The one lost art I miss are very good docking stations. Those can turn a good laptop into a very good desktop.
A long while back, there used to be docking stations available for IBM Thinkpads that would have space for PCI cards. This way, if one wanted SCSI on the desktop, the card would just drop in and work.
Apple had a docking station for the PowerBook Duo which loaded and unloaded the laptop like a VHS cassette. Just push it into the slot, the dock would automatically "mount" it like a tape and one would have video and such on the desktop. Hit the eject button, everything unmounts, and the laptop is ready for the road.
Maybe there would be a market for docking stations with the above features. With Thunderbolt, a docking station could provide a breakout box for PCIe cards, although not as fast as a native PCIe interface (due to the limited lanes provided), but it would be good enough for most things.
Of course, things like internal disks, additional network interfaces and such would be useful too.
If you are not running the latest Crysis successor, a quad-core laptop CPU on a machine with 8-16 gigs of RAM can be "good enough", especially with a SSD, a docking station that supports Thunderbolt, and USB3 for drives.
A few years back, I would never have stated this because I/O on a laptop was so limited, as well as the onboard video. However, the latest Intel stuff is decent and can run almost anything you throw at it.
Even x86 tablets are nearing the point where with a docking station, they can replace desktops. The Surface Pro 2 almost seems to be at that point. I'm sure the next generation, coupled with a docking station that sports Thunderbolt and other connectors, would cross that barrier.
If desktops were dying, there would be talk about people actively tossing them out en masse. However, most desktop machines end up still being used until they break, then ditched.
Desktop technology is just mature. There is nothing that runs on a tablet or phone that can't run on a desktop or server [1]. Tablets and smartphones are just more convenient, and right now that niche is filling out while desktops have had their market saturation for a number of years now.
Consoles are another item. The only reason they still exist is that game making companies love the iron-fisted control they have over the platform (no used games, high prices, forcing DLC purchases, shipping beta-quality code and patching later, etc.) Consoles used to have the "it just works" advantage over PCs, but even that is starting to erode.
[1]: Assuming an x86-64 based server. Good luck trying to run a native Angry Birds executable on a POWER7.
My computer is still pretty useful with Windows 8.1.
I really don't know any tablets that have deduplication, autotiering, online checking of filesystems for damaged indexes or image based backups, or ZFS-like dynamic volume storage (Windows Storage Spaces is useful in that regard.)
Deduplication is nice. I have a script which moves the files copied from the file server out of the shared drive and into another part. That way, if Cryptolocker stings the machine, it might nail a day's worth of files, but it won't have access past that. Plus, the additional file copies are essentially UNIX hard links, rather than taking additional space.
That might be a way to go. For example, setting up a self-recovery system for lost Active Directory passwords is not too difficult to do with FIM.
Another example was at one company I worked for, a lot of IT time was taken by reimaging machines. Setting up a PXE/WDS server and maintaining a couple master images did require an additional server and some routing configs... but the payoff was well worth it.
Of course, there are things which can only be solved with "boots on the ground", but maybe giving an effort to pare away stuff that can be automated might help things.
With the proper admin tools purchased and licensed, one person running that many workstations is definitely possible.
However, if a company balks at buying the enterprise stuff (programs to check if all boxes have AV working for CYA reasons, the ability to push MSI updates, a working WSUS mechanism, a working PXE boot mechanism so workstations can be reloaded through the network, a backup program so user documents are stored somewhere safe, and so on), it can be a difficult task for 20 admins.
There is the dilemma: If nothing breaks, upper management will think one is just being lazy or slacking off, and just wants more headcount for the latest office party. However, if something does break, there is a good chance of people getting fired for "not doing something about it".
In some cases, something has to break before something is done, so one has to calculate when to just let the juggled balls all drop so management actually sees there are actual issues that are affecting day to day operations.
Another issues are vehicles that can take control of the steering wheel to parallel park. How can we be sure that they decide not to hit hard left/right because some glitch caused a controller to send those instructions down the CANBus to tell it to do that. It may not be a big deal, or it might be something that the driver will have difficulty "fighting". Plus, a complete revolution of the wheel at 88-104 kph (55-65 mph) likely will flip most vehicles, or at least get them off the road.
