Of course the exact same thing can be said about any other manufacturer. You do realize that the first person to produce anything has a stranglehold on the market.
You are pretty much saying that there should be NO producer of Linux 3D hardware, since the first one there will turn the all the others away? I guess Solaris, Irix, *BSD, Linux, Microsoft, etc. wouldn't be around if everyone thought the same as you; we don't need Linux around Microsoft is so big and bad. You pretty much giving up and saying "someone else has a large share of the market, guess we shouldn't put out our x times faster card..."
I really do get what you are trying to say, but all you are really doing is spreading FUD around; and a mighty thick coat of FUD I might add
The problem with people coming up independantly with an idea is... Is how can you prove that neither one had never seen, or even overheard a conversation about the original product. If it's in the computer field, if they would have to be intentionally not paying attention to anything; to not at least heard of a similar comercial product/concept, before they came up with the idea.
I'm not saying it's impossible, but for the computer field where information is dessiminated so quickly and so completely (it's not like it takes 3 years for the product to get outside the country, like maybe a new mousetrap) that a programmer coming up with something exactly the same and being able to show that he never even heard the concept before would be damn difficult.
Wait a minute there... you are saying that speeding is part of fundemental rights of humans? Not that I don't agree with your opinion on the matter but, I don't believe that it is a right. It is against the law to speed, hense it is already NOT a right. Rights are things that are part of us at birth, being able to speed is NOT any where neer a right that we attain at birth.
Too many people these days think that luxuries are god given rights, and it just pisses me the hell off. It's not a right to have a computer, it's not a right to have a phone, it's not a right to have a phone, it not a friggin right.
Actually I'd say that everybody is wrong and that EVERY year is the end of the millennium; hell Feb 3 is the end of the millenium (of course that it would have started on 3/3 a thousand years ago). According to the good old dictionary a millennium really doesn't have to end at 0 or 1, just that it spans a thousand years; so in 2012 it's the end of a millenium. Just thought I'd mention it being the grumpy bastard that I am
millennium (m-ln-m) n., pl. millenniums or millennia (-ln-).
1.A span of one thousand years. 2.A thousand-year period of holiness mentioned in Revelation 20, during which Jesus and his faithful followers are to rule on earth. 3.A hoped-for period of joy, serenity, prosperity, and justice. 4.A thousandth anniversary.
I think you either need to feed us more information or sit down and think the requirements through more. What are your requirements, just cheaper but doesn't matter if slower, cheaper with a speed increase, need a signifcant speed increase but need a less expensive upgrade, what do you need to do?
What are you going to do about the 2 Gig file system limit in Linux, there are ways around it but they are not rock solid as of yet, I would not trust them as of yet. Are you using Linux for Linux sake or because it's got the cool name right now? What other OS's have you checked out *BSD, Solaris x86, Sco, etc. (some of them suck greatly but my fit the task very well)
What is the current limitation of the existing box? Memory, CPU, I/O, etc. check out the existing box by using "osview" or PCP if you have purchased it, and see where you limitations currently are. You may be putting in a very expensive solution to find out your problem existing somewhere else completely.
You may run into big time speed related memory issues. SGI's are used for doing graphics, etc. because they are able to do so much with ram quickly. Octanes aren't number crunching machines, but they will fly in having to push around memory. x86 line you have to go through hoops to get to ram (bus, etc.) which may significantly limit you in being able to get data to the CPU fast enough.
If you are pushing around that much data in memory, I'm going to assume you have to throw it out to storage sometime (you actually do want to do something with it) you want, no NEED more spindles, your one drive is going to be munched. If you are currently running into a wall here, you are going to be hard pressed into getting the performace that you got out of your Octane, (I'm using an Octane right now), possibly all that may be needed is additional local storage so you can have more spindles taking data off. No other platform can push data around as fast as SGI, I/O SGI's run circles around any box I've ever seen.
You need to decide what you want this box to do (program iteration has to run at least this fast), THEN you get hardware around it. There is a much bigger picture that has to be looked at first, because the CPU speed. is a very, very small part of the equation. Everything relies on everything else, how fast can I get data on/off the drives, am I going to run into contention on the bus, will I actually slow down because I can get data from HD to ram to cpu fast enough?
I not contesting the fact that there aren't any "good hackers", but that I'm not willing to stake my job on a text file someone left behind.
e.g. Can you tell me for sure from this one post whether or not I'm male or female, even if I say I'm female, but also I say that I like to lie also. Would you be willing to stake some money on your decision????
Would you let me into your network if I were to say "I'm not going to do anything, I'm just kind of curius, (even though you've never heard of or met me before) I assure you; I'm one of the good hackers, let me behind your firewall..." any Sys/Netadmin should be screaming bloody murder right now, common sense should be kicking in. Or how about emailing me your credit card number I can get you that part real cheap but only I can do it, of course we've never met but I'm a good person you can trust me, how many alarms are going off right now?
The entire point I'm trying to get at, you can't trust that a person is good only because they say they are, if you do you are just waiting to get burned.
You may truely be a "good hacker" as you say, but that doesn't mean you aren't a "bad hacker" either.
But would you actually BELIEVE that's all that they did. Whoever came in may have the best intentions at heart... OR they may have the evilest intentions at heart.
When your CEO comes up to you and acts why your website is down again, are you gonna say, I only closed the hole the mentioned in the html file, I thought that was it. Whoops guess that cracker decided to play with you and make you look REALLY bad; fool me once shame on you, fool me twice I get fired.
I never quite understood how intelligent people would be so gullable to believe that scriptkiddies have a companies best interest at heart. Repeat that out loud a couple of times if it doesn't sink in. If they were so honest why the hell don't they first contact the admin and say, do you mind if I try to break into your box. If admin doesn't answer and email where the hell is it in the rule books that says they have some divine right to show people how crappy their security is?
Like saying just thought I'd break your car window to show you how crappy your security is... (I hate anaolgies, but oh, well). Please people at least try to use your intelligence once in awhile.
Tripwire won't do squat for you verifying the integrity of the data, name a single large website that only does static data that never changes the data during the day... what you mean tripwire can't verify the integrity of the data in my database?
