I'm jealous as well, and its about two hours from where I live. I should have gone myself.
I'm getting bored at the moment and need others for inspiration. The newsgroups are getting full of clueless posters - even uk.comp.os.linux. Most of these posters can't think for themselves or be bothered to read documentation.
Work isn't helping - all Microsofties and badly configured Solaris systems. (The latter not under my control - whoever arranged the partitioning should be shot! And where's the backup device??). I'm wasting away here, spending most of my time twiddling my thumbs. Noone I talk to regarding technical issues knows what I'm on about. (Bus-mastered IDE, wassat? SSH - nah, use telnet and rlogin, its secure enough. Arggh!!)
There is a local LUG which meets once a month, but I've never managed to make it due to work comittments. Maybe this time. Who knows what opportunities could be there!
The boredom will be allieviated shortly - the football season starts in 9 days time.
This reminds me of a situation I was in a few years ago. Current employer was abusing software licenses, running internal systems on software licensed only for use in development, software licensed to customers, single-user licenses installed network-wide and other horrors too nasty to mention.
Luckily one director did see what was going on, and tried to get things to change, and had others high-up converted to the cause. Things did clear up for a while, and at one time we were 100% legal. Then we merged with a company just as bad, and things went back to how they were before.
When I last worked there a couple of years ago, things were even worse. The director and his legally aware collegues had gone, and the company was now installing web servers based on someone elses technology without giving them credit.
There may be someone else higher up the tree who can fight for your side.
I've had previous contact with Ericsons, offering support to them, and some of the people then running their IT infrastructure in Europe (particularly the UK) were utterly hopeless. One person cost me many late hours at work due to his utter imcompetance. I was doing most of his work, yet he was being paid far more than myself.
Then I was lead up the garden path when a job was indeed going there. No contact, no acknowledgements, despite the fact I was one of the few in the country that had experience of the technology they used. Later I found that this self same idiot was now responsible for hiring staff.
As a result I'll never use anthing manufactured by that company, or associate myself with anyone using their products.
SCO's an anachronism that should have been left to die years ago. As someone who had that abomination that was SCO unix placed on them at work years ago, I just wondered what was the point of it even then. Slow, cumbersome, and unable to fully use all of the available hardware. Even back in 1994 I was using Linux instead of SCO Unix for general Unix connectivity troubleshooting, as it worked!. SCO Unix at that time was awful - things were broken and you had to pay serious money for things like compilers, TCP/IP, NFS or anything else remotely useful.
What are Caldera going to get out of this, now that most SCO shops have already migrated one way or the other? A few customer accounts, perhaps? I'm not aware of any sites still running either of the SCO unix implementations in anger. Certainly not many opportunities to get a return on investment.
I've also considered moving out of the industry all together.
There are too many ignorant people around now who are in the industry for the money without the dedication. I have to deal with numerous ignorant fools every day, and this gets me down. More of my work is becoming office politics, and less is using any real skill.
Things are also getting too overtly bloated for my liking, where some thought in the implementation of the design process would make the resulting code more compact. The software I have to deal with consists of many server daemons distributed accross a number of Solaris systems. Each process is around 5MB in size, yet it does very little. The code is written without any shared libraries (other than the standard ones provided with Solaris), and with it being in C++ I presume everything is inlined too. The memory overhead on these machines is enormous, with excessive swapping. Yet I've no power to get the code changed to reduce the impact on resources, which is so frustrating.
Well that's enough ranting for now - back to talking to idiots - one deleted every log file on one machine yesterday....
I need to make a big switch. I started out writing database applications in some obscure 4GL 10 years ago, then drifted into network support, but not using IP.
The technology I worked with died out a couple of years ago, and at the same time I suffered from burn-out, since which time I've been stuck in limbo. Nothing else has been worthwhile, and I seem to stick things out for 4 months before moving on.
At the moment I'm testing implementations of a financial messaging protocol. I've done other things too, but I need to get back into development work. Unfortunatly I've little experience of current programming techniques, so no-one is willing to give me a try (I do have a bit of code in the 2.4.0-test kernel tree, though). Current place of work concentrates on Mico$oft, so I don't really want an opening there.
There's a UK Linux magazine called Linux Format. The quality is poor, but they do provide a means for getting Linux CDs from your local newsagent's.
However for the second month running they've had a problem with the CD content. Issue 3 came with XFree86 4.0.0 - it hit the newstands a day after XFree86 4.0.1 appeared on the FTP sites. Today I saw a copy of Issue 4, together with KDE 1.90 Beta-2.
This makes the cover CDs no more than coasters - about as much use as the rest of the magazine.
