> if you think i'll ever give out my information to my actual home or office location
Don't confuse privacy (or safety) with anonymity.
Just because you don't give out your address doesn't mean you're safe. A false sense of security is often worse than a real sense of caution or even fear.
What's the goofy slogan bantered around Slashdot so often? Security through obscurity and all...
It used to be when I had to contact someone, the whois information was accurate, complete and, when I dialed the number, I got a live human being that actually was able to address my issue. And, life was good.
Now, it seems even reputable domains are hiding behind private registrations or have outdated or deliberately incorrect information. Bleh. Problems that used to be able to be solved with a pleasant phone call now require hours of my time if the task is even possible.
So, my first choice would be that whois domain information take a giant step backward to the days when it was useful information. If that isn't an option (and going back in time rarely is possible), get rid of it altogether.
I have been colocating my personal server for nine years. At first, it was just a desktop on steroids. When the ISP went from charging by the network port/device to space, I got a 1U server to keep my costs low. (Colos generally bill by the U.)
In every town I have resided, I went to my phone book and started calling local ISPs. Never have I been disappointed. In every case, the local shop has been less expensive or at least competitive with the national players. Best of all, in the rare case that I had to replace or upgrade hardware (yearly or less often), I was able to do it myself. Service has generally been better than expected.
Granted, a local shop isn't going to be as redundant or as plump in the bandwidth department as a national colocation palace, but it is good enough for me. (And, quite frankly, if you're hositng on your home connection, it'll be good enough for you and substantially better that what you have now.) For those who don't think local ISPs exist anymore, check your phone book. I think you'll be surprised.
I keep reading about people wanting a computer that is quiet, energy efficient and doesn't produce 80,000 BTU of heat. Many people see the solution to the problem as retrofitting a desktop with huge heatsinks, remote DC power supplies, special home closets for the computer with long KVM cables and installing laptop hard drives in your desktops. That's just crazy talk.
Folks, bit the bullet. Pay double (versus a desktop) for a laptop and docking station and be done with it.
I haven't had a desktop in seven years and I don't miss it at all. It was a little rough at first with early laptop but we have long since passed the point where performance is limited in a laptop. My latest laptop is an IBM Thinkpad (well, Lenovo) Z60m. With a wide screen, 1.5GB RAM, 100-gig drive and 2gHz Pentium M processor, it is more than fast enough for anything 92% of all, even advanced, computer users would want.
Docked, I am able to pretend it is a desktop, even using it with two monitors (a requirement in my computing book). Yet, I sip power, am quiet as a church mouse and produce next to no heat (compared to a desktop).
As an extra bonus, I can take my computer with me wherever I go.
(The 8% of you who really do need a desktop need not respond. You know who you are and why you can't make a laptop do what you need it to do. I'm okay with you not having a laptop.)
Right on, Yonder. I have six years of data showing that Squid works wonders.
I put a Squid server online in 2000 and forced our 1,200 users to use it (domain logon script set IE to use automatic proxy config script). Even I was impressed at how much bandwidth we saved.
Immediately, a third to half of our web (http) traffic disappeared. Yes, the web cache was really that effective. This freed-up lots of bandwidth on our T1.
A few years later, as we found our needs growing again, we added a DSL line. HTTP traffic was pulled through the DSL line. Everything else went out the T1. Squid handled fail over to the T1 in case the DSL line dropped.
Every once and a while, we ran into a web site or service that simply wouldn't work through Squid. When that happened, we placed an exception in the proxy.pac config script and bypassed the cache.
If your problem is web browsing, get a cache. Of course, that is a big 'if'. As others have suggested, a traffic analysis should be required before you attempt to fix anything. Squid won't fix your bittorrent or other P2P problem. If you are hosting services for external users, you may be able to collocate the services externally for substantially less than bringing a bigger pipe to your door.
I can't tell you the number of laptops I have deployed as firewalls and catch-all linux servers in small offices.
Lots of people have laptops with damaged or broken LCDs and will just about give them away. Maybe it is the hinge that is cracked or maybe the screen has been squished and is bleeding in some places. In any case, the owner is upgrading or replacing and the laptop is next to free.
In terms of memory, network and processor power, laptops are pretty much equal to desktops. The place they lag is the disk -- both space and speed. In the cases where I have needed more of either, I have gone external. An external firewire or USB2 drive will beat most laptop drives and it will run forever on a small UPS. Plus, it moves a great deal of the heat outside the laptop (spin down the internal drive) and gives you a way to easily recover the data if the repurposed laptop dies.
Is a laptop a server? No. Is a generation-old as fast as a desktop? No. Will a laptop do 93% of what most people need in a home or small office linux server? Absolutely.
I have used IPCop for many, many months. With the OpenVPN addon, it makes a sweet RoadWarrior setup. The OpenVPN GUI is even easy enough for our executives to use.
For us and our 30-something employees, it cost us nothing to put IPCop online. It ran for a year on a P-III/700mHz/256M Dell. We recently upgraded the RAM to 768M so we could make better use of the Squid cache.
You can get an IPCop server online with VPN in under an hour. As long as you have a computer in the spare parts closet, IPCop is far less expensive than any other solution.
Let me start out by saying I love VoIP. I use it at home I have installed three Asterisk servers at three different companies over the last two years. I have told everyone I know that VoIP is the way of the future.
That said, VoIP is an emerging technology and as such its security limitations are not fully understood nor are they fully mediated.
Take BroadVoice (wonderful company, by the way), for instance. They allow you to bring your own device unlike so many other VoIP companies. You can use Asterisk with them or just about any other SIP device. In my case, I use Cisco phones. All you have to do to configure your phone is tell it the location of the BroadVoice TFTP site. It picks up its configuration -- and account information -- from the TFTP site.
Very easy, right? Very insecure, too.
With just a MAC address of a BroadVoice SIP device, you an connect to the BroadVoice TFTP site, grab a configuration file and then start making calls with someone else's account.
