I don't know for sure one way or another, but I've heard talk of it before. Basically an invalid opcode that triggers a bug in the CPU which causes it to overheat this catching fire. It may be an urban legend, but I wouldn't count on it.
It is true that you could physically damage some early core memories by entering into a tight loop, thereby accessing the same location in memory repeatedly for an extended period of time. This was unfortunate, since busy timing loops were pretty common at that time.
I remember seeing McNealy speak some years ago at a tradeshow (I don't remember exactly when or where). He explained some of the economics of CPU design and predicted that in a few years there would be only three major architectures: SPARC (Sun), PowerPC (IBM), and Intel. It's kind of creepy how his predictions have come true.
His arguement was based on financial analysis of how much it cost to develop and maintain a competitive architecture, and how much revenue each of the big players could expect from their designs. HP was doing comparitively well at the time, but McNealy figured they were using revenue from printers to subsidize their chip business, and that couldn't go on forever.
Alpha was still a viable competitor at that point, but again it comes down to volume. You might get a team of crack engineers together to design a beautiful CPU, but if you don't get the volume (or high margins like IBM mainframes) then you can't afford to keep the architecture competitive.
Ok, a silly question from somebody who doesn't really follow *BSD:
Is there any chance of some consolidation in the *BSDs? I always thought it strange that there were three of them, but then I don't really know the history behind it.
I'm all in favour of competition, but four free Unix-like OSs (Linux + 3 * BSD) does some a little much to me.
Re:Heeeeeyyyy....a new IBM machine....
on
IBM Launches p690
·
· Score: 2
I don't see them pushing Linux on this machine. At the moment Linux on IBM is cool for mainframes (consolidate a zillion lightly loaded boxes onto one huge one) and for little rackmount babies.
This baby screams "massive database server". If you partition it you might break it into "devel", "test", "production", but not into a lot of tiny partitions.
I do think they'll go whole hog into pushing Linux on all their platforms eventually, but we still need a few more scalability improvements before you'll want to put Linux on a 24 processer SMP machine, plus the Linux LVM and journaling filesystems need to mature a little.
I dont know how much sense it makes to spend money marketing a product youre giving away. For Sun this is a strategic play against MS, but its probably not worth marketing $$.
The obvious way to get the product out without a lot of $ is get to get AOL to include it with the coasters they ship out. And get Sony to load it on their laptops and include copies with the PlayStation. These are two companies that need to eat into the MS warchest just as much as Sun does, and it doesn't really cost anything.
It's clear from the community response to the draft "W3C Patent Policy Framework Working Draft" that
we aren't ready for a policy concerning how patent-encumbered technology can be included in W3C
recommendations. There first needs to be an open and frank discussion of _whether_ patent-encumbered
technology should be part of W3C recommendations at all. Given the lack of discussion over the general
issue of software patents in web standards, this draft is premature.
"Working Group Flexibility", the final "concensus point" given in the draft appears the be heart
of the problem. The authors of the draft appear to agree that individual working groups should
"have the flexibility to specify minimum licensing terms as part of their work". This statement may be
self-evident to the authors, but it's by no means self evident to the Internet community as a whole. Any
policy that takes this position as a starting point will meet heavy resistance.
Since the very basic principles that form the basis for this working draft are at best contraversial, the
appropriate response on the part of the W3C would be to withdraw the working draft temporarily and
begin a consultation process to determine what role patents have in Internet standards. Until that question
has been answered, discussion of detailed procedures is premature.
I'd really like to see a Netcraft/Google link-up. "Which servers host the most _important_ pages?" That would be exceptionally cool, and the databases are already there, somebody just needs to mine the data.
I hope they keep raising prices. The more they try to squeeze revenue growth out of a mature market, the greater the opportunity for alternative operating systems.
Think if the ketchup analogy that business types talk about. Heinz is the default ketchup brand. Why? Well they stick bunch of well known ingredients into a bottle, put a well known label on it, and sell it for a reasonable price. Sure other brands might be a little cheaper, but not by a whole lot, and Heinz gets to keep their market share even though they aren't doing anything particularly special. It works as long as they don't raise the price too high. If Heinz were, say, double the price of their nearest competitor then people would start to take notice and try the alternatives. Once they got to know some other brands Heinz would have a really hard time winning those customers back.
