Re: Cloud, schmo id
"Maybe, how expensive is the reputation all risk that associates failure?"
Depends on who you ask. According to Sony: completely negligible.
5842 posts • joined 31 May 2010
"Maybe, how expensive is the reputation all risk that associates failure?"
Depends on who you ask. According to Sony: completely negligible.
"And even if you did back up 50TB of changed uncompressible data a week, that's still possible over a 1 Gbit link."
Can you restore before you go out of business? And don't say "just turn it on using Azure". Non-Americans tend to have rules about where they store data - especially live, unencrypted data. There are a lot of folks who can't "just light things up on Azure". Which means getting the data back. Ho hum. Bankrupt from waiting yet?
Oh..."just pay more"? But...but...the cloud was supposed to be cheaper! Oh, that's only if you ignore all the "externalities" like connectivity - especially redundant connectivity - security, liability insurance, potential need to litigate in foreign jurisdictions, etc?
"So when say your premises catch fire, both your data and your backups get nuked?"
Then it's lovely that we have colocation facilities and regional cloud providers which provide cloud services and data storage by companies with a complete legal and jurisdictional chain of custody that means every aspect of the company I use for remote storage is 100% under the same legal jurisdiction as my own company.
Holy pants, Batman. It's like I can get all the benefit of cloud whatsit without Americans conducting economic espionage on all my clients' data and I can remove the legal uncertainty of having anything to do with a company that is at any point foreign being involved in my data sovereignty.
Bonus points: if I need all my data back, the colo can put some drives in a box and courier to me within the same business day. Sure beats trying to suck my entire existence down an ADSL straw!
Wait, why the hell would I ever choose anything else?
1) Microsoft's Ireland Datacenter: oh, wait, that's apparently American now.
2) Microsoft's Canadian...oh wait, they don't have one.
3) The NSA's Utah Datacenter: hey, where's my user panel to get my data out? If you're going to store it, I want access in case of emergency...
"Windows had fewer security holes last year than the Linux Kernel (let alone a distribution), and OS-X so it's likely not the worst choice..."
Windows is the most popular consumer OS created by a company which is beholden to a government obsessed with spying on consumers. There's no possible way it can be trusted. Now, there's an argument to be made that no OS can be trusted...but Windows is the Big Fat Target, and American corporations can never be trusted. Just ask Cisco about how the government has helped them "enhance shareholder value" through their foreign and domestic espionage programs...
"RMS BYOK capability allows you to match the security properties of an on-premise RMS deployment generating your own tenant key on your premises per your IT policies. Transfer your tenant key securely to the cloud-based Thales nShield HSM hosted by Microsoft. "
Wait. WHAT? So your solution to security issues in Microsoft's cloud is to use an encryption service that lives on Microsoft's cloud?!?
A service where my encryption key will have to go over the internet. A service where the thing that encrypts and decrypts data is not something that I have a 100% chain of custody on. A service where there is more than ample opportunity for the bad guys (and yes, the US government are the frucking bad guys, just as much as any hacker) to get hold of the keys and unlock my data?
"As a corporate, you can take steps to make that very difficult on Microsoft's cloud if you want to . You can use Azure RMS and 'bring your own keys', and set them so that they can't be accessed from the USA:"
And this costs what? What's the entry price? Is it available to the mass market? Has the code been inspected so we're sure it's free of backdoors? Is it randomly audited? By whom? Who pays for the audits? Who checks the credentials of the auditors? Where is the chain of trust in the bullshit you're peddling, and how universal in applicability is it to market?
I see sales and handwaving. And your links don't answer the hard questions.
"You keep the latest copies locally too on your Microsoft StorSimple device. You only need a full download if you loose the whole site. At which point you would be failing over to your DR site anyway."
Which costs what? There are way - way - more SMBs out there than enterprises. And how do we know we can trust Microsoft with our encryption keys? Or what's on that Storsimple device? Has it been audited? How do we know there aren't backdoors? Or backdoors in the cloud?
How can we ever trust an American cloud provider? And for that matter, why should most companies consider this as a solution, given the entry level price?, Especially if you want proper security? (Assuming such a thing is allowed to even exist.)