I used to work for a company that sold network support contracts for one OS. One bright spark in sales decided we could sell 'one stop shop' support contracts, where the customer would call us for every support issue going. This meant that the customer had only us to blame.
Although this sounded like a good idea, practically it was hopeless. We had to farm all hardware support out to a 3rd party, and finding a competant 3rd party that was aware of our OS was impossible. We also had to learn all the applications and other tools used by the customer, not all of which we had supplied.
One customer was a nightmare. They used us for everything. They'd call us for support on a DOS application that was over 8 years old, wondering why it couldn't handle PentiumMMX processors. They'd call us to download printer drivers for their 5 year old printers. They'd even get us to call hardware engineers to clean a mouse. Yet they wouldn't upgrade their network to even a remotely current release!
Eventually we stopped doing hardware, as we were loosing money.
The prevelance of MP3 has puzzled me. The sound quality is always poor to my ears, with obvious loss in clarity amd subtle harmonies. Are so many suffering from severe hearing loss?
But then again, most don't actually *listen* to music these days. They hear it, often as background, nothing more.
As the editor of Folk Roots put it recently, MP3 is for those with cloth ears.
Something globally needs to be done against spammers, script kiddies and other forms of pond-life. Some useful newsgroups I used to frequent have been killed off by spam. I only read the uk.* hierarchy nowadays. Sites I need for work purposes have been DoS'd in the past
You need a license and to pass a test before you can drive a car - you should also need a license before you can connect to the net. Those who commit offences should have their license revoked.
Simillarly, licenses should also apply to those administrating servers - too many admins at the moment are utterly clueless, and should be ashamed of drawing their pay-cheque at the end of the month. This requires testing on security policies and practices, system maintenance, system updates and the rest. Maybe if this was already in place, breaches such as the Powergen one would never have happened. Draconian, I know, but I can't envisage any other solution that has any hope of working.
Regarding the major UK company. They bought PCs from Compaq, whose default installtion would have DMA enabled (this being Windows95). However the said company had prepared their own disk image containing all the software they supposedly needed, and the supplier would install this image on the machine. This image didn't have DMA drivers installed, and was also deficient in other means (such as wrong search order for the network naming systems). WinNT machines were simillarly insatlled.
I pointed out in a meeting that this was a serious problem, particularly since my role was to monitor the performance of the NT machines. IDE without DMA uses at least 10 times as much CPU bandwidth than with DMA enabled, and I was not able to do my work. Management ignored me.
The general consensus here is that UDMA was not enabled properly on the Linux box, due to the peculiarity of the particular VIA chipset being used, giving poorer throughput.
It's not the first time I've seen a benchmark like this. Last year the UK magazine PCPlus did a comparative revue of a number of SCSI and EIDE interfaces (including an IDE RAID array). Windows biased, of course, with no comparative mention of other OS support.
They ended their review with a set of benchmarks. To me the faster ones didn't look too good. Then I read the comments next to the RAID controller's results, stating that the test had been done in compatability mode. Reading between the lines indicated that they did all their benchmarking under Windows 98 or even DOS, and as no DOS drivers were available for that RAID controller, they'd just accessed that one by the BIOS, and ran the remaining tests using a DOS application, which most likely used PIO. Fsckwits!
Then again I know of one major UK company that is rolling out 1000s of Windows 95 and NT PCs, all of them using the standard PIO IDE driver supplied with the OS, despite the fact that every machine is fitted with ATA-33 capable drives. Neither anyone in the IT department nor their hardware supplier (Compaq Certified!) seemed to be aware of the different IDE operational modes. Sad, very sad!
Even here at work very few of the NT workstations have UDMA IDE support installed. They're hiring a full-time sysadmin who should do these things, so I'll test him when he arrives.
I've yet to see a comparative benchmark where the person performing the tests know how to configure the hardware properly. The main philosophy seems to be 'Hey it works! I don't need to do any more with it!'.
No, you should check security fixes daily. A week is too late.
For detecting possible security holes Nessus is a good tool to use, and it can be configured by a cron job to automatically pull down revised scripts. It works in conjunction with nmap. Be warned it can take a long time to run - it took me 20 minutes to scan 127.0.0.1.
The worst thing, though, is to rely 100% on security tools. Tools like Nessus rely upon known exploits. Its the unknown ones that cause the real problems.
You probably mean Corinthian Casuals, an small English amateur team of long standing.
The only time Corinthian Casuals get mentioned over here is if they manage to qualify for the first round of the FA Cup, when small teams often get hammered 4-0 or more by some minor 3rd Division outfit.
