51 posts • joined Saturday 21st January 2012 19:18 GMT
Criminally Insane Indeed
"You can even turn on data compression right at the top of the stack on a Windows server, but of course that is only for the criminally insane."
This absolutely made my day, but you sir owe me a new keyboard. Tip of the hat to anyone else who's survived this nightmare and lived to tell about it.
Re: Where exactly is he too young to drink?
In most states he is free to drink it provided his parents are present and they consent. In some states this even applies to booze purchased and consumed in public (say, at a restaurant). Let's hope for the kid that Colorado is one of them.
Well yes, but you'll need to wait a while on that.
IPv6 does indeed solve the NAT issue from a routing perspective. That said, one to one "NAT like" address mapping (in your stateful firewall) is sooooo tedious to do manually. Even a decent sized home network with 10 or 15 devices can be troublesome if you want to grant different rules to different users. Granted, many will probably find in the end that "IPv6 NATing" actually works better than creating blanket rules for a particular subnet or whatever, given the obvious granularity that becomes possible. Unfortunately, it'll be a while before decent automation for this task reaches the unwashed masses (you, me, SMBs, schools, etc.), and large enterprises aren't likely to lead the way either as size=inertia in my experience.
Re: Truth or consequences
"...it's a popular misconception that an employer can't make honest references."
Well maybe in the UK, stateside it depends on what state (or even sometimes the county or city jurisdiction) you're in. Quite a few have made it illegal to say anything at all other than simply to confirm hire and end dates. Not only can you not say anything negative, you're obligated not to say anything nice either (though I would doubt you would face much risk of legal action if you had nothing but good things to say). As such, getting those calls about a former employee can be a somewhat harrowing experience as it's difficult to know exactly what rules apply to any given situation (and they can and do change without great fanfare).
Re: Won't use this service
In defense of AWS:
While that's totally understandable for those living outside the US, those of us state-side are essentially stuck with the NSA looking over our shoulder regardless of where we choose to park our data. Since my packets originate here the destination isn't terribly relevant unfortunately. If monitoring is an unavoidable reality, AWS is a wonderful service. I quite like the idea that I can spin up testing VMs, destroy them at the end of the work day, then resurrect them from S3 the following day thereby saving quite a bit over dedicated or cloud hosting from another provider. As a test platform it's really hard to beat.
Re: Mint for Windows Users
I suppose Mint might be more useful to a Windows XP (or Gnome 2) refugee, but I've not had good luck getting people exposed to Windows 7 or OSX onto Mint. Since most people with these old machines will have used at least one of those at work/school I'd lean more toward Unity as the more user friendly interface. That's probably hard to fathom if you were used to Gnome 2 and experienced the abomination that was early Unity. As of 13.4 though its really becoming quite mature and is is a joy to use once you get over the learning curve. I, like you, initially resented being forced through that learning curve and went over to Mint, but Canonical had some tough decisions to make with Gnome 3 looming ahead and in the end I came back and now believe they made the right call. (I also missed getting security advisories, come on Mint...)
With normal people (non-technical) Mint has been a non-starter every time I've tried to get anyone to use it. For example, I set up a small company with System 76 desktops (which replaced XP Dells) a few months ago and didn't have to do any training whatsoever. Everyone from the baby-boomer management to the high school student warehouse folks just took right to it. Several of them have even contacted me to find out how to install Ubuntu at home. Mint is a very nice desktop OS, don't get me wrong, but I wouldn't recommend it to Windows users. The 3 times I tried to get that done they were over to Windows 7 in a week, but 12.10 onward no one has yet rejected Ubuntu. Seeing this happen is what convinced me to give it a try myself.
Re: So why don't men run into as many assholes as women?
Mathematically, wouldn't men run into the exact same number of assholes in any given day? Perhaps said assholes express themselves differently toward women (misogyny, objectification, etc), but I'll go out on a limb and posit that such individuals probably almost universally express their assholishness in a whole variety of ways. If someone's a jerk their gonna be a jerk no matter who they run into. Whether the conduct of male jerks toward females is more reprehensible (or perhaps simply perceived as offensive by the target) than some other gender configuration however could obviously be a subject of debate.
