Comment Re:Submitter doesn't understand Wikipedia notabili (Score 1) 98
A couple new answers to that question have popped up in the intervening time.
Comment Re:Would it hurt ... (Score 1) 98
MongoDB uses mmap but the similarity ends there. It uses a journal, not COW. It suffers from a number of durability and consistency vulnerabilities. LMDB has no such weaknesses.
http://www.slideshare.net/mong...
This research group at University of Wisconsin cites 1 vulnerability for LMDB, but they were mistaken:
Comment Re:Would it hurt ... (Score 1) 98
CouchDB is a pure append-only design which means that within a few dozen write operations, 90+% of its space is filled with out-of-date records. It requires frequent periodic compaction phases, and each compaction phase has a significant negative impact on latency and throughput. LMDB requires no compaction, and provides consistent latency and throughput at all times.
They are similar in that both use COW, but the similarity ends there.
Comment Re:complex application example (Score 1) 161
Totally agreed. The lack of guarantees re: UDP is built into the UDP spec, it's not a failing of the Linux kernel (nor any other OS) that it won't tell you about dropped packets. Luke, you should know better than this.
Comment Did that 23 years ago (Score 2) 57
with my Atari ST. It was trivial then since the same chip controlled both the keyboard and MIDI ports, just redirect one of the intercept vectors to catch the incoming MIDI packets and feed the notes to the keyboard buffer.
It's more fun to do this with a Zeta MIDI violin. I programmed it to move the mouse pointer on glissandos too, could do pretty much anything without touching keyboard or mouse.
Submission + - A Closer Look at Problems in GnuTLS (huffingtonpost.com)
hyc writes: On HuffPost Code, a look at the obvious problems with GnuTLS from a software design and development process perspective; GnuTLS is still just a pile of vulnerabilities waiting to happen.
Comment Re:We all knew it was coming... (Score 1) 231
You really need to read ITS#5361 as well.
Comment Re:Can't say I disagree. (Score 1) 1098
As a related example, I was recently (last summer) confronted by a patchset from [a prominent network router manufacturer] for OpenLDAP, which they wanted to contribute back to the Project. Upon reviewing the patchset, I found they were using an OpenLDAP release from 2001, and this is the code they've been embedding in the firmware of many of their router products from then till now. Many of the patches they sent me were in fact patches I had written for the Project, which they had backported somewhere in the mists of time.
So, thanks to OpenLDAP's permissive license, there's a lot of network hardware out there running ancient, patchwork code that's massively obsolete, along with a crazyquilt of patches of widely varying quality. None of the users of this hardware have any idea of what's inside there, no one can say what security vulnerabilities may or may not exist in any particular model # or serial #, because the code itself is just a frankenstein jumble.
Personally I would have preferred the GPL, because it would have prevented this sort of situation, but it would be quite difficult for the OpenLDAP Foundation to contact all of the copyright holders and ask them to approve a license change, and I suspect a number of them would refuse to change.
Just keep in mind - the freedom that permissive licenses grants to proprietary software companies almost always works to the customers' disadvantage. They will allow their code bases to diverge, they will allow bitrot to set in, they will allow CVEs to go unaddressed, and no one outside will know exactly how bad things are. Until perhaps 10-15 years later, if someone inside the company wakes up and realizes how untenable their situation really is. But the problem is these companies always jump down this path at first; they haven't looked far enough down it to see where it goes.
Comment Re:Berkeley DB is a steaming POS (Score 1) 219
You would be doing anyone you make such a recommendation to a disservice. BerkeleyDB was a nice piece of work for the 1980s. It is totally outclassed by LMDB today.
Comment Re:Yawn, another fork (Score 1) 219
5.0 is pretty ancient. MySQL abandoned BDB as a backend in 2006, shortly after Oracle acquired BDB. They couldn't use vanilla BDB, it required their own patches to the BDB source tree.
Submission + - World's Smallest And Fastest Database (highlandsun.com)
hyc writes: "It was only a couple months ago that MemSQL was claiming to be the world's fastest database. But here we have a new contender; compiling to under 32K of object code it is unquestionably the world's smallest and most lightweight fully transactional database. It is also orders of magnitude faster than everything else for reads, and impressively fast for writes. It is a memory-mapped database (which, unlike an in-memory database, is intrinsically persistent. In-memory databases are ephemeral by design and require a persistence mechanism to be bolted on as an afterthought) which is completely impervious to corruption. It does not use write-ahead transaction logs, and requires zero recovery time when restarting after a crash. It's already shown impressive performance gains when used as a backend for OpenLDAP slapd, as well as for SQLite3. Work is underway to create backends for other projects (e.g. MemcacheDB, Cassandra) but your readers could help that along."
Comment Re:Overblown (Score 1) 184
Yes, it's overblown, but tmpfs is not a reliable solution. If the system is under heavy enough load and memory pressure, the tmpfs contents may get swapped out to disk anyway.
And oh yeah, the swap partition on your disk is a liability too. But anytime someone has physical access to your disk, all bets are off anyway...
Comment Re:Sounds funky but (Score 1) 131
I rewrote the pidgin-otr plugin to use plain libpurple a few months ago. It will work on anything that libpurple works on, including finch. You can read about it here
http://lists.cypherpunks.ca/pipermail/otr-dev/2011-December/001226.html
and grab the code here
https://gitorious.org/purple-otr#more
There's already a package for it in Arch Linux.
http://aur.archlinux.org/packages.php?ID=55511
Comment Re:This is really good news (Score 1) 164
On that topic, i guess it would be a really good idea to write an OTR plugin for the vanilla Android SMS app. Something for my todo list if it hasn't already been done. (PS, you can find my OTR plugin for Finch/libpurple here https://gitorious.org/purple-otr )
Comment Re:It's open source (Score 1) 325
Google has been grossly negligent from Day 1. I paid ~ $600 for my G1 phone 2 years ago, and got zilch for customer support from Google, and nobody at T-Mobile was smart enough to even know what to do with any Android technical problems. When people are paying this much real money for a product, by god you better offer them real technical support.
You can't find any dedicated email address or phone number to report issues, the best you can do is file a bug report that's unlikely to be acted on, or post on groups.google.com and hope some bored developer with a few cycles to spare reads your post. That's completely inexcusable for the price people pay for these devices.
I've stuck with it because I've been able to download the source and fix issues I've run into, but only after many days of beating my head against the poorly or non-documented interfaces in the system. But again, regular customers paying real money shouldn't have to do that. For this kind of money, there should be dedicated customer support people who are proficient with the OS and the range of devices, and there should be complete documentation on all of the bundled features.