No problem, you say. With MAC addresses being globally uniquie (more or less) and rarely sniffable off the local network, it seems pretty unlikely that anyone would be able to leverage a MAC address to get an account. It's not like you can do an 'mget *' from their TFTP server, stealing all their accounts.
Except that you can go to your local consumer electronics store and check out the shelf with the retail BroadVoice Start-Up Kit. When I bought mine, the MAC address was on the outside of every box. I imagine it still is. What if I wrote down a couple dozen MACs then waited a couple weeks for them to be bought and activated. With those MACs and a TFTP download of the configuration file, I could make outbound calls on their dime.
And that's just one way to get a SIP MAC. I bet I could come up with a couple dozen more.
While I'm sure Peter's methods are valid, if I were stealing someone's service, I wouldn't do it by sniffing packets. I'd just grab their MAC and figure out where their phone gets its configuration file from.
Don't let VoIP's immaturity scare you away, though. Once these VoIP providers get hit a time or two, we'll get a more secure solution. Better yet, maybe some smart hackers can come up with a better solution before VoIP gets burned. This is tool cool and useful of a technology to go away.
Matt
Re:It doesn't have to be all-or-nothing
on
Gmail vs Pine
·
· Score: 1
> There's no need to just use either pine or the Gmail web interface.
Amen!
I use gmail as my email backup and media extractor. My primary email client is mail with vi as my editor. I have been using this combination since 1991 (maybe earlier) and love it. Pine/mutt/Outlook is for wimps.
I use a.forward to keep a copy locally and to send a copy to gmail. Gmail is my off-site backup and SquirrelMail alternative. When I need to view attachments or do simple searching, I use gmail. Otherwise, mail does all I need.
While I do have concerns about gmail's Total Information Awareness and retention policies, the gmail functionality is worth the risk. Besides, anyone who doesn't encrypt sensitive documents is just plain fooling themselves if they think pine is going to protect them from snooping.
Yes, it is true. Mike Tyson could probably kick Muhammad Ali's ass. Of course, Mike Tyson is also nearly 20 years younger. So, who is the better boxer?
For as much email has been run through sendmail in the last couple decades, I'm always disappointed at how little respect it receives.
I built my first mail server in 1993 using sendmail. It brought internet email to my company over a serial uucp link. By 1996, sendmail was moving nearly 87,000 internet messages a day for our company (not bad for a 486DX4-100 with a whopping 32M RAM (64M?)).
Saying the latest mail software (qmail, postfix, etc.) is better than something written in 1972 - 27 years ago - isn't saying much. (Well, maybe: Duh!)
Heck, 27 computing years is like 350 human years.
So, before you complain about security holes (one in the last two years?) or complexity (like any other programming language, practice makes perfect), why don't you tell me which mail transport software you used in 1975, 1985 or 1995. Then, follow that up with which transports you expect to see a lot of in 2010 and 2020.
I have been managing an Asterisk installation at my company for several months now. The Asterisk PBX has been rock solid and absolutely amazing. It works so well, I working on another Asterisk install for a spin-off corporation as well.
First, background. My father is an old-school telecommunications manager who frowns upon VOIP. I had five years in the voice-on-demand (audiotext, IVR) industry before doing more general system admin and database work for the last ten years.
Everything you need to know is in O'Reilly's 'Asterisk: The Future of Telephony'... http://www.asteriskdocs.org/modules/tinycontent/in dex.php?id=11. That is a great primer on both VOIP and telecommunications as well as a strong installation guide for Asterisk. Download the PDF version and read it before you make any decisions.
Our implementation is a hybrid. While our phones are SIP (Cisco 7960G) and our PBX is Asterisk, most of our traffic is carried on a PRI. Local and long distance calls run across the PRI. This gives us very reliable service and good voice quality. Plus, a PRI (with tens of thousands of minutes a month of long distance included) costs about the same (or less) as the bandwidth necessary to support the VOIP calls and VOIP-to-telco provider.
For our international calls, we do have accounts with a few VOIP-to-telco providers and route those calls over IAX.
I wouldn't go entirely VOIP if phone calls are important to your company. As often as one in seven tries, our VOIP routes fail for one reason or another and rotate to the next provide. For the few international calls as we do, our users rarely notice. If we were using VOIP for all our calls, I can see these spurious anomalies as being a huge problem.
The advantage to Asterisk as a PBX is not so much its ability to provide dialtone at a reasonable price. Even a commercial PBX can do that at about the same price point.
The advantage to Asterisk is that the extras are free. Voicemail isn't an added cost. IVR isn't an added cost. Having Asterisk pull its caller-id data from your CRM solution (in our case, SalesLogix) instead of just using the telco-provided data isn't an added cost.
My father still swears by Ma'Bell. And in terms of absolute reliability, he's right. Ma'Bell can get you five nines year after year. A well-configured, well-administrated Asterisk system with PRIs (instead of pure VOIP) is close but still isn't quite there yet. But, by the time you add in all the additional costs for a commercial PBX, Asterisk is by far the less expensive solution.
I'll take four nines in exchange for tens of thousands of dollars savings a year.
> Is the UPS that I have sufficient to run a whole small office?
Yes.
I, too, had a surplus UPS about the size of yours. When I was in my apartment, it sat in the same room as my computers. The UPS was loud, ugly and produced lots of heat. (Much like a girl I used to date... but that's an another story for another day.) It protected my computer equipment but not my TiVo or home stereo equipment because they were in another room. So, I had to have a seperate UPS for them.
When I bought a house, I didn't want UPSes spread all over the place nor did I want the heat or sound inside the house.
So, I put the UPS in the garage and then wired UPS outlets where I needed them. I have a quad-outlet in the office for all our computer equipment. I have a quad-outlet in the living room for the TiVo, stereo and TV. My cordless phone and answering machine also plug into a UPS outlet.
For nearly five years, this setup has worked great. Every two or three years, I have to replace the two batteries ($90). Other than that, it has been great.
