This is what I was complaining about earlier about Ubuntu. The kicker? Finish up with cp or dd and then walk away for an hour, or maybe a day. Try to eject the disk and only then will it finish writing. It's just absurd how even friggin Microsoft can get something so basic right but Ubuntu won't even pretend it's a problem. I mean it's not like it's just me and one other guy on slashdot who use flash drives or anything.
oflag=nocache, I think that's right for dd to disable write caching
Uh, last I checked, without WSL, Windows has no built-in equivalent of dd.
If you are not experienced enough to know what dd does, maybe you should use one of the graphical front-ends distros provide for inexperienced users; there are worse things you can do with dd than abort writing an image to a removable flash drive (like writing the image to the wrong device).
The OP said he "used to write a lot of 8GB+ file system images to 16GB SanDisk devices", which probably means there was no filesystem mounted, so your cp examples are invalid. In most cases, filesystems on removable devices will be mounted with the 'sync' option, so your cp example is also wrong.
(Your conclusion that Alexa is currently selling less than Google home, based on the single quarter of 2018Q1, may not necessarily be true, as both products saw drops of > 50% in units sold between 2017Q4 and 2018Q1)
Amazon might be able to "disrupt" industries outside the tech industry. But its track record of taking on other tech companies is dismal. I don't see this changing anytime soon.
The summary says: "The incorrect use of Diameter leads to the presence of several vulnerabilities in 4G networks"
That's like saying: "The incorrect use of HTTP (such as not requiring HTTPS, or permittting weak ciphers, or not protecting sensitive APIs from the internet with a firewall) leads to the presence of several vulnerabilities in corporate networks".
In other words, it's not that the protocol itself is vulnerable, but that misconfiguration and poorly architected deployments can result in installations that are vulnerable.
"Variable power from "green" sources (wind, solar) is useless if it can't be stored and released, or balanced by fast acting sources like natural gas or hydro power."
Are you saying Hydro (e.g. pumped storage with pumping powered by Solar) isn't "green"?
What is the emission in that scenario that wouldn't also be there for any other solution?
Two reasons: So that the ISP can't modify the page in transit to include advertisements or other unwanted elements, which Comcast has been caught doing.
You're proposing a technical solution be imposed on everyone, everywhere to fix a problem (lack of competiton allows behaviour customers don't like) with your specific market. How American of you.
(When I worked for an ISP, I was involved in implementing a solution to notify customers when they had reached a usage tier and were being throttled, but we provided them with the ability to opt out of the in-browser notifications if they had email or SMS notifications enabled. The only motivation here was to enhance the customer experience for the large majority of users who didn't know what their usage was or where to view it)
Also so that the ISP can't use the URL paths that their subscribers visit to build interest profiles on their subscribers.
My ISP is subject to local laws, and since I have a contract with them to provide services to me, I have some legal recourse. Also, if I am unhappy with my ISP, I can switch ISPs (or use different ISPs at different times by dialling another PPPoE session).
I am much more concerned about advertising networks like Google and Facebook who collect all our browsing information all the time due to the prevalence of Google analytics, adverts, and like buttons, who cannot be escaped as easily as dialling another PPPoE session.
With HTTPS, the man in the middle sees only the hostname (e.g. "tech.slashdot.org", not the path ("/comments.pl?sid=12295934&cid=56872990").
ISPs typically aren't interested in the difference. And the only reason they are typically interested in the hostname portion of the URL is to understand their customers, and how their customers experience the internet, to improve the experience. At least, in markets where the regulator has required that natural monopolies (e.g. last-mile network operator) provide wholesale services (in our case, layer-3 hand-over) to ISPs at reasonable prices to allow competition.
Wtf. This entire comment block is full of condescending assholes.
It’s down to local terminology. The US doesn’t have “local loop unbundling” like we had in the days of dial-up, where they shared infrastructure. Down to shit regulations and lobbying by the infrastructure companies. (Yes, I know, US lobbying is a crock of shit.) So the names got merged. The majority of our providers control the last mile and infrastructure thanks to shit regulations.
