* Posts by Fazal Majid

246 posts • joined 16 May 2007

Page:

When is making $20bn in three months not enough? When your name is Google

Fazal Majid

Re: Request

Those people are primarily index funds, i.e. people who rely on Google's revenues to fund their retirement and would probably look askance at the shenanigans of Tony Fadell at Nest, among others.

0
0

Intel literally decimates workforce: 12,000 will be axed, CFO shifts to sales

Fazal Majid

Re: What was the Plan

It's Israeli and Indian employees of Intel that rescued it from irrelevance when it was being trounced in performance by AMD, from the Core architecture designed in Israel to the Xeon chips done in India.

I'm guessing Italic is toast. The thing is, low-cost domains like IoT don't have the margins to fund cutting-edge fab technology, only smartphones, tablets, PCs and servers do.

2
8

Bundling ZFS and Linux is impossible says Richard Stallman

Fazal Majid

Re: You can already use ZFS as a bolt on

Oracle's branch of ZFS has support for encryption, which is not available in OpenZFS.

Most of the original authors of ZFS have left Sun since it was acquired by Oracle, and there is probably more talent on the OpenZFS fork.

0
0

Nest's bricking of Revolv serves as wake-up call to industry

Fazal Majid

Require IoT manufacturers to support cloud services for the life of the device

And they will swiftly find a way to cut the dependence of the device on the cloud, possibly via firmware update.

Google is notorious for abruptly discontinuing services, but those people bought the hubs before the company was acquired, so blaming the victim under the doctrine of caveat emptor won't work.

10
0

IETF group proposes better SMTP hardening to secure email. At last

Fazal Majid

Broken

Trust on First Use doesn't solve the problem, because legacy compatibility downgrade attacks mean the problem cannot be solved at the SMTP layer. It's time for people to stop trying to devise doomed work-arounds and instead move to increase adoption of S/MIME, which has the potential to help, but has benn hamstrung by inadequate PKI infrastructure. Imagine if Apple or Google provided automatic S/MIME carts using the same kind of automated provisioning Let's Encrypt has.

1
1

New-economy poster child LivingSocial slashes staff amid another startup collapse

Fazal Majid

Hipsters don't have money

Investors do, and in their desperation to eke out returns in an era of effectively negative interest rates, they piled into VC without understanding how to gauge a startup, thus the surge of dumb money following the herd.

6
0

Silicon Valley VCs ranked one to 100

Fazal Majid

John Doerr at 69?

Ouch, how the mighty have fallen...

0
0

'$5bn for Slack?! I refuse to pay!' You don't pay – and that's its biggest problem

Fazal Majid

Slack is just warmed-over IRC

The problems with email, Slack, and every other messaging system are social and behavioral in nature. Moving to a new system, like getting a new email after changing jobs, gives a short respite but dysfunctional collaboration patterns reassert themselves quickly.

Like IRC, texting or chat, Slack is good for throwaway exchanges, but it's not going to solve the problem of efficient work habits. That will probably take one or two generations to happen, after all people are only just starting to take a more systematic approach to handling their to-do lists withGTD et al.

18
0

And as for actual WordPress pingbacks .... you should probably switch 'em off

Fazal Majid

Re: Too late

Let's Encrypt works quite well and is free.

HTTPS because in the post-Snowden era, everything should be encrypted by default.

0
0
Fazal Majid

Too late

The cost of an HTTPS connection is in the initial TLS handshake and key exchange. By the time nginx sees the user-agent header, the harm is already done.

2
0

Bruce Schneier: We're sleepwalking towards digital disaster and are too dumb to stop

Fazal Majid

UL

Government is not required for a solution. What we need is a digital version of Underwriters Laboratories, who do certification and safety checks for manufacturers, as do others like NSF or the TÜVs:

https://en.wikipedia.org/wiki/Nationally_Recognized_Testing_Laboratories

If IoT vendors cannot sell a product if it lacks a security mark from UL or others, they will get with the program.

7
2

Learn things? DROWN HTTPS flaw proves we don't even test things

Fazal Majid

SSL Labs

Everyone running a secure website should test its crypto using the free SSL Labs tool:

https://www.ssllabs.com/ssltest/

Nothing less than an A or A+ rating is acceptable.

