You forget people are part of the equation (as is money.) It doesn't matter how many machines there are in the cluster when there's only one admin capable of managing the thing. (We in the industry refer to this as the bus problem... "... and what happens when you are hit by a bus?" (eatten by a moose, whatever.))
We're talking about email systems here, so it's extremely likely, even in a clustered environment, users will have their spool on a single server -- it's difficult (and cumbersome) to have mirrored redundancy for email... (multiplied by 1 million users...) This isn't a web farm where it's ok for updates in one place to take several minutes to appear across the farm. [A mirrored SAN is a f'ing expensive solution to a "100 year" event.]
(Actually, I have quite a bit of clue. However, I've been around long enough to be frugal in planning and building systems.)
It's not NT (NT would've rebooted on it's own with the "uptime" counter rolled over.)
At any rate, this is a common misconception. The UNIX(tm) kernel does not require upgrading/patching every 3.2 days. Obviously, the box is working just fine with the 2yo kernel. Yes, there are some kernel issues one could trip if one could actually get to the box... firewalls, idiots!
"Don't fix it unless it's broke."
[BTW, I have other machines running MUCH older kernels without any issues (it runs a lot of stuff)... [root:ttyp0]dominion:~/[9:10am]:uname -a Linux dominion 2.3.42-SMP #11 SMP Sun Feb 6 20:06:02 EST 2000 i686]
Like I said, for millions of users, you're asking for trouble putting them all on one box; but one does not need million dollar "enterprise" hardware to have stability and reliability. Just look at google's search engine farm...
For my little mail server, even if it did catch fire, I could build a new one in under an hour. This is no different than a cluster of machines... if one dies, you simply replace it and move on. (with a properly oversized cluster nobody will notice one machines failure.)
I don't know what "industry" you live in, but I've not seen anyone build a mail cluster[*]. NCSU is the closest, but that was simply departmentalized servers; the only reason any department had more than one server was due to storage not scalabilty or reliability. (And that was for ~25k people.) [The largest I've worked with had just shy of 70k mailboxes across about 5k domains... on ONE server. It could've handled much more than that.]
[*] Well, not one that actually works... RR has several that significantly delay messages passing through it. Network Solutions has a bunch of "mail appliances" that lose 30% of the messages and delay the other 70% for hours (multiple documented cases of 13-15hrs.)
The "99.9% uptime is expected" requirement alone requires...
For something of this size, yes, it'll take some planning and more than one machine. But just for 3 nines, a single machine can do that. I have one mail server that's been running continuously for almost two (2) years (years)... it hasn't been rebooted since the day it was installed, and has been unavailable to it's users for a total of a a few hours (2, 3, ? -- the longest was about 30min to rebuild the mail store after a db file was damaged.) And btw, it's a dell 4600 DESKTOP PC.
VERY few companies really need connectivity to such a level.
True redundancy is difficult to achieve these days. Sure, you can buy two routers (from different vendors) and get two T1's (from different providers), but odds are, those two T1's cross the same hardware at some point... transported via the same LEC, hung from the same pole, buried in the same ditch, go to the same closet, enter through the same hole in the building, etc.
(And telcos/ISPs will lie about the redundancy they're selling to you as well as their own redundancy.)
AT&T (they had two networks), Bellsouth ("Mobility DCS"), and Nextel were the only one's I knew to run GSM networks. Nextel is the only one still around; I don't know if they still use GSM or not.
We have standards, too. For some really stupid reason, US carriers refuse to use the same standards as the rest of the world.
However, there are (or were) a few US carriers that use(d) GSM. In fact, I have three (3) GSM phones laying here (minus SIM cards.) But even when we use the same "standard", we change it... US GSM networks are on a different freq. than the rest of the world. (The FCC had already licensed the frequency or something.)
More than once, emerge has merged in broken versions of python, portage, glibc, etc. Having to remove the hard drive from a machine ONCE to unfuck up what should never have been fucked up is one too many times. (yes, there are other options... boot from cd [if it has a cd], boot from network [if you have that setup], etc.)
And no, there's MUCH more involved in making two machine run EXACTLY the same VERSIONS. If one machine syncs later than the other (or even to different mirrors), it may (and often does) pick up newer versions. The only real option is to make one machine your own gentoo rsync mirror and have it do all the building (keeping binary packages.) This is an enormous pain in the ass.