Plus, I have disaster-recovery outlets spread throughout my house. When last year's hurricanes knocked out power to my house, I was able to plug the UPS into our small generator. I didn't run the computers or television (but did keep the TiVo online so I wouldn't miss my shows) but I was able to keep some lights on without having extension cords pulled all over the house.
> I want to find the breaker for the room, and after the > breaker, run the power through the UPS and back out
If I were you, I'd run a new circuit. You never really know what outlets and appliances are where. When I moved in, the toaster's outlet in the kitchen was on the same circuit as the outlet on the front porch where I plugged in my hedge clippers.
I'm sure there is more on your office circuit than you know about. It is best to start clean. Plus, electrical work is really easy if you have attic or basement access.
Digital images are higher maintenance than my high school, cheerleader ex-girlfriend.
Imagine how many cave paintings we'd have left if they had to be converted from one format to another every two or so decades for *hundreds* of years. Hint: none.
A good silver-based print made today and stored in a typical residential closet will be viewable in 200-300 years without any special tools and without any format translations. That impresses the heck out of me.
How many format or media changes will a digital image shot with a digital cameara have to go through in 200 years?
The Dead Sea Scrolls are 2,000 years old. They are still in their original format. I can't access homework I created on my TRS-80 Model 4 just 20 years ago even though I have the single-sided 5 1/4-inch disks in my closet.
I'm sold on digital photography but not because I think the images will be around in 100 years. Who is going to want to look at my pictures in 100 years? Heck, not that many people want to look at them now.
Photography is about communication not permanence. I shoot digital because it is cheaper and my out-of-town relatives can view pictures of our newborn son online the day or even hour they were shot.
My son was born at 10:46 pm and photos were online by 11:31 pm. You simply can't do that with prints. I'll take instant communications now over archived photos in 50 years.
> Photos, slides and negatives don't last forever,
I have family photos -- daguerreotypes -- from the late 1800s. The pictures look as good today as they did 100 years ago. The picture quality isn't as good as your typical two-megapixel point-n-shoot but the photo is viewable using the same technology now as was available then -- human eyes.
No special equipment is needed and that is key.
Certainly my Nikon D70 produces better images but those images aren't going to be around as long as that 1872 daguerreotype.
I know my digital photos won't last as long as my father's TRI-X negatives or my grandfather's silver-based black and white prints.
My great-grandkids will be able to view that 1872 daguerreotype but my digital pictures will be lost unless someone has translated them through a dozen different intermediary formats, reprinting them on the latest and greatest paper. I can't see anyone going to that kind of trouble to keep my images alive. A few, maybe, but not as many as if they just had to toss a shoebox in the back of a closet.
My day job is as a Senior Systems Analyst for a large daily newspaper. I support the newsroom and spent the last six months installing a state of the art digital photo archive system. There are nearly half a million photos in the archive and over seven million photo outtakes. I'm really good at what I do (if I do say so myself) and there are many levels of redundancy and backups in the photo system.
Still, if I wanted to make sure I could view a photo in 50 years, I'd put a few prints on silver-based paper and stick 'em in a safe deposit box.
I agree with most of the comments so far on
that server being too beefy.
If I had $4,000 to buy hardware for the
specified load, I'd buy two rack-mount single
processor servers with 256M RAM (or 512M if
the price is right) and mirrored 40G drives (80G
if you really need the space). Processor speed
would be my last concern. Anything better than an
850mHz Celeron processor would be more than
plenty. That'll set you back $2,500 or less after
educational discounts and whatnot.
With the leftover cash, buy a tape drive
and UPS (if you don't already have good
power). Recovering data, while a learning
experience, is never fun. Better you have the
experience of doing things right the first
time.
By having two servers, you can play with one
and still keep the other one in production.
Nothing would suck more than setting up a server
for your club and then never being able to do
anything cool or experiment with it because so
many people actually used it.
We bought over 120 IBM ThinkPad 600 and 600Es
in 1998-2000. The ThinkPads are awesome machines
except for the battery life. IBM has admitted to
us (at least as much as IBM ever admits to
anything) that there are some issues with the
batteries and possibly even the charge
controllers. They have been fairly good about
swapping out batteries even those out of
warrenty.
If you or RPI is spending a few million
dollars a year with IBM and aren't getting your
batteries replaced, someone needs to lean on IBM.
Of course, if you're not spending big bucks
with IBM, suck it up. The battery is nearly
four years old. How long did you expect it to
last? Replacing the battery once a year doesn't
sound that bad, does it?
(After-market batteries are available for the
600-series. Rebuilds are also out there. You may
want to check those out. They don't last any
longer than the IBM batteries (since it seems to
be the charge controller) but cost about half
to 75% as much.)
The owner Roy is a personal meatworld friend of mine
I'm as open-minded as the next guy but, *please*, there is room for a little 'don't ask; don't tell', huh? What you two do with your meat is your own business. Leave us all out of it.
How does this information get out in the first place
I work at a newspaper where it is just about impossible to get fired -- I know, I've tried.
The quickest way to get the boot is to remove copies of ads from the building before the public gets a hold of them. The ad inserts (those glossy sheets usally wrapped inside the classified section which you throw away so you can read the paper without all that crap) that go in, for example, Sunday's newspaper are often printed days or weeks in advance. Removing even one Sears/BestBuy/grocery store circular from the building is grounds for termination.
Businesses (especially grocery stores) operate on very tight margins. Losing folks because the price of bananas is two cents less a pound is painful. And, of course, the newspapers are faced with very strict penalties if we are found to have let the sort of information leak.
And yet, those advertising circulars are one of the ways information leaks.
Many local zoning ordinances prohibit big (6~8 ft) satellite dishes.
If you are actually talking about government
zoning and not covenants, conditions and
restrictions (CC AKA deed restrictions),
you're in luck. Get an FCC amateur radio license
(anyone can get one for the $10 and a very basic
understanding of electronics) and tell folks its
a ham antenna. Don't mention TV reception.
The FCC's PRB-1 (here and here) is a limited preemption of zoning ordinances. Basically, local government must
reasonably accommodate folks when it comes to antennas. A C-band dish in your back yard would
certainly be reasonable.
