Can your framework handle two-phase transactional commits when it interfaces to other applications?
Sure. Most apps don't need that, mind you, but if there's a need then 2PC is fairly trivial to implement *where it's needed*.
How well does it support single-sign across apps deployed across different servers but behind a reverse proxy that unifies them under a single domain?
What does that even have to do with anything?
Can you cluster multiple hosting servers for your app to minimize downtime during app upgrades? Does your application sessions failover to the other members of your cluster correctly, if so?
Sure. No java needed to use a loadbalancer and build stateless and/or SOA apps.
Can you take legacy code and layer your app around it without needing to rewrite the legacy app? Can you do this even if the programming team who wrote the legacy app is no longer around?
WTF?
When you discover that you are having intermittent glitches... Put your product into a supported trace mode and get your vendor to support you
Bullshit. NewRelic works pretty fine for rails. All platforms come with debugging machinery of various kinds, many of which are heads and shoulders above what you're probably using in your java-shop.
I have yet to see a professional grade alternative to it.
Meanwhile over here in the real world, many people build apps using those "unprofessional" alternatives just fine. Sometimes very quick, too.
The existing BIND 9 mechanism are not hard for your small domains that change rarely, but they don't work if you have tens or hundreds of thousands of domains that you manage, which change on a frequent basis
Only problematic if you are doing it with AXFR. Nobody in their right mind uses AXFR, right?
and would like their DNS to be better integrated... something today that usually means running Windows Active Directory or similar proprietary solutions.
So you're planning to design a piece of internet backbone software to interoperate with... Active Directory.
Managing "a few simple test [sic] based config files" across tens of computers distributed around the globe is a non-trivial task.
Reading your comments here is giving me serious chills. Yes, managing said config files (ideally only *one* config file) is as trivial as it can even get. We have rsync, scp and a variety of insanely powerful version control systems to aid with that. We have entire operating systems with mature toolchains built around the notion of dealing with text files and streams.
DJB has even demonstrated what a half-sane config file format for a nameserver can look like (hint: nothing like the bind zone-files).
We can trivially generate these files from any data-source (yes, even ActiveDirectory) and, if a sane format was chosen, we can also diff them and easily build middlewares to sync both ways with *any* kind of directory service or database desired.
Sorry if this comes across personal, but have you considered outsourcing this entire project to google? Like them or not, they definitely have more competent engineering muscle for a project of this magnitude - and will likely take on the issue anyways after, or even before, Bind10 has flopped.
Sorry to cloud the issue with pertinent facts though, carry on.
Talking about "facts" in the context of jewish zombies, born of virgin mothers, is a bit laughable.
Especially when all you have to back it up is a lamb that was slaughtered and had it's blood put on the doorposts of a house to save it's occupants from the angel of death in Egypt. Yeah, right.
And now excuse me while I go slaughter a lamb. These goddamn death angels are all over the place here on Saturdays, time to take action.
The main difference is, as you will probably point out, the number of people killed. Your solution kills many, many more people, and fails to help millions that really, really could use our help.
The other difference would be that his solution respects the sovereignty of a foreign country and yours doesn't. Another facet might be that his solution leads to more isolation for the evil-doers (unless they change their minds) whereas yours would likely spawn sympathy for them.
Let's see. A fully fledged Z10 has 256 cores. I think The bigger problem will be RAM. The Z10 maxes out at 1.5T, so maybe 10 instances if you turn aero off.
Well, you made a dumb move and got lucky so far. Still nothing to recommend to anyone else.
Have you considered what happens when your current boss, by coincidence, meets someone from your old company and they get talking? The world is small, the business world even smaller. Nobody likes liars, good luck trying to shake off that stigma.
Generally your whole story smells fishy, as if a 16yr old made it up on the spot. But I'll give you that for the sake of the argument.
I could chime in just about anywhere on this thread but I'll do it here:
Do not take job advice from slashdot. The amount of bullshit being posted here is just mindnumbing. These poor man's terrorist tactics may sound totally cool while you're making them up in your basement or raving on about them with your buddies in school. They don't work in the real world. Lying is never a good idea and some of the proposed feetstomping can even get you in legal trouble. Worse yet, most former or future employers won't even bother to sue you. But they will tell others about your childishness. Good luck finding a job with *that* kind of reputation.
So, VMWare gives you free support for their paid product but citrix charges you for support on their free product? Boggles the mind.
