Comment there goes the neighborhood (Score 1) 52
And a loud RIP was heard as they created a new tear in the fabric of space-time.
Losing data goes with the territory if you're going to use RAID 0.
In particular, RAID 0 combines disks with no redundancy. It's JUST about capacity and speed, striping the data across several drives on several controllers, so it comes at you faster when you read it and gets shoved out faster when you write it. RAID 0 doesn't even have a parity disk to allow you to recover from failure of one drive or loss of one sector.
That means the failure rate is WORSE than that of an individual disk. If any of the combined disks fails, the total array fails.
(Of course it's still worse if a software bug injects additional failures. B-b But don't assume, because "there's a RAID 0 corruption bug", that there is ANY problem with the similarly-named, but utterly distinct, higher-level RAID configurations which are directed toward reliability, rather than ONLY raw speed and capacity.)
It happens I could use remote USB port functionality.
(Right now I want to run, on my laptop, a device that requires a Windows driver and Windows-only software. I have remote access to a Windows platform with the software and driver installed. If I could export a laptop USB port to the Windows machine, it would solve my problem.)
So NetUSB is vulnerable. Is there an open source replacement for it? (Doesn't need to be interworking if there are both a Linux port server and a Windows client-pseudodriver available.)
I skimmed the start of the paper. If I have this right:
- Essentially all the currently-deployed web servers and modern browsers have the new, much better, encryption.
- Many current web servers and modern browsers support talking to legacy counterparts that only have the older, "export-grade", crypto, which this attack breaks handily.
- Such a server/browser pair can be convinced, by a man-in-the-middle who can modify traffic (or perhaps an eavesdropper-in-the-middle who can also inject forged packets) to agree to use the broken crypto - each being fooled into thinking the broken legacy method is the best that's available.
- When this happens, the browser doesn't mention it - and indicates the connection is secure.
Then they go on to comment that the characteristics of the NSA programs leaked by Snowden look like the NSA already had the paper's crack, or an equivalent, and have been using it regularly for years.
But, with a browser and a web server capable of better encryption technologies, forcing them down to export-grade LEAKS INFORMATION TO THEM that they're being monitored.
So IMHO, rather than JUST disabling the weak crypto, a nice browser feature would be the option for it to pretend it is unpatched and fooled, but put up a BIG, OBVIOUS, indication (like a watermark overlay) that the attack is happening (or it connected to an ancient, vulnerable, server):
- If only a handful of web sites trip the alarm, either they're using obsolete servers that need upgrading, or their traffic is being monitored by NSA or other spooks.
- If essentially ALL web sites trip the alarm, the browser user is being monitored by the NSA or other spooks.
The "tap detector" of fictional spy adventures becomes real, at least against this attack.
With this feature, a user under surveillance - by his country's spooks or internal security apparatus, other countries' spooks, identity thieves, corporate espionage operations, or what-have-you, could know he's being monitored, keep quiet about it, lie low for a while and/or find other channels for communication, appear to be squeaky-clean, and waste the tapper's time and resources for months.
Meanwhile, the NSA, or any other spy operation with this capability, would risk exposure to the surveilled time it uses it. A "silent alarm" when this capability is used could do more to rein in improper general surveillance than any amount of legislation and court decisions.
With open source browsers it should be possible to write a plugin to do this. So we need not wait for the browser maintainers to "fix the problem", and government interference with browser providers will fail. This can be done by ANYBODY with the tech savvy to build such a plugin. (Then, if they distribute it, we get into another spy-vs-spy game of "is this plugin really that function, or a sucker trap that does tapping while it purports to detect tapping?" Oops! The source is open...)
The inadequately-configurable trackpads, in positions where they detect the palm resting on the laptop (or brushing them) and randomly jump the cursor or highlight whole paragraphs so the next keystroke replaces them, are no help, either.
What do you mean by inadequately configurable? There's usually an option to disable while typing somewhere.
It's there. It's on. Didn't help. Don't know if it's that Ubuntu 14.04 doesn't support it properly on these two machines or if it doesn't do the job I want done.
What I'm looking for is NOT there: A threshold level for touch sensitivity. If you're going to put a BIG touchpad on a laptop's palm rest, you need to either put it where the palms won't brush it, or you need to make it possible to turn down the sensitivity so that a feather-light brushing of the pad doesn't register as a mouse motion or button click.
Two different manufacturers (Lenovo and Toshiba) have used exactly the same layout, and exactly the same hair trigger, non-adjustable, touchpad sensitivity. (Also exactly the same sort of wafer-thin flat tile keys, which is how we got into this digression.)
The problem I have with current keyboards is not just the short travel and lack of clickyness, but the tiny height of the keys.
Instead of the tall keys with space between them for fingernail clearance, there are these thin squares maybe an eighth of an inch above a solid surface. If I don't keep all my fingernails cut short, when they go past the side of the key they hit the panel and the key doesn't "strike". Letters get dropped. (So I get to pick between typing well and playing the guitar. I pity those who must keyboard for a living but want long nails to maintain their social life.) The short travel means there's little margin for finger variation, so some letters, where my fingers don't depress the keys as far, normally, don't strike, while others, where I support the weight of my hands, do strike when they shouldn't, or strike multiply.
After over a year I haven't been able to adjust. You may have noticed that my spelling has gone to hell as a result: I have to do a lot more correction and sometimes miss fixing things up.
