* Posts by Trevor_Pott

6829 posts • joined 31 May 2010

NewSat network breach 'most corrupted' Oz spooks had seen: report

Trevor_Pott
Gold badge

Re: ISP's are the keyholders

Sorry, but I don't see getting trusted root certs as being all that hard. Pretty much zero effort, when you look at just how easily that particular scam has been pulled off before.

It takes a lot - a lot - to get browsers to pull trust for a cert, and comparatively little to set up a CA and get into the list. Especially for ISPs.

Designing a network and physically putting it in place is a lot of effort. It's stupid money, requires a huge number of people and takes crazy amounts of time. Becoming a CA and then abusing it, or using already abusable certs from generally trusted CAs, or any of many other techniques (you need to install our software in order to use our internet) is basically zero effort.

You make a choice about how you want to ruin your reputation and then you do the paperwork. You will eventually be caught, but you can absolutely spoof the TLS traffic quickly and easily.

As you state: Internet security basically relies on the system. Something you seem to think actually works.

I, however, view the CA system as completely broken and pathetically easy to manipulate, especially when compared to other very tangible considerations of running something as big as an ISP.

Cheers.

1
1
Trevor_Pott
Gold badge

Re: ISP's are the keyholders

I'm not sure I could hack my way out of a "hello world" statement. Written correctly, it shouldn't have an attack surface.

Also, how am I in a line of code? If I echo myself out of a line of code, is that me that escapes to the display device, or merely a copy of me? Oh the existential horror of it all...

0
0
Trevor_Pott
Gold badge

Re: ISP's are the keyholders

Funny how it's doable in practice. It's detectable*, if you know what you're looking for - and thankfully browsers have stepped this up a little - but proxying TLS connections in this fashion is absolutely possible. The key is to control the entire negotiation process instead of trying to intervene in one that's already started.

You can not simply insert yourself mid stream to an extant session. You can, however, cause the client to negotiate the TLS connection with your MITM proxy while your proxy negotiates a TLS session with the target site.

All the client traffic goes from the client to you whereupon you decrypt, sniff the traffic and forward on down the next TLS session to the target site.

Yes, it requires that you have a certificate that the client trusts. And ideally you would be able to spoof the site in question with this cert so that if your client thinks they are contacting bob.com they don't end up with a trusted cert from proxysrus.com.

But this is really just a discussion about root certification trusts at this point, and we all know that the entire cert authority system is pretty broken.

So I'm back to: if you can insert yourself between the two endpoints you can MITM TLS connections. It takes some effort, some creativity and some illegality, but it's absolutely doable. Innumerable corporate security products rely on exactly this, as do various state-level spying initiatives.

The difference between them is merely how they go about obtaining trusted root cert status.

*A great tool for this is the add-on Cert Patrol for Firefox. It will let you see when certs for a site have changed, even if they're "valid" re: root certs. Of course, a lot of companies with large infrastructures change certs regularly, or even deploy multiple valid certs from multiple valid providers! This practice makes MITM attacks all the more viable, especially for large/popular sites, and it also makes it harder to detect in practice because you become immune to Cert Patrol warnings after a few days.

3
2
Trevor_Pott
Gold badge

Re: ISP's are the keyholders

If I own the pipes, I see your security negotiations and I can man in the middle you with absolutely zero effort. You'll never know I'm pwning you.

So unless you have an alternate channel for disseminating your keys - which 99.99999999% of orgs and individuals do not - a compromised ISP == "everyone is fuxxored".

4
7

$329 for a MacBook? Well, really a 'HacBook' built on an old HP

Trevor_Pott
Gold badge

Re: EBay

But they don't have a real keyboard.

6
2

VMware goes back to its future with multi-cloud abstractions

Trevor_Pott
Gold badge

Re: Solving a problem.....

Except the services themselves. The API of those services isn't fixed or static. They can and will change as soon as viable competition offering the same APIs shows up and they see movement away.

It was ever thus.

1
0
Trevor_Pott
Gold badge

Re: Cross-Cloud Architecture

The only "cross cloud" anything worth a damn was Ravello. And then Oracle bought them.

Now we need another Ravello.

0
0
Trevor_Pott
Gold badge

Re: Solving a problem.....

