<soapbox> That's because we don't, collectively, think about hardware. And we don't think about hardware being buggy. And we especially don't think about "hardware" having inherent security flaws.
(OK, yes, the security folks who crossed over *into* IT do. They aren't auditors, for better or worse.)
A Cisco router is "software" enough (and has had enough bugs :-) that it crosses into our conscious awareness regarding security, but their switches? Nah. Mature product, all hardware (despite running an OS), no bugs. Either works or it doesn't.
Bullshit.
Show me a hardware-accelerated device and I can show you half a dozen ways it could fail unnoticed, (potentially) compromising security as it goes.
Notice that we install local firewalls on every PC but don't use ECC memory to guard against random bit errors. (I do, BTW - even on my PC. It's one small part of why I don't have a laptop.) A HERF gun is a better DoS tool than any virus or worm, by several objective measurements.
The entire IT industry has its head stuck up... you know where, in so many different ways.
Yet, this isn't surprising. Humans want instant gratification, a free ride, and the illusion of control. Those things are all way easier with software than with hardware. (Contemplate the difference between "soft" and "hard", if you will, for a moment.)
Do I expect this to change any time before the heat death of the universe? No. But I sure wish auditors took a wider view of the world.
"Never attribute to malice that which can be adequately explained by stupidity." - Hanlon's Razor (among other attributions) </soapbox>
-Adam
What you say is not untrue, but the larger issues (IMHO) are that:
1. Most people design such that they avoid trouble and confrontation. 2. Most IT auditors have no IT experience.
For #1, most people have lost the ability to rationally assess risk. No one wants to be the guy to say "I saved $xxxxx by specing a lower box that will still handle the load" or some variation of that when that's the first decision that's going to be looked at if there is a problem. In most cases the IT department has lost touch with the business value they provide. So we get this proliferation of redundant servers and network gear that sits idle.
There is an aspect of hardware to it, though. Developers tend to assume they are writing to a machine that executes commands in zero clock cycles, has infinite memory, and has a network with zero latency and infinite bandwidth. Rather than try and correct these misunderstandings, IT will throw money at the problem to make it run and not get blamed.
For #2, I'm not sure what else has to be said. I have only met one auditor who I respect and actually gets these kind of discussions. He explained to me that he understood some of these things made no technical difference, but the problem was to convince every other auditor. Sometimes it's easier just to bite the bullet and do things sub-optimally rather than having to spend several hours explaining it each time the (new) audit team comes around. Back to #1, the cost of being right is high and the benefits are almost nil.
With respects to your arguments you're mixing data durability and data loss prevention. They are both aspects of security (eg, mitigating risk), but I'm sure that most IT departments would agree that they are more worried about a critical Excel spreadsheet getting in the hands of the media or competition than they are having Excel crash because of a memory error. The cost and likelihood of the former dwarf that of the latter.
Sean
On Wed, Feb 17, 2010 at 10:20 PM, Adam Thompson athompso@athompso.netwrote:
<soapbox> That's because we don't, collectively, think about hardware. And we don't think about hardware being buggy. And we especially don't think about "hardware" having inherent security flaws.
(OK, yes, the security folks who crossed over *into* IT do. They aren't auditors, for better or worse.)
A Cisco router is "software" enough (and has had enough bugs :-) that it crosses into our conscious awareness regarding security, but their switches? Nah. Mature product, all hardware (despite running an OS), no bugs. Either works or it doesn't.
Bullshit.
Show me a hardware-accelerated device and I can show you half a dozen ways it could fail unnoticed, (potentially) compromising security as it goes.
Notice that we install local firewalls on every PC but don't use ECC memory to guard against random bit errors. (I do, BTW - even on my PC. It's one small part of why I don't have a laptop.) A HERF gun is a better DoS tool than any virus or worm, by several objective measurements.
The entire IT industry has its head stuck up... you know where, in so many different ways.
Yet, this isn't surprising. Humans want instant gratification, a free ride, and the illusion of control. Those things are all way easier with software than with hardware. (Contemplate the difference between "soft" and "hard", if you will, for a moment.)
Do I expect this to change any time before the heat death of the universe? No. But I sure wish auditors took a wider view of the world.
