Hard RAID makes sense primarily when the I/O bandwidth with soft RAID would exceed your PCI bus.
That seems counter-intuitive to me. If drives off multiple cards exceed your PCI bus, how would it not be true for a single card? The only explanation I could think of is if you were running so close to bus speed that the extra parity data put you over. If your box has multiple PCI buses, you could even do something that he RAID card wouldn't allow... like split the traffic accross multiple busses.
It seems like it would be more of an issue with the IDE bus since virtually all IDE hardware RAID cards give each drive it's own bus. The solution, of course, is to not put multiple drives on one IDE bus. (Doing so is stupid anyhow.)
It's not a database, it's not a 150+ employee corporate file server, it's just personal. Performance is not a concern.
I have heard from couple of Dell server techs and a Red Hat employee that in their testing performance of software RAID outperformed hardware. Their explanation was that in all but the most expensive controllers, the card's CPU speed was much slower than you might assume... especially compared to a fairly modern PC's CPU.
The Dell guys said that most hardware vendors don't like to mention that because it cuts into sale of the cards.
Your logic eludes me. The blocks do not need to be read, as we are in the process of writing.
Unless you write across a whole row in the array, how are you going to compute the new parity without reading in something?
Everything you need to write is already in RAM except the checksum black. So if you have a 7-drive RAID5 array, the RAID subsystem can take 6 blocks of data, compute a parity block from them then write one block to each drive. It's not like it is going to write random sized chunks of data and can not tell what is going to be written without actually writing it to disk.
Even hardware RAID cards typically don't have a lot of RAM. They also don't write to the drives, re-read what they have just written and create a parity bit from it. Neither does software RAID in Linux.
The only time the system should need to read in order to generate a block is when it is rebuilding after a drive has been replaced.
If it makes you feel better, I'll let you in on a secret. The only pure-breed cat I've ever owned was a rescue and I've never owned a cat or dog that wasn't spayed or nuetered (at least by the time it was of beeding age.) I'm honestly not very fond of pure-breeds (cats or dogs) because they seem to have so many health problems.
The point of the post though was that they are touting the price as if $3500 was comperable to what someone might be willing to pay for an exotic cat. I am willing to bet that almost nobody pays $3500 for a cat without some intent to breed it... except perhaps the idle rich.
And at that price with "normal" cats, you are allowed to breed them and "resell" the resulting kittens. Something tells me that the same won't be true for a hypo-cat.
Depending on the dominant/recessive traits and how many genes are actually involved it would probably be possible to breed a couple of these to non-hypo cats and then cross-bread the decendands, finally ending up with cats that are again hypo-allergenic.
Since that's true, I wouldn't be a bit surprised to learn that they will be non-breeding cats.
One thing that bugs me is that they say the $3500 price tag is less than that of some exotic breeds. But if you pay $3500 for a pair of exotic breed cats you aren't restricted from breeding them.
Then again, maybe they'll be able to breed and then they can sue every time someone's hypo-cat sneaks out and mates with another cat.
The beauty is that now that the vulnerability is known, there are already people out there working to fix it.
Actually the back door that was added was identified almost immediately. Also, it was NOT a vulnerability in PostNuke that was exploited. The hole was in some type of download program they were using to distribute PostNuke.
If you are thinking about the old green tractor from 1950s, then you could be forgiven for that opinion. The tractors of today, however, can be extremely high-tech and run well over $100k. They are also well tested over a large variety of terrain.
The biggest caveat is that you would probably have to do a full office or lab worth to make it work out and you would probably have to find a lot of your workstation hardware on eBay.
Required workstation components (for 20+ PCs):
Case and power supply.
MB with on-board video and PXE capable NIC (most modern MBs)
150+Mhz CPU
16Mb to 32Mb RAM
KB, mouse, monitor and networking (switches) assumed already available per rules.
If, however, you already have a pretty decent desktop (1-3Ghz, 512Mb-1Gb RAM) you could always set up LTSP terminals for your kids, wife/SO, etc. for free. It isn't too hard to find some business or school that runs Windows and can't use 600Mhz PCs anymore much less 150Mhz boxes.
I have to wonder if it is more of a class distinction. The majority of american tourists in Europe are fairly well-to-do. For most of the rest of us, a two week trip to England and France is a pretty major investment of money/time.