We are currently doing a similar head-to-head and so far it seems that for the ESX license costs alone we can hire two full-time admins and buy plenty of support from citrix when needed. YMMV.
I don't think microsoft has an interest to deal with it in any way. This is a PR-effort to distract from where the blame should really go. Even if they "dealt" with this worm and its attack vectors in some way - the next worm is just around the corner. The security model in windows is just fundamentally broken, thus we'll continue to see worm attacks and pointless bounties.
Hey, I GOT HIM. Even made a photo for you. Now sack him and send the bounty to my paypal please.
This is the guy who is currently officially responsible for windows being vulnerable to worm and malware attacks. There have been others in the past but your bounty explicitly asks for the person responsible for this current "conficker" worm, so here you go.
Thanks for the backup fire. Needless to say, I agree with all you said.:-) And yes, nothing against a company making good money by providing an ad-supported product. I wouldn't be complaining if there was at least a small note about their "special" treatment of google and NX anywhere on that page.
The notion that OpenDNS is evil because they run ads is juvenile. So is the notion that they're evil because they keep logs and records. Name me a Unix system or any provider of any kind of Internet services that doesn't keep logs and records.
The point is that they hijack both your NX responses and google searches without telling you either upfront. They broadly advertise Web Content Filtering, Phishing Protection, Zero-Downtime Network, Faster Internet, Statistics etc. but not a single word about ad injection or google hijacking.
If you have no privacy concerns about a third party monitoring your google queries then that's fine. But I guess most people would at least prefer to know.
There are public resolvers that you could use, for example 4.2.2.1 (google will find you more). If you're on a unix OS you could also install a local resolver like dnsmasq or dnscache (part of djbdns). The distro packages usually come with a reasonable default config, thus it's mostly just a matter of installing the package and editing your/etc/resolv.conf - a one minute task.
and add extra features to decades old service without breaking standards.
But they are breaking the standard. In particular rfc2308,
under 8:
Negative caching in resolvers is no-longer optional, if a resolver
caches anything it must also cache negative answers.
The SOA record from the authority section MUST be cached. Name error
indications must be cached against the tuple .
No data indications must be cached against tuple.
Note the absence of statements like "lookup failures should silently map to A records that point to webservers serving spam".
Slashdot Mirror
Nonsense.
Sure. Most apps don't need that, mind you, but if there's a need then 2PC is fairly trivial to implement *where it's needed*.
What does that even have to do with anything?
Sure. No java needed to use a loadbalancer and build stateless and/or SOA apps.
WTF?
Bullshit. NewRelic works pretty fine for rails. All platforms come with debugging machinery of various kinds, many of which are heads and shoulders above what you're probably using in your java-shop.
Meanwhile over here in the real world, many people build apps using those "unprofessional" alternatives just fine. Sometimes very quick, too.
I'm a bit confused.
It's 2010 and we discuss a java framework as if it represented "the state of web development"?
You have heard about rails and django, right?
Do you have a citation for that?
I know of exactly one DJBDNS bug:
djbdns<=1.05 lets AXFRed subdomains overwrite domains
Afaik that bug was acknowledged (and paid for) rather quickly.
As a happy djbdns user I'd be curious to learn about other bugs that I've missed?
Only problematic if you are doing it with AXFR. Nobody in their right mind uses AXFR, right?
So you're planning to design a piece of internet backbone software to interoperate with... Active Directory.
Reading your comments here is giving me serious chills. Yes, managing said config files (ideally only *one* config file) is as trivial as it can even get. We have rsync, scp and a variety of insanely powerful version control systems to aid with that. We have entire operating systems with mature toolchains built around the notion of dealing with text files and streams.
DJB has even demonstrated what a half-sane config file format for a nameserver can look like (hint: nothing like the bind zone-files).
We can trivially generate these files from any data-source (yes, even ActiveDirectory) and, if a sane format was chosen, we can also diff them and easily build middlewares to sync both ways with *any* kind of directory service or database desired.
Sorry if this comes across personal, but have you considered outsourcing this entire project to google? Like them or not, they definitely have more competent engineering muscle for a project of this magnitude - and will likely take on the issue anyways after, or even before, Bind10 has flopped.
Talking about "facts" in the context of jewish zombies, born of virgin mothers, is a bit laughable.