(You may also want to bluff with Section 207 of the Telecommunications Act of 1996 which says that
folks must allow dishes. It generally only applies to dishes less than a meter but some people won't read the entire document if you have
a good poker face.)
Is it possible to use many smaller dishes to achieve the same effect as one big dish in picking up C-band transmissions?
Yes. Hams have beeing builing arrays for years to do moon bounce and whatnot. You can find some
over the top pictures here. However, the infrastructure to
create such a monster is substantial and is
likely to run afoul of the same local ordinances
you're trying to work around.
Overall, I don't see the point in using a big
dish for TV anymore and an array of smaller dishes to act like a bigger dish seems pointless.
I got a hold of a bunch of Sun SCSI four-drive
disk enclosures. I had an equally large bunch of
four to 18 gig drives. Add in a few surplus SCSI
cards and I ended up with more than 100 gig worth
of disk space attached to a small linux box.
The drives were quick enough (more spindles = more speed) for a small media server and I had no
complaints.
That was, until I noticed that my home office
was now running six to eight degress warmer than
the rest of the house. That got me to thinking
about how much juice these guys draw. All told,
I would be paying an extra few bucks a month in
power.
The straw that finally broke the camel's back
was that having a dozen additional filesystems
(yes, I could have striped them) to manage was a
pain in the buttocks.
In the end, I gave the drives to someone who
had more time on his hands and bought myself a
pair of 100-gig IDE drives.
I don't know what you consider 'formerly huge' but unless your drives are bigger than 40 or 60-gig, it may not be worth your time. I know it would not be worth my time nor my electricity.
Two weeks ago, I was doing a pre-shipment
evaluation at one of our vendors. Not only
did they have beer in the company vending machines (Carlsburg for seven krone, er, $1US
give or take an exchange rate), it was on the cafeteria tables at lunch every day. Not just
for customers either. The employee side of the cafeteria was stocked, too.
I'd be willing to overlook all their software
bugs if I could work out of their headquarters
in Aarhus, Denmark.
I highly recommend Deep Truth: The Lives of Bob Woodward and Carl Bernstein by Adrian Havill. (It's is out of print according to Amazon.) It's part biography of Woodward and Bernstein and part discussion of Deep Throat. (Havill concludes Deep Throat was a composite character.)
The most amusing example from the book is the origin of the Deep Throat code name. Bernstein claims that he went to see Deep Throat in Washington, D.C. to evade a subpoena. Havill documents conclusively that Deep Throat wasn't showing anywhere in or near Washington, D.C. Not only was their source fake, the source of their fake source's nickname was also fake.
There are more examples in the Columbia Journalism Review article linked above or in today's gossip column on MSNBC.
the amount of credible investigative journalism has dwindled to the point of non-existence.
In all seriousness, what Woodward and Bernstein did was not good journalism. In the end, they got it right, but it could have just as easily gone the other way.
W&B got lucky. Their All The President's Men is as often fiction as fact. If you read through their articles as they were printed (as I have as part of a number of journalism classes), you will come to understand that history has been very kind to them. They made a number of critical mistakes in their reporting.
They are cultural icons, changed the political landscape and are the answer to more than one trivia question so we must give them their due but their due isn't that of great journalists.
Since you're THE computer guy and not A computer guy, I take it you're in a smaller market (under 75K Sunday?).
We are looking into a revamp of our site,
Before you even think about online discussion groups, make sure your core web site is solid. I am an avid newspaper reader but can't stand most newspaper web sites. (Including my own to a large extent.)
Do you, as Slashdot users, think a local Slashdot style newspaper would be successfull?"
Maybe, but you haven't really give us enough information. How many of your readers use the internet? How large is your existing web audience? Do you get lots of letters to the editor? Do you have a huge out-of-town audience?
Let me give you a little background.
I'm a Senior Unix Sys Admin in the Editorial Systems Support group of my newspaper (265K daily / 385K Sunday -- and growing!). Before entering the technology end of the business, I was studied photojournalism and was Managing Editor of my college paper. I have more than 12 years in the industry pretty evenly split between content and support.
On top of that, my paper is very aggressive when it comes to multiple mediums. We have the paper as well as online (of course) but we also have a 24-hour cable station and will probably buy a radio station as soon as the FCC gets off our back. (We also are telephone interactive for horoscopes, news, sports, etc., have a branded sign company, weekly shopper and a direct marketing group. We cover all the bases but these are smaller parts of a very big whole.) Because of the high level of integration between our three primary formats, we have been a model for other newspapers.
So, we're a fairly forward-thinking newspaper with a huge corporate footprint backing us up. Which brings us to Slashdot style web logs... they aren't even on the radar screen.
When I ask about them I hear that they are too resource intensive. Unless you are prepared to have them run totally unmoderated (not an option for most 'family' newspapers), they require staff to approve every post. And, what is the upside, really? They only tend to draw the most rabid readers -- readers we already have in our back pocket. So, there is a support burden but no net gain in readership.
Web logs are great when you want to sell ad impressions and don't mind links to http://goatse.cx/ on a regular basis. Banner ads ain't what they used to be and goatse.cx in unacceptable. There isn't money to be made here.
I won't say that the web log is a bad idea since letters to the editor, Dear Abby and the gripe line are fairly popular, but I also wouldn't put my job on the line for that functionality. Get your core site working and then see if you have enough traffic and participation to see if the web log is going to be workable.
Slashdot Mirror
> if you think i'll ever give out my information to my actual home or office location
Don't confuse privacy (or safety) with anonymity.
Just because you don't give out your address doesn't mean you're safe. A false sense of security is often worse than a real sense of caution or even fear.
What's the goofy slogan bantered around Slashdot so often? Security through obscurity and all...
Matt
It used to be when I had to contact someone, the whois information was accurate, complete and, when I dialed the number, I got a live human being that actually was able to address my issue. And, life was good.