(The inadequately-configurable trackpads, in positions where they detect the palm resting on the laptop (or brushing them) and randomly jump the cursor or highlight whole paragraphs so the next keystroke replaces them, are no help, either.)
On the other hand, when the nails do hit the key, they quickly wear through the top level of black plastic, exposing the backlit transparent light below it. I replaced a laptop about a year ago and after about six months about a half-dozen heavily-used keys had their pretty letters obscured by the giant glow of the scoured away region.
I had been running on older thinkpads and toshibas, with classic keyboard-shaped keys, or at least the little fingertip cup and substantial fingernail clearance. Switching (in a two-dead-laptops-in-two-weeks emergency) to a lenovo z710, then to a company-supplied toshiba s75, both with the stupid "I'm so thin", square, low-travel, no-finger-cup keys has been a disaster.
Umm... Same principle. Females are not taking as many courses in programming, therefore there are not as many of them to hire. Once the gender quota is reached then the market may have twice as many domestic programmers as they have currently. It won't actually work out that way due to price signalling causing people to change jobs or avoid the discipline altogether.
At the end, they reach the same outcome. More laborers equate to lower wages for all.
I'm never afraid to compete, I've always been at the top of whatever I do and competition just makes this stuff more fun. However, for people that are not obsessed with their jobs, and performance of such, this will suck. Over time, the industry will likely calcify as people with less patience for mediocre programmers influencing the flow of creativity in a project find other ways to fill the void. This will likely change the methods of development and delivery.
Whatever the case... The H1B bullshit is about lying motherfuckers. It has nothing to do with fear of competition, it's about playing fair and by the rules. If the rules need to be changed, let the Congress critters voice those concerns and reap the rewards.
Ah, and *now* I find this paragraph:
"Kalia himself indicates the study refers to popular music and not specific genres or time periods with the title of his analysis: “Music was better back then: When do we stop keeping up with popular music?” It’s not that you stop listening to new artists or even discovering new styles as you age, just that you won’t care as much who is taking home platinum records and leading the iTunes downloads race."
That's a long way from calcifying...
I'm in my late 30's (*sigh*) and my music tastes have only expanded. Thing is - they expanded into areas that still aren't the current "popular music." It's difficult to tell how that would be represented in this report.
Granted I'm likely an outlier of sorts but it's not clear that the methodology would consider me such.
Of course, none of those things are among the criteria for what causes something to be classified as a religion,
That depends on what set of criteria one is using to classify something as religion, doesn't it? B-)
A solar offgrid (or grid-tied with standalone capabilities) would provide power locally until too much stuff failed.
Lead acid batteries last for several years, recent lithium probably for a couple decades. Nickel-Iron batteries are more lossy, but last for centuries, if provided with water to replace evaporation, potentially decades if they have catalytic fill caps to recombine lost hydrox or, say, a reservoir-based automatic watering system. (If their chemistry has a long-term unavoidable failure mode I'm not aware of it.)
Even with the batteries dead (NiFe or otherwise) the system will have power when the sun is out until at least one panel in every series substring is too degraded, shaded, or smashed to provide adequate power.
Semiconductor controllers might go for a decade to centuries, depending mainly on whether the conductive interconnects of the semiconductors are sized to avoid electromigration at the current levels used and what they're using for large capacitors.
Wind generaors have several moving parts to screw up - how many depends on the design. For a simple homebrew one you have the main bearings, yaw bearing, and tail furling-system bearing. Any one of them failing will take it out. (Even the furling bearing: Once that screws up it doesn't furl right and tears apart in the next storm.) There's also the get-the-power-past-the-yawing mechanism (typically a long cable being twisted and manually "unwound" every few years, or a brush mechanism.) Call it a decade without maintenance at the outside.
So some of 'em may run until a nearby lightning strike fries something.
I wonder what the numbers would be if "Progressivism" were also counted as a religion, rather than JUST a philosophy or political affilication? B-)
Think about it: It claims to prescribe what behavior is good or bad, generally expects its adherents to take its pronouncements on faith, and has a lot to say against various religions - just like ("other") competing religions do to their opponents.
I could go on with the similarities. But since they include suppression of competing ideas by pretty much any available mechanism (including arbitrary down-moderation, personal attacks, and flame wars), I'd prefer to keep the discussion light.
They're not alone in this, either. (c.f. any of several political philosophies, right, left, libertarian, authoritarian, moderate,
My ISP uses an AQM and I can maintain about 10ms of additional latency even when my connection is flooded beyond 100%.
Latency is a problem, and as you mention, AQM can deal with it without packet-type distinctions. But it's not the BIG problem when TCP and streams are trying to divide a channel's bandwidth.
That problem is packet loss. TCP imposes it on streams. TCP is HAPPY to accept a little packet loss. Streams get into trouble quickly - and all the workarounds short of QoS packet-class distinctions on the pathway just push the problem around into other aspects (such as delay).
With QoS you can put the drops selectively into, first the TCP flows (which then throttle back), then already-delayed stream packets (which streams no longer need - when TCP could use the equivalent just fine.) In fact you could even give streams strict priority over TCP - provided they're within their bandwidth limit - and avoid dropouts and most of the jitter completely. Streams get the cream and TCP gets the whey, other stuff gets something in between.
Today is a good day for information-gathering. Read someone else's mail file.
