Compress it, encrypt it, split it into 1K chunks, and interleave it among backup servers indexed by hash value.
How?
As far as I can tell, this particular piece of software is just designed to backup any files put in a specific directory (OT: Do symbolic links work?). It appears that it sends the entire encrypted content of these files to any/all peers you have configured.
What you suggest has potential, but I think it should be taken a step further. Basically what's needed is a RAID 5 version of this, but better. Ideally you set it up so you exchange data with about a dozen people (not total strangers, but someone you at least kinda know). Each individual encrypted small chunk is stored on at least 3 different machines. There would, of course, need to be some kinda of map as to what data is where, but this can be encrypted into the data itself somewhere.
What this doesn't account for (as WPIDalamar pointed out) is that you still need to rely on "old-school" backup for your private key and friend list (along w/their public keys).
NOTE: I haven't tried to use this software yet, so I don't know if my descriptions are accurate.
Up until about 30 second ago I did... I'm not really sure why, but I saw this question and one of the responces and figured I'd take a look at my xinetd config. Sure enough, it said user = root. The stupid thing is, I even created a user to run CVS as, I just never used it!
I thought RedHat forked on version 2.8? That's minor anyway as the point is it's really old:)
Do you use Oracle as the DB backend or MySQL? If it's MySQL, you may wish to look into the latest release (2.16.2) which has all user generated pages being handled by templates (the default look and feel is still what's seen on bugzilla.mozilla.org). If you're using Oracle, you'll have to wait for a while as the cross database compatibility is still being developed.
Did you hack anything other than the interface? I'd recommend upgrading if at all possible, especially if your Bugzilla install is publicly available, as there have been many security holes fixed since the 2.7/2.8 timeframe.
This is a really educational article. Thank-you, Brian, for taking the time to write it. I'm still very frightened by Palladium, but at least I don't feel threatened by TCPA:)
Slightly OT: I also thought it was really cool to see that AMI has an installation of Bugzilla. Brian, do you mind if we list you (AMI) as a company using Bugzilla?
I just had a hard disk crash on my linux box. Because I'm lazy and never did any backups, I lost a lost of information because of this. I decided to buy 2 disks to replace the one and when I did my reinstall I selected the option to use RAID 1 (or mirroring). It seems to be a lot faster, but I don't actually have any benchmarks to prove it.
General theories: * RAID 0, striping will give faster read and write times, but no redundancy. * RAID 1, mirroring will give faster read times, put write will probably be slower. * RAID 4 gives good performace and some redundancy, but IIRC there is still a single point of failure (the parity disk) * RAID 5 gives moderate, if any, performance increase but solves RAID 4's problem by spreading parity over all disks in the array.
Special consideritions if you're using IDE: If you are setting RAID 0 or 1 (or both combined, yes that is possible) using IDE disks and your goal is performace increases, both disks must be on seperate IDE buses (eg, primary and secondary). If they are on the same bus as a master and a slave, then they share the same controller (the master's) and there is no performace increase (there's still redundancy if you're using RAID 1, but no performance gain). It's also advisable to not have anything be a slave on that bus (esp. slow stuff like CDROM's) otherwise it's usage will slow the hard disk down.
3D video. I don't know if it's progressing or not, but it's about the only think I can think of that will have any signifigant increase in storeage requirements (other than more pictures/music/video, of course).
As someone who's been in that position before (not of looking at porn while working, but catching someone else doing it) I'm sure other options were considered. The problem is, this bozo was looking at porn in his glass office. Had he been caught looking at porn in his cubicle with the monitor not facing the doorway or in his walled office, he may have simply been written up. But to look at blatently offensive material in plain view is too far over the top... he had to go.
In the military everything is tied to your social security number. It's on all my paperwork from the enlistment contract to the piece of paper where I agreed not to have sex w/my recruiter. They put it on the ID cards. I had to use it whenever it went to sick call. It's spray painted on the outside of my duffle bag. It's even on a chain that I'm wearing around my neck right now (aka, my dog tags).