Lots of talk and marketing and sales going on here, AC. Not a hell of a lot of hard, tangible proof that this is applicable, trustworthy and safe to the mass market. Especially the non-American mass market.
"Of course, back in the day we had service bureaus offering utility computing, and they did a nice tidy bit of business before mostly being run off by people who thought every firm could do a good job of managing its own IT. Just like every firm does a great job of generating its own power, running its own transportation infrastructure, providing its own physical security, running its own custodial service..."
I have better uptime than amazon. And I build my shit out of the IT equivalent of used coconuts and duct tape. I have better security than megaliths like Sony, or Anthem, or...
...wait, why, exactly is it a great idea for me to hand my data - and with it, my business, livelihood and the ability to pay myself and my staff - over to an outsourcer?
And even if I did think cloud computing was a great plan - and I do, for certain workloads - why the metric donkey fuck would I have all my bits of digital precious over to Americans, of all people?
I mean, yes, the Brits and the Aussies have far more deplorable privacy policies - and hey, Canada is a member of five eyes and all that - but if I'm going to get my data stolen, why not get it stolen by my own government? At least then it's up to my own courts in my own nation to sort out liability, not some byzantine backroom international horror.
American cloud providers can't be trusted. Ever. Maybe no cloud providers can. But if that's the so, then the case for keeping your data managed by a supply chain of companies that are answerable only to your own legal jurisdiction is made all the stronger by that reality, not weaker.
"With Microsoft's cloud backups you control the encryption keys on site - and it uses AES256 encryption:"
No I can't. I'm an SMB. I don't have $virgins to give Microsoft for special consideration. Even if I did, there's no guarantee that Microsoft or the NSA haven't backdoored some aspect of the solution. Microsoft is an American cloud provider. As such, they flat out cannot be trusted.
"Bureaucrats unsurprisingly see more legislation as the solution to every problem. It usually isn't."
Free market capitalism is almost never the solution to anything either. Regulated markets are. Free market capitalism is a dangerous religion, nothing more. It should be treated like any other cult.
The solution to which, of course, is to drop taxes on the rich, abandon the poor and have everything run by private corporations! Oh, and don't forget to drop taxes on the rich. It's really important. And zero taxes for corporations!
That's the only way to solve debt problems. An upside-down piece of candy corn in a wig made of used medical gauze told me so.
Badly thought out neutrality regulation is neutrality regulation that favours companies at the expense of the population. Amending legislation a year or two down the road with something that allows QoS for emergency services would be a simple sell and easily done.
Regaining civil liberties (like equality, privacy and so forth), once lost, is nearly impossible.
I have a nice British lady's voice say "this call is being recorded" for every phone call I'm part of. Then it actually records the call. Very. Angry. Scammers.
If you're in Australia all you get is one viewpoint but two parties espousing it!
Better "everyone must have prizes" than "god did it because foreigners will kill you and take your jobs".
"Real men drink tea"
Hipsters aren't men.
Coffee. Black. Strong enough to kill a horse!
Thanks for that, Adrian. I was starting to wonder about the lack of Caringo, given that my experiences with it showed it to be a fairly simple and reasonably capable product.
...which may be the nicest thing I've ever said about any object storage product, ever. :/
Hunh. Wonder why i associated it with Israel. Must have gotten them all mixed up with another company.
Um, wasn't the spyware in question Israeli?
Lots of people fall off buildings on purpose and are just fine. It's that part where you do it accidentally that's bad. If you are base jumping and know what you're doing, it usually works out just fine.
Laserjet III? The II was way better. Still have a few IIs in service!
If the fellow in question honestly believes the tripe he's peddling, do you really think his vocabulary or vocal comprehension are in an upper percentile?
Proof, ot GTFO, you fearmongering fuckpopsicle.
"Piece of software that should be buried alongside Atari 2600 ET carts!"
Ars Technica dug those up.
Bullshit. Drivers can only be disseminated through windows update if they've gone through the amazingly long validation process. This typically means drivers that are ages behind...and Microsoft won't qualify all driver types to begin with.
Next, Lenovo can't submit drivers to Microsoft for validation: the manufacturers must do this. Do you think Ricoh have the money and resources to validate every driver release for their smart card reader? Do you honestly expect nVidia, AMD and Intel to slow their GPU driver releases to Microsoft speeds?