Just because I hate gentoo doesn't mean anyone else has to hate it, too. Yes, I have a few gentoo machines to admin -- 'tho they have indicated their intent to move to redhat (fedora) shortly. (which has it's own concerns...)
Looks like you need to sit through a few remedial reading comprehension classes yourself... did you notice the quotes around the word upgrade? You did read the words at the beginning of the sentence -- the "if you are Microsoft" part?
Furthermore, your understanding of software licensing is very flawed. You assume that a) every MacOS capable machine in the universe was made by Apple, and b) every one of those machines came out of the box running MacOS. (a) is very clearly false; you'd know that if you were more than 5 years old. (b) is also false, albeit rare. You're assuming the machine itself is the license; it isn't. Just because something comes with a license to run one version does not automatically grant any entitlement to other (future) versions.
In your screwed up universe, I'm legally entitled to run solaris 10 on my decade old ultrasparc because it orginally came with solaris 2.4 and simply because it'll install and run on it. And you'd call it an upgrade because it'll install over the top of an existing system without screwing it up. (much.) (in theory.)
([*] In reality, it creates a number of really odd, inexplicable problems that cannot be easily corrected.)
Apple's OS's do not require a pre-existing installation, or a "qualifying product" to begin installation. The CD can be booted to install a competely blank system. Therefore, It. Is. Not. An. Upgrade. Apple previously sold upgrade disc's, but they don't do that anymore.
Upgrades require a pre-existing installation, often of a specific version. And if you are Microsoft, your definition of "upgrade" includes simply proving ownership of a previous version.
Yes, fibre can be (and is) hung from poles (and towers.) I'll assume you've never seen the cabling up close, or watched the installation in any detail. So, I'll explain the technology a little better...
The fibre used for telecom trunks is similar to the common stuff people are use to seeing in a data center for things like gigabit ethernet, oc-3's, and the like. However, it isn't one pair; it's several (dozen) pairs. The smallest I've ever seen was 3 pairs -- bellsouth's spar off a main trunk to an office. Each strand is about 1mm in diameter. At the center is a 62.5micron strand of glass ("the fibre".) Wrapped around all of the strands, among other things, is a weave of kevlar before getting to the outer "tough" plastic shell.
The fibre itself is not burried. A conduit is buried and the fibre is litterally blown through it. Bellsouth is repairing a section of fibre running down Lynn Rd. here in Raleigh; I'll try to get some pictures of the "blower" on the end of the conduit. The process is very fast and very efficient. Consider the amount of work to repair a cut in a copper trunk... dig up a big hole to splice in a new section of cable which requires two cable joins because there's no slack to pull the cut ends back together. And there's 25+ pairs to fix. OR, bury a new run of cable (leaving the old one there, btw.) With fibre, a) there's slack that doesn't have a ton of dirt on it, and b) it's a simple process to blow in a new mile long run -- after pulling the broken cable out [that stuff is still good, if half as long as it used to be.] Depending on the length of the segment, they won't even try to splice the cut. A small hole is necessary only to fix the conduit (it has to be sealed to blow cable through it.)
Now... back to the bit about the kevlar... That stuff is many times stronger than steel. Thus, fibre trunks hanging from a pole or tower are the strongest thing up there -- even stronger than the pole/tower itself in many/some cases. It can still snap, but it'll be the last thing to break. Repairs are just as easy as buried cable... pull out a bit of slack or go hang more cable.
The resilience of various networks will vary wildly everywhere you go. Both phone and cable can each be on a pole or in the ground. Your parents have their cable in the ground and phone hanging on poles. It could just've easily been the other way around. And it would've been much more than 2 days to get it fixed; the PSTN is a regulated public utility with mandated availability requirements where as cable is not.
In fact, I've seen the exact opposite... power restored in hours; phone restored in days; cable restored in weeks. All three are on the same pole. My phones (both POTS and ISDN) have been out-of-service twice in the last 10 years... once due to a CO "crash" (to quote the switch tech, "the slc system crashed") and once due to lightning blowing up a bunch of line cards. They were both fixed within the hour. I've had a cable modem for about 2 years; there've been a number of outages due to issues with the headend gear with some lasting minutes and others hours. And there's been one major outage... because some jackass disconnected the cable (jan. 25th at 12:33:26, to be exact.) It took 5 days to get them to fix it (7am on the 31st.)