To suggest that assholes are only a problem for women however, is to needlessly isolate ones self from the billions of men who share your distaste for assholeish behavior. I think this is the logic you're missing here. Welcome to the real world where we all have to deal with assholes. Give enough people access to a public forum and some perception of anonymity and you'll have to deal with assholes.
Re: What goes around, comes around...
"But we do have something that the East Germans didn't have: a working ballot box."
While I have to agree with the sentiment of your post I think you'll find that the NSA and their various programs enjoy widespread support with both establishment Republicans and Democrats. This would seem to indicate the presence of a false choice at least on this particular topic. Furthermore, the majority of voters in the US openly support some form of domestic snooping. It would therefore seem to me that the court of public opinion would be the logical place to start if you were interested in bringing about change. Fear of voters in their district doing as you have directed is far more powerful (and attainable) in a country where the donkey or the elephant form such a major component of individual identity.
RE: Colin Camper
Visio replacement? Fear not Linux user. You want yEd. Works great on Linux/Windows/OSX and has much better options to add custom icons than Visio. The learning curve is not trivial, but once you get up and running you'll find it much more powerful and efficient. Also it's 100% free.
Re: No emergency aircon?
I wouldn't be so sure that an HVAC system suitable for such a data-center would be cheaper than simply replacing a few hundred/thousand/whatever servers every now and then when this sort of thing happens. If a (probably very cheap) rubber gasket can reduce hardware failures by a decent percentage and they install a warning system so they can move the compute load off-site (and temporarily shut down the facility), then such an HVAC system wouldn't sense.
Re: Bill the Sys Admin
Have an upvote on me. RHEL/CentOS with any GUI is bordering on silly. Having a new and largely untested desktop environment is just outright craziness. I would venture that MATE would stand a decent chance of fizzling out before Red Hat got through with the necessary evaluations. That said, in 3-5 years who knows. RHEL turns slowly but it does move.
Re: @AC 21:47
The point about dual NVRAM mount points still stands and mLAG != LACP. The switches themselves obviously know what's going on, but they're not going to appear as a single logical switch to attached devices which breaks LACP. Therefore, with mLAG your switches are making decisions independent of the LACP settings on attached servers. STP would probably still bail you out if you did something dumb enough (oops wrong port), but having no automatic verification sounds frightening. I really don't think Cisco/HP have anything worth looking at that's less than $100/port, which is the real point I was trying to make.
Saying the 6500 series is for SME is kind of a stretch in this economy (though VSS is easily as good or better than anything I've seen from Netgear/Dlink/ect.). I mean those are like $4,000 for the damn chassis. You still need to buy modules, fans, and power supplies on top of that. Got multiple buildings? Then you'll need a chassis in each one. Good luck getting that approved.
You're right to point out Cisco Nexus gear as vastly superior, but it's just completely out of the question financially so it'd better be. If your SME can afford those then you're going to hire a koolade drinking CCNP or better anyway so Netgear/Dlink/HP/Dell/etc are out. I'd argue that Juniper would be the lower price gear to compare to those, but most enterprise guys I know act like Juniper doesn't even exist. I'm admittedly in over my head on "real" Enterprise gear, so perhaps there's a good reason (other than that they've spent their entire careers working in the Cisco ecosystem) that they seem to dismiss Juniper.
Re: @AC 21:47
Don't get me wrong, I love me some CLI, but Netgear (and I presume many other) "Smart" or "Managed" SME switches have the ability to simply back up their running configs over HTTPS. In fact, I have some 52 port 10/1Gbps Netgear switches that actually have 2 NVRAM pools. You put your default stack configuration in NVRAM1, and then back it up to NVRAM2 after confirming everything works (make sure to download that old backup into cold storage, maybe a USB drive, first). If you screw something up, just change the running config over to NVRAM2 and you're fine. The configuration propagates to all switches in the stack in less than 90 seconds. I doubt you could even ssh/telnet/walk over to and plug in a console cable/etc to that many switches and log in (let alone paste and activate your configs) given the same time period.
If you screw up royally, or a rampaging escaped gorilla destroys one or more switches, you can just upload a cold storage backup via the web interface. Again, those settings propagate to all stacked switches in less than 90 seconds. If you feel like it (just hate the GUI) you can even open the backup file in your favorite text editor and make any changes you like there. You still have to know what you're doing, but I don't miss Cisco's IOS at all. You can't "copy run start1" and "start2", let alone set up link aggregation groups involving ports on multiple switches using their hugely more expensive hardware. When a $1,300 Netgear outclasses a $4,000 Cisco you have to wonder.
