A FB replacement wouldn't be too hard to do. In fact, we already had something that did everything FB did back in the 1980s and early 1990s... we had multiples... called AOL, CIS, Prodigy, and The Source.
If coding, it might be wise to code around having small social networks which are interconnected. Want to message someone on another network, or have a wall with content from a number of other providers? We have the Internet protocols for all of that, such as NNTP for store-and-forward bulk stuff (with an access layer thrown on top), and for faster messaging, we have plenty of protocols for that. There are many ways to throw data around to minimize bandwidth used, especially with the extensive CDN/edge data center network in place by Akamai and other providers.
The ironic thing is that encrypted messaging isn't hard. I always use a S/MIME certificate (even if I have to renew it myself), because my outgoing E-mail stands out because it is always signed, and if someone else has a S/MIME cert, email gets automatically encrypted between the two parties.
S/MIME isn't as secure as PGP because of the weakness with a CA, but it provides both data-in-flight protection as well as data-at-rest... "good enough" protection for a lot of tasks.
Of course, the problem is getting people to take the (relatively easy) steps to get a key, get the certificate, store the private key in a safe/secure place for a backup, add the key to their E-mail program and device, then turn it on.
The other problem is that people see the red ribbon in Outlook and then call the SOC that a user has infected them via Exchange, just because they think the ribbon is a warning, not a signature.
The problem is that social network sites are becoming required for things, such as having a job, arranging meetings, group conversations, messaging, and other items.
I know I lost a job interview because I didn't have a Twitter account, and the interview called me a "fossil" because of that. (I really don't need Twitter because I have better things to do with my time) So, social media is important, and is moving to almost a message board for everyone.
It gets me wondering about someone setting up a social network, registering as a common carrier (so they are not responsible for people's hate speech.) Then, with a reputation system (person "A" is a friend of person "B" who sets person "A"'s opinion weight at 1.0. Person trolls person "A" who blocks person "C"... person "B" then auto-blocks person "C" as the reputation propagates.) Of course, something needs to be done about speech not protected by the 1A or equivalent (threats of bodily harm or damage), but with a reputation system in place, a troll would wind up completely ignored after a while as negative reputations propagate.
I wonder if there can be a compromise given... As of now, FB has an icon for people who have proven that the account has been vetted. Why not have the current ID vetting give another icon (or perhaps none at all), and then have a tier under that where people can create IDs at will... but it will be obvious to all comers that the person's name and ID is fictitious.
This would be basically how SSL certs are handled now. EV certs for the top tier, regular signed certs for most things, and the big warning if a site uses a self-signed or invalid certificate.
If someone wants to be free of trolls, they can auto-block people who have not vetted themselves, with an exceptions list for those people that don't state their real identity. (Kigurumi players come to mind, as well as furries.)
Expanding on this, I don't see what is wrong with a pseudo-anonymous system, with a reputation factor built in. This way, if you trust a friend's opinion of people, and she flags someone as a troll, that negative reputation will propagate to your reputation DB (unless you override it.) However, if someone you don't know, but are friends with strongly dislikes someone, their opinion will not affect interactions with that person.
One can always use degrees like PGP (fully trusted, partially trusted, untrusted, ultimately trusted), or just use 0.00 to 1.0 for weighting, where a stranger's opinion is 0, while a trusted friend with a 1.0 weight would have their opinions weigh as much as yours.
I personally prefer a pseudo-anonymous system, perhaps with the ability for the system to certify that a userID was vetted somehow, so there is some proof that there is a live person, and that ID corresponds to someone legit. However, sometimes, it is good to have the ability to be the AC, or jump IDs, so you are not having to explain to people something goofy you did 5-10 years ago.
Once the solar farm is up and running, the upkeep of it isn't that much either, mainly double-checking components are making the proper voltage/amperage/cycles-per-second.
On a microcosm, for off-grid applications, the one component which needs replaced the most often would be the storage batteries. Solar panels running without needing upkeep for years to decades isn't uncommon. Other than batteries, the only other part that might need upkeep would be the axis trackers (although those seem to be less common in newer installations.)
Solar isn't going to cure all ills, and a set of panels on a roof isn't going to supply a house's complete needs in southern climates, just due to the need for A/C (especially in high humidity areas where swamp coolers don't work.) However, it can provide some useful things, such as reducing peak demand with an on-grid setup, and with an off-grid setup, combined with a PowerWall or a battery bank, it can function as a whole-house UPS/power conditioner.
The NAS uses Linux's LVM2 and ext4 for the drives in the machine, using a "secret sauce" to adjust the LVMs as disks are inserted/resized.
I don't know how LVM software will be in 10 years, but I think Linux's LVM software (and ext4) isn't too hard to decode if I need to pull the drives out due to a failed component.
It is more complex than just tossing the E-mail from Eudora (guessing mbox format) into a zip file. However, I do have access to the mail from anywhere, and clicking on a VPN, firing up a dedicated IMAP app isn't that bad.
The costs are sunk anyway. The NAS gets used for other things (zbackup repository), so having its dual-core CPU handle some basic IMAP processing when I choose to click the "archive" button on Thunderbird doesn't hurt.
Locally, the mail is stored in the maildir format. While not as convenient as the mbox format that Thunderbird uses, it just a bunch of.eml files stuffed in a directory, and fairly easy to grep though by hand, should dovecot fail. Only downside is the sheer amount of inodes all the messages take up.
I asked a similar question to Slashdot about a month ago, where I wanted to stash E-mail and have it accessible if I'm on the road.
