It's possible to work effectively without an internet connection if you download all the documentation packages locally in advance. There will always be small things you have to google though, so there may be some extra guesswork when off line. And the colleagues may expect to have contact by email.
With all the local storage available now, someone should write a Firefox plugin that saves every page you visit, preferably with different versions, so you can access them off line. I haven't seen one though.
As you were asking for experiences, I use TrueCrypt for my laptop and eCryptfs on the desktop, along with LUKS encrypted swap and/tmp on a tmpfs.
More importantly, *use long passwords* ! Systems like TrueCrypt try to make offline attacks difficult (see the docs)
1000 iterations (or 2000 iterations when HMAC-RIPEMD-160 is used as the underlying hash function) of the key derivation function have to be performed to derive a header key, which increases the time necessary to perform an exhaustive search for passwords (i.e., brute force attack)
It's still an offline attack, meaning that someone can image your drive and have at it, without you even knowing (again, they would probably be better off installing a key logger in this case though). There are huge databases of passwords on line, and it's possible to design dictionary-based attacks which are much more efficient than brute force.
Full disk is probably better, but it should be sufficient to encrypt/tmp, swap,/var/tmp.
Without full disk encryption are also more vulnerable to attacks where the attacker installs a keylogger or back door on the non-encrytped part. The difference is only in the amount of work that the attacker has to do, as there is always some part of the bootloader that remains un-encrypted. Windows Bitlocker provides additional protection against this by using the TPM. In reality, though, you should wipe the hard drive and possibly discard the whole system if it got taken by an attacker and then returned to you (if this is a concern, never leave a laptop in an insecure place).
eCryptfs, commonly used for home directory encryption, encrypts files individually on the fly and then stores the encrypted files on an un-encrypted file system. The file names are encrypted, but an attacker still has access to approximate file sizes, directory structure, etc. A more important downside of eCryptfs is that it has a significant performance penalty relative to full disk encryption. This is especially noticeable when scanning the directory tree, such as when using rsync. The reason for the difference is that eCryptfs has to access the header of every file (not sure about the exact terminology, some API call).
For plain LVM software RAID or hardware RAID it should be sufficient to encrypt the virtual RAID device. This is faster than encrypting the constituent drives individually.
Truecrypt recommends against using SSDs because the wear-leveling algorithm can cause old data still to be present in flash, even when logically deleted. When using a new drive without any unencrypted data, it should be fine to use an SSD, at least when considering the scenario of someone stealing the device.
For advanced filesystems with built-in RAID, like btrfs and ZFS, you can't encrypt the virtual RAID'ed device. The choice is between encrypting the underlying drives individually, causing more work for the CPU when writing, and using eCryptfs, causing more random reads when scanning through directories. In the first case, the attacker will have access to approximately the same plaintext encrypted with different keys, but there is no known attack where that is an advantage.
The problem is that you can't benchmark "snappiness". It's easy to count the number of seconds it takes to boot, and distro developers seem to get fixated on that. Response time involves CPU scheduling and throttling, the graphics subsystem, I/O scheduling, prefetching, caching, etc. (probably too obvious to be "insightful", but I'll post it anyway)
outbound traffic costs them money while in-house traffic is virtually free. You will never equalize the costs of internal and external services.
Not true for wireless. The bottleneck is towers and uplink bandwidth back to the central office. Why else would wireless service be so much more limited than wired ?
Bye bye gnome, bye bye kde, awesome / xfce / ratpoison are the way to go.
A bit off topic, but are anyone actually using tiling window managers on high-resolution monitors and/or multi-monitor setups? I tried Awesome on my "Frankenstein" dual screens with one 1920x1200 and one 1280x1024, but none of the layouts were great.. Dividing the screen in two columns made the columns too large on the big screen, and in the three-column layout, the editors became split vertically when I had many windows open (I want to have the full height of the screen for editing code of course). I'm happy with KDE, but I'd be interested to hear from someone with experience.
As MusicOS said above, sort by file size first, then you don't have to hash every file, just the ones that have equal size. Still going to be slow, though.
Assuming fully sequential access, reading 5 TB of data at 100 MB/s takes 14 hours. With a mean file size of 1 M, you probably have a lot of tiny files and a few big files. The access will be far from sequential, so the access time will be many times greater. Don't expect it to be quick.