Our country doesn't have local-loop unbundling (I don't think it makes sense for us, it would just lead to cherry-picking of the most affluent areas leaving the incumbent as the only provider to many small towns resulting in their costs being higher etc.), but a layer-3 hand-over from the incumbent telco (for ADSL and FTTH/GPON) to ISPs. There are a number of independent FTTH providers, and most of them do layer-3 (e.g. VLANs for different providers), some layer-2 (L2TP-based) hand-over to ISPs. In fact, the retail arm of the incumbent telco offers ISP products on a number of these FTTH networks.
I am sure the FCC or FTC can require that there be competition in the ISP market (on any last-mile provider). I haven't seen anyone from the U.S. explain why this isn't technically feasible (it definitely is on ADSL/VDSL, GPON and ActiveEthernet, but maybe not on DOCSIS which I am not that familiar with). Addressing this would mean you could leave the market to resolve anything else that people wanted from Net Neutrality without artificial regulations that could hamper improvements.
No, moving is not an option. Most people don't want to pick up and move just because their ISP is being a shitstain.
You Americans seem to confuse "ISP" with "last-mile provider".
The FCC should not have wasted their time with Net Neutrality (IMHO, it is over-reach), instead they should have fixed the 'my last-mile-provider-must-be-my-ISP' issue.
In many other countries, last-mile providers with any sort of significant market share in a specific geographic are required by law to allow other ISPs to offer the same services on their network with competitive prices for their 'wholesale' offerings (IOW, similar to their retail business' input costs from the wholesale business).
I think you need a refresher on the meaning of the word 'corroborate'.
Turns out the guy who dialed 911 and was on the phone during the whole thing was making it all up, but we only know that in hindsight.
If they were talking on the phone with the 'guy' after he came out the door, without a phone visible in his hands (which they could apparently see well enough to know he didn't yet have a weapon), then they had sufficient evidence that this was a hoax call, or they shot him reaching for something, which would then logically be the phone...
"Had an armed crazy man, who already had shot one"
Did they get neighbours/witnesses to corroborate any one of these claims before shooting an unarmed man who was naturally confused by the sudden arrival of an army?
"You can't VMotion running VMs between Intel and AMD ESXi hosts. So it's not like I can just drop an AMD server into the cluster even if I wanted too."
Well, yes, you would need to create a separate cluster (managed by the same vCenter server), and shut VMs down to migrate between clusters. Oh the horror.
"So, I'm kinda stuck with staying with Intel."
If you can't afford one reboot VMs one at a time, you have bigger problems.
"In the "Deprecated Functionality" chapter, it is mentioned that Python 2 will not be shipped in the OS:"
That's because it is already deprecated upstream and will receive no upstream support after 1 Jan 2020 (https://pythonclock.org/). If RHEL8 were to ship with Python 2.7, it would be supported for about 1/10th of the OS support lifetime, which does seems unreasonable.
"If you need it in RHEL 8, you need to either get it via EPEL, another third-party repo, or compile-from-source."
No, if you're going to need Python 2.7 on RHEL8, you should be doing the work to run on Python 3 *now*. Install python3 on RHEL7 using software collections and make sure all your run on both versions (using 2to3 and six), and run RHEL7 in production until you can switch (you havr a few years left). Any other approach (e.g. investing at all in keeping python 2.7) is a poor investment of your time.
"Use CentOS, FreeNAS or any thing else free, it's another way to save licence cost."
This really depends on many factors. For example, it is cheaper to run Red Hat Virtualisation with unlimited supported RHEL VMs than VMWare (with the same featureset) with unsupported (e.g. CentOS) VMs.
(Of course, if you want no support at all, you could run oVirt on CentOS, but I know of shops spending huge amounts on VMWare and trying to save money by running unsupported Linux VMs).
"We are not suppose to install the Nvidia binary, so that hardware is 'stuck'."
I sounds much easier to just install the nvidia driver to see if that works, even if you are not "supposed to".