While in France on a college-related trip, our entire group was having lunch in a nice little cafe. We were all embarassed to be from the same country as a loud-mouth american who was literally yelling at the waitor. Why? Because her tuna-fish sandwitch didn't have tomato slices on it and "everybody knows that tuna-fish sandwitches have tomatoes and lettuce!" (Her verbal rampage lasted a good minute and could clearly be heard in all corners of the reasturant.)
Egads, no wonder most of the world's population hates American tourists! If I had to endure that type of abuse from a particular group of people... I'd grow to dislike them pretty fast too.
Our district doesn't records student SSNs at all in our student records database, lunch account DB, or any other DB we keep online. We assign a unique ID to each student. This is actually a PITA since it's easy for a student transfering from one school to another to end up with a 2nd ID. On the other hand, we have zero risk of exposing SSN should our systems be hacked. (They aren't visible to the outside anyhow.)
On a related note, the state has started a statewide student ID program where each student is given a unique ID which is still not tied to SSN. (This state-wide student ID is part of trying to comply with requirements of the "No Child Left Behind" legislation.)
So, unless they often needed SSN info for tax reporting, why was it in the DB?
Well at least you got a good boss eventually. That alone makes a huge difference dealing with day-to-day issues. It's great to know you'll have backing if you tell a dept. head, "No, we will not do that. I'm sorry. You have to use SSH now instead of telnet. If you need help I can point you to a decent SSH client for your OS."
Honestly though.. what in the heck was so supposedly inconvienient about using SSH vs Telnet? Just fear of the unknown?
A few bitching-out sessions from them to my then boss, and he made me -- against all of my protests -- open telnet back up (I tried to at least make them use OPIE enabled telnet, but that didn't cut it with them.
Welcome to CYA school. Class is now in session. Whenever you are forced to do something (or not do it) that you are certain is a security risk, fire off a memo (not an e-mail... a paper memo) and keep a copy for yourself. Send it to your boss informing them about the risks and your concerns as professionally an completely as you can manage.
Most PHB types will realize that you've now put the responsibility of any compromizes squarely in their lap and will allow the change. If they don't, then continue to do what you can to mitigate the risk and save your copy of the memo for when it's needed.
such as installing network scanners (won't do a whole lot on our net anyway)
I'm curious why not. Are you confident you are immune to them because you have a switched network, or do you have other counter-measures in place?
I dunno, maybe companies need to have some sort of exam for employees to take to prove they know what the hell they're doing on a Windows box before being granted access to install their own programs on a system.
I hear you there. I honestly would like nothing more than to be able to give every user on our network admin access to their own PC. I'm not kidding. I would much rather spend my time coming up with some new web app that cuts 1/2 of the busywork out of someone's work day than deal with the headaches that restrictions cause. (Non-admins out there who think your PCs are locked down just so you admin can avoid work are completely wrong. Dealing with locked down systems is very often a real PITA.)
Unfortunately I simply can't do that. I have given some users more access because they claim to be able to manage their own PC and they seemed to be pretty PC-clueful. Half of those users have been set back to restricted permissions after causing network failure (router overload by flood of traffic from their PC) or because a tech had to spend 1/2 day recovering important data on the PC (which was supposed to be on the network) before they could ghost it and make it useable again.
I suppose if we could double the size of our IT staff we could give everyone full rights and then just lock down users who prove they aren't up to the challenge. But honestly, there are better ways to spend the $.
I hate to break it to you, pal, but losing money != making money.
Of course you are right. But which is better: Making an extra $100,000 because nobody slowed down by having restrictions on their PC... or NOT losing $1,000,000 when the entire network including ordering and processing systems is down for 3 days because someone didn't have restrictions on their PC?
So of course a main conern for sys Admins should be helping you make money, but it has to be offset by protecting against huge potential losses if some moron thinks the PC they use at work should be treated the same as their home PC and they should be allowed to install every kind of crap they find on the Internet.
Granted, some users are more than capable of managing their own PCs, but that is the minority not the majority in almost all companies.
I am still in disbelief of what happened over at TechTV...
Tell me about it. It used to have a few good technology shows on. Now it has become the tech channel for those who don't even begin to understand technology. I mean come on... call in questions have gone from things like "How can I monitor the temperature of my CPU under Linux while overclocking?" to "How do I change the background image in Windows XP?"
