Re: Can we break them up instead?
ATT has already donated at least $200,000 to HRC.
287 posts • joined 2 Mar 2011
ATT has already donated at least $200,000 to HRC.
HDDs are the most reliable capacity medium at the moment. And honestly there is no reason to run a multi-terabyte NAS on SSD for the average user.
That said, if you are using your NAS/SAN for both storing large files and doing a lot of random IO on small files, you should look at ZFS with an L2ARC. I use the FreeNAS distro for this, and the ssd acceleration really helps.
> with five 4TB drives (16TB net)
Sounds dangerous. Raid5 style systems shouldn't be implemented on larger disks due to the much larger chance of multi-disk read errors on full rebuilds. (and BeyondRaid is a type of raid5 unless you have the Pro unit)
If you're posting on The Reg you're probably part of the 1% that does fill hard drives. As for the other 99%, they, in general don't.
It gets even worse for the drive spinners as business moves to SANs that both compress and deduplicate. VDI uses less disk space than ever. While I agree there are more files than ever before saved by businesses, dedupe is slashing the amount of space they take up.
>when it comes to demonising and insulting others who most demand redress and apology when it offends them or they don't agree with what is being said.
Human are hypocrites, even you or me. unrestrained free speech has some downsides. You may have to sue someone in civil court. You may have to 'demand' a public apology. You may get in some very heated arguments.
But counter to that, here in the US the congress is trying to push some very dangerous anti-free speech laws where armed police officers can come arrest you for 'insulting others' or poorly defined 'hate speech'. Put me with the armchair fascists on this one, real fascists with the law and a gun are far more dangerous.
>I got the impression this new "anti-hate speech" stuff was designed to stop bollocks spreading
The media makes crap up about politicians all the time? Is that not bollocks spreading?
>you can caption an image with something you just made up
And the media along with the government and 'misreport' or just not report at all on things like large amount of crime being caused by refugees.
You should have the freedom to say what you want, and the freedom to be sued into the ground when it causes problems.
Because they are shooting for IOPS and not maximal space. Even fast hard drives may only get 500 IOPS. A single SSD can easily provide 50,000 IOPS.
But beyond your question, everything in enterprise storage is about reducing storage utilization. Most SANs offer deduplication and compression. Coupled with an SSD tier, many businesses realize they need less total storage with newer technologies yet still have very high performance.
>Their maths don't add up.
Their math adds up perfectly. Charge very little for SSDs and you go bankrupt.
Right now they want to add SSDs to their top end lines where they might make a hundred or so profit on the laptop. But if you put cheap SSDs in the low end slabs there is very little reason to buy a $600+ notebook any longer. There is not a significant performance difference for the average user.
I've taken countless Core 2 duo laptops and replaced the slow rust with SSDs and they become a perfectly usable box even though they are years old now. Unless significant performance increases come in the near future a laptop with a large SSD might be the last PC you buy in a decade. This kills the manufacture.
>Now, if they don't want to or can't compete on price for Linux instances, I understand.
From my understanding this is the point of the Windows 'Nano' edition they are working on for Windows 10 Server.
This may be more of a non-issue than many believe. Yes, a smart car will be trackable, just like a packet on the network. That is also how traffic will be optimizable, much more so than the constant traffic jams we have now. Why is this a non-issue then? If self driving smart cars become a thing, car ownership, in theory will drop dramatically and you'll just 'rent' the time it drives to work. Much like if someone tracks the taxi you ride to work, it means a whole lot less because it's likely to be a different one every day with many hundreds of different riders.
So it seems likely that this is one of the first places that will becomes 'disconnected' with the rest of the universe as the metric expansion of space occurs. Since it's not closely gravitationally bound to any other galaxies everything will disappear sooner and they will truly be alone.
>and certainly not part of the prosecution.
The particular problem here is the people who elicit Securus' services being installed are part of the government. There is competition in the market, so the provider that bends to the will of the agencies that are involved in provider selection are most likely to survive. The inmates are not the customer, they are a captive audience that has to pay whatever rate is dictated to them (the FTC recently decided that rate was far too high, Securus is still fighting that in court).