Now, it seems even reputable domains are hiding behind private registrations or have outdated or deliberately incorrect information. Bleh. Problems that used to be able to be solved with a pleasant phone call now require hours of my time if the task is even possible.
So, my first choice would be that whois domain information take a giant step backward to the days when it was useful information. If that isn't an option (and going back in time rarely is possible), get rid of it altogether.
If you like mixing your music and science, check out The Guild of Scientific Troubadours: music where science is the muse.
Have you called around locally?
I have been colocating my personal server for nine years. At first, it was just a desktop on steroids. When the ISP went from charging by the network port/device to space, I got a 1U server to keep my costs low. (Colos generally bill by the U.)
In every town I have resided, I went to my phone book and started calling local ISPs. Never have I been disappointed. In every case, the local shop has been less expensive or at least competitive with the national players. Best of all, in the rare case that I had to replace or upgrade hardware (yearly or less often), I was able to do it myself. Service has generally been better than expected.
Granted, a local shop isn't going to be as redundant or as plump in the bandwidth department as a national colocation palace, but it is good enough for me. (And, quite frankly, if you're hositng on your home connection, it'll be good enough for you and substantially better that what you have now.) For those who don't think local ISPs exist anymore, check your phone book. I think you'll be surprised.
Matt
The desktop is dead. Long live the laptop.
I keep reading about people wanting a computer that
is quiet, energy efficient and doesn't produce 80,000
BTU of heat. Many people see the solution to the
problem as retrofitting a desktop with huge heatsinks,
remote DC power supplies, special home closets for the
computer with long KVM cables and installing laptop
hard drives in your desktops. That's just crazy talk.
Folks, bit the bullet. Pay double (versus a desktop)
for a laptop and docking station and be done with it.
I haven't had a desktop in seven years and I don't
miss it at all. It was a little rough at first with
early laptop but we have long since passed the point
where performance is limited in a laptop. My latest
laptop is an IBM Thinkpad (well, Lenovo) Z60m. With
a wide screen, 1.5GB RAM, 100-gig drive and 2gHz
Pentium M processor, it is more than fast enough
for anything 92% of all, even advanced, computer
users would want.
Docked, I am able to pretend it is a desktop, even
using it with two monitors (a requirement in my
computing book). Yet, I sip power, am quiet as a
church mouse and produce next to no heat (compared
to a desktop).
As an extra bonus, I can take my computer with me
wherever I go.
(The 8% of you who really do need a desktop need
not respond. You know who you are and why you
can't make a laptop do what you need it to do.
I'm okay with you not having a laptop.)
Matt
> Notice I mentioned a squid server.
Right on, Yonder. I have six years of data showing
that Squid works wonders.
I put a Squid server online in 2000 and forced our
1,200 users to use it (domain logon script set IE to
use automatic proxy config script). Even I was impressed
at how much bandwidth we saved.
Immediately, a third to half of our web (http) traffic
disappeared. Yes, the web cache was really that effective.
This freed-up lots of bandwidth on our T1.
A few years later, as we found our needs growing again,
we added a DSL line. HTTP traffic was pulled through the
DSL line. Everything else went out the T1. Squid handled
fail over to the T1 in case the DSL line dropped.
Every once and a while, we ran into a web site or
service that simply wouldn't work through Squid. When that
happened, we placed an exception in the proxy.pac config
script and bypassed the cache.
If your problem is web browsing, get a cache. Of
course, that is a big 'if'. As others have suggested, a
traffic analysis should be required before you attempt to
fix anything. Squid won't fix your bittorrent or other P2P
problem. If you are hosting services for external users,
you may be able to collocate the services externally for
substantially less than bringing a bigger pipe to your door.
Matt
> Do portables make reliable Linux servers?
I can't tell you the number of laptops I have deployed as
firewalls and catch-all linux servers in small offices.
Lots of people have laptops with damaged or broken LCDs
and will just about give them away. Maybe it is the hinge that
is cracked or maybe the screen has been squished and is
bleeding in some places. In any case, the owner is upgrading
or replacing and the laptop is next to free.
In terms of memory, network and processor power, laptops
are pretty much equal to desktops. The place they lag is the
disk -- both space and speed. In the cases where I have needed
more of either, I have gone external. An external firewire or
USB2 drive will beat most laptop drives and it will run forever
on a small UPS. Plus, it moves a great deal of the heat outside
the laptop (spin down the internal drive) and gives you a way
to easily recover the data if the repurposed laptop dies.
Is a laptop a server? No. Is a generation-old as fast as a
desktop? No. Will a laptop do 93% of what most people need in
a home or small office linux server? Absolutely.
Matt
I have used IPCop for many, many months. With
the OpenVPN addon, it makes a sweet RoadWarrior
setup. The OpenVPN GUI is even easy enough for
our executives to use.
For us and our 30-something employees, it cost
us nothing to put IPCop online. It ran for a
year on a P-III/700mHz/256M Dell. We recently
upgraded the RAM to 768M so we could make better
use of the Squid cache.
You can get an IPCop server online with VPN in
under an hour. As long as you have a computer
in the spare parts closet, IPCop is far less
expensive than any other solution.
Matt
Your biggest diskhogs will be known to everyone that logs in.
My biggest disk hogs would compete to see who could use
the most disk space.
Matt
Let me start out by saying I love VoIP. I use it at home
I have installed three Asterisk servers at three different
companies over the last two years. I have told everyone I
know that VoIP is the way of the future.
That said, VoIP is an emerging technology and as such its
security limitations are not fully understood nor are they
fully mediated.
Take BroadVoice (wonderful company, by the way), for
instance. They allow you to bring your own device unlike
so many other VoIP companies. You can use Asterisk with
them or just about any other SIP device. In my case, I use
Cisco phones. All you have to do to configure your phone
is tell it the location of the BroadVoice TFTP site. It
picks up its configuration -- and account information --
from the TFTP site.
Very easy, right? Very insecure, too.
With just a MAC address of a BroadVoice SIP device, you
an connect to the BroadVoice TFTP site, grab a configuration
file and then start making calls with someone else's account.
