Re: Why do they do it?
That will work really well once your house is on fire. And that isn't one disk, is it? It's two.
6615 posts • joined 31 May 2010
That will work really well once your house is on fire. And that isn't one disk, is it? It's two.
If your data does not exist in at least two places then it does not exist.
The entire idea that there "aren't enough developers" is horse manure. There are a functionally unlimited supply, many of them trained, experienced and idle. The problem is that nobody wants to pay them a living wage or provide humane working conditions. So the developers leave the field and go elsewhere.
The new developers brought in to replace them aren't as experienced. They are willing to work for peanuts at first, but realize quickly that living with 12 room mates in a 3 bedroom that's 400sq ft is asstastic and they go do something more profitable.
If you want more quality coders pay their rates. Otherwise you get commodity software developed by commodity developers.
And they used to say "the internet routes round damage".
It has. Unfortunately the world's governments have been working hard to ensure that any overlay networks that ensure privacy and security not only are eventually compromised, but are illegal or outright blocked.
Trust is fundamental to the current internet. Unfortunately, trust is damage. Thus the fundamentals of the internet must be replaced or overlaid upon with network and protocol designs that don't require trust. The result, however, won't be anything like the internet of yore. The internet can't route around itself without becoming something altogether different.
And, quite frankly, that's a good thing. The internet should be a bastion of free speech and anonymity. A place where people can communicate without fear of surveillance. Only then can new ideas truly be explored and - ultimately - flourish.
Until then, the Internet is merely a means to give everything you are and have over to those who have proven repeatedly they will use all of it against you.
We really need an "International Industrial Espionage Day" where we educate people about how the internet is where governments laugh and play and surveil the innocent. Usually for economic benefit.
I understand my history just fine, thanks. I even understand the issues in transitioning from the old to the new.
Problem is, even new protocols being developed today rely on trust. The internet still relies utterly on people to behave with honour. People don't. Governments especially don't.
It is a pain to transition to a new architecture. It will take decades and billions of dollars. Tough. It needs done. Best to start down the path and get it over with.
Unfortunately, we're in the process instead of having the technocrats try to transition us to shit like IPv6. This doesn't benefit the individual in any way, but instead makes them even more vulnerable, traceable and exposed. Yes, I understand IPv6 is from the beforetime when chowderheads still believed in trust. But any attempts to actual solve the problems in IPv6 such that individual privacy is made paramount (or start a post-IPv6 transition that will move us to such a protocol) are simply shouted down.
The technocrats are obsessed with making life easy for developers. (See: end-to-end model obsession, amongst many other things.) Anything that requires a poor developer to load a few extra libraries and understand a little bit about network when designing an application is apparently such a cosmic problem that everyone else should be rendered tracable all the time.
And IPv6 is just one example.
The BGP issue can be solved by making two routing tables on the net. One secure and one insecure. BGP, of course, being insecure. Systems advertising along secure channels would have a multi-point reputation system. Some central registrar (preferably multiple, in different jurisdictions) would ensure that A) yes, the organization in question has the right to post routes and has agreed to play nice and B) owns X routes, and can advertise them as they wish.
If an organization tries to advertise routes on the secure channel that belong to someone else (which should be fairly easily traceable with the reputation system above) then those routes aren't accepted, and the reputation of the sender is demoted.
If there ever appear to be two "legitimate" owners of a route - which shouldn't happen, but does from time to time due to administrative screw-ups - then the providers with the highest reputation wins, until the issue is resolved.
BGP routes would then be considered as the lowest reputation routes. They will be accepted, but only if they are not overridden by a more reputable and verified source using the secure channel.
Oh look, we now have a transition mechanism. That was hard.
Yes, the reputation managers in this system would have many of the same flaws as certification authorities. This can be partially mitigated by having multiple reputation managers in multiple jurisdictions, making it hard (though admittedly not impossible) to compromise all of them.
We could also look at some sort of distributed reputation system (blockchain-based? It's all the rage!) that supplements the "canonical" reputation systems, but is based more on "number of times an advertiser has caused route problems".
Essentially the transition mechanism could be handled as something along the lines of a more advanced SPAM blacklist/greylist system, incorporating lessons learned from those attempts and giving ultimate priority to those advertisers who have done the leg work to get properly verified and whose ownership of a route can be confirmed through multiple sources.
