Yes, but he also said "administered." Have you ever tried to administer Mac OS X Server from the command line? Really? Because I have. And it Sucks. There is a reason why you would want to do this: scripted changes on a large scale. I run my Xserve headless in a locked datacenter. To make matters worse, ARD is flakey and frequently requires manual service restarts (via ssh).
That said, I still prefer it over Windows.
I'll tell ya though - I sure wish apple would talk to IT people about servers and have a remote management coprocessor like the HP ILO on proliant servers. The xserve is really NOT datacenter friendly.
The idea of snapshots is nothing new and has been around MUCH MUCH longer than Volume Shadow Copy. Apple is not copying it from MS, they (like MS) are taking an old idea that has been in volume managers and storage systems for many years and implementing it. Network Appliance has had an awesome snapshotting system since the mid / late 90's (not exactly sure when it started, but I was using it in 98.)
50,000 zombies? It wouldn't surprise me if the number is closer to several million in the US alone.
Frankly, a DHS press release encouraging end users will do nothing. The end-users that care and are not totally clueless already install patches. If the DHS is REALLY concerned about getting botnets under control, all they have to do is threaten ISP's to clean up their networks or they will force legislation / regulations down their throats. Most ISP's (especially broadband ISP's) do NOTHING AT ALL about botnets. Heck, most don't even ack emails to abuse accounts (actually DOING something about a report is almost unheard of.) That's what needs to change. When was the last time you ever heard of someone (on broadband) actually getting their account suspended due to spamming / being part of a botnet?
I read a Washington Post article on this that claimed that polls show him winning a three-way race. I'm not a Lieberman fan and don't live in Connecticut so don't really care one way or the other, but I will say that I would prefer a moderate reasonable candidate over one on the far end of any spectrum any day. There are always single issue voters out there that will support a candidate based on their pet issue alone, however I still think November may surprise you. The majority of people I know vote multi-party based on the qualties of the candidate and are not as polar as you believe the majority are.
Well, it doesn't help that current anti-spam laws (like the I can, you can, we all CAN-SPAM act) are so toothless and convoluted (thank you DMA) that hey just make the problem worse. A well written law would be a good thing to have - we don't have one now though.
ISP's (specifically broadband ISP's) also need to be held accountable for failing to take action against botnets and compromised hosts (hosting companies with thousands of vservers running unpatched apps / OS's are a huge problem.) Most email to abuse@ email accouts is just ignored. Since the ISPs are not being held accountable, they have NO incentive to do anything about the problem.
Reputable hosting companies / colo's don't sell bandwidth by the MB / GB. They sell bandwidth based on 95th percentile of sustained throughput (5 min averages). Based on the quality of the connection and quanity (CIR) you buy, this can be anywhere from $100/Mbps to $1000/Mbps. Bandwidth is generally burstable to the limit of your pipe (10/100M in most cases.)
One colo company I work with sells 512Kbps (100M burst) 1U colo hosting (your server) with 5 IP's for $99/mo.
Look at what you REALLY get with a lot of these hosted sites... A friend of mine had me look over one such hosting company. They were a plesk/virtuozzo shop, and the virtuals were FedoraCore 2 with NO PATCHES. Stock FC2. Not only was the software so old (php, mysql, etc.) that many modern CMS systems won't run, they were vulnerable to countless exploits. It's no wonder that so much spam comes from these cheap hosting companies. I'm more apt to believe #1.
That hosting company is not alone - I've seen the same issue at a few other large hosting companies. I'm also sure that most of these hosting companies do NOT upgrade their virtuals mainly because you never know what the user has upgraded or changed, and any wholesale upgraedes / patches can totally fsck over thousands of sites.
IMNSHO, most of these virtuals should not be REAL VM's where you give out root due to the issue of keeping machines up to date. The client base (for the most part) is not sophisticated enough to manage it.
Several incumbent Congress folks were voted out of office yesterday.
No. These were primaries. They don't get "voted out" until the November elections. Lieberman for example will now run as an independant, so don't cout him out yet. Not sure what his chances are, but he WAS one of the few moderates out there that has bi-partisan support.
