* Posts by Gerhard Mack

333 posts • joined 4 Apr 2007

Page:

Yeah, keep buying those SSDs, grins Seagate: Your data will be on our disks eventually, muaha

Gerhard Mack

Re: Capacity or Revenue?

Exactly, In my case as flash goes down in price, I'm replacing drives with SSD since on my PC and Laptop, I just don't need more than a few hundred GB of space.

The larger drives, seem even more expensive so as much as I'd like to replace my two spinning drives with something larger, I just can't justify the expense right now. My remaiing two drives are actually more expensive now than when I bought them 3 years ago.

2
0

AWS v Oracle: Mark Hurd schooled on how to run a public cloud that people actually use

Gerhard Mack

Re: AWS infrastructure Boss is Ex-Car mechanic.. says it all.

"Presumably he means overhead on your licensing costs - Do Oracle actually recognise virtualisation in their DB licensing yet?!"

Sort of, I had to look into this for work and basically:

1 Oracle licensing assumes that a core is dedicated to that VM

2 unless you have Oracle's VM software configured in the correct way than HT threads count as Cores so you must turn them off leading to a 30% drop in performance.

I took one look at the above and opted for bear metal servers.

.

1
0

Dell servers set to get a flash boost from Toshiba

Gerhard Mack

Now if only they would be affordable

Dell's markup on SSD is insane and keeps me from using even the smaller sizes for boot drives. Finding the same drive for far less elsewhere is just frustrating.

1
0

Manufacturers reject ‘no deal’ Brexit approach

Gerhard Mack

Re: Welcome to Trump.UK

"Unlike the Trump campaign though it has been the "popular press" propagating lies about the EU for decades which did the damage"

Fox news isn't "popular press" ?

5
1

Google promises policy review after several big brands pull YouTube ads

Gerhard Mack

You miss the point

It has nothing to do with morals and everything to do with brand damage from having heir ad associated with something that makes people angry.

6
0

BOFH: Don't back up in anger

Gerhard Mack

Re: The moral of the story?

A better moral of the story is: Do not try passing blame for your own mistakes on the IT department.

41
0

Dormant Linux kernel vulnerability finally slayed

Gerhard Mack

@Paul 195

"The fact is, not all open source software has that many eyes on it, because nobody is paying for them."

I think you are missing the point that most kernel devs are paid these days. In this case though, there have been few eyes because almost no one uses the driver in question.

3
0

Germany to Facebook, Twitter: We are *this* close to fining you €50m unless you delete fake news within 24 hours

Gerhard Mack

Re: Could be tricky

@mstreet

"So...what the government is saying, is in fact a load of meaningless drivel designed to make them look like they are being forward thinking heroes for the masses?"

"If it has no legal or binding impact, then what, other than getting their smiling mugs on camera is the point? I thought they were elected to lead the country, and make real decisions based on real situations. Instead, they are wasting their time and our tax dollars, putting together a giant group hug that seems to have no purpose but to tell everyone "look at me, I'm not a racist"."

"If their intent is in the slightest bit inspired by noble intent, then why is it just Islamophobia, and not racism period?"

It references Islamophobia because we have some anti Muslim actions lately including the recent shooting in mosque by a white nationalist.

But other than that: If you were more familiar with the current political situation in Canada, you would understand that the current Liberal government lead by pretty boy Trudeau is pretty much all about looking good for the cameras and that they have accomplished nothing useful. They were elected to be the opposite of the Conservative Party that got a ton of things done, but also tended to be annoying social conservatives and as an example took pointless parting shots at Muslims in an effort to wind up their base and keep from losing the last election.

1
0
Gerhard Mack

Re: Could be tricky

@pccobbler

"It is very much binding. Read the bill yourself instead of assuming. I quoted the relevant sections in a comment made yesterday. Or just start here: http://www.assnat.qc.ca/en/travaux-parlementaires/projets-loi/projet-loi-59-41-1.html"

I'm a bit lost here.

1 This is not the bill currently being debated in Parliament, it's from 2 years ago.

2 It is for the province of Quebec only.

3 It doesn't mention Islam or Islamophobia anywhere.

4 It references the Charter of Rights and Freedoms and there is plenty of case law to establish what contravenes the charter making offenses rather well defined.

1
0
Gerhard Mack

Re: Canada debating a bill that would criminalize Islamophobia

"There is no right to country-wide enforcement of one point of view, as that is the sort of thing found in communist and fascist countries."

