They lost because fewer and fewer people in this country are willing to take personal responsibility and have out sourced all such things to someone else, generally some level of government. And a fair amount of religious bigotry, racism and election fraud. But mainly it's the first thing.
Now that they've gotten linked from here, they have a lot more access to gmail data than they did before. People giving MIT access to their email is no different than people giving Google access to their email. This is the problem: users extend too much trust in exchange for something sweet.
I spent a week in the headquarters of one of the vendors mentioned in these comments training on their product. What I discovered is they just can't recognize that a lot of companies are not technology companies. And those companies' IT organizations aren't in the business of standing up or rebuilding hundreds or thousands of servers per week. And those companies have mature IT organizations. And their servers are often not nicely concentrated in a handful of data centers. After about half the week had gone by and the trainer had spent a fair amount of time describing the data center of the future and we'll be getting our servers delivered a rack at a time and how storage will be all internal and we won't need our expensive SAN, I had a question. During his presentation of how we won't be restoring servers from tape, how we'll just build a new one with the config management tool, I asked at what point it was going to "build" the terabytes of data that the server that just failed contained? He was a bit nonplussed. Automatic application of configuration is easy, we don't need a third-party product for that. If systems are changing in ways that you don't expect then you have a bigger problem than can be solved by reapplying the configuration programmatically.
What I've come to suspect, is that the advocates of these tools have never learned how to do disciplined system administration. Your last comment suggests that unless a system has been subjected to Puppet, then it's some mysterious black box full of scorpions and sharp glass. If that's been your experience, then you've been doing it wrong.
I know you're going to have a bunch of responses to this but please first assume that I'm not a moron and that the organization that I'm part of isn't full of children solving childish problems. The company has over a billion dollars in the bank and you've probably never heard of us. We employ fifteen thousand people worldwide. Our IT organization is over eight hundred people, mostly developers and application support staff. The server administration group is about thirty people across DBA, unix and windows administration teams. We support over four thousand servers and ten thousand databases across our enterprise. But you bet your ass we use automation.
There is pretty much nothing you can do by hand that puppet can't also do - and often it takes just as much time to update a single puppet config file and run the puppet update process as it would be to ssh into the server and make the manual change.
Another advantage is what might go into traditional documentation is now just a puppet configuration.. Oh, fuck, this server crashed? Just roll another in 5 minutes... Who cares about the old one..
And this is the flaw in your argument. There seems to be some assumption that if it's not under control of Puppet or Chef then it's manual. This is completely untrue. Any competent admin automates their administration. I've been doing it for more than a decade.
Second it's not the host OS and host configuration that makes the servers distinct. It's the data. You can't automate ten years worth of data entry and workflow modules. I suppose it would be unfair of me to hold against you the fact that you don't know anything about my operations, but we're not an internet based company. We're doing stuff other than serving up a bunch of vanity gopro videos. We have several large data centers but we also have hundreds of offices around the world and those offices have their own IT infrastructure. Anyone can stand up a server in 10 minutes in their data center. How long will it take you to stand one up Chengdu given that your primary data centers are in the US and Europe and your network line to the remote facility is 512Kb/s?
The absurdity of the proponents of CFengine, Puppet, Chef, et. al. is that they assume no one has ever solved these problems before. What problems that I have are these products going to solve for me? The emphasis is on "problems that I have". It's not sufficient to tell me what a product does, it's whether it solves my problems.
That was a pretty poor review. Giving a summary of the table of contents isn't a review. Additionally it doesn't seem like they recognize that devops and duplicative administration don't fit with a lot of data processing models. There are many organizations that have servers that have a distinct purpose and it doesn't make sense to envision them as just another clone system in "the cloud".
I would hope you'd perform a more comprehensive analysis and note that not only does iOS present you with fewer targets to develop for, the iTunes App store also results in greater revenue even though it represents a smaller portion of the market.
The argument presented doesn't seem to actually grasp the point of the comparisons. On one hand you may be interested in market share. But when Apple presents the issue at WWDC they're not talking about market share. They are talking about what the actual platforms in use are and which ones are going to present the best area for developers to target. Three different versions of android are going to present three different APIs that app developers are going to have to deal with. On the iOS side you can target iOS 6 and know that you're be hitting almost the entire market segment.
Who said anything about being ignorant? Not me. Going back to my own ridiculous example, everyone knows about x-rays but no one expects to have their house x-rayed and thus we don't live in lead lined homes. The fact that people aren't taking measures to counter every possible information leakage from their life doesn't mean that they consent to that information being gathered, scrutinized or disseminated. Your argument seems to be that anything we don't actively defend against, we consent to. That is absurd.
