If it's on the corporate network (LAN/WAN/whatever) it's owned by the company. Expect no right to privacy whatsoever. There have been plenty of court cases which have upheld the right of corporate ownership in such cases. Minimally, a compay may be required to provide a statement of said ownership to it's employees, but that may not be necessary in many cases.
If you don't want the company to see it...don't do it on their network. Done. 'nough said.
This is not a new claim by far. You'll need to do a little bit of research on how their benchmarks were made. Specifically, IIS _is_ very good at serving static content, since it pretty much caches everything in memory, whereas Apache does not.
To simulate the same, partner Apache with the newer kernel-based khttpd, which is a kernel-space HTTP server, which will pretty much blow everything away for static content. Configuration is simple. You basically set it up so that static content (ie. flat HTML files, images, etc...) are served off the "accelerated" khttpd server, and everything else is sent to the Apache server.
Benchmarks are like voodoo--bad voodoo at that. Dell is showing you their voodoo from a given viewing angle, but anyone can grab it, rotate, flip, mangle, to their hearts content and get about whatever results they'd like to see.
In order to avoid this, spend an hour and figure out what _YOU_ consider to be important, and then test based on your values, an identical hardware configuration, using both IIS and Apache. These are the only results that should matter to you.
Don't allow yourself to be spoonfed what someone else thinks is important. Remember, they're a vendor...it's their job to make money off of you, not necessarily sell you the best, or right solutions.
Had DC not jumped on the folk who "reverse engineered" their product (I think it's been stated enough that what they're claiming as their IP is pretty silly) then the community wouldn't be jumping on them. Since they jumped on the tactical legal representations of their position, I think that it's perfectly fair for the community to respond in return.
/.'ers are not malicious people as a whole (myself excluded!!:) ) but if you wake the beast, expect to get bit.
I think the most humorous (read: maddening to some in the FBI) thing about this is the statement that Altivore was written in a period spanning three days, which indeed seems about right. If some congress person really wants to stick it to the FBI, start investigating how much time, money, and effort was spent developing Carnivore.
These issues raise the questions of why did the FBI have to expend N amount of resources to develop their tech. The two answers that they can provide is: 1) Carnivore does more than they've said, or 2) it should've been outsourced to another company--it would've saved the tax payers a lot of money.
Obviously, with either answer, someone would have to be held accountable, and the FBI would, in the end, be paying for their questionable position on this subject by losing the sups, and directors who would take the blame. All in all, sounds good to me.:)
You're kind of missing the point. It's not so much that they _can't_ rip a layout from another site, just that it's considered common courtesy to provide some form of attribution to the source. This recognizes the hardwork of the person or persons who created the original.
In the case of most Open Source softwares, there is a legal obligation to provide the attribution (ie. GPL, Artistic License, etc...)
The question is if this legal oblication exists when copying the visual layout of a site. IMHO, this falls under the question of copyright. If linux.com posts an explicit copyright to the layout as well as the content of their site, then the obligation certainly does exist (if it doesn't precluse the rip alltogether.)
There's plenty of legal precedent in UI design regarding this kind of issue, so the point is moot somewhat.
No, will Linux.com/VA-Linux sue this guy? Probably not. Is the guy in the wrong on this one? Probably so.
I don't think that encouraging the use of name-based virtual servers is a bad idea per se, as long as they're flexible and accept the limitations when they're presented in a requirements request document.
In addition to the SSL restriction, if you're running a site, or sites, that use some form failsafe mechanisms for redundancy, you'll have some difficulties trying to do it with only a name-based VIP.
Again, as long as the policy is flexible, and defaults to allowing someone the address space if they justify it's need, then ok.
Unfortunately, I think we're all aware of the history involved, and I don't think the flexibility will be as available as necessary to make us happy.
Yes. It's to make the default installations convenient to a novice user, or one who doesn't really care. I believe that it's expected that a user past that point should be able to make the simple modifications necessary to close down a few services--it's one of the first things I figured out how to do.
My screen is not too bright, folks. I will also add my recommendation of the Video Essentials disc--it goes through just about everything you need to calibrate your system, both audio and video.
You guys seem to have my point wrong...the original post noted that the DVD was a thing of beauty, which it's not. There are tons of discs out there that are truly amazing, and their producers have spent hundreds of hours carefully managing the transfer. I'd recommend any of the Criterion edition disks as good examples.
