rpp3po - Slashdot User

Comment Re:Excuses are false. This is a severe flaw. (Score 1) 830

by rpp3po on Wednesday March 11, 2009 @07:15PM (#27159061) Attached to: Apps That Rely On Ext3's Commit Interval May Lose Data In Ext4

Security. Consider the following scenario

1. Super-secure process opens private.txt 2. Super-secure process truncates private.txt 3. Super-secure process closes the file. 4. O/S re-allocates those disk blocks just freed by the truncate. 5. Nosy process opens a new file using the recently-reallocated blocks. 6. Nosy process reads through the undeleted data left by Super-secure process and sends them over a network connection to someplace bad. 7. Nosy process writes some random noise to the blocks. 8. O/S deletes the data on disk and then writes the data supplied by Nosy.

Ext4 does not make any guarantees about the erasure of file contents on disk. Even truncation as ext4 is doing it right now, doesn't actually overwrite truncated blocks with zeroes. So your whole point doesn't make sense at all.

Comment Re:Excuses are false. This is a severe flaw. (Score 1) 830

by rpp3po on Wednesday March 11, 2009 @06:45PM (#27158581) Attached to: Apps That Rely On Ext3's Commit Interval May Lose Data In Ext4

There's probably some way the FS could finesse this issue -- e.g., don't actually schedule truncation until you see the first write or close -- but it would be a workaround for buggy applications, not a FS bugfix.

There's no benefit of NOT delaying deletion on disk until actual writes of new content. It's not too much to expect from a filesystem to behave reasonably.

Comment Re:Alarmist and ignorant article - not a "problem" (Score 1) 830

by rpp3po on Wednesday March 11, 2009 @06:41PM (#27158505) Attached to: Apps That Rely On Ext3's Commit Interval May Lose Data In Ext4

You did not understand the bug. It's not that people expect actual writes without calling fsync(). It's that ext4 decouples file deletions caused by opening files with the O_TRUNC flag from the actual writes of the files' new contents. This is not necessary. Ext4 could delay deletion on disk until it actually writes any changed contents to disk.

Comment Re:Excuses are false. This is a severe flaw. (Score 2, Insightful) 830

by rpp3po on Wednesday March 11, 2009 @06:29PM (#27158347) Attached to: Apps That Rely On Ext3's Commit Interval May Lose Data In Ext4

That's not true. KDE is not "*DELETING*" any of its files. It's just opening them with the O_TRUNC flag (expressing an intent to overwrite its contents). That's perfectly safe for a copy-on-write filesystems (as ZFS) but not for ext4. So calling all "modern" filesystems at risk is pure ignorance. Ext4 could delay content deletion of open files until write time and write both within a single transaction.

Comment Excuses are false. This is a severe flaw. (Score 3, Interesting) 830

by rpp3po on Wednesday March 11, 2009 @05:28PM (#27157485) Attached to: Apps That Rely On Ext3's Commit Interval May Lose Data In Ext4

There are several excuses circulating: 1. This is not a bug, 2. It's the apps' fault, 3. all modern filesystems are at risk.
This is all a bunch of BS! Delayed writes should lose at most any data between commit and actual write to disk. Ext4 loses the complete files (even their content before the write).
ZFS can do it: it writes the whole transaction to disk or rolls back in case of a crash, so why not ext4? These lame excuses that this is totally "expected" behavior is a shame!

Comment Actually that's good for society! (Score 5, Funny) 166

by rpp3po on Thursday March 05, 2009 @08:31PM (#27085429) Attached to: Website Does Homework For Kids

Rich kids buying themselves out of good education increases the probability for wasting their families fortune when they grow up. Honest, hardworking fellows will be happy to fill in the space.

Rich people getting richer with each generation aren't a good thing for any economy. Deterring work ethics of descendants, who never had to work in their live, have corrected this for centuries.