7
0

Building a fanless PC is now realistic. But it still ain't cheap

Fazal Majid

Shuttle DS57U

I bought a Shuttle DS57U, a fanless dual-core 1.5GHz Broadwell PC meant for digital signage applications (I use mine as a firewall, as it has dual Intel GbE NICs instead of the usual Realtek garbage). It is also available in an i7 version, the DS57U7 (dual-core 2.4GHz Intel i7-5500U ULV), still fanless.

Very neat little system, and fairly inexpensive as well at $500 total system price with SSD and 16GB RAM (gross overkill, I know).

1
0

Virgin Atlantic co-pilot dazzled by laser

Fazal Majid

Cars?

Given how some hooligans delight in dropping cinder blocks onto traffic from an overpass or pedestrian bridge, I am surprised this isn't done more frequently to cars.

These offenses should be treated as attempted murder. There was a guy in California who was caught and sentenced to a stiff sentence, 14 years IIRC, but that was later reduced to a mere 5 years by a bleeding heart judge.

4
1

Is tech monitoring software still worth talking about?

Fazal Majid

Zabbix

There's a dearth of thorough reviews of open-source monitoring software, but I will take open-source over proprietary or hosted solutions any day.

We use Zabbix (with the PostgreSQL backend) to manage just shy of a hundred physical servers and around 500 containers. Like any serious piece of software, there is a learning curve, and the terminology is sometimes confusing because it is written by Russians, not native English speakers, but I haven't found it particularly difficult to set up. It 's certainly easier than Nagios, Ganglia or MON, and actually usable by non-technical users like support or management.

My main beef with it is that it assumes "no news is good news" and will ignore items (metrics) that are not sending data, which usually means the system is down or hung so badly the agent is not responding either. Ad-hoc querying and graphing capabilities are also somewhat crude, e.g. "build me a screen (dashboard) of CPU vs. swap for all machines in host group 'database servers'". The PHP-based web UI is a bit tired and it would be nice to have modern JS/canvas-based interactive graphs, but it is serviceable.

That said the template system is fairly flexible and powerful if you give some forethought to design, it does have the ability to handle dependencies so as to reduce the flood of downstream alerts, and is fairly easy to extend. Performance is better than a Python/Perl/Ruby solution like ZenOSS, but you will still need to dedicate a system past 100 monitored hosts/VMs or so.

0
0

Brit spies want rights to wiretap and snoop on US companies' servers

Fazal Majid

A thin veneer of carefully parsed legality

The way the UK spooks used to eavesdrop on Lady Diana (some of the more reactionary royalists within the establishment really had it for her) was simply to informally ask the US to do it for them. The UK spooks were not legally allowed to directly spy on her, but were allowed to receive "information sharing" from the US spooks. No doubt they return the favor.

3
1

The network: Your next big storage problem

Fazal Majid

Decentralized storage is the future, not arrays

The latency introduced by a network and array controller are always going to be much higher than those of direct-attached storage in the era of SSDs. The future is farms of shared-nothing servers with high-speed NVMe direct-attached storage, with aggregation being done by higher-level protocols or frameworks like Hadoop, Spark, Cassandra, pNFS et al. If you look at all the web-scale operators, Amazon, Google, FB et al, that's how they all operate, none of them use expensive and underperforming arrays. Enterprises will keep buying arrays out of sheer inertia for a little while, but as they shed workloads to the cloud, the dynamic is not favorable to the outdated mainframe-era array model.

2
0

Internet of Things 'smart' devices are dumb by design

Fazal Majid

Do not despair

A recent report by Accenture found that 47% of those surveyed were avoiding IoT devices due to concerns over privacy and security. People are not as apathetic as you think. When combined with the marginal utility of most IoT devices, for half of potential customers the value proposition is just not compelling enough to outweigh the risks.

18
0

AMD's 64-bit ARM server chip Seattle finally flies the coop ... but where will it call home?

Fazal Majid

They should start selling them as appliances

Things like Spark or Hadoop clusters-in-a-box, Or Cassandra, ElasticSearch etc.