Wait, Portland is more than...
As a Portland resident who does not regularly don Ray Bans or sip Pabst my first reaction to your characterization of our
fair perpetually overcast city was indignation. Before I could even finish reading the summary of the podcast however, the chickens in my tiny urban back yard were startled by a gaggle of twenty somethings riding expensive bicycles despite the rain. You win this round el reg...
Re: good news about Microsoft?
"The only thing I'll really miss if MS where to fail would be AD, but it wouldn't be that great of a loss."
You should really check out Samba 4. All the familiar AD features, and you can even use the Microsoft AD management apps you already know and love. For single domain setups (basically 90% of SMEs) it's already stable enough for prime time as a Primary Domain Controller (IMHO), and most of the issues with multi-domain configurations and replication are nearly sorted. No need to live without AD after all.
Re: Lesson learned.
I couldn't agree more with the router firmware bit, but wouldn't a simple MD5 checksum sort out any issues with improperly transmitted packets? I mean hell even Android phones use these for ROM updates. One has to hope the IIS is packing tech at least on par with a $99 mobile. Probably more likely down to incomplete testing (due to say budget cuts, outsourcing, etc.) or a few too many flipped bits (cosmic rays and all that). Just my $0.02...
Re: 7% overprovisioning and a data protection nightmare
Intel's SSD tools application actually "secure wipe"s the entire SSD (including over-provisioning space). The program is a cinch to use too. The only other SSD maker that offers better software would be Samsung (their "Magician" software even optimizes your OS for you and gives you manual control of over-provisioning), and I've personally had better luck with Samsung drives as far as longevity is concerned. Granted, a few dozen drives is not much of a sample set...
Re: Personal Cloud
Storing backups at home? Doesn't sound like good access control (in the classic paper accounting sense). What happens when the employee doing this gets canned or the company owner keeping backups is suspected of fraud? A safe deposit box at your local bank branch is a much better place for those external drives, and they're often either free or cheap-as-chips with a business account. That way you have a record of who has accessed the drives that is kept by a disinterested third party. It also comes with the advantage of being able to send a minion to get the drive (then directing the whole thing remotely) if you happen to be out of town when things go titsup. In the SMB space there is usually a good chance that IT is a one man/woman show.
This seems ominously like evidence that there will be no Ivy-E for the LGA 2011 socket. Come on Intel, I NEED that 8 core (22nm) part! Ok, not really need per-say, but many enthusiasts bought into the 2011 socket anticipating such a part. A minor clock speed bump is not going to cut it. If Haswell comes out with no Ivy-E counterpart then 90% of X79 owners are going to feel like they've been shafted by Intel. I also see that "official" PCIe 3.0 support is still lacking (though it already works fine "unofficially" if your mobo vendor has been kind enough to enable the feature). I guess this is the price we pay for AMDs total lack of a competing product in this space. I can only pray that they get it together...
This is Cisco we are talking about. A lot of their products "support" open standards. In practice however, one always finds the implementation to be hobbled beyond any usefulness and prone to any number of inexplicable errors and hangups. To go back to your Microsoft analogy: Cisco supports open standards like Microsoft once supported Java. Thus, I look forward to watching Cisco's long march toward irrelevance continue.
This is the most technically inept article I've seen in years (maybe a decade). Anywhere. Nothing personal, but Iain Thomson clearly needs to either find a new gig or apologize for slapping his/her name on an article his/her grandmother threw together after reading an Intel press release. I'm fairly certain you could find Amish who could do a better job. At least that would be forgivable. For shame El Reg, for shame.
Re: Best of both worlds...
An HTPC / home NAS really makes life easier when you've got your whole family's collection of mobes, tablets, laptops, consoles, etc all wanting to get at the same data. The advantages of a full fat OS over a "smart" TV are fairly obvious. My wife and daughter may never use the mouse/game controller/keyboard on the coffee table, but having that option is great. I also like the advantage of having one interface that controls/records antenna, ripped movies, streaming content, console emulation, and BlueRay. And, if I decide I'm sick of that interface I can easily swap it out for another one or customize the one in use.