Look how much bad data cost buy.com when they advertised monitors at below cost due to a typo; now imagine how much a company could lose by changing data within a database. Now think how many man hours it would take to verify that data by hand, restoring isn't a cake walk either to restore an Oracle database we have here on site took 36 hours (restoring from tape, replaying the redo logs, etc.) that database is big (talking in the t's as in terabyte). This is where big-time costs come in, how do I know that friendly intruder didn't modify my data that changes every minute or every second?
Reading through the rest of your post you are saying:
1) that tripwire will check everything and I should not worry. Hmm guess I don't use any dynamic data... that's real cool website
2) that only one machine could be penetrated not any others. Guess that same exploit wouldn't work agains any others.
3) that attacks only happen during the day. Isn't that nice how they only do that during normal working hours.
4) that wages lost due to downtime really are a freebie to the company. I wonder if I can convince my boss that giving me a $100k raise would actually equal $0 cost to the company.
5) that the stock market doesn't really care about bad news. Tell that to whoever at Microsoft said tech stocks are overvalued since his porfolio lost a few mill that day when the stock went down a point or two. (ok, that's pushing it but it's true)
You might want to add that my time working on a compromised box is free time since that other project wasn't important anyway (hey they pay me to fund my pepsi habit, not because I have any real work to do)
Grammar and spell check off because I could care less.
Not having seen that actual broadcast, the summaries don't mention any actual costs, only that if you deface a website making $18mill a day you are commiting a serious crime (didn't say it cost them over $5 dollars).
Hacker/cracker I don't know anybody who came from that era that cares about that.
My opinion: all the newbies complaining and whining don't have much of a leg to stand on when they moan about a phrase that came before their time; when the people who originally used it, have resolved that it really doesn't matter anymore.
Note: spelling and grammar checking off because I don't care
Agreed, it's a very good thing, ISP's can't be responsible because one out of a hundred thousand customers is bad, it's not like there's any type of pre-screening process (boy I wish).
But I would change that to "Now my customers can put up all that porn", since end users are still responsible.:)
Ummm... I'd upgrade to a new Cray, the last one I see installed was installed years ago, the cray.com website doesn't list that model anymore. I don't doubt your Xeon cluster gets 40% of a T3D, but I bet that 3D would kick your 486's butt if we compare apples to apples, or maybe T3E's to Xeon's:) Of course a person could probably make an app that would smoke a T3D on a 486 with a proper (totaly legit) program... i.e. running vi on a 486 might actually be faster since it wouldn't have to worry about context switching, etc.... the same way people complain about an Onyx being dog slow compared to their Pentium box running quake.
The biggest beef with Intel (other than shoddy manufacturing) they can't push data around fast enough, we put in SGI O2k's for the sole purpose of being able to push files around fast enough (6 FC controllers out to lots of EMC storage), we don't do anything CPU intensive, get a file push it out, but we have to have that much CPU power to drive all of the IO; I have get to see an Intel box be able to do that.
The biggest problem I see with Beowulf is that it doesn't do very well in the large memory department, NNuma is the way to go here, if I have to access memory on a node 12 hops away it takes a lot more time than going directly to it, as you mention FC, GB, etc. puts a bandaid on top of it for awhile but isn't a very elegant solution to the problem as a whole.
I wouldn't put much money in SGI at this time either, but time will only tell what shakes out. This is a very turbulent time for the industry, the only one that is really profiting is SUN, and really only because they are eating into old SGI, HP, DEC, etc. customers how long they will continue can only be guessed at.
Want to know why SGI can't give you the IDO, they LICENSED PARTS OF THE TECHNOLOGY FROM OTHER COMPANIES, i.e. some other company than SGI gets money for each compiler they sell. If I licensed tech to SGI and got a nice chunk of change for each license they sell, do you think I'd say sure, give it away for free, I don't care about me making money, I care about SGI making money. On the SGI Linux mailing list people have mentioned about opening up parts of the source code, well the problem they run into is that years ago, they licensed tech from other companies and the other companies (ATT for instance) haven't let them open up their tech. I'd bet the cost that they'd sell 6.5 to you ($600) is less than what is costs them in Licensing for IDO (If I remember right 5 years ago it was something like $3k).
I'm open to debate, and I'd actually be really interested in an actuall GOOD reason for them to dogged, especially when their hands are tied due to licensing, etc.
Another point, SGI wants 5.3 dead, it's NOT Y2k compliant and they are NOT supporting it anymore. I don't blame them at all since 6.2 came out 4+ years ago (it's like complaining about a company not having a 386 bios Y2k compliant, get over it), what version of Linux was out then, NT 4 wasn't even out yet (I remember playing with beta at the time). If you want old hardware to run, start supporting the Linux Mips project, or pay the $600 for Irix 6.5 or checkout below.
Have you tried get gcc running on 5.3 by using headers from Linux?.. check out Ariel Faigon's website at SGI for instance http://reality.sgi.com/ariel/freeware/ for GCC, goto http://www.interlog.com/~kcozens/sgi/gcc-irix.html for the binutils (ar, etc.) and linker. Use the header files from a Linux dist and if everything works well you should be off to the races. (as I said before 5.3 is so dead that it's turned into oil along with the dinosaurs, so I've not been able to validate this myself)
Linux has been well known for it's sucking at SMP. All Beowulf is really doing is clustering of CPU's. All you really are doing is throwing stuff out onto the EXTREMELY slow network medium, to get any real performance benefits you have to rewrite your apps so they stay local to your memory, do minimal IPC, etc. Lots of software does clustering not just Linux, hell even NT does clustering.
Quad xeon smoking a Cray??? are you sure you haven't been smoking? Seriously look again at what you said, damn you are funny... Go check out top500.org and see how many Linux boxes there are compared to Cray's and then go and check the number of CPU to Performance, nothing more need be said.
For SGI dumping Irix checkout http://www.sgi.com/developers/index.html#irix for the next year they are spending more on development and have more developers working on Irix then Linux
Security... well how about this one Irix and Solaris are the only B2 classified OS's out there. Irix had some "EXTREMELY" stupid things in it a couple of years ago, of course I remember lots of VERY stupid things Linux dist had in them and many more of them over the years.