This isn't to blame the auto makers -- they never realized that people will be deliberately trying to get their vehicles to go haywire. However it might be something they should consider so if the vehicle fails, it fails in a state that at least renders it operable until it stops.
1: As mentioned above, if it fries pacemakers, insulin pumps, or heart plugs, how will wrongful death lawsuits be handled?
2: If used on a motorcycle, it can mean the rider can lose control, causing a crash, fatality, and lawsuits.
3: If used on a car, most cars are drive-by-wire. This means that brakes and steering will be made inoperable in some cars, causing an instant wreck... and subsequent lawsuits. Other cars will still have mechanical brakes and steering, but most people are used to power-assisted brakes and steering... and having their vehicle handle way differently can also cause a wreck... and lawsuit.
4: What happens if another car is hit? Radio waves can be directed in unexpected places. Yet another wreck possiblity and lawsuit.
5: Of course, the bad guys will have this technology sooner or later. Now, watch stretches of I-10 become nice kill zones for thieves who are desiring either pickup trucks for Mexican drug runs, or just to pop caps in people once their car is stopped to get soldier status in their gang.
Bad idea all around... well all but for the attorneys who will make a mint from this.
I'm not surprised. At first, I saw people home-schooling, and it was just the RW types. However, I'm seeing the same thing on the left as well, where parents are just getting tired of a broken education system.
How to fix? I have thought of vouchers as an idea, but my fear that it would trade failed public schools for failed schools owned by a private corporation. A national school system would not fly because of the history of state/local autonomy. Bashing unions are not going to help much, as non-union schools have as many problems as ones with teacher unions.
Probably the best way is from the ground up... get homeschooling parents to trade off, and form the old "one room schoolhouse" of yore.
I'm definitely not belittling the work it takes to make such an undertaking, but one can compare the ACA website to the US NCIC database that every LEO uses from Interpol down to the country dogcatcher.
The NCIC database has as much, if not more communication, be it to private companies, to government agencies, to international entities (other nation LEO/intel service), down to the comic strip posted where people get $5 off if they successfuly match five people's pictures to the crimes they did.
I agree -- this is very, very hard work. However, it isn't something that has not been done before.
My stuff is basically a simple query. Username and password get sent, and a reply gets kicked back. Everything else is handled by the app. A new or deletion request is handled slightly differently, but a password change is handled by sending up (via https) the username, password, and a nonce that the server sent back (the nonce is to prevent replay attacks). The request gets checked, and if it validates, the old password is overwritten. If no user is present, the username and PW tuple is added.
Of course, this is alpha quality work, but if done right, armoring the password hash values similar to the private key in a HSM, it will help slow down mass password thefts.
You can proxy SSL. BlueCoat sells devices which do exactly that.
Of course, the root key will be different, but of all the users using a Wi-fi service, how many will stop what they are doing, versus click on the "bah, toss the key into the trusted root keystore regardless of security and let me proceed" button.
I don't think this is what Swarm Mobile is doing, but if someone did try MITM-ing SSL streams, I would not be surprised if they had some success.
VPNs should be a matter of course for anyone using Wi-Fi (barring their home/work networks, of course.) FireSheep type attacks are not as big an attack as in the past, but there are still things one can do, be it Phorm-like modification of HTTP streams in flight (perhaps injecting malware) to DNS hijacking (and there are people who will completely ignore the obvious SSL warnings and proceed no matter what, even stashing the bogus key in their root cert pool.)
VPNs are not perfect. However, having traffic slowed or stopped is a less of an issue than having it modified in flight or just plain snooped.
It is that way across the pond with systems that demand you create a user account for "free" access, or at best are unusable because someone else is using it for their torrents.
Here, the tragedy of the commons is in full swing, so some retailers (especially cafes) actually turn off their public APs from 11-2 to deter table campers (people who buy a drink, then sit at a table for hours during the busy lunch rush.)
Unfortunately, unlimited mobile plans are going the opposite way in the US... Sprint killed all MVNO contracts offering unlimited capacity/month last month.
