1153 posts • joined 6 Sep 2007
This might be just right as cold store for my backups. Two things I particularly like - low price and ZFS. However looking at the website, it does not seem they actually have anything on offer for individuals - the market specifically seem to be for "financial services, government, media, healthcare, pharmaceuticals, and data center services". Oh well, perhaps a data center service will pop up as a retail branch ... someday.
Re: Thanks Adobe, problem solved
In honesty, they also solved another problem - now they are no longer spying on non-DRM books.
And if you read DRM ones .... well, you have other problems as well, not just Adobe spying on you.
Mine is the one with paper book in the pocket.
No, XML does not work perfectly with source control, diff etc.
XML as a format suffers from tight internal coupling and low cohesion - because it's universal and low level tool, as compared to domain specific language (say, SQL). Meaning, you make a small change in one place (in whatever domain specific tool you are using) and it's reflected in dozens (if not many more) of places in resulting XML. This is what you will see in source control, diff etc - instead of the one change you actually made at the higher abstraction level. This approach does not lend itself very well to history inspection, merging and other operations you would normally use source control system for. Instead, you have to be extremely careful because merging of the most innocuous changes done concurrently by two developers is most likely not going to be an easy task.
This is also why it is preferable to work with text format of domain specific language (e.g. SQL in case of relational database design) rather than XML. Even though I dropped developing databases many years ago, I'm glad Microsoft has seen the light.
They should take an example from ISO
That is, international organization with members from every nation with interest in running of the organization. Yes, it would be very slow to change but how often do we need a new TLD policy? Also, subordination to US government is becoming global security problem.
Re: At cost?
Add labour cost - you have to pay for assembly. And manager wages. And director's salary. And pension contributions. And there is still this marketing guy who needs his salary.
Re: Such hatred
If Unix has not just survived but also outlived every other operating system out there they might have got something right. And if there is one thing that defines Unix, that would be the "do just one thing, and do it very well" philosophy. Let's not fuck with that, shall we?
sorry, just had to post.
I like the idea of next-gen language too. And Apple would benefit from making it either open-source or standardized (or both). Here is how it might work: if a language is freely available and attractive for wide audience, it will be used. The more it's used, the more developers familiar with it. This last point would directly benefit Apple ecosystem.
Looking at Swift, it seems well designed - and it also has the benefit of supporting shebang script syntax, so it can be used more universally (if made universally available). If it could be also used for scripting of dynamic web pages that would be ideal, I cannot wait for something to replace this abomination called PHP.
Seems like more than "a handful of rules"
as long as
... encryption is really strong (and key is kept safe), I don't see (much of) a problem.
For all intent and purposes, losing heavily encrypted data is not different from losing any set of useless binary data. If businesses are not required to notify about the latter, then notification about the former would seem (a bit) superfluous to me.
The difficulty is in determining what constitutes strong encryption and safe key. Perhaps I ought to look at this regulation.
Re: Misleading Language
so that you don't wake up one day and find the internet no longer works for you
The problem with protocols which are supposed to work from-day-to-day is that there is no incentive to do anything about deprecated features, and thus "will it work tomorrow" incentive to just keep using what works, gets stretched until things break catastrophically.
Re: 2-part security?
I understand NFC link only works on short distances - you might not be able to put your phone to a pocket without erasing it ...
Yeah, was thinking the same : "where are units supporting checksums on filesystem?" and then I realized I need to build my own with FreeNAS or Nas4Free .... because no brand would do that for me!
Honestly, if NAS cannot guarantee integrity of your data, what's the point?
it's diminishing returns, simple. I can spend few hundred on a player, another few on a pair of headphones or speakers, but adding zeros to the bill for gain I cannot hear without moving my home to middle of the desert first is unjustifiable. I'm just happy not to have to hear clipping, sibilance or random artefacts.
@AC bull*it . Nobody is asking you to keep putting CDs in, you can rip them to FLAC if you want to, and only keep physical record in a locked archive. The point being, there is nothing "modern" about streaming and I assume you are either very young or very old and thus memory not serving you well. Anyway, go and lookup "Real Player".