Comment Bad summary (Score 1) 155

by rpp3po on Sunday February 15, 2009 @09:28PM (#26867533) Attached to: Collided Satellite Debris Coming Down?

There is no mention of "possible explosions" in the original article. The debris has also not been "blamed" for earthquakes, but it says that people may have mistaken the the phenomenon for them.

Comment BSD guy living behind the moon... (Score 1) 166

by rpp3po on Sunday February 08, 2009 @07:24AM (#26771371) Attached to: Name and Shame Spam Senders With OpenBSD

Razor/Spamcop, Pyzor, and DCC are heading in about the same direction, just without using such caveman tools as compiling huge webpages. So how is that BSD caveman's blog worth all the fuss?

Comment OMG - Keyboard Nazis! (Score 1) 663

by rpp3po on Sunday January 18, 2009 @09:17PM (#26511337) Attached to: Dvorak Layout Claimed Not Superior To QWERTY

"Quertz oder stirb!", the favorite opera of true Prussians. Composed 1902 by Antonin Dvorak it later became one the hymn of the national socialist party.

Comment oldnews (Score 3, Informative) 264

by rpp3po on Friday January 16, 2009 @06:13PM (#26489423) Attached to: Wireless Internet Access Uses Visible Light, Not Radio Waves

For how many decades does my university use laser links to our dorms? For how many decades do we have infra red data transmission, e.g. in remote controls?

Comment Mercurial vs. Git (Score 5, Interesting) 346

by rpp3po on Saturday January 10, 2009 @09:50AM (#26397915) Attached to: Git Adoption Soaring; Are There Good Migration Strategies?

I'm working on the OpenJDK source tree through Mercurial. I couldn't be more satisfied. The tools are well structured, very easy to use, stable, fast and well documented. I don't miss any feature. Could anybody, who tried both and prefers Git, list some advantages of it over Mercurial? To me it just seems like a Git done right without the hype and too complex UI.

Submission + - Issues with Leopard's firewall possibly made up (blogspot.com)

Submitted by Anonymous on Wednesday October 31, 2007 @05:15AM

Anonymous writes: UPDATE: More and more screenshots appear online indicating that the claims by Heise may be false. This blog even points to a partnership between Heise and Microsoft regarding their security section.

Submission + - Mac OS X Leopard's firewall wide open! (heise-security.co.uk)

Submitted by rpp3po on Monday October 29, 2007 @05:03PM

rpp3po writes: German tech magazine Heise analyzed Leopard's new firewall and made some shocking discoveries. Even when you set it to "block all incoming connections" at least 4 ports are left wide open (ntpd, netbios, mdns). Additionally "Apple uses ntpd 4.2.2, the current version is 4.2.4. It is not clear whether any of the bug fixes are relevant in this scenario and if Apple back-ported fixes from more recent versions."

Submission + - No Java 6 in Leopard Retail! (blogspot.com)

Submitted by on Wednesday October 24, 2007 @12:31PM

An anonymous reader writes: Remember how they baited developers to the Mac platform by announcing most comprehensive Java support? How they advertised true interoperability for developers, which just happend to look much sexier on a Mac? All BS! They are following Microsoft's path now and try tie you to their flashy XCode platform. That's a great tool if you're developing for a Mac — as Visual studio is for Windows... But I'll dump both happily anytime for a fully loaded Eclipse — supported and steadily improved by a tremendous community!

Submission + - Mac OS X Leopard leaked to P2P networks (insanelymac.com)

Submitted by on Tuesday October 23, 2007 @10:30PM

An anonymous reader writes: To prevent this happen Apple even withheld the gold master from ADC select members, who pay multi $1000 for access to prereleases. Trackers like The Pirate Bay and several Usenet groups carry the full dvd image as of today. ADC members are going to be upset that their expensive premium payments are not even worthy enough to get prereleases before filesharers. This http://forum.insanelymac.com/index.php?showtopic=66936 forum entry contains numerous successful reports, but no warez links.

Slashdot Top Deals