Follow Slashdot stories on Twitter


Forgot your password?

Comment Feature differences (Score 2) 372

There are features Oracle provides that have no PostgreSQL equivalent.

  • Price -- it costs a lot of money. For many governmental entities, this is a huge advantage -- as they are given a budget, and they need to spend it, otherwise their budget will get reduced -- if its an excuse to spend money, based on claims of productivity, they will often deny requests to use OSS, and mandate the use of Oracle, based on its productivity-improving and more-reliable qualities that some slick salesman persuaded them of, after taking them out for steak at a 5-star restaurant somewhere, or whatever. Also; I hear plenty of government workers saying Management has a no open source software policy; for security reasons, the more money spent on the product the better, as closed source code is deemed to be more secure... For me, and business i'm involved with, this is a huge negative for Oracle, and a reason I almost always pick Postgresql; yes, Oracle delivers more, BUT in many cases you pay Oracle for every extra cent of additional incremental value Oracle delivers over Postgres, and maybe 300% more.
  • RAS features -- such as clustering Oracle RAC
  • Development productivity tools such as - Pro*C
  • SQL Language features where Oracle's implementation is superior -- such as BLOBs. Postgres manages these poorly, for example, you cannot reliably pg_dump blobs - if your application is BLOB happy (e.g. Sharepoint-like), then Postgres is not very suitable.
  • SQL Language features that have no PostgreSQL analog -- such as CONNECT BY clauses, Java class based schema and table mappings; module languages; XML types; default value funciton parameters; organize stored procedure objects using packages; .

Comment Re:But ... But ... But ... (Score 1) 211

Would it relieve you to know that there exist people whose opinions have been swayed by the revelation of scientific study on the subject. I didn't think earthquakes were a likely result of fracking before, but I do now. Sucks that I was wrong before.

Before I can jump to that conclusion.... I have to raise a serious question, however: Have their results been repeated?

Under ordinary circumstances, I would lend a great deal of credence to research --- BUT, there is a serious problem. I know for a fact that there are already environmental groups who are very vocal in their opposition to fracking.

They already speculated the conclusion that fracking can cause earthquakes. And there are probably millions or billions of money to be spent under the table: by activists and lawyers interested in the potential opportunities, for researchers willing to see things the way they do.

My concern is that the outcome of the research may have been affected by known or unknown biases that caused their results to be distorted and not in line with reality.

Therefore; I would demand that their results are reproduced and audited, before they deserve any credence. For the time being, I say their findings are troubling, but a great degree of skepticism is called for.

Comment Re:But ... But ... But ... (Score 1) 211

How about you evaluate for yourself whether the removal millions of gallons of liquid from the earth's crust leaves cavities which result in compression which result in stress which result in earthquakes in geological stable regions.

We remove millions of gallons of liquid from the earth's crust to create drinking water. Without removing those millions of gallons of liquid -- there is no water for humans to drink, and there are massive die-offs of humans....

Comment Re:But ... But ... But ... (Score 1) 211

Where have I heard that? "The earth isn't warming" to "Ok it's warming but that's a good thing" or "Evolution doesn't happen" to "Ok micro-evolution happens".

Ok, they were wrong at first, but they advanced the science in the most rational way; without taking a pessimistic bias and prematurely assuming that the worst possible things are the case.

Comment Re:But ... But ... But ... (Score 1) 211

but it's equally unwise to think you're safe as long as no one pokes it. The important problem is the pile of explosives!

You may be a lot safer if noone pokes it with a stick. The pile of explosives could sit safely by for thousands, tens of thousands, or millions of years if unmolested.

Given sufficient amounts of time major geological disturbances are guaranteed

For example; continental drift. California separating from the mainland; Japan getting sucked down into the ocean.

Accelerating geologic scale events is called a catastrophe.

Comment Re:But ... But ... But ... (Score 1) 211

All that energy will be released eventually, it's just a question of when - and the longer it takes to snap, the worse it will be.

If it happens today; It could seriously hurt me. If it happens 200 years from now but is 5 times worse, then maybe I don't care.

So happening sooner is not always better

A quake today is more damaging than a quake years from now.

Comment Re:But ... But ... But ... (Score 1) 211

Time and time again on Slashdot, we've had extraction engineers that work on this say it's completely safe and anyone who says otherwise is fear mongering!