The density needs to go way higher, though - even a 5x improvement in performance per watt will get drowned out by Amdahl's law when CPU power consumption only represents about 20-30% of total system power usage (DRAM accounts for a significant proportion).

1
0

Mozilla tells Persona single sign-on to singularly sign off

Fazal Majid

The Google ad dollar gravy train is gone

And thus projects are being culled. Resources of the human kind have probably been reassigned to the unemployment office. Yet this project, while unsuccessful in adoption, does not begin to plumb the depths of uselessness of Mozilla Open Badges, among others.

2
0

You want to migrate how much data?

Fazal Majid

Get a better filesystem

We migrated data out of AWS using ZFS snapshots and incremental transfer functionality, at speeds close to a gigabit without any special arrangements with Amazon:

1
0

PHP 7.0 arrives, so go forth and upgrade if you dare

Fazal Majid

Jumping the gun

As I write, the official www.php.net site only has an announcement for PHP 7.0.0 Release Candidate 8 dating from Nov. 26th.

0
0

EE plans to block annoying ads on mobile network

Fazal Majid

It's not about the customer

It's about shaking down advertisers: either they pay the ransom to get on the whitelist or their ads get blocked. It's also a stalking horse for further, more damaging net neutrality violations by setting a PR friendly precedent.

9
0

Thin Client Devices Revisited

Fazal Majid

Overpriced

Thin clients manage to be more expensive than full-featured computers, and have been that way since the days of the x3270, vt100, X Terminals (cheaper than workstations, much more expensive than PCs). That's because they are typically sold to large corporations where IT suffers from "it's not my money" syndrome and because as a niche product R&D costs are amortized over much smaller volumes.

There is something to be said for specialized Linux distros that turn obsolete PCs into workable thin clients, but otherwise iPad or Chromebooks locked into running the browser are the real thin client.

3
0

NoSQL: Injection vaccination for a new generation

Fazal Majid

Stored procedures are the way

The right way to deal with this is to provide a stored-procedure based interface for the app servers to access the database, not directly using raw SQL/NoSQL, which should be reserved for the DBA or database programmer (you have one, right?).

This takes care of injection attacks, but also confidentiality. Most reasonable systems have the concept of definer/invoker access, similar to the setuid bit in UNIX, where a stored procedure has access to an underlying table with the rights of the definer but the invoker calling the procedure doesn't. If you have a table of users and passwords, for instance, you could have a procedure authenticate(user, password) that can read the table and can be called by the app server but does not leak passwords, even hashed/salted ones. It's much harder to exploit such finer-grained access for data theft.

1
0

Here's the little-known legal loophole that permitted mass surveillance in the UK

Fazal Majid

Distrust in the security services

Is not caused by the tortured legal rationalizations they employ, but by their history of plotting against democratically elected governments.

4
0

RoboVM: Open source? Sorry, it's not working for us

Fazal Majid

Surprise, surprise

Mono is used primarily by those who were dumb enough to tie themselves to Microsoft's proprietary .NET stack, and who can hardly act surprised when they are squeezed by the vendor (or its sole alternative).

Java users are pretty much in the same boat. Even though there are alternative JVMs, Oracle is as rapacious a firm as it gets, unlike Sun, and their lawsuits against Google should be a waking call to developers, to start working on their migration plan and limit their exposure to what is going to be an increasingly expensive legacy technology.

7
1

Northrop wins $55bn contract for next-gen bomber – as America says bye-bye to B-52

Fazal Majid

Re: Just remember...

The cost was prohibitive because Boeing would rather sell $800M bombers than $55M ones, and invented excuses. The whole concept of advanced manned bombers is as archaic as battleships or horse cavalry. The Russians can shoot them down whenever they want, and you don't need the fancy tech to bomb the likes of ISIS, just a cheap, cost-effective warhorse like the B-52.

9
4

We can't all live by taking in each others' washing

Fazal Majid

Not all exchanges are voluntary

If you accept Worstall's logic, burglary is just as valuable as manufacturing or finance.

1
0

Joining the illuminati? Just how bright can a smart bulb really be?