Some phones have a provider that automatically latches on if given a SSID. This is why I prefer something with CyanogenMod or similar so unless I explicitly tell it to hop onto a connection, it won't. This beats having to turn off the Wi-Fi antenna when leaving the house.
This is another reason to have a VPN ready. I don't think this technology is really new... just a repackage of looking at HTTP streams for marketing reasons.
I tend to use a VPN on any public Wi-Fi, and this just adds even more reason to. If the local place blocks it, that is their perogative and their store.
Can you cite me a working use case of MarkLogic, or any NoSQL database being used for something other than "disposable" data (search engine indexes for example) which transaction integrity is not an issue? Especially in the medical field where loss of records can mean very large civil and criminal actions.
NoSQL has its uses because it plays fast and loose with ACID, allows the application to have more control of things, and is good for large writes. However, medical data isn't something one wants to take risks with, and I've not seen any real cases of NoSQL "earning its bones" with critical data.
The ironic thing is that after the NoSQL fiasco of healthcare.gov [1], I was convinced that anyone running Oracle, MS SQL, or DB/2 on the backend would have something decent up and running.
This isn't rocket science. Grab example schema from a private insurance firm, adapt them to this task, and go from there.
I'm completely surprised by this... Oracle is one of the top tier database managers of choice for the big leagues, so I was expecting this to be a cakewalk compared to other tasks.
[1]: Why is a RDBMS that (as far as I am aware of) fails the ACID test being used for such critical data in the first place?
I'd second the recommendation for a CNC shop. Anodized aluminum, whatever color you want, or if anodizing isn't up to snuff, powder coating, or having it dipped.
Your choice of shapes, fasteners, how things attach. Combine this with pairs of holes for zip ties, and it will be a fairly neat server room.
Another thing I've seen was fiber optic multiplexers that would take a rack of 10gigE signal, run it along one fiber to a de-muxer near the router. That way, there is one, and only one network cable from each rack. If power is done so it comes from underneath (preferably 2+ PDUs), this will make things fairly tidy... well until people start stringing cable for their pet projects again.
I'm also just a data point, but because I worked for a few years in an academic environment (doing part time interning in IT while taking courses), I saw a lot of oddball stuff that the college students/staff/faculty would bring in and ask for help with.
I've seen MBR malware twice. A strain back in the mid 1990s before BIOSes had a "virus protection" option which locked the MBR, and a strain a few years back. This was fixable, but usually it meant that the machine was completely destroyed with other forms of malware at that point and pretty much required a complete reinstall.
There is the fact that the user controls the OS, or at the minimum directs control of the machine either actively or passively (in the case of malware.)
Without the PC, we might all be using set top boxes to CIS, The Source, or AOL, paying $12 an hour for 9600 baud access to access forums or perhaps use a word processor with a couple megs for remote storage. There was a time when cable set top boxes and Internet connected devices were in a race, and thankfully the more open items won.
I think it will come around. Motorola tried to offer a phone/desktop with the Atrix, Atrix 2, and Bionic, and eventually killed it. However, it was a very nice platform for running Citrix Receiver on, as well as basic Web browsing.
x86 tablets are getting to the point where they can do virtually 100% of a user's needs as a desktop, especially with a docking station for Thunderbolt, USB, and other ports. I wouldn't be surprised to see smartphones with 256-512 GB of SSD capacity to be able to be dropped into a docking station and offer PC desktop functionality as well.
Microsoft had to do something after XP. One of those things was to split user and admin contexts. To do this, they had to hit the relatively lazy developers hard so not every single application just required admin rights as a matter of course.
It was painful, but it helped security immensely.
XP is a nice OS (still useful for Web browsing in a virtual machine), but unlike most things, operating systems have to be dynamic to keep up with the blackhats. XP's building blocks are circa 2000, while Windows 8.1 may have a larger footprint, but it engineered to help protect against 2013-era threats, be it Secure Boot to combat MBR malware, or the ability to use BitLocker with a password without needing a TPM chip.
Slashdot Mirror
The one lost art I miss are very good docking stations. Those can turn a good laptop into a very good desktop.