It's probably fine, but I would like to see legislators passing a law mandating treble damages, for any earth quakes that can be correlated with unsafe energy production operations, AND the onus placed on those producing energy to prove that their methods are safe, that their implementation matches the safe method, and that there aren't configuration or operator errors.

Comment Re:Eh? (Score 2) 193

So "no direct access to data" probably isn't saying much --- just about the limitations of what capabilities the admin UI has.

Posturing by HP to attempt to reduce the perceived severity of the issue?

While not allowing access to the data directly from that interface,

There are probably commands they would be able to type that might enable an additional iSCSI, FC, or NFS initiator to connect; possibly an initiator running on an IP address controlled by the person using the backdoor.

People can do other things on their computers besides load up SSH sessions; if they've got IP connectivity to the storage unit.... it reasons they might use the admin UI to change the configuration in other ways that impact their level of access

Comment Re:Eh? (Score 3, Informative) 193

I grok this to mean that a backdoor exists for customer service, which can be activated by a customer (by two factors: permission and network access), and that without action on the part of the customer, said backdoor is closed.

The requirement for permission is sociological and based on adherence to company procedures and policies of HP.

If HP had chosen to require physical manipulation of the storage device, collecting a serial number or code printed ONLY on the device, or another method of OPT-IN selection by the storage admin, then I am sure there would be no complaint.

The problem is some HP support employees have access to a God code that grants administrative access to any piece of gear, and it's the same for all customer units, AND probably the code continues to work, even if some customer service employees are terminated, that might know the code.

It's poor security against insider abuse, regardless.

Comment Re:badg3r5 (Score 1) 193

If HP had decided to store their passwords properly, by using Bcrypt or Scrypt with a decently high work factor, we would not be having this discussion... their password could be badg3r5, and it would take at least 5 or 6 hours to crack using a dicitonary search with l33t-speak substitution, so there probably wouldn't be 50+ people having discovered it within a couple days :)

Comment It's probably not all that secret (Score 1) 201

There are online references to many; maybe all these names to be found.

ANCHORY Jan 29, 1998 - ANCHORY, formerly known as the SIGINT Online Intelligence System, is an NSA database of SIGINT-derived information. Access to the ...

DODIIS AMHS (Automatic Message Handling System) Jan 26, 2000 - The Automated Message Handling System (AMHS) provides a user-friendly means to send and receive messages via the Automated Digital ...

Mainway - which predominantly collects unstructured telephone metadata; and,
Marina - which predominantly collects unstructured internet metadata; and,
Nucleon - which analyzes spoken words and emails; and,
Prism - which obtains and analyzes digital data obtained straight from the servers of major telecommunications and internet providers

ArcMap - main component of Esri's ArcGIS suite of geospatial processing programs, and is used primarily to view, edit, create, and analyze geospatial data.





Comment Re:ARCMAP is not a code name- (Score 1) 201

Awesome! I don't work for the NSA, but I do use ARCMAP....although Esri would prefer it spelled "ArcMap". It's common GIS software, not a NSA program.

But there might be more than one ARCMAP. If you rearrange the letters you get "PAM CAR"

Makes perfect sense.... a mod_car.... CAR module for PAM could have its benefits....

/etc/pam.d/gate auth required plate_models_db=/etc/licenseplate_models_numbers_allow.db

Comment Re:Simple explanation (Score 1) 201

You choose the appropriate article based on how the acronym is pronounced.

That's one style. Abbreviation vocalization.

Word vocalization is also correct.

If you use the first style you get "An NSA ...."

If you use the second style, you look at the first word which is "National", that starts with a consonant sound, so you have "A NSA ...."

Both styles are correct.

What this just goes to show is.... Slashdot's full of grammar Nazis :)

Comment Re:A fleeting moment of rich irony. (Score 1) 201

The NSA is exempt from the FOIA. You're best off to wait 20 years and submit a Mandatory Declassification Review request.

But unfortunately; i'm sure you can't just use a project codename, you have to request specific documents for the request to be valid.

You can use FOIA requests to ask for list of document names, to inform further requests

Slashdot Top Deals

It is much harder to find a job than to keep one.