I would probably cook some script together with Cygwin, md5sum and find, but if you have duplicated *directories*, you may have to get smarter. With a simple script (i may post one later if nobody else has a better idea) , the end-result would be a list of files with identical hashes, and you'd have to decide what do to about them. [I would actually use a filesystem with built-in deduplication, like ZFS, and failing that I would write a script to hard-link identical files. But it's kind of limited what you can do on Windows]
Unrelated question: what connector would you use to feed them 3D at 50/60 Hz (so really, 100/120 Hz) at the native resolution?
It's in the article. Sorry I didn't see it:
Perhaps most worryingly, the 55ZL2 only accepts 4K video input through Toshiba’s proprietary “digital serial port” — and the only device that outputs to a digital serial port is Toshiba’s own professional, very expensive media servers. Hopefully the 84-inch model will accept 4K over HDMI, like the Sony and LG UHDTVs.
It's not "Ultra" HD, they should use "Very" HD for 4K then they can use "Ultra" for 8K. Now they have to start calling the next ones XSUHDTV (eXtra Super Ultra) etc..
Unrelated question: what connector would you use to feed them 3D at 50/60 Hz (so really, 100/120 Hz) at the native resolution?
Good idea for the Russians, they should avoid syncing their state secrets to the cloud. They better be sure that there are no back doors left in, but they probably use Windows too. I don't think even the CIA would use basic Android for their spies.
In Norway, all banks use a common login-system called BankID (a joint-developed PKI solution).
It's nothing new that banks require insecure technology. Remember things like "this page only runs on IE"? Anyway, what you say is incorrect, I have an account with Storebrand and they only have a key generator dongle, not a smart card. I would also argue that moving an entire country to two-factor authentication is a net security *win*.
In practice, targeted ads are horrible. I've been getting ads for phone plans for 3 months, since I started looking for a contract. I bought one 2 months ago, but they haven't stopped. I would rent a VM somewhere to run some various services if it was really cheap, but all I see are ads for web hosting. And then I see Pedobear trying to sell me some kind of insurance on slashdot. (and no, I'm not a pedo)
In theory, targeted ads are slightly better than normal ads. I don't mind getting untargeted ads as long as I can skip them. That's the best targeting: I get to decide what is interesting. I don't buy the whole idea that information is so helpful to show ads. There's too many unknowns, which could only be known by a hyper-invasive system. If there was a voluntary registration of age, gender, interestst, economic situation, location, preferences, etc (which would be a good idea IMHO), I would just put "generic" on all .
You can't beat free. It varies a lot from place to place, but the stuff you get for free over the air in the UK is all I need for TV and almost for films too (I have a large backlog of things I "should" have watched, but haven't). I don't mind ads, I have a "skip forward" button for when I have seen them before or they aren't interesting (cars, "lady products", etc). Of course, you can beat free with free, i.e. torrents, but I've been trying to go legal lately.
More generally, I wonder if there is some theory about what should be exempted from "free speech"? To me, it seems very arbitrary in many western countries: threats is the big one, harassment, "yelling fire", copyright, trade secrets, circumvention devices, military secrets, privacy laws. I realise that it's not possible to derive a legal system from basic axioms, but it always seems a bit hypocritical when someone complains about some "decency" law in a backwards country. How do we know that prohibiting threats is good for society?
It's a bit like wireless networks. Wired connections offer better speed an reliability, yet many people use wireless even when a cable is directly available. "Normal" people seem to have an aversion to wires
Maybe obvious, but if my experience with remote controls is anything to go by, touch screens suck when you're not looking at them. I'd definitely want to have a good number of buttons around.
The audio/video compression patents are quite technical and detailed. I have to admit, though, that it's very satisfying to live in a country without SW patents and just ignore them. Yeah "might be illegal, what ever", now play me some MP3s! I suspect that they aren't encouraging that much innovation anyway, as so many companies benefit from high quality video delivery in other ways than licensing fees.
I would like to stay with AMD because they don't usually limit the features to the high-end or server CPUs. For example, I can use ECC on my workstation. Performance matters, though, and it doesn't seem great unless they do something like 20 cores for a reasonable price.
AMD are quite good about open drivers (well, 0/4 steam games work for me, Portal sort of works, but everything non-windows gaming is great). Get the Intel for the better speed, it will still be a lot faster than the AMD, but don't expect the GPU to be a lot better.
Slashdot Mirror
It's possible to work effectively without an internet connection if you download all the documentation packages locally in advance. There will always be small things you have to google though, so there may be some extra guesswork when off line. And the colleagues may expect to have contact by email.
