i never see anything above 0% when running software firewall. I think that the main catch is their dual FLASH system. They copy Linux image from read only FLASH to another one where Linux actually runs from. I am not sure about CPU performance savings, because they still need additional driver and USB 2.0 does not come cheap either.
They potentially can sell their chip to the producers of mother boards or even to the chip makers. But again small on board network processor and patch in TCP/IP will do the trick just the same and probably for less money
before switching to Linux about two years ago I used Kerio firewall on Windows and I did not experience performance issues. But Kerio is just a firewall. Norton and McAfee are both antivirus software with enterprise oriented features. They indeed slow the system down to the point when the box is not usable anymore. In the co i work now they use NOD32 (firewall and antivirus ?) to protect Windows desktops. May be this one is better.
i also wonder how they transfer 100 Mbits/s full duplex over USB (2.0 i guess) and still have reasonable performance on the host CPU. Even 20-50 Mbits/s WiFi dongle can degrade overall system performance quite meaningfully
Another problem I see is declared Linux performance running on the ARM (core of the Intel PXA family). In my measurements of performance of netfilter on 200MHz CPU i could not break 10Mbits/s. Do they have integrated network processor to accelerate packet forwarding ? Let's do some calculations. Assuming 64 bytes packets (line rate) we should handle approximately 200K packets/s or a packet every 5 micro. The system running at 500MHz executes an opcode (from cache) every 2 nano. We have approximately 2K opcodes locked in the cache to do the job of TCP/IP filtering, state full NAT and firewall and so on. Sounds like solvable, but far from trivial problem.
the company just burns approx 10 bil of USD in developing things of average or below average quality. why not to invest these cool 10 bil in biotech, for example, or genome research ?
btw the simple and somewhat cynical answer to the question above - nobody is really interested in keeping human lives long and productive. there are so many humans on the planet, that some say that there are too many.
I did more interesting trick. There were 6 elevators in the building where I used to work. Every morning I chose one of the elevators, went right there and waited near the doors without even checking other options, while the rest of waiting crowd grouped somewhere in the middle. Imagine expressions on the faces of tens people when MY clearly a "chosen one" elevator arrived first.
I've been in the theater with approximately 140 degrees view screen. The screen was literally all around you. I think that there were 5 or 6 projectors. The whole setup included water dispensers under the roof and odor dispensers. You really can feel smell of apples when watching a documentary about local farmers. The whole system was from Japan and relatively new - under 3 years. You can see edges between "screens" - pictures generated by the projectors. I have no idea how many pixels were there. Probably lot.
while i generally agree, that Ubuntu (and Linux desktops) require more work the situation with security in the MS Windows IS unbearable. About two years ago I said to myself that I am done with the firewalls/antiviruses and inability to browse the NET (or playing a video) without risk to turn my box into bot.
My point is that the security situation in the Windows world is already unbearable and is going to remain this way for some time.
Ubuntu on laptop - about 2 minutes here (if there is no annoying problem with ACPI). Can take much more if wirelless router is down - me thinks that there are long timeouts when waiting for DHCP/link up
similar story here. my mum is 60+, today she is a rather competent user of Internet browser (firefox+adblockplus really simplify the browsing by removing banners), housekeeping related forums. She watches movies on the same machine using Videolan. Indeed it took approximately 2 years to start using the computer. Today she is completely independent. She does not know how to fix things if something goes wrong, but Linux is fairly stable and she does not know root password.
And WiFi and dual screen mode are another major problems. Generally laptop support still lacks lot. But I have to mention, that two of my newer laptops arrived with OEM (?) Windows XP tailored/customized for the specific hardware. I would call these Windows XPs - distributions, because they are rather different. They come with different free software packages, different display managers, CD/DVD burning software, etc.
Imagine LCD screen with DRM enabled controller. The screen supports "end-to-end" encryption between the controller and DVD player. Now there are two ways to break the system
- video tape the screen itself losing quality on the way
- attempt to analyze the handshake between LCD and DVD
The second option can be made very hard by increasing clocks on the bus (you need special equipment to follow the handshake), adding redundant data and so on. While theoretically it is impossible to create uncrackable DRM, in reality a scheme can be created which makes the crack extremely hard. Of course, I made a couple of assumptions, including that the customer is willing to pay a premium for DRM enabled LCD.
