I would like to believe that when I host a server at Slicehost (oh, yeah, it's Rackspace now) that they have server administrators who are better trained than I am. That they have backup procedures that are better executed than I would do. That they upgrade their hardware more often than I do.
Likewise, if I put my data on a "cloud" service, I am paying for the assurance that they have secured those servers at least as well as I would, in addition to whatever it is that they specialize in (scalability, availability, redundancy, etc). So, in theory at least, that's what's special about it - that they can do a better job at those things, for less money, than I can.
The reality can be less clear cut, and so, as with any vendor selection process, you have to do your homework and find the ones that seem to do a good job.
I think the press has done us all a disservice by making the cloud into, as you say, a mysterious relic with mystical powers. Hopefully those of us actually making these decisions understand what it really means and can be sober about evaluating options.
I used to be a security "expert" (at least according to my business card), but that was long enough ago, and things have changed sufficiently since then, that I no longer make that claim. However, back then, most of our customers happened to be in healthcare in some form or another, and I was appalled, on a daily basis, how insecure their data was. Any high school kid with some tools could completely own their network servers with very little effort. We hired one of those high school kids, and he frequently did.
Furthermore, with a little sweet talking, or looking under keyboards, we got access to all the stuff that he didn't. Granted, this was in the days immediately before HIPAA, and in the first days after HIPAA when people were trying to figure out how to implement the requirements. I naively hope that HIPAA has corrected some of the most glaring of these problems.
It's hard to imagine that putting data "in the cloud", whatever that happens to mean in the particular case under discussion, could be any less secure than where they're already storing your data.
I didn't get to pick the question, if that's what you're asking. Presumably, if I had, it would be more about Open Source. I believe the question was chosen by the Slashdot editorial team.
Servers "in the cloud" are installed, secured, and maintained, by sysadmins like you and me. Some of those sysadmins are good at what they do, and some of them aren't. "The cloud" is not intrinsically secure or insecure, because "the cloud" is not a definable entity, as much as the tech press wants it to be. This is a misnomer perpetrated by the poorly-informed press, and not really something that's based in reality.
Every time we read an article about "the cloud", it's useful to take a moment to consider what it actually means in that particular scenario.
Although "the cloud" means "I don't care where my servers are", there are in fact actual servers somewhere, and there's an actual person or team of persons responsible for maintaining that server or servers, and they are either good at their job, or they aren't. Talking about "the cloud" as though it's one homogeneous mush of data is nonsense, and leads to all sorts of false conclusions.
If it were possible to send messages back in time, and if this problem is *ever* going to be solved, then we would have already received the messages. Therefore, this problem will never be solved.
I simply don't care, and can't fathom why I should care. It is not, never has been, and never will be my responsibility to ensure the accuracy of statistical reports on sites that I visit. What data is stored on my personal computer is my business, and nobody else's. Is there seriously anybody who thinks that this is actual news? Are there seriously people who are able to get funding for such intuitively obvious research? Where do I get my cut?
In the mean time (ie, since the 2.0 release) we've changed the versioning model to the "odds are dev, evens are stable" model. So as soon as 2.2 released, development moved to the 2.3 branch, which will release as 2.4. So, yes, like Perl and Linux and many other things.
As for transferring >2GB files, this comes up many times every day on #apache, and fairly frequently on the mailing lists, so people do actually want to do this.
Folks that are still using 1.3 are missing out on enormous strides forward. The "it still works fine, why should I upgrade" crowd are completely welcome to remain where they are, and we're not going to compel to move, but they are going to miss out on all sorts of cool things, in the name of "it's good enough already." Their loss, not ours.
You so completely missed the point. I'm a committer on the Apache web server project. I am actively fixing these problems. Forking the project is not even a consideration. I'm just making people aware of what people are complaining about.
Seeing this presentation outside of the context - a 5-minute presentation to apache developers by an apache deveoper - leads to complete misunderstanding of what it was all about.
For the record, the talk was created in Keynote, which will export to a variety of formats. PDF seemed like the least problematic of those formats. I don't use PowerPoint.
Thanks for all the great feedback from folks about my complaints and examples. Yes, it was more than a little tongue-in-cheek, and several of these problems have in fact already been fixed - a couple of them right there are the conference.
And, I'm not *just* complaining. I fixed the "Require User" case sensitivity thing, and I'm rewriting the mod_rewrite docs.