Fazal Majid

You're overstating the benefits

When you factor in the costs of privacy infringement and insecurity, the ledger is firmly in negative territory.

15
1

'Malicious time source' can poison Network Time Protocol

Fazal Majid

Or you could switch to the OpenBSD OpenNTPd

I run it on Solaris and OS X (on a machine where the stock xntpd drifts uncontrollably by minutes a week), it's perfectly fine for most use-cases.

3
0

Android users left at risk... and it's not even THEIR FAULT this time!

Fazal Majid

Android updates policies are unconscionable

My father asked me for recommendations for an unlocked smartphone. I would have recommended an iPhone, except he doesn't want to spend more than $200. I held up my nose and recommended a Windows device to him precisely because of Android phone makers' unacceptable policies.

It's not surprising, really, the OEMs would rather sell you a new phone than help you make your old last. Software updates should be firmly in the hand of the ones making the software, i.e. Google, not the Android OEMs.

6
0

White House 'deeply disappointed' by Europe outlawing Silicon Valley

Fazal Majid

Re: Ungrateful!

Not for want of trying. FDR's plans were to set up an occupation protectorate similar to the one in Germany or Japan, using elements of the Vichy regime:

http://www.monde-diplomatique.fr/2003/05/LACROIX_RIZ/10168

0
0

Penny wise and pound foolish: Server hoarders are energy wasters

Fazal Majid

The reason why some businesses are still running P4s

Is the cost and risk of testing (integrating, really) whatever half-understood legacy app is running on them against whatever newer version of the OS is compatible with a newer server. P2V only goes so far. That's also the reason why VMware gets to charge extortionate license fees - they are really in the business of managing DLL hell for legacy environments, but a truly ancient OS like whatever is running on those P4s might not run on a VM.

5
0

Apple rains refunds on Peace'd off axed ad-blocker netizens

Fazal Majid

They should also kick him off the developer program

He's probably cost Apple several times the net gross of his app in customer service costs alone.

I get it, his blogging buddies, like John "ad-blocking is perfectly fine unless it's my ads that are being blocked, because my shit doesn't stink" Gruber, are furious at him. The smug and sanctimonious way he did his about-face rubbed people the wrong way.

10
2

Shedload of security bugs squashed in iOS 9 – what the hell went wrong with iOS 8?

Fazal Majid

Much older than that

Robert Tappan Morris' 1988 worm used a buffer overflow in fingerd, for one.

1
1

ICANN descends into farce as bigwigs try to cling to power

Fazal Majid

Re: I am reminded of the words attributed to Cromwell dismissing the Rump Parliament

Or even a for-profit corporation like Neustar (the guys who manage the North American Numbering Plan Authority that assigns US/Canada phone numbers). It can't get any worse than ICANN for transparency.

0
0

US to stage F-35-versus-Warthog bake-off in 2018

Fazal Majid

Re: versus?

"ISIS is pretty much an edge case."

Every single war the US fought this century fits that edge case.

4
0

Scrapheap challenge: How Amazon and Google are dumbing down the gogglebox

Fazal Majid

4K support

Is the big reason to use the SmartTV features. No streaming box available today supports HDMI 2.0 or 4K resolution. Netflix in 4K is a glorious experience, despite the paucity of content. All 4K HDTVs have SmartTV functionality today, and by the time they are no longer supported, the streaming boxes will have caught up, so you are none the worse off.

The thing I find most annoying is why TVs come with only a handful of HDMI ports (3 or 4 is the max), but a surfeit of obsolete analog ports like component video or S-Video, which belong on the dust heap of history. Surely no more than one such port is needed?

0
0

Big trouble in big China: Crashing economy in Middle Kingdom body slams US tech stocks

Fazal Majid

Tech companies are in trouble in China anyway

The Snowden revelations have led to a backlash against Western firms deemed, fairly or not, to be collaborating with the NSA's espionage dragnet.