The released key can be used only for the existing DVD disks - disks which are printed. This key can be revoked and new disks will be printed with new key. Now the question is how hard to find the key and how fast keys can be changed. Naturally it is possible to apply the same procedure again and again and break the new disks. How many different keys can be used in the manufacturing ? How fast manufactures can replace the keys.
I think, that in Israel at least half of PCs are sold without OS or with illegal copy of OS (actually I tend to believe, that the number is 2/3 or more). The same is true for countries like Russia, India, etc. When I say that Linux is free OS people answer me that Win OS is free too. The market for blank box exists at least in some countries. Start to install Linux on PCs and may be some customers will not figure out, that this is not Windows. Start to write two different prices for a box with and without WinOS and may be that $80 will do the trick of switching. Today you can find a laptop at $500. OS is 15% of this amount, higher than sale tax in most (any ?) US states.
"I expect to go to any computer retailer and be able to buy a computer without Windows pre-installed. "
Move to Israel then. It is hard to find a PC with Windows preinstalled here. You have to explicitly ask to install Win OS on the new PC and the store will charge you for the OS. Ok, let's say I slightly exaggerate, but only slightly. You can find HP or Dell PC with Windows in the OfficeDepot. But frankly, who is going to buy a PC in the OfficeDepot ? Quick comparison of prices in the online store vs. large store and your decision is obvious.
there are a LOT of people who are using pirated versions of Windows who would switch to something free if they couldn't pirate windows anymore
Very true. When i tell people about Linux supposedly strong argument that Linux is free simply does not work - Windows is free software for literally everybody besides enterprises.
Arguments like "be free of viruses", "have stable system" btw do not work either.
One of the main problems I encounter is unfortunate inability to positively answer question "Will it run on my laptop ABC? ". At this point I have to enter Linux forum and check Linux compatibility with this specific laptop model and not infrequently I see that the compatibility is only partial.
I very actively push Open Source solutions among my friends. I would say that probably I am annoying in this respect. I see that slowly perception of people changes. Among the recent examples when i demonstrated Krusader and the guy decided to try Ubuntu, because Linux has WindowsCommander like application. Another killer was when i formated USB storage device which Windows did not even see - apparently partition information was damaged. Think about it. Two very simple demos of abiliteis did the trick on converting.
Technically US owes to China about 0.6T (trillion) USD and counting. If China simply stops to buy those Treasuries US citizens will discover that their lifestyle is significantly less affordable. 30% of the US economy today is financial services. Above 60% of the US economy is "services". About zero of what they call "old industry". About 30% of the cars are not produced in the US. And so on. The list is infinite. War is not an option for the US. Neither is embargo. China is free to do whatever it likes. And you know I personally think that 1 bil people deserve it. They simply earned it.
Re:a Rose by any other name is still full of crap
on
IsoHunt Shut Down?
·
· Score: 1
A product is worth what people will pay for it, not what you think it should cost
...assuming free non-regulated market, where many producers and consumers present
Probably they do not like their servers to keep TCP connections for too long. Deliver the file over 1 Mb/s or better pipe and switch to the next customer. No "spoon feeding" for dial-up connections.
...for UDP protocols only. I did similar work in Rodi. The same info can be found on wikipedia - look for NAT Traversal
It does require a not NATed peer for initial hnadshake, but bandwidth overhead is minimal. Bottom line - there is no magic here. One point - such system will not be 100% reliable. In some cases you do need not NATed proxy for the whole session, not only initial handshake and here come costs
Typical "real-life" number for splitter is 16 fibers or less - depends on the distance. Top distance is in the are of 20 miles.
Verison can send VoD (video on demand) and only VoD thus sending only channels 16 subscribers watch currently. At 2GBits/s for 16 subscribers they have adequate pipe to push a couple of HiDef's to every one of them. They can (and probably will) employ multicast to deliver the same channel to more than one subscriber.
Among problems
- time it takes to switch between channels. After all this is Video over IP and requires buffers.
- compression
- loss of frames under heavy load (in general case VoIP requires end-to-end QoS)
- you watch the show not in "real-time". For example, it is likely that you will see that goal 5-10 seconds later than your neighbor.
