2389 posts • joined 9 Mar 2007
Re: Traffic costs are always relevant.
Well, but virtually all data intensive companies offer free peering plus free CDN nodes in your network if you provide the rackspace.
Besides I pay my ISP so I won't have congestion (at least not 99% of the time, accidents can happen).
It's not like traffic costs are relevant
At least not on the backbone where they plummet as the equipment continually gets upgraded as part of the maintenance cycle.
So this is yet another attempt of turning the Internet into a "Google/Facebook/etc."-centric network modelled after 1980s online services.
Does this mean...
we'll now have computing power shortages caused by trading?
Working at that company...
...introducing Ouija boards as a new means of "communication" probably would solve a lot of internal communications problems.
Of course there is a sad story behind it all
As someone who has been to the native country of the Playmobilians officially known as "Playmobil Funpark". It's a small enclave fully inside of Germany near the town of Zirndorf. It's easy to get visa, but they charge a small fee for them.
The Playmobil people actually seem to consist of several different races. The larger ones sell the smaller ones into slavery in large stores where the smaller ones are brought into degrading poses.
Since tourism is one of their main industries they do takes Euros as a currency. The natives don't actually do much, but they employ Germans to do much of the public work for them. I do have photographs somewhere.
Re: no armageddon here thanks
Actually that's incorrect. Since OpenSSL has its own memory allocator, those 64k are guaranteed to belong to the OpenSSL library. So the chance that you get keys and/or passwords is pretty high.
So an idiotic design choice inside of OpenSSL also contributed to the problem.
Re: Not as dumb as it sounds
I believe you are overestimating the possibilities here.
Fast speeds require special LEDs plus low multipath situations. You cannot simply put a lens in front of it and hope to get by with diffuse light... and still hope for a Gigabit. At such low ranges radio is much more competitive and needs much less power since you don't need to drone against that high intensity noise source in the sky.
The 'market' (I know an ugly word) for this is like the one of NFC. It's for communicating with something over <1m distances, for example for having "location based services".
Light is cheap for low data rates and short ranges, but once you want higher ranges and/or faster data rates, it's a different kind of animal.
Maned moon missions are a great way to boost your engineering for decades to come. Just look at what it did in the US. The momentum still lasted into the 1980s when it gradually became desirable not to be an engineer, but a banker.
Hmm. let's look at what Sony uses when they need a laptop
For their (back then) new Betacam SX they obviously had to have an edit controller. They chose to go with the time and just have a laptop with some extra hardware to control the VTRs.
Let's look at what kind of laptop they used:
That doesn't look like a Vaio, does it?
Re: Debug malloc
Actually OpenSSL comes with its own malloc, that's why you always get its data. And why do you ask did OpenSSL use its own malloc? Because they thought the OpenBSD one was to slow. (it's slow because it tries to be secure)
The sad things are...
Most of those patents are either trivial or make the product worse or both.
We need a "communicator" case for that :)
So we'll have a real computer in a pocket.
As a paying subscriber I now consider canceling my contracts
Back in the 1990s I used dyndns since I simply couldn't afford anything else. Then when I wanted DNS dyn seemed the obvious solution, plus I'm doing something good by supporting the free service.
Now since that's gone, I'm considering going, too. The main problem is of course that I cannot port my dyndns.org subdomain.
Linux has to many versions?
"Linux has TOO MANY 'versions', some wildly different!"
Uhm, yes, there are specialist versions of Linux, true. The Linux on your router is different to the one on your desktop... however you can easily write software which runs on all of them by just recompiling it. And that software would even work on a Linux Distribution from 1993 just as well as it does on todays systems, despite of potentially different hardware architectures and such.
Since you don't have package managers or full automated updates, even installations of one Windows version quickly diverge. And even on stock installations no two versions are alike. For example there is a whole separate set of versions for non-latin character sets. A feature which is implemented as a per user setting on most other platforms.
And even when you step back a bit, even the most basic APIs change. While you may still be able to port software from Win16 to Win32 and even Win64, .net is completely out of the question. And you cannot just choose one of them. While Win16 and Win32 can run on anything from Windows 3.1 (if you install Win32s), it won't run on Windows RT or Windows phone devices. (You could however port it to Windows CE).
"Android is made to run on *particular* hardware."
Yes and that is why Android development is so slow. The same is however also true for Windows phone or even Windows CE.
I don't know if you have ever seen how those Freedesktop guys react to criticism. Typically it's just something like shouting "WHY DO YOU HATE DISABLED PEOPLE!!!".
Yes, but 10 out of 10 times it's about something that's about something which was trying to re-invent the wheel, but hasn't by far reached the functionality and maintainability of its predecessor.
Honestly I can understand him.
I guess one problem here is also people thinking they can do better than unix without understanding its philosophy.
So far there have been very few (if any at all) non-unixoid systems that actually work and are maintainable, while most unixoid systems were rather good successes. The Unix philosophy seems to be such a great way to reduce complexity. Most software projects fail because of overboarding complexity.