Likewise with operating systems. For a lot of people nowadays an OS is an OS. You can argue that Linux or MacOS don't have the application base that Windows does, and you'd be right, but they both have enough for a good many people. Most people are just buying the brand and they'll keep doing that as long as MS doesn't screw them too badly.
Unfortunately for MS, their shareholders expect them to magically produce growth rates in the double digits year after year. Employees expect it too, since that's how they make money from stock options. How do you make more money when your product is basically the same and the market is maturing? That's right, you squeeze your existing customer base. (Or you expand into video games and Online services, but that's tough when your competitors are Sony and AOL/Time Warner)
There are systems where every app is controlled and written with non-overcommit in mind, and there's no reason Linux should intentionally ignore these possibilities.
That's what I meant by real-time, although I suppose you're right. My only experience with that kind of system is in real-time applications under a real-time OS, but there's nothing inherently RT about it.
There's a single process (apart from a custom init) which is the only userland allocator in the system, and it allocates pretty much all of memory (13-15MB out of 16MB).
That's a pretty unusual situation, but maybe the answer is to make the OOM killer a configure option. I still think that for the general case the OOM killer is a good idea.
If every process has adequate paging space as it should
Um, then you're not out of memory.
Really I don't think we're disagreeing. You keep bringing up ways to prevent a true out of memory condition. Fair enough and totally valid. There were actually some RSS limit patches floating around once, but I don't know if they ever made it into 2.4. If not then I assume they'll go into 2.5.
There is no need for any existing process to die in an OOM condition, although it may be necessary to prevent new processes from being spawned.
For the existing processes to continue they would need to be able to keep working without allocating any memory. That's feasible on a real-time OS, but on a general purpose OS at least some of the processes are going to become useless, even if they don't actually segfault. In that case it's better just to kill them off and free up the memory.
Preventing new processes from starting is very bad. It means you can't, for example, start a new console session in order to administer (and hopefully save) the system. I've had this happen on commercial Unixen and it sucks big-time. I would much rather have had an OOM killer that gave me a chance of regaining control of the box.
The second part of your arguement regarding quotas doesn't really contradict what I said. I said that if the system is truly out of memory then something has gone horribly wrong. You said the system should never run out of memory.
In order to prevent the system from running out of memory you would like a nice quota system. I can't argue with that, but it doesn't conflict with the idea of an OOM killer. Ideally we should have both.
I read on Linux kernel (I'm a lurker, but not a kernel hacker) that the current XFS patch contains a lot of cruft carried over from Irix. It helps SGI to keep the code base mostly the same as Irix, but it offends the sensibilities of the Linux hackers who don't want to have an Irix compatibility layer tacked on to their nice clean kernel.
I'm not sure what the compromise will be, but I'm sure they'll work something out. I wouldn't count on anything too early in 2.5.x - it'll take time to make whatever changes are agreed upon.
I'd put my money on tomorrow...
on
Linux Kernel 2.4.10
·
· Score: 5, Informative
Well, I wouldn't be a lot of money, but I think if the VM on 2.4.10 looks good then 2.5 will start very soon. Linus has been hinting at it for ages, but I don't think he wants to pass 2.4.x on to Alan until it's up to standard.
On the positive site, it looks like there's a ton of stuff ready to go into 2.5. This will be the first development kernel where the big boys (especially IBM, but also Compaq and SGI) have been involved from the beginning. They all started on projects during 2.3 that never made it into 2.4, but are now pretty much ready. The quiet time between 2.4.0 and 2.5.0 has also given a lot of other patches time to mature. It'll be interesting to see what happens.
If your system is out of memory (totally out - no RAM, so Swap) then stuff will fail. That's true on any system. The "OOM Killer" applies some heuristics to try to fail somewhat gracefully.
