Is the assertion really hybrid hard disks and turbo memory are having a noticable negative effect on the DRAM market?
Trying to imply a relationship between two markets by realitive growth is especially rediculous considering explosion of the smart phone market which relies entirely on flash.
The only thing more rediculous about TFA is the idea NAND is in any way a suitable replacement for DRAM.
Forcing people to enter passwords considered to be "secure" by a standard where it is infeasable to brute force by offline means becomes increasingly foolish with each passing year.
All a password should have to be able to withstand is some managable number of random guesses moderated by a sane password authentication system.
Password files "encrypted" with one way hashes are worthless. Anyone who treats them differently than a list of plaintext passwords is a certified moron.
Most authentication protocols stink. They are based on some draconian form of CHAP and thus subject to offline attack or simply send plaintexts over an unbound (SSL) channel which is no better.
In my view two things are needed to solve technology problems with password use:
1. Operationally we must all assume hashed passwords are no more secure than plaintext variants. This means abolishing all forms of/etc/shadow. If you wouldn't store a plaintext password in a file don't do it with the hashed version either. Protect your password file with an encryption key. Protect the encryption key with your life.
2. Use a modern password authentication system such as SRP.
A smidge more than half of the energy from the sun reaching your roof is IR we can't see. Telling people to go out and simply buy white paint is not going to be nearly as effective as it could be.
You need to tell people to make sure the paint they get is IR reflective. This matters more than the visible color of the paint.
I wonder if there are any roving spy blimps that could be tasked to spend some time tracking all boats in the area around somalia. Its a big ocean but if you can watch the coast , catch them leaving and track it might work?
The information could be used to warn others where the pirates are or for the more hawkish amoung us allow nations who have had enough to intercept them.
Yes, absolutely. But the key point is that, like the internet itself, it has to always be available and just works. Take S3, as an example. Amazon distributes your data across multiple datacenters in geographically distinct locations. Even if a couple of datacenters were blown to smithereens, your data would still show up just like it always has without you ever having known anything has happened. That is why it is shown as an abstract cloud instead of a single wire to a single computer
I'm not familiar with the reliability requirement in order to draw a "cloud" on a network diagram. I've seen and drawn hundreds of them myself. Resilliance in the face of disaster was simply never part of the equation. It was always about administrative boundaries.
When did the definition of "cloud" change to imply a reliability requirement?
The Cloud is an abstract interface, not a specific technology. It always has been. Look at some networking documents from years ago and you'll find the cloud present. The cloud services might be implemented using virtualization, but you don't care, because it is just an abstract network that you throw your bits at.
I think it is funny that we see regular people getting the concept of the cloud while technical folk, who have been using the term for decades, are trying to turn it into something new
LOL clouds on network diagrams ususally point to networks or systems outside of your administrative domain.
The cloud exists to hide infrastructure. The cloud is an abstract network. If, for example, all the service's ties to the USA die, you are automatically routed to the datacenter in Germany. You don't know or care about how it works, it just does. It doesn't fail because it is the cloud.
If you service cannot automatically deal with failure, it is not the cloud, it is just a regular node on the network
The core issue with this entire conversation is that nobody has any idea what "the cloud" is. There are only nebulous defintions and marketeers going crazy to apply a new buzzword to their datasheets.
When I hear someone say "the cloud" I immediatly think "idiot"... The word and usage by itself is too ambiguous to have any concrete real world meaning that makes it in any way a useful term.
At least terms such as "grid computing", "hosting provider" and "Internet" convey some level of understanding.
For a midsized company, one would be a fool not to go with cloud based services. Cloud security has shown itself to be excellent.
Hosting providers are hacked all the time.
The only people who complain about the cloud are those with a vested interest in the old style of running things
The only people who complain about eating worms are those with vested interests in agriculture.
Kick the old server guys to the curb -- technology moves on, and businesses don't need to have server rooms anymore, just like businesses don't need TTYs and printers attached to terminals
I like economies of scale. I dislike blanket statements made from a position of extreme ignorance. You have no clue what all "midsized companies" requirements are -- keep your judgements to yourself.