Clearly, however, this is completely unworkable and impossible. Because reasons.
Trust is anathema to privacy and to security. Relying on it for anything is ridiculous.
To err is human. To really cock up requires a committee.
See: the design of pretty much every internet protocol since the beforetime. Anything that relies on trust is automatically a failure. Too bad techocrats never seem to understand that.
Microsoft and Hollywood haven't made a religion out of turning Verizon into a boogyman. That's how.
Cisco: a trustworthy member of the IT community.
Today's nuclear waste is tomorrow's nuclear fuel.
"I thought that one of the roles of the judiciary is to give protection from abuse of political powers."
You're pretty old, aren't you? The role of the judiciary is to protect the political class from dissidents.
If all you drink is that liquid bread shite then who'd want you?
Lager all the way.
I can think of a dozen different "properly configured" VPN implementations I can crack. So that sort of puts paid to your very bad design.
Eggshell computing is a horrible, horrible, horrible security design. You are wrong and you should feel bad.
Government anything is typically late, over-budget and doesn't work. Unless that government project is about oppressing their own citizens. Then it's delivered early, under-budget and is creepily efficient.
They can never make something that lets you renew your driver's license quickly, or distribute smart cards so we can all vote online, but damned if they don't get license plate recognition and automated speed fines working in a matter of weeks after it's legalized.
I'm actually really disappointed noone got the scope of the reference. Yes, it was a TNG joke. The Enterprise-D didn't have a tachyon generator, let alone a tachyon "inverter". (And a reversed polarity inverter should just be a normal generator.) The Enterprise-D consistently had to monkey with the main deflector to produce tachyons in anything other than very small quantities, and having at any point something that "inverts" the operation of the main deflector would be a very bad thing for that ship.
It's worth noting, however, that the Defiant regularly produced both Tachyons and Chronitons without having to involve the main deflector. Presumably the Enterprise's need to send some red shirt to get melted by a plasma leak in the Jefferies tubes every time a tachyonic something or other was required meant that generators for those were added as standard equipment. </giant nerd>
That said, hat tip to Alister for picking up on the "reverse the polarity of the neutron flow" which was indeed front of mind when I started crafting the sentence.
I disagree. You're making a classic mistake thinking that defense is essentially a checkbox-following procedure of "doing the right things". It's not. You need to think messily. You need to think of new and innovative ways to break your own design.
The stuff that shelfware exists to solve is only a small part of the problem. It is nothing more than the beginning. Good defense, like great offense, requires totally orthogonal thinking. And yes, it will and does require implementing things that don't exist as off-the-shelf products. Open source or not.
Attacking is easier than defending. It is easy to train attackers. It is not so easy to find attackers who have flipped over and trained to defend.
A good defender needs experience attacking. A good attacker does not need experience defending, though they could do with studying the shelfware.
"transformative, flexible and agile as we are becoming, while standing out from the pack"
Was "everything else was taken" somehow not an acceptable response? It makes me physically ill that anyone got paid to come up with this bullshit, and I work with marketdroids 8 hours a day.
I came up with a logo for my company when we started. It is an albino bristlenose plecostomus. When asked, I can and do give honest reasons why. Namely:
1) I like bristlenosers. I think they're cute. They have a lot of personality and their antics in a community tank make me smile.
2) Almost nobody knows what it is, so it's a great conversation starter.
But seriously, HP? It's a rectangle. A rectangle. How the metric fuck is it "agile" or "flexible"? And how in the name of His Noodly Self is it "transformative"?
That someone got paid for this....RAWRGFRAGLEBALRGERG....
Absolutely! NetApp offer you the possibility of just adding more shelves to solve any problem for any reason! Forget your archaic conceptualization of "value for dollar" or "storage that is suited to the needs of the customer". Just add a shelf and keep adding shelves until your datacenter's primary workload is ONTAP, with some other things that are an excuse for ONTAP to be deployed.
I didn't say it was impossible, I said it was hard. It is the one part of criminal compromise that requires the most orthogonal thinking and the part of the operation where you are most vulnerable to detection.
I also am not about to write an article explaining how to solve the one truly hard problem in criminal data exfiltration. I leave that as an exercise for the reader.