Scalability... Irix sacles to 1024 proc SMP box using Numa, what does intel do currently... 32 (I think) that's about 32 times smaller than a O2k; and if that's not enough, you can add Beowulf type clustering on top of that if you wish, so you could have 10 1024 proc boxes with superfast IPC speed in each box and then add the slow clustering network on top of that.
Linux may be starting to tear up the 3D gaming market, but they haven't started into the heavy-duty 3D market yet... NT, Irix, Solaris are seriously dominating this market, until some of the big-time software is ported to Linux that's the way it will probably stay (Maya, Softimage, etc.).
From a long ago research on that SGI bit, SGI does a bit of a tweak on the Clariion drives, . I got this info from Alexis Cousin (sp?) from SGI's Europe office, when I was trying to find a HA solution for my SGI's a year or two ago. Supposedly the box won't detect a failure in a drive path and failover to the second controller unless you are using their OEM'd Clariion.
SGI loves to mess with stuff and OEM it, they dinked with the Netscape Servers, dinked with Clarrion, they try to do it whenever possible. I talked with a Veritas guy at a Lisa convention and he said SGI talked with them when Veritas was first starting, but would only except an OEM version of it. Supposedly it really pissed off the Veritas head guy so much, that the Sales guy said we would probably never have a solution from them for SGI... of course I now have heard rumblings of SGI & Veritas doing some colaborating these days on some Linux devel; so I guess all bets are off anymore.
Yes I do have terabytes (ok, I don't my corp does, which I'm a systems analyst).. We've got 12 SGI O2k's on the floor using FC to EMC storage, along with some scattered Sun 4500's, 450's, Sequent, and some Dec Alphas. You can go back through my previous posts on other topics and find proof behind these statements if you wish.
I didn't say much at all about your short little suggestion at the end (IDE yuck), but you said
1. Hardware Raid is slower than Software 2. IDE is identical to SCSI 3. UDMA is as fast as ANY SCSI SOLUTION (possible but the solution is extremely silly, buy a drive buy a controller)
Those sure the hell don't sound like solutions they sure appear to be you stating them as facts, and those facts are FALSE. Give me hard evidence contrary.
IDE performs well on the real world desktop not on servers. Sure the head of that one drive may be only able to be at one spot at any point in time; but SCSI can access all the drives on the same bus at the same time... I've got 2 drives on the same contoller, I can access both of the drives at the same time, effectively doubling what I can do... IDE I have to wait for the operation to end on drive one before I can do anything with drive two.
Sorry if I offend but damn it I hate when people get fed misinformation... and I am grumpy_geek
Hardware is MUCH, MUCH faster than software, we've got boxes here with 2 gig of cache in the raid controller because we can't spin the disks fast enough (of course we've got terabytes of data). Hardware will allways be faster than software for the sole fact of cacheing, you may never need it, you may not do enough I/O to have to wait on disks, but just because you don't use it doesn't mean it's slower.
SCSI disks vs. IDE you really don't know what you are talking about do you. How many simultaneous I/O operations can you do on IDE???? IDE you do each operation in a serial fashion, means one I/O op holds up the rest, not a big deal for a workstation but for any multi-user situation (or better defined multiple simultaneous I/O ops) SCSI is required. Warranty? I don't even want to think how you came up with that one, or why you would think it even applies. I'll add my own one here, and this is a biggee... I don't know of any IDE HA solutions, I guess that would be because you can't share drives with IDE. Of course there is hardly any difference between SCSI & IDE.
People can get 15mb off of one drive doing large writes (writing a single 5 gig file), but you will NEVER get that performance using one drive on any type of random access information. Did you really think about what you were saying about putting in a controller PER DRIVE for the UDMA... so to get the same performance as 7 SCSI drives one a contoller, I have to add 7 additional controllers into the picture... how many open expansion slots do you have in your box today?
Not to answer another persons question to another person... ah hell I'll do it anyway.
Software RAID is bad when your system goes down and you have unwritten data left on the system, normally waiting on I/O, CPU cycles, etc. Oracle is a big one on this, it's very bad when you have a thousand transactions commited but waiting to be written out and the CPU fails or someone unplugged the box, or whatever.... you are just S.O.L. at that point, all the transactions are gone. With hardware raid, any "decent" raid controller is redundant at the cache level also with battery backup, so all those transactions WILL get written out; I see that as the biggest beef with software raid (not mentioning speed, cacheing, CPU cycles, multiple hosts, FCAL, etc.) Software RAID is meant as a solution when you want raid, but you can't afford to go hardware (make no beef, hardware raid is damn expensive).
My opinion:
You should never skimp out on hardware raid, and go with software if you are able (can afford) to, that extra budget slush money going to your workstation isn't as important as the lost data waiting on the your servers bus when it goes down.
Having done just a very quick glance over the specs I may be wrong, but I believe they are doing what they have been doing on the SGI for awhile. When a SGI running a newer flavor of IRIX does a system panic (SCSI, memory, whatever) it dumps a core out. Dumping this file is not for the drivespace week, if you have half a gig or ram you have a half a gig core file, but the beauty of this is it then automatically examines the core file and tries to figure out what killed it, you don't have to go in and run the debugger yourself.
Having the machine tell you what memory page you were at when it took a dive makes life much nicer for the harried admin; of course if you want to dig through a core at a later time with your debugger you can but it gives you a good starting point, and tends to make tracking things down much quicker since you have a guess as to where the problem resides. Having your box tell you that you had a memory error in SIM 3 bringing the box down, having analysed the core file before you even have a chance to fire up your debugger, is a pretty nice thing.
Of course this is dependant upon my assumption that it works in the same kind of fashion as Irix (which it seems to).
We are not at war, every app has it's use; I think most people will admin that IE does not currently have an equal in it's ability (what the future may hold is another matter). Whether Microsoft makes an app does not make it evil just an alternative,like KDE & GNOME alternatives of each other (if I may blaspheme putting those in with Microsoft).