1
1

The good burghers of Palo Alto are entirely insane

Fazal Majid

Stanford

Stanford University is the elephant in the room. They own a huge amount of property in Palo Alto and are too rich and lawyered-up for the city council to tangle with. Like many prestigious universities in the US, they are really a hedge fund with an education sideline as a tax dodge, and Stanford's endowment is growing fastest in the country, thanks to all the tech wealth it has generated.

The value of property in Palo Alto is tied directly to the tech industry that sprung from Stanford. Detroit can put all the property restrictions it wants, that would not raise prices one whit since no one actually wants to live or work there if they have any choice in the matter. Planning regulations are just a multiplier on top of demand that already exists.

7
0

Vaio returns from the dead wearing sharper suit, bolts in neck

Fazal Majid

Is there really a market for status-symbol Windows PCs?

A few years ago Apple wrested away an astonishing 90% market share in personal computers over $1000. It seems anyone who cares enough (or wants to be seen with a machine the peons are not entitled to) already gets a MacBook of some sort. Vaios had some exclusives like carbon fiber chassis, but recognition is probably not good enough for them to be a Veblen good.

0
0

DNS root zone drama: Follow live the most important dullest ceremony you'll ever see

Fazal Majid

Oscars?

Less glamorous than the Oscars, perhaps, but certainly not more boring than that tedious circle-jerk of Hollywood narcissism.

3
0

Google's new parent Alphabet owns abc.xyz – and, yup, there's already an abc.wtf

Fazal Majid

abc.wtf was registered by Microsoft themselves:

http://whois.domaintools.com/abc.wtf

1
1

It's incredibly easy to bump someone off online, and here's how to do it – infosec bod

Fazal Majid

Immigration fraud

If birth certificates are so easy to forge, that would make immigration fraud easy for younger people.

1
0

Amazon just wrote a TLS crypto library in only 6,000 lines of C code

Fazal Majid

Re: Bit iffy on some of the details

They should have included Dan Bernstein's NaCl library as well.

0
0

Yep, it's true: Android is the poor man's phone worldwide

Fazal Majid

It's difficult

When the crap in question is all the privacy-voiding software built into the OS itself by Google.

6
6

Google-owned smart-gumble-maker Nest snubs Google's smart-gumble OS Brillo

Fazal Majid

Protecting users' privacy?

"the company has worked hard to make simple while protecting users' privacy"

That's pretty rich when coming from a company owned by Google, the creepiest and most privacy-invasive firm there is. I had considered a Nest thermostat a couple of years ago, but their acquisition by Google was an absolute deal-breaker. As for paying $200 to let Big Brother inside your house, that's merely adding insult to injury.

8
2

Chuck chucks Cisco's China C-suite

Fazal Majid

Unwinnable battle

Convenient scapegoats. There's no way Cisco can win in China - Huawei and ZTE are entrenched, outspend it massively on R&D, are way cheaper, and post-Snowden, no self-respecting Chinese would take Cisco gear even if it were given away for free. What's more, other emerging markets are likely to follow.

3
0

Scientists love MacBooks (true) – but what about you?

Fazal Majid

The scientific community and the academic community are deeply interconnected. Given Apple's strength in the education market, it's not surprising they are better represented in the scientific community than in the general business arena.

At my startup here in San Francisco, the Mac is the company standard, and that's consistent with most tech startups in the Bay Area. We're not religious about this, and two of of our 30+ employees actually opted to use Windows, primarily because Excel for Mac is so far behind the Windows version (we buy the licenses, but they are on their own for installing it and supporting themselves). We don't have centralized account management or directory services, but our IT is either cloud-based, web-based internal apps coded to web standards (we don't test on IE, so if they run Windows they have to use Chrome/Firefox) or SSH to UNIX (Solaris) machines. In practice, it's BYOD except the company is paying for the devices. It all works far more smoothly than my previous startup where we ran Windows and had 2 full-time IT people supporting it.

There are places where regulatory requirements (e.g. HIPAA or banking regulations) require a locked-down environment with Active Directory and Policy Editor, but in this era of cloud services the client OS is much less relevant than it used to be. I thought it was a cliche, but I have been at a corporate IT shop where the admins didn't bother to conceal that job security was the main reason why they pushed Microsoft and Oracle technologies.

5
2

Page:

Forums