Most primaries actually have very low voter turnout, so it's fairly easy for this kind of thing to happen.
With the codeweavers crossover mac (WINE), you won't need virtualization software for many common apps. IE, plugins, outlook, word, all the basic stuff works fairly well. No performance penalty or slow startups. It doesn't work for ALL apps however, but for your needs it may work.
For Linux, I use a combination of crossover and VMWare Workstation, and only use vmware in cases where crossover doesn't work correctly.
VMware PLAYER is free. VMware workstation is NOT. VMware workstation for OSX (if it's like other versions) will have a lot of very nice features that Parallels does not. I bet that VMware will release player for free on OSX which will devastate Parallels (since there is very little difference between them,) and users that need the more advanced features of workstation will buy it over Parallels for those features.
And you thought RFID "chipping" was evil. Wait until all job applicants, athletes, etc. are required to have an embedded blood testers with satellite uplink. Couple that with the "soon to be invented" embedded mind probe that can detect "criminal thoughts" (which will be easy to justify - think "protecting the kids from pedophiles.")
With our increasing police/nanny-state mentality, does anyone else think that this is a possibility? Remember: We already have thought-crime laws (aka "hate crime" laws. It's not the act that is bad, it's what you were thinking during the act that was bad.)
OK, let's look at this issue from a SMB point of view for just a second.
Let's say you buy a single DL-380. Why that machine? It's got great remote management with it's ILO feature. You, as a work-at-home consultant are now able to get into that machine and do damn near anything with it remotely including changing BIOS settings, power cycle, remote console, etc.
You install your debian, but since the HP management apps don't install on debian, you will NEVER know when a drive fails, or you have a bad memory chip unless you physically look at the machine. You also can't make changes to the storrage array (such as adding a new disk) without rebooting now.
HP's enterprise focus still affects you. They can't support every distro, so they pick the ones business is most likely to use, and the ones that they can work with easiest. So while YOU don't have an enterprise POV, HP does and you have to understand it to understand the issues. This isn't a flame or anything, it's just the reality of the state of Linux hardware support... Really - I DO like Debian, but it sucks not to be able to buy hardware from larger hardware vendors that support it. That's all I'm saying really...
Snapshots and clones are different (speaking of the EMC world here.)
Well, yeah, instant isn't "zero time" but it is a few seconds at best. Basically (inside the storage system) you have a "copy on write" (very much like a Linux fork()) into a "snapshot cache" LUN where the "old" block is saved. Your cache and snap area are pre-created and you just say "Go!" Network Appliance is similar (personally I like NetApp snapshots better than EMC snapshots.)
Clones are different - they are a syncronous copy that stays synced until you fracture it. We generally have 2 or more clones and rotate them in and out of sync. A new clone can take a long time to sync when created, but resyncing an existing clone isn't bad depending on how much has changed.
The performance impact when you are talking enterprise storage exists, but it's not really an issue. The systems are bloody fast with gigs of NV cache. That's why they get the big bucks. If you want enterprise features, performance, and reliability, you pay. I think we are in for around $1.5M on our install.
Keep in mind that you may be supporting hundreds of thousands or millions of users with such a system. Cost per user is really not bad.
Way out of the price range, but I do like the Xerox printers. Very fast first-page-out times, and fast print times in general. HP's got VERY cheesy recently (but they are less expensive too.)
It's not bad, but definatly more "plasticky" than my old 1270N. It also has no straight paper path option like the 1270 had so everything gets curled (envelopes and card stock are more difficult.) Heavy card stock (postcard) does not work. Envelope's get creased. It looks like you should be able to get the paper out the back, but it's got a sensor I couldn't find that prohibits this.
The front "multi-media" tray works well, but occasionally pulls mupltiple pages in at the same time.
I've run about 6000 pages through it now (on my second toner) and it works well. The starter toner only gets you about 2000 pages (max.)
Duplexing is also on the slow side (which is typical on most duplexing printers.)