"the lawyers I know are hard-working, clever people who can wrap their minds around the many nuanced approaches that the law has developed to very complex problems"
Never met a lawyer like that. All the lawyers I know are pretty cookie-cutter types that push paper, fill our forms, follow patterns and scripts and that's about it. In most ways they resemble bored help desk operators, except that instead of Google or some internal wiki they have some overworked middle-aged woman running around in the back fetching an unending stream of paperwork, doing research and ordering around younger women to do even more research.
These lawyers find creative approaches to absolutely fuck all. Their purpose in life is to tell everyone how screwed they are and that there is absolutely nothing that they can do to help themselves. The law wasn't designed to work in their favour and it never will.
They can - and do - bill unbelievable fuckpiles for their work. They get away with it because the law mandates that all sorts of interactions with government, other companies, etc require a lawyer to be involved.
Like accountants, they have no requirement to innovate or even think, because they have engineered a system that requires everyone to use their "services" regardless of need.
Now, admittedly, the overwhelming majority of my interaction with lawyers is civil issues, not criminal. Perhaps these "hard-working, clever people" end up in criminal law over here. I don't know.
I do know that in Canada the lawyers I've had the misfortune of dealing with are overpaid and underworked. They care so little about their jobs that even when you are physically in a room with them they aren't really there.
Unlike systems administrators this isn't because they're dead inside. It's because the life they live outside the confines of their ridiculously expensive offices is so much more exciting than whatever you're bothering them with that they'd rather relive it in their own memories than deal with whatever issue you've got to be dealt with.
I want some of those hard-working, clever lawyers. Maybe if we had some the little guy would win once in a while on this miserable continent. Maybe if that happened once in a while it would stop being such a corrupt, awful place.
I don't see network administrators ever being paid seven figures while only being expected to work 40 hours a week and having unlimited interns/paralegals/$minions to boss around and make do the real work. You know, like the whole reason you go into law.
So, um...how is networking like law again?
...and privacy law.
IANACE (I Am Not A Crypto Expert), so don't take this as the final word, but if I recall correctly hash collisions are a theoretical possibility with all hashing algorithms. It simply becomes a question of the size of the hash space as to how likely those collisions are.
That may be the nicest thing anyone has ever said to me, thanks!
Hash collisions are a pain. These can be avoided in any number of ways but usually boil down to using a hash space so large the chances are exceptionally unlikely you'll ever encounter one. (See here: http://www.backupcentral.com/mr-backup-blog-mainmenu-47/13-mr-backup-blog/145-de-dupe-hash-collisions.html) Of course, this doesn't eliminate hash collisions which is why a almost nobody uses simple hashing anymore.
Each company has their own take, but a scary number of deduplication approaches really are just "hashing with some kludges to solve minor problems" (like collisions), where "solving" doesn't mean "eliminating entirely".
Actually coming up with really novel ways to do data efficiency didn't seem to become "a thing" until the latest round of the storage wars started about 5 years ago. For many government and enterprise buyers this can be a problem. They only buy from the legacy vendors, unless the new ones go through years of proving out. This can - and does - leave some ops teams in a bit of a pickle trying to deliver the full range of modern functionality. (Or, at least, trying to delivery it at prices that compete with public cloud computing, which isn't as feature rich or as secure, but it is the reality of what they are compared to. Damned if you do, damned if you don't.)
That being said, kludges aside, things like hash collisions can happen. So don't take your 10 year old SAN with it's primitive deduplication features and try to shove 1PB worth of data into it by "just adding some shelves". The bigger the space the more likely you're going to run into problems with implementations.
Mostly, if you refresh every 5 years you shouldn't have to worry. Also, if you use one of the new technologies that isn't hash reliant, you shouldn't run into these issues.
At 100TB you should be fine. Even at 500TB you probably run no risks worth mentioning. But if you are planning at any point to have a storage space larger than 1PB using one of today's storage technologies then demand to speak to a nerd and start asking exactly these sorts of questions of them. It isn't that hash collisions themselves are a likely risk, but you start getting into the scale where implementations don't quite match the theory and it's worth asking the questions.
And don't just look at what you plan to load your storage system with today. Think about the total life cycle of the system. 5 years in production and 5 years as an archival unit. Will you expand it to 1PB in that time? If so, be relentless in your inquisition. If you don't get the warm fuzzies from the answers you are given, move on.
There are lots of storage companies to choose from.