It's a fair assumption that on a production machine you'll run out of memory only when something has gone terribly wrong - some process is leaking badly or under attack. If you can kill that process then you're more likely to get your system working again quickly. (Or at least into a state where you can log in and repair things.)
In any case, even when the OOM killer chooses the "wrong" process, it's probably no worse than killing a "random" process, which is what happens without the OOM killer.
No, I was promoting the idea that a system should be as simple as possible, but no simpler. The original Unix developers managed to create a security system that was much simpler than ACLs, but did most of what was needed. It's held up remarkably well.
That said, you raise some valid critisisms, but they are slowly being addressed. The reason things are changing slowly is that the old system, although lacking for all the reasons you mention, actually works pretty well in practice. Requiring root access is a problem, but not a crippling one (if it were then the whole Internet would have been rooted long ago).
Odd, I've found almost the opposite. Most systems come with configurations that are pretty secure and all you need to do to lock them down is disable services you don't need and install SSH. Maintaining security means watching for security notices (which are widely distributed) and updating every now and then.
In order to break into a Unix system you either need to do a lot of painstaking work to find an exploit, or you need to monitor security lists and create an exploit before your target has updated his software. Either requires considerable effort and luck.
The fact that real Unix exploits are relatively rare lends some empirical support to the notion that hacking into a Unix box isn't that easy.
OS research has been pursueing these goals for years. There's nothing there that's really very interesting or new. It sounds like they've just browsed the web for a little while and summarized what the various projects are striving for.
One project that's come pretty far is Mosix (I think they're planning to integrate bits into Linux 2.5, but I'm not sure). Then of course there's Plan 9 and Inferno from the fine folks who brought you Unix. And lets not forget Tanenbaum's Amoeba.
Why do you say that? Certainly traditional security is simple, so you can't do the fine-grained things that other systems allow (not really true anymore with capabilities, but those aren't widely used or entirely standard). But simple has it's advantages - there are fewer ways to mess things up.
I'm Canadian but I wouldn't be nearly as smug about this if I were you. Luckily the current Canadian government is at least somewhat sensible, but don't underestimate the power of American pressure.
If one of our right-wing parties were in power right now then it would be all over. We'd have American-style immigration and crypto laws already.
Well, that's because there aren't many Linux boxes.
Not really true. Even if the total market share were only 1% that would still be quite a lot in absolute terms. Plus Linux users tend to converse with other Linux users, so a virus should have no trouble moving within the community if it had an effective means of speading.
Usually they use root exploits to install a script or a binary.
Sounds more like a worm to me. In that case anti-virus software won't help much, but keeping up-to-date on your security patches will make a big difference. Of course, that's true of any operating system, but the original poster was critical of the idea that you don't need an anti-virus for Linux.
Hmm. I stand corrected. On the other hand, these don't seem too dangerous and obviously never spread very far. Do you know of any recent ones?
I wonder how these viruses actually spread, given that Linux users don't often pass around binaries. I know some people who used to work for F-Secure, I might just bug them for some more info.
Virus protection software only protects against viruses it knows about. Since I have yet to hear about any Linux viruses (root exploits, worms, etc. aren't viruses) I doubt the application would do anything.
If you like I can write you a Linux anti-virus that protects against all known Linux viruses. Yours for only $249.00 + shipping and handling:-).
He used StarOffice 5.2. The old StarOffice was incredibly annoying. Recent OpenOffice builds are much better. I know they're not officially released yet, but I think the development builds would have been a better choice.
Also, Evolution, Balsa, or Mozilla would have been better for e-mail. KDE probably has a native app that's better as well (KMail?).
He said he couldn't get the drives to automount on RedHat. Odd, that usually drives me mad until I remember to turn it off. Not sure what his difficulty was.
Trouble with dependancies for RPMs: use Debian or Ximian's Red Carpet if that matters. I think somebody told me Mandrake had apt-get for RPMs - that sounds interesting too. Ditto for the upgrade problem. RedCarpet and apt-get are miles ahead of Windows in this respect. On the plus side, once you get everything the way you like it it's really easy to set up painless network installs using RedHat.