Oh yeah, I forgot that the primary market for G4TechTV is now people who play on their X-Box all day but still can't get through the whole game without learning new cheats from TV. (Cuz god knows it's impossible to find game cheats online!)
Well of course. After legal fees SCO has to decide very carefully whether to spend that $8.95 for a second year.;=)
Besides, except for the few curious ppl who won't believe anything at prosco.com and SCO employees how many visitors is it really likely to get? They probably figure that $8.95 is better spent elsewhere with budgets as tight as the must be.
The bug was flagged as a security issue the same day it was added to bugzilla. A patch was released within a couple of weeks and it made it into the binaries pretty soon after that. At least that's the impression I get looking over the bug entries which run from 9/15 through 10/4.
So.. please help me understand how this reflects so poorly on the Mozilla developers? Also, how does the way this was handled put them in the same crowd as MS? Especially after MS is caught sitting on serious security flaws for six months or more then sneaking the patches into a service pack without ever telling anyone the flaw existed?
Specifically, make sure you transfer power to yourself and your friends. It's fun having complete control over people, isn't it?
Do you honestly believe the average admin locks down systems, disables installs, etc. because they seek power and want to inconvenience you? Or maybe you think it's because they don't have enough to do already just protecting against viruses, hackers and users who trash thier systems by installing free screen savers and IE toolbars which include spyware and other malware?
Did the admins at your previous employer even KNOW you were the unique employee who actually knows enough to keep their own system running without being a threat to everyone else? I'm promising you, if you are able then you are in the minority in the workforce. (Probably the majority on/. but very few organzations are made up entirely of/. readers.)
It's likely that before the lockdown they spent 90% of their time just fixing things users broke themselves. Do you have a solution for this other than a lockdown which would work but wouldn't baloon costs in some way? Have the user's PC taken away or maybe she should be fired on the 3rd offense and training? Try getting the CEO to fire his favorite secretary because she's a "bad computer user."
How does an admin choose who is qualified to not need a locked-down PC? Do they base the choice on the word of the person in question? In our organization at least, there are a few people who consider themselves computer-savy or even experts. Only a couple are. I'm saying that based on how often they mess up their PC and need help, not my personal opinion about their abilities.
Or how about if you only lock down systems after the user has already disabled their PC or infected the network with a virus? Sure, that's an option in an office of 10-20. But what if you are responsible for 30,000 PCs?
Throwing more IS staff at it doesn't go over well with most organizations these days. Unless you are an IT business, your IS department probably doesn't earn the company a cent directly. Instead, to the accountants, it is un undesirable (though neccessary) expense of doing business.
There are several packages which can either run an install from.msi unattended, read what is installed/changed from the.msi or just compare before and after an install to generate a "what do I need to do to install this" list.
ZenWorks For Desktops for example can generate system images for all the "common" apps and also let you make installation objects. You can assign objects to individuals or individual computers. When you re-image a system, the system will get the "common" image assigned to it and have all the "extra" applications automatically layered over top of it.
While in use with limited or normal HD activity, a PC will typically use considerably less watts than the rating on it's power supply.
Get rid of as many moving parts as possible (air cooled CPUS/chipsets, etc. and they can be downright miserly.)
My favorite part is claiming they have a "hit list" of people they are going to sue in one breath and then saying that they "aren't a litigation company" in the next.
Then again, if it is really an integral part of the OS, it is unlikely any meaningful changes could be made to IE without having OS source available to fix/change as well.
I actually worked with a group doing mobile phone testing. We found that the radio waves penetrated very deeply into the skulls of children...
As to whether it caused damage or not... no idea.
I'd be more concerned with damage caused by inserting radio wave detectors into kids brains for your testing than from cell phone radio waves anyway. >;)
Slashdot Mirror
That seems counter-intuitive to me. If drives off multiple cards exceed your PCI bus, how would it not be true for a single card? The only explanation I could think of is if you were running so close to bus speed that the extra parity data put you over. If your box has multiple PCI buses, you could even do something that he RAID card wouldn't allow... like split the traffic accross multiple busses.
It seems like it would be more of an issue with the IDE bus since virtually all IDE hardware RAID cards give each drive it's own bus. The solution, of course, is to not put multiple drives on one IDE bus. (Doing so is stupid anyhow.)