And how, exactly, do you download all those Windows updates without network or wifi drivers? Or are you saying that we should all be limited to network devices that ship with Windows? No upgraded units until the next version? And how, exactly, does the "next version" theory work with the new Windows release scheme?
And yes, the "extra keys" need software. The function keys and non-keyboard keys don't all work with Windows 8 or Windows 10.
Sorry, mate, but you haven't a clue what you're on about.
If I'm being fair to Lenovo here, most of the Lenovo applications that are actually written by Lenovo are useful and even nessesary. Plus, they do have to load up third party drivers, etc. So what your Lenovo will probably look like is:
Intel/AMD/nVidia/etc software that comes with their drivers
Lenovo support tools to help Lenovo keep your drivers up to date, and allow them to remote your PC if you give them the code
Lenovo tool to make special keypresses (such as turn on/off keyboard backlight, tweak monitor brightness, etc) not only work, but show an icon on the screen when you push the button.
I will be following this up over time and seeing just what they mean by all of this.
How is it a "threat to the free market" or otherwise interfering with the free market if what is occurring is the removal of regulations that restricted how many different entities could compete? I simply don't understand.
Why does China "snooping" on my network affect me? I don't do business in China. I don't plan to go to China. For the most part, I just don't care about China or it's antics at all.
But US/UK/Oz snooping does affect me. I go to these places. If they detect me believing the wrong thing, or supporting the wrong political party, or thinking things that are "antisocial" or "radical" this can affect my ability to travel and to do business.
I'm not fond of any country snooping on civilians, but if we have to choose who sees our dirty laundry, I'm going to pick the governments that won't be in a position to taser me to death. But hey, to each their own...
Don't forget "it is believable that the company is trustworthy enough to stick to the given plan". Most companies just lie outright now*, so trust is hard to come by. If you need modern features, go with a startup that can supply them, and looks like there's a reasonable chance they'll still be around at the end of the refresh cycle. Don't sit around and wait for dinosaurs to notice the local space rock population, late alone care about it.
*There are no consequences for them to do this, so why not?
Yeah, I gotta say you're full of shit. Lenovo basically has the lowest prices amongst the various tin shifters for everything. When you really get to comparing like for like, Lenovo have dropped the margins to damned near nothing...and they paid for it.
From the lengthy briefing I got on the matter, that's not my impression at all. It looks like there was a great deal of R&D to go into this and that it is basically a new product.
Which is usually when you combine MPIO with other protocols. Like link aggregation. MPIO + LACP can mean "more speed", even with multiple switches...but that's LACP/LA that is providing the speed, not MPIO per se.
That's a fair enough statement...but why would you configure MPIO without multiple switches? The ability to support multiple paths through mutiple switches is pretty much the selling feature of MPIO...
That VMware marketing...I see you like it more than marketing from others. Carry on.
"If raising awareness is helpful, demonstrating that there is real reason for hope is even more important."
He's not particularly Anonymous. If he is who I think he is - and there's only one candidate given both the style of the prose and the details discussed - he's also 100x the everything I'll ever be. That particular AC is faster, stronger, smarter, better, in way better shape, with way better contacts, less ADD, a keener mind and an ability to learn things quicker than I'll ever have. Oh, and he's got dashing good looks to boot.
Oh, he had a rough spot there for a while. He had some dark times...but 12 years ago we started from the same point. He was always the better at everything, and he always manged to leverage his contacts to achieve his goals more completely.
It's easy to maintain confidence when you're a genius Superman with an innate knack for code, automation and politics alike.
I agree the mandarins run everything. If I've created a life for myself in writing, he's build one for himself in running the mandarins that run everything. And frankly, that's good and fine. I'd be glad to be counted amongst such fine professionals as would be like him, though I've no right to play remotely in the same ballpark, it would be an honour.
But who rules the roost? And what will they make of me? Are they the "elite" like our fellow Christian Berger? Filled with disdain for the diseconomied and believers in One True Path, whatever that path may be? Or are they believers in a careful and methodical consideration based on requirements and available resources?