Especially when all you have to back it up is a lamb that was slaughtered and had it's blood put on the doorposts of a house to save it's occupants from the angel of death in Egypt. Yeah, right.
And now excuse me while I go slaughter a lamb. These goddamn death angels are all over the place here on Saturdays, time to take action.
Talking outta our ass, aren't we?
So what exactly do the "big boys" do that postgres doesn't?
Oh, you have no idea? Surprise, surprise.
The other difference would be that his solution respects the sovereignty of a foreign country and yours doesn't.
Another facet might be that his solution leads to more isolation for the evil-doers (unless they change their minds) whereas yours would likely spawn sympathy for them.
No, that last is a bit too much. Remember the Z10 maxes out at only 1.5TB Ram.
Let's see. A fully fledged Z10 has 256 cores.
I think The bigger problem will be RAM. The Z10 maxes out at 1.5T, so maybe 10 instances if you turn aero off.
Well, you made a dumb move and got lucky so far. Still nothing to recommend to anyone else.
Have you considered what happens when your current boss, by coincidence, meets someone from your old company and they get talking?
The world is small, the business world even smaller. Nobody likes liars, good luck trying to shake off that stigma.
Generally your whole story smells fishy, as if a 16yr old made it up on the spot. But I'll give you that for the sake of the argument.
I could chime in just about anywhere on this thread but I'll do it here:
Do not take job advice from slashdot. The amount of bullshit being posted here is just mindnumbing.
These poor man's terrorist tactics may sound totally cool while you're making them up in your basement or raving on about them with your buddies in school. They don't work in the real world. Lying is never a good idea and some of the proposed feetstomping can even get you in legal trouble. Worse yet, most former or future employers won't even bother to sue you. But they will tell others about your childishness. Good luck finding a job with *that* kind of reputation.
So, VMWare gives you free support for their paid product but citrix charges you for support on their free product? Boggles the mind.
We are currently doing a similar head-to-head and so far it seems that for the ESX license costs alone we can hire two full-time admins and buy plenty of support from citrix when needed. YMMV.
It already does. All unused RAM is used for the page cache which caches disk reads.
I don't think microsoft has an interest to deal with it in any way. This is a PR-effort to distract from where the blame should really go. Even if they "dealt" with this worm and its attack vectors in some way - the next worm is just around the corner. The security model in windows is just fundamentally broken, thus we'll continue to see worm attacks and pointless bounties.
Hey, I GOT HIM. Even made a photo for you.
Now sack him and send the bounty to my paypal please.
This is the guy who is currently officially responsible for windows being vulnerable to worm and malware attacks.
There have been others in the past but your bounty explicitly asks for the person responsible for this current "conficker" worm, so here you go.
Seriously, as a business you don't have to bother with any ISP pulling off such a nonsense on you.
Just take your business elsewhere.
And what ISP is that? I have never heard of one doing such things.
Certainly not "most" ISPs. I don't know a single one that does that. Can you name any?
Thanks for the backup fire. Needless to say, I agree with all you said. :-)
And yes, nothing against a company making good money by providing an ad-supported product. I wouldn't be complaining if there was at least a small note about their "special" treatment of google and NX anywhere on that page.
Where on their website is it?
I honestly clicked through most of it (short of digging through the knowledge base) and didn't find a trace of it.
Proxying google queries should be worth a note along with the setup instructions, don't you think?
The point is that they hijack both your NX responses and google searches without telling you either upfront. They broadly advertise Web Content Filtering, Phishing Protection, Zero-Downtime Network, Faster Internet, Statistics etc. but not a single word about ad injection or google hijacking.
If you have no privacy concerns about a third party monitoring your google queries then that's fine. But I guess most people would at least prefer to know.
Interesting. I get modded flame-bait without a single reply.
Anyone mind to explain what on earth was flame-bait about my post?
There are public resolvers that you could use, for example 4.2.2.1 (google will find you more). /etc/resolv.conf - a one minute task.
If you're on a unix OS you could also install a local resolver like dnsmasq or dnscache (part of djbdns). The distro packages usually come with a reasonable default config, thus it's mostly just a matter of installing the package and editing your
It's fine that you found a workaround for your particular problem.
Others would probably just switch to a working ISP...
But they are breaking the standard. In particular rfc2308,
under 8:
Note the absence of statements like "lookup failures should silently map to A records that point to webservers serving spam".
Thank's for reminding me.