"Updates have been disabled by the administrator"
When I see that in Chrome the next tool running is MalwareBytes.
In theory your sensor logic would report errors when the input source was too hot or cold. For example if the NSA is blasting your receiver with a high energy beam you may want to return (ERROR: Big Crunch Final Countdown) or if no input is picked up at the receiver (ERROR: Heat Death Has Occurred).
Olius, yo should look at the work DJB does.
There are potential attacks against multiple random sources at the CPU level, of course they would only be practical if say the NSA has replaced the microcode of the CPU you are using.
>(How fast are SSDs these days? SATA based ones will struggle.)
10GbE is 1.25GB/s. We're talking about bits so you have to divide by 8.
From the specs of a Samsung 850 SATA SSD: Up to 520 MBps, or half a 10 gig line. And that is slow. The 950 models (M.2 interface) are 2,500MB/s, or twice as fast as 10GbE.
The latest gen SSD's have accelerated far beyond our pitiful bandwidth here.
2 Years of skipped patches, updates, and basic maintenance skipped at an accounting firm with just over 100 PCs is the worst I've seen. Most the Windows 7 computers had never had updates run, ever. Same with a bunch of the 2008 servers. The Exchange server had one patch level, maybe.
Everything worked, somehow, and of all things backups worked. I do feel sorry for the previous tech, the company had become so change averse that he was hamstrung by the fear something may go wrong that he had stopped doing any updates. Unfortunately this built up a huge maintenance debt and things started going wrong and he couldn't keep up, and they fired him because he didn't do his job.
They had another firm come in for a few weeks, and I assum told them they needed to change the way they did everything, and that, yes downtime had to occur. They got rid of them and I ended up on the project. Told them the same thing, this time it clicked and they figured out there was some kind of structure problem. Worked quite a few weekends since then getting everything caught up.
> or more with 2 Gbps of networking capacity.
What does that mean exactly? You can't sell a computer with 3 1Gbps network adapters in it?
In kind of a reverse attack from this I've recently ran into a different bug with HSTS and chrome with a logged in google profile.
I accidently redirected a site to the wrong IP. The second site has an HSTS header set for a different domain which expectedly errored out. Set the IP back to the correct site which does not have SSL listening at all, but now chrome tries to visit the site using https which breaks. The built in tool to delete HSTS doesn't show any entry and will not delete the site from the local HSTS database. Tried deleting all the chrome settings in the user profile but the issue keeps showing up (it doesn't show up for other logged in users on the computer), and I 'think', but am not sure that it comes back with the users settings that are stored on google.
So how much would an exploit like this bring on the darknet?
This makes no sense. It's not a logical argument if you have any clue what is going on at all.
Flash is not an operating system.
Flash is now a browser.
Flash is a plugin for a browser that requires an operating system.
So lets do the math here. Windows Exploits + Internet Explorer Exploits + Flash Exploits. This holds true for other operating systems as well. Linux Exploits + Firefox Exploits + Flash Exploits.
Many other large subs like gaming, pics, movies, and music are down, each of those has over 7 million subscribers. It is really something to watch. It will be interesting to find out what happened with Victoria to set this all off.
>HSTS is still vulnerable
No, not if your url is part of the HSTS list.
>As for broken links, don't many browsers automatically try the HTTPS version if the HTTP version draws an error?
Not that I'm aware of unless the server sends a HSTS flag, with that flag it retries the link as https and automatically uses https for all further urls to that domain.
>Figure a different way to make it safe and stop telling people to change when they clearly are unable to.
Sorry, that's not how security works. When something is insecure it is insecure no matter how poor or stupid people are. Yes, that is a dickish attitude, yet no the less true. Old versions of IE are broken far past SNI issues, they don't support the new TLS versions that fix many security issues, and they don't support PFS.
Even with SNI you get a base website that can give you a message. In this case the message should be download Chrome or Firefox or get a new operating system.
