* Posts by Gerhard Mack

309 posts • joined 4 Apr 2007

Page:

Windows 10 networking bug derails Microsoft's own IPv6 rollout

Gerhard Mack

Re: Not that awful

"I also like the ability to define my own internal networks, obviously with IPv4 being in short supply for a long time doing it with real IPs for most orgs is impossible. So NAT to the rescue. At the end of the day NAT works for the vast majority of use cases out there, and as the old saying goes if it ain't broke don't fix it."

So do that anyways using an internal range and SNAT at the border. IPv6 only killed the one to many NAT the other types are still supported.

1
1
Gerhard Mack

Re: IPv6 needs a catalyst

"The main limitation of NAT is 16 bit ports. If port addresses were expanded to 32 bits, we'd probably be fine with IPv4 pretty much forever. "

It all sounds so easy until you realize that the port number is a fixed field in the IPv4 header and changing it would break backwards compatibility and that would have most of the same deployment issues that IPv6 has.

6
1

The top doc, the FBI, the Geek Squad informant – and the child porn pic that technically wasn't

Gerhard Mack

Re: "To be clear, our agents unintentionally find child pornography"

"Digital forensics is one of the things I do. You'd be surprised by how over-confident, dumb and technically illiterate the porn addicts/pornographers are. I suppose there's a valid argument that the ones who get caught are the stupid ones, but boy are they dumb."

Not just porn addicts..These people just think everyone around them either thinks the same way they do or are invisible pieces of furniture. I once had a client leave naked pictures of himself sitting on some hooker's face on his Adult dating site (something I'm sure his wife didn't know about) for me to find. All he had done was ask me to check his computer because "my internet is slow" and all I did was click the back button to see an example of a site he uses to speed test on.

I have also had clients have meetings about phone scams they are running while I am sitting in the room working on their PCs.

0
0

UKCloud: We ARE cheaper than Microsoft or AWS online storage

Gerhard Mack

What race to the bottom? Amazon is expensive.

The trick is that they break the charges down per item so you don't realize what the cost will be until you get the bill.

2
0

HPE 3PAR storage SNAFU takes Australian Tax Office offline

Gerhard Mack

Re: Problem with SAN in general

"The performance of even the fastest NVMe SANs are very very slow compared to distributed file systems."

Not according to any of my measurements. With several of our servers our Compellent SAN + 8 gbps FCAL link outran the local disks in some of our older servers. Meanwhile, GlusterFS on 3 nodes with local storage actually cost me a contract when it was outrun by a single NFS server.

0
0

Oracle finally targets Java non-payers – six years after plucking Sun

Gerhard Mack

Re: Phones?

That would be why Oracle is suing Google.

0
1

Is your Windows 10, 8 PC falling off the 'net? Microsoft doesn't care

Gerhard Mack

Re: It's all a bit farcical, isn't it?

"static DNS: worst case, use 8.8.8.8 [should work everywhere the intarwebs is supported] - it's a freebie from google. [yeah they probably track it]"

Great plan.. now explain how I I access local resources by host names that don't resolve on the wider internet . Even some Wifi routers use DNS to redirect you to their setup page.

Come to think of it. One of my predecessors used to keep a company wide zone file for our parent company with resources we needed to access and even that turned into an maintainable mess.

3
0

No matter who becomes US president, America's tech giants are going to be quids in

Gerhard Mack

Re: US "pass thru" corporate taxation

There is an easier way to do the "pass thru" bit: Just register the foreign entity is the owner of all of the intellectual property and have the US company pay licensing fees high enough that it never generates a profit.

0
1

Donald Trump running insecure email servers

Gerhard Mack

Re: So...

"~ The official State Department mail system was / notoriously / a POS."

As a mail server admin I can guess exactly what they are talking about by the amount of whining about features such as the 1 hour lockout of IPs that get too many bad password attempts By far the largest complaint I get is that my server passwords are "too complicated" meaning I generate them randomly. I have seen people create secure default passwords such as 123456, asdf the company name or even an obfuscated (l33t) version of the username. (Seriously, 3 different workplaces have assigned me the exact same secure password "G3rh4rd") And I don't even deal with a secure environment that requires VPN for email access..

So all of these politicians do what managers do when faced with an annoyance: they go off and bypass the restrictions by doing their own thing. They go off and hire someone to setup a new user friendly mail server for them only to learn that it's harder than it looks Security? "it has a firewall"

, document retention? oops. George Bush, Colin Powell, Hillary Clinton: All form of the same techno illiterate stupidity.