I love Bladerunner, but have definitly seen the artifacts with my own eyes...they're there. I watched it last night just to make sure. I've also seen it on Laserdisc, and it's, plain and simply, a far better transfer. This isn't just my opinion, but is a common complaint on the DVD fan sites about this disc.
If you are not able to see the artifacts, please accept some, or all of the following: 1) your system isn't tuned properly, 2) your system is perhaps not capable of managing the full dynamics of the image playback of the DVD, or 3) you're eyes are not that good.
None of these are necessarily a bad thing, but I love this stuff, and it's my passion. I'm not saying these observations for a "my system is better than yours" feeling of satisfaction. I don't care about your system, only mine...which isn't perfect, but better than most, and makes _me_ happy...which is all I can ask.
Guys, not to rain on your parade, but DVDs are, by their nature, compressed--that means you lose data. If the transfer is done carefully, you get a wonderful looking image, but if not, you'll start to see artifacts in areas like large color blocks (and black areas which this DVD has plenty of!!:) )
Laserdisc doesn't have this same type of limitations. So, that's why a lot of picky people who have the choice may sometimes prefer it over DVD.
Not blowing smoke up your ass. Go read some of the DVD critique sites your ownselves, already. Just because YOUR eyes on YOUR system don't see the artifacting, doesn't me that MY eyes on MY (very expensive, very large system) won't.
The original DVD has a lot of compression artifacts and other issues that plagued a lot of early DVDs. I've heard more than just rumor that there is another transfer in the work that will be far superious, but I don't know when/where.
If you really want to see it and are looking for image quality, get the laserdisc.
I think the difference between the two examples lies in the intended purpose of the given instrument. Yeah, a car can be used to kill a person, but I think a reasonable person (ie. juror) could not conclude that the owner would know, beyond a reasonable doubt, that the intention of the thief would be to use the car for nefarious purposes. However, they still may be considered negligent, but that would be a prosecutorial determination made in applying charges.
A gun on the other hand, any form of negligence would be considered gross, since it's uses are limited.
I'm not a laywer, so these are just my feelings/opinions on the subject.
As much as I'd like to agree, the opinion you express is somewhat sheltered. This is the era of big business, and the nice guy usually doesn't win.
Would I prefer a more innocent world where competition existed in it's purest state, sure. I'd also like to swim naked with Christy Turlington is vat of warm peas. Sadly, neither is going to happen, and I'd be scared of a world where the latter could actually occur!:O
Anyways, private investigation, corporate espionage & sabotoge have occurred, are occuring, and will continue to occur for the visible future.
No, really, for simple PC-to-PC stuff, you really only need two (2) PCMCIA cards @ about $165 each. If you don't have PCMCIA slots, then you'll need to fork down another $130 for the PCI bridge. You do not necessarily need cell repeaters, bridges, antenna (not for short range).
Wireless Ethernet has become so cheap and available, I'm not sure what the point is? Check out Lucent/Wavelan's offerings. For about $500US, I can get two PCMCIA cards, PCI bridges, and powered antennas that can do a couple of miles.
Hmm...that doesn't sound quite right, tho. When a user tries to look up foo.com, if his/her local DNS does not say it is authorative, then that server refers to either it's "forwarder" servers (most probably don't have one,) and then it's root.cache file, which is a list of the root servers.
The root servers then lookup what DNSs should be authorative for the domain (as per InterNIC/NetSol/ICANN database) then refers the request to that server.
So, if you just setup your own DNS, and even have your friend's DNS acknowlege it's existance through some kind of secondary or forwarder configuration, joe user's request will still not ever make it.
I honestly can't remember, and don't think anyone left here knows. Cool thing is that we got Levar Burton (forgive the spelling) to do some footage of the game. I remember seeing a lot of the work he did on our digital disc recorder after compositing was done.
This simply means that you were providing TLD service for your local systems. That doesn't mean that any other system on the net is going to know, or care, who the heck you and your systems are, unless there is an entry for them in the real TLDs.