On the whole a pretty positive piece, even if I don't agree with everything he did. You can probably chalk this up to his being a Windows administrator and not really knowing his way around the Linux world (I wouldn't do much better trying to fine-tune a Windows installation). It would be interesting to have one of these comparisons every six months or so just to see the progress. I bet it would be impressive. As far as I know most of the annoyances he mentioned in his article have already been addressed.
Funniest Quote:My customized KDE desktop is better than Windows 2000! He seems so surprized:-).
Slashdot Mirror
I don't know for sure one way or another, but I've heard talk of it before. Basically an invalid opcode that triggers a bug in the CPU which causes it to overheat this catching fire. It may be an urban legend, but I wouldn't count on it.
It is true that you could physically damage some early core memories by entering into a tight loop, thereby accessing the same location in memory repeatedly for an extended period of time. This was unfortunate, since busy timing loops were pretty common at that time.
I remember seeing McNealy speak some years ago at a tradeshow (I don't remember exactly when or where). He explained some of the economics of CPU design and predicted that in a few years there would be only three major architectures: SPARC (Sun), PowerPC (IBM), and Intel. It's kind of creepy how his predictions have come true.
His arguement was based on financial analysis of how much it cost to develop and maintain a competitive architecture, and how much revenue each of the big players could expect from their designs. HP was doing comparitively well at the time, but McNealy figured they were using revenue from printers to subsidize their chip business, and that couldn't go on forever.
Alpha was still a viable competitor at that point, but again it comes down to volume. You might get a team of crack engineers together to design a beautiful CPU, but if you don't get the volume (or high margins like IBM mainframes) then you can't afford to keep the architecture competitive.
Ok, a silly question from somebody who doesn't really follow *BSD:
Is there any chance of some consolidation in the *BSDs? I always thought it strange that there were three of them, but then I don't really know the history behind it.
I'm all in favour of competition, but four free Unix-like OSs (Linux + 3 * BSD) does some a little much to me.
I don't see them pushing Linux on this machine. At the moment Linux on IBM is cool for mainframes (consolidate a zillion lightly loaded boxes onto one huge one) and for little rackmount babies.
This baby screams "massive database server". If you partition it you might break it into "devel", "test", "production", but not into a lot of tiny partitions.
I do think they'll go whole hog into pushing Linux on all their platforms eventually, but we still need a few more scalability improvements before you'll want to put Linux on a 24 processer SMP machine, plus the Linux LVM and journaling filesystems need to mature a little.
Deeper than IBM or MS? In the IT industry? I don't see how that's possible, unless I'm missing somebody really obvious.
I dont know how much sense it makes to spend money marketing a product youre giving away. For Sun this is a strategic play against MS, but its probably not worth marketing $$.
The obvious way to get the product out without a lot of $ is get to get AOL to include it with the coasters they ship out. And get Sony to load it on their laptops and include copies with the PlayStation. These are two companies that need to eat into the MS warchest just as much as Sun does, and it doesn't really cost anything.
John Gilmore addressed this with an excellent submission (this guy is now officialy my hero - I want to be John Gilmore when I grow up :-).
He makes the point that the IETF is actively moving away from RAND and towards RF. W3C appears to be going backwards.
It's clear from the community response to the draft "W3C Patent Policy Framework Working Draft" that we aren't ready for a policy concerning how patent-encumbered technology can be included in W3C recommendations. There first needs to be an open and frank discussion of _whether_ patent-encumbered technology should be part of W3C recommendations at all. Given the lack of discussion over the general issue of software patents in web standards, this draft is premature.
"Working Group Flexibility", the final "concensus point" given in the draft appears the be heart of the problem. The authors of the draft appear to agree that individual working groups should "have the flexibility to specify minimum licensing terms as part of their work". This statement may be self-evident to the authors, but it's by no means self evident to the Internet community as a whole. Any policy that takes this position as a starting point will meet heavy resistance.
Since the very basic principles that form the basis for this working draft are at best contraversial, the appropriate response on the part of the W3C would be to withdraw the working draft temporarily and begin a consultation process to determine what role patents have in Internet standards. Until that question has been answered, discussion of detailed procedures is premature.