I can keep on microSD a lot of music in a lossless format I ripped form my own CDs myself, and I can play from portable device with proper DAC, amplifier and sound quality a class or two above ipod or a phone (see IHIFI 960, AK100, iBasso DX90 etc.). But of course, I also have proper headphones not some branded crap with "b" on side. Does that mean I do not use streaming? I actually do, to find something new and interesting. And that does not happen very often at all, because "you may like too" algorithms are awfully limited and programmers who wrote them do not understand that someone may enjoy baroque, modern classical, different flavours of rock and few other kinds of music, depending on mood and other factors.
@Peter thanks, exactly my point.
@Nick, I take issue with your "flawlessly". You can never represent analog signal digitally without introducing flaws, especially so when you only have 2 samples per wave.
Haha, this reminds of supposedly lossless, hi-def files from qobuz. One evening sitting by the computer, I found that they have Mozart C-minor Mass directed by Herreweghe, exactly same record I enjoyed earlier the same day from my CD (it was not ripped then). Being lazy (or experimental) sort of person, I decided to stream the music rather than put my CD in. It played nicely, up to solo soprano when it started clipping quite horribly. Compare same part with my CD - no clipping and my poor underpowered mini system played this part rather quietly, but cleanly. Turn down volume on my computer speakers (active Samson studio monitors attached to Epiphany Acoustic DAC) streaming from qobuz, and I hear clipping again. So, I ripped my record to FLAC just to play it on the same equipment and there you go, lovely and clean sound. It turns out that "lossless, hi-def" qobuz files are totally messed up, they probably never checked the final result of whatever conversions they were doing.
I cancelled my qobuz subscription the same day, and from then on I only use FLAC files I ripped from my own CDs, using equipment and processing I trust and know. Or, when I do not care about quality and just want to listen to something different, it's from lossy source such as Spotify. And my "poor underpowered" mini system got an upgrade in the form of better speakers :)
I'm running 8 Crucial C300 (yes, old model) 256GB each on LSI MegaRAID in RAID0 hardware configuration, total 2TB. It's nice and no problems in years since I set it up, but in fairness I do not write this much data to it. Of course, I back it up almost constantly to an HDD and replicate the backups to external HDD, although so far the only use of backups was deleted files or misconfigurations.
It may be a big deal for some, for me this means change of platform. This I'd rather stay with previous generation Xeons E5 v2 running in "old" LGA 2011 socket with 64GB of DDR3 I already have (and do not use - but it was relatively cheap!).
.... but I will remain sceptical until open source implementation appears and is merged into both BSD and Linux (and Windows just for laughs - we all remember NetBEUI and NWLink, right?)
Took me few years to learn to do it properly, but in last 5 years it's been pretty good, with Macap and Dalla Corte. It was expensive to buy, but is cheap to run. Just top it up with freshly roasted coffee beans, remember to check water level and keep it clean.
Icon for how I look before my first coffee (where did I put the filter?)
must be French
they wear berets and eat frogs (sort of)
what if ...
... password replacement policies were based on time needed to brute-force an existing password? Say, you are new employee about to set your network password first time (because the one you received on welcome, comes with "must change" setting). You try "Password1" and since this is "cracked" by validator in real time it is not even accepted, since check for minimum password complexity can be run synchronously, as soon as you press Enter. So you try something a bit more complex and it is accepted, but within few hours or few days you receive an email explaining that you need to change your password again because it has been deemed too weak by automated password complexity assessment (i.e. cracked by security team). This comes with obligatory picture borrowed (legally, of course) from xkcd and a longer explanation about how password complexity works. Sounds like pain?
But here is a good part: if you read the instructions carefully, you will figure out how to set a password that you won't ever have to change (bar emergencies). You simply make it complex enough!
Now, if only one password was needed at work ...
Re: Fair play...
POWER8 has comparable set of instructions.
all good points
Now I'm waiting for good professor to produce alternative system. Or at least start productive discussion about design of such a thing. Should I hold my breath?
