The difference lies in what businesses want vs. what enthusiests want. Businesses want a stable platform that will undergo minimal change - generally, security and driver updates only in the Kernel and major packages. The reason is that they sometimes run closed-source (gasp) packages on top on Linux (such as Oracle, Domino, etc.) that can't be recompiled if something significant changes. The vendor (Red Hat or Novell) will take care of back-porting appropriate patches to the previous kernel versions, etc., and continue to provide a "stable platform" for at least two years. This way, your IT staff and third-party suppliers (IBM, Oracle, etc) can have a slowly-moving target for their applications and not waste a lot of time figuring out which kernel structure changed to break such and such application. Enterprise hardware vendors (HP, IBM, Sun, etc) can develop, test, and certify their device drivers (let's face it, not many enthusisasts own $10,000 - $500,000 servers) against a stable platform as well.
Most of use that support these servers are happy to trade being a year or so behind the latest and greatest features for the joy of not worrying over whether some update or other is going to break our critically important (at least to our companies and our carreers:-) ) systems. When we do have problems (which is reasonably rare), we don't have to go into endless discussions over the astronomically huge possible combinations of patches and updates and which combinations are functional. 99.99% of the time everything Just Works (and the other.01% is usually because you did something out-of-spec).
This isn't to knock community-developed distributions - all of my personal systems run them, and I've used them on occasion in enterprise environments where we were just running stuff included in the distro. But like most things, you need to choose the write tool for the job...
You, dear Mr. Thered, deserves an Iron Cross. I mean, a Presidential Medal of Freedom.
Wow! First reply is already hitting Godwin's Law! This isn't even a terribly clever ad hominem. Are you too lazy or too stupid to come up with an intelligent response? Oh yeah, this is Slashdot, never mind.
If they leave the big red button there with no security around it or guards, eventually someone is going to push it simply because they can.
Nobody waved a big red button in front of his face; he found it and pushed it. You can argue malicious intent, and it will indeed probably affect his sentencing, but tresspass is still a crime. If you don't like it, why don't you open up your home and information systems to random strangers first?
Hail the new american slogan, "It isn't fascism when we do it!"
Definition of Fascism: "A philosophy or system of government that is marked by stringent social and economic control, a strong, centralized government usually headed by a dictator, and often a policy of belligerent nationalism." I suppose people could argue about this, but either way it has nothing to do with this topic. Somebody breaks the law. Somebody gets caught. Somebody gets extradited. Happens in democratic countries, communist countries, fascist dictatorships, etc.
I've seen this guy in interviews. A clever man, who obviously has a lot more to give to the world.
Too bad he wasn't using his alleged cleverness in an attempt to do something lawful. He's hardly the first smart person to use his intellect in the wrong manner. Unfortunately, he chose a pursuit that will result in him wasting a portion of his life in prison.
Shame he's going to get disappeared.
Let's see... "disappeared" in the context you're using it means he'll be murdered and his body disposed of in an unmarked grave so as never to be found. One can argue about the pros and cons of the American judicial system, but I don't think we're quite to this point yet.
The funny thing about you people in the "Hate America - Hate Bush" crowd is that you're the ones propping him up. He's unpopular, inarticulate, gets hammered constantly by the press, and he and his party still got re-elected (and will again this year). Why? Because his loudest detractors spew a constant stream of such obviously stupid bullshit - like your post - that people think "I may not like Bush, but his opponents are worse." Of course, this being Slashdot, shooting yourself in the foot with both barrels like this gets modded "Insightful."
The worst I've done, personally: gotten head while driving. I wouldn't recommend it. Unless she's really, really good.
Actually, I've got... umm... one up (sorry) on that one: while driving, on a curvey, unlit, unfamiliar back country road in a rental car while speeding (with the top down).
The good thing about this particular stunt is that if you can't handle it, the results will significantly reduce your odds of reproducing and passing your crazy genes on to the next generation.
Maybe they'll just make sure the network gets pwn3d so they can point their fingers at it, jump up and down, and yell "See! See! See!" like a bunch of 12-year-olds who just drank a case of Red Bull.