But even out in normal civilian life, the social security number is extreamly overused. I tried to test drive a car once and the dealer wouldn't let me because I wouldn't give them my SSN.
In my neck of the woods they showed this preview with the Lord of the Rings so I saw it about 1:30 this afternoon. The best line in the trailer was "She'll be back" near the end of it.
Hmmm... if that's the best thing I can say about the preview (minus the blonde, of course:) then maybe it's not something I'm gonna waste my money on... then again, there is the blonde.
Just wait 'till they change the entire backend and make a seperate version that looks similar for corporations called Terminator NT 3.51... after all, consumers don't need a stable movie:)
Yahoo has actually added a "This is Spam" selection to the message list screen in the Inbox. Because I can recognize the vast majority of SPAM based on the sender/subject line combination, I normally just open my Inbox, check a bunch of boxes, select "This is Spam" (next to delete button) and hit submit. They do seem to catch quite a bit of SPAM, but a lot still slips through (I just checked my mailbox and I have 3 pieces of junkmail in my Inbox and 10 in my bulk mail folder since last night).
I agree that it would be nice to open the message in a way that at the very list disabled images though as every now and then I'm not sure that something is SPAM and I open it to check. I normally end up clicking on the "This is Spam" link in that message, though, 'cause it normally turns out to be SPAM.
I'm sorry, I must have misunderstood what counts for trolling here at slashdot. Apparently it's responding to somebody's comment and presenting facts obtained from personal experience working with a system... and all this time I thought it was posting useless and random garbage, although I can't seem to find anything out there that actually defines the moderation terms (I thought I saw something before, but can't find it now).
Re:Been there, done that.
on
More on Longhorn
·
· Score: 1, Informative
Not so long ago the standard repost to any Microsoft post was the time a system stayed up before the blue screen of death. Funny thing, you don't hear that half so often since Windows 2000 and XP hit the stores.
Well, if you really want it: 10 days. Or did you want an average? 'Cause that was the max on a Windows 2000 domain controller we had at work. On a 1GHz proccessor, 2 GB of RAM, and 100 GB of RAID drive space... not what I would classify as hardware starved. We recently reformatted it and made it a file-server only and it hasn't crashed in the two weeks since we did that. But, that brought the grand-total to 5 high-end Windows machines (we had to put in another dedicated domain controller to replace the functionality we removed) to do the job that one Novell box running on a P-II did for 2 years with an average uptime of 60 days, which was about the timeframe that we normally decided to take it down for some major change or another. I still don't understand why we ever switched.
Doh, guess I'm less than intelligent... I lost mine a few weeks ago and haven't found it again. Just when I was starting to use it again!! (it's helpful for those of us w/college classes to track what homework assignments are due when).
If you're considering migrating your Aceess database to MS SQL Servier - do consider PostgreSQL. From experience, the amount of suffering is about the same for both transitions, but when your done, PostgrSQL is more robust, less expensive and less buggy.
OK, you've got my attention. This is something I hope to do more of in the future and being that you have some expirience, I'd like to ask a couple questions...
I recently did an Access to MS SQL conversion and ended up with an access database in.adp format which contained the connection string to the SQL server and required no ODBC setup on the clinet PC's. Is this similar in Postgre?
In that conversion, the.adp file contained the forms, reports, and macros. The queries from the old access db were stored on the server either as views or Stored Procedures. Is this also similar (or at least compatible)?
MS SQL allows you to use your current windows credentials as the authentication to the SQL server. This is nice because then the users don't have to enter/remember another password. Can I do this in Postgre?
I've found that Access generates absolutely horrid SQL. Fortunately, because all these queries are stored on the SQL server, they can be edited/optimized after the conversion. This question ends up being a two-parter. How compatible is Postre with Access' ugly SQL? And if there's a compatability problem with the generated SQL, can I at least edit it server side and make access not care that that's happened?
