DOCSLIB.ORG

Limits and the Practical Usability of Bsds, a Big Data Prospective

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Limits and the Practical Usability of Bsds, a Big Data Prospective Limits and the Practical Usability of BSDs, a Big Data Prospective Predrag Punosevacˇ [email protected] The Auton Lab Carnegie Mellon University June 11, 2016 1 / 22 Thanks Thanks to organizers for this great meeting and for giving me the op- portunity to speak. note 1 of slide 1 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ❖ General Limitations ❖ Scientific Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ● How did I get myself into this mess? ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ● How did I get myself into this mess? ❖ NetBSD ❖ OpenBSD ● Origins of BSDs in the Auton Lab? ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ● How did I get myself into this mess? ❖ NetBSD ❖ OpenBSD ● Origins of BSDs in the Auton Lab? ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Answers The Auton Lab is a statistical data mining and machine learning group started by Andrew Moore and Jeff Schneider (Uber) currently directed by Artur Dubrawski. Please say something about number of users, CPUs, GPUs, storage space. Started because SCS computing facilities didn’t support 64-bit computing at that time. We operate autonomously from SCS and CMU computing facilities and treat their network as a hostile. Based upon some forensic evidence FreeBSD was used in the past. June 24 of 2013 I put the System Administrator’s hat. I found the computing infrastructure in disarray in part due to accretion as a main asset growth/acquisition method. note 1 of slide 2 Chronology ❖ Intro ······• ❖ Chronology 1969 Ken Thompson starts work on UNIX. ❖ Chronology II ❖ Genealogy Tree 1971 ······• UNIX first edition. ❖ General Limitations Ken Thompson sabbatical at the UC ❖ Scientific 1975 ······• Computing Berkeley. ❖ Continuation ❖ misc issues ······• ❖ NetBSD 1976 Bill Joy starts work on BSD. ❖ OpenBSD ❖ pf.conf and pfctl 1977 ······• 1.0 BSD. ❖ OpenBSD cons ❖ FreeBSD 1992 ······• 4.4 BSD. ❖ TrueOS ❖ TurnKey Appliance 1994 ······• NetBSD 1.0. ❖ FreeNAS ❖ pfSense Theo De Raadt forks OpenBSD from ❖ DragonFly BSD 1995 ······• ❖ HAMMER NetBSD on the 18th of October. ❖ Dark Clouds ❖ References 1996 ······• OpenBSD 1.2 released in July. 3 / 22 Chronology II ❖ Intro ······• ❖ Chronology 1969 Ken Thompson starts work on UNIX. ❖ Chronology II ❖ Genealogy Tree 1971 ······• UNIX first edition. ❖ General Limitations Ken Thompson sabbatical at the UC ❖ Scientific 1975 ······• Computing Berkeley. ❖ Continuation ❖ misc issues ······• ❖ NetBSD 1976 Bill Joy starts work on BSD. ❖ OpenBSD ❖ pf.conf and pfctl 1977 ······• 1.0 BSD. ❖ OpenBSD cons ❖ FreeBSD 1992 ······• 386BSD. ❖ TrueOS ❖ TurnKey Appliance 1993 ······• FreeBSD. ❖ FreeNAS ❖ pfSense Matthew Dillon forks DragonFly BSD ❖ DragonFly BSD 2003 ······• ❖ HAMMER from FreeBSD on the 16th of July. ❖ Dark Clouds ❖ References 2004 ······• DragonFly BSD 1.0 released July 12. 4 / 22 Genealogy Tree ❖ Intro ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ❖ General Limitations ❖ Scientific Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 5 / 22 Reminder Say something about other talks which are happening at the same time which might be more interesting and FreeBSD centric: 1. Open/LibreSSL in FreeBSD 2. Through the Wire Measurement and Improvement of a software based IPsec implementation 3. FreeBSD and GDB Give the outline of my talk and why it is not really a lecture but more a round table discussion. note 1 of slide 5 General Limitations ❖ Intro ● Lack of hardware and software vendor support! ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● No NVIDIA CUDA drivers means GPU is impossible. ❖ General Limitations ❖ Scientific ● Lack of proprietary compilers (Portland Group Fortran, C Computing ❖ Continuation and C++ compilers and tools, Intel (possibly available for ❖ misc issues FreeBSD)) ❖ NetBSD ❖ OpenBSD ● R ❖ pf.conf and pfctl No MATLAB . FreeMAT, GNU Octave, and SciLab are ❖ OpenBSD cons not real alternatives neither as numerical computing ❖ FreeBSD environment nor as programming language. Power of ❖ TrueOS ❖ TurnKey Appliance MATLAB is in toolboxes! For most students that is the first ❖ FreeNAS programming language. ❖ pfSense ❖ DragonFly BSD R ❖ HAMMER ● No Wolfram Mathematica which is de facto standard ❖ Dark Clouds general computer algebra program. ❖ References 6 / 22 Scientific Computing ❖ Intro ● The ports collection is a volunteer project (both OpenBSD ❖ Chronology ❖ Chronology II and FreeBSD) which means that state of important ports ❖ Genealogy Tree is hit-and-miss. ❖ General Limitations ❖ Scientific ● There is just too much open source software which is Computing ❖ Continuation required in scientific computing to make in-house effort ❖ misc issues worthwhile. ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ● ATLAS, BLAS, LAPACK, Boost, GCC 5.0 and higher due ❖ OpenBSD cons to threading requirement (scientists are poor code ❖ FreeBSD ❖ TrueOS writers!), OpenCV, GDB, Valgrind ... ❖ TurnKey Appliance ❖ FreeNAS ● R is typically first serious domain specific language that ❖ pfSense ❖ DragonFly BSD students use after hitting limits with MATLAB (generally in ❖ HAMMER great condition on both Open and Free), Python (numpy, ❖ Dark Clouds ❖ References scipy, matplotlib, pandas, scikit-learn, ipython, pip). Until recently OpenBSD didn’t have 3.5 flavour. 7 / 22 Continuation ❖ Intro ● No Rocks Cluster Distribution ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● Hadoop and Apache Spark are finally available on ❖ General Limitations FreeBSD. ❖ Scientific Computing ● ❖ Continuation No Caffe (deep learning framework) which is even pain on ❖ misc issues RHEL due to Ubuntu activism. ❖ NetBSD ❖ OpenBSD ● ❖ pf.conf and pfctl General problem is that lot of software is developed on ❖ OpenBSD cons Ubuntu without any consideration for other Linux distros ❖ FreeBSD let alone other OSs. ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ● Why do we need such software diversity? We really don’t! ❖ pfSense ❖ DragonFly BSD However when research is going nowhere the easiest ❖ HAMMER thing to do is to blame system administrator who is ❖ Dark Clouds depriving you of that magical peace of software which will ❖ References write Ph.D. dissertation for you. 8 / 22 misc issues ❖ Intro ● DoD compliance issues and similar. ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● Lack of of full/paravirtualization like Xen Dom0 (never ❖ General Limitations really had a gut to try NetBSD version) forced us to opt for ❖ Scientific Linux KVM. We are heavy users of OS level virtualization Computing ❖ Continuation (FreeBSD Jails). Functional application virtualization ❖ misc issues would be nice (running Microsoft Office or WebEx would ❖ NetBSD ❖ OpenBSD be really nice). Is it too late for Bhyve? ❖ pf.conf and pfctl ❖ OpenBSD cons ● Developers and students familiarity with anything besides ❖ FreeBSD ❖ TrueOS Ubuntu. I have had hard time pushing Springdale Linux ❖ TurnKey Appliance (RHEL) as a standard computing platform. Often OS X ❖ FreeNAS ❖ pfSense users are as illiterate as Windows users. ❖ DragonFly BSD ❖ HAMMER ● Diversity of hardware (even a tiny difference in RAID card) ❖ Dark Clouds ❖ References and OS has adverse effect on sysadmin productivity. 9 / 22 NetBSD ❖ Intro ● http://predrag.freeshell.org/ ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● Walter Neto porting WABPL (Wasabi Systems) so that ❖ General Limitations OpenBSD can suck less. ❖ Scientific Computing ● ❖ Continuation Have interesting regression tools and mail for example. ❖ misc issues ❖ NetBSD ● Cross-compiling does not add up to portability! ❖ OpenBSD ❖ pf.conf and pfctl ● ❖ OpenBSD cons Everything is dead
Load more

Recommended publications
  • Copy on Write Based File Systems Performance Analysis and Implementation
    Copy On Write Based File Systems Performance Analysis And Implementation Sakis Kasampalis Kongens Lyngby 2010 IMM-MSC-2010-63 Technical University of Denmark Department Of Informatics Building 321, DK-2800 Kongens Lyngby, Denmark Phone +45 45253351, Fax +45 45882673 [email protected] www.imm.dtu.dk Abstract In this work I am focusing on Copy On Write based file systems. Copy On Write is used on modern file systems for providing (1) metadata and data consistency using transactional semantics, (2) cheap and instant backups using snapshots and clones. This thesis is divided into two main parts. The first part focuses on the design and performance