On the bowing out issue... I'd almost agree except it doesn't (or hasn't) quite work in real life. The fact of all of the other OS's there are, that are more robost than Windows. Solaris, Irix they have consistently proven themselves to be a much more robust product than windows. Pretty much anybody who has run both windows and a unix platform will tell you (for some you might have to prod a bit) that NT isn't able to go CPU to CPU against Solaris, Irix, etc. and pretty much does pale in comparison; but many of those same people are still installing it in their enterprise. For a good example look at how quickly NT ransacked Novel of most of it's clients (it's still hanging on though). Novel does a MUCH better job at file serving and print serving, but people time and again go for the glitter even though it burns them; and the silliest thing is they keep going back and get burned, probably one of the biggest paradoxes that I know of, it tends to defy logic.
1. trying to be a troll 2. trying to be funny 3. actually believe that and have NO purchasing power in a company (or God help your company)
If number 3 can be applied to you then maybe you should read this.
1. Solaris scales to 64 procs with SMB 2. Slow compared to what? A 64 proc starfire compared to say a 8xLinux box??? 3. Count the number of Linux root compromises to the number of Solaris for the past 2 years 4. Intel doesn't offer anything in scalability (hello can you say less than 64), reliability hmm.. when was the last Intel xeon bug... oh yeah, last week, quality well 1+1=1.9999999
Doesn't even begin on Linux not having a journaled file system or a professional HA solution...
I'm not saying Linux can't be part of the enterprise, but if there ever was a Linux zealot with blinders on....
Re:OpenBSD performance?
on
Which BSD?
·
· Score: 1
As a firewall I wouldn't worry a bit with the box you are describing. I'm using openbsd as my nat/firewall box on a 486 with 16mb, I get great performance out of it (as a router, it does take a long time to compile some programs) pushing over a meg/sec through it at times; not too bad for an old 486. I'm going to assume you aren't planning on using this box for dual-work, a firewall does one thing and one thing only, everything else adds security problems; anyway (getting off of that tangent) your K6-200 will scream as a firewall.
*BSD for network applications pretty much beats anything else on the same hardware for pushing packets around. OpenBSD (being a bit more paranoid about things) also allows you to get something up and running securely quicker than most other OS's; not saying they can't be made secure, but OpenBSD is quite a bit more secure from the get go.
Agreed that you have to be pretty damn dumb to keep that information on the same machine... but many sites have to have connectivity back to that information in some fashion (normally through some SQL call to another box) which can be compromised; bad data is a lot worse than no data. A compromise on the webserver doesn't mean that other boxes aren't compromised, all the boxes have to be checked.
It would be nice to be able to keep everything on a completely separate network (as in your situation) but it's not very feasible for every ecommerce solution, heck Amazon is trying to patent being able to remember your information and keep it available to the webservers so all you have to do is click (very paraphrased). Keeping it on different machines behind multiple firewalls, etc. is about the best many sites can hope for; since they have to have that information available for the customer.
I think you miss the point of the thread that we are on, a different thread and yes Microsoft makes crappy products. But we are on a thread about cracking being harmless, which it obviously isn't, whoever's software it is running on is immaterial.
A good SA probably is going to help more than any firewall ever will.. but being a good SA isn't the whole world. As an example, I wouldn't blame the Hotmail fiasco on the SA's, I'd blame it on the developers who put in the hole in the first place.
Umm.. you are telling me that if you had a root compromise that you wouldn't reinstall the OS, I feel pretty damn sorry for the company you work for. Suits are the ones normally against reinstalling, it takes them down i.e. no money flowing, but it's your ass if someone backdoored a binary. Actually I've got 73 pages of procedures to do in case of a compromise, which includes finding entry, verifying duration of entry, contact lists, I could go on and on. I guessed anybody with half a brain could figure out that I plugged the hole first without actually having to vomit up 73 pages.
Sifting... we've got over 200 (actually 212) different people entering data in by hand daily, I guess when we restore the data you would want to throw out all of their work and forget about it. 12 is pretty low understatement, really low if one speculates about a workstation compromised that acts like it's been doing normal work but is sending bad data, and when the user logs out mucks with the website.
Corporate lawyers are there to asses liability, be the liason between any law enforcement, and determine how much of our own ass we need to cover. How big of a lawsuit do you think would ensue, if your medical records got changed, or your credit card information got exchanged; they may not have done a damn thing but WE CAN'T TAKE THAT CHANCE.
I don't believe I ever mentioned how long it takes to reload a backup or how much we have, but I'd like you to guess how long it takes to restore 9 TERABYTES of data. I guess you can't really think any larger, than your 10gig drive worth of porn.
I personally feel very sorry for your company, you seem to think that a website cracker would never do anything bad to a computer. Changing the web page is the same as any other compromise, maybe that's all they did, or maybe they did something more destructive only to rear it's head a week, a month, a year from now; I'm not willing to take that chance, but I'm glad to know your employer is.
You seem to think I'm throwing numbers way out of proportion. Hmm.. well the only numbers I mention are 12 and thousands. Anybody want to actually argue these numbers??? Anybody have actually something intelligent to say on these numbers??? All you can seem to say is those numbers are wrong and that's it, no facts, no figures, no nothing. I'm giving you all the facts and figures and you are spitting out FUD. 12 people verifying 200 peoples work is more than reasonable, in fact if we take them completely out of the picture and we are still at thousands, it only takes 1 hour of lost time to cover this: 200 people at $10/hour (actually more like $14) and you are at thousands (time of reinstalling the OS on a box more than covers this). Got any braincells left after looking in your thesaurus for the big words, to argue these numbers. Do you actually have any facts left up in that head... hello?
Point me to the paragraph where I, or the poster I replied to, said anything about stealing source code, or was that a figment of your imagination. They are differenet and I never disputed that, but YOU CAN'T SAY A WEBSITE COMPROMISE IS HARMLESS.
It takes more than big words to actually have something intelligent to say. I probably am the worst speller and have awful gramar, but if I were to try to hide behind some big words because I didn't have anything else to say... *giggle* well all I can say is, nonsequiturs is two words not one (non sequiturs). How about this for some big words... ever masticated with thesbians?
Slashdot Mirror
Of course the exact same thing can be said about any other manufacturer. You do realize that the first person to produce anything has a stranglehold on the market.