"Never attribute to malice that which can be adequately explained by stupidity." - Hanlon's Razor (among other attributions)
</soapbox>
-Adam
Personally I find there is another aspect of data security that is often overlooked: data accuracy. As the owner of valuable data I want it protected from loss and private but I also want it to be correct.
There are many who believe that an application always crashes when there is an undetected memory error but that is not always the case. One of the most difficult problems to track down is caused when data resides in flaky RAM and then is written to disk where it is faithfully recorded inaccurately forever.
Hardly anyone writes code to see if their spreadsheet adds 2+2, comes up with 4, then saves it to disk as a 5 via a DMA transfer from bad RAM. Eventually some program blows up executing from the bad RAM and it is finally replaced but now we have some amount of bad data floating around on durable media.
I'm constantly astonished by the amount of corrected ECC memory errors I see over time in the servers I care for. The DIMMs eventually fail but I feel more secure knowing corrupt data was never transferred from place to place.
While auditors may have convinced their customers it is really important to have data security and data durability have you ever heard any of them ask their customers if they are OK with data inaccuracy?
I think non-ECC memory should be illegal. Somebody's gonna lose an eye and it won't be funny any more.
-Daryl
On Thu, 18 Feb 2010, Sean Walberg wrote:
What you say is not untrue, but the larger issues (IMHO) are that:
- Most people design such that they avoid trouble and confrontation.
- Most IT auditors have no IT experience.
For #1, most people have lost the ability to rationally assess risk. No one wants to be the guy to say "I saved $xxxxx by specing a lower box that will still handle the load" or some variation of that when that's the first decision that's going to be looked at if there is a problem. In most cases the IT department has lost touch with the business value they provide. So we get this proliferation of redundant servers and network gear that sits idle.
There is an aspect of hardware to it, though. Developers tend to assume they are writing to a machine that executes commands in zero clock cycles, has infinite memory, and has a network with zero latency and infinite bandwidth. Rather than try and correct these misunderstandings, IT will throw money at the problem to make it run and not get blamed.
For #2, I'm not sure what else has to be said. I have only met one auditor who I respect and actually gets these kind of discussions. He explained to me that he understood some of these things made no technical difference, but the problem was to convince every other auditor. Sometimes it's easier just to bite the bullet and do things sub-optimally rather than having to spend several hours explaining it each time the (new) audit team comes around. Back to #1, the cost of being right is high and the benefits are almost nil.
With respects to your arguments you're mixing data durability and data loss prevention. They are both aspects of security (eg, mitigating risk), but I'm sure that most IT departments would agree that they are more worried about a critical Excel spreadsheet getting in the hands of the media or competition than they are having Excel crash because of a memory error. The cost and likelihood of the former dwarf that of the latter.
Sean
On Wed, Feb 17, 2010 at 10:20 PM, Adam Thompson athompso@athompso.netwrote:
<soapbox> That's because we don't, collectively, think about hardware. And we don't think about hardware being buggy. And we especially don't think about "hardware" having inherent security flaws.
(OK, yes, the security folks who crossed over *into* IT do. They aren't auditors, for better or worse.)
A Cisco router is "software" enough (and has had enough bugs :-) that it crosses into our conscious awareness regarding security, but their switches? Nah. Mature product, all hardware (despite running an OS), no bugs. Either works or it doesn't.
Bullshit.
Show me a hardware-accelerated device and I can show you half a dozen ways it could fail unnoticed, (potentially) compromising security as it goes.
Notice that we install local firewalls on every PC but don't use ECC memory to guard against random bit errors. (I do, BTW - even on my PC. It's one small part of why I don't have a laptop.) A HERF gun is a better DoS tool than any virus or worm, by several objective measurements.
The entire IT industry has its head stuck up... you know where, in so many different ways.
Yet, this isn't surprising. Humans want instant gratification, a free ride, and the illusion of control. Those things are all way easier with software than with hardware. (Contemplate the difference between "soft" and "hard", if you will, for a moment.)
Do I expect this to change any time before the heat death of the universe? No. But I sure wish auditors took a wider view of the world.
"Never attribute to malice that which can be adequately explained by stupidity." - Hanlon's Razor (among other attributions)
</soapbox>
-Adam
While we're on the topic, what sort of desktop-PC motherboards are available that support ECC memory? I've never really paid attention, so for all I know, ECC support is common.