No problem, you say. With MAC addresses being globally
uniquie (more or less) and rarely sniffable off the local
network, it seems pretty unlikely that anyone would be able
to leverage a MAC address to get an account. It's not like
you can do an 'mget *' from their TFTP server, stealing all
their accounts.
Except that you can go to your local consumer electronics
store and check out the shelf with the retail BroadVoice
Start-Up Kit. When I bought mine, the MAC address was on
the outside of every box. I imagine it still is. What if
I wrote down a couple dozen MACs then waited a couple
weeks for them to be bought and activated. With those MACs
and a TFTP download of the configuration file, I could
make outbound calls on their dime.
And that's just one way to get a SIP MAC. I bet I could
come up with a couple dozen more.
While I'm sure Peter's methods are valid, if I were stealing
someone's service, I wouldn't do it by sniffing packets. I'd
just grab their MAC and figure out where their phone gets
its configuration file from.
Don't let VoIP's immaturity scare you away, though. Once
these VoIP providers get hit a time or two, we'll get a more
secure solution. Better yet, maybe some smart hackers can
come up with a better solution before VoIP gets burned. This
is tool cool and useful of a technology to go away.
Matt
> There's no need to just use either pine or the Gmail web interface.
.forward to keep a copy locally and to send a
Amen!
I use gmail as my email backup and media extractor. My
primary email client is mail with vi as my editor. I have
been using this combination since 1991 (maybe earlier) and
love it. Pine/mutt/Outlook is for wimps.
I use a
copy to gmail. Gmail is my off-site backup and SquirrelMail
alternative. When I need to view attachments or do simple
searching, I use gmail. Otherwise, mail does all I need.
While I do have concerns about gmail's Total Information
Awareness and retention policies, the gmail functionality is
worth the risk. Besides, anyone who doesn't encrypt sensitive
documents is just plain fooling themselves if they think pine
is going to protect them from snooping.
Matt
Yes, it is true. Mike Tyson could probably kick
Muhammad Ali's ass. Of course, Mike Tyson is also
nearly 20 years younger. So, who is the better boxer?
For as much email has been run through sendmail in
the last couple decades, I'm always disappointed at how
little respect it receives.
I built my first mail server in 1993 using sendmail.
It brought internet email to my company over a serial
uucp link. By 1996, sendmail was moving nearly 87,000
internet messages a day for our company (not bad for a
486DX4-100 with a whopping 32M RAM (64M?)).
Saying the latest mail software (qmail, postfix, etc.)
is better than something written in 1972 - 27 years ago -
isn't saying much. (Well, maybe: Duh!)
Heck, 27 computing years is like 350 human years.
So, before you complain about security holes (one
in the last two years?) or complexity (like any other
programming language, practice makes perfect), why don't
you tell me which mail transport software you used in
1975, 1985 or 1995. Then, follow that up with which
transports you expect to see a lot of in 2010 and 2020.
Matt
> from POTS to VoIP.
n dex.php?id=11.
I have been managing an Asterisk installation at my
company for several months now. The Asterisk PBX has
been rock solid and absolutely amazing. It works so well,
I working on another Asterisk install for a spin-off
corporation as well.
First, background. My father is an old-school
telecommunications manager who frowns upon VOIP. I had
five years in the voice-on-demand (audiotext, IVR)
industry before doing more general system admin and
database work for the last ten years.
Everything you need to know is in O'Reilly's 'Asterisk:
The Future of Telephony'...
http://www.asteriskdocs.org/modules/tinycontent/i
That is a great primer on both VOIP and telecommunications
as well as a strong installation guide for Asterisk. Download
the PDF version and read it before you make any decisions.
Our implementation is a hybrid. While our phones
are SIP (Cisco 7960G) and our PBX is Asterisk, most of our
traffic is carried on a PRI. Local and long distance calls
run across the PRI. This gives us very reliable service and
good voice quality. Plus, a PRI (with tens of thousands of
minutes a month of long distance included) costs about the
same (or less) as the bandwidth necessary to support the
VOIP calls and VOIP-to-telco provider.
For our international calls, we do have accounts with
a few VOIP-to-telco providers and route those calls over IAX.
I wouldn't go entirely VOIP if phone calls are important
to your company. As often as one in seven tries, our VOIP
routes fail for one reason or another and rotate to the next
provide. For the few international calls as we do, our users
rarely notice. If we were using VOIP for all our calls, I can
see these spurious anomalies as being a huge problem.
The advantage to Asterisk as a PBX is not so much its
ability to provide dialtone at a reasonable price. Even a
commercial PBX can do that at about the same price point.
The advantage to Asterisk is that the extras are free.
Voicemail isn't an added cost. IVR isn't an added cost.
Having Asterisk pull its caller-id data from your CRM
solution (in our case, SalesLogix) instead of just using
the telco-provided data isn't an added cost.
My father still swears by Ma'Bell. And in terms of
absolute reliability, he's right. Ma'Bell can get you five
nines year after year. A well-configured, well-administrated
Asterisk system with PRIs (instead of pure VOIP) is close but
still isn't quite there yet. But, by the time you add in all
the additional costs for a commercial PBX, Asterisk is by far
the less expensive solution.
I'll take four nines in exchange for tens of thousands
of dollars savings a year.
Matt
> Is the UPS that I have sufficient to run a whole small office?
Yes.
I, too, had a surplus UPS about the size of yours. When I
was in my apartment, it sat in the same room as my computers.
The UPS was loud, ugly and produced lots of heat. (Much like
a girl I used to date... but that's an another story for
another day.) It protected my computer equipment but not my
TiVo or home stereo equipment because they were in another
room. So, I had to have a seperate UPS for them.
When I bought a house, I didn't want UPSes spread all over
the place nor did I want the heat or sound inside the house.
So, I put the UPS in the garage and then wired UPS outlets
where I needed them. I have a quad-outlet in the office for all
our computer equipment. I have a quad-outlet in the living room
for the TiVo, stereo and TV. My cordless phone and answering
machine also plug into a UPS outlet.
