Feeds

* Posts by Trevor_Pott

4309 posts • joined 31 May 2010

Feds: Amazon cloud can be used for healthcare data

Trevor_Pott
Gold badge

Now you can have all the security of a single, big fat target and it will cost more. Thanks, cloud computing!

1
0

FIGHT! Intel disputes ARM's claims of Android superiority

Trevor_Pott
Gold badge

Re: that fps test is worthless

I care. If the device is capable of emitting 300fps and is capped at 60fps then it's idle for goodly chunks of time. That means those transistors can be powered down between frames, or spend their time doing something else. It probably means that system gets way better battery life than some system that is struggling with all it's might to hit the 60fps barrier.

3
0

Cisco COO: 'I actually thank God that we had a crisis'...

Trevor_Pott
Gold badge

No they haven't. Cisco engineers, SEs and sales twits are all over Twitter spewing forth overwhelming quantities of contempt and arrogance for all and sundry. Cisco has a hell of a lot more housecleaning to do before they're a humble, customer-focused company.

0
0

Japanese finally produce a ROBOT which isn't DEAD INSIDE

Trevor_Pott
Gold badge

Re: The Daleks are coming!!!

"Emulating an emotional response will seem like total insincerity by the observer, leading to annoyance and eventually violence, when the perceived response is seen as some kind of robot sarcasm."

A robot that can simulate emotion is still more human than many people I've met. Besides, how do you know you're not just "simulating emotion" by displaying reactions you have observed to be socially contextually relevant? You have a chemical reaction that occurs in your brain that triggers the behavior patterns? How's that different from a subroutine?

You're a machine. The robot's a machine. Based on your posts, I daresay it has a chance of being the better machine.

Specisist.

5
0

Thanks for nothing, OpenSSL, grumbles stonewalled De Raadt

Trevor_Pott
Gold badge

Re: Act like a kid, get treated like a kid.

"How can anyone take open source seriously when major bits of software are managed by pouty children?"

Because I've met many of the assholes in charge of some of the most important closed source software...and I trust the pouty children far more.

2
1

Patch NOW: Six new bugs found in OpenSSL – including spying hole

Trevor_Pott
Gold badge

Re: Quick to fix in Open Source, but it leaves questions.

Ah, LDS. Still beating your drum of "fuck poor people in the ass with a pineapple grenade", eh? If you aren't big, you don't matter.

Smoochies to you too, baby.

2
0
Trevor_Pott
Gold badge

Re: If it ain't on 0.98.........

If I path my LAMP server I don't need to reboot. If I patch my Windows server I always need to reboot. So please get [censored] and [censored] yourself to biological termination*.

Microsoft makes good stuff, but it isn't better than FLOSS by any means. More to the point, all the stuff that once made Microsoft good is stuff they've outright abandoned. Easy of use being the big one.

Besides, the biggest issue with Microsoft isn't just how they are steadily making their stuff worse than previous iterations, it is that you cannot trust the company's business practices. Not as an end user nor as a "partner." Even more so when we start talking about integration of NSA backdoors into the products and services!

I certainly don't want NSA backdoors in anything I use. I'm sure there are some in the FLOSS apps and servers I use...but one by one they are being audited, cleaned, patched and so forth. The community's eyes have been opened and the problem is getting solved.

The problem can never be solved with Microsoft. There will never be a point at which Microsoft products or services are free of US government surveillance. There will never be a point at which Microsoft products and services are safer and more secure from those I consider to be my security concerns than FLOSS.

What's more, FLOSS has become the easier to administer option. Both have shitty UIs for everything, and both are basically "use scripts and command line to get anything done." But FLOSS has Webmin, and Puppet works like a hot damn. FLOSS can have most things patched without reboots and most changes applied live. Microsoft's stuff can't.

So yeah. take your shit elsewhere, or at least man the fuck up and use a name, instead of abusing the Anonymous Coward mechanism in these forums.

*An overkill desire, perhaps, for your comment taken in isolation...but I am really rather sick of you. Especially given that you refuse to put your name to your sycophantic bullshit.

5
0

Women found just TWO out of every HUNDRED US tech startups

Trevor_Pott
Gold badge

Re: What a load of bollocks

Dude, you're completely full of shit. You're simply cloaking steaming misogyny in a false understanding of evolutionary biology. "Women" aren't a homogenous group. Neither are men. The last bottlenecks in our genome were far enough back that we've diversified a great deal and you must take people as individuals, not some stereotype that makes you feel good because it conforms to your extant biases.