On Thu, Feb 18, 2010 at 9:09 PM, Daryl F wyatt@prairieturtle.ca wrote:
Personally I find there is another aspect of data security that is often overlooked: data accuracy. As the owner of valuable data I want it protected from loss and private but I also want it to be correct.
There are many who believe that an application always crashes when there is an undetected memory error but that is not always the case. One of the most difficult problems to track down is caused when data resides in flaky RAM and then is written to disk where it is faithfully recorded inaccurately forever.
Hardly anyone writes code to see if their spreadsheet adds 2+2, comes up with 4, then saves it to disk as a 5 via a DMA transfer from bad RAM. Eventually some program blows up executing from the bad RAM and it is finally replaced but now we have some amount of bad data floating around on durable media.
I'm constantly astonished by the amount of corrected ECC memory errors I see over time in the servers I care for. The DIMMs eventually fail but I feel more secure knowing corrupt data was never transferred from place to place.
While auditors may have convinced their customers it is really important to have data security and data durability have you ever heard any of them ask their customers if they are OK with data inaccuracy?
I think non-ECC memory should be illegal. Somebody's gonna lose an eye and it won't be funny any more.
-Daryl
On Thu, 18 Feb 2010, Sean Walberg wrote:
What you say is not untrue, but the larger issues (IMHO) are that:
- Most people design such that they avoid trouble and confrontation.
- Most IT auditors have no IT experience.
For #1, most people have lost the ability to rationally assess risk. No
one
wants to be the guy to say "I saved $xxxxx by specing a lower box that
will
still handle the load" or some variation of that when that's the first decision that's going to be looked at if there is a problem. In most
cases
the IT department has lost touch with the business value they provide. So
we
get this proliferation of redundant servers and network gear that sits
idle.
There is an aspect of hardware to it, though. Developers tend to assume
they
are writing to a machine that executes commands in zero clock cycles, has infinite memory, and has a network with zero latency and infinite
bandwidth.
Rather than try and correct these misunderstandings, IT will throw money
at
the problem to make it run and not get blamed.
For #2, I'm not sure what else has to be said. I have only met one
auditor
who I respect and actually gets these kind of discussions. He explained
to
me that he understood some of these things made no technical difference,
but
the problem was to convince every other auditor. Sometimes it's easier
just
to bite the bullet and do things sub-optimally rather than having to
spend
several hours explaining it each time the (new) audit team comes around. Back to #1, the cost of being right is high and the benefits are almost
nil.
With respects to your arguments you're mixing data durability and data
loss
prevention. They are both aspects of security (eg, mitigating risk), but
I'm
sure that most IT departments would agree that they are more worried
about a
critical Excel spreadsheet getting in the hands of the media or
competition
than they are having Excel crash because of a memory error. The cost and likelihood of the former dwarf that of the latter.
Sean
On Wed, Feb 17, 2010 at 10:20 PM, Adam Thompson <athompso@athompso.net wrote:
<soapbox> That's because we don't, collectively, think about hardware. And we
don't
think about hardware being buggy. And we especially don't think about "hardware" having inherent security flaws.
(OK, yes, the security folks who crossed over *into* IT do. They aren't auditors, for better or worse.)
A Cisco router is "software" enough (and has had enough bugs :-) that it crosses into our conscious awareness regarding security, but their
switches?
Nah. Mature product, all hardware (despite running an OS), no bugs. Either works or it doesn't.
Bullshit.
Show me a hardware-accelerated device and I can show you half a dozen
ways
it could fail unnoticed, (potentially) compromising security as it goes.
Notice that we install local firewalls on every PC but don't use ECC
memory
to guard against random bit errors. (I do, BTW - even on my PC. It's
one
small part of why I don't have a laptop.) A HERF gun is a better DoS
tool
than any virus or worm, by several objective measurements.
The entire IT industry has its head stuck up... you know where, in so
many
different ways.
Yet, this isn't surprising. Humans want instant gratification, a free ride, and the illusion of control. Those things are all way easier with software than with hardware. (Contemplate the difference between "soft"
and
"hard", if you will, for a moment.)
Do I expect this to change any time before the heat death of the
universe?
No. But I sure wish auditors took a wider view of the world.