For nearly five years, this setup has worked great. Every
two or three years, I have to replace the two batteries ($90).
Other than that, it has been great.
Plus, I have disaster-recovery outlets spread throughout
my house. When last year's hurricanes knocked out power to
my house, I was able to plug the UPS into our small generator.
I didn't run the computers or television (but did keep the
TiVo online so I wouldn't miss my shows) but I was able to
keep some lights on without having extension cords pulled all
over the house.
> I want to find the breaker for the room, and after the
> breaker, run the power through the UPS and back out
If I were you, I'd run a new circuit. You never really
know what outlets and appliances are where. When I moved
in, the toaster's outlet in the kitchen was on the same
circuit as the outlet on the front porch where I plugged
in my hedge clippers.
I'm sure there is more on your office circuit than
you know about. It is best to start clean. Plus, electrical
work is really easy if you have attic or basement access.
Matt
> Digital lends itself to duplication,
Digital images are higher maintenance than my
high school, cheerleader ex-girlfriend.
Imagine how many cave paintings we'd have left
if they had to be converted from one format to
another every two or so decades for *hundreds* of
years. Hint: none.
A good silver-based print made today and stored
in a typical residential closet will be viewable in
200-300 years without any special tools and without
any format translations. That impresses the heck
out of me.
How many format or media changes will a digital
image shot with a digital cameara have to go through
in 200 years?
The Dead Sea Scrolls are 2,000 years old. They
are still in their original format. I can't access
homework I created on my TRS-80 Model 4 just 20 years
ago even though I have the single-sided 5 1/4-inch
disks in my closet.
I'm sold on digital photography but not because I
think the images will be around in 100 years. Who is
going to want to look at my pictures in 100 years?
Heck, not that many people want to look at them now.
Photography is about communication not permanence.
I shoot digital because it is cheaper and my out-of-town
relatives can view pictures of our newborn son online
the day or even hour they were shot.
My son was born at 10:46 pm and photos were online
by 11:31 pm. You simply can't do that with prints. I'll
take instant communications now over archived photos
in 50 years.
> Photos, slides and negatives don't last forever,
I have family photos -- daguerreotypes -- from the
late 1800s. The pictures look as good today as they
did 100 years ago. The picture quality isn't as good as
your typical two-megapixel point-n-shoot but the photo
is viewable using the same technology now as was
available then -- human eyes.
No special equipment is needed and that is key.
Certainly my Nikon D70 produces better images but
those images aren't going to be around as long as that
1872 daguerreotype.
I know my digital photos won't last as long as my
father's TRI-X negatives or my grandfather's silver-based
black and white prints.
My great-grandkids will be able to view that 1872
daguerreotype but my digital pictures will be lost unless
someone has translated them through a dozen different
intermediary formats, reprinting them on the latest and
greatest paper. I can't see anyone going to that kind of
trouble to keep my images alive. A few, maybe, but not
as many as if they just had to toss a shoebox in the
back of a closet.
My day job is as a Senior Systems Analyst for a
large daily newspaper. I support the newsroom and spent
the last six months installing a state of the art digital
photo archive system. There are nearly half a million
photos in the archive and over seven million photo
outtakes. I'm really good at what I do (if I do say so
myself) and there are many levels of redundancy and
backups in the photo system.
Still, if I wanted to make sure I could view a photo
in 50 years, I'd put a few prints on silver-based paper
and stick 'em in a safe deposit box.
Matt
I agree with most of the comments so far on that server being too beefy.
If I had $4,000 to buy hardware for the specified load, I'd buy two rack-mount single processor servers with 256M RAM (or 512M if the price is right) and mirrored 40G drives (80G if you really need the space). Processor speed would be my last concern. Anything better than an 850mHz Celeron processor would be more than plenty. That'll set you back $2,500 or less after educational discounts and whatnot.
With the leftover cash, buy a tape drive and UPS (if you don't already have good power). Recovering data, while a learning experience, is never fun. Better you have the experience of doing things right the first time.
By having two servers, you can play with one and still keep the other one in production. Nothing would suck more than setting up a server for your club and then never being able to do anything cool or experiment with it because so many people actually used it.
InitZero
We bought over 120 IBM ThinkPad 600 and 600Es in 1998-2000. The ThinkPads are awesome machines except for the battery life. IBM has admitted to us (at least as much as IBM ever admits to anything) that there are some issues with the batteries and possibly even the charge controllers. They have been fairly good about swapping out batteries even those out of warrenty.
If you or RPI is spending a few million dollars a year with IBM and aren't getting your batteries replaced, someone needs to lean on IBM.
Of course, if you're not spending big bucks with IBM, suck it up. The battery is nearly four years old. How long did you expect it to last? Replacing the battery once a year doesn't sound that bad, does it?
(After-market batteries are available for the 600-series. Rebuilds are also out there. You may want to check those out. They don't last any longer than the IBM batteries (since it seems to be the charge controller) but cost about half to 75% as much.)
InitZero
The owner Roy is a personal meatworld friend of mine
I'm as open-minded as the next guy but, *please*, there is room for a little 'don't ask; don't tell', huh? What you two do with your meat is your own business. Leave us all out of it.
InitZero
How does this information get out in the first place
I work at a newspaper where it is just about
impossible to get fired -- I know, I've tried.
The quickest way to get the boot is to remove
copies of ads from the building before the public
gets a hold of them. The ad inserts (those glossy
sheets usally wrapped inside the classified
section which you throw away so you can read the
paper without all that crap) that go in, for
example, Sunday's newspaper are often printed
days or weeks in advance. Removing even one
Sears/BestBuy/grocery store circular from the
building is grounds for termination.
Businesses (especially grocery stores) operate
on very tight margins. Losing folks because the
price of bananas is two cents less a pound is
painful. And, of course, the newspapers are faced
with very strict penalties if we are found to have
let the sort of information leak.
And yet, those advertising circulars are one
of the ways information leaks.
InitZero
Many local zoning ordinances prohibit big (6~8 ft) satellite dishes.