- it is going to be much harder to avoid ads, because the data stream is compressed and packetized together with ads. No dead slot between movie and advertisement is going to happen. Ad remover will require some trickery with color palettes and is not going to be reliable.
- ads can be personalized. Verizon will know when and what you watch.
Currently, KVM is stable (at least with the guests we test:), and is fast enough for desktop use on recent processors. For server workloads, an optimized version of the MMU virtualization is needed. This is currently in progress.
KVM is available as a patch to recent Linux kernel versions and as an external module that can be used with your favorite distro- provided kernel. We are working to merge KVM into Linux so that the functionality is available with no hassle.
Working:
* Intel-based hosts (requires VT capable processors)
* AMD-based hosts (requires SVM capable processors)
* Linux guests (32-bit and 64-bit)
* Windows guests (32-bit)
* SMP hosts
In progress:
* Optimized MMU virtualization
Planned:
* SMP guests
What do I need to use kvm?
You will need an x86 machine running a recent Linux kernel on an Intel processor with VT (virtualization technology) extensions, or an AMD processor with SVM extensions (also called AMD-V).
What is Intel VT / AMD-V?
Intel VT and AMD's AMD-V are instruction set extensions that provide hardware assistance to virtual machine monitors. They enable running fully isolated virtual machines at native hardware speeds, for some workloads.
How can I tell if I have Intel VT or AMD-V?
With a recent enough Linux kernel, run the command:
egrep '^flags.*(vmx|svm)'/proc/cpuinfo
If something shows up, you have VT. You can also check the processor model name (in/proc/cpuinfo) in the vendor's web site.
Note that some manufacturers disable VT in the machine's BIOS, in such a way that it cannot be re-enabled.
What user space tools does kvm use?
kvm uses a slightly modified qemu program to instantiate the virtual machine. Once running, a virtual machine is just a regular process. You can use top(1), kill(1), taskset(1) and similar tools to manage virtual machines.
What virtual disk formats can kvm use?
kvm inherits a wealth of disk formats support from qemu; it supports raw images, the native qemu format (qcow), VMware format, and many more.
What is the difference between kvm and Xen?
Xen is an external hypervisor; it assumes control of the machine and divides resources among guests. On the other hand, kvm is part of Linux and uses the regular Linux scheduler and memory management. This means that kvm is much smaller and simpler to use.
On the other hand, Xen supports both full virtualization and a technique called paravirtualization, which allows better performance for modified guests. kvm does not at present support paravirtualization.
What is the difference between kvm and VMWare?
VMware is a proprietary product. kvm is Free Software released under the GPL.
What is the difference between kvm and QEMU?
Qemu uses emulation; kvm uses processor extensions for virtualization.
Do you have a port of kvm for Windows?
Not in this release.
What kernel version does it work with?
kvm should work with any recent kernel (2.6.16 and above, likely even earlier)
How much RAM do I need?
You will need enough memory to let the guest run comfortably while keeping enough for the host. 1GB is probably a minimum configuration for the host OS.
What OSs can I run inside kvm VM?
We have tested Linux (32/64 bit) and Windows (32 bit). Others may or may not work.
What happens if I kill -9 a VM process?
From the guest's perspective, it is as if you yanked the power cord out. From the host's perspective, the process is killed and all resources it uses are reclaimed.
Does kvm support SMP hosts?
Yes.
What is the procedure to install a Windows guest?
Currently Windows guest installation is broken. The problem arises from the APIC implementation. At the moment the APIC is emulated by qemu, which is not as tightly integrated to the kvm virtual cpu as it should be. There is work in progress to implement the APIC within kvm to fix the problem.
Until then, start qemu with the -noapic option. If you have a guest that uses the APIC HAL, the following workaround is suggested:
1. Run the guest without kvm (-no-kvm)
you will be shocked to learn how strict are requirements to the boot time in the telecommunication equipment, for example. Downtime of under one hour/year (includes software upgrades/maintenance) and 99.999% (five nines) reliability typically assume boot time on the order of single digit number of seconds.
the boot can include also recognition of new blades inserted into the shelf, setup of switch matrix with 100s of kilobytes chip memory with slow (I2C in many cases) indirect access, basic HW tests, etc.
A board on my table boots from FTP server (!) in less than 10 seconds (about 16M image).