Oh, yeah, because paying 10x-20x more per "transaction" or per running VM than if you ran it yourself is a good plan. And hey, let's also enjoy the lock-in of building everything to an API that a cloud provider can - and will - change on a while, legal terms of service the cloud provider can - and will - change on a whim, and prices that will go up the instant there is a downturn and the vendor needs a stock price boost.

Yeah, that's a fantastic plan. Please let me know who you work for so that I can never, ever buy anything from your company. I don't think you'll be around long enough to bet my business on yours.

1
0

Nutanix: Yup, OK, we gobbled PernixData, Calm.io. What you gonna do about it?

Trevor_Pott
Gold badge

Shot version: Pernix sold two product: FVP and Architect

FVP is server-side-caching. You buy an SSD (or multiple) and put them into the server. FVP then copies frequently read data blocks into the SSD to your apps can read them faster. It also buffers writes to the SSD so your writes happen faster and then slowly drains them back to disk. If clusters this across multiple servers so that if one server goes splork all your writes waiting to be drained are still stored elsewhere.

Architect is the thing that looks at your workload and makes sure that all your writes will fit onto the SSDs without causing a flush cascade and crippling your entire infrastructure. (I.E. your writes don't fill the SSDs up faster than they can drain over the course of an arbitrary period defined in part by the size of the SSDs and the speed of the storage you're trying to accelerate.)

To make FVP work you need to buy expensive SSDs + hella expensive software + OTHER expensive software (Architect). This is because it is way - way - easier to cause a flush cascade than Pernix people will admit.

The end result is that Pernix, while not a bad idea and actually decent software, simply cost too much. Why would you pay more to accelerate your servers' access to their storage than it cost to simply buy new storage in the first place, or to move to a hyperconveged infrastructure?

In many - but not all - cases it would have been cheaper to simply toss some SSDs into existing systems and enable VSAN (or Maxta) as an all-flash setup for demanding applications than to use Pernix. (Remembering that I could still use my slow storage for non-demanding applications in a VSAN setup.) By segmenting the workloads in such a manner I also eliminate the risk of flush cascades entirely.

And on, and on, and on, and on. The arguments can go up one wall, down another, 'round and 'round and 'round and 'round. Suffice it to say that while Pernix software works, and works well, you absolutely need to know what you're doing with it, you need to be pretty good at architecting solutions based on some pretty in depth understanding of storage and, well....

...along the way a bunch of easier solutions with lower knowledge requirements came along at the same or lower prices. Pernix as a product couldn't survive as it was positioned or priced.

But Pernix as a pair of features will be a powerful and enticing addition to Nutanix's offerings.

0
0
Trevor_Pott
Gold badge

As I said: I realize it makes me a bad person to take enjoyment in the discomfiture of others. That said, I feel I'm in good company as the discomfiture I'm enjoying is that of bullies. Enjoying watching bullies get their comeuppance isn't something that makes one a good person. I acknowledged that and do so again.

But it is a very human reaction, and I am as flawed as any human. Perhaps even more than most. However sad, upsetting, immoral or unethical it may be, it is natural for one who is perpetually on the receiving end of bullying to take a dark and even unwelcome pleasure in seeing bullies brought low.

Am I proud of myself for feeling such schadenfreude? No. I am, in fact, more than a little disconcerted that I am capable of such depth of disquieting emotion.

That said, it says something about those who drove the organization that this is the depth of emotion they inspired. Positive and negative; I'm sure there are multiple interpretations that we could haggle over for hours.

As for my irredeemability...I don't deny that. Seems to me everyone who ever had a soapbox to stand is one form of sonofabitch or another. I'm not a great person. I'm probably not even a good person. But I take comfort in knowing that whatever my flaws, however horrible and hateful, spiteful and miserable a pathetic nobody I truly am...

...I'm not quite as irredeemable a shit as bullies from Pernix.

And unlike them, I'm willing to admit I'm an ass and slowly, awkwardly, perhaps ultimately unsuccessfully, at least try to make myself a better person. If nothing else, I like to delude myself into thinking that self awareness of my own flaws and a willingness to address them makes less awful than those who honestly believe they're beyond reproach even as they behave in a despicable fashion.