Also: I don't know where you get this "white knight" bullshit from. I'm an egalitarian masculist that has all sorts of problems with the modern feminist movement. Most people who talk about things like "women in tech" would simply outright call me a chauvinist.

You're so full of shit your eyes are brown. Lots of women are interested in how tech works. Many of them who read this magazine and a few that write for it from time to time. I know at least a dozen techs that I would stake my life are better than you will ever be, and have a passion for understanding the guts of the gizmo that you will never begin to comprehend.

There is fuckloads wrong with the gender-warmongering feminist movement...but on this matter, sir, you are absolutely in the wrong.

0
0
Trevor_Pott
Gold badge

Re: It's even more serious than that!

"Nor are there cries for more male nurses"

Um, I know Canada and the UK, at the very least, have some pretty massive programs to get more men into nursing. The problem is bigger than just "total % of nurses", however. Men are desperately needed in fields like geriatrics and mental health but generally avoid them. Young male nurses want to work ER or trauma wards.

This leads to situations where a growing population of elderly individuals has no choice but to have a female nurse, even if they are very uncomfortable being "assisted" in their daily routine by someone of the opposite gender. (Hence why there's such a big push, at least in Canada, to get more male nurses.)

You guys don't have those programs where you are?

1
0
Trevor_Pott
Gold badge

Re: Wrong focus

I wonder how many women form waste disposal companies? Or work as garbagemen? Janitors? Clean up homicide/suicide scenes? Shipping and logistics? Road maintenance? Do we count these? Do women's groups care? If not, why not? Isn't it just as important to achieve gender parity in these areas of endeavor as well?

Or are we trying to create a society in which women occupy "at least 50%" of all the good jobs, but it's considered good - or at least "okay" - for the shite jobs to be predominantly male?

0
0
Trevor_Pott
Gold badge

Re: What a load of bollocks

"Women are risk averse and prefer to follow the path that promises the most security."

You and I meet very different women.

"Women are just not that interested in "computers" or tech in general."

Lolwut? Women love tech. Women don't like tech support. And really, who can blame them? There isn't much chance to socialize (something I am given to understand their gender has a greater predisposition towards) and people are - in general - really dickish to techies.

Now, there certainly are some hard-boiled introverts amongst the ladies, and I find that a lot of these are easily tempted to the dark side of IT. But there are, on the whole, fewer hard-core introverts amongst the fairer sex and that leads to less interest in spending one's career solely amongst the things that go "ping".

Now, give the average non-introverted lady a chance to use proper high tech in a social setting and she's all over it. Not only that, the ladies seem to have an easier grasp of applied technology, at least according to the profs at the local polytechnic. Dentistry? Vet tech? Surveying? Oilfield work? The ladies grok the machines in half the time as the lads. Personally, I believe it's because when they don't know what's going on they summon another lady and ask for help. Macho culture sort of prevents this amongst the young sirs.

"Men are more technically oriented" is a myth. Men are more socially isolated, and so they cope with - and seek out - jobs that are less social. It's as simple as that.

Make development or systems administration a social activity and watch the ladies flock to it. Of course, then you'll chase away the men (and women) who chose the job specifically because it was isolated. Oh well, it's all about which lobby group is the loudest...

0
0
Trevor_Pott
Gold badge

I thought every board had to be 75% women, 25% men, "to make up for the sins of other people's grandfathers and how they repressed women" or somesuch.

0
0
Trevor_Pott
Gold badge

Re: Duck & Cover - Generalizations Follow

Wait...Lovelace was a genius? I thought she was just a mathematician and programmer. That doesn't mean "genius". Now, the Admiral, her I'm pretty sure was a genius...what am I missing about Lovelace?

0
0
Trevor_Pott
Gold badge

Re: Duck & Cover - Generalizations Follow

I can introduce you to many. And they are all better at tech than any man I've ever met.

0
1
Trevor_Pott
Gold badge

"At any point in time a woman is preparing for child birth so it is understandable she may not wish to accept hard, or skilled work."

Wow. Just wow.

Look, I'm often accused of being the resident chauvanistic pig, but...that's not okay.

First: "At any point in time a woman is preparing for child birth." <-- What? What? Do you have any idea what fertility rates are like in western nations? Even with massive fertility amongst immigrant populations, the US is at 2.01 children per woman, the UK is at 1.90, Australia is at 1.77 and Canada is at a whopping 1.59! Fertility rates need to be at 2.2 children per woman to achieve flat replacement of the population.

