I dunno. I do a combination of software development and sysadmin work, and have a major say in all tech hirings at my company.
Frankly, time spent among the meritocracy that most large open-source programs develop is one of the best experiences for a programmer that I can think of. You learn to do stuff right, or get chunks torn off your behind when it's not. You learn that ego has no place in your profession.
And you prove you can work to very high standards.
We're not looking for ${EXPERIENCE} or other ${QUALIFICATION}. What we need is flexibility, the willingness to do the job right the first time, and the honesty to say when you made a mistake. OSS work reinforces that, and I'd put someone who has worked in a large OSS project on the top of my hiring list.
It's a nice enough engine, with some quirks, but having to process 300 pictures with it from an event sucks. A lot.
Aperture lets me get it done in a tenth the time.
It was trying to process 50 pictures from a shoot that made me give up on Linux for serious photo editing - ufraw is good for the occasional shot, but it's too slow and clunky for someone who has to justify the time spent on the software.
The 350D has bad enough noise at ISO 1600. 3200 would be dreadful.
I'd rather have ISO 50 and 25 for using wide-aperture lenses in broad daylight and doing long exposures in the sun without having to stack ND filters.
High ISO would be nice, but it's not something the sensor in the 350D can do. Let's wait for the 5D Mk II for that one...
We use M-Audio Delta 44s at the radio station I work with, and they've been ultra-reliable. Every digital musician I know uses M-Audio Firewire interfaces and Macs.
Fantastic hardware - and they don't needlessly wank with it to make the gamer d00dz want to buy the EX-III Super Duper card and throw out the EX-II Super Ultra card...
The first edition copy I have is pretty dog-eared from constantly being stashed in my laptop bag. I don't use regexes every day, but I understand them, and just need a handy reference. Definitely great for a "how do you specify X" kind of problem.
We don't run phpBB. Is it just me, or is phpBB almost always the target of these kinds of attacks? I mean, there are probably hundreds of CMS systems out there, but almost every mass site hijacking/defacement I can remember has involved phpBB.
Propaganda, ignorance, and no mass media reporting on how the rest of the world thinks. That's why the movie Sicko was such a huge shock to the American people - the vast majority of Americans have been fed nothing but negative propaganda about socialized medicine (circa 1950's anticommunist, with updated graphs), but never see any of the positive aspects, like not going bankrupt after breaking your leg.
I'm quite sure the Romans said the same thing until the day the Goths sacked Rome...
That's not new - Fedora Core 1 servers running cPanel handed out to "admins" who load it up with phpBB and never update it host a fair bit of crap. We've migrated customers off of those boxes, and it's always fun to check every single file you bring over to make sure there's no surprises.
On the last server compromise I had to clean up (php site, not updated - standard story), I spent some time going through the logs to check what other sites they'd used this thing as to springboard into other machines. It was a fair collection of blog servers, bulletin boards, and a few company sites. When I could locate a phone number, I would give them a call. Not a single one of the admins knew their boxes were hosting malware. A couple boxes had been replaced after whoever got in wrecked the site, but the vast majority were running just fine, just with a '.../' directory hanging off the web root.
You ever watching TV and they have those commercials for tech schools that teach auto repair? Sign up. Seriously. Work 9-5, make enough money to support the family and BBQ every weekend if you want to. Oh, and as a mechanic, you get paid by the job, so the better you are, the more money you get.
As a former mechanic who has transitioned to IT - I call bullshit. The best mechanics don't make the money, the fastest ones do. Look at flat rate mechanics - you get paid the time the book says to do the job, no matter how long the job takes. The sleazeballs who cut corners generally make more money than the careful ones who make sure the job is done right.
Union shops are just as bad - you get paid the same as the guy who can't learn to tighten oil pan plugs all the time.
It's not as glamorous or as easy money as you make it out to be, either. Pissant customers, little or no heat in the winter, no A/C in the summer, filth, constant marination in carcinogens, and long-term damage to your knees, ankles, back, wrists, and shoulders.
Fuggit - let my peers slack off. Makes for more room at the top in 10-20 years.
If they don't look around, see what makes the world tick, and put their shoulder to the wheel, they deserver the endless string of mediocre jobs they land.