I looked at a few options. Using a virtual machine, an offsite storage provider, and so on.
What I have wound up doing is buying a NAS. Synology or QNAP are good companies for this. The NAS I bought was a basic one, but it supports RAID 1, which is critical. It also gets backed up automatically via a script that goes in via SSH, creates a tar file, pipes it to zbackup which has a repository on another NAS. zbackup is ideal for backups of E-mail, and having another machine pull the backups helps deal with ransomware, once the bad guys start hitting devices.
I then enabled the mail server functionality, which gave me an implementation of dovecot and roundcube. This not just gave me IMAP access, but access via the web (SSL). Using the onboard firewalling, I limited the IP range that the NAS talks with, to just the IP range of the commercial VPN service I use (which is a small provider, run by some competent admins.) This way, for an attacker to even get to an open port forwarded past the router to the machine, they have to have an account with that small VPN provider.
For me, this has worked well. I have access to my E-mail over IMAP or the web. Since the NAS doesn't send or receive mail directly (mail just gets copied to it when archived), it doesn't need SMTP access in or out.
Caveat: Focus on security when setting this up. Ideally, you could use the NAS's built in eCryptFS capability to protect the IMAP maildir directories so physical theft of the NAS doesn't mean your critical E-mails belong to someone else. From there, put the NAS in its own DMZ, blocking all outgoing traffic except for it checking for OS updates, and only allowing incoming traffic to the TLS-based ports, preferably with heavy IP restrictions. For backups, do a pull based system, so if the NAS gets infected, the bad guys can only put garbage in the backups, and not attack previously stored data.
I just set 2FA on my Twitter account and forget about it. The only reason I have a Twitter account is because during a recent job interview, the interviewer asked about what stuff I tweeted, I told him that I didn't bother... and the interviewer called me a fossil for not being "hip enough to use modern technology" and ended the interview. So, I have a Twitter account just so if asked about it, I can say I have one, and actually have bothered to follow one company.
That, and one website I used to use decided to ditch their internal user authentication and piggyback off of Twitter for their user gatekeeper. I personally wouldn't trust a third party site with the keys to my kingdom, but we all know how security tends to not really be a high priority these days.
The Streisand Effect shows what happens when speech is banned. What happens is that it may now show up on the primary media outlets... but it doesn't take much to make a website, and if pressed, it isn't too difficult to create a.onion based website, locate the site offshore.
What happens then, once the extreme speech can't be debunked by relatively sane people, it only will get worse, well past the talk radio stage.
Instead of bans, I've wondered about a flagging system, where obvious hate speech, instead of being automatically banned, would be hidden, replaced with a placeholder, similar to how various websites hide troll posts, but allow them to be clicked on if the user does want to read them. However, who is the judge of what is marked and what isn't?
Maybe it might be good to lead into a reputation system, where if you respect a friend's opinion, how they mark a topic is how the system will show/flag things you may agree or disagree with, while someone you don't know may flag a lot of stuff as bad, but because you don't care about their opinion, it doesn't affect your results.
Of course, there is a hard threshold somewhere. A bong threat isn't free speech, but where does one draw the line between something that the system flags as "get the LEOs in on this NOW" versus someone just trash talking?
Even operating systems have a minimum character password demand for over a decade. Windows Server 2008 and newer have always required password complexity rules (uppercase, lower case, number, symbol), and at least 8 characters by default. Similar with non-root users and Linux.
I know where this technology would come in handy... the RV industry.
The RV industry doesn't have the economies of scale that the auto industry does, and they are very sensitive to the economy because their products are relatively expensive for the market they are aiming at. RVs also have a lot of different parts, being the union of vehicles and homes.
Where this metal would come in handy would be for building RVs, perhaps replacing fiberglass panels, especially roofs (which the average travel trailer uses a thin rubber membrane ), and the sides (delamination issues.) This would also save weight, by moving to this material in the RV's frame, as opposed to wood which is used now. As an added advantage, if there is water intrusion, the frame would not rot.
RV slide-outs come to mind as well. With the latest generation of cutaway van chassis models (Ducato/ProMaster, Transit, Sprinter/Crafter) having significantly less GVWR than the models they replace in the US, weight savings becomes even more important.
I went from the age of manual typewriters to IBM Selectrics to typewriters that had a few kilobytes of memory in them, to "word processors" to dot matrix printers, and so on.
I still remember how annoying it was if filling out a form, even with a typewriter that allowed you to backspace and use a correction ribbon. I also don't miss the days of Liquid Paper/Wite-Out. Nor do I miss trying to precisely align the carriage.
Manual typewriters may wind up a novelty, but I'd take a Mac Plus with an Imagewriter II printer any day, just for the ability to backspace, print out a copy when I so chose, correct work, or other things that are taken for granted.
What would be a nice thing to have, would be a typewriter with a USB adapter so it can function as a LQ (letter quality) printer. In the early 1990s, there were a few Smith-Corona models which had a parallel port, and would work fine with a plain text printer driver.
If I were worried about SHTF or post TEOTWAWKI, having a manual typewriter would be cool to have, as well as a number of ribbons stored in an airtight environment, as well as a re-inker.
As for a re-inker, there is a market waiting for someone. It may not be much, but the niche is there. In the past, there was a device called a MacInker (was out before the Apple Macintosh was introduced), which automatically re-inked both black and color cartridges. It appears to be fairly simple, the hard part is the apparatus used to hold and turn the ribbon to keep tension on it. Definitely something that could be 3D printed if someone had an old MacInker and some calipers, and could measure all the parts.