Considering that the Atom chipsets typically don't support more than 2GB of RAM, running 64bit isn't a terribly useful proposition - you get the advantage of slightly more speed (because of increased registers) but that's about it. You lose out on caches when pointer lengths double (Windows - they have pointers everywhere).
Sure an Atom can run 64-bit code, but it's probably just as happy running a 32-bit OS since the benefits of the slightly increased performance are washed out because of limited RAM and cache.
The low memory limits for atom were lifted a while ago. The only atom I own has 4GB ram and runs 64-bit linux.
To answer why Microsoft is releasing yet another OS; it's because they didn't make Vista(yet another MS OS "written from the ground up") very efficient, portable nor scalable so Windows 7 was hacked out to solve the first problem. Hey, it's better than Vista is what I keep hearing regarding its performance. So now there's Linux still running on netbooks but not too much of a threat anymore but Apple and Google are moving into Windows territory on ARM processors. So, Windows 8 is Windows 7 made portable and supposedly able to yank it apart so it's somewhat scalable. That is if you think a quad core ARM CPU running at 1.5GHz with 2GB of RAM is low end.
All they did was move background processes from the service manager to the task manager demand loading them as needed. This reduced the memory footprint enough for those people with a marginal amount of RAM to think Windows 7 is a million times better than Vista.
Finally they scraped off the old sticker, replaced it with "Windows 7" and called it a day.
The moral of the story there is still quite a lot of low hanging fruit to improve effeciency where there is market incentive.
The devil thing is somewhere on earth. Compelling someone to reveal where they hid it or face consequences just unlocks access to permissable evidence the same way a key unlocks access to a safe or a password unlocks access to an encrypted file.
The evidence is in your mind. Forcing you to sit in a machine that extracts the evidence from your mind is not self incrimination. After all you are not testifying against yourself are you? A machine is simply extracting permissable evidence.
With weasel wordsmithing does "witness against himself" afford the defendant any protection of any kind? What does it affirmativly protect against and why?
Does it apply to women? Note "himself".
Lawyers think they are being clever when they have that eureka moment and invent novel interpretations of plain language to support their case while the rest of us look on in discust wishing they would be disbarred.
All right. I'm a moron. Why is it bad to use an auto-incrementing row as the PK as long as it's never exposed to the end user?
The main reason against using them as PK only is that in a distributed environment with replicated data it can be hard to maintain consistancy across all systems with these types of primary keys.
Database A write row 101 Database B writes row 101
Ooops...
Nowadays systems have built in methods to coordinate global reservations of sequences so it is less of a problem. It could still easily break down if there is a need to consider multiple disconnected datasets.
Personally I always use sequences for PKs when I know I can get away with it.
In a debate about how Facebook - one of the most successful, largest, and fastest growing web sites in history - one built around a core of massively shared data - one which has achieved amassing fast (for it's size) almost real time data updates and amazing levels of reliability (for it's size and speed of growth), by using MySQL, you are actually trying to argue that MySQL can't work for anything but "toy" sites? Really? Do you not see the total absurdity of your point? Facebook is, itself, the proof that your point is invalid.
Facebook might be a large popular site however not everyone has the luxury of managing large volumes of worthless data.
The use of facebook as an example greatly limits the applicability of the analogy to other domains.
This is exactly why anyone in their right minds puts some sort of ORM/query layer in front of their database so that their mid-tier/front-end code has no knowledge of what the sql looks like.
LOL because we all know thats how you improve performance.
This is what happens when politicians who know nothing about security or network infustructure make high level design decisions.
Securing the wire always has and always will be a lost cause. Just click the little require secure connections only button in all of your operating system (IPSec) and you have yourself your secure private network.
There is no reason to segment traffic. On a large network you can expect someone on the network will eventually be compromised by an insider or determined advasary. Given this reality physically separate network must not be relied on to convey any security at any time.