Re: can't resist
Thanks to Verizon's knuckle-dragging update certification process my Galaxy Nexus only got the official OTA update to 4.1 yesterday! If I were an S3 owner on their network I'd be more than a little concerned. Still, it's nice to have the same OS on my Nexus 7 and mobile.
I'm not so sure I would go so far as to say Vista/7's security is equivalent to what UNIX and Linux had. Perhaps you could more accurately say it was similar to, an approximation of, an attempt at, or even a feeble shadow of those features. Still, I'm not discounting that it was big-time progress on Microsoft's part.
RE: Old Handle
I would up-vote this a thousand times if I could. In fact, I would go so far as to say that the ONLY defense against being forced to hand over such records is not to have them. In the US there are no standing laws that would force Twitter to retain any record of these sorts of online interactions so perhaps this will serve as a wake up call. Such a stance on privacy could be a major selling point for their service in fact. The only use I can see for storing historical tweets would be for data-mining purposes, so perhaps such a move would be difficult for Twitter financially though.
Re: Oh for goodness sake Lewis.....
Quite right. For this mission to have any lasting cultural impact all attempts should be made to include those who are not impressed by the mere thought of a robot tooling around on the surface of Mars. The first broadcast of recorded music from another planet is an outstanding achievement that should not be so easily dismissed by puritanical "science enthusiasts". This combination of boffinry and creativity appeals to a wider audience, and gives the mission meaning to many who would otherwise perhaps not have even heard about it. Those art fans get to vote/lobby and thus shape NASA's budget. If this mission is widely popular then cutting NASA's budget would be politically unthinkable.
I personally have a deep appreciation for both theoretical physics AND blues slide guitar. Are you suggesting the one is somehow superior to the other? Get a clue. I don't much care for his music, but Will.i.am seems to be a stand-up guy. A geeky kid who went to a science magnet school and seems genuinely interested in kids attitudes about science and even themselves. He also did a song for PBS' Sesame Street encouraging kids to be persistent, work to be their best, and keep a positive attitude. My 2 year old daughter absolutely loves it. Are you going to say that's garbage as well because it doesn't teach anything about science?
I think one only needs to look at the performance of 22nm vs 32nm Intel Core i5/i7s available today to get an idea of how small the gains from process shrink really are. Don't get me wrong 2.5% is nothing to scoff at, but it's not revolutionary. Add to that the heat dissipation issues associated with the smaller surface area and I think one could make a compelling case for the argument that we have entered the era of diminishing returns in process shrinks.
One could try to make the argument that smaller chips are cheaper to make (which has historically been the case), but the development costs associated with shrinking die size are going up a an alarming rate. This has been discussed in several articles here on el reg as a matter of fact. While I agree with your conclusion that AMD is in serious trouble, I think it really comes down to $$$ spent on engineering, not die size. Intel is outspending AMD at such a rate that even the thought of AMD bringing something competitive to the table should be seen as a complete embarrassment for Intel.
Missed the large white (usually reflective) line(s) painted on the road showing you where to stop did you? Shame that. Let's say folks decided to follow your suggestion. How exactly does one know the color of the light if parked directly under it I wonder?
Yes, web hacks indeed. I'd leave the graphic designers out of this though as they are facing a similar blight as of late. Funny thing is, the clients never seem to care about the efficiency of your code or true cross-browser compatibility (even if the former would save them a lot in operating costs and the later would cut down on support overhead). Those hacks charge a lot less to boot.
I myself had to close up shop, and watch a lot of good friends get eaten alive in the job market. Ended up in SMB IT of all places. These days I count myself lucky to be out of that whole shit-storm. I wonder how long it will take till there is no one left who can actually write code and not just copy, paste, and replace a few numbers. Then again that is how it was in the beginning...
It's the right idea, taken too far.
Getting a notification that your teenage son/daughter has been texting while driving sounds like a sensible and useful feature. When they get home you can question them about it, and punish/scold/discuss as necessary to encourage safer choices in the future. I could see this actually achieving the kind of positive impact the designers are shooting for here.