If you are actually talking about government zoning and not covenants, conditions and restrictions (CC AKA deed restrictions), you're in luck. Get an FCC amateur radio license (anyone can get one for the $10 and a very basic understanding of electronics) and tell folks its a ham antenna. Don't mention TV reception.
The FCC's PRB-1 (here and here) is a limited preemption of zoning ordinances. Basically, local government must reasonably accommodate folks when it comes to antennas. A C-band dish in your back yard would certainly be reasonable.
(You may also want to bluff with Section 207 of the Telecommunications Act of 1996 which says that folks must allow dishes. It generally only applies to dishes less than a meter but some people won't read the entire document if you have a good poker face.)
Is it possible to use many smaller dishes to achieve the same effect as one big dish in picking up C-band transmissions?
Yes. Hams have beeing builing arrays for years to do moon bounce and whatnot. You can find some over the top pictures here. However, the infrastructure to create such a monster is substantial and is likely to run afoul of the same local ordinances you're trying to work around.
Overall, I don't see the point in using a big dish for TV anymore and an array of smaller dishes to act like a bigger dish seems pointless.
InitZero (k4mls)
I got a hold of a bunch of Sun SCSI four-drive disk enclosures. I had an equally large bunch of four to 18 gig drives. Add in a few surplus SCSI cards and I ended up with more than 100 gig worth of disk space attached to a small linux box.
The drives were quick enough (more spindles = more speed) for a small media server and I had no complaints.
That was, until I noticed that my home office was now running six to eight degress warmer than the rest of the house. That got me to thinking about how much juice these guys draw. All told, I would be paying an extra few bucks a month in power.
The straw that finally broke the camel's back was that having a dozen additional filesystems (yes, I could have striped them) to manage was a pain in the buttocks.
In the end, I gave the drives to someone who had more time on his hands and bought myself a pair of 100-gig IDE drives.
I don't know what you consider 'formerly huge' but unless your drives are bigger than 40 or 60-gig, it may not be worth your time. I know it would not be worth my time nor my electricity.
InitZero
Beer. Lots of it.
Two weeks ago, I was doing a pre-shipment evaluation at one of our vendors. Not only did they have beer in the company vending machines (Carlsburg for seven krone, er, $1US give or take an exchange rate), it was on the cafeteria tables at lunch every day. Not just for customers either. The employee side of the cafeteria was stocked, too.
I'd be willing to overlook all their software bugs if I could work out of their headquarters in Aarhus, Denmark.
InitZero
For example? (serious question)
I highly recommend Deep Truth: The Lives of Bob Woodward and Carl Bernstein by Adrian Havill. (It's is out of print according to Amazon.) It's part biography of Woodward and Bernstein and part discussion of Deep Throat. (Havill concludes Deep Throat was a composite character.)
The most amusing example from the book is the origin of the Deep Throat code name. Bernstein claims that he went to see Deep Throat in Washington, D.C. to evade a subpoena. Havill documents conclusively that Deep Throat wasn't showing anywhere in or near Washington, D.C. Not only was their source fake, the source of their fake source's nickname was also fake.
There are more examples in the Columbia Journalism Review article linked above or in today's gossip column on MSNBC.
InitZero
the amount of credible investigative journalism has dwindled to the point of non-existence.
In all seriousness, what Woodward and Bernstein did was not good journalism. In the end, they got it right, but it could have just as easily gone the other way.
W&B got lucky. Their All The President's Men is as often fiction as fact. If you read through their articles as they were printed (as I have as part of a number of journalism classes), you will come to understand that history has been very kind to them. They made a number of critical mistakes in their reporting.
They are cultural icons, changed the political landscape and are the answer to more than one trivia question so we must give them their due but their due isn't that of great journalists.
InitZero
I am the 'computer guy' for a local paper.
Since you're THE computer guy and not A computer guy, I take it you're in a smaller market (under 75K Sunday?).
We are looking into a revamp of our site,
Before you even think about online discussion groups, make sure your core web site is solid. I am an avid newspaper reader but can't stand most newspaper web sites. (Including my own to a large extent.)
Do you, as Slashdot users, think a local Slashdot style newspaper would be successfull?"
Maybe, but you haven't really give us enough information. How many of your readers use the internet? How large is your existing web audience? Do you get lots of letters to the editor? Do you have a huge out-of-town audience?
Let me give you a little background.
I'm a Senior Unix Sys Admin in the Editorial Systems Support group of my newspaper (265K daily / 385K Sunday -- and growing!). Before entering the technology end of the business, I was studied photojournalism and was Managing Editor of my college paper. I have more than 12 years in the industry pretty evenly split between content and support.
On top of that, my paper is very aggressive when it comes to multiple mediums. We have the paper as well as online (of course) but we also have a 24-hour cable station and will probably buy a radio station as soon as the FCC gets off our back. (We also are telephone interactive for horoscopes, news, sports, etc., have a branded sign company, weekly shopper and a direct marketing group. We cover all the bases but these are smaller parts of a very big whole.) Because of the high level of integration between our three primary formats, we have been a model for other newspapers.
So, we're a fairly forward-thinking newspaper with a huge corporate footprint backing us up. Which brings us to Slashdot style web logs... they aren't even on the radar screen.
When I ask about them I hear that they are too resource intensive. Unless you are prepared to have them run totally unmoderated (not an option for most 'family' newspapers), they require staff to approve every post. And, what is the upside, really? They only tend to draw the most rabid readers -- readers we already have in our back pocket. So, there is a support burden but no net gain in readership.
Web logs are great when you want to sell ad impressions and don't mind links to http://goatse.cx/ on a regular basis. Banner ads ain't what they used to be and goatse.cx in unacceptable. There isn't money to be made here.
I won't say that the web log is a bad idea since letters to the editor, Dear Abby and the gripe line are fairly popular, but I also wouldn't put my job on the line for that functionality. Get your core site working and then see if you have enough traffic and participation to see if the web log is going to be workable.
InitZero