I look at this printer as being disposable. By the time it needs a drum, I'll just buy a new printer.
If you look at Win2000, that should have had a couple more service packs too. Now it's sp4 + 84123E66 patches and 45123 reboots. Building a slipstream is a nightmare with so many patches.
That setup still doesn't help you if you type "rm -rf/". No RAID system will.
That's why on enterprise storage systems, you have "instant snapshots", clones, and such. Snapshots can be set to automagically fire off every hour if you so desire. Enterprise SAN's are not like PC storage.
I suppose only using raid 1 is reasonable for very small simplistic two-drive systems, but some up us live in the enterprise world where you need raid 1+0 which still stripes stuff over multiple drives. I don't care what you do, you are not going to take a raidset of any flavor out of an EMC array and be able to "stick it in anybox."
For example: I have a "1+0 raid group" that spans 56 drives. It's got 1 high performance application in one large LUN, and dozens of lower-performance LUNs (clones, snapshots, etc.) in the same raid group (which is a very cost-effective way to do it - it maximizes your storage dollar.)
The way you do things on a desktop don't translate to the enterprise.
Building your own car is hardly an analogy for running your own email server. While not everyone can run their own email server, it's not THAT hard and most people have the capability / equipment (broadband and a computer.) I guess "being reasonable" is irrelevant if you're trolling however.
1) Use your ISP's servers (or other email service) for outbound mail. In 99.9% of "blocking" cases, port 587 (the MSA port) is still open so you CAN use some other service. Inbound is generally not an issue (unless your ISP is on Planet Stupid. In this case, get a real ISP and not one that delivers "damaged" service.) 2) Use Spamassassin, and tune it according to the WIDELY available docs. SA even runs on Windows.
Slashdot Mirror
I would suggest that if you have $4M worth of data on a laptop that you have it encrypted.
Oh Gawd... I took a Cobol class on one of those back in the early 80's. What a horrible pile of shit that thing was. They retired it after our class.
Yes, but he also said "administered." Have you ever tried to administer Mac OS X Server from the command line? Really? Because I have. And it Sucks. There is a reason why you would want to do this: scripted changes on a large scale. I run my Xserve headless in a locked datacenter. To make matters worse, ARD is flakey and frequently requires manual service restarts (via ssh).
That said, I still prefer it over Windows.
I'll tell ya though - I sure wish apple would talk to IT people about servers and have a remote management coprocessor like the HP ILO on proliant servers. The xserve is really NOT datacenter friendly.
The idea of snapshots is nothing new and has been around MUCH MUCH longer than Volume Shadow Copy. Apple is not copying it from MS, they (like MS) are taking an old idea that has been in volume managers and storage systems for many years and implementing it. Network Appliance has had an awesome snapshotting system since the mid / late 90's (not exactly sure when it started, but I was using it in 98.)
virii is not a word.
The terrorists really don't care what we're doing at home. "They hate our freedom..." Yeah, BS. They just want us to get out of their own affairs.
Actually, they want us all dead. They don't just want to be left alone. We are pure evil - every last one of us including infants.
50,000 zombies? It wouldn't surprise me if the number is closer to several million in the US alone.
Frankly, a DHS press release encouraging end users will do nothing. The end-users that care and are not totally clueless already install patches. If the DHS is REALLY concerned about getting botnets under control, all they have to do is threaten ISP's to clean up their networks or they will force legislation / regulations down their throats. Most ISP's (especially broadband ISP's) do NOTHING AT ALL about botnets. Heck, most don't even ack emails to abuse accounts (actually DOING something about a report is almost unheard of.) That's what needs to change. When was the last time you ever heard of someone (on broadband) actually getting their account suspended due to spamming / being part of a botnet?
Yes. We don't need them to open source their drivers. We just need them to release docs in order for the community to write drivers.
I read a Washington Post article on this that claimed that polls show him winning a three-way race. I'm not a Lieberman fan and don't live in Connecticut so don't really care one way or the other, but I will say that I would prefer a moderate reasonable candidate over one on the far end of any spectrum any day. There are always single issue voters out there that will support a candidate based on their pet issue alone, however I still think November may surprise you. The majority of people I know vote multi-party based on the qualties of the candidate and are not as polar as you believe the majority are.