Actually no, it makes sense. Apple suffered reputational damage as soon as the first class action suit was brought. I'm too lazy to see how this original suit affected the share price but I'd hazard a guess that there was some dip. Now a shareholder are asking for compensation for this dip.
It's fair game, given that (due to lack of dividend) the only way to profit from Apple shares is to sell them, which makes shareholders more sensitive to share price moves.
Re: Who takes the picture?
I think the problem here is the definition (or lack of it) of what is significant enough contribution to work, to make it pass copyright test.
It might be that in the case of actually lost camera, there is no "significant contribution" on the side of camera owner.
It might also be that in case of Mr Slater, the camera was not lost but made ready for simians to use and also that he made significant contribution by first setting up conditions for pictures to be taken and then removing all blurred photos afterwards, selecting good ones and preparing them for publication. To me this seems like nontrivial endeavour.
My guess would be "for performance reasons". You can gain quite a lot of performance by avoiding context switches, but in the context of networking classical layer model makes that difficult. You may want to either to move network drivers to user mode, or move application APIs to kernel mode.
I honestly can't say what FB would do, but I know what I would want to research given objective to improve performance of network stack.
this is big
congratulations to all involved, very impressive!
Re: Sounds potentally very good.
No it wouldn't. Even if the RAM chips could achieve that type of speed, the long wires of the memory bus could not
... hence HP work on photonic connections between memory and CPU, alongside with work on memristors.
Re: Sounds potentally very good.
Abstract of actual paper gives sub-50ns switching speed which is very good, but IIRC (corrections welcome) memristors are promising sub-10ns latencies. While sub-50ns is excellent, sub-10ns is revolutionary, as it would allow CPUs to drop cache memory.
Of course both technologies are in early stages. Perhaps RRAM will put a little more pressure on HP to develop memristors right (or provide them alternative to switch into, if they fail to do it), so this development is encouraging even if one is cheering HP efforts.
I could of course force the streams to recombine via the use of proxies, VPN
yes you could, and while we are at it, can you pls remind what's wrong with obligatory VPN to access corporate network? I know it's not exactly free, but c'mon it just plain sense.
Paris because I'm just the same puzzled.
Re: I'm shocked
This is provably not true, and the evidence is winged flying pig behind my window and snowballs flying from large, hot and red crevice in the ground below.
Our political masters seem to be trying to do something right, and in doing so they agree in principle with Google.
This is unthinkable, I must be living some alternative reality.
I imagine this dialog:
Cameron: amateurs ...
it's all hot air
Hm, picocells .... can those work with SIP?
Now I want SIP phone gateway which would be also 2G picocell for my home, to make my SIP numbers available on my mobile when I'm at home and allow me to make (cheap) SIP calls automatically from my mobile. Because, honestly, SIP handsets rather crappy.
Re: Do we need more original research into proprietary hardware?
These guys are planning to disrupt the market, before declining hardware curve drives them into the ground. This is good plan. Also, software has a tendency to expand to fill all available hardware, while occasionally delivering new important technology - so it is actually worth inventing new hardware to allow these new software technologies to be invented.
For example: massive parallelism still hasn't found good software solution, because existing model based on critical sections does not scale with program design (it forces tight coupling), while transactional memory might scale, but is inefficient due to poor hardware support.
This one is on me.
It took all my willpower not to downvote you, but the weird thing is - I do not know where did that came from.
Should I believe in human-induced global downvoting trend? What if some disaster happens before it's too late?
So many questions ... thus icon.
Re: it's a step backwards
You got it backwards. It also does not help that one has to pivot the tables to actually compare anything. Here is handy table:
Model 1500 Pro, M2: active 140mW, idle 55mW, sleep 0.2mW
Model 2500 Pro, M2: same as above
Model 1500 Pro, 2.5": active 195mW, idle 125mW, sleep 5mW
Model 2500 Pro, 2.5": active 165mW, idle 55mW, sleep 5mW
You are welcome.