"Never attribute to malice that which can be adequately explained by stupidity." - Hanlon's Razor (among other attributions)
</soapbox>
-Adam
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Hmm: Kingston ValueRAM 4GB PC3-10600 DDR3 SDRAM ECC Kit (2 x 2GB)...or $40/GB at Memory Express (special order, though). Is that reasonable? Do people generally trust Kingston for RAM?
On Fri, Feb 19, 2010 at 9:07 AM, Kevin McGregor kevin.a.mcgregor@gmail.comwrote:
While we're on the topic, what sort of desktop-PC motherboards are available that support ECC memory? I've never really paid attention, so for all I know, ECC support is common.
On Thu, Feb 18, 2010 at 9:09 PM, Daryl F wyatt@prairieturtle.ca wrote:
Personally I find there is another aspect of data security that is often overlooked: data accuracy. As the owner of valuable data I want it protected from loss and private but I also want it to be correct.
There are many who believe that an application always crashes when there is an undetected memory error but that is not always the case. One of the most difficult problems to track down is caused when data resides in flaky RAM and then is written to disk where it is faithfully recorded inaccurately forever.
Hardly anyone writes code to see if their spreadsheet adds 2+2, comes up with 4, then saves it to disk as a 5 via a DMA transfer from bad RAM. Eventually some program blows up executing from the bad RAM and it is finally replaced but now we have some amount of bad data floating around on durable media.
I'm constantly astonished by the amount of corrected ECC memory errors I see over time in the servers I care for. The DIMMs eventually fail but I feel more secure knowing corrupt data was never transferred from place to place.
While auditors may have convinced their customers it is really important to have data security and data durability have you ever heard any of them ask their customers if they are OK with data inaccuracy?
I think non-ECC memory should be illegal. Somebody's gonna lose an eye and it won't be funny any more.
-Daryl
On Thu, 18 Feb 2010, Sean Walberg wrote:
What you say is not untrue, but the larger issues (IMHO) are that:
- Most people design such that they avoid trouble and confrontation.
- Most IT auditors have no IT experience.
For #1, most people have lost the ability to rationally assess risk. No
one
wants to be the guy to say "I saved $xxxxx by specing a lower box that
will
still handle the load" or some variation of that when that's the first decision that's going to be looked at if there is a problem. In most
cases
the IT department has lost touch with the business value they provide.
So we
get this proliferation of redundant servers and network gear that sits
idle.
There is an aspect of hardware to it, though. Developers tend to assume
they
are writing to a machine that executes commands in zero clock cycles,
has
infinite memory, and has a network with zero latency and infinite
bandwidth.
Rather than try and correct these misunderstandings, IT will throw money
at
the problem to make it run and not get blamed.
For #2, I'm not sure what else has to be said. I have only met one
auditor
who I respect and actually gets these kind of discussions. He explained
to
me that he understood some of these things made no technical difference,
but
the problem was to convince every other auditor. Sometimes it's easier
just
to bite the bullet and do things sub-optimally rather than having to
spend
several hours explaining it each time the (new) audit team comes around. Back to #1, the cost of being right is high and the benefits are almost
nil.
With respects to your arguments you're mixing data durability and data
loss
prevention. They are both aspects of security (eg, mitigating risk), but
I'm
sure that most IT departments would agree that they are more worried
about a
critical Excel spreadsheet getting in the hands of the media or
competition
than they are having Excel crash because of a memory error. The cost and likelihood of the former dwarf that of the latter.
Sean
On Wed, Feb 17, 2010 at 10:20 PM, Adam Thompson <athompso@athompso.net wrote:
<soapbox> That's because we don't, collectively, think about hardware. And we
don't
think about hardware being buggy. And we especially don't think about "hardware" having inherent security flaws.
(OK, yes, the security folks who crossed over *into* IT do. They
aren't
auditors, for better or worse.)
A Cisco router is "software" enough (and has had enough bugs :-) that
it
crosses into our conscious awareness regarding security, but their
switches?
Nah. Mature product, all hardware (despite running an OS), no bugs. Either works or it doesn't.
Bullshit.
Show me a hardware-accelerated device and I can show you half a dozen
ways
it could fail unnoticed, (potentially) compromising security as it
goes.
Notice that we install local firewalls on every PC but don't use ECC
memory
to guard against random bit errors. (I do, BTW - even on my PC. It's
one
small part of why I don't have a laptop.) A HERF gun is a better DoS
tool
than any virus or worm, by several objective measurements.
