Robert Pogson

One man, closing all the windows.

Daily Archives / Monday, August 8, 2011

  • Aug 08 / 2011
  • 4

The Hurd

GNU’s Hurd kernel is shaping up. It may never have much of a role on the desktop because Linux has such a lead and wide acceptance but, on servers, there is little to keep Hurd out. Virtual machines usually offer only a few virtual devices after all so Hurd does not need a lot of drivers to run in one. Many servers are virtual these days so Hurd might fly there. Real NICs are cheap and plentiful, too. A real server could just change NICs if need be. Hurd has glue-code to allow use of drivers from Linux. Depending on how well that works, Hurd may run nicely. If Debian is interested in it Hurd must be at least stomping its hooves.

GNU Hurd is in Debian Wheezy now and may be released in Debian GNU/Linux in the next year or so.

I wonder if Debian GNU/Linux will have to become Debian GNU/* ? ;-)

  • Aug 08 / 2011
  • 16

They All Fall Down

There was a penetration of a server recently that allowed intruders to take control of dozens of websites and e-mail accounts, SSNs and some credit cards numbers. The server was running GNU/Linux and it was compromised in multiple ways:

  • no filtering of user input in web forms submitted to PHP,
  • using that unfiltered input in shell commands,
  • passwords kept in a database in clear text,
  • allowing root to log in from the web,
  • careless upload script, and
  • everything on one server.

The sheriffs claimed nothing was taken but everything was moved to another server and the attack was repeated and data published. The new server was just a copy of all the vulnerabilities of the first server.

This was a textbook case of how not to secure a server. Putting 58 sites on that server may have been more efficient for the operators but it also made the intrusion more efficient. The intruders could type a single command and do everything/anything as root. I have put a few servers on the web and I know one should pay attention to dozens of details to prevent stuff like this happening. Last year, I put a machine up and I made sure there was nothing on it I could not afford to lose and I backed it up. I made sure there was nothing on it not needed for the task. Was it invulnerable? Probably not, but there were many layers of defence between it and stuff I cared about. These guys used this insecure paper bag to manage prisoners, confidential informants, an e-store and other sensitive documents.

see Anonymous hacks sheriffs’ offices across the U.S

  • Aug 08 / 2011
  • 10

$0 Beats Wintel’s Crazy Pricing

I came across an article about some guy shopping for a new Intel CPU.

“It should in theory be simple; get the most expensive processor in a given price bracket/model range, and it’ll be the best. That means getting a Core i7 2600 variant.”

Is that guy locked-in or what? At the same time that he wants Intel’s most expensive processor, he writes:
“This is going to be a major upgrade. I’m going to keep my hard disk, beloved Dell clicky keyboard, and twin Dell U2410 monitors, but everything else is going to go; motherboard, CPU, RAM, video card, TV tuner, optical drive, and case are all up for replacement. Optical drive, too; I have enough old games on CD and DVD that ditching optical media isn’t really viable yet.”

He uses a single hard drive although he wants to use a SSD to cache it. That CPU will be idling most of the time and he will be living with the I/O bottleneck to his storage forever. He does not even consider benchmarks. He just allows Intel to tell him what the best processor is and what its price should be. He does not even consider a CPU from AMD or a cluster of CPUs.

NCIX has AMD X6 3.3gHz 10MB cache for $189. Intel’s Core i7 990X 3.46gHz 12 MB cache X6 sells for $1000+. According to Tom’s Hardware, the expensive Intel chip scores 601 on PCMark while the cheaper AMD chip scores 525 (single core test run at 3gHz). What fool pays 5X as much for 15% more performance and power-consumption??? Tom’s reviews the chip he wanted here.

On top of this, he uses that other OS. Presumably he bought a retail licensed version so he can legally move the software to the new machine with his hard drive.

Consider the pricing of that other OS:

  1. Ultimate – $220
  2. Pro – $200
  3. Home Premium – $120

That’s all for the same OS, retail, you know the system that manages your resources: RAM, CPU, network, storage… Then there’s the OEM version which somehow gives you less…

GNU/Linux makes life so much easier. There is no plethora of prices. One price gets you the world, $0, or close to it. Imagine what hardware you could buy with that $100-$200 saved on the software? Imagine what a second hard drive would do for this guy. Even with an SSD, he will have to seek often and two heads can seek faster than one. Two can also transfer faster than one. Imagine what another few gB of RAM would do for him or extra NICs or … You get the idea. You can get the same performance for less or get more for the same money using GNU/Linux.