This means that there are a heckofalot of women that are choosing not to have children. Like, for example, my wife. At no point was she every "preparing for child birth" nor does she have any plans to ever do so. What the hell kind of outmoded, retrograde, chauvinistic asshattery assumes that all women are at all times nesting and getting ready to fire the vagina cannon?

Secondly: so what if women are preparing to have a kid? That's what parental leave is for. If a woman can't have a kid and return to the workforce then that is society's problem, and an indication we fucked up somewhere along the line.

Also note that I said "parental leave". That means maternity and paternity leave. If the woman is the high earner than it might make sense for the man to take the responsibility of child-rearing on. It doesn't take long to push a larva out, and if the lady wants to breast feed she can either have the brat brought to work or use the machine to put the milk in the bottle.

We have technological and sociological advances that mean child birth doesn't need to interfere with work. If it does, then that - right there - is a women's rights issue.

I may be hugely against bullshit like "affirmative action", but not being able to work due to squeezing out a larva is absolutely, 100% the sort of thing that our societies should have solved by now.

0
1

Got VDI questions? Fire them at our expert panel

Trevor_Pott
Gold badge

Re: Virtual VDI deployments ..

Well, I'll pass that on to the folks involved. We're using WebEx, and they've been informed they have the ability to do demos or use slides, so...we'll see what they bring!

0
0
Trevor_Pott
Gold badge

Re: Virtual VDI deployments ..

I can see about getting that included; is there anything specific you'd like to see in the demo?

0
0
Trevor_Pott
Gold badge

Re: "Our VDI panelists are diverse."

Agree 100%. I have a second webinar in the planning to address that. I am looking to do these in stages; start from the bottom (infrastructure) and work towards the top. The LoginVSI guys (and Eric, for that matter) know a fair amount about the user virtualisation issues, enough to hold their own, but user virtualisation is, of itself, a separate field entirely that transcends "just VDI".

User issues are present in non-persistent VDI, but also in "hoteling" desktop setups, multi-device/multi-OS setups and more. That's why that discussion will happen separately.

0
0

Good news for gamers who don't leave the house: SanDisk debuts 24/7 Extreme PRO SSD

Trevor_Pott
Gold badge

Re: Only 5 years?

Ah, the 150GB Raptors. Grand drives. I still have some in use, and rather a lot of 74GB units. But the 300GB Raptors were made of fail and AIDS. May whomever handled WD through the TLER fiasco be consumed by 10,000 ants.

0
0

CONFIRMED: Sophos shifting threat response work to India

Trevor_Pott
Gold badge

Re: "I am sure first on list will be CEOs and Lawyers."

Thanks to VDI, the data can never leave the US while still taking advantage of cheap offshore labour.

0
0

How I poured a client's emails straight into the spam bin – with one Friday evening change

Trevor_Pott
Gold badge

Re: ^^3 day SLA?

For issues where it is creating an outage, I do. Although even paid incident support offered - for the best instance - 18 hour resolution. It's ultimately what has ended up driving most of my clients to Google Apps.

Gmail is nowhere near as feature rich or awesome as Office 365...but it fucking works, and most SMBs simply don't use 99.9% of the features in Exchange anyways.

0
0
Trevor_Pott
Gold badge

Re: What's with the Google fascination?

I'd agree with you, for organizations willing to invest in the full stack. Exchange needs more than just exchange to get the benefits you speak of...and that stack needs a dedicated full time admin. Not an admin who is also doing storage, networking, applications, desktop support, websites, Linux, etc.

It was one thing to be the gneeralist who lumped in "and exchange" back in the Exchange 2000 or 2003 days. It's another thing entirely to try to keep up with e-mail today. Even for "basic" MTAs, there is so much to configure, and so many "conventions" on configuration you have to abide by to stay off greylists that it's crazy.

I agree exchange is amazing. I rather like it for many things...but only in cases where you're willing to pay the tithe. That means proper hosted AS. It also means keeping up to date on clients and all ancillary applications that tie into it.

As a unified communications stack, Exchange/Lync/Sharepoint/etc can be very powerful. But they aren't wrapper-ware and they aren't particularly good past their "best before" dates.

Where exchange truly shines is in things like retention rules, archiving, and all related stuff. If you need to do things like legal holds, in-depth content scanning, Exchange is pretty goddamned hard to beat.

The problem is that most companies absolutely don't need that stuff. They never use it, but they're sold on the idea that they "need" etiher the top-end collaboration stuff or the in-depth retention/legal policy framework, despite never actually wanting to engage any of it.

