One thing many/. don't seem to understand is that Microsoft is and has always been a market-driven company (except when the courts interfere).
There are two things CIOs like: Single-source support, and Linux servers. With this deal, Microsoft can provide both; what's good for the client is good for Microsoft. Novell gets access to Microsoft's enterprise install base; what's good for the client is good for Novell.
Servers aren't that big a share of Microsoft's profit, so it improves it's standing in the market without risking anything significant. This is a win-win-win deal.
1) Seagate will point out that they told you the data would be lost if you lost the password. It has nothing to do with selling you another drive—they really can't recover your data.
2) The third party service will tell you that you are SOL. Unless you have a great deal of money and a few thousand years, they won't be able to crack it. Alternatively, they'll charge you for a run at cracking it that might work if you had a truly stupid passphrase. If you had a decent passphrase, the data is gone forever.
3) Losing your passphrase is like a head crash. If you aren't prepared for it, you deserve what you get. On the other hand, you don't have to trash the drive; you can reset it and start over.
This phenomenon is a result of the political left-shift in American coastal states during the time that the under-loaded men were in their formative years.
As many have observed, leftisch women have higher testosterone levels than their men. This transference could well be psychosomatic.
It's interesting that these researchers are taking data collected in Boston and generalizing it to the American male population. We're going to guess that they live in Boston. It's not a big leap to suggest that the same study done in Montana could have very different results.
What vtcodger describes is a situation where the whole machine is, at least temporarily, dedicated to processing a single I/O set. This isn't relevant to the topic. In any case, the usual logic in this case is that the polling loop is initiated as a response to the first I/O interrupt and the interrupt is masked until the loop is exhausted—a mixed strategy. I recall having to do that to read satellite telemetry, and to read paper tape from a reader that, at full speed, couldn't stop between characters. (If you think buffer overflows are a problem now....)
Of course there is another case, necessary with some primitive gear that had no interrupts; you'd insert polls all over your code, wherever it was safe to pause to see if something had happened. I haven't had to write that kind of code since 1965. In 1966 I got a table-top PDP-8 with an (RT-64?) card that gave me 64 priority, buffered, maskable, software-triggerable interrupts; I never looked back.
I'll bow to vtcodger's experience with the PC. I wrote a lot of assembler for the PC, but it was always on top of DOS, so I have no idea what hassles I/O programmers went through to make it work.
I'll have to take it on faith that some idiot designed an I/O port without an interrupt. As to the rest:
What amazing nonsense!
I was designing I/O devices and writing real-time I/O code before there were computer science teachers or courses. Assuming competent code, polling is always more resource-intensive than interrupts (all of the polling code is a net add—there is no interrupt code that it replaces). If race conditions exist in the environment, neither polling nor interrupts will fix them. Polling, on the other hand, can exacerbate the problem by not responding to high-priority events quickly enough.
The only problem with interrupts is that it takes more skill to design software around them and, when you screw up, debugging can be very interesting. In an environment that values self-esteem over competence, it's probably best to poll.
Levy's an idiot. He takes the stat that 60% of CDs are ripped and concludes that CDs are becoming useless. Hey Alain! We want the CDs to rip from for the same reason we used to dub our vinyl to tape. The CD's versatility is why 70% of music sales are from CDs. Don't piss off 42% of your market.
There's an architectural principle that says if you find a path across the grass, don't block it—pave it.
If EMI wants to add value to their CDs, the obvious thing to do is to save us the problem of ripping—put the MP3s on the CD. I'll gladly pay a buck or two extra for that.
Talking about bucks, it would seem that EMI are getting sensible. I just bought a new EMI release for nine bucks Canadian. That's a reasonable price.
After recovering my composure from reading the astonishing statement that a 100MB kernel would be considered small rather than ten-to-fifty times too big, I ran into this:
The kernel halfway wakes itself up 20 times a second to see if you've plugged something into your nonexistent PS/2 port.
They poll I/O ports?! Have these people never heard of hardware interrupts? I knew that a lot of lore had been lost in the PC revolution, but I had no idea the situation was this bad.
Janitors have the keys to the whole building, but none of the file cabinets.