Oh dear god no - I wish every ISP would block outbound port 25 connections from residential accounts. That would stop over half the spam I see at our servers. You can run a separate SMTP submission port (587 is the normal one, IIRC) on your servers to bypass that filtering - we're getting ready to do that after having problems with a new customer whose ISP does exactly that.
I also like having a business support number that I can call and bypass the Ricky Numbnuts "Have you restarted Internet Explorer?" 1st-tier tech support. Residential users have no need to set their reverse DNS, but businesses do, and it makes no sense whatsoever to place your technically literate customers who are willing to pay for better service in the idjit queue. Nor would the guys who can understand what business customers need have a great deal of fun phone-jockeying redneck after redneck through rebooting their cable modem.
And just as open source. Plone is a CMS framework built on the Zope application framework, built on Python. As other respondents have noted, it's open source from the top to the bottom of the application stack.
Zope is something far, far different than anything else I've worked with - incredibly innovative in places, frankly bizarre in others, and has a bit of a learning cliff before you can really get working with it, but very good for some data storage tasks that are a stone bitch to implement in a traditional table-based database. In the hands of a competent programmer, you can get moderately complex active-content sites set up in a small amount of time, with HTML and CSS skins. search interfaces, access controls, and a fair bit more.
Zope was built out of some closed-source products, but the current Zope platform (3.3.1) is almost unrecognizable compared to its closed-source antecedents, and the Plone CMS was open-source from the start.
Tell you what - when Linux vendors are as good at arm-twisting OEMs into making their products work as Microsoft is, then we can talk.
Or, we can talk about the fun that is getting stuff to work with OSX - a fair bit of the cheap junk out there won't work in OSX. You have to do research before you buy a part for your Mac - but I don't hear any caterwauling about that. And, you even have to pay for the privilege of it not working with every POS 10 year old scanner and 7 year old 0.6 megapixel camera out there.
I recently had the honour of downgrading a Vista Home Basic machine to XP for a client. He ended up paying more for my labour, added to the cost of the Vista box, than it would have cost to buy a new Optiplex with XP - and this is "good hardware support"? And this was a pretty standard Intel chipset - Ubuntu recognized everything, made it all work, but it took 3 hours to hunt down working XP drivers for the box.
If you go to a Linux OEM - Dell, Sun, System76, Penguin Computing (just among the ones I've personally dealt with) your computer will work out of the box. That's how most Windows machines are sold, and they seem to work pretty well with the hardware the manufacturer put in and certified.
As of now, there is no "go to this section of the store, everything in this aisle will work in Linux". Or, a "this penguin mark means it's got support in mainline Linux kernels, and the little pufferfish, daemon, and flag beside it mean it's supported by OpenBSD, FreeBSD, and NetBSD". A manufaturer does it every once in a while, but there is no fiscal reason (yet) for hardware manufacturers on razor-thin margins to spend extra money on marketing that cannot be proven to increase sales.
And I don't know about crappy video drivers, at least not nowadays. ATI and Nvidia stuff is supported with a few clicks, a logout/login, and configuring your monitor in Ubuntu, setting up a yum repository, installing an RPM, a logout/login, and configuring your monitor in CentOS/RHEL/Fedora, download driver installer, run the installer, reboot, and configure your displays in Windows, and it's generally already installed in OSX.
Wireless is a problem. Blame Broadcom - they're the biggest holdout. Dell has a team of Linux engineers that make sure that their new server products are supported by Linux, ideally, before the hardware goes on sale. Intel works very closely with open-source projects to make their hardware as compatible as possible with their chipsets.
Don't like the state of Linux hardware support? Vote with your dollar and your time. Support companies that support Linux, boycott companies that don't, beta-test drivers people are developing, file bug reports when things go bad. Whining about "my pile of junk I have laying around my house doesn't work with ${OPERATING_SYSTEM}" sounds a lot like the complaints in 2001 when XP came out, and people had to throw away their decrepit bubblejets and 300 DPI SCSI scanners.
Actually, the memory limits are due to buggy 32-bit PCI device drivers that can't have their address spaces reallocated to above the 4 GB barrier - so MS decided to limit the amount of RAM available to XP rather than deal with POS drivers.
Server 2003 and XP 64-bit don't have this limitation, though.