At any rate, the point is the cable company has no requirement to restore your service within any time frame.
Unlikely. Fibre transmitting equipment consumes much more power than an analog based system. The end-user power requirement is simply due to the technology... glass isn't conductive. Analog phones really don't draw that much power, and many don't draw anything until they're off-hook.
In theory, you should be able to nuke yast. However, there are a number of functions yast performs that aren't "vi". (like yast online updates ["you"], but then again, rpm by itself is smarter than "you" -- which will upgrade packages one doesn't even have installed.)
Have you looked at the ftp directories lately? 9.2 has a bootable dvd iso [oct. 2004]. 9.3 has both bootable dvd and cd versions [jun/jul 2005]. And bootable dvd/cd versions of previous releases have been available as well, 'tho not always directly from suse for free.
No, you do not. I. Fucking. Hate. Gentoo. Of all the distros in the world, it's the only one I've ever seen destroy itself. Repeatedly. Anyway, back to the point...
Obviously, you're too blind to read what I said. It's the second damned sentence even. For people who aren't (seasoned) admins, yast is a very useful thing. As an admin, I find yast a waste of time for most tasks... it's faster to edit a config file myself than fire up yast, navigate to the appropriate modules, and click a few boxes/etc.
For a seasoned, knowledgable system admin, YaST is a horrible mess. BUT, for the majority of people, who aren't sysadmin's 80hrs/wk, YaST is a very useful, powerful tool.
I'm an admin, so I absolutely hate the damned thing. It's a scripting language that has 99% of what it does hardcoded in a number of interdependant library packages -- God help you if you ever need to fix so much as one damned line of that shit. "YOU" recommends upgrading packages you don't even have installed...
Oh, and the ISO images available via ftp also contain different versions from the FTP tree. I was pretty pissed at having to mirror an extra 4+GB of shit because the DVD image has newer versions than the ftp tree. I mean, Jesus, who the fuck is managing their releases?
Pay for SuSE? What do you get when you purchase a boxed set from SuSE? The same thing you can download from their ftp server(s) after a month or two, and some documentation noone ever reads. It's just like buying a copy of RedHat a few years ago -- before all this RHEL crap. I've used various versions at times and I've never spent a penny for any of them. Granted, new versions aren't available for download immediately, but they always end up on ftp. (minus any commercially licensed applications that, obviously, I don't miss.)
I don't like gentoo... it's too easy to seriously screw up the system with emerge, and all but impossible to keep a set of machines running the exact same thing. (Yes, it's doable, but it's not pretty and takes one machine to be "it".)
It's kinda sad RedHat has gone to shit. They used to support sparc, sparc64, alpha, ppc, x86. Now, they con others into developing and testing their commercial product(s) and have abandoned everything but "PCs".
$129 is the Apple list price for a NEW OS, not an upgrade. And, it can be found slightly cheaper from other sites if you look hard enough. This is why I'm giving the $200-300 MICROSOFT LIST PRICE for a NEW OS. Microsoft never provided a "patch" from 95 to 95OSR, or 98 to 98SE; you had to buy a the new version, in whole or as an "upgrade".
And there were people who went to ME before making the leap to 2000, which is NT 5.0. When ME was originally released, we didn't know it was crap.
While very few followed all seven releases, the point was if you had... almost no people actually did, but many companies did. As you point out, the majority of people did 3 or 4 hops. (95->98[->ME/2000]->XP) The same is true of Mac users... there are many who remain on old versions and skip releases.
Anyone who actually followed the arguement would see I'm right. There were 7 versions of windows over the last 10 years (since 95 was released.) [technically 8, but I'll ignore NT 4.0] That's a new install/upgrade every 17.2 months. Even at OEM Upgrade prices, that's over $700 in new OS software with each version being signficantly the same as the old one. (until you hop to the NT track.) This is almost the same as Apple's OS X lineage except there's a real difference between succesive versions.
Wrong. If you upgraded every time Microsoft shit out a new OS versions, you'd've bought 7 version since 95 was released in Aug. 24, 1995:
Win 95
Win 95 OSR1 ("the second edition")
Win 98
Win 98 SE
Win ME
Win 2000
Win XP
That's an average of 17.2 months between releases with list prices in the $200-300 range. And there's very little "innovation" between most releases. Apple does provide some real value from release to release; and they bundle much more than just an OS. Windows just seems to become more and more bloated.