I am a product as much of my writing now as my systems administration. I swim in a world of marketing and sales, of angry commenttards and vicious emails. If I don't buy into Docker, the public cloud, the NSA watching us all the time, Cisco, EMC, VMware, Microsoft, open source everything and $deity knows what else I'm a failure's failure and the hoards upon hoards will see to it that I am vanquished.
But somewhere, some part of me never changed. I grew, I evolved, my skills changed...but the me at the center didn't. I care about what's right. About helping others. About the truth. About the needs of the many, even when they have no resources and are just trying to compete in a hostile world filled with monsters that want to drive them out of business, depress their wages or replace them with robots.
I don't do "belief". This makes me a good choice for writing for The Register, because shit disturbing, asking pointed question and so forth is the actual job. But it's a really difficult thing when you are a systems administrator. Sysadmins who ask too many questions are kicked out. Sysadmins are supposed to be subservient; they are not to rock the boat.
Yet I look at the Sony debacle. What if they had had what I consider to be a real sysadmin? Someone who takes the ethics of truth and the needs of the many to heart, and never stops questioning, never stops pushing? Would Sony have been hacked if they had a hardass in charge who constantly pushed for improvement? For security? For "the right thing" over "the convenient thing"?
This is where our Superman AC and I diverged in chronology. I pushed and pushed and pushed and fought and clawed and bit and screamed for 8 years. I built wonders out of nothing. Spun gold from cobwebs and worked myself right up to my grave. He kept going.
After 8 years of expending my heart upon the battlefield I couldn't do it. I said "yes sir" and "thank you sir" and "as you wish sir" and just did what I was told. Occasionally, I mustered enough energy to fight back...but those periods became more and more infrequent, and they carried less passion each time.
Our Superman AC, however...he beat the system. He scored victory after victory, win after win. He managed to drive agreements and compromises and evolve networks beyond the need for him. It has caused me doubt for some time now.
Did I have the harder battle to fight, or is he just that much better at playing the game? I wonder frequently. And if I went back to dip my oar into systems administration again full time...could I do it with the passion I once had? With the steadfast zeal for maintaining my ethics?
How much of our successes was about believing in the cause of those we worked for? How much about ability, and courage and drive?
I'm good at fixing computers, damn it. Good enough to take on our Superman AC and win almost half the time, and he's the best I've ever seen...and I've met the tops of the tops from startups, the fortune 500 and a government. Despite a few grousing naysayers who want to troll me in the comments, I know my skillset. Like our Superman AC, if you handed me a ship like Sony I have the technical ability to not only right it, but to rebuild it better than it was before.
But would I be able to play the politics game? Would I be able to bob and weave and compromise and blackmail to get what needs to be done, done? Could i put in the hours, and the worry, the sweat and the tears? Or is that spent; and I am nothing more than some technical skills and the ability to make pretty words come together in a sometimes useful marriage?
To me, an Engineer isn't just someone who builds a bridge, it's someone who makes damned sure that the process of building that bridge will be as safe as possible and that the final result will stand the test of time and not cost lives. To me, a Doctor is someone someone who not just practices medicine, but puts the well being of others above all else. And a professional sysadmin should, in theory, have the same dedication to doing things as right as they know how...no matter how many or few resources they have left.
I guess that's what it really boils down to. A tired old soldier staring at his sword, wondering if he's got enough left for one last campaign. And hell, I'm only 32. This industry really can suck.
Anyways, that's enough rambling for now...
You should! There is a rather stunning collection of large pointy rocks to the west of us that I feel are typically worth exploring.
'tis not my thread, sir. I'm just a commenttard here, no different from any of you. Cheers, and beers should we ever cross paths, eh?
"what makes you think that doing so will change who you are and the way you act?"
Confident, cocky, lazy, dead. I am self aware enough to know that I am as susceptible to this as anyone else. More, perhaps, thanks to the severe ADD. Thus why I think and wonder and worry. Non productive perhaps...but finding an immediate resolution to the problem was not really the point.
This is what is going on in my life. It's hard. It's insecure. It'd filled with questions and worries and pondering. And maybe by talking about it someone else will feel a little less alone. That's why I wrote it.
Thanks for making my entire point in one comment...and for demonstrating why I have qualms about associating myself some people.