I can't think of any accepted morality that says it's O.K. to put poison in people's food since a) they know that poison exists and, b) if they didn't want to be poisoned they'd test every thing they put in their mouth. Or feel free to drink and drive because a) we know assholes drink and drive and, b) if we didn't want to be in an accident caused by a drunk we'd not go anywhere a drunk could take a car. The list goes on and on and only a total jerk would argue that the onus lies on the people affected by anti-social behavior rather than on the sociopath engaging in the behavior.
This is going to be a bit inflammatory, but your question and analogy are stupid. Humans have a handful of senses to take in information about the world and those senses have fairly narrow ranges in which they function. Exposing information in those ranges can readily be considered a giving up your privacy. But outside of those ranges it's not honest to say that someone is yielding their rights. Unless of course you have no problem with someone, say the government, driving a huge sheet of film up on one side of your house and a hug x-ray emitter on the other and taking an x-ray of your entire home.
What I wonder is why it's considered impressive that they take an off the shelf SoC, design a circuit board for it and then act like they are a two year old who just made a poo.
Cryptography is more than the algorithms. If you can't understand that I can't help you. Same goes for your inability to comprehend the term idiomatic.
I said crypto as in the idiomatic form of the word cryptography. I didn't say "crypto algorithm." I can understand the difference, it's a pity you cannot.
And even in this scenario it may be useful to limit access in this fashion, as just like the number of people who can understand your source code is vastly smaller than the total population of the Earth, the number of people who can understand your object code is even more restricted.
No, secrets are the very definition of obscure. I understand the principle that your algorithm shouldn't rely on being unknown. But I get tired of mindless droning of "blah blah blah security through obscurity blah blah blah" like it's some great wisdom every single time any security topic comes up. It is apparent that they have never actually been involved any real world implementation of a secure system or network.
The idea that your processes and procedures should stand up to scrutiny is completely valid. However, you will never come across any secure installation that publicly publishes the complete details of their security stance. Even though their technologies are well understood and studied they aren't going to tell you what hardware they have in place, what cryptographic algorithms are in use, how their networks are built or how their systems are deployed. Because keeping information about your practices obscure means that an attacker is more likely to be tripped up and detected, they are going to be slowed down because they have to map out your systems and the actions they have to take to do that discovery will provide more opportunities to catch them. My mocking examples in my prior post are merely the principle rendered to the absurd.
Basically what I'm trying to say is that obscurity has a very valid place in any security plan.
Obfuscation pretty much never has a place in security.
Unless "pretty much never has a place in security" actually means "has a critical place in security", please tell me your usernames, passwords, crypto keys, host addresses, VPN token parameters, etc. Also your bank account numbers as well as your bank routing number.
You seem to be claiming that I am claiming that no one will create anything unless patents are perpetual. I'm not making that claim at all. I'm also not making that claim that without patents no one would create anything. I am making the claim that patents expand product availability and new product creation. Outside of a tiny number of fabulously wealthy philanthropists, no one will spend a billion dollars and a decade of time developing a life saving medication if they cannot expect to receive a corresponding return on that investment.
Secondly, I suspect that people who hold patents and copyrights would love to pay a tax on their assets as long as the government then provided services for those assets. Contrast how currently if someone steals your patent you have to sue them with someone stealing your bicycle you call the police.
The alternative to the patent system isn't everything becomes public domain. It's no one tells anyone else what they've discovered. Which is better do you think: a) you need an anti-biotic and you can go to your doctor in your town and get a bottle of penicillin, or b) you need an anti-biotic and you have to travel half way around the world where you are escorted alone into a room where you are fed a pill and then you sit there for two hours while the pill dissolves into your system then you are let leave. If you happen to be unable to afford the travel or any of the other costs you just get to die instead.
The patent system has delivered enormous amounts of social value and allows the middle and lower class access to things that would otherwise be restricted to the wealthiest individuals.
What propaganda? That research is expensive? If your itch costs a billion dollars to scratch, you need a billion dollars to scratch it regardless of how necessary you feel it is to scratch.
Yeah, let us discourage the creative people who have lots of ideas and are covering new ground from advancing the state of the art and bringing new products, medicines and technologies to society.
The more fundamental problem was NASDAQs inability to carry the trades so that people who were interested in trading FB stock were entirely unable to receive market indicators of the value of the stock nor were they able to modify trades. It's known that trades were cancelled shortly after FB began trading yet due to the exchanges issues the trades were settled hours later regardless of the cancellation.
Slashdot Mirror
They lost because fewer and fewer people in this country are willing to take personal responsibility and have out sourced all such things to someone else, generally some level of government. And a fair amount of religious bigotry, racism and election fraud. But mainly it's the first thing.