A long while back, there used to be docking stations available for IBM Thinkpads that would have space for PCI cards. This way, if one wanted SCSI on the desktop, the card would just drop in and work.
Apple had a docking station for the PowerBook Duo which loaded and unloaded the laptop like a VHS cassette. Just push it into the slot, the dock would automatically "mount" it like a tape and one would have video and such on the desktop. Hit the eject button, everything unmounts, and the laptop is ready for the road.
Maybe there would be a market for docking stations with the above features. With Thunderbolt, a docking station could provide a breakout box for PCIe cards, although not as fast as a native PCIe interface (due to the limited lanes provided), but it would be good enough for most things.
Of course, things like internal disks, additional network interfaces and such would be useful too.
If you are not running the latest Crysis successor, a quad-core laptop CPU on a machine with 8-16 gigs of RAM can be "good enough", especially with a SSD, a docking station that supports Thunderbolt, and USB3 for drives.
A few years back, I would never have stated this because I/O on a laptop was so limited, as well as the onboard video. However, the latest Intel stuff is decent and can run almost anything you throw at it.
Even x86 tablets are nearing the point where with a docking station, they can replace desktops. The Surface Pro 2 almost seems to be at that point. I'm sure the next generation, coupled with a docking station that sports Thunderbolt and other connectors, would cross that barrier.
If desktops were dying, there would be talk about people actively tossing them out en masse. However, most desktop machines end up still being used until they break, then ditched.
Desktop technology is just mature. There is nothing that runs on a tablet or phone that can't run on a desktop or server [1]. Tablets and smartphones are just more convenient, and right now that niche is filling out while desktops have had their market saturation for a number of years now.
Consoles are another item. The only reason they still exist is that game making companies love the iron-fisted control they have over the platform (no used games, high prices, forcing DLC purchases, shipping beta-quality code and patching later, etc.) Consoles used to have the "it just works" advantage over PCs, but even that is starting to erode.
[1]: Assuming an x86-64 based server. Good luck trying to run a native Angry Birds executable on a POWER7.
My computer is still pretty useful with Windows 8.1.
I really don't know any tablets that have deduplication, autotiering, online checking of filesystems for damaged indexes or image based backups, or ZFS-like dynamic volume storage (Windows Storage Spaces is useful in that regard.)
Deduplication is nice. I have a script which moves the files copied from the file server out of the shared drive and into another part. That way, if Cryptolocker stings the machine, it might nail a day's worth of files, but it won't have access past that. Plus, the additional file copies are essentially UNIX hard links, rather than taking additional space.
That might be a way to go. For example, setting up a self-recovery system for lost Active Directory passwords is not too difficult to do with FIM.
Another example was at one company I worked for, a lot of IT time was taken by reimaging machines. Setting up a PXE/WDS server and maintaining a couple master images did require an additional server and some routing configs... but the payoff was well worth it.
Of course, there are things which can only be solved with "boots on the ground", but maybe giving an effort to pare away stuff that can be automated might help things.
With the proper admin tools purchased and licensed, one person running that many workstations is definitely possible.
However, if a company balks at buying the enterprise stuff (programs to check if all boxes have AV working for CYA reasons, the ability to push MSI updates, a working WSUS mechanism, a working PXE boot mechanism so workstations can be reloaded through the network, a backup program so user documents are stored somewhere safe, and so on), it can be a difficult task for 20 admins.
There is the dilemma: If nothing breaks, upper management will think one is just being lazy or slacking off, and just wants more headcount for the latest office party. However, if something does break, there is a good chance of people getting fired for "not doing something about it".
In some cases, something has to break before something is done, so one has to calculate when to just let the juggled balls all drop so management actually sees there are actual issues that are affecting day to day operations.
Another issues are vehicles that can take control of the steering wheel to parallel park. How can we be sure that they decide not to hit hard left/right because some glitch caused a controller to send those instructions down the CANBus to tell it to do that. It may not be a big deal, or it might be something that the driver will have difficulty "fighting". Plus, a complete revolution of the wheel at 88-104 kph (55-65 mph) likely will flip most vehicles, or at least get them off the road.