They have fixed it! Wow - ten years too late, mind!
In 1991 I had two applications that used different versions of the same third-party DLL to make network API calls. One manufacturer stupidly used a pre-release DLL in their code and copied into the local directory, the other used the production DLL stored on the network search path (or on the local drive). The production DLL also had additional function calls.
Many users needed to run both applications. Only answer was to exit windows after running one of them. Then someone installed a Fax driver which also used this.DLL, and one of the applications couldn't run at all.
The problem with Micros~1 is that they don't have any version management with their libraries. Different major versions of a library typically have the same name, meaning that only one will load. If an API changes between major versions, applications using one version will fail. Since there is no mechanism to force an application to use a specific library (other than patching the binary), the Micros~1 way is serious broken. Win2000 may do things different, but I have not used it.
What usually happens with Unix libraries is that when an API changes, the libraries's major version should also change. There unfortunatly have been many exceptions - glibc2.0 vs glibc2.1 a typical example (whoever was responsible for that mess should be forced to code everything in Intercal for the next year as pennance). Individual executables can be told which library to use in specific cases, if needed (for example, some programs rely upon the existance of specific bugs in certain libaries to work - fixing the bug breaks the application)
Shared libraries work properly if they are managed properly.
Most Unix applications share little or nothing with each other, save for the C library and X libraries. Everything else appears to be an attempt to re-invent the wheel, sometimes coming up with an eccentric triangle instead.
The main advantage is that if a security hole or bug is discovered in a library, an replacement library will resolve the majority of problems. A certain $oftware company does this a lot. The other advantage is that it saves memory.
Gmome appears to be doing more than KDE in this field. Run ldd against a typical Gnome application, and a whole host of component librarires will be linked in - Imlib and others for image rendering, GTKXmHTML for HTML, Gtk and libgnome of course, and so on.
Gnome is standardising on which libraries to use. Unix libraries have become fragmented, with many features duplicated between competing libraries. The present situation elsewhere is a mess, due to it not being controlled.
The only other environment I can see that does something very simillar is Perl, with standard modules available on CPAN. Python may do the same, but I havn't looked at Python closely enough.
IE 4 and 5 do come with an semi-automated update mechanism that will check to see which patches need installing, fetch them from MS and tell you to reboot if needed (MS systems can't overwrite a currently running DLL or EXE file). This is acessible from a menu option within Internet Explorer.
I have to run MS at work, and every day I check this site every day. I also check the standard Microsoft Technet security pages at regular intervals.
At home I run a home-brew Linux system. Again I check with the relevant sites to see which software to upgrade, then download it and compile. I am starting to get paranoid, so I will be switching to Debian, and use apt-get (or whatever it's called) to keep me as up to date as possible. I also regularly run the current Nessus against my home system to ensure that it is not susceptible to known exploits. Nessus itself has a mechanism to automatically update all scripts.
Past experience has shown that a lot of sites are clueless when it comes to security. I know of one company that is still using IE3 on every desktop. I don't want to know what's running on their servers!
Most of the Usenet groups I visit are in the uk. heirarchy, and fairly free from spam. If any does appear the guilty parties are usually shutdown, or in the case of some newsgroups (uk.singles and uk.rec.sheds), the spammer has the p*ss taken out of them somewhat rotten.
There's a few alt. groups I look at as well. Spam in some is very prevalent, one group is nothing but spam, with a couple of on-topic posts a week if youre luckily.
Configuring leafnode to only download postings made to 4 or less newsgroups cuts down on a lot of the spam, but misses the odd on-topic post.
Slashdot Mirror
I'm getting bored at the moment and need others for inspiration. The newsgroups are getting full of clueless posters - even uk.comp.os.linux. Most of these posters can't think for themselves or be bothered to read documentation.
Work isn't helping - all Microsofties and badly configured Solaris systems. (The latter not under my control - whoever arranged the partitioning should be shot! And where's the backup device??). I'm wasting away here, spending most of my time twiddling my thumbs. Noone I talk to regarding technical issues knows what I'm on about. (Bus-mastered IDE, wassat? SSH - nah, use telnet and rlogin, its secure enough. Arggh!!)
There is a local LUG which meets once a month, but I've never managed to make it due to work comittments. Maybe this time. Who knows what opportunities could be there!
The boredom will be allieviated shortly - the football season starts in 9 days time.
Luckily one director did see what was going on, and tried to get things to change, and had others high-up converted to the cause. Things did clear up for a while, and at one time we were 100% legal. Then we merged with a company just as bad, and things went back to how they were before.