Maybe one day you'll serve your time in places of little-to-no budget and try to meet expectations of enterprise-class IT with budgets 1/15th the size. For 15 years I've actually managed to do so. And, quite frankly, I have better uptime than Amazon.
How would you do in the same circumstances? Would it be right to judge you as "not very good at IT" because you didn't manage to create budget from nothing? And how do your biases and your experiences slot in over it all?
But ah, that old chestnut rears its ugly head again: the propensity to extrapolate from one's own experience and narrow area of expertise and assume that it applies to everyone. Having served companies of all sizes, I know better...but my personal experience is that the overwhelming majority of IT practitioners don't.
So what is the gauge of a professional? That they simply refuse to work anywhere without a big enough budget? They they tell companies that can't reasonably afford Cisco + EMC + Oracle + Microsoft that they should go out of business because buying anything else is crap?
You're quite willing to wield the sword of judgement regarding competence in our industry, so please, do tell. And no mealy-mouthed weasel words about "a certain know how". Set some standards by which others (and yourself) should be judged. And then explain how you deal with the millions of businesses that will fall outside those standards?
Because that, right there, is the core of it all. For me. For our industry. For our society as we become ever more reliant on technology.
If I am "naive enough to follow a sales droid" - and I would like to introduce you to many a broken sales droid that I have wrecked with my aggressive questioning, as well as several CEOs, CTOs, project mangers, etc - then what the metric flouncing hell is an appropriate level of skepticism? I've earned a reputation amongst PRs for being someone that you absolutely must have the most technical people available on the call, and that is "naive enough to follow a sales droid"?
So I am not sure entirely what world you're aiming to create here. We're all supposed to be skeptical of sales droids to the point that you go beyond making CxOs of some of the world's most powerful companies crack and go off script. Yet at the same time, we are supposed to buy the "right" things, even if we can't afford them. Otherwise, we're bad at IT.
Of course, it could be that I'm misinterpreting your comment. I cannot deny the possibility. That said, I will retain my reservations and skepticism about your ability to objectively assess competence. Or, for that matter, just about anyone else's who doesn't work in the particular slice of a feild that the person they're judging works in.
"Also, find a non-IT hobby to focus on occasionally"
I grow lemon trees from seed. Currently, I have 8 of them growing by my desk. Lee. Mon. Tree. LEMON TREE! I like them. They give me a happy.
Better than Calgary and their sportsball teams!
I haven't fully updated this: http://www.trevorpott.com/thelab/
Add in a Tintri T-850 that I am currently testing. It's on loan for a year. So that's my home network. Minus a few minor things like the WNDR3700 v2 (/w OpenWRT), dlink switches and some other odds and ends. There are some things I can ping that I can't physically locate so I can't quite tell you what they are...
To be clear, I loathe calculus. I don't give a bent damn what the integral of Cos(Sin(yomamma)) is, nor am I likely to. I grok what a derivative is. I grok what an integral is. I grok trig enough that a brief conversation with Google will bring it all back...but I don't want to memorize all this crap by rote.
I'm not fond of programming, but I do it when required. I've written entire middleware packages. (Originally in VB.net/ASP and then in PHP.) I don't mind PHP so much, but I loathe Java. I can cope with C family languages, but far prefer Python, Perl, etc. That said, I'd rather pay a dedicated coder than sit there and write a bunch of this crap.
Especially when we get talking about the kind of time it takes me to write assembler and bitbask ports in order to speak to sensors, displays, etc. Boring as a boring thing with a side order of "why the hell am I doing this?"
In over 15 years of "making computers go", I've never had to use calculus. Not once. I've written industrial sensor nets for strain gauges, built cellular/wifi backhaul dirigibles, 5000+ node render farms, and spend a lifetime rebuilding desktop hardware into servers that last 10+ years. Not once was the rote memorization of calculus useful. Not once.
Algebra? Hell yes. I use it a hundred times a day. More, even. What's more, it exactly the kind of maths that my brain loves. But fuck calculus. 1100100112.
Yes, but the baron had newphews, and this one reminds me of Feyd-Rautha Harkonnen.
I think he looks like a Harkonnen, personally.