* Posts by Rainer

144 posts • joined 20 Jun 2008

Page:

ODM for the masses? Facebook's OCP still ain't for you, brother

Rainer
FAIL

The worst is OEMed white box stuff

We bought a couple of HP JBOD-HBAs - they are rebranded LSI 9207i models.

I would need a newer revision of the firmware - which is available from LSI, but not for OEMed cards.

HP doesn't care (obviously).

I should have bought the original 9207 cards right from the beginning...

At a previous (very previous) job, we had a ADIC tape library OEMed by Siemens.

At some point, while on the phone and confirming with an ADIC engineer, a firmware-update was installed, which instantly bricked the unit.

ADIC replaced it under warranty, luckily. I just wonder who had to eat the costs ;-)

With OEMed stuff, you generally get less and pay more. The OEMs - to paraphrase Scott McNealy - add about the same amount of value to a product as someone reselling bananas: just additional bruises.

As for those cards - I've now bought an original card (as a spare) and will try to flash the HP OEM card with the original LSI firmware, turning it into an LSI-card. A procedure for this is available somewhere on the FreeNAS forums.

If it fails, I'll use the original card. If it works, we can still decide if we buy 1500 bucks worth of LSI cards to replace the HP cards or just re-flash the HP cards.

0
0

Tech firms reel from Leave's Brexit win

Rainer

Re: FFS Calm Down Kids!

> But they didn't just vote to have nothing to do with the rest of Europe.

There was a public vote (1992, IIRC), to NOT join the EU.

The Swiss parliament has recently officially retracted the membership application from back then (it was "on hold", for 24 years...).

Switzerland has negotiated a large number of bilateral treaties with EU and member-states to facilitate easier trade and free flow of people (and unlike the UK, is a member of Schengen).

However, recently a public vote asked the government to limit immigration (which is actually not possible with current EU treaties) - among over reasons because it's a relatively small country and the actual habitable area is even smaller.

I do live there, since 11 years actually and as such I'm an immigrant.

But I do believe that a country - any country - must have some sort of control about who it's going to let inside. "Nobody" and "everybody" are clearly two completely unsustainable extremes.

2
0

Thunder struck: Apple kills off display line

Rainer

Re: USB3?

Correct!

0
0

Salesforce's data centre team 'fought' AWS cloud outsourcing

Rainer

Re: There is no way we are going to trust our electricity supply to a public grid

Yeah. UPSs and Diesel generators are a 19th century thing, too.

0
0

'Grey tech' broker DP Data Systems has gone titsup

Rainer

They obviously didn't have the balls to do it.

0
0

Sick of storage vendors? Me too. Let's build the darn stuff ourselves

Rainer

Re: Use FreeNAS or TrueNAS (pro. version), and decent hardware.

> Sigh - I can see a big name "All-flash" vendor in my near future.

If you have the money - by all means, go EMC.

Some of their stuff (Isilon) is actually FreeBSD inside...

1
0
Rainer

Re: Hold on... did you just get released from Salesforce?

> Also we are seeing longer and longer rebuild times on bigger and bigger HDD,

Ah yes. There's a point.

Though, is that still a problem when you do RAIDZ2?

I usually only do 6-disk RAID Z2. I've yet to see a failure in the arrays with 6TB disks...

0
0

Valley VC Peter Thiel becomes an official Trump delegate

Rainer

Re: Sounds familiar

That seems to be true, unfortunately. Which is very sad. But still true.

0
0

30 years on, Chernobyl wildlife still feeling effects of nuke plant catastrophe

Rainer

Re: Liquidators

That video ends by pointing out that the insides of a smoker's lungs are pretty "hot" too, thanks to naturally occuring polonium being concentrated in the bronchia. It's #1 on the list for levels of exposure.

I known. But that radiation accumulates over an entire smoker-life.

The worker and first-responders were basically dead in a couple of minutes - they were just alive long enough to see their own bodies break down and fall apart, literally.