With all the local storage available now, someone should write a Firefox plugin that saves every page you visit, preferably with different versions, so you can access them off line. I haven't seen one though.
As you were asking for experiences, I use TrueCrypt for my laptop and eCryptfs on the desktop, along with LUKS encrypted swap and /tmp on a tmpfs.
More importantly, *use long passwords* ! Systems like TrueCrypt try to make offline attacks difficult (see the docs)
1000 iterations (or 2000 iterations when HMAC-RIPEMD-160 is used as the underlying hash function) of the key derivation function have to be performed to derive a header key, which increases the time necessary to perform an exhaustive search for passwords (i.e., brute force attack)
It's still an offline attack, meaning that someone can image your drive and have at it, without you even knowing (again, they would probably be better off installing a key logger in this case though). There are huge databases of passwords on line, and it's possible to design dictionary-based attacks which are much more efficient than brute force.
Full disk is probably better, but it should be sufficient to encrypt /tmp, swap, /var/tmp.
Without full disk encryption are also more vulnerable to attacks where the attacker installs a keylogger or back door on the non-encrytped part. The difference is only in the amount of work that the attacker has to do, as there is always some part of the bootloader that remains un-encrypted. Windows Bitlocker provides additional protection against this by using the TPM. In reality, though, you should wipe the hard drive and possibly discard the whole system if it got taken by an attacker and then returned to you (if this is a concern, never leave a laptop in an insecure place).
eCryptfs, commonly used for home directory encryption, encrypts files individually on the fly and then stores the encrypted files on an un-encrypted file system. The file names are encrypted, but an attacker still has access to approximate file sizes, directory structure, etc. A more important downside of eCryptfs is that it has a significant performance penalty relative to full disk encryption. This is especially noticeable when scanning the directory tree, such as when using rsync. The reason for the difference is that eCryptfs has to access the header of every file (not sure about the exact terminology, some API call).
For plain LVM software RAID or hardware RAID it should be sufficient to encrypt the virtual RAID device. This is faster than encrypting the constituent drives individually.
Truecrypt recommends against using SSDs because the wear-leveling algorithm can cause old data still to be present in flash, even when logically deleted. When using a new drive without any unencrypted data, it should be fine to use an SSD, at least when considering the scenario of someone stealing the device.
For advanced filesystems with built-in RAID, like btrfs and ZFS, you can't encrypt the virtual RAID'ed device. The choice is between encrypting the underlying drives individually, causing more work for the CPU when writing, and using eCryptfs, causing more random reads when scanning through directories. In the first case, the attacker will have access to approximately the same plaintext encrypted with different keys, but there is no known attack where that is an advantage.
The problem is that you can't benchmark "snappiness". It's easy to count the number of seconds it takes to boot, and distro developers seem to get fixated on that. Response time involves CPU scheduling and throttling, the graphics subsystem, I/O scheduling, prefetching, caching, etc. (probably too obvious to be "insightful", but I'll post it anyway)
outbound traffic costs them money while in-house traffic is virtually free. You will never equalize the costs of internal and external services.
Not true for wireless. The bottleneck is towers and uplink bandwidth back to the central office. Why else would wireless service be so much more limited than wired ?
Bye bye gnome, bye bye kde, awesome / xfce / ratpoison are the way to go.
A bit off topic, but are anyone actually using tiling window managers on high-resolution monitors and/or multi-monitor setups? I tried Awesome on my "Frankenstein" dual screens with one 1920x1200 and one 1280x1024, but none of the layouts were great.. Dividing the screen in two columns made the columns too large on the big screen, and in the three-column layout, the editors became split vertically when I had many windows open (I want to have the full height of the screen for editing code of course). I'm happy with KDE, but I'd be interested to hear from someone with experience.
As MusicOS said above, sort by file size first, then you don't have to hash every file, just the ones that have equal size. Still going to be slow, though.
Assuming fully sequential access, reading 5 TB of data at 100 MB/s takes 14 hours. With a mean file size of 1 M, you probably have a lot of tiny files and a few big files. The access will be far from sequential, so the access time will be many times greater. Don't expect it to be quick.
I would probably cook some script together with Cygwin, md5sum and find, but if you have duplicated *directories*, you may have to get smarter. With a simple script (i may post one later if nobody else has a better idea) , the end-result would be a list of files with identical hashes, and you'd have to decide what do to about them. [I would actually use a filesystem with built-in deduplication, like ZFS, and failing that I would write a script to hard-link identical files. But it's kind of limited what you can do on Windows]
So can we assume that TPB including the new VPN service is a honeypot now?