Sadly, I know the experience first hand. The company that I still work for (for the next 1.5 weeks that is...) used to be a cdrom company. Back in the days we dropped some serious coin developing a georgeous game, based on dolphins in space, none-the-less, but when the bottom of the cd-rom market, it was eventually shelved. A very sad thing, indeed. In the hayday we had a dual (perhaps triple) shifts of animators working on farms of SGIs, rendering 24x7x365 on a large SGI Challenge XL (bad ass machine of it's day.) After the fall, the SGIs became desktop machines for web programmers, and the XL had a short life as a really big and expensive web server. Not that we haven't done some really great work in the past couple of years, but now that I'm in my last days of employment there, I look back on that game with sadness and loss--the work that had been done would've been like nothing else you'd seen on the market. R*I*P Bluestar. The company is Magnet for those interested.
That's the exact same thing said about the election four years ago. Wouldn't that make it the first election the the Internet had a measurable influence upon? Clintion/Gore and the republican campaigns both went after the Internet populous with web sites, and raised issues that they believed mattered to us.
A large number of machines in a cluster does not directly imply that the wiring and maintenence is going to be a mess. Perhaps if _you_ did it, but not if I did. I've worked on several large installation are there are right ways to do this stuff. It's not brain surgery.
There are very clean, and tested, methods to install large cabling installations, to handle large power requirements, etc... Certainly, the setup is complex, but that's the biz.
Think telco...go check out one of UUnet, Globalcenter, or Exodus' datacenters when you have a chance.
Ok, I'm gonna geek out here for a second and simply express myself.
Since I was a kid, I've always thought of designing my future home with walls that had removeable panel insets. Something akin to what I saw as a kid in Dr. Who's TARDIS, or on Star Trek's various ships (I did warn you that I was gonna geek out!)
These insets would be removable via some kind of leveraging mechanism. Perhaps even recessed lighting of some kind to give that "well lit, but no obvious source" look.
Yeah, it'd probably look pretty strange for a home, and perhaps more appropriate for a new office-type building.
Just thought I'd say something that's been a buried in my brain for more than a decade!
My two problems with it are: 1) anyone who can get past the firewall and access the NFS servers at the network level can own you--read/write/delete...just connect directly to NFSD and make it your bitch^H^H^H^H^H^H^H^Hahem, do anything you want; 2) the performance of NFS is far far far less than optimal, compared to the performance of local filesystems, or even other distributed filesystems.
Just my opinions, but I've been doing large scale stuff for a very long time. And, again...I'm not complaining--it seems to perform quite well. I just have to think and write about these things all day, every day.
"There are currently six VA FullOns serving web pages from an NFS server, and three other web servers serving images. "
Far be it for me to question, but NFS?? Ew. If someone does penetrate your infrastructure that's just asking for trouble.
Anways, NFS' performance leaves a lot to be desired. Wouldn't it be better to just publish the data to each server? With 100/1000 Mbit networking even large datasets can be propagated quickly.
"They are probably much better off with the BSD box. Although it's not a good idea to advertise their security infrastructure layout to the world. (Hint, Hint, CmdrTaco!)"
I disagree 100%. Knowledge of an installation's infrastructure should never comprimise the security of the setup. If it does, then you're relying (to a certain extent) on security through obscurity. Security should be provided by a well thought out layered approach: network layering (multiple firewalls, screening routers, IDS, etc...), host-based security (tcp wrappers, service minimalization & replacement, tripwire, etc..), and application security (ie. authentication, verification, etc...)
In designing networking/server infrastructures it's best to think of it as an open source project, and you should be willing to get opinions and discussion from any number of sources that could include crackers who may at some point want to use that knowledge to attack your site. This is one of the things I like about TIS Gauntlet once upon a time..."crystal box" was the term they used to describe it.
You should prepare for an attack ASSUMING that the infiltrators know as much about your setup as you do. In the long run, if you know that your infrastructure can hold up to someone with that amount of knowledge, then you'll be doing pretty well.
My only question...did I actually see in a comment that they're using NFS to publish data to the distributed webservers??? Ew. Run.
-buffy
(Hmm...I seem to really like parentheticals, don't I? (well maybe not. (really!)))
You just know what's going to happen, right? Most people will probably not install the security patch, since they'll lose basic functionality which they need. Then, the next virus is going to come along and wreak additional havoc. Microsoft will then sit back and spout the excuse "nobody installed our patch--had they done what we said they should, all users would've been safe."
They're basically building in the excuse for the next round of virii to hit.
