×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

IRS Can Now Seize Your Tax Refund To Pay a Relative's Debt

thogard Re:Over 18 (630 comments)

The limit of income is as low as $400 and as high as $22,000 for some retired couples. Anyone working and making in the range of $10k a year had better check
http://www.irs.gov/publication...

4 days ago
top

UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

thogard Re:... really 13 years to update? (341 comments)

When a hammer works, you don't get a new one just because there is a new one. Upgrades cost a fortune for most businesses and upgrades nearly always break some part of the business process. Most businesses have been burned by the upgrade process in the past and when they start putting a dollar figure on the upgrade vs the cost of not doing the upgrade, it is often cheaper to not do the upgrade.

about two weeks ago
top

Ask Slashdot: What Software Can You Not Live Without?

thogard Re:You lost me at vim (531 comments)

Editor Wars? Do you have a cat that walks on keyboards? If so, vi can be very deadly to open files.

about a month and a half ago
top

ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

thogard Re:Obsolete (164 comments)

Oddly enough, it wouldn't. You could use NAT hardware in front of old gear and everything will just keep working. Stuff that gets updated, could just use the new syntax and deal with things correctly. Stuff like core routers and switches wouldn't care. It would be fare less disruptive than trying to install ipv6.

about a month and a half ago
top

ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

thogard Re:STOP (164 comments)

I know a few people who have conspired to tell others that the nontraditional domains are like 1-900 phone numbers and when you use them, you will get a bill from your ISP.

about 2 months ago
top

ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

thogard Re:Obsolete (164 comments)

Early ip resolver libraries would sometimes parse octal ip addresses with commas as in your example of /.'s ip address as 330,42,265,55. Many of those would also deal with a 0xd822b52d or sometimes without the 0x. Many systems will let you do something like "ifconfig en0 0xd822b52d/32 alias"

Some of the early proposals to expand the IPv4 address space was to allow use more of the bits from the ports source and destination addresses so you could do things like "ping 8.8.8.888" or "ifconfig en0 8.8.8.8/32/13/2 dstbits 4 srcbits 8"

about 2 months ago
top

Is Whitelisting the Answer To the Rise In Data Breaches?

thogard Re:Hash (195 comments)

Microware OS-9 from 1979 used program and modules somewhat like DLL or shared libraries. The code to load a module would CRC check them when loaded and that bit of code could check a list and that list could either allow or deny any module. If you loaded the right data module, you had built in white listing about 3 and a half decades ago.

about 2 months ago
top

Sound System Simulates the Roar of a Rocket Launch

thogard Get that noise maker off my lawn (113 comments)

I could still hear the Saturn V when the 1st stage dropped off. It had lovely base with a crackling. Figuring speed of sound, vs speed of light and wind and sound drop off over distance, I suspect this thing isn't that loud.

about 3 months ago
top

How loud is your primary computer?

thogard Re:Ignorant clod (371 comments)

My computer is in a data center where it belongs. My desktop is just a fancy terminal.

about 3 months ago
top

AMD Announces First ARM Processor

thogard Re:x86 IS efficient (168 comments)

There is one disadvantage of the different ARM modes and that is the an arbitrary program will contain all the needed bit patters to make some useful code. This means that any reasonable large program will have enough code to support hacking techniques like Return Oriented Programming if another bug can be exploited. I would love to see some control bits that turn off the other modes.

about 3 months ago
top

Ask Slashdot: Life After N900?

thogard Re:life after N900 is another N900 (303 comments)

Consider buying a new battery. Most laptop and cell phone batteries last between 200 and 400 charge cycles before their life gets too short.

about 3 months ago
top

OpenBSD Moving Towards Signed Packages — Based On D. J. Bernstein Crypto

thogard Re:Dupe? (232 comments)

If I compile from source, I can ensure that the binary I have is unlike any other in the world. That has protected my machines in the past so I will keep doing it.

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:No mention of SPARC? (223 comments)

Early Java was nothing other than a mess of pointers to pointers to pointers to pointers to more pointers all in a multi threaded system. The T1 addressed that problem but the concept of "All problems in computer science can be solved by another level of indirection*" is false and at some point compiler writers fix part of it. When they win, concepts like the T1 fail.

Sun tried great things with the T1 and it was like a great chess move that failed. The problem is they did a pawn sacrifice of their core business for that attack and it just didn't work out. Up until the T2000, Sun never designed their high end kit, they stayed with the low end and groups like Cray or SGI did their "big iron". The only great boxes sun designed in house where the small pizza boxes. The SS1, SSP20, x1, netra210 were great little servers. Things like the 690 and e10k were outsourced and while they were impressive as well, they didn't have the personality of the pizza boxes.

*To Quote David Wheeler

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:hard to fault Oracle (223 comments)

Have you read "man inittab" on any system V derived? action=respawn means it will ALWAYS run at the listed run levels. Sort of like how it runs the svc daemon does now. Whoever planned the new system just didn't get "init".

SMF only runs things as long as the contract system works.