And break every old link in existence, not a good idea. It's better to use HSTS and certificate pinning. Any port 80's are automatically upgraded to 443 by the browser. Too bad Microsoft is only getting on board with HSTS on Windows 10.
If your equipment does not support SNI it does not need to be on the internet at all and almost certainly is at risk of being exploited by an unpatched vulnerability. XP is dead, so is IE. There is some reprieve as you can still run Chrome or Firefox on it, solving the SNI issue for now. I personally don't care if they don't know what a new browser is. At this point all their computer is, is a jump point for spam and viruses.
If your car is a dangerous old piece of crap the state doesn't have to register it for use on the road. While we don't have registration to get on the Internet (thank god), we can change people's behavior by making them upgrade to, at least somewhat more secure browsers if they want their social security or food stamps.
>but if you enter http://www.google.com/ you certainly want the http version of the site
Google doesn't offer regular http for a reason. If you offer https services there are a plethra of reasons not to offer http for any reasons other than redirection. Offering both is a terrible security risk and that is why we have HSTS.
Also a Suddenlink customer and was wondering the same thing. I worked for a cable company named TCA quite some number of years ago, and they were a pretty decent small time player. This was in the early days of cable, before DOCSIS 1 was finalized and had Terayon (or something close to that) modems. Not terribly long after I started working there we were bought by Cox, and wow, they, just like their name, are a bag of dicks. Full blown 'monetize' the customer scripts were given to us, about how we should treat the customer as a number of "RGU's" Revenue Generating Units, and how it was our job as techs to increase the number of RGUs each customer represented. We revolted in mass to the new scripts and told management that we were sticking with the old ones. They fixed peoples problems, and fast. The new shit they gave us was mostly marketing fluff and had very little training (which is very important for new employees) on actually fixing the problem that caused the customer to call in the first place.
They didn't fire us all, probably because they had some kind of contractual obligations that had to fulfill in the buyout, but I got out of there as quickly as possible. Not many years later Cox dumped their midwestern assets as they could not extract as much revenue as expected from their customers. The operation then turned in to Suddenlink which as been pretty decent.
I have to admit that I've let certs expire on some small easily missed sites before, but how the hell do you let a cert expire that has millions of people hitting it? You don't have to wait to the last day to put the new cert in. In general I'll replace the cert a full 30 days before it expires in case the cert provider decides it needs to take a while to review your account for one reason or another.
I've done a number installations with Supermicro gear with 2012R2 as a SAN solution with LSI storage solutions. As you say, you can easily save over $10,000 over what HP or Dell sells.
>Local governments have no desire to spend resources negotiating SSL/TLS with every single smartphone in their area when things explode, rivers flood, or people are poisoned
Yea, I'm not sure what the writers of that were thinking, but that's exactly when you want the verifiability of TLS. Otherwise a third party could make things worse by pushing out fake updates or bad information. Yes, TLS has it's own issues, but non-TLS has no verifiability at all.
Ask most people who or what the Internet is and you'll they'll give you some strange answer, even most tech people that don't directly work with it. How many people will say off the top of their head that IANA makes the Internet, the internet?
Chrome did have a lot of bugs. In fact I assume all browsers have a great number of bugs because they try to do everything and the kitchen sink. That said, both Chrome and FF update quickly when there are active exploits in the wild. With IE you'll have to wait till patch Tuesday, unless it is really bad. Adobe is rather hated for taking a long time to patch exploits, and even worse, their update program taking forever to actually update, with the default setting of check once a week.
No, He's probably a standard user, not an admin. On domain networks java update will not download correctly if you are a standard user and eleivate to a domain admin. You have to log in as a admin to get it to work in the first place.
>Why the mighty eff does a mobile OS need to be so big while doing so little?
Because Apple doesn't make small. Even on Windows iTunes is huge. It also benefits them if they ignore bloated application sized. Oh, 8GB iPhone isn't big enough, well spend another $100 more for 16GB total storage. iOS running slow? Buy an iPhone 7 with 42 bajillion cores.