Slashdot Mirror
If it's on the corporate network (LAN/WAN/whatever) it's owned by the company. Expect no right to privacy whatsoever. There have been plenty of court cases which have upheld the right of corporate ownership in such cases. Minimally, a compay may be required to provide a statement of said ownership to it's employees, but that may not be necessary in many cases.
If you don't want the company to see it...don't do it on their network. Done. 'nough said.
This is not a new claim by far. You'll need to do a little bit of research on how their benchmarks were made. Specifically, IIS _is_ very good at serving static content, since it pretty much caches everything in memory, whereas Apache does not.
To simulate the same, partner Apache with the newer kernel-based khttpd, which is a kernel-space HTTP server, which will pretty much blow everything away for static content. Configuration is simple. You basically set it up so that static content (ie. flat HTML files, images, etc...) are served off the "accelerated" khttpd server, and everything else is sent to the Apache server.
Benchmarks are like voodoo--bad voodoo at that. Dell is showing you their voodoo from a given viewing angle, but anyone can grab it, rotate, flip, mangle, to their hearts content and get about whatever results they'd like to see.
In order to avoid this, spend an hour and figure out what _YOU_ consider to be important, and then test based on your values, an identical hardware configuration, using both IIS and Apache. These are the only results that should matter to you.
Don't allow yourself to be spoonfed what someone else thinks is important. Remember, they're a vendor...it's their job to make money off of you, not necessarily sell you the best, or right solutions.
-db
Had DC not jumped on the folk who "reverse engineered" their product (I think it's been stated enough that what they're claiming as their IP is pretty silly) then the community wouldn't be jumping on them. Since they jumped on the tactical legal representations of their position, I think that it's perfectly fair for the community to respond in return.
:) ) but if you wake the beast, expect to get bit.
/.'ers are not malicious people as a whole (myself excluded!!
I think the most humorous (read: maddening to some in the FBI) thing about this is the statement that Altivore was written in a period spanning three days, which indeed seems about right. If some congress person really wants to stick it to the FBI, start investigating how much time, money, and effort was spent developing Carnivore.
:)
These issues raise the questions of why did the FBI have to expend N amount of resources to develop their tech. The two answers that they can provide is: 1) Carnivore does more than they've said, or 2) it should've been outsourced to another company--it would've saved the tax payers a lot of money.
Obviously, with either answer, someone would have to be held accountable, and the FBI would, in the end, be paying for their questionable position on this subject by losing the sups, and directors who would take the blame. All in all, sounds good to me.
You're kind of missing the point. It's not so much that they _can't_ rip a layout from another site, just that it's considered common courtesy to provide some form of attribution to the source. This recognizes the hardwork of the person or persons who created the original.
In the case of most Open Source softwares, there is a legal obligation to provide the attribution (ie. GPL, Artistic License, etc...)
The question is if this legal oblication exists when copying the visual layout of a site. IMHO, this falls under the question of copyright. If linux.com posts an explicit copyright to the layout as well as the content of their site, then the obligation certainly does exist (if it doesn't precluse the rip alltogether.)
There's plenty of legal precedent in UI design regarding this kind of issue, so the point is moot somewhat.
No, will Linux.com/VA-Linux sue this guy? Probably not. Is the guy in the wrong on this one? Probably so.
I don't think that encouraging the use of name-based virtual servers is a bad idea per se, as long as they're flexible and accept the limitations when they're presented in a requirements request document.
In addition to the SSL restriction, if you're running a site, or sites, that use some form failsafe mechanisms for redundancy, you'll have some difficulties trying to do it with only a name-based VIP.
Again, as long as the policy is flexible, and defaults to allowing someone the address space if they justify it's need, then ok.
Unfortunately, I think we're all aware of the history involved, and I don't think the flexibility will be as available as necessary to make us happy.
Yes. It's to make the default installations convenient to a novice user, or one who doesn't really care. I believe that it's expected that a user past that point should be able to make the simple modifications necessary to close down a few services--it's one of the first things I figured out how to do.
My screen is not too bright, folks. I will also add my recommendation of the Video Essentials disc--it goes through just about everything you need to calibrate your system, both audio and video.