You are pretty much saying that there should be NO producer of Linux 3D hardware, since the first one there will turn the all the others away? I guess Solaris, Irix, *BSD, Linux, Microsoft, etc. wouldn't be around if everyone thought the same as you; we don't need Linux around Microsoft is so big and bad. You pretty much giving up and saying "someone else has a large share of the market, guess we shouldn't put out our x times faster card..."
I really do get what you are trying to say, but all you are really doing is spreading FUD around; and a mighty thick coat of FUD I might add
The problem with people coming up independantly with an idea is... Is how can you prove that neither one had never seen, or even overheard a conversation about the original product. If it's in the computer field, if they would have to be intentionally not paying attention to anything; to not at least heard of a similar comercial product/concept, before they came up with the idea.
I'm not saying it's impossible, but for the computer field where information is dessiminated so quickly and so completely (it's not like it takes 3 years for the product to get outside the country, like maybe a new mousetrap) that a programmer coming up with something exactly the same and being able to show that he never even heard the concept before would be damn difficult.
Wait a minute there... you are saying that speeding is part of fundemental rights of humans? Not that I don't agree with your opinion on the matter but, I don't believe that it is a right. It is against the law to speed, hense it is already NOT a right. Rights are things that are part of us at birth, being able to speed is NOT any where neer a right that we attain at birth.
Too many people these days think that luxuries are god given rights, and it just pisses me the hell off. It's not a right to have a computer, it's not a right to have a phone, it's not a right to have a phone, it not a friggin right.
Actually I'd say that everybody is wrong and that EVERY year is the end of the millennium; hell Feb 3 is the end of the millenium (of course that it would have started on 3/3 a thousand years ago). According to the good old dictionary a millennium really doesn't have to end at 0 or 1, just that it spans a thousand years; so in 2012 it's the end of a millenium. Just thought I'd mention it being the grumpy bastard that I am
millennium (m-ln-m)
n., pl. millenniums or millennia (-ln-).
1.A span of one thousand years.
2.A thousand-year period of holiness mentioned in Revelation 20, during which
Jesus and his faithful followers are to rule on earth.
3.A hoped-for period of joy, serenity, prosperity, and justice.
4.A thousandth anniversary.
I think you either need to feed us more information or sit down and think the requirements through more. What are your requirements, just cheaper but doesn't matter if slower, cheaper with a speed increase, need a signifcant speed increase but need a less expensive upgrade, what do you need to do?
What are you going to do about the 2 Gig file system limit in Linux, there are ways around it but they are not rock solid as of yet, I would not trust them as of yet. Are you using Linux for Linux sake or because it's got the cool name right now? What other OS's have you checked out *BSD, Solaris x86, Sco, etc. (some of them suck greatly but my fit the task very well)
What is the current limitation of the existing box? Memory, CPU, I/O, etc. check out the existing box by using "osview" or PCP if you have purchased it, and see where you limitations currently are. You may be putting in a very expensive solution to find out your problem existing somewhere else completely.
You may run into big time speed related memory issues. SGI's are used for doing graphics, etc. because they are able to do so much with ram quickly. Octanes aren't number crunching machines, but they will fly in having to push around memory. x86 line you have to go through hoops to get to ram (bus, etc.) which may significantly limit you in being able to get data to the CPU fast enough.
If you are pushing around that much data in memory, I'm going to assume you have to throw it out to storage sometime (you actually do want to do something with it) you want, no NEED more spindles, your one drive is going to be munched. If you are currently running into a wall here, you are going to be hard pressed into getting the performace that you got out of your Octane, (I'm using an Octane right now), possibly all that may be needed is additional local storage so you can have more spindles taking data off. No other platform can push data around as fast as SGI, I/O SGI's run circles around any box I've ever seen.
You need to decide what you want this box to do (program iteration has to run at least this fast), THEN you get hardware around it. There is a much bigger picture that has to be looked at first, because the CPU speed. is a very, very small part of the equation. Everything relies on everything else, how fast can I get data on/off the drives, am I going to run into contention on the bus, will I actually slow down because I can get data from HD to ram to cpu fast enough?
I not contesting the fact that there aren't any "good hackers", but that I'm not willing to stake my job on a text file someone left behind.
e.g. Can you tell me for sure from this one post whether or not I'm male or female, even if I say I'm female, but also I say that I like to lie also. Would you be willing to stake some money on your decision????
Would you let me into your network if I were to say "I'm not going to do anything, I'm just kind of curius, (even though you've never heard of or met me before) I assure you; I'm one of the good hackers, let me behind your firewall..." any Sys/Netadmin should be screaming bloody murder right now, common sense should be kicking in. Or how about emailing me your credit card number I can get you that part real cheap but only I can do it, of course we've never met but I'm a good person you can trust me, how many alarms are going off right now?
The entire point I'm trying to get at, you can't trust that a person is good only because they say they are, if you do you are just waiting to get burned.
You may truely be a "good hacker" as you say, but that doesn't mean you aren't a "bad hacker" either.
But would you actually BELIEVE that's all that they did. Whoever came in may have the best intentions at heart... OR they may have the evilest intentions at heart.
When your CEO comes up to you and acts why your website is down again, are you gonna say, I only closed the hole the mentioned in the html file, I thought that was it. Whoops guess that cracker decided to play with you and make you look REALLY bad; fool me once shame on you, fool me twice I get fired.
I never quite understood how intelligent people would be so gullable to believe that scriptkiddies have a companies best interest at heart. Repeat that out loud a couple of times if it doesn't sink in. If they were so honest why the hell don't they first contact the admin and say, do you mind if I try to break into your box. If admin doesn't answer and email where the hell is it in the rule books that says they have some divine right to show people how crappy their security is?
Like saying just thought I'd break your car window to show you how crappy your security is... (I hate anaolgies, but oh, well). Please people at least try to use your intelligence once in awhile.
Tripwire won't do squat for you verifying the integrity of the data, name a single large website that only does static data that never changes the data during the day... what you mean tripwire can't verify the integrity of the data in my database?