Lenovo has an idea... but I would say that this is a lot more useful for computer accessories, rather than the computer itself.
For example, having a mini LED projector, SSD, GPU unit, 10gigE router (not just a switch... a router with firewalling capabilities so one can set up a demo easily), all with a decent backend bus (ISTR that USB 3.1 and Thunderbolt can use the same connector/wirings), having something looking like a small 80s hi-fi rack can be done right.
However, this tech is a novelty until multiple vendors buy into it. There have been many great technologies that are orphans, be it the Sony MP3 players which required special software like OpenMG/SonicStage to work, products like the Motorola Atrix which would have had an impact, but were killed early on, to items like Infiniband which would solve a lot of I/O problems between devices... if the protocol wasn't limited to just a few vendors. Even IEEE 1394 was a great technology, allowing one to combine networking and low level I/O on one bus... but that even died.
Those pins are the biggest weakness. Especially if this device is designed to be used while on the road (with being tossed in a suitcase with all the lint, dist, and who knows what else in the suitcase that can corrode or damage those contacts.
I am reminded of the Motorola Atrix and Atrix 2. Great technology, allowing one to use their phone as a bare-bones Linux desktop with the adapter. However, when Motorola tossed that technology, nobody else supported it, so at best it is useful as a mention for historical reasons, if that.
Same thing with this device stack. It looks interesting, but the connector needs to be designed better to handle the rough/tumble life on the road. I'd almost say they should have gone with a blade/enclosure setup, because with that, the individual slots devices would reside could be protected with a closable/lockable cover.
I like the form factor of these accessories. However, it would be nice to have some sort of standard:
1: If the bus has to be something new for multiplexing, the connectors should have a high insertion/removal cycle rate like USB, and can handle dust and other office environmental items.
2: Preferably, use a standard bus. USB 3.1 and Thunderbolt can use the same connectors, so using that and having either an enclosure or a base unit handle power would be useful. I have seen many custom multiplexed buses. What results is that finding parts for them becomes next to impossible. At the extreme, use Infiniband.
3: Maybe move to a rack/enclosure system. This would limit the height of accessories... but having the connector in the back, only connected after being properly aligned, would provide a reliable way to remove/insert items. An added bonus is that for computers like MacBooks that only have a USB 3.1 port, it means only one power plug for all the devices and the laptop.
4: Perhaps some engineering for larger devices in the stack. Having the ability to have a disk array with 2-5 3.5" hard disks so one has a RAID protected place to stash files, would be useful.
In general, I like the idea of being able to stack devices... but I've seen this before, and usually the ports used are proprietary, and sooner or later, wind up discontinued. I'm reminded of the TI-999/4A's sidecar expansion bus as one example.
I have had a VM browser get nailed on legit sites as well. Malvertising has replaced spam as the #1 issue plaguing the Net.
How are torrent sites that different from "top tier" websites that have had their ad servers dish out malware? Either way, it is wise to browse in a virtual machine, sandbox, or both.
In fact, given a choice of a download from a torrent site versus a popular software download site, I'll take the torrent. The torrent has anti-tampering resistance by itself (assuming the torrent file wasn't changed), and I can compare the hash of the download with the torrent manifest, and hashes stored on VirusTotal for additional assurance. Plus, I can have my NAS download and seed the torrent so it isn't taking up CPU and I/O on my main computer.
In fact, this is a lot easier on the Net as a whole doing this, (last download was Ubuntu Server for testing obnam, attic, borgbackup, and zbackup.) Faster too.
Don't forget the transfer switches. If those hose up, the generator can start on time to pick up the load... but if the ATS doesn't hand those kilo-amps over to the genset PDQ, it can cause an outage, as the UPS thinks the load has moved, so goes back into bypass mode.
Of course, transfer switches can fail so it may not even shunt the load over, come time it is needed. Learned that the hard way, and you can't even get near them unless you are wearing full arc-flash gear.
Generators are not cheap. They need oil changes, the diesel fuel sits a long time, so one has to add both anti-gel as well as a biocide. They also need run weekly to ensure that they will actually work when they are needed.
On the other hand, I think there may be a market for data centers that are not top tier. For example, there is a lot of interest in people running their own Internet infrastructure on machines they physically control, especially with compromises a common item with E-mail providers. So, a SMB or even a SOHO renting out a half rack to place a 10gigE NAS/SAN (DS2015xs for about $1400, diskless), a few 1U PCs as compute nodes, a firewall appliance, and a router could do a decent job at receiving E-mail securely on a fast connection.
In general bad guys are not going to spend much time attacking some small coloc appliance as opposed to something that will give a juicy payoff.
Heck, if one wants to do it on the cheap, a Synology DS215j can do E-mail, seedbox, and VPN services for about $200 + two mirrored internal hard drives. For additional protection, a small firewall appliance can be placed in as well. For this use, a network outage for a few hours a year wouldn't be a deal breaker. If one wanted to pack their own parachute, an APC UPS is a few C-notes and will ensure a proper shutdown. For further control, one can add a remote console and power box.
I'm actually surprised there are not more "sub-prime" data centers out there. I'm sure there is money to be made by taking a vacant building, adding a CRAC, UPS, PDU or two, a backhaul, and then offering locking server cabinets. This way, someone who wants to, can pack their own parachute. With virtualization so relatively cheap, including virtual firewalling, one can do a lot with a third rack of cabinet space.
I can see having a redundant data center at a lower uptime rate, positioned for a few tasks:
1: For a smaller company, it can be "good enough" as a place to stash machines.
