Posts by NickHolland

Re: Year of Lunix desktop

Considering the thrashing that Linux does in their enviroment, Windows is looking really stable.

REALLY stable.

File system of the month, firewall of the year, window manager of the release.

Moving someone to Linux would be a big learning curve, followed by another and another. And the novice Ubuntu user will not be able to help the novice Debian user (even though they share roots)

Windows is way ahead of Linux in this regard. And that is with acknowledging that Windows does some pretty mindless thrashing, too. Just not as insane as Linux.

Give Proxmox another chance -- it looks like it has made some interesting progress in the last few years. The UI ain't bad, really...though I'm still having trouble figuring out what it is doing under the covers (ok, I just created a VM. I have no idea what physical disk it landed on. But I'm very new with it...).

I'll admit, installation didn't go well on the one machine I was really hoping to use, it went further than ESXi did -- ESXi refused to recognize the SAS interfaces the disks were on. Entertainingly, the box was actually etired Nutanix hardware.

What I'm liking about Proxmox is that it IS a set of applications on a full Linux install, whereas ESXi was definitely based on Linux, but so many tools were yanked out or highly restricted from a standard Linux install, it was annoying to know what I wanted to accomplish, but not sure how to accomplish it in THIS environment.

Re: Misdirection Again

The standard should be, "you don't ship malware. You don't let people into your networks. You don't permit your product to be used to compromise others".

Everything else should be GUIDANCE as to how to accomplish that standard. Compliance should be a tool to reach the goal of security, not the goal itself.

The problem is, it has become "sufficient" to check the compliance boxes and say, "good enough, we don't have to actually BE secure, if we are compliant". And that's just wrong. I've seen too much utter fraud in that regard -- waving of hands and saying "we are compliant" because irrelevant check boxes are checked on fundamentally insecure systems.

Simple rule of economics: you get more of anything you reward. Let people escape responsibility for shipping and profiting from malicious software, you will get more security problems. Honestly, if you screw up badly enough, I don't see why a fine or penalty should have any particular limits. "our company won't survive!" "ok. Maybe your competitor will realize something you didn't: this is important".

And yes, I believe the liability disclaimer on all commercial software needs to go away. If you are profiting from the transaction, you better make sure you are not shipping garbage.

Re: Real Time

DOS, yes, it basically was a real time OS. Or perhaps more accurately, a program loader with a file system, and your application owned the hw, and thus could be as real-time as needed.

Windows 3.x was simple by today's standards, but pushed hard -- and unsuccessfully -- against its design limits (based on the HW it was designed for -- but because of the design, simply putting it on a fast machine with large amounts of memory didn't really fix anything). My memories of it was that it had anything but predictable behavior. There are reasons people were very excited about Windows 95 when it came out (and of course, reasons they were very disappointed).

that is kinda by design. OpenBSD is one of the very few places where security really is top priority, not "as long as it doesn't get in the way of anything else" (which quickly translates to "last priority"). A program that violates memory usage can't be trusted and gets terminated.

Personally, I use it for most things. But then, my favorite "file manager" is a shell prompt. My window manager of choice is Fluxbox. And I've been working with OpenBSD in various ways for almost 25 years now, so I may be biased.

Re: The End

I've been saying the end of VMware has been coming for a long time.

An early straw for me was the Aug 12, 2008 time bomb they left in code. Sure...an accident, but certainly indicates they are more concerned about people NOT running their code than keeping it reliable.

Then there was the "let's replace our crappy bloated fat client with a web client" -- and managed to put out one of the last Flash-dependent applications pretending to be serious.

I recently had reason to set up a couple stand-alone ESXi systems, and I will admit, I was starting to think "maybe they are getting serious" -- the web host manager doesn't suck (other than the obvious, "We want you to buy vSphere" omissions -- I get that). Original plan was to do KVM, but that bogged down in "we got a VM running, but no one is really sure how", and moved to ESXi and been happy. But then this... "Dear customer...Make that former customer. Have a nice day".