And, yes, the analogy is a good one. Read the rest of this thread; do the Dilbertian attitudes presented make you feel warm and fuzzy about the loyalty and trustworthiness of the avarage sysadmin? Sysadmins should have enough access to maintain the systems, but not enough to modify their own personnel files or read their boss' mail (at least not without leaving a trail).
Achieving this is not rocket science with a modern system. Hell, it's never been rocket science; Banyan Vines had the required features fifteen years ago. Compartmentalization is baseline security.
Odd that the author didn't mention Active Worlds http://activeworlds.com/ that already has the features claimed for Multiverse. In fact, the two look remarkably alike. The only significant difference I see is that Multiverse http://multiverse.net/ seems to use higher-resolution graphics.
Active Worlds has one advantage in that you can download the client and visit all the worlds as a "tourist" without registering or paying any fees. This makes it more like the original Netscape than Metaverse, which requires registration and even then limits your travel to a "demo world".
Are you going to turn over all thinking about the entire broad array of topics that fall under the rubric of information security over to Microsoft?
The topic isn't as nebulous as "information security". We're talking about the kinds of threats addressed by Symantec and McAfee.
What I am more than happy to turn over to Microsoft is the protection of its own OS and the applications designed to run on it—especially now that it has become a high-priority issue with Windows users. Who would be better qualified? The one thing we can always depend on is Microsoft responding to consumer demand. (Repeat—Consumer Demand; techno-geeks and industry journalists may rend their shirts and sing paeans to linux, but they aren't a significant market for the OEMs that bundle Windows.)
Now that we are asking for a secure OS and application platform, and Microsoft has got the message, I have every confidence that Microsoft will supply them—if the courts don't prevent it.
Symantec and McAfee will find new lines of business or fade away because they are selling products that shouldn't exist at all.
These products are based on identifying any of hundreds of thousands of programs and stopping them from executing—in an environment containing a few dozen programs the user actually wants to run. It's far easier to allow the few dozen and deny access to anything that isn't on this short list than to check everything against a very long and growing longer list of signatures and behaviours.
In the fullness of time, MS operating systems will fully implement Default Deny security, a path they have already started down; PatchGuard is part of it. When this is done, there will be nothing for anti-virus software to do.
I run my systems using just this part of F-Secure (Application Control enabled, everything else disabled) and the occasional scan. Same approach to browsers: all is forbidden unless expressly allowed. Scan results are always zero hits.
I look forward to the day when this is written into the OS code. Vista security is a good start.
Ozone concentration increases smoothly going from the poles to the equator. It's never zero.
The size of the so-called Ozone Hole isn't a discovery, it's a decision. Pick a threshold value and everything below that value is your "hole"—pick one value and you have a big hole, pick another and it's tiny. Different scientists at different times have used different threshold values, so it's hard to believe any comparison without checking the raw data to make sure they are comparing apples to apples.
Using thresholds destroys interesting information. There's a real difference between a big shallow depression and a big deep depression. The total extent of the "hole" could be just a bit below the arbitrarily chosen threshold, so that a tiny change in the threshold would result in a very tiny "hole". Gotta see the data.
Obviously being able to guarantee low latency interrupt responses is going to require some overhead.
That's not obvious at all. An OS designed to support RT will feature the fastest task switching the hardware can support. Since task switching is what the overhead is, that also means minimum overhead.
There are two overhead effects to handling an interrupt: parking the executing task and starting the interrupt handler, and deciding what to do when the interrupt handler exits. With a good queued design, the overhead drops as the number of tasks increases because (simplifying) it's easier to find the next thing to do.
This is not rocket science or a radical new technique—it was a feature of SDS UTS in 1970.
This is from Popular Science, a magazine that treats anything new and not seen on The Jetsons as sinister (a scan of the other articles in the same issue reveals their foil hat view of science and technology).
What's frightening is that anyone on/. reads Pop Sci. Somebody get him a subscription to 2600.
In XP, Sony was able to install a rootkit without the user being any the wiser.
If Vista can ensure kernel integrity, this is a good thing, and anything that can bypass the safeguards in Vista is a threat. If you want to fiddle with the kernel—get linux or XP. I expect MS to do everything to keep my copy of Windows secure, and the best way to do that is Default: Deny.