Unrelated question: what connector would you use to feed them 3D at 50/60 Hz (so really, 100/120 Hz) at the native resolution?
It's in the article. Sorry I didn't see it:
Perhaps most worryingly, the 55ZL2 only accepts 4K video input through Toshiba’s proprietary “digital serial port” — and the only device that outputs to a digital serial port is Toshiba’s own professional, very expensive media servers. Hopefully the 84-inch model will accept 4K over HDMI, like the Sony and LG UHDTVs.
It's not "Ultra" HD, they should use "Very" HD for 4K then they can use "Ultra" for 8K. Now they have to start calling the next ones XSUHDTV (eXtra Super Ultra) etc ..
Unrelated question: what connector would you use to feed them 3D at 50/60 Hz (so really, 100/120 Hz) at the native resolution?
Good idea for the Russians, they should avoid syncing their state secrets to the cloud. They better be sure that there are no back doors left in, but they probably use Windows too. I don't think even the CIA would use basic Android for their spies.
In Norway, all banks use a common login-system called BankID (a joint-developed PKI solution).
It's nothing new that banks require insecure technology. Remember things like "this page only runs on IE"? Anyway, what you say is incorrect, I have an account with Storebrand and they only have a key generator dongle, not a smart card. I would also argue that moving an entire country to two-factor authentication is a net security *win*.
In practice, targeted ads are horrible. I've been getting ads for phone plans for 3 months, since I started looking for a contract. I bought one 2 months ago, but they haven't stopped. I would rent a VM somewhere to run some various services if it was really cheap, but all I see are ads for web hosting. And then I see Pedobear trying to sell me some kind of insurance on slashdot. (and no, I'm not a pedo)
In theory, targeted ads are slightly better than normal ads. I don't mind getting untargeted ads as long as I can skip them. That's the best targeting: I get to decide what is interesting. I don't buy the whole idea that information is so helpful to show ads. There's too many unknowns, which could only be known by a hyper-invasive system. If there was a voluntary registration of age, gender, interestst, economic situation, location, preferences, etc (which would be a good idea IMHO), I would just put "generic" on all .
You can't beat free. It varies a lot from place to place, but the stuff you get for free over the air in the UK is all I need for TV and almost for films too (I have a large backlog of things I "should" have watched, but haven't). I don't mind ads, I have a "skip forward" button for when I have seen them before or they aren't interesting (cars, "lady products", etc). Of course, you can beat free with free, i.e. torrents, but I've been trying to go legal lately.
More generally, I wonder if there is some theory about what should be exempted from "free speech"? To me, it seems very arbitrary in many western countries: threats is the big one, harassment, "yelling fire", copyright, trade secrets, circumvention devices, military secrets, privacy laws. I realise that it's not possible to derive a legal system from basic axioms, but it always seems a bit hypocritical when someone complains about some "decency" law in a backwards country. How do we know that prohibiting threats is good for society?
It's a bit like wireless networks. Wired connections offer better speed an reliability, yet many people use wireless even when a cable is directly available. "Normal" people seem to have an aversion to wires
The geomagnetic field is quite weak compared to almost anything
Thanks for the info. I suppose I should have known that, but didn't.
So they went to 2.6 for the previous major version and now they're going to 3.30? How is that not a longer wait?
Maybe obvious, but if my experience with remote controls is anything to go by, touch screens suck when you're not looking at them. I'd definitely want to have a good number of buttons around.
When I woke up this morning my Fedora install was wiped and an apple logo and the word "DIE!" was spray-painted on my screen.
The audio/video compression patents are quite technical and detailed. I have to admit, though, that it's very satisfying to live in a country without SW patents and just ignore them. Yeah "might be illegal, what ever", now play me some MP3s! I suspect that they aren't encouraging that much innovation anyway, as so many companies benefit from high quality video delivery in other ways than licensing fees.
Will it be faster than the Phenom II 985?
I would like to stay with AMD because they don't usually limit the features to the high-end or server CPUs. For example, I can use ECC on my workstation. Performance matters, though, and it doesn't seem great unless they do something like 20 cores for a reasonable price.
AMD are quite good about open drivers (well, 0/4 steam games work for me, Portal sort of works, but everything non-windows gaming is great). Get the Intel for the better speed, it will still be a lot faster than the AMD, but don't expect the GPU to be a lot better.