1
0
Trevor_Pott
Gold badge

Well holy shit, Pernix couldn't make it work, and for the very reasons I told them it wouldn't work. Who'd have thunk it? All them haughty elites with their in-crowd cliques, fancy learnings and A-list experience couldn't prove a nobody like me wrong.

I am fucking marinating in schadenfreude right now.

And yes, I realize that makes me a bad person, but being a good person never got me anything and right now, just this moment, I would like to like to raise a galactic middle finger and bellow an "I told you so" that will embed itself in the cosmic microwave background to preserve a record of my childish pique for all time.

For all those that experienced job loss (voluntary or otherwise) because of this - with the one exception, you know who you are - I am truly, truly sorry. My schadenfreude does not at all extend to the enjoyment of misery for the minions. If there is any way I can help you guys out, you know where and how to find me. Engineers, sales folks...it wasn't your fault. You did your best with what you had, and in my estimation you did damned well. You did not fail the brass, the bass failed you.

2
7

Our pacemakers are totally secure, says short-sold St Jude

Trevor_Pott
Gold badge

Re: Two points

Company A buys pacemakers to hold them in stock as it is a warehouser or retailer of medical supplies to the Americal private medical industry.

Company A goes out of business and has its assets sold off to pay creditors.

Company A assets which cannot be immediately sold via reputable channels are sold to scavengers who specialize in offloading anything and everything on the secondhand market.

Company B buys pacemaker on ebay from scavenger hawking remains of Company A's assets.

If you look hard enough, you can find anything excepting better-than-university-grade fissionable material sold in this fashion, but if you work at it you can get some gas centrifuges and ------++++++CARRIER LOST

17
0

Linux turns 25, with corporate contributors now key to its future

Trevor_Pott
Gold badge

Re: Ok, someone has to say it...

Android does just fine without most of the GNU stack...

3
1

Radicalisation? UK.gov gets itself in cluster-muddle over 'terrorism'

Trevor_Pott
Gold badge

Re: ?

If someone commits a crime in the name of Christianity, tell me why Christianity shouldn't do anything about it?

5
1

The TPC-C/SPC-1 storage benchmarks are screwed. You know what we need?

Trevor_Pott
Gold badge

Re: More nonsense trash-talking on the SPC/TPC benchmarks...

So you're upset because you're considered one of the top independent storage industry analysts in the world? Perhaps you might consider actually doing something worthy of note.

Oh, right, it's far easier to snipe anonymously in a forum. Here's an idea: you can start being of note by using your real name, coward. Then we can start to compare your achievements to Howard's, and see whose advice about the necessity of a proper storage benchmark we should be trusting.

0
1
Trevor_Pott
Gold badge

Every criticism and complaint you could level, I promise you Howard has heard and considered. A dozen times over. This isn't some nobody, or some partisan vendor shill. It's Howard Marks. And he's not alone; he's put together a team of the best to build this thing.

Nothing's ever perfect, but this benchmark will be as close as one can get for storage. Howard knows no other way.

0
2

Maxta goes Freemium and enlarges VP count with new hires

Trevor_Pott
Gold badge

Re: I'm not sure this is going to work....

Some good points, some not so good.

The first: a community will hopefully get born around this. I've been spending quite a bit of time nerding about the implementation details personally. With any luck, Maxta will be implementing them and it won't go horribly, horribly wrong. If you've ideas in that regard, please do share. I personally promise you they will get discussed with the relevant execs and the CEO. Every single point raised.

Second: MsXP has come a long way. I'm not quite done my review of the latest version, but it's at the "you have to actively try, and try hard, to botch the install of this". That isn't to say there aren't gotchas. The installer gobbles a disk for the VSAN VM, for example, and doesn't tell you that you'll lose a whole disk in this fashion, or let you pick it. (At least not in the heavily automated GUI version of the installer.)

There are a few of these small issues, and they are ones I will personally beat them over the head with a clue-by-four until resolved...but they're small issues. When I first tried MsXP years ago I must have had to go through the installer 4 times - with a few e-mails in between - to get it all working. This time, no such issue...and that's not because I was better at the installer. (I had completely forgotten how the thing worked.) It's because they made the installer suck less.

So yes, Maxta still has work to do in order to make this a great freemium product. But it's all work I honestly think can be done before the end of the year. What's more, they're actually listening. This is important, and fairly rare in the storage and virtualization community.