Now that they've gotten linked from here, they have a lot more access to gmail data than they did before. People giving MIT access to their email is no different than people giving Google access to their email. This is the problem: users extend too much trust in exchange for something sweet.
Exactly. Wtf does "still, beating hearts" even mean? Are they still? Or are they beating?
(THB it seems like this kid writes by taking phrases he's heard from other people and chains them together without actually reading the words.)
I spent a week in the headquarters of one of the vendors mentioned in these comments training on their product. What I discovered is they just can't recognize that a lot of companies are not technology companies. And those companies' IT organizations aren't in the business of standing up or rebuilding hundreds or thousands of servers per week. And those companies have mature IT organizations. And their servers are often not nicely concentrated in a handful of data centers. After about half the week had gone by and the trainer had spent a fair amount of time describing the data center of the future and we'll be getting our servers delivered a rack at a time and how storage will be all internal and we won't need our expensive SAN, I had a question. During his presentation of how we won't be restoring servers from tape, how we'll just build a new one with the config management tool, I asked at what point it was going to "build" the terabytes of data that the server that just failed contained? He was a bit nonplussed. Automatic application of configuration is easy, we don't need a third-party product for that. If systems are changing in ways that you don't expect then you have a bigger problem than can be solved by reapplying the configuration programmatically.
What I've come to suspect, is that the advocates of these tools have never learned how to do disciplined system administration. Your last comment suggests that unless a system has been subjected to Puppet, then it's some mysterious black box full of scorpions and sharp glass. If that's been your experience, then you've been doing it wrong.
I know you're going to have a bunch of responses to this but please first assume that I'm not a moron and that the organization that I'm part of isn't full of children solving childish problems. The company has over a billion dollars in the bank and you've probably never heard of us. We employ fifteen thousand people worldwide. Our IT organization is over eight hundred people, mostly developers and application support staff. The server administration group is about thirty people across DBA, unix and windows administration teams. We support over four thousand servers and ten thousand databases across our enterprise. But you bet your ass we use automation.
And this is the flaw in your argument. There seems to be some assumption that if it's not under control of Puppet or Chef then it's manual. This is completely untrue. Any competent admin automates their administration. I've been doing it for more than a decade.
Second it's not the host OS and host configuration that makes the servers distinct. It's the data. You can't automate ten years worth of data entry and workflow modules. I suppose it would be unfair of me to hold against you the fact that you don't know anything about my operations, but we're not an internet based company. We're doing stuff other than serving up a bunch of vanity gopro videos. We have several large data centers but we also have hundreds of offices around the world and those offices have their own IT infrastructure. Anyone can stand up a server in 10 minutes in their data center. How long will it take you to stand one up Chengdu given that your primary data centers are in the US and Europe and your network line to the remote facility is 512Kb/s?
The absurdity of the proponents of CFengine, Puppet, Chef, et. al. is that they assume no one has ever solved these problems before. What problems that I have are these products going to solve for me? The emphasis is on "problems that I have". It's not sufficient to tell me what a product does, it's whether it solves my problems.
That was a pretty poor review. Giving a summary of the table of contents isn't a review. Additionally it doesn't seem like they recognize that devops and duplicative administration don't fit with a lot of data processing models. There are many organizations that have servers that have a distinct purpose and it doesn't make sense to envision them as just another clone system in "the cloud".
I would hope you'd perform a more comprehensive analysis and note that not only does iOS present you with fewer targets to develop for, the iTunes App store also results in greater revenue even though it represents a smaller portion of the market.
The argument presented doesn't seem to actually grasp the point of the comparisons. On one hand you may be interested in market share. But when Apple presents the issue at WWDC they're not talking about market share. They are talking about what the actual platforms in use are and which ones are going to present the best area for developers to target. Three different versions of android are going to present three different APIs that app developers are going to have to deal with. On the iOS side you can target iOS 6 and know that you're be hitting almost the entire market segment.
Who said anything about being ignorant? Not me. Going back to my own ridiculous example, everyone knows about x-rays but no one expects to have their house x-rayed and thus we don't live in lead lined homes. The fact that people aren't taking measures to counter every possible information leakage from their life doesn't mean that they consent to that information being gathered, scrutinized or disseminated. Your argument seems to be that anything we don't actively defend against, we consent to. That is absurd.
I can't think of any accepted morality that says it's O.K. to put poison in people's food since a) they know that poison exists and, b) if they didn't want to be poisoned they'd test every thing they put in their mouth. Or feel free to drink and drive because a) we know assholes drink and drive and, b) if we didn't want to be in an accident caused by a drunk we'd not go anywhere a drunk could take a car. The list goes on and on and only a total jerk would argue that the onus lies on the people affected by anti-social behavior rather than on the sociopath engaging in the behavior.