2: It could be useful for a disaster recovery center, especially if it had compute nodes ready to go, a SAN that took async replications from the main site, and other items. This helps provide geographic redundancy, although the diminished uptime might be an issue if the site becomes the primary.
3: This might be ideal for relative low priority tasks like archiving. Replicate a SAN, have a tape silo pull data too keep off with NDMP, and this would fulfill the need to keep records offsite.
4: Do like Facebook, and put the redundancy in the backup application. If a data center goes down, the backend application redirects traffic to another one until it is back up. By having the redundancy handled in the backend application and database, it can mean that hardware on the datacenter and individual machine level can be less reliable and cheaper.
To me, it looks like a good candidate for a thin client for VDI work. For example, in finance or a part of a company where data is highly sensitive, using these coupled with RDP, Citrix, or a VNC protocol that had encryption, would make for a relatively inexpensive, but usable machine. Plus, if one got stolen or broken, $70 isn't too bad.
Of course, this isn't for everyone, as we already went through the pre-cloud Javastation song and dance... but for areas where thin clients and VDI would be useful and are needed for a security aspect, I can see buying a bunch of these, especially if they could be configured with a custom image (so apps like RDP or Citrix Receiver would be installed and ready to go.)
The idea of a reverse auction is probably the best suggestion on how to cure the problem to date. Start out with prices 100 times as much as normal, and after a time have the ticket prices drop. The site could even allow people to place a bid and if the tickets are sold out for that area or tow, it would automatically purchase them for the buyer once the price dropped to what was asked.
Whenever there are calls for legislation, this can become a very bad thing pretty quickly, if the problem cannot be solved any other way.
For example, a RV park that has a limited amount of spaces can do a number of things. For example, a lottery that people put into for a few months before reservations start, which allow people to reserve a spot. Said lottery is weighted, giving a higher chance of someone getting a spot the more times they frequent the park. This not just brings more business, but also gives preference to frequent customers; a win/win.
A lottery for tickets could also be done for a venue, with the above setup. The more time one frequents a place, the higher chance of them getting a nice spot come the big show. Heck, both the lottery and reverse auction could be combined where a frequent patron of a place can score their tickets at the normal price, while the rest go on sale at the higher prices, dropping as time goes on. Of course, someone can sell their ticket, but encouraging more people to visit a place, even if they do this, can be a good thing overall for a venue's health.
I think "making things easier" is being mixed up with "easier to find MS experience than Linux experience."
The problem I encounter, having sat in both worlds, is that each side thinks their stuff is the right hammer, and everything is a nail. The MS guys want to use their wrench as a screwdriver, while the Linux guys want to carve notches in bolts so they can use their screwdriver in place of a wrench.
A couple use cases: Spawning Hadoop instances on OpenStack [1] or AWS is a lot easier with Linux than Windows. It can be done with Windows, but it is a lot easier to find howto guides and such under Linux. Another case is popping up nginx web servers on compute nodes for static content behind a load balancer. That is pretty easy with ansible [2], lsync, and varnish. In Windows, it can be done, but it would require some fancy footwork with SCCM/SCOM/WIM.
On the opposite side, for a massive directory service (something spanning multiple geographical regions, with many employees and company division/org charts that look like spaghetti), AD has a lot more support than the various LDAP platforms [3], and has proven to be good enough, security-wise.
Best thing to do is use both. Windows winds up at the core, Linux/BSD/etc. are at the edge.
[1]: Windows and OpenStack are like oil and water. I've not heard of any OpenStack deployments based on Hyper-V, especially on Kilo and Liberty. I wouldn't be surprised to see it (as Microsoft has embraced Docker in a useful fashion), but not at this stage.
[2]: Ansible is easy to include in the VM image, so it either can have an image pushed to it, or it can hit a Git server, grab its playbooks, then run those.
[3]: I've used other directory services. I would say that AD is a lot less painful than AFS or DFS/DCE. Things can change on a dime, and an AD competitor that can scale and replicate can come out of nowhere, similar to how Ansible/Puppet/Chef/Salt wasn't on anyone's radar a few years ago, but now is a staple of IT/DevOps as of now.
W2008R2 isn't bad for a desktop OS, if only because wbadmin (the included backup program) isn't the gutted POS it is on the client editions. It actually is comparable to Time Machine for doing decent backups.
Windows Server 2016 will be a nice desktop OS. Even though you don't have an option for a GUI shell upon install, it is easily added as a feature, and the telemetry stuff isn't present unless you explicitly add Cortana and other gewgaws.
Here is the ironic thing. IBM with POWER7 has two modes for their chips. One is the usual functionality, where a 32 core CPU uses all 32 cores. The second mode, called TurboCore, disables half the cores... but allows the cores that are working to use the cache of their disabled neighbors, as well as run the CPU at a higher clock rate.
The reason for this mode is because Oracle, Sybase, et. al., all have per core licensing for production systems. So, having the ability to turn off a good amount of cores will cut the fee in half, and that licensing fee can be very substantial.
One advantage of Microsoft was that they licensed per CPU socket. Now, in Windows Server 2016, that changes... and I'm not surprised it did, just because of the amount of cores available on Xeons and AMD CPU chips.
Maybe this is a good thing. Customers will demand that Intel and AMD start having more oomph per core than just adding more cores to the die. This will help a lot in tasks that can't be multithreaded (fast fourier transforms if doing video, for example.) Maybe we will see the IBM TurboCore mode (not to be confused with AMD's TurboCore) used in the amd64 architecture.