Well, it doesn't help that current anti-spam laws (like the I can, you can, we all CAN-SPAM act) are so toothless and convoluted (thank you DMA) that hey just make the problem worse. A well written law would be a good thing to have - we don't have one now though.
ISP's (specifically broadband ISP's) also need to be held accountable for failing to take action against botnets and compromised hosts (hosting companies with thousands of vservers running unpatched apps / OS's are a huge problem.) Most email to abuse@ email accouts is just ignored. Since the ISPs are not being held accountable, they have NO incentive to do anything about the problem.
Reputable hosting companies / colo's don't sell bandwidth by the MB / GB. They sell bandwidth based on 95th percentile of sustained throughput (5 min averages). Based on the quality of the connection and quanity (CIR) you buy, this can be anywhere from $100/Mbps to $1000/Mbps. Bandwidth is generally burstable to the limit of your pipe (10/100M in most cases.)
One colo company I work with sells 512Kbps (100M burst) 1U colo hosting (your server) with 5 IP's for $99/mo.
Look at what you REALLY get with a lot of these hosted sites... A friend of mine had me look over one such hosting company. They were a plesk/virtuozzo shop, and the virtuals were FedoraCore 2 with NO PATCHES. Stock FC2. Not only was the software so old (php, mysql, etc.) that many modern CMS systems won't run, they were vulnerable to countless exploits. It's no wonder that so much spam comes from these cheap hosting companies. I'm more apt to believe #1.
That hosting company is not alone - I've seen the same issue at a few other large hosting companies. I'm also sure that most of these hosting companies do NOT upgrade their virtuals mainly because you never know what the user has upgraded or changed, and any wholesale upgraedes / patches can totally fsck over thousands of sites.
IMNSHO, most of these virtuals should not be REAL VM's where you give out root due to the issue of keeping machines up to date. The client base (for the most part) is not sophisticated enough to manage it.
Several incumbent Congress folks were voted out of office yesterday.
No. These were primaries. They don't get "voted out" until the November elections. Lieberman for example will now run as an independant, so don't cout him out yet. Not sure what his chances are, but he WAS one of the few moderates out there that has bi-partisan support.
Most primaries actually have very low voter turnout, so it's fairly easy for this kind of thing to happen.
With the codeweavers crossover mac (WINE), you won't need virtualization software for many common apps. IE, plugins, outlook, word, all the basic stuff works fairly well. No performance penalty or slow startups. It doesn't work for ALL apps however, but for your needs it may work.
For Linux, I use a combination of crossover and VMWare Workstation, and only use vmware in cases where crossover doesn't work correctly.
VMware PLAYER is free. VMware workstation is NOT. VMware workstation for OSX (if it's like other versions) will have a lot of very nice features that Parallels does not. I bet that VMware will release player for free on OSX which will devastate Parallels (since there is very little difference between them,) and users that need the more advanced features of workstation will buy it over Parallels for those features.
But time will tell.
And you thought RFID "chipping" was evil. Wait until all job applicants, athletes, etc. are required to have an embedded blood testers with satellite uplink. Couple that with the "soon to be invented" embedded mind probe that can detect "criminal thoughts" (which will be easy to justify - think "protecting the kids from pedophiles.")
With our increasing police/nanny-state mentality, does anyone else think that this is a possibility? Remember: We already have thought-crime laws (aka "hate crime" laws. It's not the act that is bad, it's what you were thinking during the act that was bad.)
OK, let's look at this issue from a SMB point of view for just a second.
Let's say you buy a single DL-380. Why that machine? It's got great remote management with it's ILO feature. You, as a work-at-home consultant are now able to get into that machine and do damn near anything with it remotely including changing BIOS settings, power cycle, remote console, etc.
