Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment 800 drives tested (Score 1) 292

i'm just going over the batch of OCZs that we had to pull from locations all over the world. the cost of the recall was far in excess of the cost of the drives. over 200 of them. if you have an OCZ Vertex drive with firmware revision 1.11, it *will* fail spectacularly. all you need to do is set up 64 sets of parallel writes, run them for 10 minutes, and you *will* get data corruption. you can do this in a shell script (i used python) by spawning "cp -aux" of a directory hierarchy with 1500 subdirectories and 3,000 small files. 64 parallel sets of copying (and then deleting) i.e. if you do around 1.5 million file-directory creates and deletes you are *guaranteed* to have data corruption.

the strange thing: the very first Vertex OCZs released were absolutely fine. what i learned just yesterday was that *even* with a drive that has been consistently failing, if you downgrade its firmware to revision 1.7 *it becomes absolutely fine*.

the problem that we have is that upgrading units in-the-field when the firmware upgrade system provided by OCZ is an ISOLINUX cd image with FreeDOS and a firmware-flash program is going to be rather tricky when none of the systems have a screen let alone a keyboard.

by contrast, we have somewhere around 500 Intel 320s installed world-wide. there have only ever been 3 failures.

for the selection of the new drive (Intel 320s are end-of-life) i'm endeavouring to replicate that test system which was reported on slashdot to have destroyed 12 different SSDs within under an hour per drive. i have managed to destroy one already: Crucial M4. it took 2500 power-cycle interruptions (the program's still in development) so the M4 failed in under 24 hours. so don't get that one. still on the list: Innodisk 3-MP Sata Slim, Toshiba's new SSD, and Intel's new S3500.

the toshiba i can already tell you, if you interrupt its power you will find that, on power-up, some of the outstanding write requests will *not* have been actioned. this is partly good news: it means that the drive is detecting that it doesn't have power, so doesn't risk corrupting the drive. i'm looking forward to properly testing the 3-MP because they're cheap, small, and the datasheet has, unlike any other manufacturer, a heck of a lot of details about how they actually do power-loss protection. most other manufacturers don't even bother to mention power-loss protection, that's if you can find a proper datasheet at all.

Comment analysis of the Quark and Galileo (Score 3, Interesting) 130

i did an analysis of the Quark X1000 based on the Galileo schematics, and the assessment isn't good:

the key failure is that there's absolutely no I/O multiplexing. given that intel actually designed the PXA series of ARM processors before selling them to marvell you have to wonder what was going through the minds of the engineers behind the Quark X1000.

the main points of the above link which automatically and very unfortunately make the Quark X1000 a complete failure are:

1) there's no video outputs, and the only options are USB2 (DisplayLink with no 3D capabilities and too slow to do video), SPI (for character-based LCDs) or PCIe. to match a 0.4 watt processor with a 20 watt 3D PCIe Graphics card is completely insane. there are therefore no good options for video display of *any* kind.

2) there's no "industrial" or "embedded" style GPIO. no CAN bus, no PWM, no ADC, no DAC. there's also no audio. there's not even I2S and there's certainly no SPDIF. so to make up for that lack you'd have to add something like a Cortex M0, M3 or M4 embedded controller... and given that those usually come with built-in Power Management, NAND Flash and SDRAM, for the majority of purposes where you'd need to use an embedded controller with a Quark as a GPIO expander you'd be better off, cost-wise, with... just the embedded controller.

overall then there really aren't *any* markets that this chip could be useful for. if i'm wrong about that, and anyone can actually think of good uses for it, please do speak up.

Comment DON'T INSTALL OPENSUSE 13.1 (Score 1, Informative) 104

there are too many bugs in btrfs for it to be installed in production:

especially this one, which has yet to be resolved:

which is a major useability issue. yes i made the mistake of installing btrfs on a live production system.

Comment shrinking geometries reduce reliability (Score 1) 512

i was speaking to someone who works in aerospace: they have deep concerns about the geometry shrinks in the chase for extra storage. the smaller the geometry gets, the less reliable it gets, it's as simple as that. they are having enormous difficulty getting hold of large-geometry small-capacity NAND flash ICs.

also, i've begun to replicate the drive-torturing software which was mentioned a few months ago here on slashdot. one SSD i tested which is reported to have good power-loss protection failed in THREE minutes. another took 24 hours and 2,500 power-cycles.