0
0
Rainer

Re: Liquidators

Europe paid a lot of money to the USSR (and Ukraine). And still does. It's just that the money does not always end up with those who need it most (news at 11 - it's the Ukraine, No 130 on the World Transparency Index for perceived corruption).

Your lottery-win donation would most like disappear beneath the corruption, too (or even fuel it, as those receiving the money would get more influential that way).

A lot of the men where more or less summoned there - it was the "last phase" of the USSR and I saw an interview with Gorbachev about it. He said it would have been impossible to handle a few years later.

There are also (not totally unreasonable) claims that the reactor-building itself is pretty harmless these days: most of the radioactive material has apparently been thrown out of it by the explosion and all the panic around the sarcophagus is just a bit of a scam to extract a few billions then and now from the West.

AFAIK, Ukraine keeps most of the medical data of all of its citizens (and esp. the victims) a state-secret.

The radiation-levels in the beginning were totally off-the-charts, though.

I think I read that most (almost all) of the plant's own firemen who were there as first-responders died within 24 hours from the extreme exposure.

There's a video on youtube from somebody visiting the most radioactive places on the earth. One of the places is the hospital in Chernobyl. They walk around a bit and finally go to a room in the basement where all the clothes from the firemen ended up being thrown into - there, the dosimeter goes off the scale and there's just a continuous "beeeeeep". Creepy.

0
0

Ding-dong, reality calling: iPhone slump is not Apple's doom

Rainer

Re: Car Play

> Why is the screen in your car being a dumb display for you phone "better"?

Ever got your in-car sat-nav upgraded?

Exactly. They cost insane amounts of money, may or may not get software-updates (sometimes costing substantial amounts of money) and usually can't be exchanged for later, more intelligent models.

It would be cool if cars just had a slot where you could fit an iPhone (or an iPad Mini) and have that serve as radio, satnav, music-player, control-panel for other stuff in the car. This is really a spot where Apple could hurt the current crop of automobile manufacturers most: produce a car where the electronics can be upgraded for less than the purchase price of a new car.

The amount of grey energy that goes into producing a car is enormous - often much more than the amount of fuel it saves over the rest of the lifetime of the previous model.

Treating the car as a dumb "shell" with the electronics being its interchangeable brain would be a bold step.

0
1

Google to admins: We'll tell you when your network is pwned

Rainer

Sorry

Sorry, we do not have enough information about ASXXXXXX (COMPANY-NET) to perform a registration. Please update the whois information of this AS with contact emails, and try again.

My NOC guys tell me that the data in the whois information is exactly as RIPE had requested it to be.

Couldn't they mention just which line they wanted to have changed?

1
0

The kid is not VSAN: EMC buffs up ScaleIO for high-end types

Rainer

It's a valid question

Is this similar to ZFSs checksumming?

ZFS is the only thing I'd trust to write reliably to SSDs (and be able to detect bit-rot).

Will these checksums detect bit-rot?

0
0

FreeBSD 10.3 lands

Rainer

WhatsApp runs FreeBSD

As do the Netflix Cache-Boxes.

Admittedly, WhatsApp is apparently using FreeBSD mostly as Erlang-launcher - but they serve there 9-digit number of users with a comparatively small number of servers (50-ish, IIRC).

But still - I doubt you could do that with a crap OS.

See this press-release from Mellanox:

http://www.mellanox.com/page/press_release_item?id=1688

We use it a lot for servers. Installation is simple, clean. The handling is very straight-forward. No silly side-effects, no "you have to turn this knob and then that one", none of the idiosyncrasies of Linux. 3rd-party apps behave (almost) exactly like their native documentation describes.

On the desktop, I prefer SuSE (historically). Everyone else in on Ubuntu.

FreeBSD and Ubuntu lack the enterprise-features of RHEL/Centos.

In case of Ubuntu, you can buy them with landscape (but this isn't available on-premise and it makes Ubuntu about as expensive as RHEL - and frankly it's not good enough for that price-tag).

If I could get FreeBSD pkg-management via foreman/katello, this would be an absolute killer.