Is going freemium going to be enough? I don't know. What I do know is that MxSP is one of the few HCI products that has traditionally "just worked" for me. The idea that I can now build a demo cluster without a pile of red tape to demo to skeptical clients has some appeal to me. I also know that the statistics and analytics package they've developer speaks deeply to the nerd in me.

So I say: let's seize the opportunity. A vendor is willing to listen to our criticisms, requests and fears. Let's speak and be heard. Let's get a product, a community and a support infrastructure we want. It's not often that the little guys get this kind of a chance.

0
0

FireEye probes Clinton foundation hack: Reports

Trevor_Pott
Gold badge

Re: Blame the Russkies

If the Russians want in to your network they will get in. Period. Believing anything else is hubris and arrogance of the most overwhelmingly egotistical type.

The NSA couldn't keep the Russians out if they were determined to get in. There is absolutely no way a charitable foundation or a political party's IT team could keep out a state actor with that kind of ordinance and experience.

The only thing that the Clinton foundation could have done - that any of can do - is try our damnedest to raise the cost of success beyond the value that success brings to the attacker. Success is measured in many ways, meaning that for some strikes the value of success is worth nearly any cost.

In this case - and in the DNC case - I personally don't believe that Russia (or whomever) approached the target with a "success at any costs" valuation. Most likely they regularly probe such high value targets and stumbled upon a target of opportunity.

The truth is, we'll likely never know. What exploits were used, if classified ordinance was deployed or merely public vulnerabilities were exploited. I'm not sure it matters.

The question is what can we - what can anyone reasonably expect from these organizations for security? Perfect security is impossible, and the costs of raising the cost to attackers rises disproportionately fast for the defenders. At what point is it irrational to expect increased spending on IT security, on end user training, or to expect that human beings operating in various positions won't make errors?

"They were asking for it" or "they had it coming" or "maybe they wouldn't have been attacked if they didn't dress (their IT security) like that" aren't acceptable responses to this. Collectively, we can't keep blaming the victim for not spending irrational amounts of time and money on defense. Most of us simply can't afford it.

And where does it stop? Where does this attitude of "security is everyone's individual responsibility so we all have to pay and pay and pay and keep paying and pay some more" end? At what point do we start to see this as an issue we need to band together on and start pooling our resources so that we can come up with defenses collectively that, quite frankly, we'd never afford individually?

Mocking, victim blaming and traditional unrestricted capitalism have all failed to win this war. Maybe now that it has impacted some of the elite we'll see some fucks given and new approaches taken. I can only hope.

6
0

New science: Pathetic humans can't bring themselves to fire lovable klutz-bots

Trevor_Pott
Gold badge

Re: A robot that is aware of it's own mistakes

Explain to me the difference between "awareness" and sensory feedback being true? Other than perhaps that biological awareness is more fallible.

You're nothing but a sack of chemicals and there's nothing special about you, or your species. Get over it.

3
2
Trevor_Pott
Gold badge

Re: Ultimately one must remember....

A robot that is aware of it's own mistakes and able to visible represent contrition has emotions that are a fuck of a lot more real than a depressing number of people I know.

Emotions absolutely can be programed. There's nothing special about them. And it strikes me that with a fairly minor amount of effort, I'd prefer a robot guaranteed to have emotions - artificial or not - to a lot of the people one could name.

16
2

Five-hour Azure wobble

Trevor_Pott
Gold badge

A) "phased roll out"

B) 5 hours to notice and roll back?

C) R.I.P. QA.

0
0

'Disciplined' NetApp cuts weight, turns in a prettier spreadsheet

Trevor_Pott
Gold badge

Re: NetApp now has 8 product lines?

But way more than Pure.

0
0

Light at the end of Intel's Silicon Photonics: 100Gbps network tech finally shipping, sorta

Trevor_Pott
Gold badge

Looks like a QSFP28 transceiver. Does it have lower latency than Mellanox? When do we get modules that can split into 10 instead of 4? 10x 10GbE as a breakout cable is a lot more useful to me than 4x 25GbE...

0
0

Hyper-converged top-of-the-pops list is out: Guess who hasn't crushed it?

Trevor_Pott
Gold badge

Re: Where do they get their data?