Slashdot Mirror
A FB replacement wouldn't be too hard to do. In fact, we already had something that did everything FB did back in the 1980s and early 1990s... we had multiples... called AOL, CIS, Prodigy, and The Source.
If coding, it might be wise to code around having small social networks which are interconnected. Want to message someone on another network, or have a wall with content from a number of other providers? We have the Internet protocols for all of that, such as NNTP for store-and-forward bulk stuff (with an access layer thrown on top), and for faster messaging, we have plenty of protocols for that. There are many ways to throw data around to minimize bandwidth used, especially with the extensive CDN/edge data center network in place by Akamai and other providers.
The ironic thing is that encrypted messaging isn't hard. I always use a S/MIME certificate (even if I have to renew it myself), because my outgoing E-mail stands out because it is always signed, and if someone else has a S/MIME cert, email gets automatically encrypted between the two parties.
S/MIME isn't as secure as PGP because of the weakness with a CA, but it provides both data-in-flight protection as well as data-at-rest... "good enough" protection for a lot of tasks.
Of course, the problem is getting people to take the (relatively easy) steps to get a key, get the certificate, store the private key in a safe/secure place for a backup, add the key to their E-mail program and device, then turn it on.
The other problem is that people see the red ribbon in Outlook and then call the SOC that a user has infected them via Exchange, just because they think the ribbon is a warning, not a signature.
The problem is that social network sites are becoming required for things, such as having a job, arranging meetings, group conversations, messaging, and other items.
I know I lost a job interview because I didn't have a Twitter account, and the interview called me a "fossil" because of that. (I really don't need Twitter because I have better things to do with my time) So, social media is important, and is moving to almost a message board for everyone.
It gets me wondering about someone setting up a social network, registering as a common carrier (so they are not responsible for people's hate speech.) Then, with a reputation system (person "A" is a friend of person "B" who sets person "A"'s opinion weight at 1.0. Person trolls person "A" who blocks person "C"... person "B" then auto-blocks person "C" as the reputation propagates.) Of course, something needs to be done about speech not protected by the 1A or equivalent (threats of bodily harm or damage), but with a reputation system in place, a troll would wind up completely ignored after a while as negative reputations propagate.
I wonder if there can be a compromise given... As of now, FB has an icon for people who have proven that the account has been vetted. Why not have the current ID vetting give another icon (or perhaps none at all), and then have a tier under that where people can create IDs at will... but it will be obvious to all comers that the person's name and ID is fictitious.
This would be basically how SSL certs are handled now. EV certs for the top tier, regular signed certs for most things, and the big warning if a site uses a self-signed or invalid certificate.
If someone wants to be free of trolls, they can auto-block people who have not vetted themselves, with an exceptions list for those people that don't state their real identity. (Kigurumi players come to mind, as well as furries.)
Expanding on this, I don't see what is wrong with a pseudo-anonymous system, with a reputation factor built in. This way, if you trust a friend's opinion of people, and she flags someone as a troll, that negative reputation will propagate to your reputation DB (unless you override it.) However, if someone you don't know, but are friends with strongly dislikes someone, their opinion will not affect interactions with that person.
One can always use degrees like PGP (fully trusted, partially trusted, untrusted, ultimately trusted), or just use 0.00 to 1.0 for weighting, where a stranger's opinion is 0, while a trusted friend with a 1.0 weight would have their opinions weigh as much as yours.
I personally prefer a pseudo-anonymous system, perhaps with the ability for the system to certify that a userID was vetted somehow, so there is some proof that there is a live person, and that ID corresponds to someone legit. However, sometimes, it is good to have the ability to be the AC, or jump IDs, so you are not having to explain to people something goofy you did 5-10 years ago.
Once the solar farm is up and running, the upkeep of it isn't that much either, mainly double-checking components are making the proper voltage/amperage/cycles-per-second.
On a microcosm, for off-grid applications, the one component which needs replaced the most often would be the storage batteries. Solar panels running without needing upkeep for years to decades isn't uncommon. Other than batteries, the only other part that might need upkeep would be the axis trackers (although those seem to be less common in newer installations.)
Solar isn't going to cure all ills, and a set of panels on a roof isn't going to supply a house's complete needs in southern climates, just due to the need for A/C (especially in high humidity areas where swamp coolers don't work.) However, it can provide some useful things, such as reducing peak demand with an on-grid setup, and with an off-grid setup, combined with a PowerWall or a battery bank, it can function as a whole-house UPS/power conditioner.
The NAS uses Linux's LVM2 and ext4 for the drives in the machine, using a "secret sauce" to adjust the LVMs as disks are inserted/resized.
I don't know how LVM software will be in 10 years, but I think Linux's LVM software (and ext4) isn't too hard to decode if I need to pull the drives out due to a failed component.
It is more complex than just tossing the E-mail from Eudora (guessing mbox format) into a zip file. However, I do have access to the mail from anywhere, and clicking on a VPN, firing up a dedicated IMAP app isn't that bad.
The costs are sunk anyway. The NAS gets used for other things (zbackup repository), so having its dual-core CPU handle some basic IMAP processing when I choose to click the "archive" button on Thunderbird doesn't hurt.
Locally, the mail is stored in the maildir format. While not as convenient as the mbox format that Thunderbird uses, it just a bunch of .eml files stuffed in a directory, and fairly easy to grep though by hand, should dovecot fail. Only downside is the sheer amount of inodes all the messages take up.
I asked a similar question to Slashdot about a month ago, where I wanted to stash E-mail and have it accessible if I'm on the road.