I've seen lots of "programmers" do it... it's easier to cout >> password >> endl; than encrypt it or even rot13 it. In fact, in my 20 years, I've not seen anyone encrypt passwords that weren't beat over the head to force them into it. In fact, Cisco IOS only recently (2-3 years ago in the 12.0S line) gained support for non-reversible password encrytion.
Funny story... USR's idea of "encryption" was xor 0x80. No shit. I didn't even realize the passwords were encrypted for a while... I used less to view the database dumps, and it was stripping the sign bit. Needless to say, ENCRYPT and DECRYPT where two functions I deleted from the Security/Accounting code the day I got my hands on it. (... added 7, yes, S E V E N, lines of code to support unix crypt'd passwords. Took about 15min. USR said it would take weeks for them to do it ["developer time"], and refused to do it spewing bull about supporting it -- despite a number of other functions in there for another "Large Telco" that weren't documented anywhere.)
CiscoSecure stores passwords in plaintext. It's necessary to support CHAP authentication. However, if you don't care about CHAP, you can certainly config it to encrypt (ala crypt()) the password.
I wouldn't be a bit surprised if they were plaintext. CCO's rather old, and not exactly Top Secret(tm), so there wouldn't be a great deal of focus on full security. Gez, it's still http basic authentication... via http; you do the math, err sniffing.
I think the trust level you are assuming is a bit overstated. While a great many networks are dependant on Cisco technology, I know of none that "trust" Cisco to any measure. IOS is very closed source; customers have zero control over what it does. And today, they have even less control over what capabilities it has -- Cisco reduced the number of builds from several dozen to about 7 to "reduce confusion".
(I call bullshit on this one as that alphabet-soup version string has been readily and correctly documented for a decade. I defy you to find an experience cisco monkey that doesn't know what most of the codes mean -- or cannot find the docs with google in under 10s. Again, this is cisco being greedy... it takes time and resources to build 56 images; and it takes a great deal more resources to "QA" each of those images.)
Slashdot Mirror
You forget people are part of the equation (as is money.) It doesn't matter how many machines there are in the cluster when there's only one admin capable of managing the thing. (We in the industry refer to this as the bus problem... "... and what happens when you are hit by a bus?" (eatten by a moose, whatever.))
We're talking about email systems here, so it's extremely likely, even in a clustered environment, users will have their spool on a single server -- it's difficult (and cumbersome) to have mirrored redundancy for email... (multiplied by 1 million users...) This isn't a web farm where it's ok for updates in one place to take several minutes to appear across the farm. [A mirrored SAN is a f'ing expensive solution to a "100 year" event.]
(Actually, I have quite a bit of clue. However, I've been around long enough to be frugal in planning and building systems.)
It's not NT (NT would've rebooted on it's own with the "uptime" counter rolled over.)
At any rate, this is a common misconception. The UNIX(tm) kernel does not require upgrading/patching every 3.2 days. Obviously, the box is working just fine with the 2yo kernel. Yes, there are some kernel issues one could trip if one could actually get to the box... firewalls, idiots!
"Don't fix it unless it's broke."
[BTW, I have other machines running MUCH older kernels without any issues (it runs a lot of stuff)...
[root:ttyp0]dominion:~/[9:10am]:uname -a
Linux dominion 2.3.42-SMP #11 SMP Sun Feb 6 20:06:02 EST 2000 i686]
Like I said, for millions of users, you're asking for trouble putting them all on one box; but one does not need million dollar "enterprise" hardware to have stability and reliability. Just look at google's search engine farm...
For my little mail server, even if it did catch fire, I could build a new one in under an hour. This is no different than a cluster of machines... if one dies, you simply replace it and move on. (with a properly oversized cluster nobody will notice one machines failure.)
I don't know what "industry" you live in, but I've not seen anyone build a mail cluster[*]. NCSU is the closest, but that was simply departmentalized servers; the only reason any department had more than one server was due to storage not scalabilty or reliability. (And that was for ~25k people.) [The largest I've worked with had just shy of 70k mailboxes across about 5k domains... on ONE server. It could've handled much more than that.]