(The only machine I have with an nvidia card now is an old Ion chipset, but I previously ran a linux workstation with an Nvidia card, and had no stability problems with the nvidia driver.)
"The monopolists need to be regulated to avoid market harms."
Sure, but the real question is how to regulate them. You can either try and think up all the ways they can make their customers umhappy and add regulatioms preventing them from, or you can require all last-mile infrastructure owners (usually telcos) to allow other companies (usually ISPs) to offer services over the infrastructure (at the price they use as an input cost for their own retail products) , and let the market do the rest.
"Unless requested by law enforcement, at which point they will literally capture all of their traffic."
So you acknowledge that the problem here isn't the ISPs per se, like with the companies who spie on is for money (Facebook, Google "Analytics" etc.), but instead the government?
"If you're still using these 10+ year old ciphers for security, you aren't secure to begin with - your TLS client may as well tell you so outright."
Your TLS client should realise that not all equipment can be tossed just because there is some new standard out or some browser developers decided to deprecate ciphers.
They should allow users to configure policies for which destinations (IP wildcards or subnets, dns suffixes, the way proxy exclusion lists work) may use old ciphers.
I hated having to allow old ciphers for all destinations just to get into the iLO/ILOM/DRAC of a 5-year server (in some cases to upgrade thr firmware to a version with newer cipher support!).
Of course, it might be wise to allow enterprise desktop admins to set such policies for all users.
Sadly, it's probably only Microsoft browsers that have such features...
Cumulative rainfall in Cape Town for the past 3 years (2015, 2016, 2017) is below the 20th percentile of the past 40 years, see http://www.csag.uct.ac.za/curr...
As a result, the dams haven't been able to recover during the winter as they usually do, you can explore the details here: http://niwis.dws.gov.za/niwis2...
The national government (run by the ANC which is largely seen to be corrupt, including the Dept of Water and Sanitatiom which over-spends their budget and has high levels of irregulat expenditure) has however not been cooperative with the provincial government and City of Caoe Town (both run by the DA, which has been highly critical of the corruption in the ANC).
National government has built desalination plants in ANC-run cities that are less affected by the drought (e.g. Richard's Bay), but in Cape Town, the city has even had to foot the bill for the only major dam to be constructed in the Western Cape in the past 20 years (the Berg River dam).
"Because you don't need a package manager on Windows. You just download stuff and install it, and use the Control Panel to manage it from there on out."
Sure, you don't need a package manager, but without one, for each 3rd-party application you downloaded and installed: - you aren't receiving regular updates - you are spending more time than necessary checking for new versions, downloading them manually and upgrading them manually - You have another updater running in tge background to check for updates, which may require additional privileges and thus be vulnerable, see tge recent skype updater vulnerability."
"I enjoy working with Linux but the myriad inconsistent package managers have to go."
Why? They provide value, and they don't prevent other options for distributing software.
"The Mac solved the installation problem in 1984"
So that's why I have to upgrade lots of software by "brew upgrade" or "brew cask upgrade" for software that is available that way (and no indicator to show that there are updates as one gets on Linux:-(), and have other updaters (Adobe, Microsoft Office etc.) on my work Macbook? This seems like a poor solution to one aspect of software distrobution.
"and it's like the Linux guys have learned nothing from that approach."
The Mac approach (bundling all files and deps in one image) is available to developers using e.g. AppImage (https://appimage.org), which provides good tooling for creating.appimage files. A number of open-source projects use it to provide new versions, especially if they adopt new features of new versions of big frameworks (e.g. Qt).
There are other, more modern, approaches, which try and provide the advantages of traditional linux packaging but with distribution independence, such as Flatpak. A number of proprietary applications (Skype, Spotify, etc.) are available as flatpaks from flathub.org, and can be installed with the Gnome Software GUI app on most current distros, and with KDE GUI in the next releases of most distros, or using the cli tool.
Wrong. You can script setup of the entire solution, ujt the exact methods may differ (depending on how you deploy the manager, as a VM or stand-alone server, and previously also whether you installed the nodes from image or on top of RHEL (answer file or kickstart).