You install your debian, but since the HP management apps don't install on debian, you will NEVER know when a drive fails, or you have a bad memory chip unless you physically look at the machine. You also can't make changes to the storrage array (such as adding a new disk) without rebooting now.
HP's enterprise focus still affects you. They can't support every distro, so they pick the ones business is most likely to use, and the ones that they can work with easiest. So while YOU don't have an enterprise POV, HP does and you have to understand it to understand the issues. This isn't a flame or anything, it's just the reality of the state of Linux hardware support... Really - I DO like Debian, but it sucks not to be able to buy hardware from larger hardware vendors that support it. That's all I'm saying really...
Snapshots and clones are different (speaking of the EMC world here.)
Well, yeah, instant isn't "zero time" but it is a few seconds at best. Basically (inside the storage system) you have a "copy on write" (very much like a Linux fork()) into a "snapshot cache" LUN where the "old" block is saved. Your cache and snap area are pre-created and you just say "Go!" Network Appliance is similar (personally I like NetApp snapshots better than EMC snapshots.)
Clones are different - they are a syncronous copy that stays synced until you fracture it. We generally have 2 or more clones and rotate them in and out of sync. A new clone can take a long time to sync when created, but resyncing an existing clone isn't bad depending on how much has changed.
The performance impact when you are talking enterprise storage exists, but it's not really an issue. The systems are bloody fast with gigs of NV cache. That's why they get the big bucks. If you want enterprise features, performance, and reliability, you pay. I think we are in for around $1.5M on our install.
Keep in mind that you may be supporting hundreds of thousands or millions of users with such a system. Cost per user is really not bad.
Way out of the price range, but I do like the Xerox printers. Very fast first-page-out times, and fast print times in general. HP's got VERY cheesy recently (but they are less expensive too.)
I have the 5250DN.
It's not bad, but definatly more "plasticky" than my old 1270N. It also has no straight paper path option like the 1270 had so everything gets curled (envelopes and card stock are more difficult.) Heavy card stock (postcard) does not work. Envelope's get creased. It looks like you should be able to get the paper out the back, but it's got a sensor I couldn't find that prohibits this.
The front "multi-media" tray works well, but occasionally pulls mupltiple pages in at the same time.
I've run about 6000 pages through it now (on my second toner) and it works well. The starter toner only gets you about 2000 pages (max.)
Duplexing is also on the slow side (which is typical on most duplexing printers.)
I look at this printer as being disposable. By the time it needs a drum, I'll just buy a new printer.
If you look at Win2000, that should have had a couple more service packs too. Now it's sp4 + 84123E66 patches and 45123 reboots. Building a slipstream is a nightmare with so many patches.
That setup still doesn't help you if you type "rm -rf /". No RAID system will.
That's why on enterprise storage systems, you have "instant snapshots", clones, and such. Snapshots can be set to automagically fire off every hour if you so desire. Enterprise SAN's are not like PC storage.
I suppose only using raid 1 is reasonable for very small simplistic two-drive systems, but some up us live in the enterprise world where you need raid 1+0 which still stripes stuff over multiple drives. I don't care what you do, you are not going to take a raidset of any flavor out of an EMC array and be able to "stick it in anybox."
For example: I have a "1+0 raid group" that spans 56 drives. It's got 1 high performance application in one large LUN, and dozens of lower-performance LUNs (clones, snapshots, etc.) in the same raid group (which is a very cost-effective way to do it - it maximizes your storage dollar.)
The way you do things on a desktop don't translate to the enterprise.
Building your own car is hardly an analogy for running your own email server. While not everyone can run their own email server, it's not THAT hard and most people have the capability / equipment (broadband and a computer.) I guess "being reasonable" is irrelevant if you're trolling however.
1) Use your ISP's servers (or other email service) for outbound mail. In 99.9% of "blocking" cases, port 587 (the MSA port) is still open so you CAN use some other service. Inbound is generally not an issue (unless your ISP is on Planet Stupid. In this case, get a real ISP and not one that delivers "damaged" service.)
2) Use Spamassassin, and tune it according to the WIDELY available docs. SA even runs on Windows.