Re: Sod that...
Actually 10Gbps Ethernet could have its place in the consumer market. It could be used to transfer high definition video at low latency. For example you could have a single computer in your basement/closet which powers all the screens in your flat connected via fast Ethernet and small dumb terminals which may consist of nothing more than an ethernet controller and a framebuffer.
Because they didn't believe in it
FOSS proponents have always noted that support for Windows will eventually run out and that if support runs out no organisation can continue using it for extended periods of time. If you have FOSS you can just continue to support it yourself, and you automatically pool your efforts with everybody else still using that software.
There are datacenters running on coal, gas and nuclear?
So far every datacentre I have looked into for hosting was running on 100% renewables without nuclear. Just look at companies like Hetzner or Manitu (the later positioning itself as an ethical company).
http://www.manitu.de/unternehmen/oekologie-und-klimaschutz/ (100% water)
http://www.hetzner.de/hosting/unternehmen/umweltschutz (also 100% water)
Other sources of electricity would just be far to expensive to run a datacentre of.
Or of course...
you could get an engineer to set up Asterisk, Freeswitch or anything normal, was well as a VPN and get all of that cheaper, more reliably as well as more suited to your needs.
Systems enforcing licenses...
...should not be considered highly available. It's a completely unnecessary part that can fail, and that can even be a security issue.
I'm sorry, buf if your company needs that...
... you are in _serious_ trouble. Apparently you have stored all your data in non machine readable (office) formats.
I'm also shocked to hear that a product from 2010 _still_ requires ActiveX or plugins.
It's something called a homomorphic encryption where you can do certain operations on the plaintext by only having the cyphertext. It's doesn't exactly solve a real-life problem as today you can simply perform operations on a trusted device, i.e. your computer at home you can access via your mobile device if needed.
Re: Are you insane?
"Rubbish, the first 10 years of effort would be retrofitting some kind of skinning, then the community would start work on four hundred Notepad replacements..."
The Windows fanboy community probably has a head start on it. I'm sure there are _way_ more than four hundred Notepad replacements, and skinning already was a feature of Windows XP.
Re: Are you insane?
Actually people would stop using the newer systems after Windows XP was open sourced. After all open sourcing would mean that it's going to get a thorough cleanup while still making it compatible.
Just imagine an operating system 100% compatible with Windows, but without all the useless crap added in the newer versions?
Given the track record of Cisco when it comes to securing their own products...
... this does seem like a blind person talking about colours.
No, there is no congestion on the Web...
Even if you assume that by "Web" they mean the Internet, there is no congestion under normal circumstances. The backbone is easy to upgrade, and you need to exchange your lasers regularly anyhow.
The place where there are congestions is the access network of cable companies. The problem simply is that "broadband cable" is a passive distribution network, it never was meant for individual communications. Those networks are a bit cheaper to roll out, but very expensive to update. The shared part of the network is distributed over many buildings.
Re: Refresh on early PCs
Well of course, you could always have an TSR and hook up to interrupts. I've once tried that with a little Pascal program. When I tried it it even seemed to work on Windows. So I loaded it, started a DOS window and there is was. :)
There are rumors that there were industrial control systems which ran on the PC driven by hardware interrupts, but booted a Windows 3.x as a GUI toolkit.
Re: Refresh on early PCs
Ahh, that's actually a side effect then which doesn't cost any additional clock cycles.
So the CRT controller "steals" memory access cycles from the main CPU. If you swap some address lines around, you can make sure it'll spread all it's data over all pages.
As far as I know an access to a bit on a page also causes that page to be refreshed.
Ohh and the missing DMA controller wasn't to much of a problem back then, as MS-Dos didn't support it very well. All system calls were blocking and there was no multitasking. So even when DMA was used, your program still had to wait for it.
Refresh on early PCs
Actually those refreshes used to be done in software. You had 3 timers, one was used for sound, the other one as a "systick" (actually at around 19 Hz for the time) and the third one was set at around 100 Hz and started the refresh routine. So roughly 100 times per second your program would stop for a couple of hundred clock cycles. That's far less than one out of 4 memory cycles. Still there was software which would decrease that frequency to give you more cycles for your software at the risk of memory loss.
Re: Attack of the sophisticated spearfishing ransomware DDoS attack ..
a) But then they won't be able to use social media.
b) Even if they did, the license key updates would still go over USB which is a huge attack vector.
c) It is very hard to have a usable, yet properly updated Windows system without Internet access. Setting up your own "Windows Mirror" is much harder than setting up your own Debian one. (Although I'm sure Microsoft will sell you an overly expensive version if you are big enough)
Other problems include internal attackers or attacks on business partners, or just general idiocity.
The big problem is that there are people who decided to build infrastructure on the systems which are hardest to defend.
Why do people invite the NSA to speak?
I mean it's obviously clear that everything you will get is just pure PR on the edge of lying. Plus those people already have more than enough of a platform to speak on. We don't need to help them with their PR.