P.S. - I'll reccomend 64-bit OSes for the masses when Flash and Java Web Start work. Not until then. (I've been running 64-bit desktops for several years now - Fedora, CentOS, Debian, and some technical workstations running XP 64-bit and DB servers running Server 2003 64-bit.) You'd have to forklift upgrade a large portion of your stuff to work with 64-bit - you have to rewrite a fair bit of your driver core to handle the larger memory address size, something that hasn't had to have been done since Windows 95 came out!
P.P.S. - The 4 GB per-process virtual address space is not completely true in Windows - you can only access 2 GB of it, with the other 2 GB of address space reserved by the operating system. IIRC, you can change it to have 3 GB available to the process, but MS does not guarantee that all third-party DLLs will work properly.
Pshaw - one of our hosting customers makes a nice living doing that for small businesses. He kicks the CMS-based stuff and any coding work over to us - it's a great deal most of the time.
For brochure-type sites that are going to be updated maybe twice a year, straight HTML is cheaper, and you can have a designer do all the work. No need for a code monkey.
I'd have to agree - I just got done porting our mailsystem from the One Big Box(TM) to a more flexible set of 1U's - and Postfix Admin (with MySQL replication) works just as well managing our multiple-MX, separate-mailstore system as it did the previous monolithic box. It's simple to modify (some of the cleanest PHP code I've seen in some time), and not too confusing for our clients, who can manage their own mail and reset their own passwords. Makes for a lot less in the way of service calls.
I've messed with sendmail, exim4, postfix, and a little with Exchange, and I'll say that Postfix has made the effort I spent in learning its ways worth it. I'd hate to try to set up one of our current projects - a spam-filtering front end for an Exchange server, with LDAP lookups, greylisting, RBLs, the whole bit - on anything other than Postfix.
I get a goofy grin every time I go to the Museum of American History in Washington, DC and see the truly impressive collection of gear they've got.
Makes me want to spend some time in the not-displayed area, and see what they've got (MX missile control panels? Russian analog pneumatic computers? The mind boggles).
Heh - I'd port the stuff to Xen, or make sure it plays nice with VMWare. SCO's stuff is legacy, and definitely not being used for much new software. On the other hand, there are a lot of small to medium sized businesses that can't afford to port their data to new software, so there will be a need for at least some presence of SCO (or a successor) for a long time.
As for XKCD, how long until some misguided lawyer (yes, Thompson, I'm looking at you) starts to spout off about webcomics encouraging ninja attacks? Please - let that happen. I want to see a lawyer trying to explain a ninja attack to a civil judge.
Maybe he'll finally get the I-love-me jacket he's needed for so long.
I've seen root's.bash_history symlinked to/dev/null used on a couple of incidents - at least the date of the symlink creation can be used to tell you exactly how long they've been there...
It also has a firewall set up on both the local machine and the router to block access to those ports that are open to just those IPs that need to get to it.
I don't use Bastille - I'll read through it, and decide what of its recommendations I need to implement, but I don't blindly follow anyone's advice about security.
P. S. - sorry about the formatting - it would be nice to have the <pre> tag available...
I'm working for a company that had Slackware as its primary server OS. Until I showed how much time it took to operate and maintain.
Slackware is great for many things - single-purpose machines, getting that old P1 running, etc. It has a few major flaws that make it unusable in businessland:
1: too #$%) hard for a new admin. It requires a lot of arcane skills to get set up properly - skills that don't come cheap, and are hard to find in the marketplace.
2: No dependency management. Debian- and RH-based distros have had dependency tracking for ages, and the capabilities of up2date, yum, and apt-get are far in advance of what you can do with any slackware package management system. Plus, there is literally nothing in Slackware that matches RHN.
3: Proprietary software. Although with enough hacking, you can get a lot of it to run on Slack, the provider will not give you any support. And without that, you're hosed. We've ended up using RHEL on a Websense box because they would not recognize a bug that showed up in CentOS. You know what? The bug went away on RHEL.
Given all that, I still like Slackware as a Swiss Army knife-type distro that I can use for things where I don't have to maintain it too much. It runs on just about anything, and can be slimmed down far further than any other distro. I just can't justify businesswise the amount of labor it takes to maintain, when we are short on skilled *nix admins anyway.
Slashdot Mirror
I dunno. I do a combination of software development and sysadmin work, and have a major say in all tech hirings at my company.