Worse, you sometimes get a CIO who thinks it's all really, really cool and wants everyone to use it, but simply can't get buy-in from the staff. Usually they'll try everything, including outright threats and bullying, but the staff have non-technological ways of communicating and getting things done that are simply faster and far more efficient for them.

The biggest thing I see with my SMBs is people wanting to use the full Microsoft stack to be "more efficient" at communications because one or two people (who typically telework for some or all of their day) feel "out of the loop." They try to impose a technological solution on a human problem and it fails every single time. The problem isn't that people don't use the relevant technology, it's typically that they're an asshole, or that they simply choose not to give a fuck about $issue until it there's a problem.

Exchange isn't - and can't be - a replacement for human beings taking responsibility for their actions, taking the time out to think about the various projects that needs be done, or actually taking the time to answer the various and sundry e-mails and communications that need answers. Making communications "more efficient" doesn't force people to actually acknowledge one another, keep eachother in the loop or convince the powers that be to make a fucking decision about something.

It absolutely doesn't force overworked people to sort their crap and "properly file" digital data. If you have problems with people using a single public share as a catch-all wastebin where they store everything "because everyone has access and it's more convenient" then public folders and/or sharepoint are just going to look the exact same. The issue there is the people, their habits and their workload, not the technological tools available to them.

When and where exchange can make a difference, I absolutely champion it's use. Exchange is one piece in the best groupware and productivity stack on the planet. Period.

But I do not champion it's use in most SMBs. I think that's ridiculous overkill. Hell, even Office 365 which is designed to be simple to administer (compared to Exchange) and offers only a subset of features is something where 98% of all SMBs I've worked with that use it simply don't change anything past defaults.

So, while I think Exchange is grand, I can't and don't recommend it for SMBs, unless the SMB has a definable need for it and they're willing to pay for it. Regular updates, proper amounts of sysadmin time, proper hosted AS and enough server licenses and hardware to make it all go.

I will never do another exchange install that doesn't have Exchange Enterprise Cal Suite for each user and hosted AS. There will also be a minimum of three server licenses involved: one dedicated hub transport server and at least two storage servers in a cluster. They will also be backed up using Data Protection Manager and monitored using System Center.

The floor cost for this is simply higher than most SMBs are willing to pay, to say nothing of the ongoing costs of keeping it ticking along.

Here's a great example: try running Update Rollup 3 if you'd disabled IPv6. Whole thing goes pear-shaped. Worked fine without IPv6 until then, then *bam*, implosion upon update. There are various reasons why IPv6 had to be disabled in one of the environments. Update happens along, murders exchange. Figuring out what went wrong, then applying the fix takes a proper sysadmin.

Ideally, you never encounter the error because everything exists in a test environment, all patches are vetted, etc. How often do you think that happens in an SMB where you don't have things like "dedicated Microsoft communications stack admins" or even "dedicated Microsoft admins?"

And so we get to the heart of it: Exchange is an example of a service that should never be run by an in-house SMB sysadmin. It needs to be outsourced. If you are going to run Exchange in-house then the sysadmins should have access to an MSP with a hell of a lot more experience, time and resources to do proper labbing of patches for that SMB's config and so forth. It is an application in a stack for which specialists should be used.

...or where it makes damned good sense to simply pack the whole thing up and go "cloud".

If Microsoft had "Office 365" for service providers and/or could make their own offering reliable enough that it isn't constantly experiencing outages, I'd say "use O365 service provider" and be done with it. MS refuses to release O365 to SPs and it can't keep it's own version working.

That leaves me with Gmail as the most stable offering for SMBs, followed by the more expensive hosted Exchange (assuming you can meet the floor cost), or simply hosted e-mail using open source MTAs without all the groupware faffery.

But the issue, 99.9% of the time isn't that "groupware will magically make things better." It is that there are bigger business and communication issues that need to be dealt with that no software can make better.

Anywho. Long ramble...

0
0
Trevor_Pott
Gold badge

Re: Too much info in too few X-Spam headers

Actually, I have to disagree with you here. The reason for moving towards an X-Spam-Status header is that it is an industry standard. If the system is set up to accept these then it can be used with AS devices or services from any number of providers. Not all providers allow you to change the headers you are working with, so X-Spam-Status makes the most sense to stay with.

Now, the ability to change the old server to pop it's stupid BAYES info into a different header, that would be great...

0
0
Trevor_Pott
Gold badge

Re: OPE vs FOPE . . .