Right... and, like I said (I thought, pretty clearly) I'm not saying that everyone should switch. I'm merely asking for the PHP website to stop discouraging migration for those folks who do have reasons for doing so.
I know, suggesting that Slashdot might be misinterpreting my words is close to heresy...;-)
Allow me to clarify something if I may. I'm not suggesting that everyone needs to migrate to Apache 2.0 today. I'm suggesting that PHP not strenuously discourage people from doing so. Those are two rather different things.
I hardly think that my posting (which, of course, nobody can read now because my server in my bedroom is melting. *sigh*) qualifies as unimitigated flames.
And I *certainly* don't presume to speak for the whole Apache community. It was just some (I thought0 harmless observations.
Let's try an experiment. Tomorrow, post exactly the same story, but change the name of the college and change "Apple" to "Microsoft." See the comments change to condemnation of a big corporation using their false benevolence to coerce gullible Freshmen to buy their products.
Or perhaps we could give the freshmen a coupon for a free download of a Linux distribution.
As for me, I like to dupe my CDs mainly so I can use them in the car without jeopardizing the originals. A copy limit would not hinder me in that regard.... except when your nth copy gets damaged in your car CD player. I make copies of CDs to play in the car, and I tend to do it on cheap CDRs which seem to get damaged pretty quickly. It's not uncommon for me to go through n copies of a CD over the course of a few years.
A self-styled "scientist" (not scientists) claims to think he might know where Atlantis is, and is about to start looking. That's not the same thing as having found it. The English gramtical construct "believes Atlantis found off Cyprus" means that he thinks it will be found there - ie, he thinks it's there - not that he has already found it.
The article is a whole 5 sentences, and is very clear.
Slashdot Mirror
I would like to believe that when I host a server at Slicehost (oh, yeah, it's Rackspace now) that they have server administrators who are better trained than I am. That they have backup procedures that are better executed than I would do. That they upgrade their hardware more often than I do.
Likewise, if I put my data on a "cloud" service, I am paying for the assurance that they have secured those servers at least as well as I would, in addition to whatever it is that they specialize in (scalability, availability, redundancy, etc). So, in theory at least, that's what's special about it - that they can do a better job at those things, for less money, than I can.
The reality can be less clear cut, and so, as with any vendor selection process, you have to do your homework and find the ones that seem to do a good job.
I think the press has done us all a disservice by making the cloud into, as you say, a mysterious relic with mystical powers. Hopefully those of us actually making these decisions understand what it really means and can be sober about evaluating options.
I used to be a security "expert" (at least according to my business card), but that was long enough ago, and things have changed sufficiently since then, that I no longer make that claim. However, back then, most of our customers happened to be in healthcare in some form or another, and I was appalled, on a daily basis, how insecure their data was. Any high school kid with some tools could completely own their network servers with very little effort. We hired one of those high school kids, and he frequently did.
Furthermore, with a little sweet talking, or looking under keyboards, we got access to all the stuff that he didn't. Granted, this was in the days immediately before HIPAA, and in the first days after HIPAA when people were trying to figure out how to implement the requirements. I naively hope that HIPAA has corrected some of the most glaring of these problems.
It's hard to imagine that putting data "in the cloud", whatever that happens to mean in the particular case under discussion, could be any less secure than where they're already storing your data.
I didn't get to pick the question, if that's what you're asking. Presumably, if I had, it would be more about Open Source. I believe the question was chosen by the Slashdot editorial team.
...that the first outing of the sponsored Ask Slashdot is a Geeknet company.
Yes. I'm called the guinea pig.
Yes, exactly.
Servers "in the cloud" are installed, secured, and maintained, by sysadmins like you and me. Some of those sysadmins are good at what they do, and some of them aren't. "The cloud" is not intrinsically secure or insecure, because "the cloud" is not a definable entity, as much as the tech press wants it to be. This is a misnomer perpetrated by the poorly-informed press, and not really something that's based in reality.
Every time we read an article about "the cloud", it's useful to take a moment to consider what it actually means in that particular scenario.
Although "the cloud" means "I don't care where my servers are", there are in fact actual servers somewhere, and there's an actual person or team of persons responsible for maintaining that server or servers, and they are either good at their job, or they aren't. Talking about "the cloud" as though it's one homogeneous mush of data is nonsense, and leads to all sorts of false conclusions.
Oh, never mind.
If it were possible to send messages back in time, and if this problem is *ever* going to be solved, then we would have already received the messages. Therefore, this problem will never be solved.