You guys seem to have my point wrong...the original post noted that the DVD was a thing of beauty, which it's not. There are tons of discs out there that are truly amazing, and their producers have spent hundreds of hours carefully managing the transfer. I'd recommend any of the Criterion edition disks as good examples.
I love Bladerunner, but have definitly seen the artifacts with my own eyes...they're there. I watched it last night just to make sure. I've also seen it on Laserdisc, and it's, plain and simply, a far better transfer. This isn't just my opinion, but is a common complaint on the DVD fan sites about this disc.
If you are not able to see the artifacts, please accept some, or all of the following: 1) your system isn't tuned properly, 2) your system is perhaps not capable of managing the full dynamics of the image playback of the DVD, or 3) you're eyes are not that good.
None of these are necessarily a bad thing, but I love this stuff, and it's my passion. I'm not saying these observations for a "my system is better than yours" feeling of satisfaction. I don't care about your system, only mine...which isn't perfect, but better than most, and makes _me_ happy...which is all I can ask.
Guys, not to rain on your parade, but DVDs are, by their nature, compressed--that means you lose data. If the transfer is done carefully, you get a wonderful looking image, but if not, you'll start to see artifacts in areas like large color blocks (and black areas which this DVD has plenty of!! :) )
Laserdisc doesn't have this same type of limitations. So, that's why a lot of picky people who have the choice may sometimes prefer it over DVD.
Not blowing smoke up your ass. Go read some of the DVD critique sites your ownselves, already. Just because YOUR eyes on YOUR system don't see the artifacting, doesn't me that MY eyes on MY (very expensive, very large system) won't.
The original DVD has a lot of compression artifacts and other issues that plagued a lot of early DVDs. I've heard more than just rumor that there is another transfer in the work that will be far superious, but I don't know when/where.
If you really want to see it and are looking for image quality, get the laserdisc.
-buff
I think the difference between the two examples lies in the intended purpose of the given instrument. Yeah, a car can be used to kill a person, but I think a reasonable person (ie. juror) could not conclude that the owner would know, beyond a reasonable doubt, that the intention of the thief would be to use the car for nefarious purposes. However, they still may be considered negligent, but that would be a prosecutorial determination made in applying charges.
A gun on the other hand, any form of negligence would be considered gross, since it's uses are limited.
I'm not a laywer, so these are just my feelings/opinions on the subject.
-buffy
As much as I'd like to agree, the opinion you express is somewhat sheltered. This is the era of big business, and the nice guy usually doesn't win.
:O
Would I prefer a more innocent world where competition existed in it's purest state, sure. I'd also like to swim naked with Christy Turlington is vat of warm peas. Sadly, neither is going to happen, and I'd be scared of a world where the latter could actually occur!
Anyways, private investigation, corporate espionage & sabotoge have occurred, are occuring, and will continue to occur for the visible future.
No, really, for simple PC-to-PC stuff, you really only need two (2) PCMCIA cards @ about $165 each. If you don't have PCMCIA slots, then you'll need to fork down another $130 for the PCI bridge. You do not necessarily need cell repeaters, bridges, antenna (not for short range).
-db
Wireless Ethernet has become so cheap and available, I'm not sure what the point is? Check out Lucent/Wavelan's offerings. For about $500US, I can get two PCMCIA cards, PCI bridges, and powered antennas that can do a couple of miles.
Check out http://www.wavelan.com/.
-buffy
Hmm...that doesn't sound quite right, tho. When a user tries to look up foo.com, if his/her local DNS does not say it is authorative, then that server refers to either it's "forwarder" servers (most probably don't have one,) and then it's root.cache file, which is a list of the root servers.
The root servers then lookup what DNSs should be authorative for the domain (as per InterNIC/NetSol/ICANN database) then refers the request to that server.
So, if you just setup your own DNS, and even have your friend's DNS acknowlege it's existance through some kind of secondary or forwarder configuration, joe user's request will still not ever make it.
-db
I honestly can't remember, and don't think anyone left here knows. Cool thing is that we got Levar Burton (forgive the spelling) to do some footage of the game. I remember seeing a lot of the work he did on our digital disc recorder after compositing was done.
This simply means that you were providing TLD service for your local systems. That doesn't mean that any other system on the net is going to know, or care, who the heck you and your systems are, unless there is an entry for them in the real TLDs.
Right?