Oh, I lied. The MPN support people only solved part of the problem within 32 hours of picking up the ticket. They fixed the part that was preventing me from generating quotes for new seats. They didn't fix the licensing issue with my MAPS. They *just* e-mailed me about that.

This makes it 48 hours to pick up the ticket and we're 72 hours past that point without the ticket fully resolved. And the ticket in this case not being some niggly complex technical problem, it's a billing/administrative issue that stemmed from a years-back uncaught authentication system screwup on their side.

I.E. the damned thing autogenerated me an Office 365 account without informing me, then assigned my MPN account to it. I was then able to create another Office 365 account that was somehow also attached to the same MPN account, but which couldn't get at the partner section, but which would accept my MAPS keys.

They fixed the bizzare double-attachment bit 32 hours after picking up the ticket, but solving the "regenerating me a new MAPS key" part of the ticket is two days past that and counting...

I think I'd have more confidence in Office 365 - which, from a technical standpoint is actulaly quite a good solution - if only authentication ever fucking worked. MPN never works the first time. Even straight-up .onmicrosoft.com Office 365 IDs never seem to work, requiring me to login two or even three times, sometimes requiring a log-out in between. There's something about session cookies they can't every get right.

Beyond that, I have all sorts of issues with Azure Active Directory. Sometimes it says it works, but isn't. Other times for reasons incomprehensible it just stops working, despite nothing having changed (and no reported outages on the MS side.) This makes hybrid setups very frustrating.

Microsoft is so close. Their hybrid solution will one day be the solution. But to be perfectly honest it's another 1-2 years away from being ready for primetime. Maybe when Server 9 comes out, they'll have added in the bits required to make it go reliably.

0
0
Trevor_Pott
Gold badge
Angel

Re: Typical Geek Whingeing...

On the off chance that you might be right, I ran a series of tests against my own Google Apps domain, egeek.ca. Here are the results.

Attempting to sent to an address that doesn't exist from a Telus-based e-mail account provided me this bounce message:

Reporting-MTA: dns; cmta4.telus.net [209.171.16.77]

Received-From-MTA: dns; Impella [108.181.21.61]

Arrival-Date: Wed, 04 Jun 2014 18:10:33 -0600

Final-recipient: rfc822; bob@egeek.ca

Action: failed

Status: 5.1.1

Diagnostic-Code: smtp; 550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 v7si6012708qad.84 - gsmtp

Last-attempt-Date: Wed, 04 Jun 2014 18:10:33 -0600

Similarly, attempting to send from a legitimate eGeek.ca account to an Astlor.ca (which runs on sendmail) account that doesn't exist let the NDR through to my eGeek account. It didn't get caught up in spam or trash; Gmail sent it straight through to my Inbox. Here is that e-mail:

Delivery to the following recipient failed permanently:

Bob@astlor.ca

Technical details of permanent failure:

Google tried to deliver your message, but it was rejected by the server for the recipient domain astlor.ca by astlor.ca. [64.141.126.154].

The error that the other server returned was:

550 5.1.1 <Bob@astlor.ca>... User unknown

----- Original message -----

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=egeek.ca; s=google;

h=from:to:subject:date:message-id:mime-version:content-type

:thread-index:content-language;

bh=stXngne3UrZepo/myHRVcSj4pEeKGAcgHsgoYbGKzkI=;

b=Y5T94txWG8KxY2DgzDuCHomK+vBIqnyKjTXdBpOMSzPCcF3Dcjh9LC3rAboEEMTlhc

0c0q/g5uzKBguhzfehD1IsFoRhZkAoSTW51I8xW3eUCinyhVENHBGxtwg+X3WWJf6Coc

ioDEGLMb0LUJz07bkAuqtpv6lN9ey698Hzvr0=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20130820;

h=x-gm-message-state:from:to:subject:date:message-id:mime-version

:content-type:thread-index:content-language;

bh=stXngne3UrZepo/myHRVcSj4pEeKGAcgHsgoYbGKzkI=;

b=iu6A0TLCPfGtwcUnD2FBh7LJOI3nAhbRZaumLMOZwKxkin9XjutfZvj66Js7ALupUA

+A52iq2TbIqaUv7N7kyN+0um6pa0jn0GWpsygwKn5ACVYvOf74D8vUqKHmsFkfmNoKMa

wJEn4URuLWrB1gLIUg1Q1gbTPzrQqGMuWKC6jyAkVTI+mO+pfYIRiUvOdp69K1sVmoDD

AnxAov02u6sABPVS2Y+vLD6V3Z+SgABUT+oy6vi9Y8kXc30nTvKJyBOK9GNmbij7esdV

4BohEl5QoevwwXFxqj5Xfzv4fLpXJsCV1G2T7TEfkAtYZ054EG28nnRBDJIQ88p/W048

m6hQ==

X-Gm-Message-State: ALoCoQnrR4fNM2MLTt+cTlUi3sJ7W/wrA1rtU6u5WkhKAzxc5vL1uO8QtLfap95CLWh1q5g5hTOQ