But these devices "know" to do only one thing. The hardware drivers are relatively simple and are not expected to support 3 generations of the same OS and tens of different video cards. All software from the very beginning was developed around performance/short boot times.
Size of the software is not a DVD disk (re Vista) either.
very likely your setup requires some data from the network. Among examples - antivirus updates, mail server, "desktop" files (icons/temp files) are stored on server instead of local disk, too many shared drives and deep tree of shared folders on your disk and on the server you connected too.
Last, but not least - probably there are too many Windows machines sitting in the same subnet. I would say, that 10-20 Win32 desktops in the same subnet is rather close to "red line" after which torrent of broadcast packets tends to be non-handable. This specific problem of the "NT technology inside" can be prevented by using firewall (not the default Win32 firewall, but addtional firewall), disabling UpNP and NetBIOS, etc. I would also connect a sniffer to the hub (not Ethernet switch, but hub) where your PC is connected and check the traffic.
Slashdot Mirror
They potentially can sell their chip to the producers of mother boards or even to the chip makers. But again small on board network processor and patch in TCP/IP will do the trick just the same and probably for less money
before switching to Linux about two years ago I used Kerio firewall on Windows and I did not experience performance issues. But Kerio is just a firewall. Norton and McAfee are both antivirus software with enterprise oriented features. They indeed slow the system down to the point when the box is not usable anymore. In the co i work now they use NOD32 (firewall and antivirus ?) to protect Windows desktops. May be this one is better.
Another problem I see is declared Linux performance running on the ARM (core of the Intel PXA family). In my measurements of performance of netfilter on 200MHz CPU i could not break 10Mbits/s. Do they have integrated network processor to accelerate packet forwarding ? Let's do some calculations. Assuming 64 bytes packets (line rate) we should handle approximately 200K packets/s or a packet every 5 micro. The system running at 500MHz executes an opcode (from cache) every 2 nano. We have approximately 2K opcodes locked in the cache to do the job of TCP/IP filtering, state full NAT and firewall and so on. Sounds like solvable, but far from trivial problem.
btw the simple and somewhat cynical answer to the question above - nobody is really interested in keeping human lives long and productive. there are so many humans on the planet, that some say that there are too many.
I did more interesting trick. There were 6 elevators in the building where I used to work. Every morning I chose one of the elevators, went right there and waited near the doors without even checking other options, while the rest of waiting crowd grouped somewhere in the middle. Imagine expressions on the faces of tens people when MY clearly a "chosen one" elevator arrived first.
I've been in the theater with approximately 140 degrees view screen. The screen was literally all around you. I think that there were 5 or 6 projectors. The whole setup included water dispensers under the roof and odor dispensers. You really can feel smell of apples when watching a documentary about local farmers. The whole system was from Japan and relatively new - under 3 years. You can see edges between "screens" - pictures generated by the projectors. I have no idea how many pixels were there. Probably lot.
My point is that the security situation in the Windows world is already unbearable and is going to remain this way for some time.
Ubuntu on laptop - about 2 minutes here (if there is no annoying problem with ACPI). Can take much more if wirelless router is down - me thinks that there are long timeouts when waiting for DHCP/link up
similar story here. my mum is 60+, today she is a rather competent user of Internet browser (firefox+adblockplus really simplify the browsing by removing banners), housekeeping related forums. She watches movies on the same machine using Videolan. Indeed it took approximately 2 years to start using the computer. Today she is completely independent. She does not know how to fix things if something goes wrong, but Linux is fairly stable and she does not know root password.
And WiFi and dual screen mode are another major problems. Generally laptop support still lacks lot. But I have to mention, that two of my newer laptops arrived with OEM (?) Windows XP tailored/customized for the specific hardware. I would call these Windows XPs - distributions, because they are rather different. They come with different free software packages, different display managers, CD/DVD burning software, etc.
- video tape the screen itself losing quality on the way
- attempt to analyze the handshake between LCD and DVD
The second option can be made very hard by increasing clocks on the bus (you need special equipment to follow the handshake), adding redundant data and so on. While theoretically it is impossible to create uncrackable DRM, in reality a scheme can be created which makes the crack extremely hard. Of course, I made a couple of assumptions, including that the customer is willing to pay a premium for DRM enabled LCD.