Create a competition between 4chan and reddit to come up with the single worst movie of all time. A movie that would make CIA interrogators looking break a subject weep with horror. Then film it and submit it.
The downside is that the despair for the sheer horribleness of which humanity is capable will cause anyone actually reading more than 5 minutes of that script would simply walk outside their house and blow their own head off. You'd go through a crew of thousands before you got the film shot and it would eventually be classified as a war crime.
But a film that was the result of a head to head between 4chan and reddit to create the most horrible thing ever would be one hell of a form of political protest.
Oh, I disagree, sir. You are the living embodiment of those individuals which give Linux a bad name.
I, a Linux user for nearly two decades, bring up the fact that Linux is an inconsistent user experience across distributions (and it is a fact,) and you reply essentially saying "but that's irrelevant!" You are concerned about the perception of Linux, wanting to downplay any potential issues with arguments about semantics and an ever shifting goalpost of relevance such that any complaints can ultimately be dismissed.
This is why Linux has never managed to gain any traction on the desktop and why Android occupies the compltely-shit end of the mobile market.
This whole "the user experience doesn't matter" attitude is fucking poisonous. It is the very real problem at the core of all things Linux, from the pathetic attempts at desktop implementations to building and maintaining a server OS that's worth a damn.
Completely irrelevant minor distributions with no enterprise support and no hope of ever achieving anything like it do not constitute "alternatives" to anything except hobbyist level pissantry, self inflicted foot-oriented gunshot wounds and an interesting series of methods to get one's self into a world of commercial legal liability problems.
In the real world there is Red Hat, SuSe, sort of Ubuntu and fuck all else. When Red Hat farts, 10,000 tiny distros choke to death on the fumes. When Red Hat rolls over, the entire Linux ecosystem falls out of bed.
This isn't about "what I want". This is about stability and consistency. The discussion was about the stability and consistency of the Windows OSes. The comment was made that Linux is somehow better. It is not.
For all that Linux is good and has some excellent aspects, it is in no way more stable, consistent and certainly not more easy to use than Windows. It is as inconsistent across versions of the same distribution as Windows is, and as inconsistent across distributions as Windows is across it's own major versions.
Now, if you feel the need to take the speaking of truths in this matter and somehow see that as an attack on Linux, you need professional help. It's not. But you've clearly associated your self identity with Linux to such an extent that pointing out areas where work needs to be done feels to you like a personal attack.
Get help. Get over it. And maybe, just maybe, come back and we can all work towards making Linux a more stable, consistent experience that will benefit the entire industry.
"I think I can see your problem. You're not really using vi, you're using vim which stands for "vi improved". And all those improvements allow distros to play silly buggers with config. Old vi has been available since V7, which included the code for ed became open source. Old vi is confusingly called new vi, nvi. Use that instead."
Bingo. Except some distros map vi to vim and others don't. Some put vi under a new name, others don't. There's no consistency, and it requires learning who's done what that's different from the next guy. Which was sort of my point.
Also: re Red Hat 6.x still being "real Linux"...I agree. Unfortunately, support won't last forever, and nobody has taken up forking it and continuing on with a great distribution.
IMHO, Red Hat's arrogance has killed Linux. It's time now for all of us to learn BSD, for better or worse.
I've been getting behind Slackware more and more recently, but honestly having trouble with BSD. BSD is just different enough that it's actually quite frustrating to use. It looks like Linux. It feels like Linux. But every time I go to use my decades of Red Hat muscle memory something doesn't quite work right or some command isn't there. BSD is something I learn in small doses in between a lot of cursing.
I've bunged my protest money in their direction. I haven't seen anything like a practical product yet, however.
Not really. Red Hat has changed all this. Consider for a moment that minimal install of RHEL 7 doesn't even come with ifconfig! Starting and stopping services is completely different (fuck you sideways, with a rusty tractor, systemd!) and the names of many basic services have changed.
It's not enough to know some basic POSIX stuff. A distribution of Linux is way more than just basic POSIX stuff. It's names, file locations, configurations of basic software and more.
Editing a text file in Red Hat-based distributions is simple. You use vi. And all you really need to know is "i" for insert, ":q!" to quit if you screwed up, ":wq" to write and quit and you're good. There are, of course, other useful commands in vi, but you can administer a system with just those.