People have wrapped good GUIs and web interfaces around KVM at various VPSs, so it looks like a good product. Just need some general guidelines to setting up a "big" environment, rather than the gobs of "hey, look, I set up a couple VMs on my dual-boot laptop, I'm an expert! Follow my advice, and here are 100 ads I'm getting paid for" guides that clog out the good info. A few good configuration tools (doesn't have to be web, can be console) would be nice.

Re: I guess the truth hurts.

Naw.

Looking at the way most people (at least those around my life) use Excel, it's a glorified column-oriented word processor.

Or a record-limited in-memory database.

I don't recall the last time I saw a spreadsheet with math formula in it (yeah, I know, some people really do use it for math...but not what I see where I sit).

Honestly, I think there would be purpose for a spreadsheet with no math functions, just row and column oriented formatting, especially if it could be a lot smaller and faster than the math+programming language equipped spreadsheets.

Re: Top banana

no, if we can't return tiny little samples, we can't return humans. And the "far more economical" is not at all true -- if you want to return 100kg of rock, you need the equipment for 100kg of rock. If you want to return a 100kg human, you need to send and return the human, the atmosphere, the food, the water...etc. The "the tyranny of the rocket equation" will get you bad here.

Also, a lab shipped to Mars would have only the abilities that were put in it at launch day; a sample returned to earth can be examined with new technology long into the future, just as we are still learning new things from moon rocks returned in the early 1970s.

Further -- I would argue no humans should go to Mars until we decide we know what we need to know about past or current life on Mars, as humans would almost certainly contaminate the biosphere there -- if there is one. Such a contamination (or creation) would be an unrecoverable event, so we had better be sure we (and our children, grandchildren, etc.) know what we want to know about what is there *now* before we do that.

isn't it a bit scary when educators refuse to learn new things?

I've seen it lots of times, myself...

Re: Excellent!

dunno what "sufficient size" means...but I live about two miles from our local post office, and next door to a retail gas station. I see a lot of postal trucks at the gas station, and often more than one at a time. So pretty sure my local post office does not have its own tanks (and we have a lot of postal trucks).

And ... knowing a little about the economics of running a gas station (they are my neighbors, we do chat a lot!), normally gas is not a high margin business. You would have to go through a LOT of gas to justify the cost of the tanks, the testing of the tanks, the monitoring of the tanks and maintenance of all the equipment. Most gas stations don't go through enough gas to pay the bills on gas alone. And if something breaks at a gas station, you go to a different gas station. If something breaks on your on-site pumping operation, you either have to go to a gas station (meaning you have the expense and complications in place already) or you do without.

There are other considerations than just cost, of course. A friend of mine runs a large car dealership, I suspect they justify their own gas pumping on the basis of time -- sending someone out to fill a car with gas would take time. I've seen a police/fire operation that was immediately next door to a gas station that was pumping gas in the middle of a regional power outage, I am SUSPICIOUS that the gas station and the municipal facilities were sharing a common generator.

As a Fluxbox user...

...I guess I'm going to have to try Scotch Broth.

You sum up fluxbox pretty well there. I live in my applications or terminal windows. The rest of a "Desktop Environment" is just using up screen and getting in my way.

(I may or may not be disappointed that Scotch Broth does not have Scotch in it...)

Re: Once again

I was in 100% agreement with you up to your last line. Sorry, business and banks are not really good at security, either. Usually an attempt is made, then some C-level wants to have full access to company resources on their phone. While on vacation.

A number of years ago, I worked for a Really Big Company in their security department. We used corporate-managed Blackberry devices for business phones. Encrypted, wrong PW too many times, it self-wipes, remote wipe ability, etc. One day, the boss informs us that the new CIO "has five iPhones and iPads" -- and we would be supporting them as "work devices" for everyone. Somehow. The answer was, "iProducts are coming", the question is how do we contain the risks. It was pretty clear, "that's not a good idea" wasn't an acceptable reply (at the time, there were basically none of the controls for iProducts that Blackberry had. And as you can see from Blackberry's current place in the market, it wasn't just this company that didn't care).

