It's not a massive leak for Red Hat. The people that are going crazy about the BitTorrent downloads weren't going to pay for a full RHN subscription anyway.
Hi. Last week I paid for a RHN subscription so that I could download the RHL 9 ISOs today. With RHN, I was getting 5-10k/s initially, until they started repeatedly timing out and eventually stopped allowing me to connect at all.
So I tried BitTorrent. Right now I'm getting 120k/s, although it averages about 90k/s.
So, I am the kind of user that is happy to pay for a service (in this case "priority access") and indeed I put my money where my mouth is. Red Hat did not deliver. I turned to BitTorrent. It delivered. And wow, it didn't cost me anything.
To Red Hat's credit, they are working on it. They've added more bandwidth now (so say the folks on #redhat) and will add more later tonight. I'm getting 25k/s from RHN now (although it was 35k/s when I started 15 minutes ago). I'm leaving my BT download going because I'm still getting 3 times the bandwidth compared to RHN.
Cut the knee-jerk reactions man. Re-read what I posted, not what you posted. If you'd like someone else to say it to you, someone else has already replied to you.
These aren't knee-jerk reactions. These are reactions after having read the various announcements and combing through RedHat's material. Yes it's possible I've misread or misinterpreted, but after inspecting RHES product matrix my conclusions were not unreasonable.
BTW, the flagship product is not the downloadable ISO versions, nor the $39.99 version. If it were, they'd most likely go out of business.
Completely not arguing with that.
You say you run a business?
No, I didn't say that.
RedHat has to pay for _everything_ they do to make that software that you don't want to pay for to get their work done. And what's funny is in the end, both of you expect to have made a profit!;)
Again, not arguing. I'm not annoyed because RedHat is charging money. I'm happy to pay for the services I require, which, specifically is errata updates for the life cycle of the servers I have deployed. I am constrained by a budget however. $2200 CAD per year for 4 servers for what I need (security and major bug fixes) strikes me as over-priced. If, as another poster has said, I can get by on a basic RHN subscription of $60/year/server, then that's much more in line with my cost expectations and budget constraints.
What I specifically am annoyed at RedHat for doing is releasing RedHat 8.0, giving just enough time for admins to deploy RH8 installations (whether or not these admins made bad decisions by deploying a point-Oh release is beside the point), and then announcing that they'll no longer be supporting the distribution past December 31, 2003 and instead encouraging these users to install their RHAS line. Now these admins (and me) have RH8 deployments that will no longer have errata updates. I'm happy to pay for RHLE ES, but boy do I really wish they'd have announced this before I went and deployed an RH 8.0 server.
RedHat also doesn't seem to be offering SLAs for extended errata for their existing "community enthusiast" distributions. I also have some RHL 7.x servers that will be discontinued soon. I'd rather pay RedHat for extended errata support so that I can upgrade those servers when I want to, rather than when they tell me to.
After you make that decision, you can either download the official updates manually yourself, or pay for greater convenience:
Are binary updates available for RHEL outside of RHN? I thougth only SRPMS were available without an RHN subscription. Still, $350 one time cost and $60 for each additional year per server is considerably more realistic. I'd be happy to pay that.
Why is this so confusing? Am I am idiot or are RedHat's pages poorly laid out and their options poorly explained?
You'll just have to update every year instead of every five unless you are going to get updated rpms from somwhere else.
So let me recap what you're saying:
Pay $350 per year per server, which for my 4 RH server setup (and we're a small, poor university) will cost me $1400 USD or $2200 CAD per year. This is so that I can patch my servers with security and major bug fixes.
Reinstall RHL's mainline distro every year on four servers.
Are you serious? Is RedHat serious? I've got to be missing something.
increase the number of Installed System, then Customer will purchase from Red Hat additional Services for each additional Installed System. During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement.
(Emphasis mine.)
So the answer is, it is X dollars ($1500, $800, 350, $180, whichever product / service level you want) per year, per system. That may be competitive if you want or need business hours or 24-hour phone support, all the fancy certifications and other features you get with RHEL, but if you just want access to binary erratas for a 3-5 year product life span, that's not realistic pricing, IMHO.
