Why was my comment moderated "Troll" when I merely pointed out that the parent had unintentionally inserted an extra negative in his statement? The drift of his comment was surely that ECC RAM is better. Yet he wrote "it's foolish not to use non-ECC RAM".
It's sad that moderators don't take the trouble to read what is in front of them. Or, worse still, that at least one moderator routinely mods my comments "Troll" without reading them.
I assume you meant "it's foolish to use non-ECC RAM".
Reminds me of the first time I ever heard this particular discussion: at DEC in about 1983. A colleague who had gone to do quality engineering on VAX/VMS systems asked for statistics on crashes caused by memory errors. All VAX computers had built-in ECC (of course), but the advanced thinkers in engineering were wondering if it would be more cost-effective to do without. Money would be saved, both by the manufacturer and the customer, and systems would run significantly faster (maybe). Surely that would be worth the fairly infrequent crash, which could be recovered from with the help of backups, logs, etc.?
We all thought the idea was daft - purely on general principle. The reduction in speed due to ECC could be exactly specified, as could the extra cost. But random crashes couldn't - and what if human error caused the backups, logs, etc. to be missing or corrupt? Worse still, what if errors were introduced that didn't cause a crash or any noticeable problem? All sorts of critical systems could go on stacking up subtly wrong data more or less indefinitely.
To this day I always ask for ECC whenever I buy a new PC - but the only machines I have ever found that had it were Dell workstations.
'I'm not sure whether I more bothered by "benchmark queens" or people who flame'.
FTFY. Does anyone ever flame about anything except subjective opinions?
I don't understand your comment about a dictionary. I referred to the standard definition of power - see (e.g.) http://science.howstuffworks.c... if your recollection is rusty.
As I was posting on Slashdot, I didn't think it was necessary to explain why the extract I quoted is confusing (and confused).
"...can boost 300 to 400 millivolts power to 3 to 5 volts".
Calling millivolts "power" is sloppy at best, but the real strangeness is the idea of boosting "300 to 400 millivolts power to 3 to 5 volts". Given that you can increase the voltage by a factor of 10 or so, one would normally expect that to be accompanied by a corresponding drop in current to keep the power constant. After all, you can't just pluck increased power out of nowhere by changing voltage.
And, of course, you can have a potential difference of millions of volts with no power flowing at all.
"...can boost 300 to 400 millivolts power to 3 to 5 volts".
Power? Volts? Boost? Huh???
Have you tried lying to a cop recently? I wouldn't advise it.
"I doubt the cops care anything about civil law".
There is a mountain of evidence to show that the entire US federal government doesn't care about any law at all - international law, treaties, federal law, state law, or even the Constitution.
The key don't-get-into-jail card is always the same: the decision to prosecute is entrusted to the executive branch. If someone in the right position decides something won't be taken to court, it isn't. From a cop shooting an apparently defenceless and innocent civilian to a president launching unprovoked aggressive wars, authorizing torture, and refusing to prosecute the last president for the same things.
"A nation of laws, not men" - nice idea, but not any more.
That doesn't seem to be quite in the spirit of the Declaration of Independence, the Constitution, or the Bill of Rights. "Land of the smart enough to avoid being framed by the justice system" - doesn't have the same ring, does it? Especially since (ironically enough) simply being smart doesn't cut it - you need street smarts, expert knowledge, and best of all contacts.
That's it" "Land of the well-connected".
"Are you paying for them?"
Aha! And there we have the central issue, in the simplest possible terms.
It's a matter of foreseeing and predicting risk, and then defending against it in a cost-effective way. Trouble is, there are very few other domains of expertise (if that is the right word) that so glaringly expose our human weakness at estimating risk. (See Nassim Nicholas Taleb's books, passim). Typically, a token effort at assessing risk is made, and then when some entirely unforeseen disaster strikes out of left field, we mutter about "black swans". The fact is that we are not nearly as clever as we think we are, which often leads us to bite off far more than we can chew.
Another relevant saying is "the left hand knoweth not what the right hand doeth". One person or team does the risk analysis, while other - completely unknown - people pile up unseen risks, which thus cannot be defended against. Presumably the people who designed those systems had no inkling that they would be attacked by technically expert enemies who deliberately set out to do as much damage as possible. I imagine that a resolute inquiry would eventually discover who upset whom, leading to this outcome.
"This thought is so utterly flat as it is true, but it does not offer any train thought which steps to undertake to at least increase the security".
Precisely! The purpose of such statements is to focus the listener's mind on the highly unwelcome (and perhaps unfamiliar) idea that security is utterly antithetical to everything else we seek in a computer system.
Good security usually means lower performance, slower response time, greater cost, far less user-friendliness, and very noticeably less convenience in general. But if you want security, that's part of the price.
Since most people - including senior decision-makers - have little or no understanding of the issues and tradeoffs, this means that security will normally be severely neglected. So attackers have a fairly easy task and a target-rich environment. Until something really bad happens, when there is suddenly an outcry and a witch-hunt.
About 20 years ago I used to lecture on the topic of computer security. Taking my cue from UK government experts whom I had met back in the 1980s, I used to point out that the only secure computer system is one that cannot be accessed by any human being. Indeed, I recall one expert who used to start his talks by picking up a brick and handing it round, before commenting, "That is our idea of a truly secure IT system. Admittedly it doesn't do very much, but no one is going to sabotage it or get secret information out of it".
I still have my slides from the 1990s, and one of the points I always stressed while summing up was, "Black hats could do a LOT more harm than they have so far". To my mind, the question was why that hadn't happened. The obvious reason was motive: why would anyone make considerable efforts, and presumably put themselves at risk of justice or revenge, unless there was something important to gain?
Stuxnet was the first highly visible case of large-scale industrial sabotage, and I think everyone agrees it was politically motivated - an attack by one state on another, and as such an act of war (or very close to one). This looks similar, and apparently used somewhat similar methods.
The article tells us that "...hackers managed to access production networks..." The question is, why was this allowed? If "production networks" cannot be rendered totally secure, they should not exist. Moreover, if they do exist they should be wholly insulated from the Internet and the baleful influence of "social networks" and the people who use them.
Happiness is twin floppies.