Move over to Ubuntu and...wait...vi doesn't behave the same. it's configured differently and doesn't respond to commands the same. Well, shit.
Now, we can go on and on about the whys and wherefores and even the how these things are made to occur. It doesn't matter. What matters is that the differences between Linux distribution versions can be (and often are) as big as the differences between any two Windows versions. What's more, different Linux distributions have drifted so far apart that they now represent a bigger real-world gap in administration than did the NT line to the 9.x line back in the day.
Linux isn't unified. And what you know in one doesn't quite port to the other. That's bollocks.
If II know Windows really well I can probably pick up $Linux_Distribution_1 as easily as if I knew $Linux_Distribution_2 really well. It has nothing to do with which OS you learn first. It has everything to do with understanding the fundamentals of how and operating system works, and why it works.
But knowing the fundamentals won't stop you from having to study, and study hard. Because the UI - text based or GUI, it doesn't matter - changes all the fucking time in Linux. Just like it does in Windows.
The difference in Linux is that you have choice. If you want to change the UI and set it up so that it behave as you expect and how it is burned into your muscle memory you can.
Or could. You know, before Systemd.
Tesla potential safety problem with a seatbelt: voluntary recall.
Other major manufacturers proven problems with hackable cars, braking systems and more: deny for years until the deaths of hundreds or thousands trigger a lawsuit and regulatory investigation.
You know what? Fuck yeah, Tesla! Good show.
It absolutely is all your fault. By "you" I am indicating here the cohort of people who are ultraconservative bigots, but disregarding race, gender, religion ethnicity or country of origin.
Terrorism has no religion. But the most conservative individuals of all religions consistently seem to do the most damage to society. ISIS, Al Queda and so forth are the crazy-town class conservatives of their region. Their inhumanity towards others has caused the biggest migration of refugees since World War II.
Should you and others like you (Westboro Baptist Church would be an example of others I feel share roughly your capability for compassion and empathy) really be pushing for increased bigotry at home as well? Do we really need that sort of shit on our continent?
I will repeat this one more time: terrorism has no religion. An as you so ably prove, neither does the rampant bigotry that fuels it.
Now you're just being purposefully obtuse.
Hillary is referred to as the Democrats' Dick Cheney because they are both complete sociopaths, war mongers and believers in rule by fear. They also both really like the idea of a police state.
I am indeed aware of America's declining crime rates, which are, just by the by, related to a reduction in poverty and an increase in education, not availability of guns. Because you seem to be sorely lacking in education and worldliness, I'll direct your attention to actual first world nations. They've experienced even greater reductions in crime (especially violent crime) over the same period by reducing poverty even more than America and increasing their level of education even more.
And yes, you are a fool from a batshit crazy place.
Cheers, from a place with gun regulations that ensure that even with a higher per capita gun ownership than America we don't tote the things around, own the really crazy stuff and - above all - don't kill eachother with the damned things anywhere near as much as the cuckoos to the south of us.
Now, if you'll excuse me, I have to go safe the lab because it's Friday and I am doing a regular safety check on my firearms.
@Big John: you're an idiot. There is essentially unlimited evidence that guns in the hands of the proles doesn't prevent crime. In fact, in the few batshit crazy places that practice this crime is not only higher, it's more lethal. It's more lethal because not only does more violent crime occur, when it does the criminals do more damage.
Not only that but on the very rare occasion where civvies packing heat pull out their pieces to threaten the criminals with guns they almost always cause additional civilian casualties.
A gun in your pocket makes you feel powerful, nothing more. It doesn't make you able to stop crime. Training and some actual fucking courage do that.
You want a great example of how to stop crime? Look to those trained folks who stopped that attack on on a train in France a few months ago. They handled a touch situation unarmed. Because they had training and courage.
Guns don't give you courage. Not being a terrified pissant hiding behind a need for a feeling of metallic power gives you courage.
@Stephen Jones, Dr of fuck all:
You're full of shit. Google isn't selling advertisers my information. Merely access to put their ads in from of me. They don't sell my profile. They sell the ability to put an ad in front of profiles that match given criteria.
Perhaps you need to be better educated to understand the difference? It's a pretty goddamned big one.
"Easy test. Go watch about two dozen videos on YouTube that are out of your normal viewing habits, like "epic plane crashes" or somesuch. Then delete your viewing history. Then note that YouTube is making suggestions for you based upon what you just watched. How's it doing that if you supposedly deleted your viewing history?"