This isn't to blame the auto makers -- they never realized that people will be deliberately trying to get their vehicles to go haywire. However it might be something they should consider so if the vehicle fails, it fails in a state that at least renders it operable until it stops.
Infiniti Q50?
There will be a lot of blowback from this device:
1: As mentioned above, if it fries pacemakers, insulin pumps, or heart plugs, how will wrongful death lawsuits be handled?
2: If used on a motorcycle, it can mean the rider can lose control, causing a crash, fatality, and lawsuits.
3: If used on a car, most cars are drive-by-wire. This means that brakes and steering will be made inoperable in some cars, causing an instant wreck... and subsequent lawsuits. Other cars will still have mechanical brakes and steering, but most people are used to power-assisted brakes and steering... and having their vehicle handle way differently can also cause a wreck... and lawsuit.
4: What happens if another car is hit? Radio waves can be directed in unexpected places. Yet another wreck possiblity and lawsuit.
5: Of course, the bad guys will have this technology sooner or later. Now, watch stretches of I-10 become nice kill zones for thieves who are desiring either pickup trucks for Mexican drug runs, or just to pop caps in people once their car is stopped to get soldier status in their gang.
Bad idea all around... well all but for the attorneys who will make a mint from this.
I'm not surprised. At first, I saw people home-schooling, and it was just the RW types. However, I'm seeing the same thing on the left as well, where parents are just getting tired of a broken education system.
How to fix? I have thought of vouchers as an idea, but my fear that it would trade failed public schools for failed schools owned by a private corporation. A national school system would not fly because of the history of state/local autonomy. Bashing unions are not going to help much, as non-union schools have as many problems as ones with teacher unions.
Probably the best way is from the ground up... get homeschooling parents to trade off, and form the old "one room schoolhouse" of yore.
I'm definitely not belittling the work it takes to make such an undertaking, but one can compare the ACA website to the US NCIC database that every LEO uses from Interpol down to the country dogcatcher.
The NCIC database has as much, if not more communication, be it to private companies, to government agencies, to international entities (other nation LEO/intel service), down to the comic strip posted where people get $5 off if they successfuly match five people's pictures to the crimes they did.
I agree -- this is very, very hard work. However, it isn't something that has not been done before.
My stuff is basically a simple query. Username and password get sent, and a reply gets kicked back. Everything else is handled by the app. A new or deletion request is handled slightly differently, but a password change is handled by sending up (via https) the username, password, and a nonce that the server sent back (the nonce is to prevent replay attacks). The request gets checked, and if it validates, the old password is overwritten. If no user is present, the username and PW tuple is added.
Of course, this is alpha quality work, but if done right, armoring the password hash values similar to the private key in a HSM, it will help slow down mass password thefts.
You can proxy SSL. BlueCoat sells devices which do exactly that.
Of course, the root key will be different, but of all the users using a Wi-fi service, how many will stop what they are doing, versus click on the "bah, toss the key into the trusted root keystore regardless of security and let me proceed" button.
I don't think this is what Swarm Mobile is doing, but if someone did try MITM-ing SSL streams, I would not be surprised if they had some success.
VPNs should be a matter of course for anyone using Wi-Fi (barring their home/work networks, of course.) FireSheep type attacks are not as big an attack as in the past, but there are still things one can do, be it Phorm-like modification of HTTP streams in flight (perhaps injecting malware) to DNS hijacking (and there are people who will completely ignore the obvious SSL warnings and proceed no matter what, even stashing the bogus key in their root cert pool.)
VPNs are not perfect. However, having traffic slowed or stopped is a less of an issue than having it modified in flight or just plain snooped.
It is that way across the pond with systems that demand you create a user account for "free" access, or at best are unusable because someone else is using it for their torrents.
Here, the tragedy of the commons is in full swing, so some retailers (especially cafes) actually turn off their public APs from 11-2 to deter table campers (people who buy a drink, then sit at a table for hours during the busy lunch rush.)
Unfortunately, unlimited mobile plans are going the opposite way in the US... Sprint killed all MVNO contracts offering unlimited capacity/month last month.