of Copy On Write based file systems. Recent efforts aiming at creating a Copy On Write based file system are ZFS, Btrfs, ext3cow, Hammer, and LLFS. My work focuses only on ZFS and Btrfs, since they support the most advanced features. The main goals of ZFS and Btrfs are to offer a scalable, fault tolerant, and easy to administrate file system. I evaluate the performance and scalability of ZFS and Btrfs. The evaluation includes studying their design and testing their performance and scalability against a set of recommended file system benchmarks. Most computers are already based on multi-core and multiple processor architec- tures. Because of that, the need for using concurrent programming models has increased. Transactions can be very helpful for supporting concurrent program- ming models, which ensure that system updates are consistent. Unfortunately, the majority of operating systems and file systems either do not support trans- actions at all, or they simply do not expose them to the users.
    [Show full text]
  • PDF, 32 Pages
    Helge Meinhard / CERN V2.0 30 October 2015 HEPiX Fall 2015 at Brookhaven National Lab After 2004, the lab, located on Long Island in the State of New York, U.S.A., was host to a HEPiX workshop again. Ac- cess to the site was considerably easier for the registered participants than 11 years ago. The meeting took place in a very nice and comfortable seminar room well adapted to the size and style of meeting such as HEPiX. It was equipped with advanced (sometimes too advanced for the session chairs to master!) AV equipment and power sockets at each seat. Wireless networking worked flawlessly and with good bandwidth. The welcome reception on Monday at Wading River at the Long Island sound and the workshop dinner on Wednesday at the ocean coast in Patchogue showed more of the beauty of the rather natural region around the lab. For those interested, the hosts offered tours of the BNL RACF data centre as well as of the STAR and PHENIX experiments at RHIC. The meeting ran very smoothly thanks to an efficient and experienced team of local organisers headed by Tony Wong, who as North-American HEPiX co-chair also co-ordinated the workshop programme. Monday 12 October 2015 Welcome (Michael Ernst / BNL) On behalf of the lab, Michael welcomed the participants, expressing his gratitude to the audience to have accepted BNL's invitation. He emphasised the importance of computing for high-energy and nuclear physics. He then intro- duced the lab focusing on physics, chemistry, biology, material science etc. The total head count of BNL-paid people is close to 3'000.
    [Show full text]
  • Introduction to Debugging the Freebsd Kernel
    Introduction to Debugging the FreeBSD Kernel John H. Baldwin Yahoo!, Inc. Atlanta, GA 30327 [email protected], http://people.FreeBSD.org/˜jhb Abstract used either directly by the user or indirectly via other tools such as kgdb [3]. Just like every other piece of software, the The Kernel Debugging chapter of the FreeBSD kernel has bugs. Debugging a ker- FreeBSD Developer’s Handbook [4] covers nel is a bit different from debugging a user- several details already such as entering DDB, land program as there is nothing underneath configuring a system to save kernel crash the kernel to provide debugging facilities such dumps, and invoking kgdb on a crash dump. as ptrace() or procfs. This paper will give a This paper will not cover these topics. In- brief overview of some of the tools available stead, it will demonstrate some ways to use for investigating bugs in the FreeBSD kernel. FreeBSD’s kernel debugging tools to investi- It will cover the in-kernel debugger DDB and gate bugs. the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. 2 Kernel Crash Messages 1 Introduction The first debugging service the FreeBSD kernel provides is the messages the kernel prints on the console when the kernel crashes. When a userland application encounters a When the kernel encounters an invalid condi- bug the operating system provides services for tion (such as an assertion failure or a memory investigating the bug. For example, a kernel protection violation) it halts execution of the may save a copy of the a process’ memory current thread and enters a “panic” state also image on disk as a core dump.