The product life span is 5 years, but you have to pay the $1500 or $800 or $350 (depending on what you bought) per year per server to keep your subscription active.
4. REPORTING AND AUDIT. If Customer wishes to increase the number of Installed System, then Customer will purchase from Red Hat additional Services for each additional Installed System. During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement.
Can RedHat enforce this considering the software they're selling me is under open source licenses?
If so, then it seems that the costs are per year, per server. For RHL ES, at $350/year/server, my modest 4 server shop would cost me $1400 USD/year, or over $2200 CAD/year. I just don't have the budget for this.
Really, all I want is access to errata. I don't need phone support, or email support, or any fancy RHN monitoring. Just let me download errata binaries so I can upgrade my servers and I'm happy. I'm willing to pay for that, but not to the tune of $2200 a year. There doesn't seem to be such a solution offered by RedHat.
You know, there's something to be said for allowing users some degree of freedom. It's quite easy to cut off all kinds of access, but networks that have users with a wide variety of needs and interests and who can generally trust their users shouldn't do so.
A nice sentiment from someone who is obviously not a sysadmin of any non-trivial setup, or from someone who is fortunate enough not to be overworked and have plenty of time to do one's job.
The problems with giving users free reign on public/lab systems are several. The biggest one is that letting users install whatever they want can leave behind god-knows-what, like spyware or trojans. Also, it's easily possible for installing a piece of software to break another, more important piece of software. When that happens, since I'm the admin, it's my job to fix it. Of course since I have so much free time and generally do nothing all day except post on slashdot, this isn't a problem, right?
Another issue is licensing, and that's something most users, even ones competent enough to install software, don't take into consideration. They install their copy of Corel Office on the public/lab system because that's what they used at home to do their presentation or document, and suddenly there are legal implications to the organization servicing that computer.
If it's your computer, that's an entirely different story. For example, Microsoft has no business mandating what can and can't be installed on your computer. But if the system is an asset of my organization under my administrative control, you better believe I'm going to lock it down. My job is to make it very easy for users to do authorized tasks, such as web browsing or word processing, and very difficult for users to do unauthorized tasks, like installing foreign software, or accessing/deleting data that's not their own.
Jason.
Extremely impressive feature list
on
KDE 3.1 Released
·
· Score: 2, Interesting
I usually try KDE every new release, and after some time, I wind up going back to GNOME. I'm just more comfortable with GNOME. I can't explain it.
But these KDE releases are knocking the socks off those little GNOME feet with features. Some things that caught my eye, in order of coolness: kio_fish, VNC integration, and a file selector dialog that doesn't suck.
It's very impressive, and it's terribly exciting to see this rate of polish being added to these big projects. Congrats to the KDE team for another (hopefully solid) release.
I just installed mplayer 0.90pre3. (I did compile from source, however.)
After unpacking the Quicktime 6 DLLs into/usr/lib/win32, Quicktime Sorensen videos just worked. Very nice.
But I noticed that as I resized the window, it maintained the aspect ratio. I'm not sure when mplayer introduced this, but it's a very welcome. And it addresses at least one of jwz's complaints.
It'd be very nice to see an Mplayer RPM that included all the codecs. Are there any legal issues with that?
BTW 1.0.x is the stable release, 1.x is the developmental release.
No, 1.x are stable releases. Development releases are denoted by "nightly build," "alpha," "beta," or "release candidate." Mozilla does not follow the same versioning scheme as the Linux kernel, if that's what you're thinking.
I'm seeing a lot of posts in this thread basically saying "I use lots of different computers and I can access PINE anywhere -- who needs web mail?"
The problem is with security. There are two ubiquitous tools on almost any computer: a telnet client, and a web browser. In fact, computers rarely have ssh clients installed. So if you want to access PINE remotely, you must telnet in, and I don't need to explain why that's bad.