Comment Re:We owe our thanks to Mr. Snowden (Score 5, Insightful) 366

if you've seen the film with nicholas cage, it highlighted for me for the very first time that the U.S. Constitution was written by some extremely fore-sighted people. there are specific words in it which not just permit but *OBLIGATE* you - each and every american citizen - to overthrow any government that has become tyrannical or otherwise lost its way.

given that america has such a significant hold over the rest of the world, *i* as a UK citizen am obligated to point this out to you, because by not doing so it will have an adverse effect (through erosion of sovereign rights of each and every country - erosion initiated by the corrupt U.S. Govt infrastructure) on *my* country to whom *i* hold allegiance.

so - get to it, americans - get your act together!

Comment Re:Does the UK get any say? (Score 5, Interesting) 148

yes. many people are unaware of the fact that these major power plants - coal, gas, oil, nuclear - are only efficient when they are at maximum capacity. if you shut them off for any reason (and this can be done fairly quickly), getting them back up to temperature can take *weeks*.

so any investor is going to want guarantees that the power plant in which they're to be investing billions will provide a guaranteed return on investment. even in cases where there's complete catastrophic failure [hey, what's insurance for, huh?]

btw as an off-topic aside, the reason why wind power is a failure even before it becomes popular [which it won't] is because its power provision is completely arbitrary. in fact, it's not very well-known but the wind systems in scotland where i used to live were heavily subsidised. the UK Govt pays them 25 thousand pounds A MONTH to NOT run them. in fact, as they're motors as well as generators, when it's not windy enough, from what i hear they're actually POWERED to make them LOOK like they're generating electricity, so that people don't wonder why they're not running.

wind turbines. only operational at between 8m/sec (about 24mph) and 24m/sec (about 70mph). below that there's not enough wind to make them turn. above that they're dangerous (one blew up in wind-speeds of 150mph last year - made a great photo in the local scottish paper). and yet people insist on commissioning wind-turbines based on a 100% operational capacity.

Comment Re:regular expression optimiser (Score 1) 190

thanks thegarbz - i didn't mention that i added in pyzor and razor, and i think clamav as well. also as my domain's been up for a while it does receive a considerable amount of spam. the load just got to be too much. i'll investigate alternatives and also bear in mind that spamassassin worked well for you.

Comment regular expression optimiser (Score 2) 190

i'd be interested to see what happens if you run those regex's through this:

btw can we please get a copy of the patterns you're using? i think they might prove useful for other people. also i'd like to test them myself against regexopt.

oh - to the other person who suggested spamassassin? i tried that, i set it up to run at MTA-time. it often took THIRTY SECONDS to process a message. in fact it was so bad that i was forced to set a limit of 100k on incoming messages, as a lot of virus-ridden word documents (etc) were typically over 100k. that cut down the amount of CPU cycles but it was still far far too much memory and far too CPU intensive.

the one thing that did work well is greylisting, however the problem with greylisting i find is that if you happen not to be at the computer or have direct access to the server and people on the phone say "i'm sending you a message now, have you got it?" you *know* it's going to be at least an hour before it'll arrive. so, unless you can whitelist them in advance (which you can't always do) greylisting does actually interfere with legitimate business.

anyway: in the end i gave up and went to gmail, but with gmail fucking up how they're doing things i have to revisit this and set up a mail server again. thus we come full circle...

Comment Re:Wait...what? (Score 2) 208

which means the genes will actively spread in wild plants due to natural selection.

and we've seen how the introduction of rabbits, foxes and other non-naturally-occurring animals into australia worked out, and how japanese bind weed has worked out when introduced outside of japan.

i cannot begin to voice how insanely dangerous it is to put random genes into food crops like this. the nightmare i "made up" one day was these insane "time-bomb" crops, where crops can be planted and grow but the seeds it creates are sterile. "commercially" this is incredibly "valuable" as it allows total control over the supply. now imagine some completely insane person creating "generation" time-bomb seeds, which grow, seed, grow, seed then grow sterile. now imagine _those_ cross-pollenating with wild crops and other species. you'd be looking at a world-wide famine in 5-10 years as the time-bomb gene would be both latent and undetectable.

what really shocked me was that i heard *ten years ago* that time-bomb crops ALREADY EXIST.