As far as writing sensitive data to disks, do you know about the "real world?" Take a look at any online credit card system in the world. You will find people enter their card number as their email address, shipping address, reference number. You will find admins sending stuff like "can you fix 4111 1111 .... 1111 for me?" SSNs flow like water as well. Some times you must scrub the empty space on the disk or scrub stuff you know was just wrong. ZFS has NO ability to do that and that is a MAJOR FLAW!!!!!

ifconfig isn't about the stack. It is a tool to tell the stack what to do and has been for more than 3 decades. Inventing new tools to do the same job was pure incompetence.

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:No mention of SPARC? (223 comments)

No, the t2 can preserve the context of 64 threads but it can and will only run no more than 8 execution threads at a time. In most cases, the pipeline is so starved, it won't even manage 8. When it is running 8 at a time, it is doing each at a much slower rate that the older CPUs would be doing if they were made using the same process.

The II/IIi/IIIii can preserve something like 4 processes executions context at a time. Sometimes that is better. It is better on nearly all of my workloads.

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:hard to fault Oracle (223 comments)

Integer priorities mean I have absolute control.

The current system has no guarantee of any order of anything. This means if you get hacked at a non privileged user level, that process can hang around until it gets the "system is shutting down" signal, then do a quick fork/exec a few times and keep running until the system sends it a kill -9. Meanwhile it has a system without syslog running and without any auditing running. Take advantage of something running a broken xml library that runs setuid, and you own the system until it power off and nothing is logged at all.

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:No mention of SPARC? (223 comments)

What advances would that be? The ones out of Fujitsu? The T chips are just now catching up with workloads that they can run reasonably. I have work loads that a 15 year old Sparc IIi will out perform a few year old T2. The V100 was a $1000 appliance box yet the base T2 was selling for more than $6,000. If the UltraSparc IIIi was made at 22 nm (unlike its original 130 nm) and it would scream for most web appliance roles. It would even be a nice cpu for the Lights Out Management system and it could even run Solaris unlike their current LOM which is running Linux.

about 3 months ago
top

James Gosling Grades Oracle's Handling of Sun's Tech

thogard Re:hard to fault Oracle (223 comments)

ZFS is on the right path but it still isn't quite where it needs to be. For example I can't tell it not to reallocate blocks on write so I can't force overwrites of sensitive data -- which is required in several industries that Sun used to be strong in. Someone in ZFS land needs to create an ioctl/fctl to fix that. The boot system also needs to be clear if it is trying to mount a ZFS or UFS disk since that is a bit tricky when the disk looks like both. They should also fix the fsck stub so it knows about ZFS and have a /usr/lib/zfs/fsck even if it is just a link to zfs status.

How is SMF better than init? They even bothered to break init so you can't pull SMF out the system if you don't want it. They now link init and smf to a number of libraries that have horrible security records. Do you want the main process in your system linking in libraries that need security updates on a monthly basis?

I know how SMF is worse, it is slower to start up, it is indeterminate in its start up state and order, it keeps its data in unauditable binary files an it takes far longer to shut down. It also isn't very good at what init was, which was making sure programs always ran. Solaris 11.1 turns off auditing, then syslog before killing off all user processes which means you have no idea what a rogue process did when it was told the system is shutting down. That appears to be a result of someone at Oracle deciding all the disks need to be mounted before starting syslog, which requires lots of extra crud to be running like NFS, RPC and whatever YP is called this decade and it appears that stuff is all trusted to shut down cleanly without the need of logging. At least with init, you could have two different syslog entries for the different run levels so you could make sure everything was logged and audited.

The number of bugs in Solaris 10 is far worse than Solaris 9. You can't build a light weight Solaris 10 or 11 system. Under 10, you could build a Solaris 9 container which would only run a bare number of processes but not any more since that feature was pulled out of 11. I have a number of Solaris 9 systems that are running less than a dozen packages but I'm one of the people who feel that if there isn't any unneeded software on a system, hackers can't use it hack the system.

Solaris 11 also has managed to break decades of sanity of using ifconfig to build network stacks. Now there are other tools that do part of the job and then can allow ificonfig to finish the job.

At least with Solaris 11.1 they created a tool to create smf xml files which means they are now no longer hand crafted which means a tool can be written to turn them back into rc.X scripts and they can be put back where they belong. Now if I could just remove svc.* without installing a fake to keep the contract open, I would be back up to the integrity level of a Solaris 9 system.

about 3 months ago
top

Regex Golf, xkcd, and Peter Norvig

thogard Re:ioccc 2013 US president matching code (172 comments)

I think the subtletyâZ the objector had was that arrays and pointers are slightly different which is true In this context, an array is a pointer with potentially compiler allocated backing memory for the data while the pointer might not. A pointer will also have an address while the pointer used in array definitions won't have an address. Old compilers used to treat them identically but then again they used to treat pointers as integers as well. Modern compilers tend to know enough about the CPUs and have built in array checks that they do work slightly differently.

about 3 months ago

Submissions

thogard hasn't submitted any stories.

Journals

thogard has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...