Correction, Province wide. That bill is from the legislature of Quebec.

0
0
Gerhard Mack

Re: Could be tricky

The reports that there is a proposed Canadian law banning Islamophobia are a god example of fake news. The reality is that its a non binding motion calling on the government to condemn Islamophobia and study what actions should be taken to reduce it.

It doesn't define Islamophobia because it doesn't really need to since it makes no changes to the existing legal framework of Canada whatsoever.

3
0

Public IPv4 drought: Verizon Wireless to stop handing out static addys

Gerhard Mack

Re: I wonder if I could sell my class C

It will depend a lot on how you got it. If you got it before the registries stopped giving them away and moved to a rental model then yes, it's valuable.

The annoying part is, I know exactly how expensive a /24 is right now given that I'm working on a startup that needs a /24

1
0

UK's Virgin Media subscribers suffer fresh email blocking misery

Gerhard Mack

@Lee D

That is why I just refuse the message and let the sending mailserver generate the bounce.

0
0
Gerhard Mack

I wish

"So the marketing department will gnash its teeth the first time, not afterwards. And they should be happy about it, because it's that much less of a chance they'll click on a bad link."

Dream on. Sales departments get a lot of emails from new people and when they don't respond right away the customers call in wondering what happened and then the question "Why is our mail server slow" I tried it years ago and it worked as expected but I nearly lost all of my clients that month.

If I tried it at my current job, I'd have the whole sales department in the IT director's office demanding my head on a plate (they have pitched fits for less).

2
0
Gerhard Mack

Greylisting tends to really aggravate the users. Users (especially sales teams) get upset if mail is even a little bit slow to arrive.

0
0

3Par brought down Australian Tax Office with >REDACTED<

Gerhard Mack

Re: Seriously?

I would be *really* pissed if the SAN didn't alert me to a failed redundant path.

3
0
Gerhard Mack

Seriously?

How could this possibly be a cabling issue? I don't recall the last time I've seen a SAN without redundant cables for everything.. power, SAS network and FCAL all have redundant cables and they are all supposed to hot fail-over in the case that one of them is damaged.

5
0

One IP address, multiple SSL sites? Beating the great IPv4 squeeze

Gerhard Mack

Re: Wrong.

"There's no need for that sort of language around here."

How else to describe it? The guy has invented motivations in his head for missing features that aren't actually missing, ignored several people here who told him hes wrong, and continued to heap insults on the IPv6 designers based on his original misconceptions.

The only thing that might be true, is that SMB and home equipment doesn't support it(I don't know one way or the other. But it's hardly the fault of the IPv6 designers if manufactures didn't bother to implement features available by other manufactures.

1
1
Gerhard Mack

Re: Wrong.

"And it took 20 years to get the bastards to admit we needed Network Prefix Translation, and it will be 20 more before it's widely supported enough for use. NAPT in IPv4 scared the IPv6 purists enough for them to fight a generation-long war against the simple idea ease of use matters for someone other than developers, universities flush with grant money and large corporations."

Again, it has been supported and completely usable since before you wrote the original article in 2012.

You are like the Breitbart of the tech world.

2
4
Gerhard Mack

Wrong.

"NPT *is* 1:1 NAT, and IPv6 purists hate the ever-living crap out of it, with many refusing to code for it, add support for it, etc.

I even wrote about it in the article I linked to..."

It would have helped if the article you linked to wasn't completely full of crap.What IPv6 Purists hate is 1 to many NAT. NPT on IPv6 is easy and has been supported for years (I've used it) and support is firewall based so application independent.

Don't even get me started on the bits of IPv6 doing away with static IPs, it was actually DHCP they wanted an alternative to. On public servers, you will want to renumber anyways if the ISP changes your address. On private servers, you will want to assign them to a local (non routeable) IPv6 range and either 1:1 NAT at he gateway or use the local IPV6 addresses internally and allow the machine to auto assign the external IPs for internet access. Again, IPv6 makes this easy.

1
2

HPE CEO Whitman says everything's 'on the right track' as sales are literally decimated

Gerhard Mack

Re: It gets even worse

Buy a next day service contract and discover that when you actually need it, the server is "too old" and it will take them two weeks to replace it.

4
0

Talk about a slow pour: Oracle now brewing late Java EE 8 for July 2017

Gerhard Mack

Re: Re AMBxx: Does anyone really care?

"I wasn't talking about the plugin. We don't allow Java on any machines where I work for security reasons. Same with Flash."