Comment Re:SE/Linux (and SE/Android) (Score 1) 240

But root is still the key capability in configuring the environment.

And Linux distros always have a way for root to disable boot-time or run-time SE Linux.

in SE/Linux, root is "parallel-tracked". in SE/Linux it's just yet another username. in fact, there is no such concept as usernames under FLASK. uids are just a convenient piece of information to place into the "security context" but so is the filename, directory name, port number, protocol (UDP, TCP), ip address - all these things are *also* part of the security context. more recently they've extended SE/Linux so that X11 primitives can also be added to the security context.

i forget the exact details - it's been a while

Comment Re:SE/Linux (and SE/Android) (Score 1) 240

the classic example is "root", which is a drastic binary oversimplification which is simply very convenient.

Indeed, but in the case of SE Linux the Five Star General ( root ) is also the guy who writes the rules about where he is allowed to go and what he is allowed do ( SE Linux config ).

ah *no*! he most definitely is not! again, you may be under the mistaken impression that the 5 star general has more power than he appears. if he were to start ordering people to bypass security measures, that would seriously be a breach of standard security protocol and his subordinates would report him.

but you may have misunderstood: if a 5 star general walks out of a secure area without his passport, how is he going to get on a commercial flight? he doesn't have a passport, because he didn't return his badge at the gate. mr 5 star general doesn't have control over commercial flights, does he? without identification papers, he doesn't even have control over *military* flights, let alone commercial ones.

in other words, you've misunderstood the analogy, because you are under the mistaken assumption that even a 5 star general actually has any "power" or "authority" outside of his domain and responsibilities: he doesn't. it's *all* about context, *not* about the "person". in other words it doesn't matter if he's a 5 star general, if he steps outside of the bounds of responsibility within the context that he's SPECIFICALLY been tasked to do, in that physical location, at that specific time, and under the specific circumstances, then all hell breaks loose and security alarms go off like mad.

is that clearer?

taking this away from the analogy, the OEM would prepare the OS, set the SE/Linux files up, digitally-sign the bootloader, flash it into ROM, digitally-sign the kernel, require the bootloader to check it.... then give *you* the root password, knowing full well that because SE/Linux is permanently enabled it is flat-out impossible for you - even though you have root access (a 5 star general) - to even replace the kernel, because the SE/Linux permissions explicitly forbid overwriting of the boot partition. and even though you have root, the SE/Linux permissions forbid you from chmodding the boot subdirectory.

SE Linux doesn't make root go away, it just usefully reduces the need for root day-to-day. But root is still the key capability in configuring the environment.

And Linux distros always have a way for root to disable boot-time or run-time SE Linux.

not in treacherous DRM-locked systems they don't - the ones where the bootloader is in a digitally-signed ROM which you cannot modify, where the kernel and its boot parameters are also digitally-signed and cannot be modified.

Comment EXPLICITLY ask them NOT to send the private key (Score 2) 399

this is really important. people who don't know what ssh keys are will typically send you the id_rsa (private) key file.

IT IS VERY IMPORTANT that you say to them EXPLICITLY and VERY CLEARLY, "please send me the public key file *only*. DO NOT send me the PRIVATE key. you can identify the private key because it is named xyz. i ONLY want you to send me the PUBLIC key, it is named xyz.pub. if you send me the private key, you will have to destroy it and we will have to start again, so ONLY send me the PUBLIC key, ok?"

and get them to acknowledge what you've said. do not be afraid to "piss them off" by having to be so absolutely specific. make sure you end the sentence with what you *want* them to do, *not* what you *don't* want them to do. depending on the person they could potentially remove the "negative" by their subconscious and do exactly what you ask... with the words "no", "not", "don't" etc. removed.

also if you want to be paranoid then use the signature-thing (fingerprint). get them to read it out to you over the phone (not by email).

Slashdot Top Deals

Only God can make random selections.