I looked at a few options. Using a virtual machine, an offsite storage provider, and so on.
What I have wound up doing is buying a NAS. Synology or QNAP are good companies for this. The NAS I bought was a basic one, but it supports RAID 1, which is critical. It also gets backed up automatically via a script that goes in via SSH, creates a tar file, pipes it to zbackup which has a repository on another NAS. zbackup is ideal for backups of E-mail, and having another machine pull the backups helps deal with ransomware, once the bad guys start hitting devices.
I then enabled the mail server functionality, which gave me an implementation of dovecot and roundcube. This not just gave me IMAP access, but access via the web (SSL). Using the onboard firewalling, I limited the IP range that the NAS talks with, to just the IP range of the commercial VPN service I use (which is a small provider, run by some competent admins.) This way, for an attacker to even get to an open port forwarded past the router to the machine, they have to have an account with that small VPN provider.
For me, this has worked well. I have access to my E-mail over IMAP or the web. Since the NAS doesn't send or receive mail directly (mail just gets copied to it when archived), it doesn't need SMTP access in or out.
Caveat: Focus on security when setting this up. Ideally, you could use the NAS's built in eCryptFS capability to protect the IMAP maildir directories so physical theft of the NAS doesn't mean your critical E-mails belong to someone else. From there, put the NAS in its own DMZ, blocking all outgoing traffic except for it checking for OS updates, and only allowing incoming traffic to the TLS-based ports, preferably with heavy IP restrictions. For backups, do a pull based system, so if the NAS gets infected, the bad guys can only put garbage in the backups, and not attack previously stored data.
I just set 2FA on my Twitter account and forget about it. The only reason I have a Twitter account is because during a recent job interview, the interviewer asked about what stuff I tweeted, I told him that I didn't bother... and the interviewer called me a fossil for not being "hip enough to use modern technology" and ended the interview. So, I have a Twitter account just so if asked about it, I can say I have one, and actually have bothered to follow one company.
That, and one website I used to use decided to ditch their internal user authentication and piggyback off of Twitter for their user gatekeeper. I personally wouldn't trust a third party site with the keys to my kingdom, but we all know how security tends to not really be a high priority these days.
The Streisand Effect shows what happens when speech is banned. What happens is that it may now show up on the primary media outlets... but it doesn't take much to make a website, and if pressed, it isn't too difficult to create a .onion based website, locate the site offshore.
What happens then, once the extreme speech can't be debunked by relatively sane people, it only will get worse, well past the talk radio stage.
Instead of bans, I've wondered about a flagging system, where obvious hate speech, instead of being automatically banned, would be hidden, replaced with a placeholder, similar to how various websites hide troll posts, but allow them to be clicked on if the user does want to read them. However, who is the judge of what is marked and what isn't?
Maybe it might be good to lead into a reputation system, where if you respect a friend's opinion, how they mark a topic is how the system will show/flag things you may agree or disagree with, while someone you don't know may flag a lot of stuff as bad, but because you don't care about their opinion, it doesn't affect your results.
Of course, there is a hard threshold somewhere. A bong threat isn't free speech, but where does one draw the line between something that the system flags as "get the LEOs in on this NOW" versus someone just trash talking?
Even operating systems have a minimum character password demand for over a decade. Windows Server 2008 and newer have always required password complexity rules (uppercase, lower case, number, symbol), and at least 8 characters by default. Similar with non-root users and Linux.
Use nonces instead of salts for less sodium?
I know where this technology would come in handy... the RV industry.
The RV industry doesn't have the economies of scale that the auto industry does, and they are very sensitive to the economy because their products are relatively expensive for the market they are aiming at. RVs also have a lot of different parts, being the union of vehicles and homes.
Where this metal would come in handy would be for building RVs, perhaps replacing fiberglass panels, especially roofs (which the average travel trailer uses a thin rubber membrane ), and the sides (delamination issues.) This would also save weight, by moving to this material in the RV's frame, as opposed to wood which is used now. As an added advantage, if there is water intrusion, the frame would not rot.
RV slide-outs come to mind as well. With the latest generation of cutaway van chassis models (Ducato/ProMaster, Transit, Sprinter/Crafter) having significantly less GVWR than the models they replace in the US, weight savings becomes even more important.
I went from the age of manual typewriters to IBM Selectrics to typewriters that had a few kilobytes of memory in them, to "word processors" to dot matrix printers, and so on.
I still remember how annoying it was if filling out a form, even with a typewriter that allowed you to backspace and use a correction ribbon. I also don't miss the days of Liquid Paper/Wite-Out. Nor do I miss trying to precisely align the carriage.
Manual typewriters may wind up a novelty, but I'd take a Mac Plus with an Imagewriter II printer any day, just for the ability to backspace, print out a copy when I so chose, correct work, or other things that are taken for granted.
What would be a nice thing to have, would be a typewriter with a USB adapter so it can function as a LQ (letter quality) printer. In the early 1990s, there were a few Smith-Corona models which had a parallel port, and would work fine with a plain text printer driver.
If I were worried about SHTF or post TEOTWAWKI, having a manual typewriter would be cool to have, as well as a number of ribbons stored in an airtight environment, as well as a re-inker.
As for a re-inker, there is a market waiting for someone. It may not be much, but the niche is there. In the past, there was a device called a MacInker (was out before the Apple Macintosh was introduced), which automatically re-inked both black and color cartridges. It appears to be fairly simple, the hard part is the apparatus used to hold and turn the ribbon to keep tension on it. Definitely something that could be 3D printed if someone had an old MacInker and some calipers, and could measure all the parts.
