Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:SecureBoot is incomplete (Score 1) 135

by vojtech (#44223237) Attached to: Secure Boot Coming To SuSE Linux Servers

You might want to examine the MOK concept that SUSE has implemented. It allows for custom executables that are checked against a local key.

Regarding configuration, that is outside of the scope of Secure Boot. Its purpose isn't a full system attestation, it's limited to preventing executing untrusted code in kernel space. That alone is of value, as it makes installing persistent and invisible rootkits much much harder. Not impossible, of course - as long as software can have bugs, no security technology can be perfect.

(working for SUSE ...)

Comment: Re:I work at SUSE. (Score 1) 506

by vojtech (#38989731) Attached to: Ask Slashdot: Where Are the Open Source Jobs?

Novell has been acquired by The Attachmate Group (http://attachmategroup.com/) and is now privately owned and the original Novell businesses now form most of what The Attachmate Group is.

TAG is now operating four businesses: Attachmate - their original business, NetIQ - the systems/network/identity/compliance/security-management company, where the Novell Managewise, Zenworks, identity manager, platespin, orchestrator, etc, etc, products are a significant part of the portfolio, then Novell - with the "true" Novell products like NetWare and GroupWise, and finally SUSE, with the Linux products.

And TAG is doing rather well overall.

Regarding the IP, you could've seen in the news that this was abould the old Novell patent warchest. Patents that Novell owned for defense purposes, sort of an atomic stockpile for mutual assured destruction. They've been purchased by a consortium created by Microsoft, Apple, Oracle and EMC and safely stored in an equivalent of a nuclear waste storage facility until their danger to the members of the consortium expires.

And nothing of value to Novell was lost - TAG retained the IP relevant to Novell's, NetIQ's and SUSE's present products. You may argue that with a reduction of the number of warheads TAG is more vulnerable. Novell/SUSE/TAG are still a (contributing) member of the OIN and thus believes it doesn't need to own such a huge stockpile itself.

Comment: Re:Curious... (Score 1) 1017

by vojtech (#35867030) Attached to: Is Sugar Toxic?

However, the more important question (also answered in the article and the video) is:

Why do people eat more than they need? Why, when the human body can detect when it has enough nutrients and signal satiety to the brain?

The answer being: Because we've developed foods (by using high fructose amounts in them, through sugar) that block those signal paths. We've perfected foods that we want to crave and that don't make us feel we've had enough, so that we can consume more.

Yes, one possible answer to the caloric equation is: Have a strong will, be hungry and you'll be lean. The other is: Eat right, and you'll feel satiated after eating exactly the amount that's needed for your health.

And, btw, the equation assumes that all you eat and is digestible gets digested. That obviously isn't true, when overeating a lot of the food just goes through without the nutrients getting extracted. If that wasn't the case, many people would weigh thousands of pounds today.

Comment: Re:Glucose anyone? (Score 1) 1017

by vojtech (#35866884) Attached to: Is Sugar Toxic?
To answer the question: Fats and proteins, of course. Meatabolizing both produces ATP - directly useful energy. But they're used only when sugar isn't abundant in the bloodstream. But that isn't the point of the Lustig claim. The point is that there is one specific sugar, fructose, which has a very different buildup. It is a 5-carbon cycle versus a 6-carbon cycle for just about every other sugar. The human body doesn't metabolize fructose well. Specifically when there is plenty fructose available and little energy demand, fructose gets converted directly into harmful fatty acids. The body obtains fructose from HFCS, regular sugar (sucrose) and fruits, particularly pulp-free juices. On the other hand, glucose, the more usual 6-carbon sugar is still considered safe. It only doesn't taste at all as good. And then all the other carbohydrates - starches - are a safe, s 6-carbon-cycle, sources of energy. Eg. potatoes, rice, pasta, bread.

Comment: Re:does it run Linux - yea but it is "boring" (Score 4, Informative) 326

by vojtech (#34304036) Attached to: Intel Talks 1000-Core Processors
The current limit on Linux (with 2.6 series) is 8192 CPUs on POWER and 4096 on x86. And there are even a number of non-x86 machines today that reach these sizes in a cache-coherent (ccNUMA) manner that Linux works well on. You still have to be careful with application design, though, because it's fairly easy to hit bottlenecks either in the application or in the kernel that will limit scalability. Most common workloads are already seeing
Image

"Tube Map" Created For the Milky Way 142

Posted by samzenpus
from the non-stop-service-to-the-Perseus-Arm dept.
astroengine writes "Assuming you had an interstellar spaceship, how would you navigate around the galaxy? For starters, you'd probably need a map. But there's billions of stars out there — how complex would that map need to be? Actually, Samuel Arbesman, a research fellow from Harvard, has come up with a fun solution. He created the 'Milky Way Transit Authority (MWTA),' a simple transit system in the style of the iconic London Underground 'Tube Map.' (Travel Tip: Don't spend too much time loitering around the station at Carina, there's some demolition work underway.)"

Comment: Re:Security enhancement at best (Score 2, Insightful) 59

by vojtech (#30182636) Attached to: RFID Fingerprints To Fight Tag Cloning

It just means the clone will have to be a bit more expensive.

Cloned tags aren't using the same cheap chips that the common passive tags do. An attacker can afford to carry batteries with him and make the tag completely locally powered. Then he has much more powerful electronics at his disposal and can simulate whatever frequency response the original tag had due to its cheap (few cents per tag) design.

This fingerprinting will do no more than to force the attacker to pay a few bucks more to create a clone.

Comment: Wrong assumptions (Score 5, Insightful) 444

by vojtech (#29464131) Attached to: RAID's Days May Be Numbered

The article assumes that when within a RAID5 array a drive encounters a single sector failure (the most common failure scenario), an entire disk has to go offline, be replaced and rebuilt.

That is utter nonsense, of course. All that's needed is to rebuild a single affected stripe of the array to a spare disk. (You do have spares in your RAID setups, right?)

As soon as the single stripe is rebuilt, the whole array is again in a fully redundant state again - although the redundancy is spread across the drive with a bad sector and the spare.

Even better, modern drives have internal sector remapping tables and when a bad sector occurs, all the array has to do is to read the other disks, calculate the sector, and WRITE it back to the FAILED drive.
The drive will remap the sector, replace it with a good one, and tada, we have a well working array again. In fact, this is exactly what Linux's MD RAID5 driver does, so it's not just a theory.

Catastrophic whole-drive failures (head crash, etc) do happen, too. And there the article would have a point - you need to rebuild the whole array. But then - these are by a couple orders of magnitude less frequent than simple data errors. So no reason to worry again.

*sigh*

If it happens once, it's a bug. If it happens twice, it's a feature. If it happens more than twice, it's a design philosophy.

Working...