Alternatively, web mail can be setup with https, and I'd be much more comfortable checking my email when I visit my friend in Europe (for instance) via https, rather than telnet. Of course, _any_ option is a security risk when you're using a public terminal (in a library of internet cafe, say), but if you trust the computer you're using, webmail via https is safer than pine via telnet. And it's easier than installing putty on every computer you want to check email from.
Right now all a subscription gives you is ad-free pages. But, honestly, yes, I think for most people who have paid, myself included, the main motivation is some form of loyalty and desire to help out.
Slashdot definitely has its annoying faults, but there isn't a single website I spend more time on than Slashdot. Sometimes I find myself reloading the front page only a minute after I last viewed it. I am probably the kind of user Slashdot normally hates (frequent reloader), so I am only too happy to pay my share. I'd rather lose $50 than Slashdot, even with all its faults.:)
This is almost true, unfortunately I must ammend 2) and 4):
1) Users are pure evil. (Given.) 2) Civilization is made up of users and computer professionals. (Assumption) 3) Computer professionals are responsible for the collapse of civilization. (Given.) 4) Computer professionals will therefore destroy all evil and take themselves out in the process. (Conclusion.)
A - Canadian or American dollars is irrelevant. The ratio is the same. Presumably the difference we are seeing is strictly cost-of-living related.
B - Galaxy Cinemas is a first-run theater. Our particular complex is brand new, and the sound and picture quality, screen size, and seating arrangements (stadium style) are all first rate. Anyway, $7 is on weekdays or matinees. Fri-Sun the price is $9.50, but I don't often go those days anymore. So, for my viewing habits, the theatre vs. DVD difference is $6.99 vs. $5.50.
Sorry, here is some data to back up my rental prices:
At Roger's, I am paying $5.20 for a new release on DVD, which after tax (15% in Ontario) is $5.98. Hmm, that seems a bit higher than I thought (I thought it was closer to $5.50), so maybe we only pay the 7% GST. I could be wrong. Either way, it's not less than $5.50.
Sorry, I'm not able to find prices on BlockBuster's website. It's not much different than Roger's though.
You're either very much out of touch with what things cost, or more likely just bending the numbers to support your point of view.
His figures aren't that off. It depends where you live. I live in a small city in Canada. On cheap night, the cost of a movie is $7.00. If I go to Rogers or Blockbuster and rent a new release on DVD, I am paying about $5.50. That difference isn't enough to stop me from going to the movies on price alone.
Agreeing with a point another poster made, I go to the movies for the impressively large screen. That, and also the Moosetracks icecream.:D
So far as I can tell from the prefetching FAQ, there's nothing built into this to keep it from, say, prefetching banner ads, which are very typically hosted on a different server than 'real' web content. Thus, the designer of a web page can force your browser to download ads for his benefit and without any cost to him.
This isn't an inherent problem with prefetching. You can do this with regular HTML now. Consider:
<img src="bigbaduglybanner.gif" width=0 height=0>
Or, you might use CSS and set display:none (although I'm not sure if the browser will fetch the image in that case, but some might). Or, if you want to cause the client to load an html, use an iframe also with 0x0 dimensions. You can see there are ways to do exactly what you're worried about right now, in all browsers, without prefetching.
I have set this up for use on one of our production servers. I haven't actually deployed the new box yet, but I have had a chance to play with vserver.
The concept is very nice, and in fact the implementation is also quite good. The biggest problem with vservers is the increased administrative overhead. This is of course to be expected, but in some cases it does require you to punch holes in your vservers. For example, I have qmail in a separate vserver, which uses a different/home than the shells vserver. But I have qmail patched to use SMTP AUTH (with TLS of course), but for that to work I must share the passwd and shadow files from the shells vserver. Also, shells users will want access to their.procmailrc and.qmail, so I must mount the qmail vserver/home somewhere so they can access it. You can see that a typical production environment requires several relationships between vservers, which not only increases complexity but decreases security.
