* Posts by Fazal Majid

263 posts • joined 16 May 2007

Page:

LTE-U’s window is closing and bigger 5G disputes may be coming

Fazal Majid

Carriers trying a spectrum land grab

Obviously they'd love to enclose the commons for their own benefit. That's why Israel is considering banning the use of unlicensed spectrum by carriers:

http://disruptivewireless.blogspot.com/2013/06/is-israel-about-to-ban-carrier-wifi.html

0
0

'Daddy, what's a Blu-ray disc?'

Fazal Majid

Dearth of content

I'd buy a 4K player, but for the fact there is not a single UHD Blu-Ray release I am even remotely interested in. Perhaps when the remastered release of Lawrence of Arabia comes out, whenever that is, or Rogue One next year.

I suspect falling sales of discs are caused as much by the creative bankruptcy of Hollywood and lack of movies worth watching as by competition from streaming.

13
0

What next for the F-35 after Turkey's threats to turn its back on NATO?

Fazal Majid

Erdögan's rhetoric is unseemly at best, but the US *is* harboring the head of a Scientology-meets-Opus-Dei cult that masterminded a failed coup attempt that killed hundreds in Turkey. It's as if the commander of the Provisional IRA were living in Virginia unfettered while organizing a terror spree in London. The Turks' fury is somewhat understandable.

1
50

AdBlock Plus blocked in China: 159m forbidden from stripping adverts

Fazal Majid

UC Browser

What about Alibaba's UC Browser, which has built-in ad-blocking? It is very popular in places where mobile users pay by the byte, claiming over 50% market share in India for instance.

2
0

Ready for the Internet of Things big data firehose?

Fazal Majid

BC Hydro

Vancouver is notorious for the illegal electrical taps that power lamps in its marijuana "grow-ops", as noted by Douglas Coupland in "City of Glass".

0
0

Successful fintech: UK has some, but it's not in Silicon Roundabout

Fazal Majid

Silicon Roundabout is old news

The startups there have been displaced by the much more lucrative business of providing hostels for Chinese students:

https://www.theguardian.com/cities/2014/mar/10/slow-death-of-silicon-roundabout

1
0

Apeiron claims NVMe fabric speed without NVMe over fabrics - but how?

Fazal Majid

I've got this hammer, everything is a nail

Storage Array and SAN makers keep peddling an architecture designed for disk that is simply obsolete in an era where latency is everything.

The greatest benefit of NVMe isn't throughput, it's low latency, largely by simplifying the protocol compared to ATA or SCSI. Putting NVMe devices inside an array with multiple levels of protocol conversion guarantees latency will be at least an order of magnitude slower, probably closer to two, and completely defeats the purpose of fast NVMe storage.

3
0

'Double speak' squawk users as Silent Circle kills warrant canary

Fazal Majid

A National Security Letter is not a warrant

Parse the careful semantics.

8
1

Quick note: Brexit consequences for IT

Fazal Majid

Re: European HQs

Or Edinburgh post-scotxit. Or Amsterdam, where the majority speak excellent English.

6
0

I know for certain what software-defined storage is. It's the new black

Fazal Majid

Software Defined

The phrase comes from "Software Defined Radio" (SDR), where a tunable wideband RF circuit combined with a fast DSP substitutes for fixed-function electronics. The Software-Defined Networking guys cribbed it from SDR.

SDS is the same promise as "open": cheap and flexible unlike the proprietary black boxes. Of course, only open-source solutions can be trusted, a vendor will always try to bring back lock-in.

0
0

NVMe over Ethernet is the future. And that's how we roll – Tegile

Fazal Majid

Simple rule of thumb

If your network latency exceeds your storage's latency, the right architecture is direct-attached storage, not networked storage, with the networking happening at the application layer, e.g the database. Very few Ethernet switches deliver the < 0.2ms latency of a typical NVMe SSD (only Arista comes to mind).