The released key can be used only for the existing DVD disks - disks which are printed. This key can be revoked and new disks will be printed with new key. Now the question is how hard to find the key and how fast keys can be changed. Naturally it is possible to apply the same procedure again and again and break the new disks. How many different keys can be used in the manufacturing ? How fast manufactures can replace the keys.
I think, that in Israel at least half of PCs are sold without OS or with illegal copy of OS (actually I tend to believe, that the number is 2/3 or more). The same is true for countries like Russia, India, etc. When I say that Linux is free OS people answer me that Win OS is free too. The market for blank box exists at least in some countries. Start to install Linux on PCs and may be some customers will not figure out, that this is not Windows. Start to write two different prices for a box with and without WinOS and may be that $80 will do the trick of switching. Today you can find a laptop at $500. OS is 15% of this amount, higher than sale tax in most (any ?) US states.
Move to Israel then. It is hard to find a PC with Windows preinstalled here. You have to explicitly ask to install Win OS on the new PC and the store will charge you for the OS. Ok, let's say I slightly exaggerate, but only slightly. You can find HP or Dell PC with Windows in the OfficeDepot. But frankly, who is going to buy a PC in the OfficeDepot ? Quick comparison of prices in the online store vs. large store and your decision is obvious.
Very true. When i tell people about Linux supposedly strong argument that Linux is free simply does not work - Windows is free software for literally everybody besides enterprises.
Arguments like "be free of viruses", "have stable system" btw do not work either.
One of the main problems I encounter is unfortunate inability to positively answer question "Will it run on my laptop ABC? ". At this point I have to enter Linux forum and check Linux compatibility with this specific laptop model and not infrequently I see that the compatibility is only partial.
I very actively push Open Source solutions among my friends. I would say that probably I am annoying in this respect. I see that slowly perception of people changes. Among the recent examples when i demonstrated Krusader and the guy decided to try Ubuntu, because Linux has WindowsCommander like application. Another killer was when i formated USB storage device which Windows did not even see - apparently partition information was damaged. Think about it. Two very simple demos of abiliteis did the trick on converting.
Linux is free ? Ok, who cares ?
Technically US owes to China about 0.6T (trillion) USD and counting. If China simply stops to buy those Treasuries US citizens will discover that their lifestyle is significantly less affordable. 30% of the US economy today is financial services. Above 60% of the US economy is "services". About zero of what they call "old industry". About 30% of the cars are not produced in the US. And so on. The list is infinite. War is not an option for the US. Neither is embargo. China is free to do whatever it likes. And you know I personally think that 1 bil people deserve it. They simply earned it.
...assuming free non-regulated market, where many producers and consumers present
IE 6.0 and Windows are required. DRM ?
It does require a not NATed peer for initial hnadshake, but bandwidth overhead is minimal. Bottom line - there is no magic here. One point - such system will not be 100% reliable. In some cases you do need not NATed proxy for the whole session, not only initial handshake and here come costs
...for UDP protocols only. I did similar work in Rodi. The same info can be found on wikipedia - look for NAT Traversal
Verison can send VoD (video on demand) and only VoD thus sending only channels 16 subscribers watch currently. At 2GBits/s for 16 subscribers they have adequate pipe to push a couple of HiDef's to every one of them. They can (and probably will) employ multicast to deliver the same channel to more than one subscriber.
Among problems
- time it takes to switch between channels. After all this is Video over IP and requires buffers.
- compression
- loss of frames under heavy load (in general case VoIP requires end-to-end QoS)
- you watch the show not in "real-time". For example, it is likely that you will see that goal 5-10 seconds later than your neighbor.
- it is going to be much harder to avoid ads, because the data stream is compressed and packetized together with ads. No dead slot between movie and advertisement is going to happen. Ad remover will require some trickery with color palettes and is not going to be reliable.
- ads can be personalized. Verizon will know when and what you watch.
betamax is probably another one - see thread above
Currently, KVM is stable (at least with the guests we test :), and is fast enough for desktop use on recent processors. For server workloads, an optimized version of the MMU virtualization is needed. This is currently in progress.
KVM is available as a patch to recent Linux kernel versions and as an external module that can be used with your favorite distro- provided kernel. We are working to merge KVM into Linux so that the functionality is available with no hassle.