Still, the advantages are worth it. Unification (using hardlinks across vservers) is cool. vrpm lets you upgrade/install RPMs on all or selected vservers and lets you unify them after. Unfortunately there's no automated tool to non-RPM files, but that's not too hard to write.
Of course the kernel protection offered in vservers is another big plus that an ordinary chroot won't offer. Processes within vservers don't see each other, and/proc is severely reduced. Users (including root) are bound by capabilities, so for instance you could prevent even root from opening raw sockets.
If you're truly a web developer, you ought to be using Mozilla. Mozilla has, hands down, the best debugging tools available, including an actually useful Javascript console (trying to find JS errors in any non-trivial web app in IE is frustrating at best, virtually impossible at worst), Venkman, an excellent Javascript debugger AND profiler, and the remarkably useful DOM Inspector.
IE is a good browser, but as a web developer for web development, shame on you for not using Mozilla.:)
Slashdot Mirror
I have a 15GB ring buffer setup with MythTV, which gives me 10 hour replay ability. :)
Jason.
Hi. Last week I paid for a RHN subscription so that I could download the RHL 9 ISOs today. With RHN, I was getting 5-10k/s initially, until they started repeatedly timing out and eventually stopped allowing me to connect at all.
So I tried BitTorrent. Right now I'm getting 120k/s, although it averages about 90k/s.
So, I am the kind of user that is happy to pay for a service (in this case "priority access") and indeed I put my money where my mouth is. Red Hat did not deliver. I turned to BitTorrent. It delivered. And wow, it didn't cost me anything.
To Red Hat's credit, they are working on it. They've added more bandwidth now (so say the folks on #redhat) and will add more later tonight. I'm getting 25k/s from RHN now (although it was 35k/s when I started 15 minutes ago). I'm leaving my BT download going because I'm still getting 3 times the bandwidth compared to RHN.
Jason.
Haveing a lo salshdot userid is hardlee indickitave of anee digry of inteligunse.
Jason.
These aren't knee-jerk reactions. These are reactions after having read the various announcements and combing through RedHat's material. Yes it's possible I've misread or misinterpreted, but after inspecting RHES product matrix my conclusions were not unreasonable.
BTW, the flagship product is not the downloadable ISO versions, nor the $39.99 version. If it were, they'd most likely go out of business.
Completely not arguing with that.
You say you run a business?
No, I didn't say that.
RedHat has to pay for _everything_ they do to make that software that you don't want to pay for to get their work done. And what's funny is in the end, both of you expect to have made a profit! ;)
Again, not arguing. I'm not annoyed because RedHat is charging money. I'm happy to pay for the services I require, which, specifically is errata updates for the life cycle of the servers I have deployed. I am constrained by a budget however. $2200 CAD per year for 4 servers for what I need (security and major bug fixes) strikes me as over-priced. If, as another poster has said, I can get by on a basic RHN subscription of $60/year/server, then that's much more in line with my cost expectations and budget constraints.
What I specifically am annoyed at RedHat for doing is releasing RedHat 8.0, giving just enough time for admins to deploy RH8 installations (whether or not these admins made bad decisions by deploying a point-Oh release is beside the point), and then announcing that they'll no longer be supporting the distribution past December 31, 2003 and instead encouraging these users to install their RHAS line. Now these admins (and me) have RH8 deployments that will no longer have errata updates. I'm happy to pay for RHLE ES, but boy do I really wish they'd have announced this before I went and deployed an RH 8.0 server.
RedHat also doesn't seem to be offering SLAs for extended errata for their existing "community enthusiast" distributions. I also have some RHL 7.x servers that will be discontinued soon. I'd rather pay RedHat for extended errata support so that I can upgrade those servers when I want to, rather than when they tell me to.
Jason.
Are binary updates available for RHEL outside of RHN? I thougth only SRPMS were available without an RHN subscription. Still, $350 one time cost and $60 for each additional year per server is considerably more realistic. I'd be happy to pay that.
Why is this so confusing? Am I am idiot or are RedHat's pages poorly laid out and their options poorly explained?
Jason.
