Correct, but as soon as they distribute the binaries to a single person or organisation, the GPL is also implicitly transferred, and so is Sun's (or Oracles) obligation to provide the source code to any third party who obtains the binary under the GPL from that person or organisation. So they are not obligated to provide you with the binaries, but they are obligated to provide you with the source if you got those binaries from another route. Though, this is time-limited. a quick scan of the GPLv2 shows that this is limited to "at least three years".

Precisely, the GPL specifically permits commercial distribution (i.e. for profit) of binaries, but always requires the source code to be made available at cost (i.e. not for profit)

Wrong. GPLv2 section 3 specifically requires the source code to be made available to any third party, regardless of where they got the binaries:

GPLv3 section 10 specifically grants all recipients of the code (binary or source) the same license that you have, including the right to distribution:

Both versions of the GPL prevent you from placing further restrictions on third party licensees. So long as Oracle make the source code available at cost, they have likely fulfilled their obligations under the GPL.

Except you're forgetting what the first 'D' represents - Distributed.

The attack will be coming from a large number of compromised hosts distributed around the globe. While the particular load on any one data center will be lower, the size of modern botnets means that they will still be knocked off the Internet in any case.

Problem is, those calls are probably monitored and if they don't try to get the sale, well, that's a black mark against them - too many of those and they're trying to find another job.

It's just not personally worth it to them, such is the environment that's encouraged in call centers like that.

The thing that everybody seems to forget about availability figures, is that they do not refer simply to downtime. They are actually referring to scheduled downtime.

It's entirely possible to have a 5 nines service, but still be offline for a month out of the year - it's still 5 nines if that month is all unscheduled.

Besides, with a 5 nines guarantee, you're gonna have SLAs coverin eveything - though most SLAs are so vague that returning your phone call can be considered to have met their obligations under the SLA so you're still pwned.

Wow, nice contribution. You totally miss the point, which is that writing arbitrary magnetic fields to an arbitrary physical location on the platter is the very last thing you want to do during data recovery. Now, if you just want to write arbitrary data at arbitrary logical locations on the disk, then you can already do that with the disk in it's current state.

Neither of these scenarios are remotely data recovery, since by definition, you are overwriting data.

For what it's worth, I'd disagree that once you can read a human language, that you can also write it since there are visual and linguistic cues in written language that you have to provide when writing. In most people, the two are closely linked, but I'd be willing to bet that while learning to read/write, your reading aptitude probably has a slight lead over your writing aptitude.

Except he's asking about writing to the platters - data recovery would only ever need to read.

The only time I've seen something like this is back in the day when software companies marked floppy disk sectors as bad for copy protection. The OS wouldn't touch them so when you copied the disk it either wouldn't copy due to read errors, or it would copy but the crucial data written in the bad sectors would be missing so the software wouldn't run.

Replying to cancel a fat-fingered mod. Sorry...

So first you bash people's legitimate desire for privacy, than you claim to have a legitimate reason for anonymity? You *do* realise, don't you, that anonymity is just another aspect of privacy?

So, either you're for privacy, or you're not, but stop pretending you have a legitimate reason for abolishing it while taking full advantage of it.

Required reading for those 'I've got nothing to hide' people.

Also, perhaps you can explain how somebody chooses not to be born in a particular country?

Not posting anonymously because I'm not scared of what people have to say.

As I see it the problem isn't so much that it's just another "picture", it's the fact that your fingerprint is high-value.

The huge level of implicit trust given to fingerprints by the government means that a fingerprint is considered absolute proof of identity. Show me a company that produces a foolproof fingerprint scanner and I'll show you a company who has only ever had themselves test their product. Anyone can invent security that they cannot crack, it takes a whole hell of a lot more work to create security that nobody else (or a reasonably high proportion of everybody else) can crack.

These things are not infallible, and when they fail, or are cracked/bypassed, well if it was your fingerprint - too bad, you've just been pwned for the rest of your life. You can't get another fingerprint.

I'm sorry to break this to you, but no biometric is reliable, either in the capture, or the matching to a database. The systems are vulnerable to attack and abuse. The privacy angle isn't always about what you are giving up today - it's about what you will be giving up tomorrow, next week, next month, next year. It's about the appalling level of trust given to so called high-tech products that claim to give everything but in reality give nothing of practical value.

anime-expo.org engadget.com anishshaikh.com schneier1 schneier2 schneier3 schneier4

Sorry, but up to Server 2008, Windows still doesn't handle partition alignment. Unless I'm completely mistaken, that's largely same kernel in Vista and Win7 too...

It's not so much a problem with track-to-track seeking, as it is a problem with the misaligned I/O itself.

If your on-disk structures do not align with the physical structures, then you experience a penalty for every host I/O to that disk. It's exactly the same issue with enterprise class storage arrays. the volume on the array is offset from the very beginning of the physical disk so is correctly aligned. However, every x86 style partition table laid down on those volumes consume the first 63K of the disk, meaning the data starts at the 64K mark - 1K before the start of the next disk track.

So, in a nutshell - for every host I/O, you will generate at least one additional I/O for the disk due to the badly aligned start of the partition table. Worst case, you'll generate two additional disk I/Os (for multi-track I/O) since the last track is also misaligned. For large block sequential I/O, you can pretty much ignore this effect, for small block random I/O - it's gonna kill performance. Align your partitions to 64K and the problem goes away - of course, this has to be done before you put any data on the partition and is not done by default with any OS I'm aware of today, which explains why nobody ever does it.

Note, since I mentioned storage arrays I'll clarify that this is not the same as the RAID write penalty.

Note also, this is usually only a problem for x86 style partitioned disks.