Read the comments on the blog (below that link, they are totally unrelated).
Also, if I'm not mistaken, sun is selling the thing with an "non-production" version of solaris: http://www.sun.com/servers/x64/x4500/ (read the heavily bolded line containing the words "Open Solaris")
Of course, I'm not saying that ZFS isn't a bad thing. I'm a ZFS root on one of my (non-production) systems right now.
ZFS is a marginal improvement at best over what's already available. I disagree. I guess you haven't seen one of the common types of data corruption that can happen with raided disks.
It's a common misconception that raid "prevents" data corruption.
RAID only protects you against (complete) hardware failures, and "noisy" IO errors.
Consider:
You have bad data on disk, but the hard drive reads the bad data without error.
With parity, (even assuming the parity is read upon each read request, which would be a faulty assumption), raid 5 has no way of telling which disk is bad, or whether the parity is bad.
Unlike raid, ZFS has end to end checksumming, so it knows when the data on disk is bad, and it knows which copy is bad, too.
So vista takes up a GB of ram on boot, and the AT+T browser takes another 2?
If I'm not mistaken vista still can only "use" 3GB of it's ram.
Does anyone else see a problem?
Backups?
The whole point is, the user totally manages their own system. What happens if they don't install the coperate backup client, or have not set up disk mirroring, or frequent cd burning/etc?
I think it is reasonable to make *somewhat* computer savy people (e.g. software developer, tester, etc, maybe even EE, ME engineers) in charge of their computers.
But when it comes to non engineering sides of firms, it is probably better to leave the systems in the hands of IT.
It would probably take less time too. Inexperienced users tend to break things when they are forced to make decisions:-/
Same on VirginAmerica. When I flew on VA earlier this year, their systems were extremely unstable. I probably saw half a dozen of them kernel panic, and reboot.
They also had a bunch of open source games available, like Xmahjongg.
so when a bug on my apache server is exploited by a white hat, and my server crashes/functionality of my server changes, who am I supposed to hold responsible?
they should not be protected from legal action regarding what flows over the network. well, the problem is, companies like comcast don't want to have to upgrade their infrastructure. And, If they are allowed to impose filtering, they won't ever have an incentive to invest money in new equipment.
This has nothing to do with the type of data flowing.
Or does Ubuntu launch things based on file extensions? Actually, when you exec() a program, the kernel finds the magic number corresponding to "#!", and executes the given interpreter with the script name as an argument.
So basically, the answer is: every linux distribution does it.
Ans most other systems (BSD/MacOS/etc), other than windows, do it too.
In fact, I mentioned it in my initial bug report on 12-5-07;-): https://bugzilla.redhat.com/show_bug.cgi?id=410031
The same issue is likely to affect a huge number of services, like apache (with
a rogue user using their personal webpage, or a remote attacker exploiting php
code injection in poorly written php code).
on several systems, in a small amount of time?
In general, these systems probably don't even give users shell access, and even then, password cracking is probably out of the picture.
And brute forcing a password over ssh? thats probably troublesome too, it would be hard to get over about 50 attempts/second.
On the other hand, there are a whole bunch of local vulnerabilities that can be exploited, after a system is compermised. In some cases, a weak php include vulnerability could potentially allow the apache user to execute suid root applications through such vulnerabilities as: https://rhn.redhat.com/cve/CVE-2007-5964.html on a default configuration of rhel5/fedora5-7.
Thats pretty good. I don't think that most companies and organizations are keeping the audit trails they are required to, (in some cases, even by the govt directly). It's not convenient, and its not even possible in many cases.
It's already obsolete(in terms of size), and this is not news:(
pico itx is already on the maket, the mainboard is about the same size (1.5ghz [like that means anything], upto 1gb ram): http://en.wikipedia.org/wiki/Pico-ITX
Hmm, my ISP (Charter Communications, in the US) already hijacks DNS for unknown hosts.
Not only does this break the RFC2308 specification, but they attempt to make a bit of extra profit from it, by employing a malware/spam like search page.
Compare that to the 1-4GB sticks that most of us have on our keychains today. Who needs USB sticks these days? For me, its much more convenient to scp files around as I need them.
Slashdot Mirror
Read the comments on the blog (below that link, they are totally unrelated).
Also, if I'm not mistaken, sun is selling the thing with an "non-production" version of solaris: http://www.sun.com/servers/x64/x4500/
(read the heavily bolded line containing the words "Open Solaris")
Of course, I'm not saying that ZFS isn't a bad thing. I'm a ZFS root on one of my (non-production) systems right now.
read the comments on the blog below that first link.