3
0
Gerhard Mack

Re: Thar she blows!

"Why aren't there any embarrassing emails being passed around already?"

Funny thing about that.. The Democratic campaign admitted that when their server got hacked the attackers got all of their background research on Trump but somehow none of that got released by Wikileaks so far.

5
0

SSDs in the enterprise: It's about more than just speed

Gerhard Mack

Re: SSD Burn out

Given the storage array I'm in the process of retiring (10 year old drives) and it's drive failures every other month, and the regular age related deaths of storage on our existing servers, "perfect" does not exist in the hard drive world.

My newer servers and SANs have a write countdown that tells me when the SSD is wearing out and that should give me a far more predictable. "drive is wearing out, replace soon before it becomes a problem" rather than "dead drive, the RAID is now degraded. lets rush out and buy a new one" Or the worse yet "two drives are dead with no warning and we have lost data"

Unpredictable failures have a cost that should be accounted for in any TCO calcualation.

1
0
Gerhard Mack

Re: Not all about performance

"HDDs don't spin when they arn't being accessed."

Do you really think the user will tolerate waiting several seconds for the drive to spin up when you are accessing old pictures on Facebook? The page will just hang for several seconds before it starts to load.

The advantage of SSD in this case, is that it has almost no startup time.

3
0

Lenovo denies claims it plotted with Microsoft to block Linux installs

Gerhard Mack

Re: Poor

"Lenovo is also known to be one of two common laptop manufacturers (the other being HP) that won't boot if you install a different WLAN card."

I ran into that, hacked my BIOS and and added them to my no buy list. Since then I've had people bring me Lenovo laptops that refuse to accept third party batteries and we won't even get into how I feel about BIOS installed malware (superfish)

13
0

New Skype for Linux Alpha

Gerhard Mack

Re: Download link

"b) As far as I can tell it's audio only, not video"

Since when? Skype for Linux has never had a problem with video chat. It's group chat it fails badly at.

0
0

Linus Torvalds won't apply 'sh*t-for-brains stupid patch'

Gerhard Mack

Re: He's right. Again.

"If he turns out to be wrong on sómething, does he back off and apologize and can you call him publicly a "cockface idiot?"

Yes, and I can tell you what kernel devs can (and have) called him out and gotten away with it. Al Viro, as an example won many of his arguments with Linus back in the days when I had the time to track the kernel list more closely.

0
0
Gerhard Mack

Re: He's right. Again.

"I stopped paying close attention to the kernel when they abandoned the "stable" and "testing" branches, what was it the 2.4 days ? Before that it was say 2.0.x for stable, and 2.1.x for testing/dev, then 2.2 was stable, etc.."

You must have a short memory. What generally happened was that the unstable branch got dragged out too long and distros/maintainers would then try to backport required changes to the stable kernel resulting in TWO unstable branches. My all time favourite event during that time was a brand new IBM server where the "stable" (2.2) crashed on boot, and the unstable kernel crashed sometime after boot. I ended up having to install a kernel with custom patches just to get the project going.

The new way of having shorter (get your feature working before the final RC or we pull it) system has been much more stable for me and the thought of ever going back to the old way terrifies me.

12
1

World eats its 10 millionth Raspberry Pi

Gerhard Mack

Re: I thought I'd buy one to try when they first came out..

"$80-$150 x86 - I have one. It has an uptime measure in hours. The Pi's uptime depends on the next power cut, so months."

Bad luck or bad software.. My cheap, fanless PC stays up for months at a time while being used as half my building's firewall (120 MB down / 20 MB up and about 600 GB a month in transfer)

0
0
Gerhard Mack

Re: I thought I'd buy one to try when they first came out..

If you are doing something that intensive on the USB bus (unfortunately that includes the Ethernet port), the Pi is not for you. I use the Pi for lower end projects but for something involving 2 cameras and a cell modem there are cheap ($80 - $150) fanless x86 boxes on Aliexpress.

5
1

Your wget is broken and should DIE, dev tells Microsoft

Gerhard Mack

I have had executable locations change based on age of the Linux Distro, and then there are things like difference in the way Linux/FreeBSD/Darwin organises things. I have found that hard coding the shell's location breaks far more often than breakage caused by someone doing strange things on their system. If I write the script conservatively and don't use bleeding edge features, I can count on it functioning on most of the systems people try to run it on.