If phones were kept for a long time, or very low profit items, they may focus on more optimized applications, but that is not the case. Phones get replaced fast and ease of programming for the developer is the focus. We're going to have to deal with the fat os for a long time.
What are you going on about Nate. That is not laptop form factor, and will not fit in many laptops. It is a 2.5 inch form factor drive, but its around 5mm thick. No different than the 2.5" enterprise spinning rust.
Most larger storage arrays have gone to 2.5" for higher density IOPs in spinning rust, SSDs keep the same format for convenience.
Or do you work for WDC who doesn't have a flash line up yet and is trying to FUD the technology?
You've not done your reading on this exploit yet. It went from 'not exploitable' to 'exploitable in a case or two' to 'we're finding new exploit avenues every day'.
I'd have thought you'd have learned after looking at 20+ years of netsec experience online that vulnerabilities never get better after being released, the only potential is to get worse.
It is with unfortunate regret that we inform you that Yugguy has passed away in an auto accident. Shortly after performing maintenance on his Honda Civic his car was seen speeding out of control before crashing in to a concrete pylon and bursting in to flame. Upon further investigation a Stuxnet variant was found on a thumb drive in his laptop computer. No other details are available at this time.
If I watch Netflix on my Wii on Google Fiber, it too will show slow speeds. Stream speed != Internet speed.
>I tried "firstname.lastname@example.org" and it appears that that entirely made up name had already been pawned at Adobe.
Oh, how original. I'm sure you if tried email@example.com or one of the other top 100 made up email addresses you'd find them in commonly hacked databases. Even on sites that require a validation email doesn't mean your address is ever deleted from the server if it's not validated.
It's been going on longer that they are even admitting. Some weeks ago I noticed messages sent to my yahoo account had gone from taking about a minute or two to show up to ever increasing amounts of times. Even worse, if you sent the same message a few times you would get one message almost instantly, one twenty minutes later, and the other just disappeared never to be seen again. Something is very wrong there.
I installed downloaded the boot iso and did a net install inside a virtualbox today. The install worked rather well. Many things like setting the root password could be done while the packages were installing allowing the installer to do 2 things at once. Systemd and firewalld are going to take some getting used to though. The updated httpd-2.4, mariadb(mysql)5.5, and updated php were much needed.
[root@localhost ~]# rpm -q python
[root@localhost ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Everything release 7.0 Beta (Maipo)
>How did a cluster of 4W devices beat a cluster of 95W Xeons?
The same way a GPU beats a cluster of CPUs. CPUs are not 'great' at massively parallel problems, conversely it is unlikely these processors will perform poorly on serial operations.
It's not unheard of in the Linux world either. Tiff isn't a jpg at all, much more complicated format used in the business and medical world pretty often.
>Its very difficult to build a good simulation
You mean impossible.
You can't build a decent simulation of the market when so much of the current behavior of the market is tantamount to abuse of the system. When a new strategy is successful it can rapidly become the dominate behavior in HFT systems in a very short period of time, risk be damned.
Getting rid of the device would be the best first step, but not everybody will be able to act upon that measure in a timely fashion. Disabling remote admin would at least stop a completely unsolicited probe from owning you. The unit could still be attacked via XSS very easily.
And the unexpected reply was
"I'm sorry, I can't do that Dave."
I've done a fair number of SANs this year where the VM storage and bulk file storage are stored on spinning disks, but all the databases have been moved to flash. Moving to flash for DBs has decreased the cost of the installs, fewer servers are needed to serve the same load.
My guess on why they are having a hard time tracking Snowden in the audits... All the system admins were doing similar profile sharing/switching just to get the system to work. It's really easy to track an anomaly traverse a system, but when when the anomalous behavior is standard procedure they may never be able to figure out exactly what happened.
>One place I was at wouldn't let you email the fully dotted quad of a non-routable ip address but were fine with you emailing a MAC address.
I bet you'd blow their mind if you told them you could convert a IP to decimal format.
Crafty people always have a way of getting around dumb policies.