Look how much bad data cost buy.com when they advertised monitors at below cost due to a typo; now imagine how much a company could lose by changing data within a database. Now think how many man hours it would take to verify that data by hand, restoring isn't a cake walk either to restore an Oracle database we have here on site took 36 hours (restoring from tape, replaying the redo logs, etc.) that database is big (talking in the t's as in terabyte). This is where big-time costs come in, how do I know that friendly intruder didn't modify my data that changes every minute or every second?
Reading through the rest of your post you are saying:
1) that tripwire will check everything and I should not worry. Hmm guess I don't use any dynamic data... that's real cool website
2) that only one machine could be penetrated not any others. Guess that same exploit wouldn't work agains any others.
3) that attacks only happen during the day. Isn't that nice how they only do that during normal working hours.
4) that wages lost due to downtime really are a freebie to the company. I wonder if I can convince my boss that giving me a $100k raise would actually equal $0 cost to the company.
5) that the stock market doesn't really care about bad news. Tell that to whoever at Microsoft said tech stocks are overvalued since his porfolio lost a few mill that day when the stock went down a point or two. (ok, that's pushing it but it's true)
You might want to add that my time working on a compromised box is free time since that other project wasn't important anyway (hey they pay me to fund my pepsi habit, not because I have any real work to do)
Grammar and spell check off because I could care less.
Not having seen that actual broadcast, the summaries don't mention any actual costs, only that if you deface a website making $18mill a day you are commiting a serious crime (didn't say it cost them over $5 dollars).
Hacker/cracker I don't know anybody who came from that era that cares about that.
My opinion: all the newbies complaining and whining don't have much of a leg to stand on when they moan about a phrase that came before their time; when the people who originally used it, have resolved that it really doesn't matter anymore.
Note: spelling and grammar checking off because I don't care
Agreed, it's a very good thing, ISP's can't be responsible because one out of a hundred thousand customers is bad, it's not like there's any type of pre-screening process (boy I wish).
:)
But I would change that to "Now my customers can put up all that porn", since end users are still responsible.
Ummm... I'd upgrade to a new Cray, the last one I see installed was installed years ago, the cray.com website doesn't list that model anymore. I don't doubt your Xeon cluster gets 40% of a T3D, but I bet that 3D would kick your 486's butt if we compare apples to apples, or maybe T3E's to Xeon's :) Of course a person could probably make an app that would smoke a T3D on a 486 with a proper (totaly legit) program... i.e. running vi on a 486 might actually be faster since it wouldn't have to worry about context switching, etc.... the same way people complain about an Onyx being dog slow compared to their Pentium box running quake.
The biggest beef with Intel (other than shoddy manufacturing) they can't push data around fast enough, we put in SGI O2k's for the sole purpose of being able to push files around fast enough (6 FC controllers out to lots of EMC storage), we don't do anything CPU intensive, get a file push it out, but we have to have that much CPU power to drive all of the IO; I have get to see an Intel box be able to do that.
The biggest problem I see with Beowulf is that it doesn't do very well in the large memory department, NNuma is the way to go here, if I have to access memory on a node 12 hops away it takes a lot more time than going directly to it, as you mention FC, GB, etc. puts a bandaid on top of it for awhile but isn't a very elegant solution to the problem as a whole.
I wouldn't put much money in SGI at this time either, but time will only tell what shakes out. This is a very turbulent time for the industry, the only one that is really profiting is SUN, and really only because they are eating into old SGI, HP, DEC, etc. customers how long they will continue can only be guessed at.
Want to know why SGI can't give you the IDO, they LICENSED PARTS OF THE TECHNOLOGY FROM OTHER COMPANIES, i.e. some other company than SGI gets money for each compiler they sell. If I licensed tech to SGI and got a nice chunk of change for each license they sell, do you think I'd say sure, give it away for free, I don't care about me making money, I care about SGI making money. On the SGI Linux mailing list people have mentioned about opening up parts of the source code, well the problem they run into is that years ago, they licensed tech from other companies and the other companies (ATT for instance) haven't let them open up their tech. I'd bet the cost that they'd sell 6.5 to you ($600) is less than what is costs them in Licensing for IDO (If I remember right 5 years ago it was something like $3k).
l for the binutils (ar, etc.) and linker. Use the header files from a Linux dist and if everything works well you should be off to the races. (as I said before 5.3 is so dead that it's turned into oil along with the dinosaurs, so I've not been able to validate this myself)
I'm open to debate, and I'd actually be really interested in an actuall GOOD reason for them to dogged, especially when their hands are tied due to licensing, etc.
Another point, SGI wants 5.3 dead, it's NOT Y2k compliant and they are NOT supporting it anymore. I don't blame them at all since 6.2 came out 4+ years ago (it's like complaining about a company not having a 386 bios Y2k compliant, get over it), what version of Linux was out then, NT 4 wasn't even out yet (I remember playing with beta at the time). If you want old hardware to run, start supporting the Linux Mips project, or pay the $600 for Irix 6.5 or checkout below.
Have you tried get gcc running on 5.3 by using headers from Linux?.. check out Ariel Faigon's website at SGI for instance http://reality.sgi.com/ariel/freeware/ for GCC, goto http://www.interlog.com/~kcozens/sgi/gcc-irix.htm
Ummm... you are joking aren't you..
Linux has been well known for it's sucking at SMP. All Beowulf is really doing is clustering of CPU's. All you really are doing is throwing stuff out onto the EXTREMELY slow network medium, to get any real performance benefits you have to rewrite your apps so they stay local to your memory, do minimal IPC, etc. Lots of software does clustering not just Linux, hell even NT does clustering.
Quad xeon smoking a Cray??? are you sure you haven't been smoking? Seriously look again at what you said, damn you are funny... Go check out top500.org and see how many Linux boxes there are compared to Cray's and then go and check the number of CPU to Performance, nothing more need be said.
For SGI dumping Irix checkout http://www.sgi.com/developers/index.html#irix for the next year they are spending more on development and have more developers working on Irix then Linux
Security... well how about this one Irix and Solaris are the only B2 classified OS's out there. Irix had some "EXTREMELY" stupid things in it a couple of years ago, of course I remember lots of VERY stupid things Linux dist had in them and many more of them over the years.