0
0

Light at the end of Intel's Silicon Photonics: 100Gbps network tech finally shipping, sorta

Gerhard Mack

Re: New technology???

This seems more about using an easier to manufacture method for creating the transceivers rather than doing something completely new. The way they are talking, this new method will be much cheaper but time will tell.

0
0

Microsoft to overhaul Windows 10 UI – with a 3D Holographic Shell

Gerhard Mack

Re: Assistive technology ... again

Considering my grandmother sent her final message to me on her tablet the day before she passed on. I'm not sure how much more "assistive" the technology needs to be,

4
1

Fork YOU! Sure, take the code. Then what?

Gerhard Mack

Re: @ gerryg - The fork model...

"Apple on the other hand, did not want to bother with GPL, instead they went and pilfered BSD code. Again unlike Google, Apple now prefers to pay the developers for their ideas instead of introducing students to open source software in order to steal their ideas."

Given how many kernel (and other) developers Google pays and how much code they shove upstream, I would have to call this statement out as blatantly false.

2
2

Osram's Lightify smart bulbs blow a security fuse – isn't anything code audited anymore?

Gerhard Mack

Re: @Mike 126 -- Why is it

This is not something that has obvious advantages until you try it. My friend loaned me a couple Phillips Hue bulbs and and aside from using a lot less power than dimmer switches, they are the best alarm clock I've ever owned.

I have them set to fade in the lights with an artificial sunrise (I get up about an hour before sunrise in the winter) and it is a lot less jarring than an audio alarm.

0
0

Ad blockers responsible for rise in upfront TV ad sales, claims report

Gerhard Mack

Re: So it's time...

I have an excellent one, I don't pay for cable and disconnected the antenna from my TV.

12
0

Crims set up fake companies to hoard and sell IPv4 addresses

Gerhard Mack

Re: Arrogant architects

They managed it for phone numbers because none of the call routing is done by the actual phone.

As for IPv6, it is no harder than IPv4 for non technical users. In fact, A couple of weeks ago I had a friend discover he was running IPv6 without even knowing about it because it ISP (Roger's Cable in Canada) rolled it out without telling anyone. The only reason it wasn't done years ago is because the ISPs couldn't be bothered until it became a problem.

If you look at the Worldwide Google IPv6 stats, it's clear that the non technical users are having the easiest time of it since IPv6 as a percentage of traffic is lower during the week (9.8% vs the weekend 12%) Another nice thing about that graph is that show accelerating adoption. (Jan 2014 2.5%, Jan 2015 5.82%, Jan 2016 10.4%). At that rate, I doubt IPv4 will be much of an issue in 10 years.

6
0
Gerhard Mack

Re: Dormant networks, unvalidated contacts

They have been trying reclaim the unused address space. The problem is that before IANA,ARIN, etc the address blocks were owned by whoever was given the IP block so contractually ARIN can't really do much. The best they do now, is on reassignment of IP blocks they try to get the new owner to agree to the new rules where you rent the IPs and lose them when you don't comply.

1
0
Gerhard Mack

Re: Arrogant architects

No matter what they had done, there would have been market resistance. The reality is that most suggestions to "extend" IPv4 don't take into account that the IPv4 address is a 32 bit integer in the header so you cannot easily just extend it and suggestions for adding a "feature flag" that lists an extended address in the header would only have slowed packet processing down for all time.

Once it was established that there was no easy way to extend IPv4, they set out to make sure the transition wouldn't need to happen again any time soon by extending the address space to something huge and went about fixing some of the known design flaws in IPv4.

At any rate, having worked for two ISPs, I can tell you most of the market resistance has been waiting for the IPv4 addressing to become a problem. "It's not a problem right now, we need to concentrate on more immediate issues" Never mind that IPv6 is not difficult to setup and co exists without trouble with IPv4. And naturally, now that we have hit IPv4 address exhaustion and the addresses are becoming expensive we are starting to see adoption According to Google, the number of IPv6 users world wide has been increasing while and US has hit 27% adoption.