When I last worked there a couple of years ago, things were even worse. The director and his legally aware collegues had gone, and the company was now installing web servers based on someone elses technology without giving them credit.
There may be someone else higher up the tree who can fight for your side.
I've had previous contact with Ericsons, offering support to them, and some of the people then running their IT infrastructure in Europe (particularly the UK) were utterly hopeless. One person cost me many late hours at work due to his utter imcompetance. I was doing most of his work, yet he was being paid far more than myself.
Then I was lead up the garden path when a job was indeed going there. No contact, no acknowledgements, despite the fact I was one of the few in the country that had experience of the technology they used. Later I found that this self same idiot was now responsible for hiring staff.
As a result I'll never use anthing manufactured by that company, or associate myself with anyone using their products.
What are Caldera going to get out of this, now that most SCO shops have already migrated one way or the other? A few customer accounts, perhaps? I'm not aware of any sites still running either of the SCO unix implementations in anger. Certainly not many opportunities to get a return on investment.
There are too many ignorant people around now who are in the industry for the money without the dedication. I have to deal with numerous ignorant fools every day, and this gets me down. More of my work is becoming office politics, and less is using any real skill.
Things are also getting too overtly bloated for my liking, where some thought in the implementation of the design process would make the resulting code more compact. The software I have to deal with consists of many server daemons distributed accross a number of Solaris systems. Each process is around 5MB in size, yet it does very little. The code is written without any shared libraries (other than the standard ones provided with Solaris), and with it being in C++ I presume everything is inlined too. The memory overhead on these machines is enormous, with excessive swapping. Yet I've no power to get the code changed to reduce the impact on resources, which is so frustrating.
Well that's enough ranting for now - back to talking to idiots - one deleted every log file on one machine yesterday....
The technology I worked with died out a couple of years ago, and at the same time I suffered from burn-out, since which time I've been stuck in limbo. Nothing else has been worthwhile, and I seem to stick things out for 4 months before moving on.
At the moment I'm testing implementations of a financial messaging protocol. I've done other things too, but I need to get back into development work. Unfortunatly I've little experience of current programming techniques, so no-one is willing to give me a try (I do have a bit of code in the 2.4.0-test kernel tree, though). Current place of work concentrates on Mico$oft, so I don't really want an opening there.
However for the second month running they've had a problem with the CD content. Issue 3 came with XFree86 4.0.0 - it hit the newstands a day after XFree86 4.0.1 appeared on the FTP sites. Today I saw a copy of Issue 4, together with KDE 1.90 Beta-2.
This makes the cover CDs no more than coasters - about as much use as the rest of the magazine.
Although this sounded like a good idea, practically it was hopeless. We had to farm all hardware support out to a 3rd party, and finding a competant 3rd party that was aware of our OS was impossible. We also had to learn all the applications and other tools used by the customer, not all of which we had supplied.
One customer was a nightmare. They used us for everything. They'd call us for support on a DOS application that was over 8 years old, wondering why it couldn't handle PentiumMMX processors. They'd call us to download printer drivers for their 5 year old printers. They'd even get us to call hardware engineers to clean a mouse. Yet they wouldn't upgrade their network to even a remotely current release!
Eventually we stopped doing hardware, as we were loosing money.
When I saw the word Toonami, I was expecting a story on Newcastle United.
But then again, most don't actually *listen* to music these days. They hear it, often as background, nothing more.
As the editor of Folk Roots put it recently, MP3 is for those with cloth ears.
You need a license and to pass a test before you can drive a car - you should also need a license before you can connect to the net. Those who commit offences should have their license revoked.
Simillarly, licenses should also apply to those administrating servers - too many admins at the moment are utterly clueless, and should be ashamed of drawing their pay-cheque at the end of the month. This requires testing on security policies and practices, system maintenance, system updates and the rest. Maybe if this was already in place, breaches such as the Powergen one would never have happened. Draconian, I know, but I can't envisage any other solution that has any hope of working.
I pointed out in a meeting that this was a serious problem, particularly since my role was to monitor the performance of the NT machines. IDE without DMA uses at least 10 times as much CPU bandwidth than with DMA enabled, and I was not able to do my work. Management ignored me.
It's not the first time I've seen a benchmark like this. Last year the UK magazine PCPlus did a comparative revue of a number of SCSI and EIDE interfaces (including an IDE RAID array). Windows biased, of course, with no comparative mention of other OS support.
They ended their review with a set of benchmarks. To me the faster ones didn't look too good. Then I read the comments next to the RAID controller's results, stating that the test had been done in compatability mode. Reading between the lines indicated that they did all their benchmarking under Windows 98 or even DOS, and as no DOS drivers were available for that RAID controller, they'd just accessed that one by the BIOS, and ran the remaining tests using a DOS application, which most likely used PIO. Fsckwits!