Lenovo has an idea... but I would say that this is a lot more useful for computer accessories, rather than the computer itself.
For example, having a mini LED projector, SSD, GPU unit, 10gigE router (not just a switch... a router with firewalling capabilities so one can set up a demo easily), all with a decent backend bus (ISTR that USB 3.1 and Thunderbolt can use the same connector/wirings), having something looking like a small 80s hi-fi rack can be done right.
However, this tech is a novelty until multiple vendors buy into it. There have been many great technologies that are orphans, be it the Sony MP3 players which required special software like OpenMG/SonicStage to work, products like the Motorola Atrix which would have had an impact, but were killed early on, to items like Infiniband which would solve a lot of I/O problems between devices... if the protocol wasn't limited to just a few vendors. Even IEEE 1394 was a great technology, allowing one to combine networking and low level I/O on one bus... but that even died.
Those pins are the biggest weakness. Especially if this device is designed to be used while on the road (with being tossed in a suitcase with all the lint, dist, and who knows what else in the suitcase that can corrode or damage those contacts.
I am reminded of the Motorola Atrix and Atrix 2. Great technology, allowing one to use their phone as a bare-bones Linux desktop with the adapter. However, when Motorola tossed that technology, nobody else supported it, so at best it is useful as a mention for historical reasons, if that.
Same thing with this device stack. It looks interesting, but the connector needs to be designed better to handle the rough/tumble life on the road. I'd almost say they should have gone with a blade/enclosure setup, because with that, the individual slots devices would reside could be protected with a closable/lockable cover.
I like the form factor of these accessories. However, it would be nice to have some sort of standard:
1: If the bus has to be something new for multiplexing, the connectors should have a high insertion/removal cycle rate like USB, and can handle dust and other office environmental items.
2: Preferably, use a standard bus. USB 3.1 and Thunderbolt can use the same connectors, so using that and having either an enclosure or a base unit handle power would be useful. I have seen many custom multiplexed buses. What results is that finding parts for them becomes next to impossible. At the extreme, use Infiniband.
3: Maybe move to a rack/enclosure system. This would limit the height of accessories... but having the connector in the back, only connected after being properly aligned, would provide a reliable way to remove/insert items. An added bonus is that for computers like MacBooks that only have a USB 3.1 port, it means only one power plug for all the devices and the laptop.
4: Perhaps some engineering for larger devices in the stack. Having the ability to have a disk array with 2-5 3.5" hard disks so one has a RAID protected place to stash files, would be useful.
In general, I like the idea of being able to stack devices... but I've seen this before, and usually the ports used are proprietary, and sooner or later, wind up discontinued. I'm reminded of the TI-999/4A's sidecar expansion bus as one example.
I have had a VM browser get nailed on legit sites as well. Malvertising has replaced spam as the #1 issue plaguing the Net.
How are torrent sites that different from "top tier" websites that have had their ad servers dish out malware? Either way, it is wise to browse in a virtual machine, sandbox, or both.
In fact, given a choice of a download from a torrent site versus a popular software download site, I'll take the torrent. The torrent has anti-tampering resistance by itself (assuming the torrent file wasn't changed), and I can compare the hash of the download with the torrent manifest, and hashes stored on VirusTotal for additional assurance. Plus, I can have my NAS download and seed the torrent so it isn't taking up CPU and I/O on my main computer.
In fact, this is a lot easier on the Net as a whole doing this, (last download was Ubuntu Server for testing obnam, attic, borgbackup, and zbackup.) Faster too.
Don't forget the transfer switches. If those hose up, the generator can start on time to pick up the load... but if the ATS doesn't hand those kilo-amps over to the genset PDQ, it can cause an outage, as the UPS thinks the load has moved, so goes back into bypass mode.
Of course, transfer switches can fail so it may not even shunt the load over, come time it is needed. Learned that the hard way, and you can't even get near them unless you are wearing full arc-flash gear.
Generators are not cheap. They need oil changes, the diesel fuel sits a long time, so one has to add both anti-gel as well as a biocide. They also need run weekly to ensure that they will actually work when they are needed.
On the other hand, I think there may be a market for data centers that are not top tier. For example, there is a lot of interest in people running their own Internet infrastructure on machines they physically control, especially with compromises a common item with E-mail providers. So, a SMB or even a SOHO renting out a half rack to place a 10gigE NAS/SAN (DS2015xs for about $1400, diskless), a few 1U PCs as compute nodes, a firewall appliance, and a router could do a decent job at receiving E-mail securely on a fast connection.
In general bad guys are not going to spend much time attacking some small coloc appliance as opposed to something that will give a juicy payoff.
Heck, if one wants to do it on the cheap, a Synology DS215j can do E-mail, seedbox, and VPN services for about $200 + two mirrored internal hard drives. For additional protection, a small firewall appliance can be placed in as well. For this use, a network outage for a few hours a year wouldn't be a deal breaker. If one wanted to pack their own parachute, an APC UPS is a few C-notes and will ensure a proper shutdown. For further control, one can add a remote console and power box.
I'm actually surprised there are not more "sub-prime" data centers out there. I'm sure there is money to be made by taking a vacant building, adding a CRAC, UPS, PDU or two, a backhaul, and then offering locking server cabinets. This way, someone who wants to, can pack their own parachute. With virtualization so relatively cheap, including virtual firewalling, one can do a lot with a third rack of cabinet space.
I can see having a redundant data center at a lower uptime rate, positioned for a few tasks:
1: For a smaller company, it can be "good enough" as a place to stash machines.