Actually it changes nothing
those $100 won't make Windows 8 magically compatible with the software running on Windows XP.
It's the same as with companies
...but with companies it's the customer who pays.
It's very hard to punish organisations, and money is typically a very inefficient way of doing it.
Re: Other tools
This is a Trevor Pott article, don't expect any insights.
He probably hasn't heard of Nessus or OpenVAS, or couldn't get it to run. It's not like he knows about computers.
But then we'd need hardware standards
For example the framebuffer mode of every graphics card would need to work identically. We'd need to have just a small set of USB controllers, and all of that needs to be discoverable by the operating system. Otherwise you'd need to port your OS to every system just like you already need to do in the mobile world.
Re: Run them in a chroot jail
I think last time I checked, you could simply chroot out of a chroot "jail". I don't think it ever was designed to be a security feature.
Re: We need something more simple than webbrowsers
Yes, but I'm not necessarily talking about "changing the web", but about providing a much more secure and restricted alternative. I mean we (normal people) are not using webmail since it's far to insecure, we use special protocols like IMAPS. We use ssh which even uses key pinning. Both protocols however are inconvenient for GUI tasks over high latency connections. (though there is an alternative to ssh called mosh which can do predictive echoes and stuff)
Imagine we had some trivial "GUI over IP" protocol which simply uses a GUI toolkit on one side and transmits events. It could run over a severely cut down version of Websocket, and you could even write a client for it which runs in browsers.
With a client in HTML5 you could have a migration strategy to native clients.
We need something more simple than webbrowsers
Modern web browsers are extremely complex. Not only do they contain support for multiple image and video files, but also complex layout languages and plugins.
Maybe it might make sense to have a much simpler way to display web pages, combined with a simple way to do "web applications". It would need to have to be so simple you could implement it in a day.
Re: 1000 Users!
Yes, and if you correlate that to other numbers published here
it means that those 1000 users are probably the roughly 7% of all desktop users running Windows 8... which means that there are about 14 thousand desktop PCs in the world.
Even when we assume only 1% of the Windows 8 users run Firefox, we still only end up at 1.4 million desktop PCs.
How do they count?
That also would explain the discrepancy between those numbers and what we are all seeing in the real world.
How I learned the company I'm at was using Amazon services
The company I currently work at has an out-sourced wiki and issue tracker. Recently we have found out that it sends it's e-mail via an Amazon e-mail service.
Amazon advertises that service by claiming that those mails will not land in spam filters... which is a problem for people using servers in the Amazon IP-range as it's crowded with spammers.
Well so far so bad, the funny thing is how we found out about that. E-Mail from that issue tracker... which uses Amazon to not be considered as spam, landed in the spam folder. :)
Re: I'm glad people believe sysadmin skills are becoming extinct
Seriously, compared to what most people have as sysadmins, you _are_ a genius.
Most sysadmins out there have never heard of rsync. They have never used a package manager or scripted something via ssh. Many probably wouldn't even find their way out of vim.
Those are people who live in the Microsoft bubble where people believe they don't need to be able to program, and that somehow it is normal that e-mail is something complex.
Re: Paid for subscriptions and text documents sent out over XMPP
"And that would impact packet sniffing how exactly ?"
XMPP supports various ways of end-to-end encryption, so that might be doable... even though I'd count XMPP as one of the more complex protocols.
It's time for the next step in computer security
After FOSS which already eradicated many intentional backdoors for the people using it, we now need to add simplicity. The less code you have the less likely it is to contain a backdoor.
So we need protocols which can be implemented with as few lines as possible. And we may even need hardware separation so if one of the components gets compromised, it won't be able to compromise the others.
Re: I invite the US and the other 5 eyes partners...
Well the German case is very well documented. Newspapers even printed commented disassemblies of it. (No I'm not kidding here's the PDF https://www.faz.net/dynamic/download/fas/FAS_09_10_2011_S41_S47_Staatstrojaner.pdf )
"The nerds would just spend a lot of time arguing which technology is the best thing to use, whilst not finding out what the business actually requires."
How is that any worse than having a department which regularly chooses the worst solutions, while not finding out what the business actually requires, but just buying what vendors have to sell.
What you need, and this is true for just about any area, is a mixture of smart people with different backgrounds.
Unfortunately the typical quality of human resources is so low even running on a bunch of narrow minded idiots (having exactly the same perspective) still makes you competitive in the short run.
Democratic oversight won't work...
....for organisations which can simply sabotage the democratic instances which should control them.
Large organisations tend to have one primary motivation, they want to survive. The NSA knows very well, that as soon as the public gets informed about what they do, and has the power to abandon them, they would do this nearly immediately. Therefore it needs to protect itself in order to survive.
Powerful secret services are not something which is compatible with a democracy.
You should put clauses into your contracts...
...which make the provider of IT services responsible for such fines. Then you'd finally get rid of all those "PHP-shops" which have never heard of prepared statements.