This is going to be a bit inflammatory, but your question and analogy are stupid. Humans have a handful of senses to take in information about the world and those senses have fairly narrow ranges in which they function. Exposing information in those ranges can readily be considered a giving up your privacy. But outside of those ranges it's not honest to say that someone is yielding their rights. Unless of course you have no problem with someone, say the government, driving a huge sheet of film up on one side of your house and a hug x-ray emitter on the other and taking an x-ray of your entire home.
Or you could just install tor on your laptop? What does the added complexity of using a weak arm based linux box to proxy for you bring?
Additionally what's the use case for this? Where are you plugging in ethernet so your rapi can be your access point?
What I wonder is why it's considered impressive that they take an off the shelf SoC, design a circuit board for it and then act like they are a two year old who just made a poo.
Cryptography is more than the algorithms. If you can't understand that I can't help you. Same goes for your inability to comprehend the term idiomatic.
I said crypto as in the idiomatic form of the word cryptography. I didn't say "crypto algorithm." I can understand the difference, it's a pity you cannot.
And even in this scenario it may be useful to limit access in this fashion, as just like the number of people who can understand your source code is vastly smaller than the total population of the Earth, the number of people who can understand your object code is even more restricted.
No, secrets are the very definition of obscure. I understand the principle that your algorithm shouldn't rely on being unknown. But I get tired of mindless droning of "blah blah blah security through obscurity blah blah blah" like it's some great wisdom every single time any security topic comes up. It is apparent that they have never actually been involved any real world implementation of a secure system or network.
The idea that your processes and procedures should stand up to scrutiny is completely valid. However, you will never come across any secure installation that publicly publishes the complete details of their security stance. Even though their technologies are well understood and studied they aren't going to tell you what hardware they have in place, what cryptographic algorithms are in use, how their networks are built or how their systems are deployed. Because keeping information about your practices obscure means that an attacker is more likely to be tripped up and detected, they are going to be slowed down because they have to map out your systems and the actions they have to take to do that discovery will provide more opportunities to catch them. My mocking examples in my prior post are merely the principle rendered to the absurd.
Basically what I'm trying to say is that obscurity has a very valid place in any security plan.
Unless "pretty much never has a place in security" actually means "has a critical place in security", please tell me your usernames, passwords, crypto keys, host addresses, VPN token parameters, etc. Also your bank account numbers as well as your bank routing number.
Secrets == obfuscation. Crypto == obfuscation.
A strange way to conclude your remarks since both of your links documented/described fraud by EBT cardholders.
How about Massachusetts? Or Louis Cuff? Or the octomom? Or these two?
You seem to be claiming that I am claiming that no one will create anything unless patents are perpetual. I'm not making that claim at all. I'm also not making that claim that without patents no one would create anything. I am making the claim that patents expand product availability and new product creation. Outside of a tiny number of fabulously wealthy philanthropists, no one will spend a billion dollars and a decade of time developing a life saving medication if they cannot expect to receive a corresponding return on that investment.
Secondly, I suspect that people who hold patents and copyrights would love to pay a tax on their assets as long as the government then provided services for those assets. Contrast how currently if someone steals your patent you have to sue them with someone stealing your bicycle you call the police.
The alternative to the patent system isn't everything becomes public domain. It's no one tells anyone else what they've discovered. Which is better do you think: a) you need an anti-biotic and you can go to your doctor in your town and get a bottle of penicillin, or b) you need an anti-biotic and you have to travel half way around the world where you are escorted alone into a room where you are fed a pill and then you sit there for two hours while the pill dissolves into your system then you are let leave. If you happen to be unable to afford the travel or any of the other costs you just get to die instead.
The patent system has delivered enormous amounts of social value and allows the middle and lower class access to things that would otherwise be restricted to the wealthiest individuals.
What propaganda? That research is expensive? If your itch costs a billion dollars to scratch, you need a billion dollars to scratch it regardless of how necessary you feel it is to scratch.
Yeah, let us discourage the creative people who have lots of ideas and are covering new ground from advancing the state of the art and bringing new products, medicines and technologies to society.
Frankly, if you don't know the difference between needs and wants you've got bigger problems than which OS your computer is running.
free != accessible.
The more fundamental problem was NASDAQs inability to carry the trades so that people who were interested in trading FB stock were entirely unable to receive market indicators of the value of the stock nor were they able to modify trades. It's known that trades were cancelled shortly after FB began trading yet due to the exchanges issues the trades were settled hours later regardless of the cancellation.