So let me recap what you're saying:
Are you serious? Is RedHat serious? I've got to be missing something.
From RedHat's License Page:
- 4. REPORTING AND AUDIT. If Customer wishes to
- increase the number of Installed System, then Customer will purchase from Red Hat additional Services for each additional Installed System. During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement.
(Emphasis mine.)So the answer is, it is X dollars ($1500, $800, 350, $180, whichever product / service level you want) per year, per system. That may be competitive if you want or need business hours or 24-hour phone support, all the fancy certifications and other features you get with RHEL, but if you just want access to binary erratas for a 3-5 year product life span, that's not realistic pricing, IMHO.
Jason.
The product life span is 5 years, but you have to pay the $1500 or $800 or $350 (depending on what you bought) per year per server to keep your subscription active.
Jason.
Can RedHat enforce this considering the software they're selling me is under open source licenses?
If so, then it seems that the costs are per year, per server. For RHL ES, at $350/year/server, my modest 4 server shop would cost me $1400 USD/year, or over $2200 CAD/year. I just don't have the budget for this.
Really, all I want is access to errata. I don't need phone support, or email support, or any fancy RHN monitoring. Just let me download errata binaries so I can upgrade my servers and I'm happy. I'm willing to pay for that, but not to the tune of $2200 a year. There doesn't seem to be such a solution offered by RedHat.
Jason.
A nice sentiment from someone who is obviously not a sysadmin of any non-trivial setup, or from someone who is fortunate enough not to be overworked and have plenty of time to do one's job.
The problems with giving users free reign on public/lab systems are several. The biggest one is that letting users install whatever they want can leave behind god-knows-what, like spyware or trojans. Also, it's easily possible for installing a piece of software to break another, more important piece of software. When that happens, since I'm the admin, it's my job to fix it. Of course since I have so much free time and generally do nothing all day except post on slashdot, this isn't a problem, right?
Another issue is licensing, and that's something most users, even ones competent enough to install software, don't take into consideration. They install their copy of Corel Office on the public/lab system because that's what they used at home to do their presentation or document, and suddenly there are legal implications to the organization servicing that computer.
If it's your computer, that's an entirely different story. For example, Microsoft has no business mandating what can and can't be installed on your computer. But if the system is an asset of my organization under my administrative control, you better believe I'm going to lock it down. My job is to make it very easy for users to do authorized tasks, such as web browsing or word processing, and very difficult for users to do unauthorized tasks, like installing foreign software, or accessing/deleting data that's not their own.
Jason.
I usually try KDE every new release, and after some time, I wind up going back to GNOME. I'm just more comfortable with GNOME. I can't explain it.
But these KDE releases are knocking the socks off those little GNOME feet with features. Some things that caught my eye, in order of coolness: kio_fish, VNC integration, and a file selector dialog that doesn't suck.
It's very impressive, and it's terribly exciting to see this rate of polish being added to these big projects. Congrats to the KDE team for another (hopefully solid) release.
Jason.
I just installed mplayer 0.90pre3. (I did compile from source, however.)
/usr/lib/win32, Quicktime Sorensen videos just worked. Very nice.
After unpacking the Quicktime 6 DLLs into
But I noticed that as I resized the window, it maintained the aspect ratio. I'm not sure when mplayer introduced this, but it's a very welcome. And it addresses at least one of jwz's complaints.
It'd be very nice to see an Mplayer RPM that included all the codecs. Are there any legal issues with that?
Jason.
No, 1.x are stable releases. Development releases are denoted by "nightly build," "alpha," "beta," or "release candidate." Mozilla does not follow the same versioning scheme as the Linux kernel, if that's what you're thinking.
Jason.
No, it means we can justify using not using A if B is less buggy (assuming that by not choosing A we are choosing B).
Jason.
How about being stalked by the slashdot community.
Jason.
I'm seeing a lot of posts in this thread basically saying "I use lots of different computers and I can access PINE anywhere -- who needs web mail?"