-buffy
Sadly, I know the experience first hand. The company that I still work for (for the next 1.5 weeks that is...) used to be a cdrom company. Back in the days we dropped some serious coin developing a georgeous game, based on dolphins in space, none-the-less, but when the bottom of the cd-rom market, it was eventually shelved. A very sad thing, indeed. In the hayday we had a dual (perhaps triple) shifts of animators working on farms of SGIs, rendering 24x7x365 on a large SGI Challenge XL (bad ass machine of it's day.) After the fall, the SGIs became desktop machines for web programmers, and the XL had a short life as a really big and expensive web server. Not that we haven't done some really great work in the past couple of years, but now that I'm in my last days of employment there, I look back on that game with sadness and loss--the work that had been done would've been like nothing else you'd seen on the market. R*I*P Bluestar. The company is Magnet for those interested.
That's the exact same thing said about the election four years ago. Wouldn't that make it the first election the the Internet had a measurable influence upon? Clintion/Gore and the republican campaigns both went after the Internet populous with web sites, and raised issues that they believed mattered to us.
-buffy
A large number of machines in a cluster does not directly imply that the wiring and maintenence is going to be a mess. Perhaps if _you_ did it, but not if I did. I've worked on several large installation are there are right ways to do this stuff. It's not brain surgery.
There are very clean, and tested, methods to install large cabling installations, to handle large power requirements, etc... Certainly, the setup is complex, but that's the biz.
Think telco...go check out one of UUnet, Globalcenter, or Exodus' datacenters when you have a chance.
-Buffy
Ok, I'm gonna geek out here for a second and simply express myself.
Since I was a kid, I've always thought of designing my future home with walls that had removeable panel insets. Something akin to what I saw as a kid in Dr. Who's TARDIS, or on Star Trek's various ships (I did warn you that I was gonna geek out!)
These insets would be removable via some kind of leveraging mechanism. Perhaps even recessed lighting of some kind to give that "well lit, but no obvious source" look.
Yeah, it'd probably look pretty strange for a home, and perhaps more appropriate for a new office-type building.
Just thought I'd say something that's been a buried in my brain for more than a decade!
-buffy
My two problems with it are: 1) anyone who can get past the firewall and access the NFS servers at the network level can own you--read/write/delete...just connect directly to NFSD and make it your bitch^H^H^H^H^H^H^H^Hahem, do anything you want; 2) the performance of NFS is far far far less than optimal, compared to the performance of local filesystems, or even other distributed filesystems.
Just my opinions, but I've been doing large scale stuff for a very long time. And, again...I'm not complaining--it seems to perform quite well. I just have to think and write about these things all day, every day.
-Buffy
"There are currently six VA FullOns serving web pages from an NFS server, and three other web servers serving images. "
Far be it for me to question, but NFS?? Ew. If someone does penetrate your infrastructure that's just asking for trouble.
Anways, NFS' performance leaves a lot to be desired. Wouldn't it be better to just publish the data to each server? With 100/1000 Mbit networking even large datasets can be propagated quickly.
-buffy
"They are probably much better off with the BSD box. Although it's not a good idea to advertise their security infrastructure layout to the world. (Hint, Hint, CmdrTaco!)"
I disagree 100%. Knowledge of an installation's infrastructure should never comprimise the security of the setup. If it does, then you're relying (to a certain extent) on security through obscurity. Security should be provided by a well thought out layered approach: network layering (multiple firewalls, screening routers, IDS, etc...), host-based security (tcp wrappers, service minimalization & replacement, tripwire, etc..), and application security (ie. authentication, verification, etc...)
In designing networking/server infrastructures it's best to think of it as an open source project, and you should be willing to get opinions and discussion from any number of sources that could include crackers who may at some point want to use that knowledge to attack your site. This is one of the things I like about TIS Gauntlet once upon a time..."crystal box" was the term they used to describe it.
You should prepare for an attack ASSUMING that the infiltrators know as much about your setup as you do. In the long run, if you know that your infrastructure can hold up to someone with that amount of knowledge, then you'll be doing pretty well.
My only question...did I actually see in a comment that they're using NFS to publish data to the distributed webservers??? Ew. Run.
-buffy
(Hmm...I seem to really like parentheticals, don't I? (well maybe not. (really!)))
They're basically building in the excuse for the next round of virii to hit.
You've just gotta love 'em.