13
1

Wales gives anti-vaping Blockleiters a Big Red Panic Button

Gerhard Mack

"Then don't kiss me when I'm vaping because that it is the only way it will happen. (vapour dissipates immediately)"

You only think it does because you are desensitized to the smell. The reality is that they are a huge improvement over regular cigarettes (less smell, doesn't seem to get into clothing as much, not as much effect on breath). Even at 10m It still stinks and it still causes me enough breathing troubles that I reach for my inhalator).

12
11

Cisco warns IPv6 ping-of-death vuln is everyone's problem

Gerhard Mack

Re: how long has this bug been around?

According to Google's IPv6 stats. 11.76% of world wide traffic to Google's servers on the weekends and 9.51% during the week (up 1% since Jan). The US is at 27% but they don't provide a nice graph for per country so I can't compare evenings to weekends.

1
0

Disk death: Three-quarters of PCs will run SSDs by 2020

Gerhard Mack

Re: Gartner?

They also predicted that the Itanium would rule the server market.

3
0
Gerhard Mack

If a single drive failure takes out your domain controller, you are doing it wrong. As an aside, I lost 3 spinning hard drives in two years on a two drive RAID server so spinning is not much more reliable.

4
0

Systemd kills Deb processes

Gerhard Mack

Re: Creating problems that didn't need solving

The part you are missing is that the change was mainly because the old system broke horribly and required manual intervention when you ended up with an even moderatly complicated server setup (Fiber Channel, iSCSI, Distributed Filesystems etc)

This latest change on the other hand, is very desktop oriented where Xservers never seemed to clean up after themselves properly and thankfully it has an off switch which and I will be spending the next few days turning this off on my servers and on for my desktops..

2
2

90 days of Android sales almost beat 9 months' worth for all flavours of Win 10

Gerhard Mack

Re: What do people say in situations like this...

They did annoy the carriers, but in the end the carriers wanted a third ecosystem to offset Google and Android's power.

The problem is that people don't just take what their carrier sells them anymore. In Spain they had a massive Lumina campaign backed by the carriers complete with FUD and discounts and a ton of Microsoft advertising money. It jumped the market share 10% but as soon as they stopped pushing it so hard the market share dropped like a rock.

Apple broke the carrier hold over the customer relationship and Android further took advantage of that but the carriers haven't adjusted to the new reality yet. Microsoft/Nokia never got used to that fact either when they refused to sell phones on emerging markets with features the carriers hate. (dual SIM etc)

0
0

What's holding up Canada's internet?

Gerhard Mack

So very true. A few years back I worked for a Montreal ISP that had the idea to rent the copper lines directly and offer their own DSL service.

We quickly learned the downside to that plan: If the customer is too far from the Bell facility Bell runs the internet access through a "Remote CO" (think fibre to the neighbourhood) Can we install there.. well no.. Can we install our own Remote equipment? As per the CRTC the answer to that is no. So we were stuck offering something a fraction of the speed of Bell unless we wanted to go back to reselling Bell's Internet service.

Local loop unbundling is useless in Canada. If Bell had to offer LLU on fibre, that would change which is why they have fought doing it and most likely why they have held off doing fibre do the home.

5
0

Microsoft drives an Edge between Adobe and the web: Flash ads blocked

Gerhard Mack

Re: Reg's a changin'

I use the "Disable HTML5 autoplay" Chrome plugin. It blocks things from annoying me until I either click on whatever it is that wants to run or whitelist the site.

2
0

Third of US banks OK with passwords even social networks reject

Gerhard Mack

Re: Don't know about my bank... but

I typoed.. it is a 6 char password and I just went back into the site to confirm I'm not crazy. The password field on bmo.com's "everyday banking" won't go past 6 chars.

1
0
Gerhard Mack

Re: Don't know about my bank... but

The Bank of Montreal (Canada) supports max 5 char passwords consisting of letters and numbers only.

0
0

Awoogah – brown alert: OpenSSL preps 'high severity' security fixes

Gerhard Mack

Re: Could we fucking kill it already?

They did, GNUTLS and almost no one supports it despite the API being a lot more sane.

0
1

PCI Council says bye-bye to big bang standards upgrades

Gerhard Mack

Been there, still have a copy of the report saying I passed the PCI-DSS audit. I cringe at the security practices I come across. My all time favorite was having to explain to a company I was doing business with why prefilling my payment form with my CCV2 number was a very bad idea.