Exactly what about that is bunk? Other the part where Scale got shafted - they deserve a much better rating, especially with the advent of their hybrid nodes - Forrest don't seem too off the mark there. I might move the companies around a little, but probably less than 10% deviation on any one except Scale.

2
1

Chip giants pelt embedded AI platforms with wads of cash

Trevor_Pott
Gold badge

Re: intelligence isn't easy to replicate

I know of many projects to bring empathy to artificial persons. Be those artificial persons virtual, robotic or both. As a matter of fact, empathy, sympathy and compassion probably get more money than anything except "how to move around autonomously" and "how to kill efficiently and accurately".

Artificial sympathy is pretty clear cut: the ability to recognize the emotions of others has uses for everything from detecting criminal intent to understanding what human persons are attempting to communicate. Here, there is great interest in the robotic care industry.

Empathy is seen not only as a useful tool in the robotic care industry, but it is seen as useful in attempting to build more capable virtual assistants, search bots and more. If you not only understand what the human person is attempting to communicate, but can have those emotions equally bias your choices then you can understand intent even more accurately than with sympathy.

Artificial compassion is farther out, but is seen as important for artificial governance. There is great interest in answering "quis custodiet ipsos custodes" with "robots". Specially in roles such as ombudsbot or as an adjunct to a highly politicized investigation (say oversight of police or the judiciary). In these situations cold logic isn't enough; compassion is absolutely required.

Now a lot of people will start to scream about robots running the world at this point, but I don't think that's the intention. Most projects I've seen regarding artificial governance are not about putting a decision to an artificial person and accepting their judgement, but asking the artificial person to render not only judgement, but rationale behind that judgement. A clear chain of "based on these pre-programmed factors, this scoring from these detected emotions, this bias weighting, etc" it seems the best thing to do is Y.

In this manner, once a decent AI is evolved, judgements can be modeled by altering the input biases. Do we, as a society, believe in any absolutes regarding compassion, punishment, rehabilitation, etc. and so forth? What does the law say? What does legal precedent say about exceptions due to compassion?

Lots of people want these bots in order to model elections. Others as a means to better understand how to manipulate groups of people. If you change one thing, how does that affect their judgement? Etc.

The technology behind artificial sympathy, empathy and compassion have many uses, both great and terrible.

Sadly, as we have no means of updating humans with compassion, the most terrible uses are likely to be the first tried, long - long - before the rise of any machines against us.

0
0

We're going to bring an asteroid fragment into Lunar orbit

Trevor_Pott
Gold badge

Re: Giving Skynet an Asteroid to Drop on Us?

"They're taking them to the moon, right?"

And they couldn't then send it (or other objects) at Earth why exactly?

The technology, once invented, cannot be uninvented. If you can park something around the moon, you can plow something into the Earth.

You really, really need to read The Expanse.

0
0
Trevor_Pott
Gold badge

Re: Giving Skynet an Asteroid to Drop on Us?

"I worry about people who throw rocks."

--Chrisjen Avasarala,

The Expanse

3
0

#Shadowbrokers hack could be Russia's DNC counter-threat to NSA

Trevor_Pott
Gold badge

Re: A long and hot cybersummer

Explain why the DNC hack couldn't have been as simple as Russia buying a staffer for access (or a direct data dump) and then disposing of them? Seems an entry level exercise for the FSB. *shrug*

You and I will never know the truth, and I am sure it is stranger than fiction...

3
0

US extradition of Silk Road suspect OK'd by Irish judge

Trevor_Pott
Gold badge

"at least in the US if you can prove your innocence you'll walk free"

That statement is everything that's wrong with the US. The fact that it has managed to make it's own people believe this...

Look: innocent unless proven guilty. The burden of proof is not on the accused, and never, ever should be. You should never have to prove your innocence. The prosecution should have to prove your guilt. And beyond a reasonable doubt, especially where high sentences or capital punishment is on offer.

Furthermore: justice does not consist of revenge. A justice system should not concern itself with punishment, but with rehabilitation.

If the Norse can do it, you'd think a country whose countrymen fancy themselves the greatest in the world could get even a fraction of the way towards that level of evolution...

23
0

'I found the intern curled up on the data centre floor moaning'

Trevor_Pott
Gold badge

Re: "Pete' has omitted some details...