Key part bolded. Again, (and this is based on a very cursory viewing of the admin docs) this isn't provided by them. You have to write your own scripts and set up your own automation. That means you now have to learn to manage and use not only oVirt, but Ansible and other tools as well.
It's a bit hidden (but hinted at) in the RHV documentation (but the options are in the engine-setup --help, and it always tells you it is writing answer files). See this page which has a section on answer files.
Ansible is an additional option for shops that already have it, not required for scripting installation.
Okay, fair enough. Enterprises with elaborate VMWare setups are going to already have the resources to set something like oVirt up.
Anyone who hasn't got the resources to run a hyper-converged (IOW, software-defined storage cluster on the same hosts that run VMs, instead of expensive storage appliances that have sufficient redundancy to not be a SPOF) on either VMWare or RHEV or oVirt should probably just run in public cloud, it will probably work out cheaper for the same breadth of tooling.
oVirt has definitely improved a lot since I last looked. However, one of my biggest complains still stands. You have to configure a frightening amount by hand without any tools to automate.
Wrong. You can script setup of the entire solution, ujt the exact methods may differ (depending on how you deploy the manager, as a VM or stand-alone server, and previously also whether you installed the nodes from image or on top of RHEL (answer file or kickstart).
New in the current release are provided ansible roles for setting up varoois components (I havan't dug into this though).
Considering that it explicitly targets RHEL/Centos7 and only that, there should be no reason why there isn't a whole bunch of best practise automation mechanisms to set up key elements like hooking up the ISCSI (or NFS) backend.
Anything for setting up the manager (including as a VM on the first host) can be scripted via engine_setup or hosted_engine_setup. Anything aftet via the REST API or ansible.
It seems like oVirt is designed primarily for orgs with very deep pockets and can afford things like an extensive FC infrastructure, and large IT department with enough manpower capacity to dedicate to setting the thing up.
The primary target of the commercial versipn is to replace VMWare. But that doesn't always mean expensive (see hyper-converged).
Compare that against XenCenter, where you can almost fully admin the host itself from the GUI.
I believe in 4.x, the nodes run the new cockpit web UI, and can have their initial setup done using it.
Furthermore, and this is more a mark of maturity rather than a ding against quality, but XenServer has an HCL and best practises information available for setting things up.
I the coverage wider than the Red Hat hardware certification, which applies to RHV?
There are validated configurations acailable for a few different setups, e.g. NetApp has provided one for running RHEV on NetApp filers.
Most modern DSLRs (e.g. Canon EOS 5D IV, Canon EOS 6D II, Canon EOS 80D) have built-in WiFi now, and you can trivially send all photos from the camera to a smart phone (ideally one with support for removable micro-SD cards) where you could have encrypted storage set up. I have done this on many occasions (e.g. post a photo from my 80D to the internet while at an event).
(I am not as familiar with Nikon models, but I am sure they have some models with built-in WiFi).
Sure, it may be slightly more fiddly than being able to write directly to encrypted SD (or CF) cards on-camera, but much easier to set up as plausibly-denaible.
Of course, if your camera doesn't have WiFi support, you can do the same thing with a bit more fiddling by using a cable (or the "camera connectivity kit" if you use a phone from a vendor who artificially limits the capabilities of their products in order to extract more money from their customers), but then it may be more obvious to nefarious people what you have done with the photos you took.
Slashdot Mirror
This is what I was complaining about earlier about Ubuntu. The kicker? Finish up with cp or dd and then walk away for an hour, or maybe a day. Try to eject the disk and only then will it finish writing. It's just absurd how even friggin Microsoft can get something so basic right but Ubuntu won't even pretend it's a problem. I mean it's not like it's just me and one other guy on slashdot who use flash drives or anything.
oflag=nocache, I think that's right for dd to disable write caching
Uh, last I checked, without WSL, Windows has no built-in equivalent of dd.
If you are not experienced enough to know what dd does, maybe you should use one of the graphical front-ends distros provide for inexperienced users; there are worse things you can do with dd than abort writing an image to a removable flash drive (like writing the image to the wrong device).
