Have some Faith!
143 posts • joined 5 Oct 2009
Apples to oranges comparison
AWS RDS's high-availability failover between availability zones (AZs) isn't the same thing as geo-replication and failover between regions - it's all within a region. AWS has multiple AZs within each region and you're right, it's trivial (and a good thing) to replicate and failover between them. Azure is moving to a similar AZ model but has already had update domains and fault domains for a while which kinda-sorta gives you the same features, and which automatically give you similar within-region high availability for SQL Azure. Neither cloud had a super-simple, check-a-box cross-region high availability and failover capability, but Azure is now talking about its failover groups and active geo-replication features, which do give you genuine cross-region failover which is what you need for enterprise-level high availability.
It's important to know the difference between AZs and regions - some people seem to think that single region use of multiple AZs is all they need; for many purposes it probably isn't.
Multiple AZs is a good start, but that wouldn't help you in this case as an entire region went out. AZs help you with issues at an individual data center, but AWS/Azure/GCP roll out changes at a region level so you need to be multi-region to protect you from times when that kind of thing f***s up. And it will. It may be more cost effective for you not to bother, depends on your RTO/RTP requirements.
When you get into multi-cloud conversations, you're well into the law of diminishing returns.
Machine learning - state of the art
Is it just me, or does anyone else wonder why invitations to a machine learning conference aren't tightly targeted to those with the highest propensity to want to go based on previous behaviour across a range of dimensions, instead of just a catch-all article page aimed at everyone? :-)
It couldn't be that ML/AI is still only useful in more nice applications than the hype might suggest, surely?
Might explain why I'm followed round t'internet by adverts for things I've already bought or have no intention of buying now I've done a little bit of research on them... Artificial "Throw it all out there, see what sticks" might be a more accurate description for much of this right now...
"You could spread across several different clouds, across in-house and cloud, across in-house, externally-hosted and cloud. But a particular cloud is ONE point of potential failure."
Depends which cloud. Go to one of the big boys - AWS or Azure say - and you'll get a data centre network with the capability* for you to host and run your applications with proper and complete redundancy and fault tolerance built in. Go to one of the relative minnows who have been bought and sold by a bunch of VCs with costs stripped to the bone each time and you'll get what you pay for. For better or worse this whole sector is becoming like the big supermarket chains vs the Mom'n'Pop corner stores - the bigger guys do it mostly better and cheaper, but diversity dies.
* although they give you the capability to do it right, they're kind enough to let you do it wrong if you are so inclined, so you'll be just as vulnerable to this kind of failure unless you tick the right boxes on the web console too
Re: Isn't cloud supposed to be fault tolerant?
It isn't supposed to be magic, just fault tolerant. Magic would be preventing anything failing ever - no-one who knows anything about Cloud, including the vendors, say they have that kind of magic. Fault-tolerant means providing capabilities to hide, mitigate and recover from failures. Cloud vendors do say that you need to build and architect applications to expect failures, and they provide lots of capabilities to allow you to do that. For example, AWS separates each region into Availability Zones (think "isolated data centre") and specifies that the way to get high availability and fault tolerance is to split your application hosting over at least two AZs. How difficult is it to do that? Basically check a few boxes in the web console or add a parameter to a couple of CLI/API commands.
It is completely trivial to get an application running on servers in multiple AZs talking to a database that has a master in one AZ which is real-time replicated to a read-only replica in another AZ, and then to promote that replica to be the master automatically in case of failure. Do that, and problems like the one mentioned here are barely noticeable. AWS (and Azure and GCP do similar things) handles high-speed connections, load balancing and automatic data replication between AZs for you. This handles issues with a single data-centre going down very elegantly.
Occasionally entire regions do go down, but *almost* never multiple regions at the same time. If you want to be clever and super-fault-tolerant, you build your application to work over multiple regions, not just multiple AZs. That isn't quite as trivial due to having to understand the data replication model - single-master, multi-master, eventually consistent, plus issues like latency etc. but there are good patterns out there to allow that, and if you are building from scratch rather than lifting-and-shifting and can take advantage of some of the globally-replicated NoSQL services all platforms provide then the problem largely goes away.
And yes, if you're super-super-paranoid, you can even build a multi-cloud-provider solution. That definitely isn't easy. Or cheap. But then that hasn't changed from the old on-prem days.