It's a common misconception that raid "prevents" data corruption.
RAID only protects you against (complete) hardware failures, and "noisy" IO errors.
Consider:
You have bad data on disk, but the hard drive reads the bad data without error.
With parity, (even assuming the parity is read upon each read request, which would be a faulty assumption), raid 5 has no way of telling which disk is bad, or whether the parity is bad.
Unlike raid, ZFS has end to end checksumming, so it knows when the data on disk is bad, and it knows which copy is bad, too.
Unfortunately though, from what I've heard, ZFS isn't stable enough for production environments yet:
http://www.datacenterknowledge.com/archives/2008/Jan/15/joyent_backup_services_down_for_three_days.html
read these comments
Better yet: LTO-4 (800GB per cartrage) http://en.wikipedia.org/wiki/Linear_Tape-Open
So vista takes up a GB of ram on boot, and the AT+T browser takes another 2?
If I'm not mistaken vista still can only "use" 3GB of it's ram.
Does anyone else see a problem?
Backups?
:-/
The whole point is, the user totally manages their own system. What happens if they don't install the coperate backup client, or have not set up disk mirroring, or frequent cd burning/etc?
I think it is reasonable to make *somewhat* computer savy people (e.g. software developer, tester, etc, maybe even EE, ME engineers) in charge of their computers.
But when it comes to non engineering sides of firms, it is probably better to leave the systems in the hands of IT.
It would probably take less time too. Inexperienced users tend to break things when they are forced to make decisions
Same on VirginAmerica. When I flew on VA earlier this year, their systems were extremely unstable. I probably saw half a dozen of them kernel panic, and reboot.
They also had a bunch of open source games available, like Xmahjongg.
Scrub down that database!
so when a bug on my apache server is exploited by a white hat, and my server crashes/functionality of my server changes, who am I supposed to hold responsible?
This has nothing to do with the type of data flowing.
2.6.22.4 is not an "up-to-date" official kernel for fc7 though. The fedora team has already released several 2.6.23 kernels for fedora 7.
So basically, the answer is: every linux distribution does it.
Ans most other systems (BSD/MacOS/etc), other than windows, do it too.
The same issue is likely to affect a huge number of services, like apache (with a rogue user using their personal webpage, or a remote attacker exploiting php code injection in poorly written php code).
on several systems, in a small amount of time?
In general, these systems probably don't even give users shell access, and even then, password cracking is probably out of the picture. And brute forcing a password over ssh? thats probably troublesome too, it would be hard to get over about 50 attempts/second.
On the other hand, there are a whole bunch of local vulnerabilities that can be exploited, after a system is compermised. In some cases, a weak php include vulnerability could potentially allow the apache user to execute suid root applications through such vulnerabilities as: https://rhn.redhat.com/cve/CVE-2007-5964.html on a default configuration of rhel5/fedora5-7.
Every system has it's vulnerabilities.
Thats pretty good. I don't think that most companies and organizations are keeping the audit trails they are required to, (in some cases, even by the govt directly). It's not convenient, and its not even possible in many cases.
http://www.youtube.com/watch?v=pb4UumU6ee0
but it would make this a reality
Thats nice for some parts, but Hard Drives should be an exception.
Unfortunately, I ran into this same problem a short while ago: http://www.joshlange.net/blog/?p=8
It's already obsolete(in terms of size), and this is not news :(
pico itx is already on the maket, the mainboard is about the same size (1.5ghz [like that means anything], upto 1gb ram):
http://en.wikipedia.org/wiki/Pico-ITX
and the transmeta crusoe processor (which implemented x86 in software) has been out for almost a decade now. The sony picturebook has a credit card sized motherboard along the left side of it's case:
http://images.google.com/images?svnum=10&um=1&q=sony+picturebook&btnG=Search+Images
For anyone else with this problem, this is why I use Level3's dns servers:
:)
4.2.2.2
4.2.2.3
4.2.2.4
Hmm, my ISP (Charter Communications, in the US) already hijacks DNS for unknown hosts.
Not only does this break the RFC2308 specification, but they attempt to make a bit of extra profit from it, by employing a malware/spam like search page.
If I'm not mistaken Vista is Microsoft's currently supported OS. Why don't they want to put a minimal version of Vista on the laptop?