X-Received: by 10.50.13.4 with SMTP id d4mr13139985igc.11.1401927652048;

Wed, 04 Jun 2014 17:20:52 -0700 (PDT)

Return-Path: <trevor.p@egeek.ca>

Received: from Impella ([108.181.21.61])

by mx.google.com with ESMTPSA id q2sm400463ign.2.2014.06.04.17.20.51

for <Bob@astlor.ca>

(version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);

Wed, 04 Jun 2014 17:20:51 -0700 (PDT)

From: Trevor Pott <trevor.p@egeek.ca>

X-Google-Original-From: "Trevor Pott" <Trevor.P@egeek.ca>

To: <Bob@astlor.ca>

Subject: Test

Date: Wed, 4 Jun 2014 18:20:44 -0600

Message-ID: <021701cf8053$fe803650$fb80a2f0$@egeek.ca>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0218_01CF8021.B3E689A0"

X-Mailer: Microsoft Outlook 14.0

Thread-Index: Ac+AU/3dyjJXVzIqTei0po4Bz7aTVQ==

Content-Language: en-ca

Test

I also tried a series of additional tests (mailbox full and so forth) and found that Gmail allows all standard SMTP NDRs that I can think of to reach the Inbox and returns most of them.

Now, IIRC, this wasn't always the case; quite some time ago they had disabled NDRs for a while in order to cope with backscatter - quite frankly, backscatter is a huge problem for a lot of MTAs - but they seem to have gotten around the backscatter issue through a combination of blacklisting known bad senders (thus not sending them NDRs) and greylisting.

Interestingly enough, this is exactly what I am trying to achieve with the chained X-SPAM-STATUS filters: reduce backscatter. I need something that will do proper LDAP lookups against active directory and thus not accept mail for users that don't exist. That said, I also need something that wil both blacklist the known baddies (and not NDR them) as well as greylist new users so that known badguys can't just probe the directory.

E-mail isn't simple, and it's getting harder. It's a heck of a lot more complicated today than it was even two years ago, and it's nightmarishly fiendish compared to a decade ago.

Google does it well. Better, quite frankly, than anyone else I've seen. It seems we will remain starkly divergent in our opinions on this topic.

Also: just FYI, Peter had raised the issue to me before you did. I simply didn't check my e-mail until late Sunday afternoon because I was enjoying a wonderful blissful day of sleeping in, followed by spending time with my wife.

Cheers.

2
0
Trevor_Pott
Gold badge

Re: ^^3 day SLA?

I get 48 hours for responses to queries calling the MS partner support network. Then up to 32 hours for them to fix it. I get similar responses for average customers with E1 and E3 licenses. Multiple events now, same timeframes for each.

0
0
Trevor_Pott
Gold badge

Re: Its a regex !

It can use regex?

...must test this.

0
0
Trevor_Pott
Gold badge

Re: Your mistake was...

Thanks for that. In addition to everything I have to remember about the hundreds of applications I manage, I'll just run along now and memorize every PowerShell command. It's not like money was paid so that there would be a reasonably easy to use and modestly intuitive GUI. Nope, rote memorization of more data than a human mind can actually hold for every application is absolutely the best possible path forward for systems administration.

0
0
Trevor_Pott
Gold badge

Re: Precise language and vague language

There is no "exactly matches" condition. You would have to do "matches" then "except when". Still working on the details.

0
0
Trevor_Pott
Gold badge

Re: OPE vs FOPE . . .

The Office 365 advisor program and I are having a disagreement. Specifically, I've been fighting with MS for the past five days to even make my bloody partner page work. MPN and O365 both hate me. I hate them right back in turn.

Office 365 is something I'll revisit when they A) beef up the reporting to levels that aren't complete ass. [Insert 8-page reporting rant here]. and B) Make the fucking thing work. When Microsoft can achieve Google Apps levels of uptime, we'll talk again.