"What makes me skeptical on this one is that he has just the *one* call / voice mail? So the intern didn't call 50 times in a panic, just once, left a voice mail, and waited the rest of the day?"

Written as if by someone who has never had a debilitating phobia-induced panic attack. I'm surprised he got the one call off, personally.

6
1

Samsung points high-speed Z-SSD smack-bang at XPoint

Trevor_Pott
Gold badge

@joerg: once more, with feeling: write life doesn't matter to everyone.

There is a place for different classes of solid state storage with different write lives and different speeds.

And you can tell Intel/Micron I'm still waiting for the xpoint units for review that I was promised. Everyone else has theirs, so let's chop chop, eh?

1
0

Telstra CEO Andy Penn promises $3 BEEELLION to end The Big TITSUP

Trevor_Pott
Gold badge

A billion or so bucks a year for a country the size of Australia is chicken feed. That's not much of an "investment" in your telecoms...

0
0

Judges put FCC back in its box: No, you can't override state laws, not even for city broadband

Trevor_Pott
Gold badge

If your internet connection is made out of butts covered butts in butts sauce and/or costs too much to actually use then it is interfering with all sorts of interstate - and international - commerce.

Buying things online is one o the top activities people possessed of not butts internet connectivity do with the thing.

11
2

Toshiba flashes 100TB QLC flash drive, may go on sale within months. Really

Trevor_Pott
Gold badge

Why not just build a fab right next to the spookhaus?

1
0
Trevor_Pott
Gold badge

XPoint will have better write life. It will also cost 4x what standard MLC will cost and 8x what QLC will cost.

News flash: lots of use cases don't require high write life. WORM is s thing for 99.9% of the world's businesses.

QLC will find a place. It just won't be in the DIMM slot.

Now smoke a bowl and chill the fuck out.

7
2

#Censusfail Australia: Not an attack, data safe, no heads to roll

Trevor_Pott
Gold badge

None of which is acceptable when that kind of DDoS protection is available as a service from any number of providers and can auto-scale on demand. Just the damned website should have been able to. And bloody first-year DevOps numpty rolled out of university should be able to bring THAT up on AWS or Azure today.

6
0
Trevor_Pott
Gold badge

Re: In other news...

Bingo.

6
0

Australia's online Census collapses, international hackers blamed

Trevor_Pott
Gold badge

Re: the other one plays jungle bells ...

If it was anons, they're keeping really low key about it. None of the cells I know about participated...

0
0

Boffins shrink light-twister to silicon scale, multiply bandwidth 10x

Trevor_Pott
Gold badge

Re: Vaporware

It's one of those "science that doesn't produce a viable product after the first round of research is useless and a waste of taxpayer dollars EH TUK MUH JERB" zombies. Remove the head or destroy what's left of the brain. It's the only way.

0
0

VMworld 2016: What happens in Vegas ... could be just a desert trip

Trevor_Pott
Gold badge

Re: Careful TP

The Flex client is lovely, and the basic ideas behind it were sound. For small deployments. But it fell apart when used at scale and the inventory service (upon which the Flex client relies) needs to be killed.

The HTML 5 client works at scale. It has seen far more testing in that regard than the Flex client ever did. It - for the most part - keeps the good stuff of the Flash client, and jettisons the crap bits. Of course, it's not feature complete, so it's all going to depend on when they get that done.

The other thing to note is that the Flash client wasn't such a big deal when it was launched for two reasons:

1) deployments (and cluster sizes) were much smaller

2) most browsers at the time didn't freak the hell out about flash

But it all went sideways in short order. The world changed not too long after the Flex client emerged and VMware didn't adapt. The Flex client subsequently became n albatross.

That's really where my disillusionment with VMware started. Not because they don't product great technologies or ideas - they do - but they have such overwhelmingly powerful "not invented here" syndrome that when there are issues with the product - or when the world changes around them - VMware can't and won't adapt.

The majority of the grief people have with the Flex client would have gone away if it didn't need so much pissing around with browsers to make it work properly. But VMware pretended the world was the same for way too long and here we are.

I want a browser-based client. After the day I just had trying to get a downed VMware cluster back online, I could (and probably will) write several blogs on why that's a much better idea than an installable one. I want the asynchronous actions capability of the Flex client.