...the kernel maintainers have spent more than a year whining and bitching about how the code doesn't fit in their 80-column terminals.
People still use 80-column text video modes for editing code?!?!?? That's an impressive level of masochism. Argh,/me is having flashbacks of having to write code that fit 80-column dot-matrix printouts for my teachers....
I've been looking for the quote and been unable to find it... I could have sworn that somewhere along the lines Steve Ballmer stated something along the lines of "Windows 2000 would never need a service pack"... replies from anyone with a better memory than mine would be appreciated. It's not quite "640K should be enough for anyone" but it's close...
I finally broke down and bought an Areca card for one of my home-office servers (I had read some nice reviews and wanted to test one myself before recommending it). Seems reliable (at least from my single, lonely sample point) - it handled a drive failure perfectly (that is, it caught ugly S.M.A.R.T. statistics and notified us before the drive actually failed completely) - and it's very fast. Their Linux driver is BLOB-Free, well-commented and 100% GPL. Prices are reasonable, but it'd be nice if they were available through mainstream distribution (Ingram, TechData, etc) - not yet, apparently.
Don't trust them farther than you can throw them
on
RAID Controller Shoot-Out
·
· Score: 3, Informative
Ok, I realize it's a bad metaphor because you actually can throw a motherboard quite a distance. But here's another example of where things can go horribly wrong: How do they handle error conditions? On my desktop system, I'm running RAID-0 (with WD Raptor drives) for speed. Yes, I know what I'm doing (famous last words). No, I don't store any important data on my desktop (it's on a RAID-5 array on a server). Originally, I was using the Silicon Image 3114R on-board RAID controller included on my Asus A8N-SLI "Premium" motherboard. Eventually one of the drives died. The SI3114R responded to the problem by freezing and becoming unresponsive when a disk error occurred. Under DOS, Linux, or WinXP - the problem is not OS specific. The rest of the system works fine, but once it hits an error the SI3114R just stops working and returns nothing but errors to the OS. Now, since Asus doesn't update the SI3114R BIOS in their mobo BIOS updates (and I'm too lazy to hack my own), I don't know whether it's bad silicon, bad BIOS, or a bad design (my guess would be the latter). Accessing the drive's S.M.A.R.T. data indicates that the warning numbers were screamingly bad and probably were for some time.
So apparently the SI3114R doesn't monitor S.M.A.R.T. data, and it's error-handling capabilities fall somewhere between "shitty" and "non-existant". No big deal for me; I was only inconvenienced by having to re-install operating systems and applications.
The moral of this long-winded story is that you generally get what you pay for. This isn't the first bad experience I've had with on-board RAID controllers. If your data is important, then spend the appropriate money (think in terms of data replacement cost), do the appropriate research, and invest in a RAID setup that's right for your situation. If your protected data consists of anything more important than your Oblivion saved games, your mobo's RAID controller (or the $39 Fry's special) is probably the wrong choice.
And if anyone cares to know, I'm now using the NVRAID on the mobo (we'll eventually see if it handles failures more gracefully), and I use an Areca ARC-1110 on my server. I can attest that the Areca card does handle failures extremely well, albeit noisily.
If I had a nickle for every time I was told a product would be available in n years, and still wasn't available (n x 3) years later.... I'd have a shitload of nickles.
Please people (companies, etc) - don't tease us until the product is somewhere remotely close to manufacturing!
Here are some ideas you (and your management) can pursue, simultaneously if need be. Oh yeah, IANAL, but I've dealt with plenty of them.
1) See if you can figure out what requires Domain Admin access - usually it's file or registry issues. SysInternals RegMon and FileMon are excellent for spotting these - you just run the program with regular user privileges, and watch to see which requests fail.