Then again I know of one major UK company that is rolling out 1000s of Windows 95 and NT PCs, all of them using the standard PIO IDE driver supplied with the OS, despite the fact that every machine is fitted with ATA-33 capable drives. Neither anyone in the IT department nor their hardware supplier (Compaq Certified!) seemed to be aware of the different IDE operational modes. Sad, very sad!
Even here at work very few of the NT workstations have UDMA IDE support installed. They're hiring a full-time sysadmin who should do these things, so I'll test him when he arrives.
I've yet to see a comparative benchmark where the person performing the tests know how to configure the hardware properly. The main philosophy seems to be 'Hey it works! I don't need to do any more with it!'.
For detecting possible security holes Nessus is a good tool to use, and it can be configured by a cron job to automatically pull down revised scripts. It works in conjunction with nmap. Be warned it can take a long time to run - it took me 20 minutes to scan 127.0.0.1.
The worst thing, though, is to rely 100% on security tools. Tools like Nessus rely upon known exploits. Its the unknown ones that cause the real problems.
I hope, no pray, that they don't introduce the quirkiness that beset AIX. Bleurgghhh!
Wow! A Perl Sux flame with Perl spelt correctly (ie. not Pearl). Must be a first!
Total attendance in England alone for league games during the season is over 500,000. This doesn't take into account Scotland, or non-league games.
The only time Corinthian Casuals get mentioned over here is if they manage to qualify for the first round of the FA Cup, when small teams often get hammered 4-0 or more by some minor 3rd Division outfit.
In 1991 I had two applications that used different versions of the same third-party DLL to make network API calls. One manufacturer stupidly used a pre-release DLL in their code and copied into the local directory, the other used the production DLL stored on the network search path (or on the local drive). The production DLL also had additional function calls.
Many users needed to run both applications. Only answer was to exit windows after running one of them. Then someone installed a Fax driver which also used this .DLL, and one of the applications couldn't run at all.
In the end we ditched one of the applications.
And on my machine I have 3 separate versions of the ncurses library. Some binary only applications are linked against specific versions.
What usually happens with Unix libraries is that when an API changes, the libraries's major version should also change. There unfortunatly have been many exceptions - glibc2.0 vs glibc2.1 a typical example (whoever was responsible for that mess should be forced to code everything in Intercal for the next year as pennance). Individual executables can be told which library to use in specific cases, if needed (for example, some programs rely upon the existance of specific bugs in certain libaries to work - fixing the bug breaks the application)
Shared libraries work properly if they are managed properly.
Most Unix applications share little or nothing with each other, save for the C library and X libraries. Everything else appears to be an attempt to re-invent the wheel, sometimes coming up with an eccentric triangle instead.
The main advantage is that if a security hole or bug is discovered in a library, an replacement library will resolve the majority of problems. A certain $oftware company does this a lot. The other advantage is that it saves memory.
Gmome appears to be doing more than KDE in this field. Run ldd against a typical Gnome application, and a whole host of component librarires will be linked in - Imlib and others for image rendering, GTKXmHTML for HTML, Gtk and libgnome of course, and so on.
Gnome is standardising on which libraries to use. Unix libraries have become fragmented, with many features duplicated between competing libraries. The present situation elsewhere is a mess, due to it not being controlled.
The only other environment I can see that does something very simillar is Perl, with standard modules available on CPAN. Python may do the same, but I havn't looked at Python closely enough.
As for security, Lotus do produce quarterly updates, and these do contain fixes to security problems. Some seem to be DoS problems with Domino itself.
I have to run MS at work, and every day I check this site every day. I also check the standard Microsoft Technet security pages at regular intervals.
At home I run a home-brew Linux system. Again I check with the relevant sites to see which software to upgrade, then download it and compile. I am starting to get paranoid, so I will be switching to Debian, and use apt-get (or whatever it's called) to keep me as up to date as possible. I also regularly run the current Nessus against my home system to ensure that it is not susceptible to known exploits. Nessus itself has a mechanism to automatically update all scripts.
Past experience has shown that a lot of sites are clueless when it comes to security. I know of one company that is still using IE3 on every desktop. I don't want to know what's running on their servers!
There's a few alt. groups I look at as well. Spam in some is very prevalent, one group is nothing but spam, with a couple of on-topic posts a week if youre luckily.
Configuring leafnode to only download postings made to 4 or less newsgroups cuts down on a lot of the spam, but misses the odd on-topic post.