0
0

Dell PowerEdge R730: Reg rack monkeys crack smiles over kindness of engineers

Gerhard Mack

@Alan Brown

"Having said that, ANY caddy which doesn't include the necessary screws for mounting a drive is one that needs ramming up the arse of the designer. Far too often the dummy insert is just clipped in via moulded studs or only held with 2 screws. Provide all 4 screws or make it so drives clip in."

But if they did that, then you would be more likely to buy your own drives rather than Dell SAS drives at 2x the OEM price (4x if SSD).

1
0
Gerhard Mack

Re: R720xd

"Yes the R730xd is the same (up to 26 x 2.5 in drives. 24 round the front, 2 round the back). We now have a fair few in the field and I'd have to agree they are a good evolution."

I'm fond of the DDR4 and the little graph next to all of our SSD drives in the iDRAC that let me know how close the drive is to it's expected maximum number of writes.

0
0
Gerhard Mack

Re: Decent configurator website too

This is only an issue with PCs and laptops, NAS (they run windows) and SAN storage units (they don't tell you until they are about to deliver that they require a Windows server to manage the SAN). For servers, there are very few I've come across that have any sort of Microsoft dependency.

0
0

You've seen things people wouldn't believe – so tell us your programming horrors

Gerhard Mack

A few years back I was maintaining software in C and added a bunch of declarations to the function definitions to enable GCC to detect and warn on format string errors. The other programmer got angry and promptly turned them all off again because they were "creating too many warnings." and making it harder to see bugs he needed to find. (he liked to refer to what I did as the "code nazi thing")

Fast forward a few weeks, and we tried the software on 64 bit servers for the first time and my software works perfectly but his won't run for more than a minute without crashing. Our boss ended up having all of the servers reformatted with 32 bit Linux just to accommodate him.

A few years after that, he left the company and I inherited the code complete with an enormous bug list. First thing I did was enable every possible warning and correct the compiler's complaint (something he liked to tell me he never had time for). The result was a 90% reduction of bugs for two weeks of effort.

4
0

Linux Foundation quietly scraps individual memberships

Gerhard Mack

Re: Disappointing

They didn't drop sytemd as much as keep the legacy interfaces around. From what I can tell (I'm not a Gnome user) they were hoping Canonical would finish their logind replacement sooner and allow them to drop the legacy interfaces.

1
0
Gerhard Mack

Re: Disappointing

"We get it. You like systemd. Buy why should it be mandatory - and in effect, it is - instead of optional? The whole point of the Unix philosophy was "do one thing and do it well", so that individual components you don't like can be swapped out. Systemd - and the massively REL-influenced projects like Gnome that that have decided to depend on it - remove choice."

Gnome has no such dependency. In fact, they had to change their plans because the logind replacement just wasn't ready and they didn't want to lose support for non systemd systems such as FreeBSD. Do a quick search on Google for "Gnome systemd dependency" and you can see their thoughts for yourself.

1
1
Gerhard Mack

Re: Disappointing

I'm really tired of listing to people whine about systemd.

Systemd (at least in Debian's case) was voted on by the maintainers with all of the pros and cons spelled out on publicly available web pages. The resulting flame fest happened close to a year after the decision was already made and involved trolls misrepresenting it's design and posts of fake bugs.

In fact, this is the second time I've gone to research something for myself only to find out that most of the things said about it in the forums were actually false (Wayland being the other)

The reality is that it is vastly better than what was there before and it has allowed me to get things working much faster in cases where the boot sequence is complicated (iSCSI Gluster etc) The result is a more maintainable system that as a side benefit happens to boot faster.

5
23

Comcast repeatedly crams modem upgrade demands into browsers

Gerhard Mack

I don't think it's just about speed

The older cable modems don't do IPv6.

2
1

Firefox-on-Windows users, rejoice: Game of Thrones now in HTML5

Gerhard Mack

Re: Silverlight end of life in 2021?

The problem is that it's cross browser but not cross platform. You have

A: Windows (X86)

B: Mac (X86)

C: Windows phone

Windows on ARM? not there.

Linux? Android? iPhone? no supported

And even between Mac and Windows things like networking work differently so that's not cross platform either.

.

4
0

Enraged Brits demand Donald Trump UK ban

Gerhard Mack

Don't forget, Sarah Palin also drew huge crowds and lost. The Republican right wing is very noisy and is just large enough to get someone past the primaries. The downside is that the resulting candidate ends up being so extreme right that not even moderate Republicans will vote for it let alone the independents or Democrats.

28
1

Page:

Forums