I'm sure there's more issues I'd run accross, but this is all I can think of setting on my couch during my extended weekend away from work:)
Doh, I must have missed that detail somehow. I rarely print pages, but they few times I've tried from IE I couldn't quite get it to work the way I wanted it to (I was tring to do some from a self-generated HTML page in a VB app by embeding IE in it and it wasn't a pleasent expierence).
- It decides that some files are text files, whether they are or not, and insists on displaying them in the browser rather than downloading them. RAR archives and PNG images do not look good in a web browser window. This bug has been present in many versions and is ignored Bugzilla, with claims that it is the website telling Mozilla what MIME type the file is. Well, whatever, IE seems to be able to figure the files out just fine.
This "feature" of Internet Explorer is actually a huge pain in the butt. I remember a while back we were talking about giving people the ability to view the source before loading it in their browser if a Bugzilla Attachment had a <script> tag in it (can't find a bug reference, but I did come accross the first bug I ever fixed while looking... oh the nostalgia:). We were talking about just providing a link that would output the attachment as text/plain instead of text/html. Simple, except IE detected that it was still HTML code so it thought it was smarter than us and rendered the page anyway. I don't remember what we ended up doing about this, but it was an issue.
This "feature" you mention is probably also the main cause for the problems you're now expierencing. After all, why should I bother to properly configure my webserver when Microsoft's software can just use some horrible fuzzy match on the file to determine what it is?
I really don't see any problems... the only text that is hard to see (I won't say read, 'cause I can't read any of it:) is the text they put in images... hardly Mozilla's fault. And even though the font was easily big enough to be seen, hitting ^+ made it bigger (except for the stuff in images, of course).
I even went so far as to load the page in IE and didn't notice any difference.
Tell me, how does the mighty IT dept prevent the employees from upgrading from IE5.5 to IE 6 from windows update? Or stop users from installing the latest security update for windows? Or stop you from installing the latest SP for Office?
Um... by not putting them in the local "Administrators" group? Granted, this doesn't work w/the 9x series of software from MS, but it does work on NT based systems.
Of course, who's to say that every little patch/sp/update is really tested by IT? I know I sure don't, at least not fully. I pretty much just install it on my machine, maybe install it on a few ginea pigs, and check the 'net for issues. But I suppose that's better than 100 random Joe Blow's deciding that the latest Media Play from Windows Update is a must-have.
That's because Microsoft is running IIS on windows so they have all the overhead of a GUI, SMB, WINS, AD, etc. and need to have more machines to get the same effect:)
> Download on a known safe system*, burn to cd, install
Or do like I do and put a linux firewall w/ip masq in between your new system and the Internet. This also has the advantage of being able to use more than one computer on the same (in my case, cable) connection.*
* The results are the same using a commercially availble firewall appliance available for $100 off the shelf at Circut City/Best Buy, et al.
Slashdot Mirror
How?
As far as I can tell, this particular piece of software is just designed to backup any files put in a specific directory (OT: Do symbolic links work?). It appears that it sends the entire encrypted content of these files to any/all peers you have configured.
What you suggest has potential, but I think it should be taken a step further. Basically what's needed is a RAID 5 version of this, but better. Ideally you set it up so you exchange data with about a dozen people (not total strangers, but someone you at least kinda know). Each individual encrypted small chunk is stored on at least 3 different machines. There would, of course, need to be some kinda of map as to what data is where, but this can be encrypted into the data itself somewhere.
What this doesn't account for (as WPIDalamar pointed out) is that you still need to rely on "old-school" backup for your private key and friend list (along w/their public keys).
NOTE: I haven't tried to use this software yet, so I don't know if my descriptions are accurate.
Up until about 30 second ago I did... I'm not really sure why, but I saw this question and one of the responces and figured I'd take a look at my xinetd config. Sure enough, it said user = root. The stupid thing is, I even created a user to run CVS as, I just never used it!
:)
As I insinutated above, it's not anymore
I thought RedHat forked on version 2.8? That's minor anyway as the point is it's really old :)
Do you use Oracle as the DB backend or MySQL? If it's MySQL, you may wish to look into the latest release (2.16.2) which has all user generated pages being handled by templates (the default look and feel is still what's seen on bugzilla.mozilla.org). If you're using Oracle, you'll have to wait for a while as the cross database compatibility is still being developed.