[*] Well, not one that actually works... RR has several that significantly delay messages passing through it. Network Solutions has a bunch of "mail appliances" that lose 30% of the messages and delay the other 70% for hours (multiple documented cases of 13-15hrs.)
The "99.9% uptime is expected" requirement alone requires...
For something of this size, yes, it'll take some planning and more than one machine. But just for 3 nines, a single machine can do that. I have one mail server that's been running continuously for almost two (2) years (years)... it hasn't been rebooted since the day it was installed, and has been unavailable to it's users for a total of a a few hours (2, 3, ? -- the longest was about 30min to rebuild the mail store after a db file was damaged.) And btw, it's a dell 4600 DESKTOP PC.
VERY few companies really need connectivity to such a level.
True redundancy is difficult to achieve these days. Sure, you can buy two routers (from different vendors) and get two T1's (from different providers), but odds are, those two T1's cross the same hardware at some point... transported via the same LEC, hung from the same pole, buried in the same ditch, go to the same closet, enter through the same hole in the building, etc.
(And telcos/ISPs will lie about the redundancy they're selling to you as well as their own redundancy.)
AT&T (they had two networks), Bellsouth ("Mobility DCS"), and Nextel were the only one's I knew to run GSM networks. Nextel is the only one still around; I don't know if they still use GSM or not.
We have standards, too. For some really stupid reason, US carriers refuse to use the same standards as the rest of the world.
However, there are (or were) a few US carriers that use(d) GSM. In fact, I have three (3) GSM phones laying here (minus SIM cards.) But even when we use the same "standard", we change it... US GSM networks are on a different freq. than the rest of the world. (The FCC had already licensed the frequency or something.)
More than once, emerge has merged in broken versions of python, portage, glibc, etc. Having to remove the hard drive from a machine ONCE to unfuck up what should never have been fucked up is one too many times. (yes, there are other options... boot from cd [if it has a cd], boot from network [if you have that setup], etc.)
And no, there's MUCH more involved in making two machine run EXACTLY the same VERSIONS. If one machine syncs later than the other (or even to different mirrors), it may (and often does) pick up newer versions. The only real option is to make one machine your own gentoo rsync mirror and have it do all the building (keeping binary packages.) This is an enormous pain in the ass.
Just because I hate gentoo doesn't mean anyone else has to hate it, too. Yes, I have a few gentoo machines to admin -- 'tho they have indicated their intent to move to redhat (fedora) shortly. (which has it's own concerns...)
Looks like you need to sit through a few remedial reading comprehension classes yourself... did you notice the quotes around the word upgrade? You did read the words at the beginning of the sentence -- the "if you are Microsoft" part?
Furthermore, your understanding of software licensing is very flawed. You assume that a) every MacOS capable machine in the universe was made by Apple, and b) every one of those machines came out of the box running MacOS. (a) is very clearly false; you'd know that if you were more than 5 years old. (b) is also false, albeit rare. You're assuming the machine itself is the license; it isn't. Just because something comes with a license to run one version does not automatically grant any entitlement to other (future) versions.
In your screwed up universe, I'm legally entitled to run solaris 10 on my decade old ultrasparc because it orginally came with solaris 2.4 and simply because it'll install and run on it. And you'd call it an upgrade because it'll install over the top of an existing system without screwing it up. (much.) (in theory.)
([*] In reality, it creates a number of really odd, inexplicable problems that cannot be easily corrected.)
Apple's OS's do not require a pre-existing installation, or a "qualifying product" to begin installation. The CD can be booted to install a competely blank system. Therefore, It. Is. Not. An. Upgrade. Apple previously sold upgrade disc's, but they don't do that anymore.
Upgrades require a pre-existing installation, often of a specific version. And if you are Microsoft, your definition of "upgrade" includes simply proving ownership of a previous version.
Yes, fibre can be (and is) hung from poles (and towers.) I'll assume you've never seen the cabling up close, or watched the installation in any detail. So, I'll explain the technology a little better...
The fibre used for telecom trunks is similar to the common stuff people are use to seeing in a data center for things like gigabit ethernet, oc-3's, and the like. However, it isn't one pair; it's several (dozen) pairs. The smallest I've ever seen was 3 pairs -- bellsouth's spar off a main trunk to an office. Each strand is about 1mm in diameter. At the center is a 62.5micron strand of glass ("the fibre".) Wrapped around all of the strands, among other things, is a weave of kevlar before getting to the outer "tough" plastic shell.