2: It could be useful for a disaster recovery center, especially if it had compute nodes ready to go, a SAN that took async replications from the main site, and other items. This helps provide geographic redundancy, although the diminished uptime might be an issue if the site becomes the primary.
3: This might be ideal for relative low priority tasks like archiving. Replicate a SAN, have a tape silo pull data too keep off with NDMP, and this would fulfill the need to keep records offsite.
4: Do like Facebook, and put the redundancy in the backup application. If a data center goes down, the backend application redirects traffic to another one until it is back up. By having the redundancy handled in the backend application and database, it can mean that hardware on the datacenter and individual machine level can be less reliable and cheaper.
To me, it looks like a good candidate for a thin client for VDI work. For example, in finance or a part of a company where data is highly sensitive, using these coupled with RDP, Citrix, or a VNC protocol that had encryption, would make for a relatively inexpensive, but usable machine. Plus, if one got stolen or broken, $70 isn't too bad.
Of course, this isn't for everyone, as we already went through the pre-cloud Javastation song and dance... but for areas where thin clients and VDI would be useful and are needed for a security aspect, I can see buying a bunch of these, especially if they could be configured with a custom image (so apps like RDP or Citrix Receiver would be installed and ready to go.)
The idea of a reverse auction is probably the best suggestion on how to cure the problem to date. Start out with prices 100 times as much as normal, and after a time have the ticket prices drop. The site could even allow people to place a bid and if the tickets are sold out for that area or tow, it would automatically purchase them for the buyer once the price dropped to what was asked.
Whenever there are calls for legislation, this can become a very bad thing pretty quickly, if the problem cannot be solved any other way.
For example, a RV park that has a limited amount of spaces can do a number of things. For example, a lottery that people put into for a few months before reservations start, which allow people to reserve a spot. Said lottery is weighted, giving a higher chance of someone getting a spot the more times they frequent the park. This not just brings more business, but also gives preference to frequent customers; a win/win.
A lottery for tickets could also be done for a venue, with the above setup. The more time one frequents a place, the higher chance of them getting a nice spot come the big show. Heck, both the lottery and reverse auction could be combined where a frequent patron of a place can score their tickets at the normal price, while the rest go on sale at the higher prices, dropping as time goes on. Of course, someone can sell their ticket, but encouraging more people to visit a place, even if they do this, can be a good thing overall for a venue's health.
I think "making things easier" is being mixed up with "easier to find MS experience than Linux experience."
The problem I encounter, having sat in both worlds, is that each side thinks their stuff is the right hammer, and everything is a nail. The MS guys want to use their wrench as a screwdriver, while the Linux guys want to carve notches in bolts so they can use their screwdriver in place of a wrench.
A couple use cases: Spawning Hadoop instances on OpenStack [1] or AWS is a lot easier with Linux than Windows. It can be done with Windows, but it is a lot easier to find howto guides and such under Linux. Another case is popping up nginx web servers on compute nodes for static content behind a load balancer. That is pretty easy with ansible [2], lsync, and varnish. In Windows, it can be done, but it would require some fancy footwork with SCCM/SCOM/WIM.
On the opposite side, for a massive directory service (something spanning multiple geographical regions, with many employees and company division/org charts that look like spaghetti), AD has a lot more support than the various LDAP platforms [3], and has proven to be good enough, security-wise.
Best thing to do is use both. Windows winds up at the core, Linux/BSD/etc. are at the edge.
[1]: Windows and OpenStack are like oil and water. I've not heard of any OpenStack deployments based on Hyper-V, especially on Kilo and Liberty. I wouldn't be surprised to see it (as Microsoft has embraced Docker in a useful fashion), but not at this stage.
[2]: Ansible is easy to include in the VM image, so it either can have an image pushed to it, or it can hit a Git server, grab its playbooks, then run those.
[3]: I've used other directory services. I would say that AD is a lot less painful than AFS or DFS/DCE. Things can change on a dime, and an AD competitor that can scale and replicate can come out of nowhere, similar to how Ansible/Puppet/Chef/Salt wasn't on anyone's radar a few years ago, but now is a staple of IT/DevOps as of now.
W2008R2 isn't bad for a desktop OS, if only because wbadmin (the included backup program) isn't the gutted POS it is on the client editions. It actually is comparable to Time Machine for doing decent backups.
Windows Server 2016 will be a nice desktop OS. Even though you don't have an option for a GUI shell upon install, it is easily added as a feature, and the telemetry stuff isn't present unless you explicitly add Cortana and other gewgaws.
Here is the ironic thing. IBM with POWER7 has two modes for their chips. One is the usual functionality, where a 32 core CPU uses all 32 cores. The second mode, called TurboCore, disables half the cores... but allows the cores that are working to use the cache of their disabled neighbors, as well as run the CPU at a higher clock rate.
The reason for this mode is because Oracle, Sybase, et. al., all have per core licensing for production systems. So, having the ability to turn off a good amount of cores will cut the fee in half, and that licensing fee can be very substantial.
One advantage of Microsoft was that they licensed per CPU socket. Now, in Windows Server 2016, that changes... and I'm not surprised it did, just because of the amount of cores available on Xeons and AMD CPU chips.
Maybe this is a good thing. Customers will demand that Intel and AMD start having more oomph per core than just adding more cores to the die. This will help a lot in tasks that can't be multithreaded (fast fourier transforms if doing video, for example.) Maybe we will see the IBM TurboCore mode (not to be confused with AMD's TurboCore) used in the amd64 architecture.