It's associated with your IP address. Google builds two simultaneous profiles: one attached to your user and one to your IP. This can be tested simply: log out of your user and see if the suggestions are the same. For me, they aren't. I start seeing stuff better tailored to my wife, or to the business account that I use for research.
I see quite a lot of duplicitous language, such as the oft-used myth that "computers do it, so it's all OK" - oh really? And who programs those computers?
Who cares? I've programmed lots of things that crunch data I don't actually see. In fact, I've programmed things that crunch sensitive data, extract just enough information to establish trends then jettison the original sensitive data.
Why should I assume there is a nerd manually examining my data? I don't even assume Microsoft does that. (Though I do assume they give all my data to the NSA, since they're so chummy.) What I do assume is that Microsoft has algorithms that hunt through everything looking for information that is of commercial competitive value. Microsoft conducts industrial espionage, of this I am 100% certain. I have been given no reason whatsoever to believe that Google does.
Also let's not forget it was Google who was fined $22.5M by the FTC in 2012 for explicitly developing and deploying a method by which it could track Safari users despite the tracking prevention being enabled
It was Google who got CAUGHT doing this. I am 100% positive that Microsoft have done the same thing, and more. They are every bit as keen on tracking everyone all the time as Google, Facebook or Apple.
"The other thing they are not upfront about is your ability to opt out of Google Analytics. You know what their advise is? You should INSTALL something to opt out - why not simply follow the Do Not Track flag that most browsers now have, or would that make it too easy for people to drag Google again into court if it did regardless?"
This is one of the few valid complaints that I agree with. From Google's point of view DNT is about *advertisers* tracking you, so they see Analytics as a separate thing. (And frankly, I'm more than happy to ally website operators to see some basic data about me, but don't want advertisers to track me. That's just me, however.) I don't think that it should require a cookie to be placed on your system. That said, we don't currently have another mechanism to differentiate between the two types of information. That isn't an excuse - Google could be leading the charge to create one - but I can at least sort of understand their point of view, even as I disagree with it. I emphatically don't think it's malicious.
That's the thing, I guess. Google's entire income is based on building a profile of you and selling advertisers the ability to put an ad in front of the right audience. They spend a lot of time trying to walk a tightrope between what is okay to do to build that profile and what is not. Google is also huge. I can believe that some groups go overboard while others would not approve of the same actions.
Microsoft, on the other hand, seems to make decidedly hostile choices which are all the more galling because tracking you is such a small fraction of their income. Microsoft violates your privacy and compromises your data sovereignty because they CAN. Not because they have to.
With Google, we know what we're getting. They're selling us nothing so we're the product. With Microsoft, we're paying spectacular amounts and they're STILL screwing us over, privacy-wise. It's not okay.
Google are not the good guys. I acknowledge this.
But Microsoft are worse. They lie repeatedly about how very much they are the good guys, then behave just as badly - frequently worse - than those they deride. Give me someone overtly evil over a well trained conman any day. At least I know where I stand with the openly evil fellow.
@AC RE: Google TOS
Re: "The main issue I have with Google is that NONE of their actions have inspired any trust."
But they haven't really done anything to break it either. They've been pretty up front about things. They've made some mistakes, but there has been no protracted campaign of lying or denial that I know about. (Except possibly the WiFi snooping thing.) They've been pretty up front that they slurp data and use it to advertise at you.
Microsoft pretty much seem to lie about everything by default, then backpeddle slowly until they reach a point where the screaming has died down to a dull roar. That's what politicians do when trying to pass bills people don't like. I don't want that from my software company.
I mean, okay, I don't really want Google-style building a psychological profile of me either, but the choices seem to be "a company that will spy on you and charge you a lot to do so", "a company that will spy on you and charge you nothing to do so" and "a company that will spy on you while denying they do so and then blame everything on you when it's proven that they are lying."
So I guess I'll go with the one that doesn't charge me to spy on me? Least shit option of a bunch of really not very appealing options.
Okay, Google are horrible at collecting data. That's a fair point. But...
1) They aren't collecting the data at the operating system level in a means that can't be turned off and firing it back to the mothership. (ASOP does collect data at the OS level, but does actually honour privacy commands, and in the latest versions doesn't come all creepified out of the box.)