All it means is you don't see a bunch of botnets launching blind attacks 24x7. It means important infustructure on a "secure" network becomes as complacent and vulnerable as the machines behind corporate firewalls. It is human nature. Without constant pressure it will happen. If you are tired of the random hits use IPv6.
Never trust the wire.. Just don't do it. It is always stupid and you will always be burned by it.
A few other points needing to be made:
If the content of your communication can not be private good luck with your "secure" network.
Federated authentication systems tend to induce weaknesses in server authentication. Imagine everyone on earth was using openid or had the same password file. You could login to any computer you wanted with your credentials.
This means:
The material which authenticates you as a person can not also be used to authenticate the service you are consuming as everyone has access to the authentication system. Even if your credentials are never exposed your authentication provides you with no assurances with regards the service you are consuming beyond an unbound trust anchor.
Yeah, because that's so much easier than just looking at the IP address.
Site owners use tools written by others who have done all the difficult work for them. They have no reason to care about a distinction between easy and easier.
Nor will they have a great deal of luck when all the computers in the hosue run the same OS and clear flash crap every time they reboot
Do you really clear cookies every time you reboot? Why not just turn on IPv6 privacy extensions?
Perhaps you should include engineers from the real world in your deliberations. The IETF has consistently and adamantly refused to accept that NATs exist for security reasons (NOT JUST TO SAVE ADDRESSES!!) and are not going to go away with IPv6. In that regard, please stop inventing protocols that require a masters degree thesis to pass through NATs. (Thesis here: http://www.minisip.org/publications/Thesis_LaTorreYurkov_feb2006.pdf)
What are the "security reasons" for NAT vs SPI? What is the difference?
The question is why that's considered to be a good thing. I like the fact that random web site can't tell which device in my house is connecting to it becuase they all have the router's IP address.
Like web sites have any trouble doing that today with fingerprinting and (flash) cookies.
Why not maintain the IPv4 for the home scale devices (5 port routers) with a IPv6 WAN side connection?
What would the point of that be? Some of us care about using P2P services like Skype and don't particularly want random people on the Internet to be intermediaries for our traffic just because you are adverse to change. The cold hard fact there is zero security difference between SPI and NAT. If you count the crap folks are able to pull off in the state machines of 1:many ALGs SPI is MORE secure.
It seems very overkill to push IPv6 to the home level even with "network light bulbs" how many can one house have?
As many as we fricking want!
Also for a tech perspective can you imagine the support calls with customers rattling of IPv6 addresses all the time?
I can't imagine end users ever needing to. LLMNR, DNS, ND, DHCP autoconfig... I don't ever have to manually configure an IP Address to get to or do anything in the IPv4 world today. Why would that change for IPv6?
There is not enough energy potential in solar power nor in wind / hydro-electric to match the energy potential from nuclear power and fossil fuels. As fossil fuels become more expensive, nuclear power will be the world's only option. Gates is right on this issue because physics dictates his correctness. No matter how much people may wish it, you cannot legislate past physical laws.
You won't need to. 1 day of sunlight is the same as about 16 years of total world energy consumption. This is ONLY an engineering problem. Wind and Hydro are simply different forms of solar energy harvesting. Hydro is already providing about 1/5th of total US production.
When all is said and done nuclear might be the most practical here and now but there is more than enough solar power available to a determined civilization to meet all of their energy needs.
In orbit 1300 watts m^2 constant 24x7 is available. Lets say your collector is only 50% effecient so that is only 650 watts per square meter or 1.6GW per square mile of collection area.
Microwave beaming to earth is something like 80-90% effecient so >1.28 GW continuous production of energy per square mile.
Yes it requires massive infustructure and R&D build out but no law of anything prevents it from being done.
Is the assertion really hybrid hard disks and turbo memory are having a noticable negative effect on the DRAM market?
Trying to imply a relationship between two markets by realitive growth is especially rediculous considering explosion of the smart phone market which relies entirely on flash.
The only thing more rediculous about TFA is the idea NAND is in any way a suitable replacement for DRAM.