2) If this is a large, contract-licensed piece of software, look to see if the contract's been breached. Even if the vendor indemnifies themselves thoroughly, a good lawyer might scare them into compliance - you never know which contract provisions a judge may find unenforceable. I've seen really strange things happen in court (both good and bad). If you're working with the vendor, you can use the "look, you've sold us unusable software - you have to either fix it now, or I have to turn this over to legal so they can get our money back, and try to recover compensation for the time and resources we've wasted" card. Don't rant and rave and scream and threaten - just be a nice, reasonable person and explain that they're not leaving you any alternatives. You need working software or you need compensation. Only a very stupid or very cocky vendor will refuse to work with you - nobody wants to be dragged into court. And you really don't want to go to court either, but you can't afford to get screwed
3) Another possible route is to get them to put in writing that their software will only run with Domain Admin priviliges or whatever. Tell them you just need it to cover your own butt. At that point, you can get your management to sign off on it as well, thus covering your butt completely, or your management can use it to help show they negotiated in bad faith while selling your company the software.
Whatever you do, don't let a vendor bully you into doing something stupid that violates your responsibilities as an admin.
We base any number of beliefs and theories upon indirect evidence. We cannot directly measure the distance of a celestial object, nor do we have a machine in the deepest depths judging its speed. However, using what we know to be effects of distance and movement, we are able to infer these values.
I doubt you're going to complain about the "unproven theory" of Proxima Centauri's location.
Actually, I am:-). Astrophysicists don't claim to know "exactly" how far Proxima Centauri is from Earth (or Sol or whatever you want to base it's relative location on) to, say, a picometer. They describe its distance in as a fraction of a lightyear (roughly 3.99). This is reasonable, considering the margins of error involved in calculations based on indirect measurements (not to mention the fact that none of the bodies involved are staying still).
There is another interesting and crucial distinction between indirect measurements used for astrophysics versus those used for climate simulation. Predicting the movements of celestial bodies involves solving linear equations - you plug in your starting data, and the margin of error for your predictions is proportional to the margin of error of your input, relative to how far out your are trying to predect the movement. Example (real life) - astrophysicists see an asteroid whose orbit may (cataclysmically) intersect with Earth 30 or so years from now, but they can't predect for sure if it will or not because the measurements simply aren't precise enough. So they give us a probability, which is the correct thing to do. Climate, in contrast, is non-linear - and as with any non-linear system, tiny inaccuracies in the starting values can drasticly, disproportionately, and often unpredictably (due to the complexity and / or iterations of the calculations) alter the outcome. So the tiniest inaccuracies in the data make the difference between global warming and a new ice age - at least, if the model is honest and accurate (and that's a whole separate debate).
I don't see you whining about "indirect measurements" to save the "endangered blue iguana" in your.sig.
What indirect measurements? It's a species that lives on a small portion of a tiny island in the Carribean. They may have missed one or two over the many years as they've tracked the few remaining wild ones, but the counts are pretty accurate - they cover the entire habitat thorougly every year. They are, in fact, direct measurements. They know that as of last summer there were 25 animals in the wild, give or take one or maybe two. They released 87 captive-bred animals, more than tripling the population (but not all of these will survive to adulthood). I'd like to see an argument that an animal with a known wild population of 108 is not critically endangered.
I don't debate people who start off only pretending to debate me. My points are already made, so it's just candy for me to settle down to some justified namecalling. If that's your excuse for ignoring my valid arguments, that's your problem. Which you're drowning in.
What point already made? I demolished your point - no "pretending" about it. You didn't even try to defend it (it's indefensible anyway). You just ran away from a losing argument rather than just conceding the point and moving on, or at least trying to provide contrary evidence (not that it exists in this case). The irony is that I involve myself in a cause that shows concrete, provable improvements to biodiversity, while you rant and rave trying (very poorly) to defend an unproven theory. Drowning? I live just a few hundred meters from the ocean, at an elevation of about 2 meters. It's nice, warm, dry, and the view is awesome! The environment rocks.
We must resort to name-calling when debating with idiots or those who find trivial reasons to ignore valid arguments, lest we go mad.
So solidly demonstrating that the argument is not based in fact is a "trivial reason" from an idiot? Ummm.... I wouldn't worry about going mad, Q.E.D. I think you're already there.