2) They have clear, simple controls for your privacy all in one place (though admittedly online) and the ability to nuke out everything they ever stored on you.
Caveat A) That is associated with your Google account.
Caveat B) You do have to trust they are actually deleting it...though they haven't really done anything yet to make me think they don't. Eventually. I am curious as to the time before the core data (and not just the association with the identifier) is deleted.
Caveat C) Google's creepy snooping is pretty well understood so there ate lots of browser plug-ins to stop them.
3) Google probably aren't "selling your data" to advertisers. That's actually silly, from an economic point of view. They are probably selling advertisers access to individuals who meet certain criteria. This gives Google the control. The advertisers have to constantly go to Google in order to get their data in front of your eyeballs.
It doesn't make sense to think that advertisers get a great big spreadsheet that says "Trevor Pott, Age: Feck Off, Likes: Fishkeeping, Gardening, Global domination", etc. Simply handing that data over to the advertisers means they don't need Google any more.
Depending on the details of this, and on Google's restrictions and controls about making what amounts to my complete psychological profile available to governments, my competitors, enemies, exes, leprechauns and so forth, I am mostly fine with that. (I realize not everyone is.)
Advertisers want to put an ad in front of me and Google is going to (mostly anonymously, at least as far as anyone other than Google is concerned) try to make sure the best ad gets in front of me? Okay. Since I choose when and where I view ads (thanks, Adblocker, Ghostery, etc), I am okay with that. Mostly. There are niggles related to Android.
Where I get squiggly is things like "invading my e-mail because you think a source of mine might have snuck me insider information" (see: Microsoft) or handing my info over to the spooks. Those are things I don't like. Here, I am more comfortable with Google's handling of these issues than I am Microsoft's. Apple is somewhere in the middle. Apple seem to have good intentions, but shitty execution.
So...I don't know, is Google really the Big Bad All Seeing Evil? It really depends on two things:
1) Exactly who can see how much of the psychological profile of you that they construct. If it's basically just bots and scripts, we're cool until the singularity.
2) When they say they delete it, do they actually delete it?
I wish Google would provide answers. Or Microsoft. Or Apple. Or anyone. And answers we can trust. Maybe from a non-US subsidiary. Because national security letters could let HQ lie.
Guys, can you please just get a measuring tape and snapchat and get this over with?
I do understand the market. Microsoft owns the large enterprise market. Thus, as I said, it is enough to sustain Microsoft, but isn't going to provide them growth. Especially as tomorrow's large enterprises are today's SMBs. Alienating them doesn't build your future.
Shareholders demand growth. Where is it going to come from if not the hoi polloi so readily dismissed by Microsoft and it's devoted acolytes?
And here, ladies and gentlemen, is devotion. The willingness to honestly and earnestly believe that trust doesn't matter. The ability to convince one's self that anything which gets in the way of belief is simply irrelevant.
Witness it in it's glory. Simply believing that such a thing as an "acceptable privacy cost" exists is the first step. But to sidestep issues of trust around end user control over their own devices, applications and operating systems as irrelevant? That's devotion.
Maybe we aren't. Everyone has different things that matter to them. Microsoft is catching up in some areas (containers, for example) but is at par in most places and completely wrecking the competition in others (hybrid on premises/hosted/public self service virtualization a.k.a "hybrid cloud").
Let me be perfectly clear here: while Microsoft may be behind on individual features with individual products very few companies have the hybrid infrastructure, automation and orchestration capabilities of Microsoft. Fewer still make those capabilities as easy to use.
Openstack is possibly more comprehensive than Microsoft's stack, but is harder to use. (Which, given how horrible System Center is, is saying something.) ZeroStack is a startup that removes a lot of the installation and configuration headaches for Openstack and provides a decent user experience, but they do so through a SaaS management plane riddled with data soverignty concerns that they don't seem to care to acknowledge, let alone address. There are a handful of other Openstack offerings that might be useful one day, but aren't quite there yet.
Yottabyte has a hybrid cloud that isn't as feature rich as Microsoft's yet (they're missing the app store) but is otherwise fucking spectacular to use. Sadly, they're too small to be a real threat quite yet.