As a trivial example of why it's a GOOD thing to encrypt all pages, even ones that don't have a form on them to collect your data, consider this: You have a bunch of pages that just have some content on them, no forms. They DO have a link to your login page (which itself uses HTTPS). Without HTTPS, it's very simple for requests for those content-only pages to be intercepted and altered before they're sent on to the customer - so the customer receives all the same content with a login link which looks the same but which now actually sends the user to a malicious site which harvests his/her login details.
Re: Am I the only one who doesn't really have a clue what blockchain is?
By being wrong (or at least focusing on a specific use case built on top of blockchains rather than on blockchains themselves) I think you've absolutely perfectly summed up the situation. I *think* I know roughly what they are, but I'm still waiting for that Eureka moment where I understand what all the fuss is about. At the moment, to me it sounds like a different type of mousetrap, but I don't understand why some people think it's a better type of mousetrap.
"Build a better mousetrap, and the world will beat a path to your door"
There's a bit of a misunderstanding going on here - Capita's market cap (# of shares * share price) has just fallen £800m. Sounds dreadful! But this is on the back of them saying they're going to issue £700m of new shares - new shares don't create new value, they dilute the value of existing shares, and that's (mostly) what's just been priced in. So market cap as measured by shares*price falls $800m now in anticipation of more shares, assuming the share price stays the same when the new shares are issued the market cap as measured by shares*price will rise £700m, net fall £100m. Nowhere near as disastrous.
That is an assumption, mind! And I'm not defending Capita, I've had horrendous service from them in the past too.
See http://www.bbc.co.uk/news/business-42885211 for more analysis on the share price fall, explaining better than I just did why it's not as bad as it looks at face value.
I'd love to agree - that's why I bought a Roku streaming stick a few years back and why I want another one. You can get all the services on a single, cheap device which allows you to really shop around for which services you want to subscribe to. However, in the UK at least Roku have virtually pulled out; none of their latest generation products are officially available and the grey-market imports you can get don't support important local services like BBC iPlayer. Instead Roku make the locked down, completely crippled NowTV box for Rupert Murdoch. Such a shame.
Corporate locked-down environment
I wonder if this will help me get around the locked-down nature of my corporate IT environment and infrastructure, where it can take months to get access to the most basic of external web-based resource? And if it does, is that a good or a bad thing? Good for productivity, bad for security...?
Re: moving functionality from the server side to the client “brings its own security challenges”.
Totally agree - validation etc. on the client is purely to help improve user experience; it needs to be replicated on the server to be any kind of guarantee that it's doing what was intended. And yep, I also agree that there are too many inexperienced web developers out there who don't appreciate that. I'm being polite and swapping "inexperienced" for "idiot" :)
"...Accenture, co-founded by Microsoft..."
Accenture wasn't co-founded by Microsoft at all. Accenture came out of the Arthur Andersen accountacy firm and in it's earliest incarnation began in the 1950's, long before Microsoft was created.
Accenture and Microsoft do have a joint venture they started together called Avanade, and like all big consultancies Accenture is an accredited Microsoft partner. LIke they are with over 100 other companies (including Red Hat, Software AG and IBM) as listed here: https://www.accenture.com/gb-en/alliance-ecosystem
Re: Well, points for making it work I guess
Clearly a clever guy so kudos as you say, but you have to ask what more useful things he could have done with that time and effort...
From the article: "he's only made aware of Slack happenings that mention him by name or suggest things he really needs to know about, such as “whenever something explodes in the server"
Wouldn't it have been easier for him to just set his notification preferences to only alert him to mentions of his name, and to set up appropriate channels for live alerting?
Re: An admirable effort.
Anyone who doubts the value of HTTPS should see Troy Hunt's course on Pluralsight - https://www.pluralsight.com/courses/https-every-developer-must-know. In fact, forget the "anyone who doubts..." bit. Everyone should see Troy Hunt's course on Pluralsight (other providers are no doubt available, I have no commercial relationship with either Troy or Pluralsight, etc. etc. blah blah blah)
HTTPS is a necessary component of a secure web. It is not however a sufficient component. So yes, HTTPS == safer, HTTPS != safe
Re: Hey, did you know the editor could do that automatically?