Frankly, time spent among the meritocracy that most large open-source programs develop is one of the best experiences for a programmer that I can think of. You learn to do stuff right, or get chunks torn off your behind when it's not. You learn that ego has no place in your profession.
And you prove you can work to very high standards.
We're not looking for ${EXPERIENCE} or other ${QUALIFICATION}. What we need is flexibility, the willingness to do the job right the first time, and the honesty to say when you made a mistake. OSS work reinforces that, and I'd put someone who has worked in a large OSS project on the top of my hiring list.
It's a nice enough engine, with some quirks, but having to process 300 pictures with it from an event sucks. A lot. Aperture lets me get it done in a tenth the time. It was trying to process 50 pictures from a shoot that made me give up on Linux for serious photo editing - ufraw is good for the occasional shot, but it's too slow and clunky for someone who has to justify the time spent on the software.
The 350D has bad enough noise at ISO 1600. 3200 would be dreadful. I'd rather have ISO 50 and 25 for using wide-aperture lenses in broad daylight and doing long exposures in the sun without having to stack ND filters. High ISO would be nice, but it's not something the sensor in the 350D can do. Let's wait for the 5D Mk II for that one...
Fantastic hardware - and they don't needlessly wank with it to make the gamer d00dz want to buy the EX-III Super Duper card and throw out the EX-II Super Ultra card...
The first edition copy I have is pretty dog-eared from constantly being stashed in my laptop bag. I don't use regexes every day, but I understand them, and just need a handy reference. Definitely great for a "how do you specify X" kind of problem.
We don't run phpBB. Is it just me, or is phpBB almost always the target of these kinds of attacks? I mean, there are probably hundreds of CMS systems out there, but almost every mass site hijacking/defacement I can remember has involved phpBB.
Am I completely off-base here?
Propaganda, ignorance, and no mass media reporting on how the rest of the world thinks. That's why the movie Sicko was such a huge shock to the American people - the vast majority of Americans have been fed nothing but negative propaganda about socialized medicine (circa 1950's anticommunist, with updated graphs), but never see any of the positive aspects, like not going bankrupt after breaking your leg.
I'm quite sure the Romans said the same thing until the day the Goths sacked Rome...
That's not new - Fedora Core 1 servers running cPanel handed out to "admins" who load it up with phpBB and never update it host a fair bit of crap. We've migrated customers off of those boxes, and it's always fun to check every single file you bring over to make sure there's no surprises.
On the last server compromise I had to clean up (php site, not updated - standard story), I spent some time going through the logs to check what other sites they'd used this thing as to springboard into other machines. It was a fair collection of blog servers, bulletin boards, and a few company sites. When I could locate a phone number, I would give them a call. Not a single one of the admins knew their boxes were hosting malware. A couple boxes had been replaced after whoever got in wrecked the site, but the vast majority were running just fine, just with a '.../' directory hanging off the web root.
As a former mechanic who has transitioned to IT - I call bullshit. The best mechanics don't make the money, the fastest ones do. Look at flat rate mechanics - you get paid the time the book says to do the job, no matter how long the job takes. The sleazeballs who cut corners generally make more money than the careful ones who make sure the job is done right.
Union shops are just as bad - you get paid the same as the guy who can't learn to tighten oil pan plugs all the time.
It's not as glamorous or as easy money as you make it out to be, either. Pissant customers, little or no heat in the winter, no A/C in the summer, filth, constant marination in carcinogens, and long-term damage to your knees, ankles, back, wrists, and shoulders.
Fuggit - let my peers slack off. Makes for more room at the top in 10-20 years.
If they don't look around, see what makes the world tick, and put their shoulder to the wheel, they deserver the endless string of mediocre jobs they land.
I does make hiring a bit harder, though.
P. S. - I'm 31.
Had to try it - they really do that fuckwittery!
networksolutionsgrabsdomains.com
networksolutionsfrontrunners.com
networksolutionsgrabsyourshit.com
networksolutionsganksyourname.com
Oh dear god no - I wish every ISP would block outbound port 25 connections from residential accounts. That would stop over half the spam I see at our servers. You can run a separate SMTP submission port (587 is the normal one, IIRC) on your servers to bypass that filtering - we're getting ready to do that after having problems with a new customer whose ISP does exactly that.