Scalability... Irix sacles to 1024 proc SMP box using Numa, what does intel do currently... 32 (I think) that's about 32 times smaller than a O2k; and if that's not enough, you can add Beowulf type clustering on top of that if you wish, so you could have 10 1024 proc boxes with superfast IPC speed in each box and then add the slow clustering network on top of that.
Linux may be starting to tear up the 3D gaming market, but they haven't started into the heavy-duty 3D market yet... NT, Irix, Solaris are seriously dominating this market, until some of the big-time software is ported to Linux that's the way it will probably stay (Maya, Softimage, etc.).
From a long ago research on that SGI bit, SGI does a bit of a tweak on the Clariion drives, . I got this info from Alexis Cousin (sp?) from SGI's Europe office, when I was trying to find a HA solution for my SGI's a year or two ago. Supposedly the box won't detect a failure in a drive path and failover to the second controller unless you are using their OEM'd Clariion.
SGI loves to mess with stuff and OEM it, they dinked with the Netscape Servers, dinked with Clarrion, they try to do it whenever possible. I talked with a Veritas guy at a Lisa convention and he said SGI talked with them when Veritas was first starting, but would only except an OEM version of it. Supposedly it really pissed off the Veritas head guy so much, that the Sales guy said we would probably never have a solution from them for SGI... of course I now have heard rumblings of SGI & Veritas doing some colaborating these days on some Linux devel; so I guess all bets are off anymore.
Yes I do have terabytes (ok, I don't my corp does, which I'm a systems analyst).. We've got 12 SGI O2k's on the floor using FC to EMC storage, along with some scattered Sun 4500's, 450's, Sequent, and some Dec Alphas. You can go back through my previous posts on other topics and find proof behind these statements if you wish.
I didn't say much at all about your short little suggestion at the end (IDE yuck), but you said
1. Hardware Raid is slower than Software
2. IDE is identical to SCSI
3. UDMA is as fast as ANY SCSI SOLUTION (possible but the solution is extremely silly, buy a drive buy a controller)
Those sure the hell don't sound like solutions they sure appear to be you stating them as facts, and those facts are FALSE. Give me hard evidence contrary.
IDE performs well on the real world desktop not on servers. Sure the head of that one drive may be only able to be at one spot at any point in time; but SCSI can access all the drives on the same bus at the same time... I've got 2 drives on the same contoller, I can access both of the drives at the same time, effectively doubling what I can do... IDE I have to wait for the operation to end on drive one before I can do anything with drive two.
Sorry if I offend but damn it I hate when people get fed misinformation... and I am grumpy_geek
Hardware is MUCH, MUCH faster than software, we've got boxes here with 2 gig of cache in the raid controller because we can't spin the disks fast enough (of course we've got terabytes of data). Hardware will allways be faster than software for the sole fact of cacheing, you may never need it, you may not do enough I/O to have to wait on disks, but just because you don't use it doesn't mean it's slower.
SCSI disks vs. IDE you really don't know what you are talking about do you. How many simultaneous I/O operations can you do on IDE???? IDE you do each operation in a serial fashion, means one I/O op holds up the rest, not a big deal for a workstation but for any multi-user situation (or better defined multiple simultaneous I/O ops) SCSI is required. Warranty? I don't even want to think how you came up with that one, or why you would think it even applies. I'll add my own one here, and this is a biggee... I don't know of any IDE HA solutions, I guess that would be because you can't share drives with IDE. Of course there is hardly any difference between SCSI & IDE.
People can get 15mb off of one drive doing large writes (writing a single 5 gig file), but you will NEVER get that performance using one drive on any type of random access information. Did you really think about what you were saying about putting in a controller PER DRIVE for the UDMA... so to get the same performance as 7 SCSI drives one a contoller, I have to add 7 additional controllers into the picture... how many open expansion slots do you have in your box today?
Not to answer another persons question to another person... ah hell I'll do it anyway.
Software RAID is bad when your system goes down and you have unwritten data left on the system, normally waiting on I/O, CPU cycles, etc. Oracle is a big one on this, it's very bad when you have a thousand transactions commited but waiting to be written out and the CPU fails or someone unplugged the box, or whatever.... you are just S.O.L. at that point, all the transactions are gone. With hardware raid, any "decent" raid controller is redundant at the cache level also with battery backup, so all those transactions WILL get written out; I see that as the biggest beef with software raid (not mentioning speed, cacheing, CPU cycles, multiple hosts, FCAL, etc.) Software RAID is meant as a solution when you want raid, but you can't afford to go hardware (make no beef, hardware raid is damn expensive).
My opinion:
You should never skimp out on hardware raid, and go with software if you are able (can afford) to, that extra budget slush money going to your workstation isn't as important as the lost data waiting on the your servers bus when it goes down.
Can't resist this though, how many SGI O2ks are in the top500.org list compared to intel boxes...
One last thing, I've got enough balls to post with my identity; only scared little liars are afraid of standing behind what they say.
Having done just a very quick glance over the specs I may be wrong, but I believe they are doing what they have been doing on the SGI for awhile. When a SGI running a newer flavor of IRIX does a system panic (SCSI, memory, whatever) it dumps a core out. Dumping this file is not for the drivespace week, if you have half a gig or ram you have a half a gig core file, but the beauty of this is it then automatically examines the core file and tries to figure out what killed it, you don't have to go in and run the debugger yourself.
Having the machine tell you what memory page you were at when it took a dive makes life much nicer for the harried admin; of course if you want to dig through a core at a later time with your debugger you can but it gives you a good starting point, and tends to make tracking things down much quicker since you have a guess as to where the problem resides. Having your box tell you that you had a memory error in SIM 3 bringing the box down, having analysed the core file before you even have a chance to fire up your debugger, is a pretty nice thing.
Of course this is dependant upon my assumption that it works in the same kind of fashion as Irix (which it seems to).
I agree... well partially :)
,like KDE & GNOME alternatives of each other (if I may blaspheme putting those in with Microsoft).