Hah, the math makes sense, so my "arguable" turns into "definitely wrong". Thanks for proving it!
Re: Password Managers?
Wasn't there a post the other day stating that they were also insecure and open to hacking?
They are IMHO, a single point of failure.
Yes, there was. Useful research but in case of LastPass , it's a FUD. The problems discovered have been fixed last year.
Although of course, it is risky to put all eggs in one basket, and I'd love to have something better to replace all these passwords. For now though, password manager used in a correct manner seems to be the best solution.
Re: Password Entropy
There are two problems with this 1. plenty of password fields have an unreasonably short limit on a number of characters in a password, thus preventing use of a reasonably long passphrase 2. it is arguable whether a passphrase (build from dictionary words) actually has large entropy, since it can be brute cracked simply in (dictionary size * variations)^(small N) tries, rather than characters^(large N)
For goodness sake, use icons as appropriate. I was thinking "joke alert", but changed my mind ... because your comment might very well be spot-on.
... I might be tempted to filter IP traffic at home, but under following conditions:
* I own the box which does the filtering
* I decide what is being filtered
* I decide which of my home computers are affected by the filtering and which are not
* The box supports both IPv4 and IPv6
Anything else - f* off, it's my network and I decide what enters it.
Re: Please tell me I'm wrong...
Speaking about contract law, you might have spotted phrase similar to the following in contracts "if any clause of this contract is found to contravene local laws or be unenforceable, only such clause will be deemed void, while the remaining clauses of the contract will remain valid and binding", or to such effect. This is to prevent the whole of the contract becoming invalid if any of its clauses is found illegal. How does it happen that some clauses are deemed to contravene local laws? Because laws were made to protect citizens, for example by making it illegal to sell your body parts. Such laws are made by lawmakers, subject to government initiatives.
Now, if a company was to make a business model as an "agent for direct acquisition from donors and selling of human body parts for transplants", any contracts signed under such business model would be deemed invalid. Now, imagine what happens if companies are given the right to sue lawmakers for a reason that laws are hurting their profits. This means that companies can now shape the laws in their favour in order to maximize the profit, and this also means that they can legally force lawmakers to remove such laws which make the above mentioned business model illegal and invalid!
Welcome to the world where companies can force governments to remove laws which protect citizens, if such laws happen to hurt profits.
Re: What is cruft, what is security, and can the LibreSSL programmers tell the difference?
It's been "fixed", by seeding RNG with your private keys. Thank you for such "fix", I'd rather not see something like this in a program I am using. Especially since OpenSSL is unable to provide a guarantee or verify that RNG subsystem is indeed trustworthy one and won't steal your private keys.
Remember, no library can fix security flaws of the underlying operating systems - at best it can work around them. If you want an illusion of security by deploying ever more elaborate workarounds that's your problem, but I'd rather leave it to people who know about security more than you do (or OpenSSL team does).
Re: Code size
No, they wouldn't. Code size is not the only thing that matters - coupling is the same, if not more important. Think of it as the possible number of permutations in a group of elements (elements being design artifacts, ie. functions in C language). In a design with qualities of a hairball (anything connects to anything), the number of possible permutations can be huge, despite the total number of lines "merely" going into many thousands (below million). In order to understand it, you need to read it all and then build mental model of everything there is. That makes for very high barrier to entry.
The purpose of good software design (each language provides own design tools for this, in case of C that would be private headers, static functions etc.) is to control and lower the number of possible connections, thus lowering the overall complexity and the cost of reading and contributing code - despite total code size remaining roughly the same, or perhaps even slightly larger (depending on design tools used).
Of course, LibreSSL didn't set to increase the codebase with design artifacts. They set to remove all dead code first, which obviously is a very good way to start such a project. They are also limited by public API of OpenSSL which makes lots of private functionality available to users unnecessarily. But they are to a good start and I wish them well, enough to setup monthly donation.
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Breaking news: Google exec veep in terrifying SKY PLUNGE DRAMA
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Google chief Larry Page gives Sundar Pichai keys to the kingdom