Working:
* Intel-based hosts (requires VT capable processors)
* AMD-based hosts (requires SVM capable processors)
* Linux guests (32-bit and 64-bit)
* Windows guests (32-bit)
* SMP hosts
In progress:
* Optimized MMU virtualization
Planned:
* SMP guests
What do I need to use kvm?
You will need an x86 machine running a recent Linux kernel on an Intel processor with VT (virtualization technology) extensions, or an AMD processor with SVM extensions (also called AMD-V).
What is Intel VT / AMD-V?
Intel VT and AMD's AMD-V are instruction set extensions that provide hardware assistance to virtual machine monitors. They enable running fully isolated virtual machines at native hardware speeds, for some workloads.
How can I tell if I have Intel VT or AMD-V?
With a recent enough Linux kernel, run the command:
egrep '^flags.*(vmx|svm)' /proc/cpuinfo
If something shows up, you have VT. You can also check the processor model name (in /proc/cpuinfo) in the vendor's web site.
Note that some manufacturers disable VT in the machine's BIOS, in such a way that it cannot be re-enabled.
What user space tools does kvm use?
kvm uses a slightly modified qemu program to instantiate the virtual machine. Once running, a virtual machine is just a regular process. You can use top(1), kill(1), taskset(1) and similar tools to manage virtual machines.
What virtual disk formats can kvm use?
kvm inherits a wealth of disk formats support from qemu; it supports raw images, the native qemu format (qcow), VMware format, and many more.
What is the difference between kvm and Xen?
Xen is an external hypervisor; it assumes control of the machine and divides resources among guests. On the other hand, kvm is part of Linux and uses the regular Linux scheduler and memory management. This means that kvm is much smaller and simpler to use.
On the other hand, Xen supports both full virtualization and a technique called paravirtualization, which allows better performance for modified guests. kvm does not at present support paravirtualization.
What is the difference between kvm and VMWare?
VMware is a proprietary product. kvm is Free Software released under the GPL.
What is the difference between kvm and QEMU?
Qemu uses emulation; kvm uses processor extensions for virtualization.
Do you have a port of kvm for Windows?
Not in this release.
What kernel version does it work with?
kvm should work with any recent kernel (2.6.16 and above, likely even earlier)
How much RAM do I need?
You will need enough memory to let the guest run comfortably while keeping enough for the host. 1GB is probably a minimum configuration for the host OS.
What OSs can I run inside kvm VM?
We have tested Linux (32/64 bit) and Windows (32 bit). Others may or may not work.
What happens if I kill -9 a VM process?
From the guest's perspective, it is as if you yanked the power cord out. From the host's perspective, the process is killed and all resources it uses are reclaimed.
Does kvm support SMP hosts?
Yes.
What is the procedure to install a Windows guest?
Currently Windows guest installation is broken. The problem arises from the APIC implementation. At the moment the APIC is emulated by qemu, which is not as tightly integrated to the kvm virtual cpu as it should be. There is work in progress to implement the APIC within kvm to fix the problem.
Until then, start qemu with the -noapic option. If you have a guest that uses the APIC HAL, the following workaround is suggested:
1. Run the guest without kvm (-no-kvm)
the boot can include also recognition of new blades inserted into the shelf, setup of switch matrix with 100s of kilobytes chip memory with slow (I2C in many cases) indirect access, basic HW tests, etc.
A board on my table boots from FTP server (!) in less than 10 seconds (about 16M image).
But these devices "know" to do only one thing. The hardware drivers are relatively simple and are not expected to support 3 generations of the same OS and tens of different video cards. All software from the very beginning was developed around performance/short boot times.
Size of the software is not a DVD disk (re Vista) either.
Last, but not least - probably there are too many Windows machines sitting in the same subnet. I would say, that 10-20 Win32 desktops in the same subnet is rather close to "red line" after which torrent of broadcast packets tends to be non-handable. This specific problem of the "NT technology inside" can be prevented by using firewall (not the default Win32 firewall, but addtional firewall), disabling UpNP and NetBIOS, etc. I would also connect a sniffer to the hub (not Ethernet switch, but hub) where your PC is connected and check the traffic.
On all other non google.com WEB sites adblock with rule http://pagead2/ will do wonders (Adblock plus conveniently comes with this rule preinstalled)