We are not at war, every app has it's use; I think most people will admin that IE does not currently have an equal in it's ability (what the future may hold is another matter). Whether Microsoft makes an app does not make it evil just an alternative
On the bowing out issue... I'd almost agree except it doesn't (or hasn't) quite work in real life. The fact of all of the other OS's there are, that are more robost than Windows. Solaris, Irix they have consistently proven themselves to be a much more robust product than windows. Pretty much anybody who has run both windows and a unix platform will tell you (for some you might have to prod a bit) that NT isn't able to go CPU to CPU against Solaris, Irix, etc. and pretty much does pale in comparison; but many of those same people are still installing it in their enterprise. For a good example look at how quickly NT ransacked Novel of most of it's clients (it's still hanging on though). Novel does a MUCH better job at file serving and print serving, but people time and again go for the glitter even though it burns them; and the silliest thing is they keep going back and get burned, probably one of the biggest paradoxes that I know of, it tends to defy logic.
A solution, well I wish I had one...
I'm going to hope that you are either:
1. trying to be a troll
2. trying to be funny
3. actually believe that and have NO purchasing power in a company (or God help your company)
If number 3 can be applied to you then maybe you should read this.
1. Solaris scales to 64 procs with SMB
2. Slow compared to what? A 64 proc starfire compared to say a 8xLinux box???
3. Count the number of Linux root compromises to the number of Solaris for the past 2 years
4. Intel doesn't offer anything in scalability (hello can you say less than 64), reliability
hmm.. when was the last Intel xeon bug... oh yeah, last week, quality well 1+1=1.9999999
Doesn't even begin on Linux not having a journaled file system or a professional HA solution...
I'm not saying Linux can't be part of the enterprise, but if there ever was a Linux zealot with blinders on....
As a firewall I wouldn't worry a bit with the box you are describing. I'm using openbsd as my nat/firewall box on a 486 with 16mb, I get great performance out of it (as a router, it does take a long time to compile some programs) pushing over a meg/sec through it at times; not too bad for an old 486. I'm going to assume you aren't planning on using this box for dual-work, a firewall does one thing and one thing only, everything else adds security problems; anyway (getting off of that tangent) your K6-200 will scream as a firewall.
*BSD for network applications pretty much beats anything else on the same hardware for pushing packets around. OpenBSD (being a bit more paranoid about things) also allows you to get something up and running securely quicker than most other OS's; not saying they can't be made secure, but OpenBSD is quite a bit more secure from the get go.
Agreed that you have to be pretty damn dumb to keep that information on the same machine... but many sites have to have connectivity back to that information in some fashion (normally through some SQL call to another box) which can be compromised; bad data is a lot worse than no data. A compromise on the webserver doesn't mean that other boxes aren't compromised, all the boxes have to be checked.
It would be nice to be able to keep everything on a completely separate network (as in your situation) but it's not very feasible for every ecommerce solution, heck Amazon is trying to patent being able to remember your information and keep it available to the webservers so all you have to do is click (very paraphrased). Keeping it on different machines behind multiple firewalls, etc. is about the best many sites can hope for; since they have to have that information available for the customer.
I think you miss the point of the thread that we are on, a different thread and yes Microsoft makes crappy products. But we are on a thread about cracking being harmless, which it obviously isn't, whoever's software it is running on is immaterial.
A good SA probably is going to help more than any firewall ever will.. but being a good SA isn't the whole world. As an example, I wouldn't blame the Hotmail fiasco on the SA's, I'd blame it on the developers who put in the hole in the first place.
Not just grumpy, damn crotchety too.
Umm.. you are telling me that if you had a root compromise that you wouldn't reinstall the OS, I feel pretty damn sorry for the company you work for. Suits are the ones normally against reinstalling, it takes them down i.e. no money flowing, but it's your ass if someone backdoored a binary. Actually I've got 73 pages of procedures to do in case of a compromise, which includes finding entry, verifying duration of entry, contact lists, I could go on and on. I guessed anybody with half a brain could figure out that I plugged the hole first without actually having to vomit up 73 pages.
Sifting... we've got over 200 (actually 212) different people entering data in by hand daily, I guess when we restore the data you would want to throw out all of their work and forget about it. 12 is pretty low understatement, really low if one speculates about a workstation compromised that acts like it's been doing normal work but is sending bad data, and when the user logs out mucks with the website.
Corporate lawyers are there to asses liability, be the liason between any law enforcement, and determine how much of our own ass we need to cover. How big of a lawsuit do you think would ensue, if your medical records got changed, or your credit card information got exchanged; they may not have done a damn thing but WE CAN'T TAKE THAT CHANCE.
I don't believe I ever mentioned how long it takes to reload a backup or how much we have, but I'd like you to guess how long it takes to restore 9 TERABYTES of data. I guess you can't really think any larger, than your 10gig drive worth of porn.
I personally feel very sorry for your company, you seem to think that a website cracker would never do anything bad to a computer. Changing the web page is the same as any other compromise, maybe that's all they did, or maybe they did something more destructive only to rear it's head a week, a month, a year from now; I'm not willing to take that chance, but I'm glad to know your employer is.
You seem to think I'm throwing numbers way out of proportion. Hmm.. well the only numbers I mention are 12 and thousands. Anybody want to actually argue these numbers??? Anybody have actually something intelligent to say on these numbers??? All you can seem to say is those numbers are wrong and that's it, no facts, no figures, no nothing. I'm giving you all the facts and figures and you are spitting out FUD. 12 people verifying 200 peoples work is more than reasonable, in fact if we take them completely out of the picture and we are still at thousands, it only takes 1 hour of lost time to cover this: 200 people at $10/hour (actually more like $14) and you are at thousands (time of reinstalling the OS on a box more than covers this). Got any braincells left after looking in your thesaurus for the big words, to argue these numbers. Do you actually have any facts left up in that head... hello?
Point me to the paragraph where I, or the poster I replied to, said anything about stealing source code, or was that a figment of your imagination. They are differenet and I never disputed that, but YOU CAN'T SAY A WEBSITE COMPROMISE IS HARMLESS.
It takes more than big words to actually have something intelligent to say. I probably am the worst speller and have awful gramar, but if I were to try to hide behind some big words because I didn't have anything else to say... *giggle* well all I can say is, nonsequiturs is two words not one (non sequiturs). How about this for some big words... ever masticated with thesbians?