Our climate records go back hundreds of thousands of years, in icecores and other samples.
These are proxies, not direct measurements. Saying they're accurate to a fraction of a degree - while politically correct - is buying into unproven theory. It may be correct, it may be incorrect. But the only "truth" is in direct measurement. Even then, you can argue about what it means - taking into account heat island effects, for example.
So you're talking out of your ass. You're quoting Greenhouse denial nonsense. Personally I'm just a little annoyed that the adults are saving your worthless ass while we cope with the climate catastrophe underway. But if I can get you to stop braying like a FoxNews mule, it will at least make our jobs just a little easier.
Everything else in your post is just a bunch of name-calling - not exactly the argumentative tactic preferred by those who actually have a point.
The problem I see the most of is that many people have litereally no lives offline - their entire social world is in some Internet forum or chat room or such. A good number of these people have very limited social skills, and are very difficult to deal with.
It would be interesting to see some research done with regards to various forms of sociopathy and other psychological disorders that are expressed and / or magnified through "living online" (and this isn't being all holier-than-thou - there aren't a whole lot of people that are 100% psychologicially "well", whatever that is - I certainly won't claim to be).
As some others have alluded, the real question you should be asking yourself is WTF are security assets doing on your public network where anybody can have a shot at them? For crying out loud, set up a DMZ. It shouldn't matter if the OS is a craptastic sploitfest, because only trusted hosts should be able to access specific ports on them. That being said, when you do replace that system it would be a good idea to use an OS that's not a craptastic sploitfest.
Instead of buying a new CCTV system, you could probably spend the same money (or less) and put in DMZs / VLANs, and solve all sorts of other security concerns at the same time.
Considering the quantity of empty calories and assorted forms of alcohol consumed during normal SuperBowl viewing, I'm amazed they find any brain activity at all.
Slashdot Mirror
The nerve of them!
/me runs, ducks, and hides...
I mean, if you consider "reading Slashdot" as "going out and socializing"....
The difference lies in what businesses want vs. what enthusiests want. Businesses want a stable platform that will undergo minimal change - generally, security and driver updates only in the Kernel and major packages. The reason is that they sometimes run closed-source (gasp) packages on top on Linux (such as Oracle, Domino, etc.) that can't be recompiled if something significant changes. The vendor (Red Hat or Novell) will take care of back-porting appropriate patches to the previous kernel versions, etc., and continue to provide a "stable platform" for at least two years. This way, your IT staff and third-party suppliers (IBM, Oracle, etc) can have a slowly-moving target for their applications and not waste a lot of time figuring out which kernel structure changed to break such and such application. Enterprise hardware vendors (HP, IBM, Sun, etc) can develop, test, and certify their device drivers (let's face it, not many enthusisasts own $10,000 - $500,000 servers) against a stable platform as well.
:-) ) systems. When we do have problems (which is reasonably rare), we don't have to go into endless discussions over the astronomically huge possible combinations of patches and updates and which combinations are functional. 99.99% of the time everything Just Works (and the other .01% is usually because you did something out-of-spec).
Most of use that support these servers are happy to trade being a year or so behind the latest and greatest features for the joy of not worrying over whether some update or other is going to break our critically important (at least to our companies and our carreers
This isn't to knock community-developed distributions - all of my personal systems run them, and I've used them on occasion in enterprise environments where we were just running stuff included in the distro. But like most things, you need to choose the write tool for the job...
Definition of Fascism: "A philosophy or system of government that is marked by stringent social and economic control, a strong, centralized government usually headed by a dictator, and often a policy of belligerent nationalism." I suppose people could argue about this, but either way it has nothing to do with this topic. Somebody breaks the law. Somebody gets caught. Somebody gets extradited. Happens in democratic countries, communist countries, fascist dictatorships, etc.
Too bad he wasn't using his alleged cleverness in an attempt to do something lawful. He's hardly the first smart person to use his intellect in the wrong manner. Unfortunately, he chose a pursuit that will result in him wasting a portion of his life in prison.