Well, at least in my datacenter(s) ;-)

4
0

Apeiron reckons it's the Godzilla of upstart flash arrays

Rainer
Coat

I would rather have used the metaphor "The King Kong of upstart flash arrays".

;-)

0
0

Apple engineers rebel, refuse to work on iOS amid FBI iPhone battle

Rainer

Re: I smell fish

How do you change the password if you don't know the AppleID details in the first place?

It was and is a government-owned phone to begin with.

It had mobile device management.

They can wipe it and give it to someone else ;-)

If you don't have MDM and the employee doesn't tell you the iCloud-password, it's bricked.

2
0
Rainer

Re: The end of Apple

A lot of us non-Americans do find the deep seated distrust of the federal government, well, odd. There's no equivalent feeling in, for, example, the UK, certainly not to the same extent.

Yeah, sure.

Just replace "Federal" with "EU" and maybe you'll understand a bit better.

I mean, Brits love the EU, right?

I heard they like it so much, they're eager to cede most of the political decision-making to he EU "parliament" and the EU commission (practically falling over themselves to get it done).

4
0

Dropbox slips 500PB into its Magic Pocket, not spread over AWS

Rainer

It should be noted that despite discounts, having 500PB on amazon probably wasn't cheap to begin with.

Also, amazon's infrastructure is on-demand only in theory.

If you potentially need to have lots of machines provisioned, you've got to pay for that privilege.

Same is almost certainly true for storage.

0
0

Like those independent DevOps vendors? They might not be for long...

Rainer

Do you have the 2015 report?

Would be interesting to know how accurate their 2015 predictions were.

0
0

Apple hasn't announced the new iPhone 5SE and pundits already hate it

Rainer

The 5C was different

The 5 and 5S were the same size but faster.

I'd like a 4S-size phone but newer specs than 2011.

Unlikely to happen, but a 5S-sized phone with specs from last year would be nice.

I don't live on my phone. My commute is 20 minutes, 30 by bike. I don't need to watch tv-shows on my phone.

I have a handful of apps that I like and use and that start to get really slow.

4
0

Confused as to WTF is happening with Apple, the FBI and a killer's iPhone? Let's fix that

Rainer

Re: Simple solution...

^^^^^^^This!

0
0
Rainer

Re: Simple solution...

Dude, you have no idea.

The passcode is needed to unlock the key with which the data is encrypted.

That key is a 256 Bit AES key. You can't brute force that:

https://www.reddit.com/r/theydidthemath/comments/1x50xl/time_and_energy_required_to_bruteforce_a_aes256/

If all it would take is a 100k bounty, the FBI would do it themselves.

Just returned from the pub, eh?

9
1

US DoJ files motion to compel Apple to obey FBI iPhone crack order

Rainer
Megaphone

Re: Honest Question

Someone on reddit explained it very well: part of the key is wired to the hardware of the phone.

You can't clone that part. The data has to be decrypted on that specific phone.

It's even more (much much more) complicated on later phones.

Apple has thousands of people working on this thing (the iPhone) and employs some of the smartest minds on this planet to think for every possible attack vector.

Later phones probably even shield against side-channel attacks (measuring minuscule discrepancies in power-usage etc) to help guess the key that is stored outside the control of iOS on the "secure enclave".

Today, it might be an iPhone. But what if (in a future that may be not so far away) it was possible to directly read data from the brain?

You'd use it every day at work, probably, and in your spare time. You'd think of a flower and your brain would send that image via your phone to someone else's phone and from there it would directly reach the brain. The device to enable this would be built in such a way that it wouldn't work without you giving explicit consent to this "transfer".

But what about when you committed a crime? Would law-enforcement be allowed to "tap your brain", against your will to recover details of the crime that you yourself didn't want to tell?

What if you were in a coma? Would it be OK to tap your brain? After all, when they asked you, you didn't really object ;-)

The above mentioned device would have to modified to allow overriding the protection-mechanism.

So, quite rightfully, Tim Cook takes a stand and says "it has to stop somewhere".

Because it has to.

