Forgot your password?
typodupeerror

Comment: ehh, plain backup is enough (Score 1) 272

by phr1 (#32731130) Attached to: Seagate Releases 3TB External Drive for $250

RAID isn't really necessary for an application like that. RAID means when you change something on the drive, you update another drive simultaneously, in real time. For your bit torrent example it's enough to just use ordinary backups, which just means rsync'ing one drive to another every so often (nightly or whatever). That is fairly fast since it only copies the new or updated files, keeping the drives in sync. That may even help reliability, since the second drive isn't spinning except when you do a backup.

Comment: hardware encryption (Score 1) 555

by phr1 (#32047098) Attached to: Recourse For Draconian Encryption Requirements?
Use a hardware encrypted disk. They are becoming a lot more affordable and easier to find. You don't have to do a single thing to the software. Visit newegg.com and type "fde" (for "full disk encryption") into the search form, and you will find a bunch. These drives encrypt the disk in ECB mode, which leaves some kinds of data patterns detectable, but it's a huge improvement over leaving the disk unencrypted. It should stop the most scary types of personal information disclosure in this application, even though it leaks vaguer sorts of information that make it unsuitable for a general purpose cryptographic solution. There are some ways to compensate for this with special software, but you're trying to avoid using any of that.
Censorship

China Warns Google To Obey Or Leave 533

Posted by Soulskill
from the who-wears-the-pants-in-this-family dept.
suraj.sun writes with this snippet from an Associated Press report: "China's top Internet regulator insisted Friday that Google must obey its laws or 'pay the consequences,' giving no sign of a possible compromise in their dispute over censorship and hacking. 'If you want to do something that disobeys Chinese law and regulations, you are unfriendly, you are irresponsible and you will have to pay the consequences,' Li Yizhong, the minister of Industry and Information Technology, said on the sidelines of China's annual legislature. ... 'Whether they leave or not is up to them,' Li said. 'But if they leave, China's Internet market is still going to develop.' ... Li insisted the government needs to censor Internet content to protect the rights of the country and its people. 'If there is information that harms stability or the people, of course we will have to block it,' he said."

Comment: just ask for zip code (Score 1) 297

by phr1 (#27150349) Attached to: How To Keep a Web Site Local?

It sounds like you're just trying to save some server resources, not run an ultra high security operation, and that you probably DO want to let legitimate users access the site even when they're travelling. The simplest thing, it sounds like, is to just ask people to enter their zip code when they register. Explain that it's a site for a certain locality and they shouldn't register if they're not from there. If they enter an out-of-area zip code, give them an error page explaining the same thing again. Don't tell them the "valid" zip codes. Yes they could look them up if they're motivated enough, but in that case you probably want to let them in anyway, i.e. maybe they used to live there and still have connections to the area, that sort of thing.

All the stuff about IP geolocation seems like a waste of resources in this context.

Comment: Why does anyone outsource their private life (Score 2, Interesting) 409

by phr1 (#26898825) Attached to: Facebook Scrambles To Contain ToS Fallout
to these damn companies anyway? Facebook, Myspace, Livejournal and all the rest of them. The whole thing gives me the willies. Much better to get plain old web hosting and pay for it and control it yourself. Anyone remember Facebook's "Beacon" program? It's one insidious scheme after another. After this TOS stuff, it will be something else.

Comment: Re:the solution is here .. (Score 1) 183

by phr1 (#26254427) Attached to: Smart Spam Filtering For Forums and Blogs?
There is a very obvious anonymous payment system run by the US Treasury and its counterpart organizations in other countries. At registration time ask for the serial number of a one dollar bill, and require that the bill be sent by snail mail to confirm that it is real, and to help with site expenses. No names or return addresses are required and no spammer will go anywhere near that.

Comment: Re:How do you mass remove CA certs in Firefox (Score 1) 300

by phr1 (#26246039) Attached to: Perfect MITM Attacks With No-Check SSL Certs
Oh I see what you mean. The following approach may be worth experimenting with, but no promises: 1) Configure one browser the way you like it, using the method described above. 2) Look in your .mozilla/firefox/(profile name) directory for a file called cert8.db 3) Push that file out to other desktops in your installation.

Comment: The MS-DOS era is over (Score 1) 115

by phr1 (#26133185) Attached to: Intel Quad-Core Price and Performance Showdown
and I think we know better than "no one will ever want more than 640K" or 4GB as the case may be. The latest trendy accessory is ultra expensive ($25/GB) Intel X25-E flash drives and a lot of the motivation for buying them is inadequate ram capacity in the host computer (since the flash disk costs more per GB than RAM which is 100x faster, though volatile).

Yeah a lot of people are still running 32 bit OS's, but almost all desktop hardware now being shipped is 64 bit-- we're in something like the tail end of the Windows 3.x era. I think most serious users will run 64 bit OS's pretty soon. The Mac Pro uses FB-DIMM and has 8 sockets (wish it had 16) and for a big class of data crunching tasks, what matters most is the amount of ram you can throw at it. The recent collapse in ram prices has been amazing. If enough sockets were available we could fit out $5000 boxes (think of a fully loaded Dell Precision or Mac Pro, not exactly a mass market consumer pc, but not a high end Sun server either) with 128GB or maybe even 256GB. That really extends the range of problems you can attack. But, the bottleneck even in server boards seems to always be ram sockets.

Comment: the computer is not just the cpu (Score 5, Informative) 115

by phr1 (#26132345) Attached to: Intel Quad-Core Price and Performance Showdown
The Nehalem/i7 uses DDR3 which is a lot more expensive per GB compared to DDR2 and not available in as high capacity. It has more bandwidth but its latency (which matters more) is about the same. The usual desktop mobo is limited to 2 dram modules per channel. DDR2 boards usually have 2 channels (4 sockets max) while DDR3 boards have 3 channels (6 sockets). But 4GB DDR2 modules are around $100 (link) while DDR3 currently maxes out at 2GB. So you can populate a Phenom or Core 2 mobo with 16gb of ram for $400 but you can't put that much on a normal consumer i7 board for any amount of money. 2GB DDR2 parts are a lot cheaper still, you can put on 8gb (4x 2gb) at around $15/gb, $120 total. Right now a 2gb DDR3 part is $50-ish, 3x as expensive (link). It helps that you can put 6 of them on a board (12gb total, $300) but you have to take the cost difference per GB into account with 2GB parts, and comparing with 4GB DDR2 parts there is $/GB parity but lower total capacity (4x4gb vs 6x2gb). And of course when 4gb ddr3 does come out, it will bring a welcome increase to 24gb total capacity, but it will be WAY expensive for quite a while (the 4gb ddr2 modules that are $100 now were $500+ for most of this year).

I just don't understand why there aren't more consumer boards with a lot more sockets, using FB-DIMM or registered DDR. You have to go to server boards for that ($$$).

Comment: terrorists exploiting a weakness? (Score 1) 118

by phr1 (#26021445) Attached to: Cell Phone SIM Cards Lead To Terrorists' Trail
In this case I think it's the cops who are exploiting a weakness (that most cell phone users are identifiable unless they take special precautions), not that anything is wrong with cops using what they can under the circumstances. But, as a general matter, private communications are a GOOD thing. If we have a situation where a criminal wore gloves to avoid leaving fingerprints, we normally wouldn't say they exploited a weakness of the fingerprint system that needs to be plugged by outlawing gloves.

That does not compute.

Working...