Let's see... "disappeared" in the context you're using it means he'll be murdered and his body disposed of in an unmarked grave so as never to be found. One can argue about the pros and cons of the American judicial system, but I don't think we're quite to this point yet.
The funny thing about you people in the "Hate America - Hate Bush" crowd is that you're the ones propping him up. He's unpopular, inarticulate, gets hammered constantly by the press, and he and his party still got re-elected (and will again this year). Why? Because his loudest detractors spew a constant stream of such obviously stupid bullshit - like your post - that people think "I may not like Bush, but his opponents are worse." Of course, this being Slashdot, shooting yourself in the foot with both barrels like this gets modded "Insightful."
The good thing about this particular stunt is that if you can't handle it, the results will significantly reduce your odds of reproducing and passing your crazy genes on to the next generation.
Maybe they'll just make sure the network gets pwn3d so they can point their fingers at it, jump up and down, and yell "See! See! See!" like a bunch of 12-year-olds who just drank a case of Red Bull.
Not as much as the Internet masses wanting 100Mpixel pr0n....
I've been looking for the quote and been unable to find it... I could have sworn that somewhere along the lines Steve Ballmer stated something along the lines of "Windows 2000 would never need a service pack"... replies from anyone with a better memory than mine would be appreciated. It's not quite "640K should be enough for anyone" but it's close...
I finally broke down and bought an Areca card for one of my home-office servers (I had read some nice reviews and wanted to test one myself before recommending it). Seems reliable (at least from my single, lonely sample point) - it handled a drive failure perfectly (that is, it caught ugly S.M.A.R.T. statistics and notified us before the drive actually failed completely) - and it's very fast. Their Linux driver is BLOB-Free, well-commented and 100% GPL. Prices are reasonable, but it'd be nice if they were available through mainstream distribution (Ingram, TechData, etc) - not yet, apparently.
Ok, I realize it's a bad metaphor because you actually can throw a motherboard quite a distance. But here's another example of where things can go horribly wrong: How do they handle error conditions? On my desktop system, I'm running RAID-0 (with WD Raptor drives) for speed. Yes, I know what I'm doing (famous last words). No, I don't store any important data on my desktop (it's on a RAID-5 array on a server). Originally, I was using the Silicon Image 3114R on-board RAID controller included on my Asus A8N-SLI "Premium" motherboard. Eventually one of the drives died. The SI3114R responded to the problem by freezing and becoming unresponsive when a disk error occurred. Under DOS, Linux, or WinXP - the problem is not OS specific. The rest of the system works fine, but once it hits an error the SI3114R just stops working and returns nothing but errors to the OS. Now, since Asus doesn't update the SI3114R BIOS in their mobo BIOS updates (and I'm too lazy to hack my own), I don't know whether it's bad silicon, bad BIOS, or a bad design (my guess would be the latter). Accessing the drive's S.M.A.R.T. data indicates that the warning numbers were screamingly bad and probably were for some time.
So apparently the SI3114R doesn't monitor S.M.A.R.T. data, and it's error-handling capabilities fall somewhere between "shitty" and "non-existant". No big deal for me; I was only inconvenienced by having to re-install operating systems and applications.
The moral of this long-winded story is that you generally get what you pay for. This isn't the first bad experience I've had with on-board RAID controllers. If your data is important, then spend the appropriate money (think in terms of data replacement cost), do the appropriate research, and invest in a RAID setup that's right for your situation. If your protected data consists of anything more important than your Oblivion saved games, your mobo's RAID controller (or the $39 Fry's special) is probably the wrong choice.
And if anyone cares to know, I'm now using the NVRAID on the mobo (we'll eventually see if it handles failures more gracefully), and I use an Areca ARC-1110 on my server. I can attest that the Areca card does handle failures extremely well, albeit noisily.
If I had a nickle for every time I was told a product would be available in n years, and still wasn't available (n x 3) years later.... I'd have a shitload of nickles.
/me stops wishful thinking and goes back to work.
Please people (companies, etc) - don't tease us until the product is somewhere remotely close to manufacturing!