The entire IT industry has its head stuck up... you know where, in so
many
different ways.
Yet, this isn't surprising. Humans want instant gratification, a free ride, and the illusion of control. Those things are all way easier
with
software than with hardware. (Contemplate the difference between
"soft" and
"hard", if you will, for a moment.)
Do I expect this to change any time before the heat death of the
universe?
No. But I sure wish auditors took a wider view of the world.
"Never attribute to malice that which can be adequately explained by stupidity." - Hanlon's Razor (among other attributions)
</soapbox>
-Adam
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2010-Feb-19 10:26, Kevin McGregor wrote:
Kingston ValueRAM 4GB PC3-10600 DDR3 SDRAM ECC Kit (2 x 2GB)...or $40/GB at Memory Express (special order, though). Is that reasonable? Do people generally trust Kingston for RAM?
The price is reasonable, not fantastic. The PC3-1300 ram is probably cheaper, and most likely will work fine in a PC3-1060 motherboard, BTW. (Which is why PC3-1060 RAM is often special-order now.)
Trust: absolutely, yes. Kingston has a reputation of delivering better-than-OEM quality in their top-line OEM-replacement series, and I've been using their ValueRAM line consistently without problems for about 10 years now. I only know of three instances - ever - where Kingston RAM had to be returned, at which point their lifetime warranty definitely counted in their favour.
The difference between their ValueRAM line and the OEM line is essentially, they build ValueRAM "to spec" (well, actually slightly better than spec) and guarantee it'll work as intended, not necessarily in your particular motherboard; whereas the OEM stuff they build to spec and actually validate it in one or more samples of the specific targeted systems, and it's guaranteed to work in system X if they say it will.
I've noticed that some of the (expensive!) ValueRAM modules appear to be identical to the more expensive OEM-replacement modules; apparently you're paying more for the validation and warranty than for any actual difference in product.
-Adam
On Fri, Feb 19, 2010 at 11:24 AM, Adam Thompson athompso@muug.mb.ca wrote:
Trust: absolutely, yes. Kingston has a reputation of delivering better-than-OEM quality in their top-line OEM-replacement series, and I've been using their ValueRAM line consistently without problems for about 10 years now.
An interesting article about Kingston flash memory and quality, or lack thereof.
http://www.bunniestudios.com/blog/?p=918
Sean
On 2010-Feb-19 11:31, Sean Walberg wrote:
An interesting article about Kingston flash memory and quality, or lack thereof. http://www.bunniestudios.com/blog/?p=918
Hm. My take on it would be "an interesting article about counterfeit parts showing up in mainstream distribution channels", which is something else no-one wants to think about. *sigh* First time I've run into the term "ghost shift" regarding unauthorized production of parts at the OEM's own facilities. Interesting concept. -Adam
I'm seeing more and more counter-fit or unauthorized distribution channels all the damned time.
Picked up a pile of drives from CBIT last year and 25% of them were from Thailand and their warranty's were not honoured outside of Asia/Pacific. Now we do warranty lookups on every drive we order.
On 2010-02-19, at 12:36 PM, Adam Thompson wrote:
On 2010-Feb-19 11:31, Sean Walberg wrote:
An interesting article about Kingston flash memory and quality, or lack thereof. http://www.bunniestudios.com/blog/?p=918
Hm. My take on it would be "an interesting article about counterfeit parts showing up in mainstream distribution channels", which is something else no-one wants to think about. *sigh* First time I've run into the term "ghost shift" regarding unauthorized production of parts at the OEM's own facilities. Interesting concept. -Adam _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2010-Feb-19 09:07, Kevin McGregor wrote:
While we're on the topic, what sort of desktop-PC motherboards are available that support ECC memory? I've never really paid attention, so for all I know, ECC support is common.
Not very many. The only non-server-grade chipset I'm aware of that supports ECC is Intel's X58, as embodied in their WX58BP motherboard. Which sells for (typically) just under $300. That's at the cheap end of things, anyway. (vis. Dell Precision T3500, for anywhere from $1400 to $13,000 depending on configuration!)
Note that this also requires a Xeon CPU, which thankfully isn't much more than its non-Xeon siblings. The one that's most sensibly priced is the Intel W3520, at somewhere around $350.