I just want the inventory service to not be shit, the client to be faster, the whitespace to be less and the damned thing to Just Fucking Work in modern browsers. The HTML 5 client meets all these requirements.

Try it. I bet you'll really like it.

1
0
Trevor_Pott
Gold badge

Re: A trip to the Desert

The only thing good about the Nevada Desert are all the places that are not the Nevada Desert.

**** this "heat" noise.

1
0
Trevor_Pott
Gold badge

Re: I hope the writer can answer additional questions at the show...

Not going to the show, but can answer any ways.

1) There is Flash still in their products because they were spectacular dumbasses in denial of the problem for years and didn't invest in a post-Flex interface until it was damned near too late. They are now working as fast as they can, but didn't get serious about it until yay-not-very-long-ago, so it's at least another year before Flash is gone.

2) NSX is something VMware is investing heavily in. They are betting a lot on it.

3) You can't upgrade as you like because if you could VMware wouldn't make as much money from raping your wallets and telling you that you like it. I gave up having that argument with them years ago.

4) There is plenty of innovation occurring at VMware, but it is all super-tip-top-hush-hush secret stuff that may or may not see the light of day. The fact that you are asking that question validates my argument that it's time to let the world see under the kimono before Microsoft manages to win hearts and minds.

Once their customers leave them for Microsoft, those customers aren't coming back. Sadly, VMware either doesn't believe they can/will lose customers to a resurgent Microsoft powered by a top-notch hybrid cloud story, or they just don't care.

3
0

VMware: We're gonna patent hot-swapping your VMs' host OS

Trevor_Pott
Gold badge

Re: Glee!

Where did I say I expected speeds to improve? I just expect to run more idle workloads. If I have 5000 workloads on my box and at any given time 64 of them are doing something, that's a lot. Incidentally, I have 72 logical processors on my 2P server, so I can have that many workloads doing their thing at any given time.

0
0
Trevor_Pott
Gold badge

Re: Glee!

The vast majority of workloads out there do fuck all except eat lots of RAM. CPU utilization in most datacenters - even with virtualization - is pathetic. Containers just give us a way to drive even more density and hope to get slightly better usage from our workloads.

Whole lot of stuff just wants to sit around waiting for something to do.

1
0

My Microsoft Office 365 woes: Constant crashes, malware macros – and settings from Hell

Trevor_Pott
Gold badge

Re: Thunderbird with Lightening

Absolutely. On multiple products. It's also worth pointing out that what each or any of us considered "smooth" might be choppy or unusable to others. I, for example, find anything slower than 60fps unusable and I tend to be picky about my mice because some setups - certain wireless USB mice, for example - have noticeable (to me, at least) lag when compared to wired PS/2 mice.

Compared to Josh, however, I might as well be playing a slideshow. For him, anything under 120 FPS is unusable and he's picky about which PS/2 mice he uses because lag matters that much.

Maybe you found a magic combination of hardware and software that works great. If so, congrats! For me, I haven't had such luck so far. And I'm far too poor to rebuy all my gaming gear. To date, none of the software produces anything usable for me, and I cycle through and retry every 8 months or so.

0
0
Trevor_Pott
Gold badge

Re: alternate mail/calendar client

I've tried the Exchange EWS provider. It's picky. It's usable if you sacrifice enough virgins to it and don't look at it funny, but not what I'd call stable. I never understood this because Android can talk to Exchange without any problems whatsoever, so I never got why Thunderbird would only update the calendar when it felt like it.

Also: trying to sync both exchange and gmail calendars on the same Thunderbird? This ends very badly. With Outlook I can use gsyncit. Not the greatest, but it mostly works. I have yet to convince Thunderbird to play ball. :(

2
0
Trevor_Pott
Gold badge

Re: Almost, but not quite, entirely unlike Outlook

What in your proposed solution actually centralizes the calendaring? And does all of this work on iPhones? Android? Mac? Windows? How much setup does it require per user? How fragile is it, both from a client side and from a server side?

This isn't just "a cultural issue". This is "a usability issue".

The issue around this is that what people want is the ability to walk into a car dealership, sign some papers, then turn a key and drive away with a car. They don't want to go to a parts shop, a machine shop, a metal shop and then to a hackerspace to assemble it all and ultimately end up with a car that can only drive 4 out of 7 days a week and can't make left turns.