    [Show full text]
  • Oracle Database Licensing Information, 11G Release 2 (11.2) E10594-26
    Oracle® Database Licensing Information 11g Release 2 (11.2) E10594-26 July 2012 Oracle Database Licensing Information, 11g Release 2 (11.2) E10594-26 Copyright © 2004, 2012, Oracle and/or its affiliates. All rights reserved. Contributor: Manmeet Ahluwalia, Penny Avril, Charlie Berger, Michelle Bird, Carolyn Bruse, Rich Buchheim, Sandra Cheevers, Leo Cloutier, Bud Endress, Prabhaker Gongloor, Kevin Jernigan, Anil Khilani, Mughees Minhas, Trish McGonigle, Dennis MacNeil, Paul Narth, Anu Natarajan, Paul Needham, Martin Pena, Jill Robinson, Mark Townsend This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations.
    [Show full text]
  • BSD – Alternativen Zu Linux
    ∗BSD { Alternativen zu Linux Karl Lockhoff March 19, 2015 Inhaltsverzeichnis I Woher kommt BSD? I Was ist BSD? I Was ist sind die Unterschiede zwischen FreeBSD, NetBSD und OpenBSD? I Warum soll ich *BSD statt Linux einsetzen? I Chuck Haley und Bill Joy entwickeln den vi in Berkeley I Bill Joy erstellt eine Sammlung von Tools, 1BSD I Unix Version 7 erscheint I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I 1978 I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I Bill Joy erstellt eine Sammlung von Tools, 1BSD I Unix Version 7 erscheint I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 1978 I Chuck Haley und Bill Joy entwickeln den vi in Berkeley I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I Unix Version 7 erscheint I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 1978 I Chuck Haley und Bill Joy entwickeln den
    [Show full text]
  • BSD UNIX Toolbox: 1000+ Commands for Freebsd, Openbsd and Netbsd Christopher Negus, Francois Caen
    To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252 BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD Christopher Negus, Francois Caen E-Book 978-0-470-38725-2 April 2008 $16.99 DESCRIPTION Learn how to use BSD UNIX systems from the command line with BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD. Learn to use BSD operation systems the way the experts do, by trying more than 1,000 commands to find and obtain software, monitor system health and security, and access network resources. Apply your newly developed skills to use and administer servers and desktops running FreeBSD, OpenBSD, NetBSD, or any other BSD variety. Become more proficient at creating file systems, troubleshooting networks, and locking down security. ABOUT THE AUTHOR Christopher Negus served for eight years on development teams for the UNIX operating system at the AT&T labs, where UNIX was created and developed. He also worked with Novell on UNIX and UnixWare development. Chris is the author of the bestselling Fedora and Red Hat Linux Bible series, Linux Toys II, Linux Troubleshooting Bible, and Linux Bible 2008 Edition. Francois Caen hosts and manages business application infrastructures through his company Turbosphere LLC. As an open- source advocate, he has lectured on OSS network management and Internet services, and served as president of the Tacoma Linux User Group. He is a Red Hat Certified Engineer (RHCE). To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252.
    [Show full text]
  • Examining the Viability of MINIX 3 As a Consumer Operating
    Examining the Viability of MINIX 3 as a Consumer Operating System Joshua C. Loew March 17, 2016 Abstract The developers of the MINIX 3 operating system (OS) believe that a computer should work like a television set. You should be able to purchase one, turn it on, and have it work flawlessly for the next ten years [6]. MINIX 3 is a free and open-source microkernel-based operating system. MINIX 3 is still in development, but it is capable of running on x86 and ARM processor architectures. Such processors can be found in computers such as embedded systems, mobile phones, and laptop computers. As a light and simple operating system, MINIX 3 could take the place of the software that many people use every day. As of now, MINIX 3 is not particularly useful to a non-computer scientist. Most interactions with MINIX 3 are done through a command-line interface or an obsolete window manager. Moreover, its tools require some low-level experience with UNIX-like systems to use. This project will examine the viability of MINIX 3 from a performance standpoint to determine whether or not it is relevant to a non-computer scientist. Furthermore, this project attempts to measure how a microkernel-based operating system performs against a traditional monolithic kernel-based OS. 1 Contents 1 Introduction 5 2 Background and Related Work 6 3 Part I: The Frame Buffer Driver 7 3.1 Outline of Approach . 8 3.2 Hardware and Drivers . 8 3.3 Challenges and Strategy . 9 3.4 Evaluation . 10 4 Progress 10 4.1 Compilation and Installation .