Did you hack anything other than the interface? I'd recommend upgrading if at all possible, especially if your Bugzilla install is publicly available, as there have been many security holes fixed since the 2.7/2.8 timeframe.
This is a really educational article. Thank-you, Brian, for taking the time to write it. I'm still very frightened by Palladium, but at least I don't feel threatened by TCPA :)
Slightly OT: I also thought it was really cool to see that AMI has an installation of Bugzilla. Brian, do you mind if we list you (AMI) as a company using Bugzilla?
OK, so that means that SCO will have to prove that every one who they want to collect from knew that there was a patent or copyright, wouldn't it?
I just had a hard disk crash on my linux box. Because I'm lazy and never did any backups, I lost a lost of information because of this. I decided to buy 2 disks to replace the one and when I did my reinstall I selected the option to use RAID 1 (or mirroring). It seems to be a lot faster, but I don't actually have any benchmarks to prove it.
General theories:
* RAID 0, striping will give faster read and write times, but no redundancy.
* RAID 1, mirroring will give faster read times, put write will probably be slower.
* RAID 4 gives good performace and some redundancy, but IIRC there is still a single point of failure (the parity disk)
* RAID 5 gives moderate, if any, performance increase but solves RAID 4's problem by spreading parity over all disks in the array.
Special consideritions if you're using IDE:
If you are setting RAID 0 or 1 (or both combined, yes that is possible) using IDE disks and your goal is performace increases, both disks must be on seperate IDE buses (eg, primary and secondary). If they are on the same bus as a master and a slave, then they share the same controller (the master's) and there is no performace increase (there's still redundancy if you're using RAID 1, but no performance gain). It's also advisable to not have anything be a slave on that bus (esp. slow stuff like CDROM's) otherwise it's usage will slow the hard disk down.
3D video. I don't know if it's progressing or not, but it's about the only think I can think of that will have any signifigant increase in storeage requirements (other than more pictures/music/video, of course).
As someone who's been in that position before (not of looking at porn while working, but catching someone else doing it) I'm sure other options were considered. The problem is, this bozo was looking at porn in his glass office. Had he been caught looking at porn in his cubicle with the monitor not facing the doorway or in his walled office, he may have simply been written up. But to look at blatently offensive material in plain view is too far over the top... he had to go.
In the military everything is tied to your social security number. It's on all my paperwork from the enlistment contract to the piece of paper where I agreed not to have sex w/my recruiter. They put it on the ID cards. I had to use it whenever it went to sick call. It's spray painted on the outside of my duffle bag. It's even on a chain that I'm wearing around my neck right now (aka, my dog tags).
But even out in normal civilian life, the social security number is extreamly overused. I tried to test drive a car once and the dealer wouldn't let me because I wouldn't give them my SSN.
Send to compressed folder to make a .zip file... why didn't I think of that, after all it makes so much sense!!
</sarcasm>
In my neck of the woods they showed this preview with the Lord of the Rings so I saw it about 1:30 this afternoon. The best line in the trailer was "She'll be back" near the end of it.
:) then maybe it's not something I'm gonna waste my money on... then again, there is the blonde.
Hmmm... if that's the best thing I can say about the preview (minus the blonde, of course
Just wait 'till they change the entire backend and make a seperate version that looks similar for corporations called Terminator NT 3.51... after all, consumers don't need a stable movie :)
Yahoo has actually added a "This is Spam" selection to the message list screen in the Inbox. Because I can recognize the vast majority of SPAM based on the sender/subject line combination, I normally just open my Inbox, check a bunch of boxes, select "This is Spam" (next to delete button) and hit submit. They do seem to catch quite a bit of SPAM, but a lot still slips through (I just checked my mailbox and I have 3 pieces of junkmail in my Inbox and 10 in my bulk mail folder since last night).