I simply don't care, and can't fathom why I should care. It is not, never has been, and never will be my responsibility to ensure the accuracy of statistical reports on sites that I visit. What data is stored on my personal computer is my business, and nobody else's. Is there seriously anybody who thinks that this is actual news? Are there seriously people who are able to get funding for such intuitively obvious research? Where do I get my cut?
In the mean time (ie, since the 2.0 release) we've changed the versioning model to the "odds are dev, evens are stable" model. So as soon as 2.2 released, development moved to the 2.3 branch, which will release as 2.4. So, yes, like Perl and Linux and many other things.
As for transferring >2GB files, this comes up many times every day on #apache, and fairly frequently on the mailing lists, so people do actually want to do this.
Folks that are still using 1.3 are missing out on enormous strides forward. The "it still works fine, why should I upgrade" crowd are completely welcome to remain where they are, and we're not going to compel to move, but they are going to miss out on all sorts of cool things, in the name of "it's good enough already." Their loss, not ours.
heh heh. :-) The server is sitting in the server room, waiting for me to get back in the office tomorrow.
Hopefully next week, Andy.
You so completely missed the point. I'm a committer on the Apache web server project. I am actively fixing these problems. Forking the project is not even a consideration. I'm just making people aware of what people are complaining about.
Seeing this presentation outside of the context - a 5-minute presentation to apache developers by an apache deveoper - leads to complete misunderstanding of what it was all about.
For the record, the talk was created in Keynote, which will export to a variety of formats. PDF seemed like the least problematic of those formats. I don't use PowerPoint.
Thanks for all the great feedback from folks about my complaints and examples. Yes, it was more than a little tongue-in-cheek, and several of these problems have in fact already been fixed - a couple of them right there are the conference.
And, I'm not *just* complaining. I fixed the "Require User" case sensitivity thing, and I'm rewriting the mod_rewrite docs.
Sheesh. If you want to get away from it all, why not try leaving your computers at home?
Right ... and, like I said (I thought, pretty clearly) I'm not saying that everyone should switch. I'm merely asking for the PHP website to stop discouraging migration for those folks who do have reasons for doing so.
... ;-)
I know, suggesting that Slashdot might be misinterpreting my words is close to heresy
Allow me to clarify something if I may. I'm not suggesting that everyone needs to migrate to Apache 2.0 today. I'm suggesting that PHP not strenuously discourage people from doing so. Those are two rather different things.
I hardly think that my posting (which, of course, nobody can read now because my server in my bedroom is melting. *sigh*) qualifies as unimitigated flames.
And I *certainly* don't presume to speak for the whole Apache community. It was just some (I thought0 harmless observations.
It's very simple. We want people to move to 2.0, but since people have not done so, we're not going to leave them high and dry.
lim 5->4 sqrt(5) = 2
A walkman, an audio cable, and some cronjobs. I've been doing this for years.
... That kind of thinking got us the Alien and Sedition acts and Prohibition. ...
And the Patriot Act, let's not forget.
Let's try an experiment. Tomorrow, post exactly the same story, but change the name of the college and change "Apple" to "Microsoft." See the comments change to condemnation of a big corporation using their false benevolence to coerce gullible Freshmen to buy their products.
Or perhaps we could give the freshmen a coupon for a free download of a Linux distribution.
"Nothing is permanently installed on a hard drive. These details can be verified in the 'install.log' file in the computer's root directory."
... if nothing is permanently installed on my hard drive, how does the install.log get there?
Um
As for me, I like to dupe my CDs mainly so I can use them in the car without jeopardizing the originals. A copy limit would not hinder me in that regard. ... except when your nth copy gets damaged in your car CD player. I make copies of CDs to play in the car, and I tend to do it on cheap CDRs which seem to get damaged pretty quickly. It's not uncommon for me to go through n copies of a CD over the course of a few years.
Given that we discussed this in college physics, 15 years ago, I somehow doubt that Dr Deutsch designed the test.
A self-styled "scientist" (not scientists) claims to think he might know where Atlantis is, and is about to start looking. That's not the same thing as having found it. The English gramtical construct "believes Atlantis found off Cyprus" means that he thinks it will be found there - ie, he thinks it's there - not that he has already found it.
The article is a whole 5 sentences, and is very clear.
The HWG project to translate the Gutenberg texts to HTML has been dead so long, and was alive so briefly, that it's not really even worth mentioning.