Disabling the phone or preventing texts however is only going to make your kids angry with you. There is a big difference between "I know what you did any you're not going to get away with it" and "I am watching your every move, always ready to step in and correct/prevent your stupid choices". By actively disabling texting you are essentially making the decision for the child and they're simply not going to learn anything that way. Add to that the fact that some percent of them will probably attempt to troubleshoot their phone when it is unable to send a message and you've now made the problem even worse.
Ad broker =/= marketing company. There is a big difference between selling ad space and creating ads to fill said spaces. Just saying.
Bahahaha! You've obviously never been to a gun show in the south. I've seen a (maybe 16 year old) kid buy a 9mm with not so much as a paper filled out. Asked for the Glock, handed they guy some cash, walked away from the table. Of course that was 3 or 4 years ago. Perhaps things have changed, but that's just one more thing I don't miss about Texas.
Exactly! Apple is taking a page right out of Microsoft's playbook. "If you can't innovate, litigate". Sure worked out for Microsoft! Oh, wait ...
Just played the song through the intercom. Scared the hell out of the bean counters. Good times.
This is just what I needed today. Sent it off to the decidedly computerphobic father-in-law to give him a simple overview on how to install his new SSD. This is very polished, doesn't just race through everything, and has a very pleasant voice-over. Old news to most Reg readers I'm sure, but very handy. Cheers!
Checking TRIM and AHCI would be nice too, but those are things I can take care of remotely. I also doubt very much that he would have been happy about having to go into the command line.
The Writing's on the Wall for HDDs
I work for a fairly small outfit so you may have to scale accordingly, but we're already buying far more SSDs than HDDs. In fact, we haven't deployed a single desktop with an HDD since early 2009 and since then we've purchased many dozens of SSDs. In that same time period we bought exactly 7 hard disks. The HDDs we still have which predate 2009 should all be put out of service by the end of next year. This includes disks in our servers. In fact, we only use HDDs for bulk storage (and even that array has an pair of SSDs for caching). 15k rpm drives don't offer any gains over cheaper SSDs for virtualization or even server OS disks (RAID 1 is your friend).
At some point we may need to expand our storage or simply replace the aging NAS array, but that might mean at most another 7 drives or so in the next 5 years. During that same time we will undoubtedly buy many more dozens of SSDs (and maybe even a unit or two of whatever comes next for the graphics workstations). The only thing HDDs have to offer is capacity, and that's honestly irrelevant when project files are kept on a network share. The lowest cost HDD is only about $30 less than an SSD that will get the job done just as well (and several orders of magnitude faster). The accountants here have figured out that the increase in efficancy is well worth that little bit extra (but mabye I'm just lucky on that front). This data is also likely skewed by the fact that we build servers and workstations in-house (I need something to do between tickets after all), so we don't have to pay the eye-watering premiums for SSDs that OEMs are still charging.
How long until average home users have a similar setup with a shared network storage (attached to a router maybe) feeding files as needed to their PC, remote laptop, mobile, or tablet? This means there will still be a market for high capacity HDDs 5 years from now, but SSDs might ship at least 5-10 times as many units. Some say that Flash storage will be threatened by something even better by then, but I haven't seen a convincing demo of any such technology. Let's hope Western Digital has something cooking behind closed doors.
Paris, because she has a lot going on behind closed doors.
Mine's running great...
I'm also running the official ASUS version with no issues whatsoever. After I got my Galaxy Nexus I stopped using my Transformer till the ICS update came out. I use my TF101 several hours a day for everything from games, to reading e-books, to remote desktop, to working with documents in Polaris Office (surprisingly useful bundled app). Writing this from my tablet right now actually. I also manage about a dozen TF101s at work all with the same stock software. No issues there either. Maybe time to contact ASUS. In the US you get a 1 year warranty, in the UK/EU I believe it can be 2 years or more. I've had good luck getting motherboards etc. replaced by ASUS when they broke down. Just a thought.
The prospect of a solid, secure management tool for the proverbial clusterfuck that is the mobile OS version sprawl these days is a holy grail that could save untold man/woman hours for front line IT folks. Too bad about the whole Blackberry Enterprise Server bit though. My experience with it is admittedly a bit dated (don't we all miss the Windows GP/BES monoculture circa 2005), but I remember BES licensing as roughly $2,500(US) + $100/user.