It's sad to see how the/. community blasts MS every time someone finds a security flaw, and now is blasting MS for putting strong security in Vista. It could lead one to think that a lot of you people are only pretending to be hard-core linuchim; why the concern about not being able to hack the Windows kernel?
Symantec and McAfee's claim that they need kernel access is not convincing. It's too bad that their business model involves riding on Window's success (an opportunity, not a right). Maybe they can live off of the linux market;)
Ai, Compuserve was the dominant BBS at that time. I was spending about $150 a month there until I was able to get a uucp connection to AlterNet (UUNet). I put up a "waffle" uucp node/bbs and started providing internet mail and news to my consulting clients. This market lasted for about five years until ppp and ip services got cheap and plentiful.
The last of my bbs installations (PCBoard) went offline in mid-2003, nine years after creation. That may be some sort of record.
You have to be over 18 to get a credit card because you have to be over 18 to enter into a contract--the mechanism by which the credit card company can feel sure you will pay the bill.
Without that, there is no way they can collect if you renege.
Debit cards are another matter. They are basically plastic cash because the bank, by giving you an account, is assuring payment.
That's funny. "...at the forefront of the Internet revolution".
AOL was the last of the big BBS' to move to the internet, dragged kicking and screaming into ISP-dom by the flight of its subscribers to services that provided internet mail, usenet, ftp and uucp.
About ten thousand of Jack Rickard's army of sysops were offering internet services before AOL's tentative entry. Hardly "a company that was once ahead of its time", AOL nearly didn't make it at all.
If you aren't a kid in highschool (and a non-technical one at that), you probably shouldn't bother having an opinion about the Zune. It's evident that socially active eight-to-eighteens are Microsoft's target market for the Zune, and they aren't going to be taking input from anyone else.
Slashdot Mirror
One thing many /. don't seem to understand is that Microsoft is and has always been a market-driven company (except when the courts interfere).
There are two things CIOs like: Single-source support, and Linux servers. With this deal, Microsoft can provide both; what's good for the client is good for Microsoft. Novell gets access to Microsoft's enterprise install base; what's good for the client is good for Novell.
Servers aren't that big a share of Microsoft's profit, so it improves it's standing in the market without risking anything significant. This is a win-win-win deal.
1) Seagate will point out that they told you the data would be lost if you lost the password. It has nothing to do with selling you another drive—they really can't recover your data.
2) The third party service will tell you that you are SOL. Unless you have a great deal of money and a few thousand years, they won't be able to crack it. Alternatively, they'll charge you for a run at cracking it that might work if you had a truly stupid passphrase. If you had a decent passphrase, the data is gone forever.
3) Losing your passphrase is like a head crash. If you aren't prepared for it, you deserve what you get. On the other hand, you don't have to trash the drive; you can reset it and start over.
This phenomenon is a result of the political left-shift in American coastal states during the time that the under-loaded men were in their formative years.
As many have observed, leftisch women have higher testosterone levels than their men. This transference could well be psychosomatic.
It's interesting that these researchers are taking data collected in Boston and generalizing it to the American male population. We're going to guess that they live in Boston. It's not a big leap to suggest that the same study done in Montana could have very different results.
What vtcodger describes is a situation where the whole machine is, at least temporarily, dedicated to processing a single I/O set. This isn't relevant to the topic. In any case, the usual logic in this case is that the polling loop is initiated as a response to the first I/O interrupt and the interrupt is masked until the loop is exhausted—a mixed strategy. I recall having to do that to read satellite telemetry, and to read paper tape from a reader that, at full speed, couldn't stop between characters. (If you think buffer overflows are a problem now....)
Of course there is another case, necessary with some primitive gear that had no interrupts; you'd insert polls all over your code, wherever it was safe to pause to see if something had happened. I haven't had to write that kind of code since 1965. In 1966 I got a table-top PDP-8 with an (RT-64?) card that gave me 64 priority, buffered, maskable, software-triggerable interrupts; I never looked back.
I'll bow to vtcodger's experience with the PC. I wrote a lot of assembler for the PC, but it was always on top of DOS, so I have no idea what hassles I/O programmers went through to make it work.