Forcing people to enter passwords considered to be "secure" by a standard where it is infeasable to brute force by offline means becomes increasingly foolish with each passing year.
All a password should have to be able to withstand is some managable number of random guesses moderated by a sane password authentication system.
Password files "encrypted" with one way hashes are worthless. Anyone who treats them differently than a list of plaintext passwords is a certified moron.
Most authentication protocols stink. They are based on some draconian form of CHAP and thus subject to offline attack or simply send plaintexts over an unbound (SSL) channel which is no better.
In my view two things are needed to solve technology problems with password use:
1. Operationally we must all assume hashed passwords are no more secure than plaintext variants. This means abolishing all forms of /etc/shadow. If you wouldn't store a plaintext password in a file don't do it with the hashed version either. Protect your password file with an encryption key. Protect the encryption key with your life.
2. Use a modern password authentication system such as SRP.
Okay...Supernap it is.
A smidge more than half of the energy from the sun reaching your roof is IR we can't see. Telling people to go out and simply buy white paint is not going to be nearly as effective as it could be.
You need to tell people to make sure the paint they get is IR reflective. This matters more than the visible color of the paint.
I wonder if there are any roving spy blimps that could be tasked to spend some time tracking all boats in the area around somalia. Its a big ocean but if you can watch the coast , catch them leaving and track it might work?
The information could be used to warn others where the pirates are or for the more hawkish amoung us allow nations who have had enough to intercept them.
Yes, absolutely. But the key point is that, like the internet itself, it has to always be available and just works. Take S3, as an example. Amazon distributes your data across multiple datacenters in geographically distinct locations. Even if a couple of datacenters were blown to smithereens, your data would still show up just like it always has without you ever having known anything has happened. That is why it is shown as an abstract cloud instead of a single wire to a single computer
I'm not familiar with the reliability requirement in order to draw a "cloud" on a network diagram. I've seen and drawn hundreds of them myself. Resilliance in the face of disaster was simply never part of the equation. It was always about administrative boundaries.
When did the definition of "cloud" change to imply a reliability requirement?
The Cloud is an abstract interface, not a specific technology. It always has been. Look at some networking documents from years ago and you'll find the cloud present. The cloud services might be implemented using virtualization, but you don't care, because it is just an abstract network that you throw your bits at.
I think it is funny that we see regular people getting the concept of the cloud while technical folk, who have been using the term for decades, are trying to turn it into something new
LOL clouds on network diagrams ususally point to networks or systems outside of your administrative domain.
Is that all "the cloud" is?
The cloud exists to hide infrastructure. The cloud is an abstract network. If, for example, all the service's ties to the USA die, you are automatically routed to the datacenter in Germany. You don't know or care about how it works, it just does. It doesn't fail because it is the cloud.
If you service cannot automatically deal with failure, it is not the cloud, it is just a regular node on the network
The core issue with this entire conversation is that nobody has any idea what "the cloud" is. There are only nebulous defintions and marketeers going crazy to apply a new buzzword to their datasheets.
When I hear someone say "the cloud" I immediatly think "idiot" ... The word and usage by itself is too ambiguous to have any concrete real world meaning that makes it in any way a useful term.
At least terms such as "grid computing", "hosting provider" and "Internet" convey some level of understanding.
For a midsized company, one would be a fool not to go with cloud based services. Cloud security has shown itself to be excellent.
Hosting providers are hacked all the time.
The only people who complain about the cloud are those with a vested interest in the old style of running things
The only people who complain about eating worms are those with vested interests in agriculture.
Kick the old server guys to the curb -- technology moves on, and businesses don't need to have server rooms anymore, just like businesses don't need TTYs and printers attached to terminals
I like economies of scale. I dislike blanket statements made from a position of extreme ignorance. You have no clue what all "midsized companies" requirements are -- keep your judgements to yourself.
Considering that the Atom chipsets typically don't support more than 2GB of RAM, running 64bit isn't a terribly useful proposition - you get the advantage of slightly more speed (because of increased registers) but that's about it. You lose out on caches when pointer lengths double (Windows - they have pointers everywhere).