I have heard from couple of Dell server techs and a Red Hat employee that in their testing performance of software RAID outperformed hardware. Their explanation was that in all but the most expensive controllers, the card's CPU speed was much slower than you might assume... especially compared to a fairly modern PC's CPU.
The Dell guys said that most hardware vendors don't like to mention that because it cuts into sale of the cards.
Everything you need to write is already in RAM except the checksum black. So if you have a 7-drive RAID5 array, the RAID subsystem can take 6 blocks of data, compute a parity block from them then write one block to each drive. It's not like it is going to write random sized chunks of data and can not tell what is going to be written without actually writing it to disk.
Even hardware RAID cards typically don't have a lot of RAM. They also don't write to the drives, re-read what they have just written and create a parity bit from it. Neither does software RAID in Linux.
The only time the system should need to read in order to generate a block is when it is rebuilding after a drive has been replaced.
The point of the post though was that they are touting the price as if $3500 was comperable to what someone might be willing to pay for an exotic cat. I am willing to bet that almost nobody pays $3500 for a cat without some intent to breed it... except perhaps the idle rich.
And at that price with "normal" cats, you are allowed to breed them and "resell" the resulting kittens. Something tells me that the same won't be true for a hypo-cat.
Since that's true, I wouldn't be a bit surprised to learn that they will be non-breeding cats.
One thing that bugs me is that they say the $3500 price tag is less than that of some exotic breeds. But if you pay $3500 for a pair of exotic breed cats you aren't restricted from breeding them.
Then again, maybe they'll be able to breed and then they can sue every time someone's hypo-cat sneaks out and mates with another cat.
Actually the back door that was added was identified almost immediately. Also, it was NOT a vulnerability in PostNuke that was exploited. The hole was in some type of download program they were using to distribute PostNuke.
If you are thinking about the old green tractor from 1950s, then you could be forgiven for that opinion. The tractors of today, however, can be extremely high-tech and run well over $100k. They are also well tested over a large variety of terrain.
Required workstation components (for 20+ PCs):
And finally a server with:
If, however, you already have a pretty decent desktop (1-3Ghz, 512Mb-1Gb RAM) you could always set up LTSP terminals for your kids, wife/SO, etc. for free. It isn't too hard to find some business or school that runs Windows and can't use 600Mhz PCs anymore much less 150Mhz boxes.
Here's a vote for Ctrl+W (close tab)
While in France on a college-related trip, our entire group was having lunch in a nice little cafe. We were all embarassed to be from the same country as a loud-mouth american who was literally yelling at the waitor. Why? Because her tuna-fish sandwitch didn't have tomato slices on it and "everybody knows that tuna-fish sandwitches have tomatoes and lettuce!" (Her verbal rampage lasted a good minute and could clearly be heard in all corners of the reasturant.)
Egads, no wonder most of the world's population hates American tourists! If I had to endure that type of abuse from a particular group of people... I'd grow to dislike them pretty fast too.
On a related note, the state has started a statewide student ID program where each student is given a unique ID which is still not tied to SSN. (This state-wide student ID is part of trying to comply with requirements of the "No Child Left Behind" legislation.)
So, unless they often needed SSN info for tax reporting, why was it in the DB?
Honestly though.. what in the heck was so supposedly inconvienient about using SSH vs Telnet? Just fear of the unknown?
Welcome to CYA school. Class is now in session. Whenever you are forced to do something (or not do it) that you are certain is a security risk, fire off a memo (not an e-mail... a paper memo) and keep a copy for yourself. Send it to your boss informing them about the risks and your concerns as professionally an completely as you can manage.
Most PHB types will realize that you've now put the responsibility of any compromizes squarely in their lap and will allow the change. If they don't, then continue to do what you can to mitigate the risk and save your copy of the memo for when it's needed.
I'm curious why not. Are you confident you are immune to them because you have a switched network, or do you have other counter-measures in place?
I hear you there. I honestly would like nothing more than to be able to give every user on our network admin access to their own PC. I'm not kidding. I would much rather spend my time coming up with some new web app that cuts 1/2 of the busywork out of someone's work day than deal with the headaches that restrictions cause. (Non-admins out there who think your PCs are locked down just so you admin can avoid work are completely wrong. Dealing with locked down systems is very often a real PITA.)