I'll have to take it on faith that some idiot designed an I/O port without an interrupt. As to the rest:
What amazing nonsense!
I was designing I/O devices and writing real-time I/O code before there were computer science teachers or courses. Assuming competent code, polling is always more resource-intensive than interrupts (all of the polling code is a net add—there is no interrupt code that it replaces). If race conditions exist in the environment, neither polling nor interrupts will fix them. Polling, on the other hand, can exacerbate the problem by not responding to high-priority events quickly enough.
The only problem with interrupts is that it takes more skill to design software around them and, when you screw up, debugging can be very interesting. In an environment that values self-esteem over competence, it's probably best to poll.
Levy's an idiot. He takes the stat that 60% of CDs are ripped and concludes that CDs are becoming useless. Hey Alain! We want the CDs to rip from for the same reason we used to dub our vinyl to tape. The CD's versatility is why 70% of music sales are from CDs. Don't piss off 42% of your market.
There's an architectural principle that says if you find a path across the grass, don't block it—pave it.
If EMI wants to add value to their CDs, the obvious thing to do is to save us the problem of ripping—put the MP3s on the CD. I'll gladly pay a buck or two extra for that.
Talking about bucks, it would seem that EMI are getting sensible. I just bought a new EMI release for nine bucks Canadian. That's a reasonable price.
After recovering my composure from reading the astonishing statement that a 100MB kernel would be considered small rather than ten-to-fifty times too big, I ran into this:
The kernel halfway wakes itself up 20 times a second to see if you've plugged something into your nonexistent PS/2 port.
They poll I/O ports?! Have these people never heard of hardware interrupts? I knew that a lot of lore had been lost in the PC revolution, but I had no idea the situation was this bad.
Janitors have the keys to the whole building, but none of the file cabinets.
And, yes, the analogy is a good one. Read the rest of this thread; do the Dilbertian attitudes presented make you feel warm and fuzzy about the loyalty and trustworthiness of the avarage sysadmin? Sysadmins should have enough access to maintain the systems, but not enough to modify their own personnel files or read their boss' mail (at least not without leaving a trail).
Achieving this is not rocket science with a modern system. Hell, it's never been rocket science; Banyan Vines had the required features fifteen years ago. Compartmentalization is baseline security.
Odd that the author didn't mention Active Worlds http://activeworlds.com/ that already has the features claimed for Multiverse. In fact, the two look remarkably alike. The only significant difference I see is that Multiverse http://multiverse.net/ seems to use higher-resolution graphics.
Active Worlds has one advantage in that you can download the client and visit all the worlds as a "tourist" without registering or paying any fees. This makes it more like the original Netscape than Metaverse, which requires registration and even then limits your travel to a "demo world".
Are you going to turn over all thinking about the entire broad array of topics that fall under the rubric of information security over to Microsoft?
The topic isn't as nebulous as "information security". We're talking about the kinds of threats addressed by Symantec and McAfee.
What I am more than happy to turn over to Microsoft is the protection of its own OS and the applications designed to run on it—especially now that it has become a high-priority issue with Windows users. Who would be better qualified? The one thing we can always depend on is Microsoft responding to consumer demand. (Repeat—Consumer Demand; techno-geeks and industry journalists may rend their shirts and sing paeans to linux, but they aren't a significant market for the OEMs that bundle Windows.)
Now that we are asking for a secure OS and application platform, and Microsoft has got the message, I have every confidence that Microsoft will supply them—if the courts don't prevent it.
Symantec and McAfee will find new lines of business or fade away because they are selling products that shouldn't exist at all.
These products are based on identifying any of hundreds of thousands of programs and stopping them from executing—in an environment containing a few dozen programs the user actually wants to run. It's far easier to allow the few dozen and deny access to anything that isn't on this short list than to check everything against a very long and growing longer list of signatures and behaviours.
In the fullness of time, MS operating systems will fully implement Default Deny security, a path they have already started down; PatchGuard is part of it. When this is done, there will be nothing for anti-virus software to do.
I run my systems using just this part of F-Secure (Application Control enabled, everything else disabled) and the occasional scan. Same approach to browsers: all is forbidden unless expressly allowed. Scan results are always zero hits.