I think we need to start asking questions like, Why do executives need 24x7 access to everything no matter where they are? Doesn't this mean they have made themselves a critical failure point in the company? Shouldn't there be people available to make decisions when someone is away from work?

Re: Anonymous Survey

long time ago at a sh*t-hole job, they sent out an "anonymous survey" for all employees.

The company owned a (failing) anonymous survey company...and they hired themselves to do our "anonymous survey".

My boss said he wasn't going to fill it out, because he didn't trust 'em.

I pointed out that while they did nothing to earn our trust, there were only three people in the company with access to the servers that would be able to pull out the logs and make sense of them to trace 'em back to a particular person -- and he and I were two of them (and #3 was not going to cause problems for us).

Personally, I fill 'em out, honestly and truthfully. If I can't back up something I'm saying, then I don't say it. If they try to turn it against me, so be it. But if no one says what is wrong, it won't get fixed.

Re: Falcon 9/Heavy are working out pretty well

to be fair, Elon Musk is a lot less of a "drag factor" than the US Federal Government and NASA has been, which is what the US launch program has had to deal with. Until SpaceX, it wasn't important that NASA rockets fly, it was important that they be built in as many congressional districts as possible.

Disclosure: I'm "eh" on Musk himself. I have great respect for the things he (or his money) has accomplished, not too fond of many of the ways he has done it, but I'm not sure they can be separated. I'm totally wowed by what SpaceX has accomplished, though perhaps they are just doing what the shuttle promised us -- 100% falsely -- in the 1970s. I'm completely torn on Tesla -- I'm impressed that they moved EVs from a decades-long unfulfilled promise to far beyond anything I expected possible, but other than brute-force performance, I'm not actually impressed with the cars themselves. I own an EV (among several cars), I hope to continue to be a (non-exclusive) EV owner, but really have no desire for that EV to be a Tesla, but I recognize that if not for Tesla, I'm not sure my (boring, but cute) EV would exist.

Hard to produce true random data in simple math or simple programming, but there are lots of ways to produce random data in silicon -- lots of thermal noise with a quantum mechanics basis, and circuits that detect and use that have been around for decades (I recall ham radio circuits in the 1970s pulling noise off diode junctions). CPUs and support chips with access to thermal noise sensors have been around for well over a decade.

Another trick in a multitasking system is to use random data for as many things as possible. Even if you know the seed and current state of the RNG (which hopefully you don't) and the algorithm, if you don't know how many other tasks grabbed some random data since you last looked, you don't have much clue as to what is coming when you ask.

...then it is worth throwing OTHER people's money into it.

And earning a very comfortable living while doing so.

Where do I find a job where I can make promises I can't deliver and still get paid? Oh wait, I already work in IT.

Re: Oh, the humanity!

I'm wondering that, too. Hydrogen probably escapes thin films (even) faster than helium..but don't know about the relative escape rates. Hydrogen is fairly reactive, so maybe it reacts with the balloon while it is permeating the bag, and that might be bad.

Sure, it's flammable, but if something has allowed air/oxygen to get into the balloon, you got bigger problems than a high-altitude "pop".

I'm assuming more knowledgeable people have thought of and rejected this idea for a reason, so I'm curious what we are missing.

Re: BSD?

to be fair, none of the BSDs have tried to pass it. I know OpenBSD hasn't.

Quite pointless to try, really. It's a badge of honor that doesn't contain much real honor, nor any real "compatibility".

well, that's part of the problem with cryptocurrency, block chain, and really, cryptography in general:

It's complicated.

People were wondering why they learned long division when they have a calculator. Or how to set the clock on their VCR.

They don't WANT to understand stuff.

What, maybe 10% of the population has a passible understanding of the difference between the lock icon on the browser address bar vs. a graphic of a lock at the top of the web page? From what I've seen, that number is probably many times the people with a basic understanding of economics (ok, maybe I'm being cynical, but seen too many "smart" people believing in what boils down to "something for nothing" and the basic rules of supply and demand have been suspended).