    [Show full text]
  • PITAC Report to the President Information Technology Information Research: Investing in Our Future PITAC to the President Report
    PITAC Report to the PresidentPITAC Research: Investing in Our Future Information Technology PRESIDENT’S INFORMATION TECHNOLOGY ADVISORY COMMITTEE REPORT TO THE PRESIDENT Information Technology Research: Investing in Our Future February 1999 PRESIDENT’S INFORMATION TECHNOLOGY ADVISORY COMMITTEE REPORT TO THE PRESIDENT Information Technology Research: Investing in Our Future February 1999 P RESIDENT’ S I NFORMATION T ECHNOLOGY A DVISORY C OMMITTEE February 24, 1999 The President of the United States The White House Dear Mr. President: We are pleased to present our final report, “Information Technology Research: Investing in Our Future,” on future directions for Federal support of research and development for information tech- nology. This report adds detail to the findings and recommendations in our interim report dated August 1998, and strengthens our previous recommendations regarding the importance of social and economic research on the impacts of information technology to inform key policy decisions. PITAC members are strongly encouraged by and enthusiastically supportive of the Administration’s Information Technology for the Twenty-First Century (IT2) initiative. This initiative is a vital first step in increasing funding for long-term, high-risk information technology research and develop- ment. Increased Federal support is critical to meeting the challenge of capturing the opportunities available from information technology in the 21st Century through appropriate research and development. The economic and strategic importance of information technology and the unique role of the Federal Government in sponsoring information technology research make it necessary to increase Federal support over a period of years to ensure our Nation’s future well-being. We hope that our recommendations will be helpful as you consider the priorities for Federal invest- ments.
    [Show full text]
  • Openbsd and Soekris
    OpenBSD and Soekris UUASC meeting June 3, 2004 Presented by Arild Jensen Outline ● What is OpenBSD and where do I get it? ● Built-in security features ● Maintaining an OpenBSD system ● The PF packet filter Outline (cont'd) ● What is Soekris and where do I get it? ● Different models and accessories ● Getting OpenBSD onto a Soekris box ● Maintaining a Soekris/OpenBSD solution What is OpenBSD? History BSD Net/2 (4.3BSD Lite) NetBSD 0.8 386BSD 0.0 NetBSD 0.9 386BSD 0.1 4.4BSD Lite 1 NetBSD 1.0 386BSD 1.0 NetBSD 1.1 OpenBSD FreeBSD What is OpenBSD? From the creators: “...freely available, multi- platform 4.4BSD-based UNIX-like OS.” Emphasis on: ● Portability ● Standardization ● Correctness ● Proactive Security ● Integrated Cryptography ...and where do I get it? www.openbsd.org CD sales only No .iso downloads $40 Portability ● i386 ● MVME68k ● Sparc ● MVME88k ● Sparc64 ● AMD64 ● HP300 ● CATS (ARM) ● Mac68k ● MacPPC ● HPPA Standardization The Story of CARP ● Firewall failover desired ● IEEE VRRP (Virtual router redundancy protocol) ● Cisco patents involved, HSRP protocol ● Cisco and Alcatel dispute ● Birth of CARP (Common address redundancy protocol ● Early implementation included in OpenBSD 3.5 Correctness The Audit Process ● 6-12 member security team ● Continuous audit of code multiple times by different people ● Security holes and common errors ● Result: Newly discovered bugs often already fixed in OpenBSD Pro-active Security Source Code Run Time ● ProPolice ● Privilege Separation – Buffer overflow – Avoid running as root protection – Dual-process setup – Similar to Stackguard – Daemons being ● W^X converted – Write xor Execute ● Chroot – Fine-grained memory – Apache /var/www permission layout – BIND /var/named – Only on some architectures Cryptography ● Based outside of U.S.