The problem is with security. There are two ubiquitous tools on almost any computer: a telnet client, and a web browser. In fact, computers rarely have ssh clients installed. So if you want to access PINE remotely, you must telnet in, and I don't need to explain why that's bad.
Alternatively, web mail can be setup with https, and I'd be much more comfortable checking my email when I visit my friend in Europe (for instance) via https, rather than telnet. Of course, _any_ option is a security risk when you're using a public terminal (in a library of internet cafe, say), but if you trust the computer you're using, webmail via https is safer than pine via telnet. And it's easier than installing putty on every computer you want to check email from.
Jason.
Right now all a subscription gives you is ad-free pages. But, honestly, yes, I think for most people who have paid, myself included, the main motivation is some form of loyalty and desire to help out.
:)
Slashdot definitely has its annoying faults, but there isn't a single website I spend more time on than Slashdot. Sometimes I find myself reloading the front page only a minute after I last viewed it. I am probably the kind of user Slashdot normally hates (frequent reloader), so I am only too happy to pay my share. I'd rather lose $50 than Slashdot, even with all its faults.
Jason.
This is almost true, unfortunately I must ammend 2) and 4):
1) Users are pure evil. (Given.)
2) Civilization is made up of users and computer professionals. (Assumption)
3) Computer professionals are responsible for the collapse of civilization. (Given.)
4) Computer professionals will therefore destroy all evil and take themselves out in the process. (Conclusion.)
Jason.
B - Galaxy Cinemas is a first-run theater. Our particular complex is brand new, and the sound and picture quality, screen size, and seating arrangements (stadium style) are all first rate. Anyway, $7 is on weekdays or matinees. Fri-Sun the price is $9.50, but I don't often go those days anymore. So, for my viewing habits, the theatre vs. DVD difference is $6.99 vs. $5.50.
Jason.
Jason.
His figures aren't that off. It depends where you live. I live in a small city in Canada. On cheap night, the cost of a movie is $7.00. If I go to Rogers or Blockbuster and rent a new release on DVD, I am paying about $5.50. That difference isn't enough to stop me from going to the movies on price alone.
Agreeing with a point another poster made, I go to the movies for the impressively large screen. That, and also the Moosetracks icecream. :D
Jason.
This isn't an inherent problem with prefetching. You can do this with regular HTML now. Consider:
Or, you might use CSS and set display:none (although I'm not sure if the browser will fetch the image in that case, but some might). Or, if you want to cause the client to load an html, use an iframe also with 0x0 dimensions. You can see there are ways to do exactly what you're worried about right now, in all browsers, without prefetching.
Jason.
Isn't Microsoft desperately trying to convince us that IE is part of the operating system? They can't have it both ways.
Jason.
I have set this up for use on one of our production servers. I haven't actually deployed the new box yet, but I have had a chance to play with vserver.
/home than the shells vserver. But I have qmail patched to use SMTP AUTH (with TLS of course), but for that to work I must share the passwd and shadow files from the shells vserver. Also, shells users will want access to their .procmailrc and .qmail, so I must mount the qmail vserver /home somewhere so they can access it. You can see that a typical production environment requires several relationships between vservers, which not only increases complexity but decreases security.
/proc is severely reduced. Users (including root) are bound by capabilities, so for instance you could prevent even root from opening raw sockets.
The concept is very nice, and in fact the implementation is also quite good. The biggest problem with vservers is the increased administrative overhead. This is of course to be expected, but in some cases it does require you to punch holes in your vservers. For example, I have qmail in a separate vserver, which uses a different
Still, the advantages are worth it. Unification (using hardlinks across vservers) is cool. vrpm lets you upgrade/install RPMs on all or selected vservers and lets you unify them after. Unfortunately there's no automated tool to non-RPM files, but that's not too hard to write.
Of course the kernel protection offered in vservers is another big plus that an ordinary chroot won't offer. Processes within vservers don't see each other, and
Vserver is definitely a good security tool.
Jason.
IE is a good browser, but as a web developer for web development, shame on you for not using Mozilla. :)
Jason.