Here are some ideas you (and your management) can pursue, simultaneously if need be. Oh yeah, IANAL, but I've dealt with plenty of them.
1) See if you can figure out what requires Domain Admin access - usually it's file or registry issues. SysInternals RegMon and FileMon are excellent for spotting these - you just run the program with regular user privileges, and watch to see which requests fail.
2) If this is a large, contract-licensed piece of software, look to see if the contract's been breached. Even if the vendor indemnifies themselves thoroughly, a good lawyer might scare them into compliance - you never know which contract provisions a judge may find unenforceable. I've seen really strange things happen in court (both good and bad). If you're working with the vendor, you can use the "look, you've sold us unusable software - you have to either fix it now, or I have to turn this over to legal so they can get our money back, and try to recover compensation for the time and resources we've wasted" card. Don't rant and rave and scream and threaten - just be a nice, reasonable person and explain that they're not leaving you any alternatives. You need working software or you need compensation. Only a very stupid or very cocky vendor will refuse to work with you - nobody wants to be dragged into court. And you really don't want to go to court either, but you can't afford to get screwed
3) Another possible route is to get them to put in writing that their software will only run with Domain Admin priviliges or whatever. Tell them you just need it to cover your own butt. At that point, you can get your management to sign off on it as well, thus covering your butt completely, or your management can use it to help show they negotiated in bad faith while selling your company the software.
Whatever you do, don't let a vendor bully you into doing something stupid that violates your responsibilities as an admin.
There is another interesting and crucial distinction between indirect measurements used for astrophysics versus those used for climate simulation. Predicting the movements of celestial bodies involves solving linear equations - you plug in your starting data, and the margin of error for your predictions is proportional to the margin of error of your input, relative to how far out your are trying to predect the movement. Example (real life) - astrophysicists see an asteroid whose orbit may (cataclysmically) intersect with Earth 30 or so years from now, but they can't predect for sure if it will or not because the measurements simply aren't precise enough. So they give us a probability, which is the correct thing to do. Climate, in contrast, is non-linear - and as with any non-linear system, tiny inaccuracies in the starting values can drasticly, disproportionately, and often unpredictably (due to the complexity and / or iterations of the calculations) alter the outcome. So the tiniest inaccuracies in the data make the difference between global warming and a new ice age - at least, if the model is honest and accurate (and that's a whole separate debate).
What point already made? I demolished your point - no "pretending" about it. You didn't even try to defend it (it's indefensible anyway). You just ran away from a losing argument rather than just conceding the point and moving on, or at least trying to provide contrary evidence (not that it exists in this case). The irony is that I involve myself in a cause that shows concrete, provable improvements to biodiversity, while you rant and rave trying (very poorly) to defend an unproven theory. Drowning? I live just a few hundred meters from the ocean, at an elevation of about 2 meters. It's nice, warm, dry, and the view is awesome! The environment rocks.
Everything else in your post is just a bunch of name-calling - not exactly the argumentative tactic preferred by those who actually have a point.
The problem I see the most of is that many people have litereally no lives offline - their entire social world is in some Internet forum or chat room or such. A good number of these people have very limited social skills, and are very difficult to deal with.
It would be interesting to see some research done with regards to various forms of sociopathy and other psychological disorders that are expressed and / or magnified through "living online" (and this isn't being all holier-than-thou - there aren't a whole lot of people that are 100% psychologicially "well", whatever that is - I certainly won't claim to be).
As some others have alluded, the real question you should be asking yourself is WTF are security assets doing on your public network where anybody can have a shot at them? For crying out loud, set up a DMZ. It shouldn't matter if the OS is a craptastic sploitfest, because only trusted hosts should be able to access specific ports on them. That being said, when you do replace that system it would be a good idea to use an OS that's not a craptastic sploitfest.
Instead of buying a new CCTV system, you could probably spend the same money (or less) and put in DMZs / VLANs, and solve all sorts of other security concerns at the same time.
Considering the quantity of empty calories and assorted forms of alcohol consumed during normal SuperBowl viewing, I'm amazed they find any brain activity at all.