Sure an Atom can run 64-bit code, but it's probably just as happy running a 32-bit OS since the benefits of the slightly increased performance are washed out because of limited RAM and cache.
The low memory limits for atom were lifted a while ago. The only atom I own has 4GB ram and runs 64-bit linux.
To answer why Microsoft is releasing yet another OS; it's because they didn't make Vista(yet another MS OS "written from the ground up") very efficient, portable nor scalable so Windows 7 was hacked out to solve the first problem. Hey, it's better than Vista is what I keep hearing regarding its performance. So now there's Linux still running on netbooks but not too much of a threat anymore but Apple and Google are moving into Windows territory on ARM processors. So, Windows 8 is Windows 7 made portable and supposedly able to yank it apart so it's somewhat scalable. That is if you think a quad core ARM CPU running at 1.5GHz with 2GB of RAM is low end.
All they did was move background processes from the service manager to the task manager demand loading them as needed. This reduced the memory footprint enough for those people with a marginal amount of RAM to think Windows 7 is a million times better than Vista.
Finally they scraped off the old sticker, replaced it with "Windows 7" and called it a day.
The moral of the story there is still quite a lot of low hanging fruit to improve effeciency where there is market incentive.
I just can't help but think what has changed recently which might explain the flood of all these high profile attacks.
A critical mass of stupidity? (OWASP greatest fails)
TLA false flagging for 1984 legislation?
Two hacking groups (lulz and anon) with nothing better to do?
Whatever the reason I hope people are taking this opportunity to wake up.
The devil thing is somewhere on earth. Compelling someone to reveal where they hid it or face consequences just unlocks access to permissable evidence the same way a key unlocks access to a safe or a password unlocks access to an encrypted file.
The evidence is in your mind. Forcing you to sit in a machine that extracts the evidence from your mind is not self incrimination. After all you are not testifying against yourself are you? A machine is simply extracting permissable evidence.
With weasel wordsmithing does "witness against himself" afford the defendant any protection of any kind? What does it affirmativly protect against and why?
Does it apply to women? Note "himself".
Lawyers think they are being clever when they have that eureka moment and invent novel interpretations of plain language to support their case while the rest of us look on in discust wishing they would be disbarred.
All right. I'm a moron. Why is it bad to use an auto-incrementing row as the PK as long as it's never exposed to the end user?
The main reason against using them as PK only is that in a distributed environment with replicated data it can be hard to maintain consistancy across all systems with these types of primary keys.
Database A write row 101
Database B writes row 101
Ooops...
Nowadays systems have built in methods to coordinate global reservations of sequences so it is less of a problem. It could still easily break down if there is a need to consider multiple disconnected datasets.
Personally I always use sequences for PKs when I know I can get away with it.
In a debate about how Facebook - one of the most successful, largest, and fastest growing web sites in history - one built around a core of massively shared data - one which has achieved amassing fast (for it's size) almost real time data updates and amazing levels of reliability (for it's size and speed of growth), by using MySQL, you are actually trying to argue that MySQL can't work for anything but "toy" sites? Really? Do you not see the total absurdity of your point? Facebook is, itself, the proof that your point is invalid.
Facebook might be a large popular site however not everyone has the luxury of managing large volumes of worthless data.
The use of facebook as an example greatly limits the applicability of the analogy to other domains.
This is exactly why anyone in their right minds puts some sort of ORM/query layer in front of their database so that their mid-tier/front-end code has no knowledge of what the sql looks like.
LOL because we all know thats how you improve performance.
When a system grows beyond its practical design limits lets just blaim our choice of tools rather than the architect and their data model.
As low as my opinion of MySQL is I consider the entire argument to be a false choice.
This is what happens when politicians who know nothing about security or network infustructure make high level design decisions.
Securing the wire always has and always will be a lost cause. Just click the little require secure connections only button in all of your operating system (IPSec) and you have yourself your secure private network.
There is no reason to segment traffic. On a large network you can expect someone on the network will eventually be compromised by an insider or determined advasary. Given this reality physically separate network must not be relied on to convey any security at any time.