Re: No loss of hardware support

the very first 486 system I put my fingers in was a Zenith server with 486/25MHz, probably around 1990 or 1991. And there was a little heatsink on it. We all had a good look and laugh at how hot this thing must run to put a heatsink on a digital IC. Yet, some later 486/33 systems did NOT have heatsinks. Same with 680x0 chips -- iirc, I added a heatsink to my Mac Quadra 650 as it was doing week-long builds, but Apple shipped it without.

486/25 didn't NEED a heatsink if there was any air flow. Heck, I saw a PPro running "reliably" (worst computer system I'd ever seen, but it wasn't over heating) with the fan and heatsink sitting on the bottom of the case (not on the proc!), running Novell Netware, which idle looped, didn't halt the proc when it had nothing to do, so it was HOT, but chugging along. I also saw a P133 Netware server running with a failed fan -- had over 1000 days uptime before the thing crashed due to running out of RAM, not due to the bad fan. Sure, the heat sink was there, but those stupid fans on the heatsink turn into blankets when they fail -- worse than no fan.

Early on, I think there were a lot of engineers, like me, that didn't like hot chips, so they put heat sinks on things that got warm. Considering the average computer had an expected usage life of less than five years, I suspect a lot of older machines would be just fine without a heatsink.

Another extreme -- Evergreen 486 accelerator mods. AMD 5x86 133MHz proc upgrade for 486 systems. Tiny little heatsink on a tiny proc, no fan, got so hot they would literally cause pain if touched (never tried to hold my finger on long enough to see if I'd get a physical burn), and in the days of idle-loop OSs, so it would run hot the entire time. Apparently, they were sufficiently reliable.

Long way of saying, "yeah, heat sinks were on 486 systems early on. But often not needed".

Re: The neutrons are escaping

about time someone thought about what happens when all those neutrons hit things...

Re: deedee

you lost me here...

RedoRescue and Rescuezilla -- do they just do block-image binary clones of the entire disk (like dd), or are they file-system aware?

i.e., I have a 500GB disk. There's 100GB of data on it, 400G of empty file system...if I clone the disk using RedoRescue or Rescuezilla or Clonezilla, for that matter -- is my image file 500GB or 100GB in size?

Agreed -- I've heard a bit of noise about Optane in the past, lots of hand-wavium and "will solve all our problems" (and been in this industry long enough to know the ONLY problem reliably solved in IT is excess money in budgets), but never had any idea what the point was.

And now I know. Cool idea, completely at odds with our existing systems and thought processes, but ... had potential for totally new products. Kinda unfortunate in the PC world, we have been stuck on "faster, bigger versions of the 1981 IBM PC", and the OSs of note on this platform are based on 1970 ideas.

Great article. Too bad more people didn't run across something of this caliber of explanation years ago.

Re: Word Star

...or WordPerfect 5.x

I was a huge WordStar fan from 1982 to probably 1988 when I retired my non-PC compatible and moved 99% to the PC world. WordStar used the DEL key for what was my most commonly used function ("Remove the character to the left of the cursor"), which the PC keyboard was kinda dedicated to being the backspace key. WS backspace just moved the cursor back a character, didn't remove my error. In short, WordStar on the PC just didn't work for me nearly as well as it did on the pre and non-PC systems.

I never got as good with WP as I was with WS, but wow, I could feel how powerful and efficient it could be.

Past job involved supporting a banking application on AIX that still had remnants of supporting WordPerfect on the application consoles.

Re: So technology works as intended...

The "hype machine" isn't mythical.

The question is what do /real/ people (not tech experts) expect out of cars and car makers, and how they react.

I know a person who as a teenager believed the news reports that "self driving cars are just around the corner!". She poo-pooed her driver's ed, and is now a very inept 23 year old driver, because those self-driving cars didn't show up on time.

We have people believing their damn Teslas can drive themselves WITHOUT supervision -- take a look at your average Tesla driver on the highway -- assuming they haven't tinted the heck out of their windows, they are often seen reading stuff on their phone or tablet, not even pretending to look out the window or being ready to take over.