I'd really like to see a Netcraft/Google link-up. "Which servers host the most _important_ pages?" That would be exceptionally cool, and the databases are already there, somebody just needs to mine the data.
I hope they keep raising prices. The more they try to squeeze revenue growth out of a mature market, the greater the opportunity for alternative operating systems.
Think if the ketchup analogy that business types talk about. Heinz is the default ketchup brand. Why? Well they stick bunch of well known ingredients into a bottle, put a well known label on it, and sell it for a reasonable price. Sure other brands might be a little cheaper, but not by a whole lot, and Heinz gets to keep their market share even though they aren't doing anything particularly special. It works as long as they don't raise the price too high. If Heinz were, say, double the price of their nearest competitor then people would start to take notice and try the alternatives. Once they got to know some other brands Heinz would have a really hard time winning those customers back.
Likewise with operating systems. For a lot of people nowadays an OS is an OS. You can argue that Linux or MacOS don't have the application base that Windows does, and you'd be right, but they both have enough for a good many people. Most people are just buying the brand and they'll keep doing that as long as MS doesn't screw them too badly.
Unfortunately for MS, their shareholders expect them to magically produce growth rates in the double digits year after year. Employees expect it too, since that's how they make money from stock options. How do you make more money when your product is basically the same and the market is maturing? That's right, you squeeze your existing customer base. (Or you expand into video games and Online services, but that's tough when your competitors are Sony and AOL/Time Warner)
That's what I meant by real-time, although I suppose you're right. My only experience with that kind of system is in real-time applications under a real-time OS, but there's nothing inherently RT about it.
That's a pretty unusual situation, but maybe the answer is to make the OOM killer a configure option. I still think that for the general case the OOM killer is a good idea.
Um, then you're not out of memory.
Really I don't think we're disagreeing. You keep bringing up ways to prevent a true out of memory condition. Fair enough and totally valid. There were actually some RSS limit patches floating around once, but I don't know if they ever made it into 2.4. If not then I assume they'll go into 2.5.
The second part of your arguement regarding quotas doesn't really contradict what I said. I said that if the system is truly out of memory then something has gone horribly wrong. You said the system should never run out of memory.
In order to prevent the system from running out of memory you would like a nice quota system. I can't argue with that, but it doesn't conflict with the idea of an OOM killer. Ideally we should have both.
I read on Linux kernel (I'm a lurker, but not a kernel hacker) that the current XFS patch contains a lot of cruft carried over from Irix. It helps SGI to keep the code base mostly the same as Irix, but it offends the sensibilities of the Linux hackers who don't want to have an Irix compatibility layer tacked on to their nice clean kernel.
I'm not sure what the compromise will be, but I'm sure they'll work something out. I wouldn't count on anything too early in 2.5.x - it'll take time to make whatever changes are agreed upon.
Well, I wouldn't be a lot of money, but I think if the VM on 2.4.10 looks good then 2.5 will start very soon. Linus has been hinting at it for ages, but I don't think he wants to pass 2.4.x on to Alan until it's up to standard.
On the positive site, it looks like there's a ton of stuff ready to go into 2.5. This will be the first development kernel where the big boys (especially IBM, but also Compaq and SGI) have been involved from the beginning. They all started on projects during 2.3 that never made it into 2.4, but are now pretty much ready. The quiet time between 2.4.0 and 2.5.0 has also given a lot of other patches time to mature. It'll be interesting to see what happens.
If your system is out of memory (totally out - no RAM, so Swap) then stuff will fail. That's true on any system. The "OOM Killer" applies some heuristics to try to fail somewhat gracefully.
It's a fair assumption that on a production machine you'll run out of memory only when something has gone terribly wrong - some process is leaking badly or under attack. If you can kill that process then you're more likely to get your system working again quickly. (Or at least into a state where you can log in and repair things.)
In any case, even when the OOM killer chooses the "wrong" process, it's probably no worse than killing a "random" process, which is what happens without the OOM killer.