Maybe Tim Cook thinks, this is his "Rosa Parks" moment. It was a small thing at the time. But somebody had to do it and as remarked by someone above, both sides may think this is the case of all cases to drag into the limelight.

8
0
Rainer

Re: This could be VERY bad for American business

Learning Mandarin is fairly easy - provided you start doing so at age three.

5
0

Patch ASAP: Tons of Linux apps can be hijacked by evil DNS servers, man-in-the-middle miscreants

Rainer
Childcatcher

Son-of-Ghost, it seems

We've been here before, remember?

Also, in other news, FreeBSD not affected.

8
0

Mirantis: OpenStackers, it's us or Amazon...

Rainer

Not so sure

We went with CloudStack for now.

Also, because Mirantis was way to expensive (AFAIK).

And generally, OpenStack was and is too much of a moving target.

Our deployment isn't that large currently - we'll see.

0
0

See that fist punching through the clouds? That's Veeam's, that is

Rainer

Re: Hate it anyway

Can it restore single files out of a Linux XFS LVM?

What about a FreeBSD UFS2 filesystem?

ZFS?

Windows is of no interest to me.

Looking at this:

https://helpcenter.veeam.com/backup/vsphere/guest_restore_linux.html

it seems this somehow works via the host-guest filesystem?

Note that I don't have access to the Veeam GUI, nor have the VEEAM admins any password for our VMs.

Previously, our VM-admins told us that what I described was the only way to restore data.

I don't know what version they are running.

Note: they may be incompetent.

0
0
Rainer

Hate it anyway

At least the version we have can't really do single file restores from within the server itself.

Backup-Software usually does that.

VMAdmins have to create a clone of the VM, we boot it with disabled NICs, give it another IP, enter the VM, pick the files, tar them up, copy them somewhere else and move them over to the actual server.

Always a big f'ing circus...

3
3

Mall owner lays blame at Apple's door for dragging down sales

Rainer

Apple is special

TTBOMK, Apple refuses rents based on sales percentages.

They just don't do it.

Thinking about it, too bad the ifo-Apple-Store guy passed away - he could probably answer that.

0
1

NetApp Hitz out at critics over the flashy SolidFire buyout deal

Rainer

About that last sentence...

You might want to take a a look at this man-page for FreeBSD's bhyve hypervisor:

https://www.freebsd.org/cgi/man.cgi?query=bhyve&sektion=4

Note the sponsors...

And there's this guy at NetApp who's apparently made DataONTAP run on top of above hypervisor:

https://www.linkedin.com/in/anishgupta

It (bhyve) now seems to support Windows:

https://wiki.freebsd.org/bhyve/Windows

So, I guess not much is missing and you could run VMs directly on your NetAPP storage.

2
0

Alphabetti spaghetti: What Wall Street isn't telling you about Google

Rainer

Everybody calls Apple a "one trick pony" (which they're really not) - but was is Google without search?

It's just hamsters in mice in comparison.

Hopefully, all the ads will move to Facebook soon, where I can't see them (lack of account).

Maybe the content will move there, too - but then my productivity at work might skyrocket.

And I would get to read a book once in a while.

2
1

GitHub falls offline, devs worldwide declare today a snow day

Rainer

we have a local gitlab

so we don't have to deal with crap like that.

0
0

Evil OpenSSH servers can steal your private login keys to other systems – patch now

Rainer
Paris Hilton

Re: Good advert for HSMs and smart cards ?

That's why in the Hollywood-movies, they always have the hot chick to date the smart-card holder and relieve him...of his smart-card.

;-)

6
0

Time to worry about container standard's AWOL dates?

Rainer

Tough

There's such a lot of "legacy" software out there that doesn't really run in a "container" - or doesn't run well.

I always ask my co-workers what they want to achieve by "moving everything to containers" - or if it's one of these self-serving things you do to be able to say "Yeah, we did it (fist bump)".

Our customer's stuff sometimes runs months or even years in the same configuration.

No need to "spin" up more or less of it (they wouldn't pay more - nor do we want to charge them less).

There's also (to my knowledge) the mostly unsolved issues around storage (needs object storage or cluster-filesystem), overall persistence, user-management etc.