Networked storage is a paradigm whose time is past, and the increasingly frantic efforts of storage vendors to stave off irrelevance by shoehorning SSDs into legacy architectures designed for disk remind me of other Rube Goldberg contraptions like disk arrays that pretend to be tape auto loaders to work around brain-dead backup software.

1
1

Swiss effectively disappear Alps: World's largest tunnel opens

Fazal Majid

Protestant

Switzerland is the home of Calvinism, after all.

0
0

60 per cent of Androids exposed by new attack on mediaserver

Fazal Majid

Re: That's it

@VinceH

Thanks for the tip, I had the same issue as @J Bourne. I have been using the ancient feed http://www.theregister.co.uk/excerpts.rss, switching to http://www.theregister.co.uk/headlines.atom gives the author (but no other categories or tags)

0
0

Google Chrome deletes Backspace

Fazal Majid

Finally!

This was sufficient an annoyance that someone wrote an extension to disable this incredibly dumb UX.

4
2

The fork? Node.js: Code showdown re-opens Open Source wounds

Fazal Majid

For the opposite approach

See Joel Spolsky's excellent article on how Microsoft's Excel team was paranoid about dependencies, to the point of having its own compiler:

http://joelonsoftware.com/articles/fog0000000007.html

Much harder and more expensive than promiscuous code reuse, but it does have its advantages.

2
0
Fazal Majid

Misleading title

At first I thought the resolved feud between Node.js and its Io.js fork had erupted anew.

0
0
Fazal Majid

Git makes it trivial to switch

Git (the open source code management system by Linus Torvalds,not Github the company) is decentralized by design, and it is trivial to move the code itself elsewhere, e.g. Bitbucket or self-hosted, much easier than switching from Sourceforge to Github.

What is harder to replicate is the community. Github's value is from its role as the social network for developers, not from its code-hosting. They cannot afford to antagonize developers. A recent example was when most of Github's Enterprisa sales and Product Management left the company. They were taking the product in directions that caused a backlash from individual developers, and the company opted for the latter:

http://go.theinformation.com/259fbd

1
0

When is making $20bn in three months not enough? When your name is Google

Fazal Majid

Re: Request

Those people are primarily index funds, i.e. people who rely on Google's revenues to fund their retirement and would probably look askance at the shenanigans of Tony Fadell at Nest, among others.

0
0

Intel literally decimates workforce: 12,000 will be axed, CFO shifts to sales

Fazal Majid

Re: What was the Plan

It's Israeli and Indian employees of Intel that rescued it from irrelevance when it was being trounced in performance by AMD, from the Core architecture designed in Israel to the Xeon chips done in India.

I'm guessing Italic is toast. The thing is, low-cost domains like IoT don't have the margins to fund cutting-edge fab technology, only smartphones, tablets, PCs and servers do.

2
8

Bundling ZFS and Linux is impossible says Richard Stallman

Fazal Majid

Re: You can already use ZFS as a bolt on

Oracle's branch of ZFS has support for encryption, which is not available in OpenZFS.

Most of the original authors of ZFS have left Sun since it was acquired by Oracle, and there is probably more talent on the OpenZFS fork.

0
0

Nest's bricking of Revolv serves as wake-up call to industry

Fazal Majid

Require IoT manufacturers to support cloud services for the life of the device

And they will swiftly find a way to cut the dependence of the device on the cloud, possibly via firmware update.

Google is notorious for abruptly discontinuing services, but those people bought the hubs before the company was acquired, so blaming the victim under the doctrine of caveat emptor won't work.

10
0

IETF group proposes better SMTP hardening to secure email. At last

Fazal Majid

Broken

Trust on First Use doesn't solve the problem, because legacy compatibility downgrade attacks mean the problem cannot be solved at the SMTP layer. It's time for people to stop trying to devise doomed work-arounds and instead move to increase adoption of S/MIME, which has the potential to help, but has benn hamstrung by inadequate PKI infrastructure. Imagine if Apple or Google provided automatic S/MIME carts using the same kind of automated provisioning Let's Encrypt has.