The fibre itself is not burried. A conduit is buried and the fibre is litterally blown through it. Bellsouth is repairing a section of fibre running down Lynn Rd. here in Raleigh; I'll try to get some pictures of the "blower" on the end of the conduit. The process is very fast and very efficient. Consider the amount of work to repair a cut in a copper trunk... dig up a big hole to splice in a new section of cable which requires two cable joins because there's no slack to pull the cut ends back together. And there's 25+ pairs to fix. OR, bury a new run of cable (leaving the old one there, btw.) With fibre, a) there's slack that doesn't have a ton of dirt on it, and b) it's a simple process to blow in a new mile long run -- after pulling the broken cable out [that stuff is still good, if half as long as it used to be.] Depending on the length of the segment, they won't even try to splice the cut. A small hole is necessary only to fix the conduit (it has to be sealed to blow cable through it.)
Now... back to the bit about the kevlar... That stuff is many times stronger than steel. Thus, fibre trunks hanging from a pole or tower are the strongest thing up there -- even stronger than the pole/tower itself in many/some cases. It can still snap, but it'll be the last thing to break. Repairs are just as easy as buried cable... pull out a bit of slack or go hang more cable.
First off, this ain't the 20's...
The resilience of various networks will vary wildly everywhere you go. Both phone and cable can each be on a pole or in the ground. Your parents have their cable in the ground and phone hanging on poles. It could just've easily been the other way around. And it would've been much more than 2 days to get it fixed; the PSTN is a regulated public utility with mandated availability requirements where as cable is not.
In fact, I've seen the exact opposite... power restored in hours; phone restored in days; cable restored in weeks. All three are on the same pole. My phones (both POTS and ISDN) have been out-of-service twice in the last 10 years... once due to a CO "crash" (to quote the switch tech, "the slc system crashed") and once due to lightning blowing up a bunch of line cards. They were both fixed within the hour. I've had a cable modem for about 2 years; there've been a number of outages due to issues with the headend gear with some lasting minutes and others hours. And there's been one major outage... because some jackass disconnected the cable (jan. 25th at 12:33:26, to be exact.) It took 5 days to get them to fix it (7am on the 31st.)
At any rate, the point is the cable company has no requirement to restore your service within any time frame.
Unlikely. Fibre transmitting equipment consumes much more power than an analog based system. The end-user power requirement is simply due to the technology... glass isn't conductive. Analog phones really don't draw that much power, and many don't draw anything until they're off-hook.
In theory, you should be able to nuke yast. However, there are a number of functions yast performs that aren't "vi". (like yast online updates ["you"], but then again, rpm by itself is smarter than "you" -- which will upgrade packages one doesn't even have installed.)
Have you looked at the ftp directories lately? 9.2 has a bootable dvd iso [oct. 2004]. 9.3 has both bootable dvd and cd versions [jun/jul 2005]. And bootable dvd/cd versions of previous releases have been available as well, 'tho not always directly from suse for free.
No, you do not. I. Fucking. Hate. Gentoo. Of all the distros in the world, it's the only one I've ever seen destroy itself. Repeatedly. Anyway, back to the point...
Obviously, you're too blind to read what I said. It's the second damned sentence even. For people who aren't (seasoned) admins, yast is a very useful thing. As an admin, I find yast a waste of time for most tasks... it's faster to edit a config file myself than fire up yast, navigate to the appropriate modules, and click a few boxes/etc.
For a seasoned, knowledgable system admin, YaST is a horrible mess. BUT, for the majority of people, who aren't sysadmin's 80hrs/wk, YaST is a very useful, powerful tool.
I'm an admin, so I absolutely hate the damned thing. It's a scripting language that has 99% of what it does hardcoded in a number of interdependant library packages -- God help you if you ever need to fix so much as one damned line of that shit. "YOU" recommends upgrading packages you don't even have installed...
Oh, and the ISO images available via ftp also contain different versions from the FTP tree. I was pretty pissed at having to mirror an extra 4+GB of shit because the DVD image has newer versions than the ftp tree. I mean, Jesus, who the fuck is managing their releases?
Ok, I gotta ask... where the hell does IRIX fit? Using the CDs to level a table???