The OP said he "used to write a lot of 8GB+ file system images to 16GB SanDisk devices", which probably means there was no filesystem mounted, so your cp examples are invalid. In most cases, filesystems on removable devices will be mounted with the 'sync' option, so your cp example is also wrong.
Alexa is now selling less than Google home, much less.
And using the same approach, I could claim that Google home is selling less now than in 2017Q4:
https://www.canalys.com/newsro...
(Your conclusion that Alexa is currently selling less than Google home, based on the single quarter of 2018Q1, may not necessarily be true, as both products saw drops of > 50% in units sold between 2017Q4 and 2018Q1)
Amazon might be able to "disrupt" industries outside the tech industry. But its track record of taking on other tech companies is dismal. I don't see this changing anytime soon.
You seem to be ignoring AWS ...
The summary says:
"The incorrect use of Diameter leads to the presence of several vulnerabilities in 4G networks"
That's like saying:
"The incorrect use of HTTP (such as not requiring HTTPS, or permittting weak ciphers, or not protecting sensitive APIs from the internet with a firewall) leads to the presence of several vulnerabilities in corporate networks".
In other words, it's not that the protocol itself is vulnerable, but that misconfiguration and poorly architected deployments can result in installations that are vulnerable.
Just like HTTP(S).
Concrete production is one of the most CO2 intensive activities that humans undertake. Dams take a massive amount of concrete to build.
What is the emission in that scenario that wouldn't also be there for any other solution?
So, Nuclear power stations are built using only, what, wood, with no concrete at all?
"Variable power from "green" sources (wind, solar) is useless if it can't be stored and released, or balanced by fast acting sources like natural gas or hydro power."
Are you saying Hydro (e.g. pumped storage with pumping powered by Solar) isn't "green"?
What is the emission in that scenario that wouldn't also be there for any other solution?
Two reasons: So that the ISP can't modify the page in transit to include advertisements or other unwanted elements, which Comcast has been caught doing.
You're proposing a technical solution be imposed on everyone, everywhere to fix a problem (lack of competiton allows behaviour customers don't like) with your specific market. How American of you.
(When I worked for an ISP, I was involved in implementing a solution to notify customers when they had reached a usage tier and were being throttled, but we provided them with the ability to opt out of the in-browser notifications if they had email or SMS notifications enabled. The only motivation here was to enhance the customer experience for the large majority of users who didn't know what their usage was or where to view it)
Also so that the ISP can't use the URL paths that their subscribers visit to build interest profiles on their subscribers.
My ISP is subject to local laws, and since I have a contract with them to provide services to me, I have some legal recourse. Also, if I am unhappy with my ISP, I can switch ISPs (or use different ISPs at different times by dialling another PPPoE session).
I am much more concerned about advertising networks like Google and Facebook who collect all our browsing information all the time due to the prevalence of Google analytics, adverts, and like buttons, who cannot be escaped as easily as dialling another PPPoE session.
With HTTPS, the man in the middle sees only the hostname (e.g. "tech.slashdot.org", not the path ("/comments.pl?sid=12295934&cid=56872990").
ISPs typically aren't interested in the difference. And the only reason they are typically interested in the hostname portion of the URL is to understand their customers, and how their customers experience the internet, to improve the experience. At least, in markets where the regulator has required that natural monopolies (e.g. last-mile network operator) provide wholesale services (in our case, layer-3 hand-over) to ISPs at reasonable prices to allow competition.
"Regarding Linux, Linus Torvalds' own opinion is completely irrelevant"
For the current code base, you are correct.
However, for completely new contributions, his opinion does matter.
Good luck trying to get a new feature or driver merged with a GPLv3 licence header in it ...
"Amazon said hotels will not have access to voice recordings of Alexa interactions or responses"
oh really?
the second part seems to contradict this
"recordings of Alexa commands are remotely wiped"
unless that implies that the hotel doesn't keep a copy but Amazon does.
It more likely implies that the recordings are stored on-device until the guest checks out.