There's an X38 chipset as well, which may support ECC, but it appears to be pretty rare on the ground in any case. The *only* example I've found of a shipping system is the Dell Precision T3400!
The X38 & X58 are single-socket solutions; the Intel 5500-series chipsets support dual-CPU configurations. The 5500 series is billed as both a "workstation" and a "server" chipset - take your pick. Dell currently markets two workstations based on the 5520.
From what I can tell, ECC is the primary differentiator between "desktop" and "workstation" class systems right now. Xeon support seems to be the 2nd-order discriminant.
Although that's not really a hard-and-fast rule. Dell, for example, bases their T1500 "workstation" on the P55/H57 chipset, which does not support ECC. Of course, that's the only workstation they do sell without ECC - and not even the cheapest one! - so I'll forgive them that :-).
I'm not aware of any nVidia chipsets that support ECC.
Some AMD Opteron-supporting chipsets should support ECC, but I'm not familiar with that part of the market at all.
-Adam
I'm really late to this discussion. Some quick 2c's:
On 2010-02-18 Daryl F wrote:
I think non-ECC memory should be illegal. Somebody's gonna lose an eye and it won't be funny any more.
Hear hear! Considering ECC RAM sticks cost just a small fraction more to make than non-ECC, and same with mobos(/cpus) that support ECC, why everything isn't ECC is beyond me. If everything was ECC, economies of scale would kick in and the additional cost would be negligible. Consider back in the 440BX days every board supported ECC, it boggles the mind as to why today you must buy server/workstation (and I mean $300 a mobo workstation) class equipment to get ECC. The 975 was the last "mainstream" (albeit "extreme enthusiast mainstream") Intel chipset with ECC. AMD fares no better. WTF??
2 of my 3 systems are ECC, and the 3rd is mostly just used for games.
On 2010-02-19 Kevin McGregor wrote:
While we're on the topic, what sort of desktop-PC motherboards are available that support ECC memory? I've never really paid attention, so for all I know, ECC support is common.
Ha! As per above, no Intel/AMD desktop boards have ECC. It's sad.
On 2010-02-19 Kevin McGregor wrote:
Kingston ValueRAM 4GB PC3-10600 DDR3 SDRAM ECC Kit (2 x 2GB)...or $40/GB at Memory Express (special order, though). Is that reasonable? Do people generally trust Kingston for RAM?
It's not the RAM that's the issue, it's finding a mobo to run it. And I trust Kingston implicitly. I have sold nothing but Kingston RAM since 2001. We're talking thousands of sticks here. I've had only about 5 RMA's in that time, and those probably due to static discharge.
I would never sell no-name sticks again. Beware the peddlers of "name brand" RAM where they are claiming the name of the DRAM manufacturer is the name brand of the stick. Those are crap no-name sticks. "Name brand" means Kingston, or OCZ, or Corsair, or similar actual branded stick (not back-of-truck leftovers from China).
On 2010-02-19 Sean Walberg wrote:
An interesting article about Kingston flash memory and quality, or lack thereof.
Don't attribute flash quality to DRAM quality. Most flash, including Kingston's carries only a short (1 year) warranty and is a completely different beast than DRAM. That said, I've sold (and used) a number of Kingston flash without issues. YMMV.
On 2010-02-19 Sean Cody wrote:
Picked up a pile of drives from CBIT last year and 25% of them were from Thailand and their warranty's were not honoured outside of Asia/Pacific. Now we do warranty lookups on every drive we order.
Ah, the Primex curse strikes again. I have yet to receive any counterfeit parts through my distro channels. Since I service all I sell, I would know if drives were gray-market/non-RMAable. If you want guaranteed product at in general better prices than Primex^H^H^H^H^H^H CBIT, let me know.
Ah, that reminds me of the bad ol' days when the guys at Primex were in the back room putting NEC stickers on no-name TW crap CRT's...
This ASUS board seems to support ECC: http://www.memoryexpress.com/Products/PID-MX23640(ME).aspx
http://www.memoryexpress.com/Products/PID-MX23640(ME).aspxI think all AMD CPUs, even low-end ones, support it via the on-chip memory controller (unlike Intel); I don't know what it takes, if anything, to support ECC on the motherboard if the CPU/memory-controller does. Anyway, they don't seem to be hard to find in the AMD arena.