Re: Rather unfortunately named assistant
It was David Banner who Bixby played, not Bruce. Although apparently on his gravestone (ooops, spoiler alert) it became "David Bruce Banner". Theories abound as to why... https://scifi.stackexchange.com/questions/91702/why-was-bruce-banner-named-david-banner-in-the-old-tv-show
Nation state grade
I'm loving seeing the "nation-state grade software" phrase thrown around. Would anyone rush out to buy a nation-state grade wordprocessor? The nation-state grade website I have to use to fill in my tax returns isn't exactly a shining example of the state of the art. This stuff must come from those 'other' government-paid devs, yeah? You know, the really good ones. :-)
Yes, this is (mostly) a joke. I know it's serious stuff!
Re: Java is so easily messed up... just put spaces in a path or a password...
I was tempted to downvote you for providing factually correct and interesting information plus links to external sources on a Reg anti-MS flame thread, but couldn't quite bring myself to do it... Give it time, I'm sure someone will! :)
Re: The Force Awakens is just a bad movove
Totally agree about the villain being central to any good Star Wars movie. Episode 1 had Darth CutInHalfAfter5MinutesScreenTime who looked badass till he fell apart. Episodes 2 and 3 had the Emperor to hold them together but he was still hiding in plain sight so wasn't moment-by-moment scary and he had not-quite-Darth Overacting to compensate for anyway. Episode 7 had a prefect from Slytherin as the villain *and* he lost a laserbat fight to a completely untrained opponent when he wasn't crying about how badly treated by his parents he was - wuss! Episode 3.9 ('cos it's closer to 4 than 3) had a completely mental, ass-kicking Darth Vader back in full "you took my last Rolo ya bastich" mode and that's the point that had me stood up and cheering! Finally a top-class baddy again. LONG overdue!
Re: it isn't cheap, so i am not surprised its a cash cow
Brexit supporters only see the good news post-Brexit. Remainers only see the bad news.
Trump supporters only see the good stuff they want to see in Trump. Anti-Trumpers only see the bad stuff.
Cloud supporters... well, you get the idea. Objective reality and in-depth research seems to have very little impact in any decision making any more. Time will tell; life's too short to care too much about any one camp in any given argument when the world has been taken over by marketing sloganeers. Maybe the world really is just too complex to understand and we really should decide things by tossing a coin...?
Anyone old enough to remember HOTOL? https://en.wikipedia.org/wiki/HOTOL That ended well (and made me decide to curtail my budding career in aerospace engineering)... Fingers crossed for a bit more progress with this beast!
On a positive note, all those "artist representations" of what HOTOL might look like are now getting a second airing with the new SABRE branding.
Re: Vaping is harmless
Lack of evidence isn't the same thing as evidence. What studies have been done; what were the methodologies; have they been peer reviewed? No studies HAD shown that lead in petrol or cigarette smoke or CFCs were harmful... until all of a sudden lots of studies showed that those things were all harmful!
On the other hand, I strongly suspect that there isn't any harmful effect of second hand vaping too - I've just got no evidence to back that up!
I get that The Reg isn't the best place to get a fair and honest answer to this, but how many people might consider running .Net on any platform other than Windows (yes, yes, MS=evil, why would I cripple etc etc etc)?
I'm a C# dev, very comfortable with the language and .Net framework programming, but have more than a passing familiarity with Linux or OS/X. Conversely, I guess most Linux or OS/X devs don't know much about .Net? Then again, Mono had a reasonably successful business model merging the two. Just wondering what the market is, really...
Re: "peripheral technologies" => trojan horse
True altruism doesn't exist, certainly not in business. Mutual benefit is the best that can be expected. To hope for anything else is to be disappointed - but even if you do find an example of "true" altruism, how is that actually any better in practice than something done for mutual benefit?.
Re: Quis custodiet ipsos custodes?
What's a PRISM "member"? ALL companies (well certainly ones that are based in or trade in the US) have to comply with PRISM information demands. You make it sound like Microsoft have signed up to do this for fun! By all means share around honest information about the $h1t they - and ALL big companies - do, but don't go making up stuff they don't; you just make your arguments specious.
Well, my company for one has jumped into the cloud with both feet... err... that's perhaps not quite the right metaphor! Anyway, we're a medium-sized company (between 100 and 1000 employees (I'll keep it as vague as that to avoid being told off by my HR department) whose business is entirely on-line and we even have annoying adverts on the telly. And we run entirely from Azure. Have done so for over a year. And are still making a handsome profit, before the doom-sayers kick off.
I've said it before and I'll say it again - cloud isn't for everyone, certainly not yet, but as time goes by more and more people WILL move to it. Having said that, while I'm convinced of the benefits of the cloud, I'm not convinced of the benefits of these certifications.