Great..a purist. If I did that, I would not be able to remote manage any of our machines. Our Raritan KVM wouldn't work, Neither would any of Dell iDRACs, HP iLOs, SUN ILOM, or the Lenovo equivalent some of our branch offices use. And that is just client side.

On top of that, one of our largest income generating systems runs on Java.

And even then? Even if we wanted to replace a whole team's several year long effort, what do we replace it with? C takes to long to code, PHP isn't suited to the task, Python and Ruby do backwards compatibility badly, making security updates out to be a night mare and everything else doesn't have enough developers for us to be able to hire people.

0
0

Penguins force-fed root: Cruel security flaw found in systemd v228

Gerhard Mack

@Dan 55 Re: right ..

"How about you start networking first, then iSUSI, then OCF32, then Dovecot? Just throwing that out there."

You can mess with the boot order, but the pain comes when you actually want to mount the filesystem. /etc/fstab has an option to wait for the network but none to wait for the iSCSI/OCFS2

and in most distros a failed mount would simply then start loading the rest of the services. This means adding checks to each daemon's startup script to make sure all file systems are mounted.

Under systemd, I can just add a config file for just the mount point that causes me trouble, and it does not even attempt to mount the FS until all needed services are up and then mark the postfix/dovecot as a dependancy of the filesystem. Much less fragile, and my time to setup new services has been reduced and as an added bonus, I don't have daemons saving things to the local drive instead of the network drive which is kind of a pain when it's supposed to be a shared FS.

3
5
Gerhard Mack

right ..

I'll take your "abomination" Thanks to SystemD I finally have shared filesystem clusters booting correctly the first time without a ton of hackery. (dovecot depends OCFS2, OCFS2 depends on iSCSI, iSCSI depends on networking) something that was almost impossible to do under the old init system.

As a server admin, SystemD has solved more problems than it has created.

9
31

Windows 10 networking bug derails Microsoft's own IPv6 rollout

Gerhard Mack

Re: Not that awful

"I also like the ability to define my own internal networks, obviously with IPv4 being in short supply for a long time doing it with real IPs for most orgs is impossible. So NAT to the rescue. At the end of the day NAT works for the vast majority of use cases out there, and as the old saying goes if it ain't broke don't fix it."

So do that anyways using an internal range and SNAT at the border. IPv6 only killed the one to many NAT the other types are still supported.

1
1
Gerhard Mack

Re: IPv6 needs a catalyst

"The main limitation of NAT is 16 bit ports. If port addresses were expanded to 32 bits, we'd probably be fine with IPv4 pretty much forever. "

It all sounds so easy until you realize that the port number is a fixed field in the IPv4 header and changing it would break backwards compatibility and that would have most of the same deployment issues that IPv6 has.

7
1

The top doc, the FBI, the Geek Squad informant – and the child porn pic that technically wasn't

Gerhard Mack

Re: "To be clear, our agents unintentionally find child pornography"

"Digital forensics is one of the things I do. You'd be surprised by how over-confident, dumb and technically illiterate the porn addicts/pornographers are. I suppose there's a valid argument that the ones who get caught are the stupid ones, but boy are they dumb."

Not just porn addicts..These people just think everyone around them either thinks the same way they do or are invisible pieces of furniture. I once had a client leave naked pictures of himself sitting on some hooker's face on his Adult dating site (something I'm sure his wife didn't know about) for me to find. All he had done was ask me to check his computer because "my internet is slow" and all I did was click the back button to see an example of a site he uses to speed test on.

I have also had clients have meetings about phone scams they are running while I am sitting in the room working on their PCs.

0
0

UKCloud: We ARE cheaper than Microsoft or AWS online storage

Gerhard Mack

What race to the bottom? Amazon is expensive.

The trick is that they break the charges down per item so you don't realize what the cost will be until you get the bill.

2
0

HPE 3PAR storage SNAFU takes Australian Tax Office offline

Gerhard Mack

Re: Problem with SAN in general

"The performance of even the fastest NVMe SANs are very very slow compared to distributed file systems."

Not according to any of my measurements. With several of our servers our Compellent SAN + 8 gbps FCAL link outran the local disks in some of our older servers. Meanwhile, GlusterFS on 3 nodes with local storage actually cost me a contract when it was outrun by a single NFS server.

0
0

Oracle finally targets Java non-payers – six years after plucking Sun

Gerhard Mack

Re: Phones?