Very few companies can break-down and refactor any problem they face in such a way that it fits into their current "virtualization gospel". Most of our customers don't know why they should, don't know how the could and don't want to pay for it anyway.

We have one customer who is apparently trying to refactor their main application from a asp/dot net thingy into a linux container thingy. A project that is supposed to take two years and god knows how many man years. That's a bold move and I have nothing but respect for them (if they achieve it...).

But few people would and could do such a thing.

Though, arguably, it would be good if people had software written well enough as to allow such a feat without superhuman strength...

0
0

2016 in mobile: Visit a components mall in China... 30 min later, you're a manufacturer

Rainer

Re: Nobody will build a store/service network like Apple

I agree that it's not walk-in for everybody (I happen to work in walking-distance to one - before that opened, the next one was about 20km away and before that one opened, I'm not sure where the next one was, maybe 350km).

But at least they have stores. With people.

Having read the customer-service nightmares other people have when they send-in their phones and receive them unrepaired several times (or with a different defect, or it gets lost on the way or...) and the case dragging on for weeks... I'm sure these people would at some point actually take a flight somewhere just to yell at somebody...

There's also an Authorized Reseller here in town (predating any "official" Apple store), who has his own repair-shop.

For the record: I work in Zurich and the "main" Apple Store (there's another one in a mall a bit outside where I have never been since I moved here ten years ago) can sometimes be a mixture of a circus, a kindergarden and Dante's Hell - but the few times I went there to actually buy something or ask something, it didn't take too long before I could get the attention of a staff member.

The "take a number" concept is nice (and used in Swiss post offices) - but it reminds me of German government agencies (and their mixed track-record when it comes to "Put the customer first").

I assume, Apple doesn't want to even hint at the idea that its stores are akin to government agencies or that its customers are "just numbers".

I'm sure there are a lot of people at Apple just brooding over the efficiency of the stores every single day...

1
0
Rainer

Nobody will build a store/service network like Apple

Especially not Far-Eastern companies.

So, you'll always have to hand in the phone and hope it will actually arrive back.

Apple does repairs, too - but they also do walk-in full exchanges.

Of course, the (largest) iPhone 6S Plus is about five times more expensive than I would actually be comfortable to spend - there's no denying about that.

But at least, I'm the customer and not the product.

Apple doesn't use my data other than for themselves.

That said, the Watch has never appealed to me. First, I've already got a watch. Then, it doesn't look rugged enough for my sports (mountain-biking). And apart from the hr-monitor, it doesn't have any other features I would actually use (I don't read any of my main email-accounts on my phone, I pay almost always in cash, I don't receive a ton of notifications (deactivated most of them) and because I still own an iPhone 4S, I can remove the phone from my pocket and hold it with one hand when somebody calls...).

But the iPhone's value is still superior to me:

- single vendor for hardware and software

- walk-in support

- OS updates with no hassle, long support cycle

- hardware seems quite durable

- very secure (once you active Find My iPhone and give it an access-code, it's basically a brick to any thief)

- vendor has made a commitment to my privacy

If there was an option (in the form of a subscription) with Google so they would not track your behavior, mine your data and sell your information, place adds all over your screen etc - I would consider that.

But I suspect it would be even more expensive in the end than owning an iPhone.

1
1

Flare-well, 2015 – solar storm to light up skies on New Year's Eve

Rainer

Coincidence?

There seems to have happened a little hickup in Amazon's "govcloud":

https://www.reddit.com/r/sysadmin/comments/3yv2db/aws_ebs_volume_data_loss_usgovcloudwest1a/

It looks like those people who believe that "made to government-standard" means more expensive and less reliable - they were actually right ;-)

0
0

How to log into any backdoored Juniper firewall – hard-coded password published

Rainer

Actually, I believe Juniper has a sizable business in the Arab world - simply for the fact that they aren't Checkpoint.

Same goes for e.g. Germany-based companies in that sector.

4
2

IT salary not enough? Want to make £10,000 a DAY?

Rainer

Re: Names?