As for SPLA; fuck SPLA. I refuse to host Exchange in my cloud. The hosted e-mail I offer my clients is Qmail, Postfix or Zimbra, front-ended by Barracuda and/or Netgear UTM. OPE can be got by the customer for their own site...but it's more expensive than competing solutions and not as good.

0
0
Trevor_Pott
Gold badge

Re: What's with the Google fascination?

Oh, I just really, really hate exchange. E-mail in general, but exchange in particular. Loathe it with the burning passion of 10,000 suns. Most of my clients you Google Apps, Zimbra or a hosted exchange solution (that I don't have to manage, hee hee!)

If there's e-mail to manage I just want it to be a nice IMAP server. Postfix + Dovecot on virtualmin works like a hot damn. Or Qmail. For the love of $deity, why can't I just use Qmail? But no; exchange! Exchange, destroyer of souls. Exchange, the eraser of sanity. Exchange the requirer of resources 80x that of any other MTA.

And the cloudy alternatives? Well there are Linux-based IMAP mails...but I could run those in house, if allowed, with no real problems. There Google Apps with Just Works and works better than any hosted e-mail solution I've ever used. And then there's Office 365, which is the only solution I've used that makes me piss away more hours solving pointless problems (or waiting for Microsoft to do so) than Exchange itself.

Maybe I wouldn't have Office 365 so much if it weren't for the 48-hour lag on support calls, followed by 32 hours to resolve issues, but this is what it is. And when it's a "client down" scenario, 3+ days to get them back online isn't okay.

So yeah, Google Apps, when possible. Because it just works. If you read these pages, you know I'm not a big public cloud fan...but I trust Google to keep the e-mail working. Because they have a hell of a track record of doing so.

The solution, to my mind, is "have a critical service be bulletproof." I cannot offer that running on 10-year-old hardware using overly complicated MTAs with no funding for proper spam and antivirus scanning software. I am not convinced that Office 365 can offer it either. The only things I trust are Qmail, Zimbra and Postfix (which the client is allergic to) and Google Apps (which at least has something sort of like public folders, though you have to use a web UI to access them.)

Hence the desire to convince them that's the way to go.

When someone says "do this" and you aren't sure you can, the bigger mistake, I think, is spending your life just saying "yes". I've started to say "no", and this is a source of a lot of tension and conflict. "No, I can't do that" or "I don't think that will work." A decade ago I would fucking make it work...but a decade ago I only needed 2 hours a night of sleep...and I was only responsible for about 12 applications.

Now I am responsible for hundreds of applications, and I'm getting old. I need 8 hours of sleep or I am worthless the next morning. That young punk who could solve any technological problem using spit and bailing wire and sheer force of will is dead and buried. I used to know all there was to know within my sphere...but IT now encompasses a hell of a lot more than it did then. I could spend my entire day just trying to keep track of which companies exist in our industry, let alone what they do and how to implement their technologies.

So the scope of the project is beyond just software needs or desires for one vendor or feature. Who is going to look after this stuff? Especially once I'm no longer there to keep it ticking along? How will it all interact with everything else, and should it even interact with anything else?

The more I ask these questions, the more I want to pull core services off the local network. Some things need to be in house. But e-mail doesn't. There's already too much there for one person to handle; I'd prefer to pull everything that doesn't need be on-prem off, just so that it's feasible that one person with next-to-no budget can keep that place going for another decade.

Even if that means feeding the advertising behemoth of Mountain View.

1
2
Trevor_Pott
Gold badge

Re: DailyWTF?

You know, I find this whole "never go live on a Friday" thing idiotic. I went live for a brief period of testing on a Friday. Someone found the error I missed on a Sunday. It was fixed before Monday. Staff came to work with a weekend of low-volume traffic where they had to check through the junk-email folder for (on average) about 15 e-mails to see if they were false positives. Not the end of the fucking worked.

If I had run that thing at 8am Monday morning, it would have taken about 4 hours for someone to notice that something was up. In that time an average of about 100 e-mails would have hit each person's box that they needed to check through.

And I'd rather work a weekend than have 50 people screeching at me demanding to know when the fix will be in, "How could I possibly have let this happen" and telling me how shit I am because I can't design a network that's more reliable than Google while being more accurate than Microsoft and more capable than Amazon, all for free.

Buncha great choices there.

2
0
Trevor_Pott
Gold badge

Re: DailyWTF?

1) My spam servers worked just fine for years.

2) Putting things live during the day risks outages during working hours which has been emphatically affirmed to be an absolute no-no. There isn't much choice.

3) Exim? Really? I'm a bit of a QMail fan myself, though I have to admit that Postfix has come a long way. Honestly though, I've been working more and more with Zimbra and liking it.