On Mon, Mar 15, 2010 at 10:01 AM, Trevor Cordes trevor@tecnopolis.cawrote:
I'm really late to this discussion. Some quick 2c's:
On 2010-02-18 Daryl F wrote:
I think non-ECC memory should be illegal. Somebody's gonna lose an eye and it won't be funny any more.
Hear hear! Considering ECC RAM sticks cost just a small fraction more to make than non-ECC, and same with mobos(/cpus) that support ECC, why everything isn't ECC is beyond me. If everything was ECC, economies of scale would kick in and the additional cost would be negligible. Consider back in the 440BX days every board supported ECC, it boggles the mind as to why today you must buy server/workstation (and I mean $300 a mobo workstation) class equipment to get ECC. The 975 was the last "mainstream" (albeit "extreme enthusiast mainstream") Intel chipset with ECC. AMD fares no better. WTF??
2 of my 3 systems are ECC, and the 3rd is mostly just used for games.
On 2010-02-19 Kevin McGregor wrote:
While we're on the topic, what sort of desktop-PC motherboards are available that support ECC memory? I've never really paid attention, so for all I know, ECC support is common.
Ha! As per above, no Intel/AMD desktop boards have ECC. It's sad.
On 2010-02-19 Kevin McGregor wrote:
Kingston ValueRAM 4GB PC3-10600 DDR3 SDRAM ECC Kit (2 x 2GB)...or $40/GB at Memory Express (special order, though). Is that reasonable? Do people generally trust Kingston for RAM?
It's not the RAM that's the issue, it's finding a mobo to run it. And I trust Kingston implicitly. I have sold nothing but Kingston RAM since 2001. We're talking thousands of sticks here. I've had only about 5 RMA's in that time, and those probably due to static discharge.
I would never sell no-name sticks again. Beware the peddlers of "name brand" RAM where they are claiming the name of the DRAM manufacturer is the name brand of the stick. Those are crap no-name sticks. "Name brand" means Kingston, or OCZ, or Corsair, or similar actual branded stick (not back-of-truck leftovers from China).
On 2010-02-19 Sean Walberg wrote:
An interesting article about Kingston flash memory and quality, or lack thereof.
Don't attribute flash quality to DRAM quality. Most flash, including Kingston's carries only a short (1 year) warranty and is a completely different beast than DRAM. That said, I've sold (and used) a number of Kingston flash without issues. YMMV.
On 2010-02-19 Sean Cody wrote:
Picked up a pile of drives from CBIT last year and 25% of them were from Thailand and their warranty's were not honoured outside of Asia/Pacific. Now we do warranty lookups on every drive we order.
Ah, the Primex curse strikes again. I have yet to receive any counterfeit parts through my distro channels. Since I service all I sell, I would know if drives were gray-market/non-RMAable. If you want guaranteed product at in general better prices than Primex^H^H^H^H^H^H CBIT, let me know.
Ah, that reminds me of the bad ol' days when the guys at Primex were in the back room putting NEC stickers on no-name TW crap CRT's... _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2010-03-15 Kevin McGregor wrote:
This ASUS board seems to support ECC: http://www.memoryexpress.com/Products/PID-MX23640(ME).aspx
http://www.memoryexpress.com/Products/PID-MX23640(ME).aspxI think all AMD CPUs, even low-end ones, support it via the on-chip memory controller (unlike Intel); I don't know what it takes, if anything, to support ECC on the motherboard if the CPU/memory-controller does. Anyway, they don't seem to be hard to find in the AMD arena.
Hmm, the sites do seem to suggest it does ECC. Though I've learned in the past that sometimes even sites/manuals/bios's that say ECC, do not do ECC!
If it does do ECC, perhaps it is because these are AMD chipsets, and not NV or ATI. That would make sense as the real AMD ones are usually better. Most of the AMD-compatible mobos you see these days are NV or ATI.
So perhaps there is a cheap(er) way to get ECC than Intel-based workstation boards. However, based on past experience I'd be loathe to switch to AMD from Intel. No flame war here, just cold hard experience selling these things for 11 years. If AMD is still giving cheap ECC, seems to me that Intel is royally screwing up by not providing something that can compete.
Adam?
-
Adam Thompson -
Adam Thompson -
Daryl F -
Kevin McGregor -
Sean Cody -
Sean Walberg -
Trevor Cordes