1
1

New-economy poster child LivingSocial slashes staff amid another startup collapse

Fazal Majid

Hipsters don't have money

Investors do, and in their desperation to eke out returns in an era of effectively negative interest rates, they piled into VC without understanding how to gauge a startup, thus the surge of dumb money following the herd.

6
0

Silicon Valley VCs ranked one to 100

Fazal Majid

John Doerr at 69?

Ouch, how the mighty have fallen...

0
0

'$5bn for Slack?! I refuse to pay!' You don't pay – and that's its biggest problem

Fazal Majid

Slack is just warmed-over IRC

The problems with email, Slack, and every other messaging system are social and behavioral in nature. Moving to a new system, like getting a new email after changing jobs, gives a short respite but dysfunctional collaboration patterns reassert themselves quickly.

Like IRC, texting or chat, Slack is good for throwaway exchanges, but it's not going to solve the problem of efficient work habits. That will probably take one or two generations to happen, after all people are only just starting to take a more systematic approach to handling their to-do lists withGTD et al.

19
0

And as for actual WordPress pingbacks .... you should probably switch 'em off

Fazal Majid

Re: Too late

Let's Encrypt works quite well and is free.

HTTPS because in the post-Snowden era, everything should be encrypted by default.

0
0
Fazal Majid

Too late

The cost of an HTTPS connection is in the initial TLS handshake and key exchange. By the time nginx sees the user-agent header, the harm is already done.

2
0

Bruce Schneier: We're sleepwalking towards digital disaster and are too dumb to stop

Fazal Majid

UL

Government is not required for a solution. What we need is a digital version of Underwriters Laboratories, who do certification and safety checks for manufacturers, as do others like NSF or the TÜVs:

https://en.wikipedia.org/wiki/Nationally_Recognized_Testing_Laboratories

If IoT vendors cannot sell a product if it lacks a security mark from UL or others, they will get with the program.

7
2

Learn things? DROWN HTTPS flaw proves we don't even test things

Fazal Majid

SSL Labs

Everyone running a secure website should test its crypto using the free SSL Labs tool:

https://www.ssllabs.com/ssltest/

Nothing less than an A or A+ rating is acceptable.

7
0

Building a fanless PC is now realistic. But it still ain't cheap

Fazal Majid

Shuttle DS57U

I bought a Shuttle DS57U, a fanless dual-core 1.5GHz Broadwell PC meant for digital signage applications (I use mine as a firewall, as it has dual Intel GbE NICs instead of the usual Realtek garbage). It is also available in an i7 version, the DS57U7 (dual-core 2.4GHz Intel i7-5500U ULV), still fanless.

Very neat little system, and fairly inexpensive as well at $500 total system price with SSD and 16GB RAM (gross overkill, I know).

1
0

Virgin Atlantic co-pilot dazzled by laser

Fazal Majid

Cars?

Given how some hooligans delight in dropping cinder blocks onto traffic from an overpass or pedestrian bridge, I am surprised this isn't done more frequently to cars.

These offenses should be treated as attempted murder. There was a guy in California who was caught and sentenced to a stiff sentence, 14 years IIRC, but that was later reduced to a mere 5 years by a bleeding heart judge.

4
1

Is tech monitoring software still worth talking about?

Fazal Majid

Zabbix

There's a dearth of thorough reviews of open-source monitoring software, but I will take open-source over proprietary or hosted solutions any day.

We use Zabbix (with the PostgreSQL backend) to manage just shy of a hundred physical servers and around 500 containers. Like any serious piece of software, there is a learning curve, and the terminology is sometimes confusing because it is written by Russians, not native English speakers, but I haven't found it particularly difficult to set up. It 's certainly easier than Nagios, Ganglia or MON, and actually usable by non-technical users like support or management.