I loathe exchange with the burning passion of 10,000 suns.

1
0
Trevor_Pott
Gold badge

Re: Hosted AS?

@Vic; I'm on the long path to getting rid of a decade's worth of bandaids and nudging the client along towards a proper (though significantly more expensive/year) IT setup ahead of leaving. It's a long fight.

1
0
Trevor_Pott
Gold badge

@Sampler

Oh, I tried that argument. I believe the response was "so we can take the cost of the hosted AS out of your salary?"

0
0
Trevor_Pott
Gold badge

Re: Quote to long to put int title

I'm not in the UK/EU. I'm in Canada. And for this class of customer you cheerily can put them in Google Apps without consequence.

1
1
Trevor_Pott
Gold badge

You get an exchange licence and 10 free CALs with your Action Pack. That's about $400/year. When you already have to have a virtual infrastructure to deal with all the other stuff you do....yeah, it's cheaper.

Internal IT doesn't exist just to support one app.

0
0
Trevor_Pott
Gold badge

Re: actually..

I did. I fed it simulated data for days. Of course, the one thing I hadn't thought of was that the X-SPAM-HEADER info would be a problem, so the simulated data all had X-SPAM-HEADER data of either "yes" or "no".

0
0
Trevor_Pott
Gold badge

@peteur

I try to discourage people working late, or on weekends. I have few enough maintenance windows as it is. If you work during off hours, well, I have no sympathy. There isn't a 24/7 global team of nerds to implement changes and patch things. So we have to sleep some time. If I have to be up for the 9-5 grind, then I'm not waiting until 3am to patch.

Besides, some folks start getting in a 4am...

3
3
Trevor_Pott
Gold badge

Re: Friday ...

For a full "this is live and will stay that way", I agree. For a pre-permenant, data-gathering exercise that needs to run on live...this I prefer on the Friday EOB. Remeber, the goal here was not a permenant run, just a very brief test on live with just enough traffic to find bugs.

Found one.

1
3

Russians turn Raspberry Pi into fully-fledged autopilot

Trevor_Pott
Gold badge

Re: Weird

I believe that Moar Power will come, in the Next Generation...

0
0

Amazing never-seen-before photo of colourful hot young stars (Thanks Hubble)

Trevor_Pott
Gold badge

Re: For all the believers out there

Can you god make an argument so circular even he can't believe it?

1
1

China puts Windows 8 on TV, screams: 'SECURITY, GET IT OUT OF HERE!'

Trevor_Pott
Gold badge

Re: You ignore China to your peril

No source, no sale, now ship off, Shirley.

3
0

VMware hits back at Amazon cloud Trojan Horse with ... a blog post

Trevor_Pott
Gold badge

If they were Swiss? Yes.

1
0

My my, Intel, that's one speedy NVMe flash card you have there

Trevor_Pott
Gold badge

They fail to "read-only" mode. When the write limit's up, then you can still read your data off.

0
0
Trevor_Pott
Gold badge

Re: Shut up take my money!

The 1.2TB Micron p420m is pretty much the most amazing thing that's ever entered my lab. There are not enough nice things to say about proper enterprise flash.

0
0

What's that you say? HP's going to do WHAT to 3PAR StoreServs?

Trevor_Pott
Gold badge

Oh look, an anonymous coward with a product/vendor fetish. How boring.

0
1

DARPA crazytech crew want to create HUMAN-FREE cyber defence systems

Trevor_Pott
Gold badge

If I had software that could automatically detect vulnerabilities in software and suggest methods of fixing or defending against it I would also have software that could automatically detect vulnerabilities in software and suggest methods of attack. The last people on earth I'd give that to are the Americans.

The ability to defend better than modern infosec experts is also the ability to completely and utterly overwhelm modern infosec experts. Under no circumstances should the American government have that kind of power.

2
0

Brunner does a runner: Beats designer must hand the brand to Apple

Trevor_Pott
Gold badge

Re: "Cool things are the things that don't even know they are cool."

I think the precise set of clothing and accoutrements changes with time, but the general rule is "desperately attempting not to look mainstream by dressing exactly like everyone else who is desperately attempting not to look mainstream." At least, if you are attempting to judge based solely on appearance. Which is somewhat valid in this case...

0
0

Linux users at risk as ANOTHER critical GnuTLS bug found

Trevor_Pott
Gold badge

Re: Open source was supposed to be secure

That would solve rather a lot of problems in short order...

2
0