Some phones have a provider that automatically latches on if given a SSID. This is why I prefer something with CyanogenMod or similar so unless I explicitly tell it to hop onto a connection, it won't. This beats having to turn off the Wi-Fi antenna when leaving the house.
This is another reason to have a VPN ready. I don't think this technology is really new... just a repackage of looking at HTTP streams for marketing reasons.
I tend to use a VPN on any public Wi-Fi, and this just adds even more reason to. If the local place blocks it, that is their perogative and their store.
Please enlighten me:
Can you cite me a working use case of MarkLogic, or any NoSQL database being used for something other than "disposable" data (search engine indexes for example) which transaction integrity is not an issue? Especially in the medical field where loss of records can mean very large civil and criminal actions.
NoSQL has its uses because it plays fast and loose with ACID, allows the application to have more control of things, and is good for large writes. However, medical data isn't something one wants to take risks with, and I've not seen any real cases of NoSQL "earning its bones" with critical data.
The ironic thing is that after the NoSQL fiasco of healthcare.gov [1], I was convinced that anyone running Oracle, MS SQL, or DB/2 on the backend would have something decent up and running.
This isn't rocket science. Grab example schema from a private insurance firm, adapt them to this task, and go from there.
I'm completely surprised by this... Oracle is one of the top tier database managers of choice for the big leagues, so I was expecting this to be a cakewalk compared to other tasks.
[1]: Why is a RDBMS that (as far as I am aware of) fails the ACID test being used for such critical data in the first place?
I've wondered about clear UPVC pipes as well.
I'd second the recommendation for a CNC shop. Anodized aluminum, whatever color you want, or if anodizing isn't up to snuff, powder coating, or having it dipped.
Your choice of shapes, fasteners, how things attach. Combine this with pairs of holes for zip ties, and it will be a fairly neat server room.
Another thing I've seen was fiber optic multiplexers that would take a rack of 10gigE signal, run it along one fiber to a de-muxer near the router. That way, there is one, and only one network cable from each rack. If power is done so it comes from underneath (preferably 2+ PDUs), this will make things fairly tidy... well until people start stringing cable for their pet projects again.
I'm also just a data point, but because I worked for a few years in an academic environment (doing part time interning in IT while taking courses), I saw a lot of oddball stuff that the college students/staff/faculty would bring in and ask for help with.
I've seen MBR malware twice. A strain back in the mid 1990s before BIOSes had a "virus protection" option which locked the MBR, and a strain a few years back. This was fixable, but usually it meant that the machine was completely destroyed with other forms of malware at that point and pretty much required a complete reinstall.
There is the fact that the user controls the OS, or at the minimum directs control of the machine either actively or passively (in the case of malware.)
Without the PC, we might all be using set top boxes to CIS, The Source, or AOL, paying $12 an hour for 9600 baud access to access forums or perhaps use a word processor with a couple megs for remote storage. There was a time when cable set top boxes and Internet connected devices were in a race, and thankfully the more open items won.
I think it will come around. Motorola tried to offer a phone/desktop with the Atrix, Atrix 2, and Bionic, and eventually killed it. However, it was a very nice platform for running Citrix Receiver on, as well as basic Web browsing.
x86 tablets are getting to the point where they can do virtually 100% of a user's needs as a desktop, especially with a docking station for Thunderbolt, USB, and other ports. I wouldn't be surprised to see smartphones with 256-512 GB of SSD capacity to be able to be dropped into a docking station and offer PC desktop functionality as well.
Microsoft had to do something after XP. One of those things was to split user and admin contexts. To do this, they had to hit the relatively lazy developers hard so not every single application just required admin rights as a matter of course.
It was painful, but it helped security immensely.
XP is a nice OS (still useful for Web browsing in a virtual machine), but unlike most things, operating systems have to be dynamic to keep up with the blackhats. XP's building blocks are circa 2000, while Windows 8.1 may have a larger footprint, but it engineered to help protect against 2013-era threats, be it Secure Boot to combat MBR malware, or the ability to use BitLocker with a password without needing a TPM chip.