    [Show full text]
  • Why the Future Doesn't Need Us
    BILL JOY OPINION 04.01.00 12:00 PM WHY THE FUTURE DOESN'T NEED US FROM THE MOMENT I became involved in the creation of new technologies, their ethical dimensions have concerned me, but it was only in the autumn of 1998 that I became anxiously aware of how great are the dangers facing us in the 21st century. I can date the onset of my unease to the day I met Ray Kurzweil, the deservedly famous inventor of the first reading machine for the blind and many other amazing things. Ray and I were both speakers at George Gilder's Telecosm conference, and I encountered him by chance in the bar of the hotel after both our sessions were over. I was sitting with John Searle, a Berkeley philosopher who studies consciousness. While we were talking, Ray approached and a conversation began, the subject of which haunts me to this day. I had missed Ray's talk and the subsequent panel that Ray and John had been on, and they now picked right up where they'd left off, with Ray saying that the rate of improvement of technology was going to accelerate and that we were going to become robots or fuse with robots or something like that, and John countering that this couldn't happen, because the robots couldn't be conscious. While I had heard such talk before, I had always felt sentient robots were in the realm of science fiction. But now, from someone I respected, I was hearing a strong argument that they were a near-term possibility.
    [Show full text]
  • Why Did We Choose Freebsd?
    Why Did We Choose FreeBSD? Index Why FreeBSD in General? Why FreeBSD Rather than Linux? Why FreeBSD Rather than Windows? Why Did we Choose FreeBSD in General? We are using FreeBSD version 6.1. Here are some more specific features which make it appropriate for use in an ISP environment: Very stable, especially under load as shown by long-term use in large service providers. FreeBSD is a community-supported project which you can be confident is not going to 'go commercial' or start charging any license fees. A single source tree which contains both the kernel and all the rest of the code needed to build a complete base system. Contrast with Linux that has one kernel but hundreds of distributions to choose from, and which may come and go over time. Scalability features as standard: e.g. pwd.db (indexed password database), which give you much better performance and scales well for very large sites. Superior TCP/IP stack that responds well to extremely heavy load. Multiple firewall packages built in to the base system (IPF, IPFW, PF). High-end debugging and tracing tools, including the recently announced port of the Sun Dynamic Tracing tool, DTrace, to FreeBSD. Ability to gather fine-grained statistics on system performance using many included utilities like systat, gstat, iostat, di, swapinfo, disklabel, etc. Items such as software RAID are supported using multiple utilities (ata, ccd. vinum, geom). RAID-1 using GEOM Mirror (see gmirror) supports identical disk sets, or identical disk slieces. Take a look at the most stable web sites according to NetCraft (http://news.netcraft.com/archives/2006/06/06/six_hosting_companies_most_reliable_hoster_in_may.html).
    [Show full text]
  • The Dragonflybsd Operating System
    1 The DragonFlyBSD Operating System Jeffrey M. Hsu, Member, FreeBSD and DragonFlyBSD directories with slightly over 8 million lines of code, 2 million Abstract— The DragonFlyBSD operating system is a fork of of which are in the kernel. the highly successful FreeBSD operating system. Its goals are to The project has a number of resources available to the maintain the high quality and performance of the FreeBSD 4 public, including an on-line CVS repository with mirror sites, branch, while exploiting new concepts to further improve accessible through the web as well as the cvsup service, performance and stability. In this paper, we discuss the motivation for a new BSD operating system, new concepts being mailing list forums, and a bug submission system. explored in the BSD context, the software infrastructure put in place to explore these concepts, and their application to the III. MOTIVATION network subsystem in particular. A. Technical Goals Index Terms— Message passing, Multiprocessing, Network The DragonFlyBSD operating system has several long- operating systems, Protocols, System software. range technical goals that it hopes to accomplish within the next few years. The first goal is to add lightweight threads to the BSD kernel. These threads are lightweight in the sense I. INTRODUCTION that, while user processes have an associated thread and a HE DragonFlyBSD operating system is a fork of the process context, kernel processes are pure threads with no T highly successful FreeBSD operating system. Its goals are process context. The threading model makes several to maintain the high quality and performance of the FreeBSD guarantees with respect to scheduling to ensure high 4 branch, while exploring new concepts to further improve performance and simplify reasoning about concurrency.
    [Show full text]