I agree that it would be nice to open the message in a way that at the very list disabled images though as every now and then I'm not sure that something is SPAM and I open it to check. I normally end up clicking on the "This is Spam" link in that message, though, 'cause it normally turns out to be SPAM.
Not necessarily. "Death From Above is the Army Airborne slogan and most Airborne soldiers are infantry.
I'm sorry, I must have misunderstood what counts for trolling here at slashdot. Apparently it's responding to somebody's comment and presenting facts obtained from personal experience working with a system... and all this time I thought it was posting useless and random garbage, although I can't seem to find anything out there that actually defines the moderation terms (I thought I saw something before, but can't find it now).
Well, if you really want it: 10 days. Or did you want an average? 'Cause that was the max on a Windows 2000 domain controller we had at work. On a 1GHz proccessor, 2 GB of RAM, and 100 GB of RAID drive space... not what I would classify as hardware starved. We recently reformatted it and made it a file-server only and it hasn't crashed in the two weeks since we did that. But, that brought the grand-total to 5 high-end Windows machines (we had to put in another dedicated domain controller to replace the functionality we removed) to do the job that one Novell box running on a P-II did for 2 years with an average uptime of 60 days, which was about the timeframe that we normally decided to take it down for some major change or another. I still don't understand why we ever switched.
Doh, guess I'm less than intelligent... I lost mine a few weeks ago and haven't found it again. Just when I was starting to use it again!! (it's helpful for those of us w/college classes to track what homework assignments are due when).
OK, you've got my attention. This is something I hope to do more of in the future and being that you have some expirience, I'd like to ask a couple questions...
I'm sure there's more issues I'd run accross, but this is all I can think of setting on my couch during my extended weekend away from work :)
Doh, I must have missed that detail somehow. I rarely print pages, but they few times I've tried from IE I couldn't quite get it to work the way I wanted it to (I was tring to do some from a self-generated HTML page in a VB app by embeding IE in it and it wasn't a pleasent expierence).
This "feature" of Internet Explorer is actually a huge pain in the butt. I remember a while back we were talking about giving people the ability to view the source before loading it in their browser if a Bugzilla Attachment had a <script> tag in it (can't find a bug reference, but I did come accross the first bug I ever fixed while looking... oh the nostalgia :). We were talking about just providing a link that would output the attachment as text/plain instead of text/html. Simple, except IE detected that it was still HTML code so it thought it was smarter than us and rendered the page anyway. I don't remember what we ended up doing about this, but it was an issue.
This "feature" you mention is probably also the main cause for the problems you're now expierencing. After all, why should I bother to properly configure my webserver when Microsoft's software can just use some horrible fuzzy match on the file to determine what it is?
I really don't see any problems... the only text that is hard to see (I won't say read, 'cause I can't read any of it :) is the text they put in images... hardly Mozilla's fault. And even though the font was easily big enough to be seen, hitting ^+ made it bigger (except for the stuff in images, of course).
I even went so far as to load the page in IE and didn't notice any difference.
Um... by not putting them in the local "Administrators" group? Granted, this doesn't work w/the 9x series of software from MS, but it does work on NT based systems.
Of course, who's to say that every little patch/sp/update is really tested by IT? I know I sure don't, at least not fully. I pretty much just install it on my machine, maybe install it on a few ginea pigs, and check the 'net for issues. But I suppose that's better than 100 random Joe Blow's deciding that the latest Media Play from Windows Update is a must-have.
> Microsoft beats that...
:)
That's because Microsoft is running IIS on windows so they have all the overhead of a GUI, SMB, WINS, AD, etc. and need to have more machines to get the same effect
You may wish to add a "-- Dave Barry" line... that whole "give credit where credit is due" thing :)
> Download on a known safe system*, burn to cd, install
Or do like I do and put a linux firewall w/ip masq in between your new system and the Internet. This also has the advantage of being able to use more than one computer on the same (in my case, cable) connection.*
* The results are the same using a commercially availble firewall appliance available for $100 off the shelf at Circut City/Best Buy, et al.