Wtf. This entire comment block is full of condescending assholes.
It’s down to local terminology. The US doesn’t have “local loop unbundling” like we had in the days of dial-up, where they shared infrastructure. Down to shit regulations and lobbying by the infrastructure companies. (Yes, I know, US lobbying is a crock of shit.) So the names got merged. The majority of our providers control the last mile and infrastructure thanks to shit regulations.
Our country doesn't have local-loop unbundling (I don't think it makes sense for us, it would just lead to cherry-picking of the most affluent areas leaving the incumbent as the only provider to many small towns resulting in their costs being higher etc.), but a layer-3 hand-over from the incumbent telco (for ADSL and FTTH/GPON) to ISPs. There are a number of independent FTTH providers, and most of them do layer-3 (e.g. VLANs for different providers), some layer-2 (L2TP-based) hand-over to ISPs. In fact, the retail arm of the incumbent telco offers ISP products on a number of these FTTH networks.
I am sure the FCC or FTC can require that there be competition in the ISP market (on any last-mile provider). I haven't seen anyone from the U.S. explain why this isn't technically feasible (it definitely is on ADSL/VDSL, GPON and ActiveEthernet, but maybe not on DOCSIS which I am not that familiar with). Addressing this would mean you could leave the market to resolve anything else that people wanted from Net Neutrality without artificial regulations that could hamper improvements.
No, moving is not an option. Most people don't want to pick up and move just because their ISP is being a shitstain.
You Americans seem to confuse "ISP" with "last-mile provider".
The FCC should not have wasted their time with Net Neutrality (IMHO, it is over-reach), instead they should have fixed the 'my last-mile-provider-must-be-my-ISP' issue.
In many other countries, last-mile providers with any sort of significant market share in a specific geographic are required by law to allow other ISPs to offer the same services on their network with competitive prices for their 'wholesale' offerings (IOW, similar to their retail business' input costs from the wholesale business).
They thought they had one ON THE PHONE.
I think you need a refresher on the meaning of the word 'corroborate'.
Turns out the guy who dialed 911 and was on the phone during the whole thing was making it all up, but we only know that in hindsight.
If they were talking on the phone with the 'guy' after he came out the door, without a phone visible in his hands (which they could apparently see well enough to know he didn't yet have a weapon), then they had sufficient evidence that this was a hoax call, or they shot him reaching for something, which would then logically be the phone ...
"Had an armed crazy man, who already had shot one"
Did they get neighbours/witnesses to corroborate any one of these claims before shooting an unarmed man who was naturally confused by the sudden arrival of an army?
"You can't VMotion running VMs between Intel and AMD ESXi hosts. So it's not like I can just drop an AMD server into the cluster even if I wanted too."
Well, yes, you would need to create a separate cluster (managed by the same vCenter server), and shut VMs down to migrate between clusters. Oh the horror.
"So, I'm kinda stuck with staying with Intel."
If you can't afford one reboot VMs one at a time, you have bigger problems.
"In the "Deprecated Functionality" chapter, it is mentioned that Python 2 will not be shipped in the OS:"
That's because it is already deprecated upstream and will receive no upstream support after 1 Jan 2020 (https://pythonclock.org/). If RHEL8 were to ship with Python 2.7, it would be supported for about 1/10th of the OS support lifetime, which does seems unreasonable.
"If you need it in RHEL 8, you need to either get it via EPEL, another third-party repo, or compile-from-source."
No, if you're going to need Python 2.7 on RHEL8, you should be doing the work to run on Python 3 *now*. Install python3 on RHEL7 using software collections and make sure all your run on both versions (using 2to3 and six), and run RHEL7 in production until you can switch (you havr a few years left). Any other approach (e.g. investing at all in keeping python 2.7) is a poor investment of your time.
"Use CentOS, FreeNAS or any thing else free, it's another way to save licence cost."
This really depends on many factors. For example, it is cheaper to run Red Hat Virtualisation with unlimited supported RHEL VMs than VMWare (with the same featureset) with unsupported (e.g. CentOS) VMs.