Unfortunately I simply can't do that. I have given some users more access because they claim to be able to manage their own PC and they seemed to be pretty PC-clueful. Half of those users have been set back to restricted permissions after causing network failure (router overload by flood of traffic from their PC) or because a tech had to spend 1/2 day recovering important data on the PC (which was supposed to be on the network) before they could ghost it and make it useable again.
I suppose if we could double the size of our IT staff we could give everyone full rights and then just lock down users who prove they aren't up to the challenge. But honestly, there are better ways to spend the $.
I hate to break it to you, pal, but losing money != making money.
Of course you are right. But which is better: Making an extra $100,000 because nobody slowed down by having restrictions on their PC... or NOT losing $1,000,000 when the entire network including ordering and processing systems is down for 3 days because someone didn't have restrictions on their PC?
So of course a main conern for sys Admins should be helping you make money, but it has to be offset by protecting against huge potential losses if some moron thinks the PC they use at work should be treated the same as their home PC and they should be allowed to install every kind of crap they find on the Internet.
Granted, some users are more than capable of managing their own PCs, but that is the minority not the majority in almost all companies.
Tell me about it. It used to have a few good technology shows on. Now it has become the tech channel for those who don't even begin to understand technology. I mean come on... call in questions have gone from things like "How can I monitor the temperature of my CPU under Linux while overclocking?" to "How do I change the background image in Windows XP?"
Oh yeah, I forgot that the primary market for G4TechTV is now people who play on their X-Box all day but still can't get through the whole game without learning new cheats from TV. (Cuz god knows it's impossible to find game cheats online!)
Besides, except for the few curious ppl who won't believe anything at prosco.com and SCO employees how many visitors is it really likely to get? They probably figure that $8.95 is better spent elsewhere with budgets as tight as the must be.
So.. please help me understand how this reflects so poorly on the Mozilla developers? Also, how does the way this was handled put them in the same crowd as MS? Especially after MS is caught sitting on serious security flaws for six months or more then sneaking the patches into a service pack without ever telling anyone the flaw existed?
Do you honestly believe the average admin locks down systems, disables installs, etc. because they seek power and want to inconvenience you? Or maybe you think it's because they don't have enough to do already just protecting against viruses, hackers and users who trash thier systems by installing free screen savers and IE toolbars which include spyware and other malware?
Did the admins at your previous employer even KNOW you were the unique employee who actually knows enough to keep their own system running without being a threat to everyone else? I'm promising you, if you are able then you are in the minority in the workforce. (Probably the majority on /. but very few organzations are made up entirely of /. readers.)
It's likely that before the lockdown they spent 90% of their time just fixing things users broke themselves. Do you have a solution for this other than a lockdown which would work but wouldn't baloon costs in some way? Have the user's PC taken away or maybe she should be fired on the 3rd offense and training? Try getting the CEO to fire his favorite secretary because she's a "bad computer user."
How does an admin choose who is qualified to not need a locked-down PC? Do they base the choice on the word of the person in question? In our organization at least, there are a few people who consider themselves computer-savy or even experts. Only a couple are. I'm saying that based on how often they mess up their PC and need help, not my personal opinion about their abilities.
Or how about if you only lock down systems after the user has already disabled their PC or infected the network with a virus? Sure, that's an option in an office of 10-20. But what if you are responsible for 30,000 PCs?
Throwing more IS staff at it doesn't go over well with most organizations these days. Unless you are an IT business, your IS department probably doesn't earn the company a cent directly. Instead, to the accountants, it is un undesirable (though neccessary) expense of doing business.
ZenWorks For Desktops for example can generate system images for all the "common" apps and also let you make installation objects. You can assign objects to individuals or individual computers. When you re-image a system, the system will get the "common" image assigned to it and have all the "extra" applications automatically layered over top of it.
While in use with limited or normal HD activity, a PC will typically use considerably less watts than the rating on it's power supply. Get rid of as many moving parts as possible (air cooled CPUS/chipsets, etc. and they can be downright miserly.)
I think it's more the shooting of passers-by mistaken for an intruder that he's refering to as illegal.
My favorite part is claiming they have a "hit list" of people they are going to sue in one breath and then saying that they "aren't a litigation company" in the next.
Then again, if it is really an integral part of the OS, it is unlikely any meaningful changes could be made to IE without having OS source available to fix/change as well.