The state of (in-)security in a company has rarely anything to do with the amount of money you spend. Especially, if you spend it on a consultant charging five-figures per day.

Security is a process, a line of thinking. It's really how you do business, how your employees think and work.

Spending that amount of money just for a single consultant looks a bit strange to me.

(had done pen-tests early in my career, where I once happened to see the remaining traces of my own (legal) break-in attempts when a couple of months later the client was hit by "Code Red" and really had to get serious with cleaning up the servers...)

1
0
Rainer

Names?

So we can avoid them, when making purchasing decisions.

10
0

We're not in ordinary servers anymore: EMC readies open sorcery spells

Rainer

As if

our network-guys would want to have the firmware of their switches managed by us (Unix folk).

Or the storage guys give us permission to roll out new NetApp updates.

And of course, the Windows-team wants to do everything having to do with Windows themselves.

But at least, with ScaleIO, we're getting our own storage, anyway ;-)

And with RedHat IPA, we'll get our own "AD".

0
0

German ex-pat jailed for smearing own pat all over Cork apartment

Rainer

Re: Jail sentence?

Don't worry - he'll get cold showers in prison every morning. That'll cure him!

0
0

Apple's Watch charging pad proves Cupertino still screwing buyers

Rainer

Don't understand the rage

The Watch isn't a bargain-bin article to begin with.

So, it makes sense to price the charging dock accordingly.

Everybody does this.

It's probably as overpriced as e.g. any car beyond the sophistication-level of a Dacia Logan.

People spend insane amounts of money on car- (and motorbike) related purchases (and taxes, insurance) - and if you ask them, why they bought an Audi, a BMW or a Lexus or whatever they'll say something along the lines of "It's nicer".

Do you guys go to car-forums and flame the Mercedes and BMW owners (who, more often than not, haven't even bought the cars, but are leasing or financing them...) over their taste and their (assumed) lack of taste?

6
37

The Edward Snowden guide to practical privacy

Rainer

Business journalist Jeff Bercovici lost nine years of Facebook data

Cry me a river!

He should rejoice.

And he calls himself a journalist?

Does he also weep when someone unfriends him on FB?

11
1

White box servers? We can do that, says HP Enterprise chief

Rainer

Anyone actually used the HP "Cloud Line" boxes?

Our sales-rep didn't know much about them, other than you need to order 50 or 100 at a time (don't remember which).

Though, them being so new, the only thing that could be reported is probably the number of DOA-units ;-)

Would be worth an El Reg hardware-review, IMO.

1
0

Isilon software on Dell hardware – could it really be true?

Rainer

Re: A welcome development

Isilon uses a customized FreeBSD + their own stuff as the software-basis.

So, it should be no problem (or very few problems) to run it on your own iron.

Haven't seen any of their filers and probably never will.

So it's pure speculation based on an article I read in the latest version of the "FreeBSD Journal".

0
0

Job alert: Is this the toughest sysadmin role on Earth? And are you badass enough to do it?

Rainer

Yeah, but thank god I never set a foot into that land.

0
1
Rainer

Do you have to pay tax there?

Do you have to pay rent?

I imagine, not being able to spend your money on anything would make for a decent saving-rate.

That said, I just can't imagine they'll be able to match my Swiss sysadmin salary...

I do wonder how HR filters out all the crazy-crazy applicants. You need to be somewhat crazy to apply for such a job - sane people wouldn't do that.

Also to keep in mind: during the winter there, there's no way to evacuate in case of a (medical) crisis.

Either it can be fixed there, fixed later or you face the consequences.

1
1

Red Hat buys Ansible for DevOps loveliness

Rainer

Re: Hope for better consistency

RedHat uses puppet (as part of the Satellite Server 6 combo).

So this is an interesting move.

But they also bought CEPH, even though they already had GlusterFS.

It's probably their version of "Tick-Tock" or so.

1
0

EMC customers show distinct lack of Dell delight – research

Rainer

I don't know about IBM.

It could always be that the thing you buy this year is sold to China next year....

3
0

Page:

Forums