isn't very far) it's currently about where it was in the nineties in terms of actually working.
Oops. I, uh... I think I broke your sense of humor.
At least, it's not working correctly at any rate.
Sure you can. Just hook the Pope up with a PGP key and we'll be set. Holy digital signatures all around.
You know, I just thought the same thing. Furthermore, I'm pretty sure most other geeks who read the summary (not the article---this is Slashdot for chrissakes) also had a similar thought.
Considering Mauritius' relatively small size, this begs the question... is it possible to slashdot a country?
You're absolutely right.
In fact, let's drop everything we're doing right now and... and what? Take those warlords out of power? Forcibly? Killing how many? Are you suggesting we should go in there and somehow instill democracy? That has, after all, worked so well in Iraq, Afghanistan, Vietnam, North Korea, Haiti, Panama, Kosovo, Iran, and India. All of the unrest in the world is clearly proportional to the amount of time we spend on things not directly related to it, and if we actively try to stop it, it will recognize our efforts and just be nice and go away.
So let's just stop all development of technology, any progress at all, and focus all of our efforts singularly on making everybody happy and healthy. Never mind the fact that this hasn't happened yet in all of human history; if we just stop progressing and think really hard about it, I'm sure the silver bullet will fall right out of our stagnant asses.
Those Mauritian pigs. Progressing on their own rather than getting involved with every little problem in the entire world. How dare they, those rich snobs.
Probably not without a lot of tweaking and extra work. Windows' desktop environment is fundamentally different from X, so I don't think that a full port of KDE is a reasonable expectation. There are, however, some nice Windows clones of *nix shells (e.g., http://www.bb4win.org/), and there is of course always Litestep.
Well, with things like Beowulf clusters that can be built from commodity hardware, things like password-cracking are becoming easier...
On the other hand, why bother wasting computer time on passwords when companies publicly transport them, unencrypted, on plain backup tape? Really, all you can do to ensure password safety is use a variety of passwords at different places, to prevent one idiot dot-com from screwing your whole identity over. Personally, I predict that social engineering and simply taking advantage of lax business practices will continue to be much more popular than actual brute-force cracking until quantum computers become widely available.
DataHand is where it's at. Seriously, if I ever find myself with a spare $500, I am definitely getting one of those.
Admittedly, Kinesis keyboads look cool too, but being able to type anything just by twitching your fingers in certain directions by miniscule amounts? Come on.
How about hypersound?
Yeah, sure, until using encryption is flagged as a likely indicator of criminal activity, too...
Remember, if we don't all walk around with our pants down in public, that means that we've got something to hide.
No, that is not what md5sums are for. Corrupted downloads can be prevented with a simple CRC check; MD5's goal as a cryptographic hash function is to verify that data received from an untrusted source, e.g., a mirror site for a software download or an unknown computer user (with a cryptographic key) is identical to data that a trusted source distributed in some way. Being able to generate meaningful collisions in a cryptographic checksum is a very, very bad thing; a malicious attacker can forge digitally signed documents and convince users that arbitrary binary downloads are in fact safe and trusted programs.
Because mobile phones and calculators aren't as fast or as accurate, and they can cause some serious damage to the mind.
Seriously, while we can't all be expected to multiply massive numbers in our heads and find arbitrary roots of numbers mentally, the more math we can do without resorting to pulling out an external tool, the better. Good mental math techniques have beaten out calculators---with the overhead of punching in the numbers and making sure you didn't make a mistake, to say nothing of having to dig through a pocket or a purse and pull the thing out, then in the case of a mobile phone flip through all of the menus to get to the calculator application---time and time again. Further, mental math is much less error-prone; if you're working on an external device, it is very easy to press the wrong operator and come up with a completely screwed answer, or worse, to press a wrong number and wind up with something that sounds reasonable but is in fact off. Regardless of how good human interface gets, nothing that depends on human input will ever beat the speed of human thought, and calculators invariably add another point of failure to the process.
Even aside from that, knowing "how to achieve what the calculator does" is fundamentally important in understanding higher-math concepts. You might be able to commit to memory that performing x function on y set of numbers yields z result, but if you never fully grok why that result is yielded, then your understanding will be severely limited. The commitment to memory of compartmentalized and seemingly unrelated facts and figures, despite being so overused by primary and secondary schooling systems in most civilized countries, is an inefficient tool compared to concept learning, and will ultimately lead to a society of people utterly incapable of innovation for lack of awareness of the why behind any of the many hows that they have memorized.
In short, calculators provide no benefit over a strong set of mental tools in any of the tasks to which they are set until after the completion of at least secondary-level education, they stunt the mind, and they ultimately contribute to society's decline. Using a calculator for things that are genuinely too difficult to do by head is fine, and indeed the mathematical community stands to benefit from results yielded by calculators, but for things as fundamental as what they are used for in most current school systems (addition, multiplication, division, subtraction, et al), calculators are not only pointless but harmful.
Meanwhile, don't mind those people walking off with that case full of tape storing all of your company's sensitive information entirely unencrypted.
It really is disturbing to see how many companies think that becoming a Big Brother figure to their employees is a reasonable or effective substitute for a good---or even any---security policy.
OpenBSD's pretty safe, as well as usable despite conventional wisdom to the contrary---I'm running it as a desktop right now with very few problems.
If you find yourself typing anything in another language for any reason, be prepared for a world of hurt. OO.o will intermittently switch to English at random intervals and start marking all of your words as misspelled until you select the whole text and manually switch it to the other language (through the ungainly interface of the font selection dialog, IIRC.) I haven't found much in the way of actual documentation of this problem, but I've seen it happen on a few entirely unrelated occasions with different people.
In my experience, LaTeX has been much nicer to me. I've pulled out a few hairs getting it working with e.g. MLA format (it doesn't seem to be very friendly to the formats used by the humanities in general, probably because it's much more commonly used for scientific or mathematical documents), but editing is much cleaner and faster without my having to worry about the format as I write the content, and it can be spellchecked with the full power of ispell---to say nothing of the fact that its output is nothing short of gorgeous. YMMV, though, and for all that might be wrong with OOo, it's undoubtedly better at least than MS Office.