That would be why Oracle is suing Google.

0
1

Is your Windows 10, 8 PC falling off the 'net? Microsoft doesn't care

Gerhard Mack

Re: It's all a bit farcical, isn't it?

"static DNS: worst case, use 8.8.8.8 [should work everywhere the intarwebs is supported] - it's a freebie from google. [yeah they probably track it]"

Great plan.. now explain how I I access local resources by host names that don't resolve on the wider internet . Even some Wifi routers use DNS to redirect you to their setup page.

Come to think of it. One of my predecessors used to keep a company wide zone file for our parent company with resources we needed to access and even that turned into an maintainable mess.

3
0

No matter who becomes US president, America's tech giants are going to be quids in

Gerhard Mack

Re: US "pass thru" corporate taxation

There is an easier way to do the "pass thru" bit: Just register the foreign entity is the owner of all of the intellectual property and have the US company pay licensing fees high enough that it never generates a profit.

0
1

Donald Trump running insecure email servers

Gerhard Mack

Re: So...

"~ The official State Department mail system was / notoriously / a POS."

As a mail server admin I can guess exactly what they are talking about by the amount of whining about features such as the 1 hour lockout of IPs that get too many bad password attempts By far the largest complaint I get is that my server passwords are "too complicated" meaning I generate them randomly. I have seen people create secure default passwords such as 123456, asdf the company name or even an obfuscated (l33t) version of the username. (Seriously, 3 different workplaces have assigned me the exact same secure password "G3rh4rd") And I don't even deal with a secure environment that requires VPN for email access..

So all of these politicians do what managers do when faced with an annoyance: they go off and bypass the restrictions by doing their own thing. They go off and hire someone to setup a new user friendly mail server for them only to learn that it's harder than it looks Security? "it has a firewall"

, document retention? oops. George Bush, Colin Powell, Hillary Clinton: All form of the same techno illiterate stupidity.

3
0
Gerhard Mack

Re: Thar she blows!

"Why aren't there any embarrassing emails being passed around already?"

Funny thing about that.. The Democratic campaign admitted that when their server got hacked the attackers got all of their background research on Trump but somehow none of that got released by Wikileaks so far.

5
0

SSDs in the enterprise: It's about more than just speed

Gerhard Mack

Re: SSD Burn out

Given the storage array I'm in the process of retiring (10 year old drives) and it's drive failures every other month, and the regular age related deaths of storage on our existing servers, "perfect" does not exist in the hard drive world.

My newer servers and SANs have a write countdown that tells me when the SSD is wearing out and that should give me a far more predictable. "drive is wearing out, replace soon before it becomes a problem" rather than "dead drive, the RAID is now degraded. lets rush out and buy a new one" Or the worse yet "two drives are dead with no warning and we have lost data"

Unpredictable failures have a cost that should be accounted for in any TCO calcualation.

1
0
Gerhard Mack

Re: Not all about performance

"HDDs don't spin when they arn't being accessed."

Do you really think the user will tolerate waiting several seconds for the drive to spin up when you are accessing old pictures on Facebook? The page will just hang for several seconds before it starts to load.

The advantage of SSD in this case, is that it has almost no startup time.

3
0

Lenovo denies claims it plotted with Microsoft to block Linux installs

Gerhard Mack

Re: Poor

"Lenovo is also known to be one of two common laptop manufacturers (the other being HP) that won't boot if you install a different WLAN card."

I ran into that, hacked my BIOS and and added them to my no buy list. Since then I've had people bring me Lenovo laptops that refuse to accept third party batteries and we won't even get into how I feel about BIOS installed malware (superfish)

13
0

New Skype for Linux Alpha

Gerhard Mack

Re: Download link

"b) As far as I can tell it's audio only, not video"

Since when? Skype for Linux has never had a problem with video chat. It's group chat it fails badly at.

0
0

Linus Torvalds won't apply 'sh*t-for-brains stupid patch'

Gerhard Mack

Re: He's right. Again.

"If he turns out to be wrong on sómething, does he back off and apologize and can you call him publicly a "cockface idiot?"

Yes, and I can tell you what kernel devs can (and have) called him out and gotten away with it. Al Viro, as an example won many of his arguments with Linus back in the days when I had the time to track the kernel list more closely.

0
0
Gerhard Mack

Re: He's right. Again.

"I stopped paying close attention to the kernel when they abandoned the "stable" and "testing" branches, what was it the 2.4 days ? Before that it was say 2.0.x for stable, and 2.1.x for testing/dev, then 2.2 was stable, etc.."