I also like having a business support number that I can call and bypass the Ricky Numbnuts "Have you restarted Internet Explorer?" 1st-tier tech support. Residential users have no need to set their reverse DNS, but businesses do, and it makes no sense whatsoever to place your technically literate customers who are willing to pay for better service in the idjit queue. Nor would the guys who can understand what business customers need have a great deal of fun phone-jockeying redneck after redneck through rebooting their cable modem.
Pay hoi polloi prices, get hoi polloi service.
And just as open source. Plone is a CMS framework built on the Zope application framework, built on Python. As other respondents have noted, it's open source from the top to the bottom of the application stack.
Zope is something far, far different than anything else I've worked with - incredibly innovative in places, frankly bizarre in others, and has a bit of a learning cliff before you can really get working with it, but very good for some data storage tasks that are a stone bitch to implement in a traditional table-based database. In the hands of a competent programmer, you can get moderately complex active-content sites set up in a small amount of time, with HTML and CSS skins. search interfaces, access controls, and a fair bit more.
Zope was built out of some closed-source products, but the current Zope platform (3.3.1) is almost unrecognizable compared to its closed-source antecedents, and the Plone CMS was open-source from the start.
Tell you what - when Linux vendors are as good at arm-twisting OEMs into making their products work as Microsoft is, then we can talk.
Or, we can talk about the fun that is getting stuff to work with OSX - a fair bit of the cheap junk out there won't work in OSX. You have to do research before you buy a part for your Mac - but I don't hear any caterwauling about that. And, you even have to pay for the privilege of it not working with every POS 10 year old scanner and 7 year old 0.6 megapixel camera out there.
I recently had the honour of downgrading a Vista Home Basic machine to XP for a client. He ended up paying more for my labour, added to the cost of the Vista box, than it would have cost to buy a new Optiplex with XP - and this is "good hardware support"? And this was a pretty standard Intel chipset - Ubuntu recognized everything, made it all work, but it took 3 hours to hunt down working XP drivers for the box.
If you go to a Linux OEM - Dell, Sun, System76, Penguin Computing (just among the ones I've personally dealt with) your computer will work out of the box. That's how most Windows machines are sold, and they seem to work pretty well with the hardware the manufacturer put in and certified.
As of now, there is no "go to this section of the store, everything in this aisle will work in Linux". Or, a "this penguin mark means it's got support in mainline Linux kernels, and the little pufferfish, daemon, and flag beside it mean it's supported by OpenBSD, FreeBSD, and NetBSD". A manufaturer does it every once in a while, but there is no fiscal reason (yet) for hardware manufacturers on razor-thin margins to spend extra money on marketing that cannot be proven to increase sales.
And I don't know about crappy video drivers, at least not nowadays. ATI and Nvidia stuff is supported with a few clicks, a logout/login, and configuring your monitor in Ubuntu, setting up a yum repository, installing an RPM, a logout/login, and configuring your monitor in CentOS/RHEL/Fedora, download driver installer, run the installer, reboot, and configure your displays in Windows, and it's generally already installed in OSX.
Wireless is a problem. Blame Broadcom - they're the biggest holdout. Dell has a team of Linux engineers that make sure that their new server products are supported by Linux, ideally, before the hardware goes on sale. Intel works very closely with open-source projects to make their hardware as compatible as possible with their chipsets.
Don't like the state of Linux hardware support? Vote with your dollar and your time. Support companies that support Linux, boycott companies that don't, beta-test drivers people are developing, file bug reports when things go bad. Whining about "my pile of junk I have laying around my house doesn't work with ${OPERATING_SYSTEM}" sounds a lot like the complaints in 2001 when XP came out, and people had to throw away their decrepit bubblejets and 300 DPI SCSI scanners.
Actually, the memory limits are due to buggy 32-bit PCI device drivers that can't have their address spaces reallocated to above the 4 GB barrier - so MS decided to limit the amount of RAM available to XP rather than deal with POS drivers.
Server 2003 and XP 64-bit don't have this limitation, though.