VMware has all the pieces of the puzzle, but they cost a mint, are crazy hard to install and even harder still to use in concert. (How the hell do you make something more miserable than System Center, I ask you?) VMware does the basic virtualization quite well. They even do basic hybrid cloud in an almost usable way. But they are completely worthless at automation and orchestration. Which is why they only have a handful of customers for those software layers.
Cisco has a complete-ish offering based on Openstack, but they are still putting the pieces together into something cohesive. They'll be a threat in a few months, if they don't flub it.
IBM's Softlayer can be pretty awesome, but nobody can afford it.
Beyond this I could start putting together stacks of software and they'd amount to what Microsoft has, but they'd be almost a dozen vendors. Almost all of which are startups that may or may not be there in two years.
So, for my money, Microsoft have some great technology that is better than most of what is on offer elsewhere. At least on the infrastructure side. Unfortunately, they're liars and scoundrels. Even more unfortunately, they're terrible at UIs and don't even know it. They measure themselves only against other large software vendors, all of whom are also terrible at UIs. But there are a whole bunch of startups out there who are great at UIs, and they have some compelling offerings on the table.
The next few years will be interesting, but for Microsoft I think it will mostly be with them serving as an example of how to get everything so close to right but not quite get the cigar.
I don't know, from an end user side, you're probably correct. From an administrative side, however...their vision of hybrid cloud computing is actually quite compelling. Many of the technologies they've developed are quite good and they have provided perhaps the most complete and relevant offering in the space.
The problem is that their execution is entirely one sided and utterly lacking in trust. To be blunt: they got all the hard stuff (the technology) right and all the easy stuff (privacy, data sovereignty) wrong. They say one thing out one side of their mouth but do something different in practice. They break the faith as a matter of course.
For me, at least, that's what's so damned frustrating. I can make a convincing argument for why Microsoft have the best vision for the future of tech, the best technology on the table today and the best roadmap to get from today to a pretty kickass future. Unfortunately, taking advantage of this neato stuff means trusting absolutely in a company that has proven they aren't worthy of it and have zero interest in being worthy of it in the future. That's a huge problem.
I could see myself being devoted to the Redmondian vision. It's a really cool vision. In fact, it's so cool that I find myself wanting to believe in it, despite everything Microsoft has done. When you really learn how all the bits go together it's amazingly compelling.
But there are big huge problems in execution and in trust that shouldn't have to be there. They are there because Microsoft made a choice, and that choice was to pretend that privacy and data sovereignty simply didn't matter. Even users having control over their own systems didn't matter. (Let along users being able to license their systems in perpetuity, which Microsoft has become very against of late!)
Microsoft have a narrow vision of the world based on echo chamber use cases. They view the world only through the lens of USian large enterprises who are immune to data sovereignty concerns, can easily obtain insurance or legal indemnity against privacy concerns and are completely immune to boom-and-bust economics.
On the one hand, USian large enterprises are a huge revenue source. On the other hand, the majority of businesses in the world are SMBs and the majority of those are located in (and subject to) boom and bust economies. Microsoft made it's choice. It chose a niche to cater to and that niche isn't "the majority".
That is enough to keep a large company going. It isn't enough to see growth for that company. To see growth, they need to start at least paying lip service to those niches they wrote off as irrelevant years ago.
The question is: will the denizens of those niches fall in line? Or will they say "hold, enough"?
The vision is compelling. Unfortunately, it might also be fatal for those who choose to believe in it.
For the same reasons that through the ages various religions have mouthed pieties whilst engaging in the unspeakable: they want not only money, but power and, through the exercise of that power, control.
Unlike governments, Microsoft has been unable to obtain power through fear. It thus needs to obtain power through devotion. So it will say whatever needs be said to obtain that devotion, but do not under any circumstances expect it to practice what it preaches.
Both fear and devotion have a rich history of causing people to forget the past. Since Microsoft has failed at using fear, why not try for devotion? It has worked for other tech companies.
Has little, I think, to do with wages. Private industry can pay more, but not that much more. There are always people willing to take a government job if the benefits are good even at a lower wage.
No, I think the bigger issues are around how hard it is to jump through the FBI's hoops to get hired. (It can take years of your life and is absolutely humiliating. It can even require you to renounce relationships with friends/family/lovers and drive them out of your life if they don't meet the given standards.) That, and quite a few folks who do this IT thing are also civil libertarians, so view the FBI as the bad guys. Both of those probably make recruitment hard.