Pay for SuSE? What do you get when you purchase a boxed set from SuSE? The same thing you can download from their ftp server(s) after a month or two, and some documentation noone ever reads. It's just like buying a copy of RedHat a few years ago -- before all this RHEL crap. I've used various versions at times and I've never spent a penny for any of them. Granted, new versions aren't available for download immediately, but they always end up on ftp. (minus any commercially licensed applications that, obviously, I don't miss.)
I don't like gentoo... it's too easy to seriously screw up the system with emerge, and all but impossible to keep a set of machines running the exact same thing. (Yes, it's doable, but it's not pretty and takes one machine to be "it".)
It's kinda sad RedHat has gone to shit. They used to support sparc, sparc64, alpha, ppc, x86. Now, they con others into developing and testing their commercial product(s) and have abandoned everything but "PCs".
$129 is the Apple list price for a NEW OS, not an upgrade. And, it can be found slightly cheaper from other sites if you look hard enough. This is why I'm giving the $200-300 MICROSOFT LIST PRICE for a NEW OS. Microsoft never provided a "patch" from 95 to 95OSR, or 98 to 98SE; you had to buy a the new version, in whole or as an "upgrade".
... almost no people actually did, but many companies did. As you point out, the majority of people did 3 or 4 hops. (95->98[->ME/2000]->XP) The same is true of Mac users... there are many who remain on old versions and skip releases.
And there were people who went to ME before making the leap to 2000, which is NT 5.0. When ME was originally released, we didn't know it was crap.
While very few followed all seven releases, the point was if you had
Anyone who actually followed the arguement would see I'm right. There were 7 versions of windows over the last 10 years (since 95 was released.) [technically 8, but I'll ignore NT 4.0] That's a new install/upgrade every 17.2 months. Even at OEM Upgrade prices, that's over $700 in new OS software with each version being signficantly the same as the old one. (until you hop to the NT track.) This is almost the same as Apple's OS X lineage except there's a real difference between succesive versions.
- Win 95
- Win 95 OSR1 ("the second edition")
- Win 98
- Win 98 SE
- Win ME
- Win 2000
- Win XP
That's an average of 17.2 months between releases with list prices in the $200-300 range. And there's very little "innovation" between most releases. Apple does provide some real value from release to release; and they bundle much more than just an OS. Windows just seems to become more and more bloated.I've seen lots of "programmers" do it... it's easier to cout >> password >> endl; than encrypt it or even rot13 it. In fact, in my 20 years, I've not seen anyone encrypt passwords that weren't beat over the head to force them into it. In fact, Cisco IOS only recently (2-3 years ago in the 12.0S line) gained support for non-reversible password encrytion.
Funny story... USR's idea of "encryption" was xor 0x80. No shit. I didn't even realize the passwords were encrypted for a while... I used less to view the database dumps, and it was stripping the sign bit. Needless to say, ENCRYPT and DECRYPT where two functions I deleted from the Security/Accounting code the day I got my hands on it. (... added 7, yes, S E V E N, lines of code to support unix crypt'd passwords. Took about 15min. USR said it would take weeks for them to do it ["developer time"], and refused to do it spewing bull about supporting it -- despite a number of other functions in there for another "Large Telco" that weren't documented anywhere.)
CiscoSecure stores passwords in plaintext. It's necessary to support CHAP authentication. However, if you don't care about CHAP, you can certainly config it to encrypt (ala crypt()) the password.
I wouldn't be a bit surprised if they were plaintext. CCO's rather old, and not exactly Top Secret(tm), so there wouldn't be a great deal of focus on full security. Gez, it's still http basic authentication... via http; you do the math, err sniffing.
I think the trust level you are assuming is a bit overstated. While a great many networks are dependant on Cisco technology, I know of none that "trust" Cisco to any measure. IOS is very closed source; customers have zero control over what it does. And today, they have even less control over what capabilities it has -- Cisco reduced the number of builds from several dozen to about 7 to "reduce confusion".
(I call bullshit on this one as that alphabet-soup version string has been readily and correctly documented for a decade. I defy you to find an experience cisco monkey that doesn't know what most of the codes mean -- or cannot find the docs with google in under 10s. Again, this is cisco being greedy... it takes time and resources to build 56 images; and it takes a great deal more resources to "QA" each of those images.)