I look forward to the day when this is written into the OS code. Vista security is a good start.
It's not a hole—it's a depression.
Ozone concentration increases smoothly going from the poles to the equator. It's never zero.
The size of the so-called Ozone Hole isn't a discovery, it's a decision. Pick a threshold value and everything below that value is your "hole"—pick one value and you have a big hole, pick another and it's tiny. Different scientists at different times have used different threshold values, so it's hard to believe any comparison without checking the raw data to make sure they are comparing apples to apples.
Using thresholds destroys interesting information. There's a real difference between a big shallow depression and a big deep depression. The total extent of the "hole" could be just a bit below the arbitrarily chosen threshold, so that a tiny change in the threshold would result in a very tiny "hole". Gotta see the data.
You have to feel sorry for the kids.
Natural selection will ultimately fix this, but it will take a few generations.
Obviously being able to guarantee low latency interrupt responses is going to require some overhead.
That's not obvious at all. An OS designed to support RT will feature the fastest task switching the hardware can support. Since task switching is what the overhead is, that also means minimum overhead.
There are two overhead effects to handling an interrupt: parking the executing task and starting the interrupt handler, and deciding what to do when the interrupt handler exits. With a good queued design, the overhead drops as the number of tasks increases because (simplifying) it's easier to find the next thing to do.
This is not rocket science or a radical new technique—it was a feature of SDS UTS in 1970.
I think we have that one figured out:
Classical Liberal == NeoCon
This is from Popular Science, a magazine that treats anything new and not seen on The Jetsons as sinister (a scan of the other articles in the same issue reveals their foil hat view of science and technology).
What's frightening is that anyone on /. reads Pop Sci. Somebody get him a subscription to 2600.
Like Slashdot could be described as just a wee bit liberal?
In XP, Sony was able to install a rootkit without the user being any the wiser.
If Vista can ensure kernel integrity, this is a good thing, and anything that can bypass the safeguards in Vista is a threat. If you want to fiddle with the kernel—get linux or XP. I expect MS to do everything to keep my copy of Windows secure, and the best way to do that is Default: Deny.
It's sad to see how the /. community blasts MS every time someone finds a security flaw, and now is blasting MS for putting strong security in Vista. It could lead one to think that a lot of you people are only pretending to be hard-core linuchim; why the concern about not being able to hack the Windows kernel?
Symantec and McAfee's claim that they need kernel access is not convincing. It's too bad that their business model involves riding on Window's success (an opportunity, not a right). Maybe they can live off of the linux market ;)
We call that a "Malthusian Projection".
Ai, Compuserve was the dominant BBS at that time. I was spending about $150 a month there until I was able to get a uucp connection to AlterNet (UUNet). I put up a "waffle" uucp node/bbs and started providing internet mail and news to my consulting clients. This market lasted for about five years until ppp and ip services got cheap and plentiful.
The last of my bbs installations (PCBoard) went offline in mid-2003, nine years after creation. That may be some sort of record.
You have to be over 18 to get a credit card because you have to be over 18 to enter into a contract--the mechanism by which the credit card company can feel sure you will pay the bill. Without that, there is no way they can collect if you renege.
Debit cards are another matter. They are basically plastic cash because the bank, by giving you an account, is assuring payment.
That's funny. "...at the forefront of the Internet revolution".
AOL was the last of the big BBS' to move to the internet, dragged kicking and screaming into ISP-dom by the flight of its subscribers to services that provided internet mail, usenet, ftp and uucp.
About ten thousand of Jack Rickard's army of sysops were offering internet services before AOL's tentative entry. Hardly "a company that was once ahead of its time", AOL nearly didn't make it at all.
$250 buys you a cheap skateboard—they can afford it.
The rest is effective marketing. It will be interesting to see how MS does it.
If you aren't a kid in highschool (and a non-technical one at that), you probably shouldn't bother having an opinion about the Zune. It's evident that socially active eight-to-eighteens are Microsoft's target market for the Zune, and they aren't going to be taking input from anyone else.
At long last—an environment where Agile can actually work. A place where nobody cares what you produce, how much it costs, or how long it takes.
Agile 1, Universe 99.