I'd believe it if they had dropped their pricing a bit, but anything in that range is a tough sell for SMB ITs. Maybe that's not their core market now, but a growth market would really help RIM out. Still, this is a promising step in the right direction. If RIM is to survive they need to focus on what they are known for, encrypting and managing mobile devices. One does wonder though if they will be agile enough to get out of the mobile device game in time. A smaller more focused RIM could stick around for a long time, otherwise they risk a fate similar to Nokia. A long purgatory before inevitably being carved up or sold off for IP rights.
ASUS + ICS = <3
Judging a technology company by it's support is like judging a restaurant by it's service. Both will vary immensely depending on who you're dealing with and what kind of day they've had. It's the device and software (or food) that you're after. As a one-man IT department in the SMB space I've had good and bad experiences with any manufacturer you'd like to come up with. In our office with have about a dozen Transformer TF101s and 2 Primes (for the execs). ICS runs flawlessly on all of them, built in VPN is transparent to the user, and I get to apply chrome group policy to every device and desktop at once. I was impressed enough with the TF101 I bought one myself. My non-techie wife liked it so much she went out and got an ASUS laptop. That too works great.
At work we also have a few iPads and one iPad2, but they pretty much just sit in the cabinet. They can't run our custom in-house apps and are basically only useful as toys in the break room. You are right to suggest that Honeycomb is an immature OS, even Google has admitted as much, but don't lump ASUS in with Toshiba's clearly colossal failure.
Re: This topic always depresses me
Amen brother! I've only got maybe 80-90 IPs to manage. Hell, I've memorized most of them. Sub-netting even lets me keep the workstations from having access to the IP phones, since VLANs aren't possible with the low end kit we have in the office. This means no users f*cking around with the custom extensions and such the manufacturer so graciously decided to make available via web interface, but forgot to include any sort of user authentication. Of course scenarios like this are everywhere in the SME space. We just cobble together something that works using whatever we happen to have on hand.
To make matters worse, all my workstations need static IPs, since SBS 2008's DNS never seems to know what the DHCP server (on the same bloody machine) is doing. I can't use DHCP now, and this is supposed to get better how exactly? So I get to send my boss a bill for manually entering and testing all these long incomprehensible IP6 addresses (several of which I am sure to enter incorrectly and have to troubleshoot), and we gain absolutely nothing. Yeah he'll love that.
Or you could just pay the $0.99 for the ad free Android version on Google Play (still can't get used to that name).
Well That Clinches It Then
I was really tired of SonicWall's quirky VPN, admittedly buggy SIP (what decent company fails to address a known issue with something like basic SIP NATing for almost a year?), and abysmal Wireless performance. However, I was feeling too lazy to go through the trouble to set up something decent. Now I hear Dell is getting involved. I'm DEFINITELY not paying good money to "renew" our license to download the latest firmware when they expire later this year.
Full disclosure: as a former Austinite I am inclined to view anything from Dell as carrying the touch of death.
This would be absolutely killer for my Asus Transformer! I know, I know, Unity is clunky and not always very intuitive on a normal PC, but it would be nice to see if all their "touch sreen optimizations" actually bear fruit on a tablet/sudo-netbook. One has to admit that Unity is less broken now than when it was first introduced. Maybe I'm the last one left who has any faith that Ubuntu can iron out their UI issues, but I'm excited about this. ICS is great and all, but it really doesn't benifit from an attached touchpad and keyboard since most apps are just not able to make use of them. Not sure I want this on my phone yet though...
Cisco's had this coming for a long time. Even when their hardware "supports" open standards it has always been done half-heatedly at best. Broken features, inexplicable failures, etc. OSPF anyone? Ever tried to set up SIP on a Cisco phone or VIOP gateway? I could go on. The fact that they are wining about open standards shows just how low they've sunk. I hate to say it, as I made my living working with their products for many years, but Cisco is getting what they deserve.
Now that I am in a position to make such decisions I won't even consider a product that requires vendor lock in. This has meant many a late night in the console configuring arcane scripts and building some really odd cron jobs, but the quality and reliability of services and products from companies that know you can easily switch to another provider/manufacturer has been well worth the effort.
Mines the one with the expired (and likely never to be renewed) CCNA in the pocket.