P.S. - I'll reccomend 64-bit OSes for the masses when Flash and Java Web Start work. Not until then. (I've been running 64-bit desktops for several years now - Fedora, CentOS, Debian, and some technical workstations running XP 64-bit and DB servers running Server 2003 64-bit.) You'd have to forklift upgrade a large portion of your stuff to work with 64-bit - you have to rewrite a fair bit of your driver core to handle the larger memory address size, something that hasn't had to have been done since Windows 95 came out!
P.P.S. - The 4 GB per-process virtual address space is not completely true in Windows - you can only access 2 GB of it, with the other 2 GB of address space reserved by the operating system. IIRC, you can change it to have 3 GB available to the process, but MS does not guarantee that all third-party DLLs will work properly.
Pshaw - one of our hosting customers makes a nice living doing that for small businesses. He kicks the CMS-based stuff and any coding work over to us - it's a great deal most of the time.
For brochure-type sites that are going to be updated maybe twice a year, straight HTML is cheaper, and you can have a designer do all the work. No need for a code monkey.
Hey - it's better than most out there. Plus, you don't have to throw out the green screens...
I'd have to agree - I just got done porting our mailsystem from the One Big Box(TM) to a more flexible set of 1U's - and Postfix Admin (with MySQL replication) works just as well managing our multiple-MX, separate-mailstore system as it did the previous monolithic box. It's simple to modify (some of the cleanest PHP code I've seen in some time), and not too confusing for our clients, who can manage their own mail and reset their own passwords. Makes for a lot less in the way of service calls.
I've messed with sendmail, exim4, postfix, and a little with Exchange, and I'll say that Postfix has made the effort I spent in learning its ways worth it. I'd hate to try to set up one of our current projects - a spam-filtering front end for an Exchange server, with LDAP lookups, greylisting, RBLs, the whole bit - on anything other than Postfix.
I get a goofy grin every time I go to the Museum of American History in Washington, DC and see the truly impressive collection of gear they've got.
Makes me want to spend some time in the not-displayed area, and see what they've got (MX missile control panels? Russian analog pneumatic computers? The mind boggles).
Heh - I'd port the stuff to Xen, or make sure it plays nice with VMWare. SCO's stuff is legacy, and definitely not being used for much new software. On the other hand, there are a lot of small to medium sized businesses that can't afford to port their data to new software, so there will be a need for at least some presence of SCO (or a successor) for a long time.
:)
Wonder if it'll run in qemu
Maybe he'll finally get the I-love-me jacket he's needed for so long.
Wireless networking is still a pain in the arse to get working - the drivers behave differently, each card has its own behaviour, etc.
Stabilizing and standardizing the wireless stack, kernel- and user-space, would make the life of those who use laptops suck a lot less.
I've seen root's .bash_history symlinked to /dev/null used on a couple of incidents - at least the date of the symlink creation can be used to tell you exactly how long they've been there...
OTOH, I have a hardened Slackware box running as a syslog server, and this is what is running:
It also has a firewall set up on both the local machine and the router to block access to those ports that are open to just those IPs that need to get to it.I don't use Bastille - I'll read through it, and decide what of its recommendations I need to implement, but I don't blindly follow anyone's advice about security.
P. S. - sorry about the formatting - it would be nice to have the <pre> tag available...
I'm working for a company that had Slackware as its primary server OS. Until I showed how much time it took to operate and maintain.
Slackware is great for many things - single-purpose machines, getting that old P1 running, etc. It has a few major flaws that make it unusable in businessland:
1: too #$%) hard for a new admin. It requires a lot of arcane skills to get set up properly - skills that don't come cheap, and are hard to find in the marketplace.
2: No dependency management. Debian- and RH-based distros have had dependency tracking for ages, and the capabilities of up2date, yum, and apt-get are far in advance of what you can do with any slackware package management system. Plus, there is literally nothing in Slackware that matches RHN.
3: Proprietary software. Although with enough hacking, you can get a lot of it to run on Slack, the provider will not give you any support. And without that, you're hosed. We've ended up using RHEL on a Websense box because they would not recognize a bug that showed up in CentOS. You know what? The bug went away on RHEL.
Given all that, I still like Slackware as a Swiss Army knife-type distro that I can use for things where I don't have to maintain it too much. It runs on just about anything, and can be slimmed down far further than any other distro. I just can't justify businesswise the amount of labor it takes to maintain, when we are short on skilled *nix admins anyway.