(Of course, if you want no support at all, you could run oVirt on CentOS, but I know of shops spending huge amounts on VMWare and trying to save money by running unsupported Linux VMs).
"We are not suppose to install the Nvidia binary, so that hardware is 'stuck'."
I sounds much easier to just install the nvidia driver to see if that works, even if you are not "supposed to".
(The only machine I have with an nvidia card now is an old Ion chipset, but I previously ran a linux workstation with an Nvidia card, and had no stability problems with the nvidia driver.)
"The monopolists need to be regulated to avoid market harms."
Sure, but the real question is how to regulate them. You can either try and think up all the ways they can make their customers umhappy and add regulatioms preventing them from, or you can require all last-mile infrastructure owners (usually telcos) to allow other companies (usually ISPs) to offer services over the infrastructure (at the price they use as an input cost for their own retail products) , and let the market do the rest.
"Unless requested by law enforcement, at which point they will literally capture all of their traffic."
So you acknowledge that the problem here isn't the ISPs per se, like with the companies who spie on is for money (Facebook, Google "Analytics" etc.), but instead the government?
"If you're still using these 10+ year old ciphers for security, you aren't secure to begin with - your TLS client may as well tell you so outright."
Your TLS client should realise that not all equipment can be tossed just because there is some new standard out or some browser developers decided to deprecate ciphers.
They should allow users to configure policies for which destinations (IP wildcards or subnets, dns suffixes, the way proxy exclusion lists work) may use old ciphers.
I hated having to allow old ciphers for all destinations just to get into the iLO/ILOM/DRAC of a 5-year server (in some cases to upgrade thr firmware to a version with newer cipher support!).
Of course, it might be wise to allow enterprise desktop admins to set such policies for all users.
Sadly, it's probably only Microsoft browsers that have such features ...
Cumulative rainfall in Cape Town for the past 3 years (2015, 2016, 2017) is below the 20th percentile of the past 40 years, see http://www.csag.uct.ac.za/curr...
As a result, the dams haven't been able to recover during the winter as they usually do, you can explore the details here: http://niwis.dws.gov.za/niwis2...
The national government (run by the ANC which is largely seen to be corrupt, including the Dept of Water and Sanitatiom which over-spends their budget and has high levels of irregulat expenditure) has however not been cooperative with the provincial government and City of Caoe Town (both run by the DA, which has been highly critical of the corruption in the ANC).
National government has built desalination plants in ANC-run cities that are less affected by the drought (e.g. Richard's Bay), but in Cape Town, the city has even had to foot the bill for the only major dam to be constructed in the Western Cape in the past 20 years (the Berg River dam).
"Because you don't need a package manager on Windows. You just download stuff and install it, and use the Control Panel to manage it from there on out."
Sure, you don't need a package manager, but without one, for each 3rd-party application you downloaded and installed:
- you aren't receiving regular updates
- you are spending more time than necessary checking for new versions, downloading them manually and upgrading them manually
- You have another updater running in tge background to check for updates, which may require additional privileges and thus be vulnerable, see tge recent skype updater vulnerability."
"I enjoy working with Linux but the myriad inconsistent package managers have to go."
Why? They provide value, and they don't prevent other options for distributing software.
"The Mac solved the installation problem in 1984"
So that's why I have to upgrade lots of software by "brew upgrade" or "brew cask upgrade" for software that is available that way (and no indicator to show that there are updates as one gets on Linux :-(), and have other updaters (Adobe, Microsoft Office etc.) on my work Macbook? This seems like a poor solution to one aspect of software distrobution.
"and it's like the Linux guys have learned nothing from that approach."
The Mac approach (bundling all files and deps in one image) is available to developers using e.g. AppImage (https://appimage.org), which provides good tooling for creating .appimage files. A number of open-source projects use it to provide new versions, especially if they adopt new features of new versions of big frameworks (e.g. Qt).