My main beef with it is that it assumes "no news is good news" and will ignore items (metrics) that are not sending data, which usually means the system is down or hung so badly the agent is not responding either. Ad-hoc querying and graphing capabilities are also somewhat crude, e.g. "build me a screen (dashboard) of CPU vs. swap for all machines in host group 'database servers'". The PHP-based web UI is a bit tired and it would be nice to have modern JS/canvas-based interactive graphs, but it is serviceable.

That said the template system is fairly flexible and powerful if you give some forethought to design, it does have the ability to handle dependencies so as to reduce the flood of downstream alerts, and is fairly easy to extend. Performance is better than a Python/Perl/Ruby solution like ZenOSS, but you will still need to dedicate a system past 100 monitored hosts/VMs or so.

0
0

Brit spies want rights to wiretap and snoop on US companies' servers

Fazal Majid

A thin veneer of carefully parsed legality

The way the UK spooks used to eavesdrop on Lady Diana (some of the more reactionary royalists within the establishment really had it for her) was simply to informally ask the US to do it for them. The UK spooks were not legally allowed to directly spy on her, but were allowed to receive "information sharing" from the US spooks. No doubt they return the favor.

3
1

The network: Your next big storage problem

Fazal Majid

Decentralized storage is the future, not arrays

The latency introduced by a network and array controller are always going to be much higher than those of direct-attached storage in the era of SSDs. The future is farms of shared-nothing servers with high-speed NVMe direct-attached storage, with aggregation being done by higher-level protocols or frameworks like Hadoop, Spark, Cassandra, pNFS et al. If you look at all the web-scale operators, Amazon, Google, FB et al, that's how they all operate, none of them use expensive and underperforming arrays. Enterprises will keep buying arrays out of sheer inertia for a little while, but as they shed workloads to the cloud, the dynamic is not favorable to the outdated mainframe-era array model.

2
0

Internet of Things 'smart' devices are dumb by design

Fazal Majid

Do not despair

A recent report by Accenture found that 47% of those surveyed were avoiding IoT devices due to concerns over privacy and security. People are not as apathetic as you think. When combined with the marginal utility of most IoT devices, for half of potential customers the value proposition is just not compelling enough to outweigh the risks.

18
0

AMD's 64-bit ARM server chip Seattle finally flies the coop ... but where will it call home?

Fazal Majid

They should start selling them as appliances

Things like Spark or Hadoop clusters-in-a-box, Or Cassandra, ElasticSearch etc.

The density needs to go way higher, though - even a 5x improvement in performance per watt will get drowned out by Amdahl's law when CPU power consumption only represents about 20-30% of total system power usage (DRAM accounts for a significant proportion).

1
0

Mozilla tells Persona single sign-on to singularly sign off

Fazal Majid

The Google ad dollar gravy train is gone

And thus projects are being culled. Resources of the human kind have probably been reassigned to the unemployment office. Yet this project, while unsuccessful in adoption, does not begin to plumb the depths of uselessness of Mozilla Open Badges, among others.

2
0

You want to migrate how much data?

Fazal Majid

Get a better filesystem

We migrated data out of AWS using ZFS snapshots and incremental transfer functionality, at speeds close to a gigabit without any special arrangements with Amazon:

1
0

PHP 7.0 arrives, so go forth and upgrade if you dare

Fazal Majid

Jumping the gun

As I write, the official www.php.net site only has an announcement for PHP 7.0.0 Release Candidate 8 dating from Nov. 26th.

0
0

EE plans to block annoying ads on mobile network

Fazal Majid

It's not about the customer

It's about shaking down advertisers: either they pay the ransom to get on the whitelist or their ads get blocked. It's also a stalking horse for further, more damaging net neutrality violations by setting a PR friendly precedent.

9
0

Thin Client Devices Revisited

Fazal Majid

Overpriced

Thin clients manage to be more expensive than full-featured computers, and have been that way since the days of the x3270, vt100, X Terminals (cheaper than workstations, much more expensive than PCs). That's because they are typically sold to large corporations where IT suffers from "it's not my money" syndrome and because as a niche product R&D costs are amortized over much smaller volumes.