You must have a short memory. What generally happened was that the unstable branch got dragged out too long and distros/maintainers would then try to backport required changes to the stable kernel resulting in TWO unstable branches. My all time favourite event during that time was a brand new IBM server where the "stable" (2.2) crashed on boot, and the unstable kernel crashed sometime after boot. I ended up having to install a kernel with custom patches just to get the project going.

The new way of having shorter (get your feature working before the final RC or we pull it) system has been much more stable for me and the thought of ever going back to the old way terrifies me.

12
1

World eats its 10 millionth Raspberry Pi

Gerhard Mack

Re: I thought I'd buy one to try when they first came out..

"$80-$150 x86 - I have one. It has an uptime measure in hours. The Pi's uptime depends on the next power cut, so months."

Bad luck or bad software.. My cheap, fanless PC stays up for months at a time while being used as half my building's firewall (120 MB down / 20 MB up and about 600 GB a month in transfer)

0
0
Gerhard Mack

Re: I thought I'd buy one to try when they first came out..

If you are doing something that intensive on the USB bus (unfortunately that includes the Ethernet port), the Pi is not for you. I use the Pi for lower end projects but for something involving 2 cameras and a cell modem there are cheap ($80 - $150) fanless x86 boxes on Aliexpress.

5
1

Your wget is broken and should DIE, dev tells Microsoft

Gerhard Mack

I have had executable locations change based on age of the Linux Distro, and then there are things like difference in the way Linux/FreeBSD/Darwin organises things. I have found that hard coding the shell's location breaks far more often than breakage caused by someone doing strange things on their system. If I write the script conservatively and don't use bleeding edge features, I can count on it functioning on most of the systems people try to run it on.

0
0

Light at the end of Intel's Silicon Photonics: 100Gbps network tech finally shipping, sorta

Gerhard Mack

Re: New technology???

This seems more about using an easier to manufacture method for creating the transceivers rather than doing something completely new. The way they are talking, this new method will be much cheaper but time will tell.

0
0

Microsoft to overhaul Windows 10 UI – with a 3D Holographic Shell

Gerhard Mack

Re: Assistive technology ... again

Considering my grandmother sent her final message to me on her tablet the day before she passed on. I'm not sure how much more "assistive" the technology needs to be,

4
1

Fork YOU! Sure, take the code. Then what?

Gerhard Mack

Re: @ gerryg - The fork model...

"Apple on the other hand, did not want to bother with GPL, instead they went and pilfered BSD code. Again unlike Google, Apple now prefers to pay the developers for their ideas instead of introducing students to open source software in order to steal their ideas."

Given how many kernel (and other) developers Google pays and how much code they shove upstream, I would have to call this statement out as blatantly false.

2
2

Osram's Lightify smart bulbs blow a security fuse – isn't anything code audited anymore?

Gerhard Mack

Re: @Mike 126 -- Why is it

This is not something that has obvious advantages until you try it. My friend loaned me a couple Phillips Hue bulbs and and aside from using a lot less power than dimmer switches, they are the best alarm clock I've ever owned.

I have them set to fade in the lights with an artificial sunrise (I get up about an hour before sunrise in the winter) and it is a lot less jarring than an audio alarm.

0
0

Ad blockers responsible for rise in upfront TV ad sales, claims report

Gerhard Mack

Re: So it's time...

I have an excellent one, I don't pay for cable and disconnected the antenna from my TV.

12
0

Crims set up fake companies to hoard and sell IPv4 addresses

Gerhard Mack

Re: Arrogant architects

They managed it for phone numbers because none of the call routing is done by the actual phone.

As for IPv6, it is no harder than IPv4 for non technical users. In fact, A couple of weeks ago I had a friend discover he was running IPv6 without even knowing about it because it ISP (Roger's Cable in Canada) rolled it out without telling anyone. The only reason it wasn't done years ago is because the ISPs couldn't be bothered until it became a problem.

If you look at the Worldwide Google IPv6 stats, it's clear that the non technical users are having the easiest time of it since IPv6 as a percentage of traffic is lower during the week (9.8% vs the weekend 12%) Another nice thing about that graph is that show accelerating adoption. (Jan 2014 2.5%, Jan 2015 5.82%, Jan 2016 10.4%). At that rate, I doubt IPv4 will be much of an issue in 10 years.

6
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017