There are other, more modern, approaches, which try and provide the advantages of traditional linux packaging but with distribution independence, such as Flatpak. A number of proprietary applications (Skype, Spotify, etc.) are available as flatpaks from flathub.org, and can be installed with the Gnome Software GUI app on most current distros, and with KDE GUI in the next releases of most distros, or using the cli tool.
Wrong. You can script setup of the entire solution, ujt the exact methods may differ (depending on how you deploy the manager, as a VM or stand-alone server, and previously also whether you installed the nodes from image or on top of RHEL (answer file or kickstart).
Key part bolded. Again, (and this is based on a very cursory viewing of the admin docs) this isn't provided by them. You have to write your own scripts and set up your own automation. That means you now have to learn to manage and use not only oVirt, but Ansible and other tools as well.
It's a bit hidden (but hinted at) in the RHV documentation (but the options are in the engine-setup --help, and it always tells you it is writing answer files). See this page which has a section on answer files.
Ansible is an additional option for shops that already have it, not required for scripting installation.
Okay, fair enough. Enterprises with elaborate VMWare setups are going to already have the resources to set something like oVirt up.
Anyone who hasn't got the resources to run a hyper-converged (IOW, software-defined storage cluster on the same hosts that run VMs, instead of expensive storage appliances that have sufficient redundancy to not be a SPOF) on either VMWare or RHEV or oVirt should probably just run in public cloud, it will probably work out cheaper for the same breadth of tooling.
oVirt has definitely improved a lot since I last looked. However, one of my biggest complains still stands. You have to configure a frightening amount by hand without any tools to automate.
Wrong. You can script setup of the entire solution, ujt the exact methods may differ (depending on how you deploy the manager, as a VM or stand-alone server, and previously also whether you installed the nodes from image or on top of RHEL (answer file or kickstart).
New in the current release are provided ansible roles for setting up varoois components (I havan't dug into this though).
Considering that it explicitly targets RHEL/Centos7 and only that, there should be no reason why there isn't a whole bunch of best practise automation mechanisms to set up key elements like hooking up the ISCSI (or NFS) backend.
Anything for setting up the manager (including as a VM on the first host) can be scripted via engine_setup or hosted_engine_setup. Anything aftet via the REST API or ansible.
It seems like oVirt is designed primarily for orgs with very deep pockets and can afford things like an extensive FC infrastructure, and large IT department with enough manpower capacity to dedicate to setting the thing up.
The primary target of the commercial versipn is to replace VMWare. But that doesn't always mean expensive (see hyper-converged).
Compare that against XenCenter, where you can almost fully admin the host itself from the GUI.
I believe in 4.x, the nodes run the new cockpit web UI, and can have their initial setup done using it.
Furthermore, and this is more a mark of maturity rather than a ding against quality, but XenServer has an HCL and best practises information available for setting things up.
I the coverage wider than the Red Hat hardware certification, which applies to RHV?
There are validated configurations acailable for a few different setups, e.g. NetApp has provided one for running RHEV on NetApp filers.
Most modern DSLRs (e.g. Canon EOS 5D IV, Canon EOS 6D II, Canon EOS 80D) have built-in WiFi now, and you can trivially send all photos from the camera to a smart phone (ideally one with support for removable micro-SD cards) where you could have encrypted storage set up. I have done this on many occasions (e.g. post a photo from my 80D to the internet while at an event).
(I am not as familiar with Nikon models, but I am sure they have some models with built-in WiFi).
Sure, it may be slightly more fiddly than being able to write directly to encrypted SD (or CF) cards on-camera, but much easier to set up as plausibly-denaible.
Of course, if your camera doesn't have WiFi support, you can do the same thing with a bit more fiddling by using a cable (or the "camera connectivity kit" if you use a phone from a vendor who artificially limits the capabilities of their products in order to extract more money from their customers), but then it may be more obvious to nefarious people what you have done with the photos you took.
"Paravirtualization is really only useful when the host CPU doesn't have the hardware necessary for virtualization."
That's not true. Paravirtualization can provide better performance in either case.
Only in the case where your hardware doesn't support VT-d and SR-IOV (other hardware features built for IO virtualisation).