There is something to be said for specialized Linux distros that turn obsolete PCs into workable thin clients, but otherwise iPad or Chromebooks locked into running the browser are the real thin client.

3
0

NoSQL: Injection vaccination for a new generation

Fazal Majid

Stored procedures are the way

The right way to deal with this is to provide a stored-procedure based interface for the app servers to access the database, not directly using raw SQL/NoSQL, which should be reserved for the DBA or database programmer (you have one, right?).

This takes care of injection attacks, but also confidentiality. Most reasonable systems have the concept of definer/invoker access, similar to the setuid bit in UNIX, where a stored procedure has access to an underlying table with the rights of the definer but the invoker calling the procedure doesn't. If you have a table of users and passwords, for instance, you could have a procedure authenticate(user, password) that can read the table and can be called by the app server but does not leak passwords, even hashed/salted ones. It's much harder to exploit such finer-grained access for data theft.

1
0

Here's the little-known legal loophole that permitted mass surveillance in the UK

Fazal Majid

Distrust in the security services

Is not caused by the tortured legal rationalizations they employ, but by their history of plotting against democratically elected governments.

4
0

RoboVM: Open source? Sorry, it's not working for us

Fazal Majid

Surprise, surprise

Mono is used primarily by those who were dumb enough to tie themselves to Microsoft's proprietary .NET stack, and who can hardly act surprised when they are squeezed by the vendor (or its sole alternative).

Java users are pretty much in the same boat. Even though there are alternative JVMs, Oracle is as rapacious a firm as it gets, unlike Sun, and their lawsuits against Google should be a waking call to developers, to start working on their migration plan and limit their exposure to what is going to be an increasingly expensive legacy technology.

7
1

Northrop wins $55bn contract for next-gen bomber – as America says bye-bye to B-52

Fazal Majid

Re: Just remember...

The cost was prohibitive because Boeing would rather sell $800M bombers than $55M ones, and invented excuses. The whole concept of advanced manned bombers is as archaic as battleships or horse cavalry. The Russians can shoot them down whenever they want, and you don't need the fancy tech to bomb the likes of ISIS, just a cheap, cost-effective warhorse like the B-52.

9
4

We can't all live by taking in each others' washing

Fazal Majid

Not all exchanges are voluntary

If you accept Worstall's logic, burglary is just as valuable as manufacturing or finance.

1
0

Joining the illuminati? Just how bright can a smart bulb really be?

Fazal Majid

You're overstating the benefits

When you factor in the costs of privacy infringement and insecurity, the ledger is firmly in negative territory.

15
1

'Malicious time source' can poison Network Time Protocol

Fazal Majid

Or you could switch to the OpenBSD OpenNTPd

I run it on Solaris and OS X (on a machine where the stock xntpd drifts uncontrollably by minutes a week), it's perfectly fine for most use-cases.

3
0

Android users left at risk... and it's not even THEIR FAULT this time!

Fazal Majid

Android updates policies are unconscionable

My father asked me for recommendations for an unlocked smartphone. I would have recommended an iPhone, except he doesn't want to spend more than $200. I held up my nose and recommended a Windows device to him precisely because of Android phone makers' unacceptable policies.

It's not surprising, really, the OEMs would rather sell you a new phone than help you make your old last. Software updates should be firmly in the hand of the ones making the software, i.e. Google, not the Android OEMs.

6
0

White House 'deeply disappointed' by Europe outlawing Silicon Valley

Fazal Majid

Re: Ungrateful!

Not for want of trying. FDR's plans were to set up an occupation protectorate similar to the one in Germany or Japan, using elements of the Vichy regime:

http://www.monde-diplomatique.fr/2003/05/LACROIX_RIZ/10168

0
0

Page:

Forums