What the open source crowd don't seem to understand is usability. With Outlook, my users can enter their e-mail address and password and that is all they need to enter. That's all that I, as an end user, need to enter. Everything else is handled through DNS and the client/server relationship.

One username and password gets calendaring, mail, contacts, distribution lists, public folders and more. Do you understand this? One user name and password. One application. One thing to troubleshoot. One application to learn. One application to teach.

No setting up multiple IMAP accounts. No downloading 5 different add-ons, only one of which is commercially supported, and two of which are no longer maintained at all.

At least the LibreOffice people have grokked that bundling and usability are important. They have figured out that any collection of interconnecting applications that important has to be maintained as a unit, so that no one piece falling behind (or being abandoned) threatens the whole.

But the mail nerds never get this. They seem perfectly happy with maintaining a spider's web or barely-compatible version-unbound components working in loose formation, and then going back every few years and reinventing the wheel.

I don't know about you, but I'm tired of reinventing the wheel. I just want the goddamned thing to work. I want it to work today. I want it to work tomorrow. And I want it to work 10 years from now.

E-mail is e-mail. Let's please just STOP FUCKING WITH IT. Let's stop having to reinvent, reconfigure, tweak, change, adapt, learn, relearn, teach, modify and change. Let's just get it right and then leave it the hell alone.

Computers are here to make our lives easier. Not endlessly faff around with in some insane attempt to be "more efficient" through constant - but ultimately useless and unproductive - change.

Show me an exact stack of applications - server and client - that replace Exchange and Outlook without having to retrain everyone, or redo every few years, or have a half dozen sign ins per user per device, and I'll be thrilled. I hate Microsoft in the gor'ram face. But a fist full of monkeys that all have to be carefully thrown in the right barrels is quite definitively also not the way.

1
0
Trevor_Pott
Gold badge

Re: The pain of it all

Windows 95 was 21 years ago.

Windows 2000 was 16 years ago.

Windows XP SP2 was 12 years ago.

Office 97 was 19 years ago.

Office 2003 was 13 years ago.

Windows 95 to windows 2000 was 5 years. The wait was worth it.

2000 to XP SP2 was 4 years. The wait was worth it.

Office 97 to 2003 was 6 years. The wait was worth it.

Microsoft hasn't produced end user productivity tools or an operating system since which count as definitive improvements over Windows XP SP2 (12 years ago) and Office 2003 (13 years ago).

I think I've been more than fair in giving them time.

Look: newer versions of software have new security features. ASLR and so forth. That's expected. That's part of the evolution of software over more than two decades. Other things (such as hyper-v) that were rightly their own product got rolled in. Fine. That's a business decision.

But what does Windows 10 offer me that actually makes my life better over Windows XP? And no, putting a gun to my head and saying "upgrade or the viruses will get you" isn't making my life better. What in Office 2016 makes my life any better, faster, easier or more productive than Office 2003?

No, Microsoft have created applications and an operating system that makes their life better, makes it easier for them to profit, and offer us nothing except fear and coercion to keep us on the treadmill. They're the Donal Trump of software developers and I, for one, am rather sick of their shit.

I just want the lights kept on so I can go about my day. I don't want to be confused, chastised or scared shitless all the time when I could be usefully contributing to society. Why - oh why - is that so very much to ask?

3
0
Trevor_Pott
Gold badge

Re: Low Hanging Fruit - Visio

"or modify your workflow for gmail"

Seriously? Is this what we, as an industry, have become? There are those among us that pull this shit not in meetings where determining top-down policy to foist upon the milled masses, but in casual conversation with peers?

This is walking up to someone and syaing "you're not trying hard enough to do it my way and that is why you fail" instead of starting with something important like, oh I don't know, why they should try at all!

Computers are are a tool to make my life easier. I am not here to adapt to the computer.

Also: compared to Visio, Draw is pretty butts. It's getting there, but it's still got rather a long way to go. Especially in having those diagrams read by Visio and vice the versa. It's usable and all, but only if you don't have to actually, you know, work with other people at any point.

4
0
Trevor_Pott
Gold badge

Re: Speed

Are you sure that's Office, and not "svchost"? It sounds a lot like the whole "windows Update will now eat one core of your CPU until the goddamned end times" problem.

1
0

Forums