All it means is you don't see a bunch of botnets launching blind attacks 24x7. It means important infustructure on a "secure" network becomes as complacent and vulnerable as the machines behind corporate firewalls. It is human nature. Without constant pressure it will happen. If you are tired of the random hits use IPv6.
Never trust the wire.. Just don't do it. It is always stupid and you will always be burned by it.
A few other points needing to be made:
If the content of your communication can not be private good luck with your "secure" network.
Federated authentication systems tend to induce weaknesses in server authentication. Imagine everyone on earth was using openid or had the same password file. You could login to any computer you wanted with your credentials.
This means:
The material which authenticates you as a person can not also be used to authenticate the service you are consuming as everyone has access to the authentication system. Even if your credentials are never exposed your authentication provides you with no assurances with regards the service you are consuming beyond an unbound trust anchor.
PayPal will be a distant memory.
Yeah, because that's so much easier than just looking at the IP address.
Site owners use tools written by others who have done all the difficult work for them. They have no reason to care about a distinction between easy and easier.
Nor will they have a great deal of luck when all the computers in the hosue run the same OS and clear flash crap every time they reboot
Do you really clear cookies every time you reboot? Why not just turn on IPv6 privacy extensions?
Perhaps you should include engineers from the real world in your deliberations. The IETF has consistently and adamantly refused to accept that NATs exist for security reasons (NOT JUST TO SAVE ADDRESSES!!) and are not going to go away with IPv6. In that regard, please stop inventing protocols that require a masters degree thesis to pass through NATs. (Thesis here: http://www.minisip.org/publications/Thesis_LaTorreYurkov_feb2006.pdf)
What are the "security reasons" for NAT vs SPI? What is the difference?
The question is why that's considered to be a good thing. I like the fact that random web site can't tell which device in my house is connecting to it becuase they all have the router's IP address.
Like web sites have any trouble doing that today with fingerprinting and (flash) cookies.
Why not maintain the IPv4 for the home scale devices (5 port routers) with a IPv6 WAN side connection?
What would the point of that be? Some of us care about using P2P services like Skype and don't particularly want random people on the Internet to be intermediaries for our traffic just because you are adverse to change. The cold hard fact there is zero security difference between SPI and NAT. If you count the crap folks are able to pull off in the state machines of 1:many ALGs SPI is MORE secure.
It seems very overkill to push IPv6 to the home level even with "network light bulbs" how many can one house have?
As many as we fricking want!
Also for a tech perspective can you imagine the support calls with customers rattling of IPv6 addresses all the time?
I can't imagine end users ever needing to. LLMNR, DNS, ND, DHCP autoconfig... I don't ever have to manually configure an IP Address to get to or do anything in the IPv4 world today. Why would that change for IPv6?
There is not enough energy potential in solar power nor in wind / hydro-electric to match the energy potential from nuclear power and fossil fuels. As fossil fuels become more expensive, nuclear power will be the world's only option. Gates is right on this issue because physics dictates his correctness. No matter how much people may wish it, you cannot legislate past physical laws.
You won't need to. 1 day of sunlight is the same as about 16 years of total world energy consumption. This is ONLY an engineering problem. Wind and Hydro are simply different forms of solar energy harvesting. Hydro is already providing about 1/5th of total US production.
When all is said and done nuclear might be the most practical here and now but there is more than enough solar power available to a determined civilization to meet all of their energy needs.
In orbit 1300 watts m^2 constant 24x7 is available. Lets say your collector is only 50% effecient so that is only 650 watts per square meter or 1.6GW per square mile of collection area.
Microwave beaming to earth is something like 80-90% effecient so >1.28 GW continuous production of energy per square mile.
Yes it requires massive infustructure and R&D build out but no law of anything prevents it from being done.
The problem with our legal system it does what most of us know instincitvly not to. It feeds trolls.
They grow up with huge pudgy bellys and have little trolls. Before you know it there are more trolls than lawn gnomes and crack whores combined.