No, I was promoting the idea that a system should be as simple as possible, but no simpler. The original Unix developers managed to create a security system that was much simpler than ACLs, but did most of what was needed. It's held up remarkably well.
That said, you raise some valid critisisms, but they are slowly being addressed. The reason things are changing slowly is that the old system, although lacking for all the reasons you mention, actually works pretty well in practice. Requiring root access is a problem, but not a crippling one (if it were then the whole Internet would have been rooted long ago).
Odd, I've found almost the opposite. Most systems come with configurations that are pretty secure and all you need to do to lock them down is disable services you don't need and install SSH. Maintaining security means watching for security notices (which are widely distributed) and updating every now and then.
In order to break into a Unix system you either need to do a lot of painstaking work to find an exploit, or you need to monitor security lists and create an exploit before your target has updated his software. Either requires considerable effort and luck.
The fact that real Unix exploits are relatively rare lends some empirical support to the notion that hacking into a Unix box isn't that easy.
OS research has been pursueing these goals for years. There's nothing there that's really very interesting or new. It sounds like they've just browsed the web for a little while and summarized what the various projects are striving for.
One project that's come pretty far is Mosix (I think they're planning to integrate bits into Linux 2.5, but I'm not sure). Then of course there's Plan 9 and Inferno from the fine folks who brought you Unix. And lets not forget Tanenbaum's Amoeba.
Why do you say that? Certainly traditional security is simple, so you can't do the fine-grained things that other systems allow (not really true anymore with capabilities, but those aren't widely used or entirely standard). But simple has it's advantages - there are fewer ways to mess things up.
I'm Canadian but I wouldn't be nearly as smug about this if I were you. Luckily the current Canadian government is at least somewhat sensible, but don't underestimate the power of American pressure.
If one of our right-wing parties were in power right now then it would be all over. We'd have American-style immigration and crypto laws already.
Not really true. Even if the total market share were only 1% that would still be quite a lot in absolute terms. Plus Linux users tend to converse with other Linux users, so a virus should have no trouble moving within the community if it had an effective means of speading.
Sounds more like a worm to me. In that case anti-virus software won't help much, but keeping up-to-date on your security patches will make a big difference. Of course, that's true of any operating system, but the original poster was critical of the idea that you don't need an anti-virus for Linux.
Hmm. I stand corrected. On the other hand, these don't seem too dangerous and obviously never spread very far. Do you know of any recent ones?
I wonder how these viruses actually spread, given that Linux users don't often pass around binaries. I know some people who used to work for F-Secure, I might just bug them for some more info.
Virus protection software only protects against viruses it knows about. Since I have yet to hear about any Linux viruses (root exploits, worms, etc. aren't viruses) I doubt the application would do anything.
If you like I can write you a Linux anti-virus that protects against all known Linux viruses. Yours for only $249.00 + shipping and handling :-).
He used StarOffice 5.2. The old StarOffice was incredibly annoying. Recent OpenOffice builds are much better. I know they're not officially released yet, but I think the development builds would have been a better choice.
Also, Evolution, Balsa, or Mozilla would have been better for e-mail. KDE probably has a native app that's better as well (KMail?).
He said he couldn't get the drives to automount on RedHat. Odd, that usually drives me mad until I remember to turn it off. Not sure what his difficulty was.
Trouble with dependancies for RPMs: use Debian or Ximian's Red Carpet if that matters. I think somebody told me Mandrake had apt-get for RPMs - that sounds interesting too. Ditto for the upgrade problem. RedCarpet and apt-get are miles ahead of Windows in this respect. On the plus side, once you get everything the way you like it it's really easy to set up painless network installs using RedHat.
On the whole a pretty positive piece, even if I don't agree with everything he did. You can probably chalk this up to his being a Windows administrator and not really knowing his way around the Linux world (I wouldn't do much better trying to fine-tune a Windows installation). It would be interesting to have one of these comparisons every six months or so just to see the progress. I bet it would be impressive. As far as I know most of the annoyances he mentioned in his article have already been addressed.
Funniest Quote: My customized KDE desktop is better than Windows 2000! He seems so surprized :-).