Unlike you, I'm totally at ease working with root privileges
You have no idea what you're talking about - I started poking around in root on Ultrix in 1990.
Having an active root account and giving it out for general system maintenance creates more problems than it solves, where sudo is a much more elegent solution.
1) There is no fine grained control with root. Everyone who needs to do anything privileged using root gets access to everything. I hope you can trust your operators to stick to doing what they're meant to do. Use sudo and you can give them a limited subset of commands. Make the commands very explicit (wrap them in a menu) and you can even take away the need to enter a password if you want - preventing the need to create SUID enabled wrapper executables with all the security issues they bring.
2) Using sudo leaves behind a nice audit trail in/var/log/secure, unless invoked with the -s shell flag.
3) Not giving root to administrators and forcing them to use their own accounts with sudo means that I can track any root shell back to any user at any time. If they all login as root then I don't know who is who and have to chase them back through their session IP addresses.
4) When I change the root account passwords on the production systems every couple of months, I just have to update one list, which is stored in a sealed envelope in the secretary's locked filing cabinet. I don't have to print out multiple copies of the list and hand it round the office, to be stashed in people's wallets, draws, bags or even lost! Much safer for my systems, much less hassle for them.
5) If I need to give temporary priviledged access to a contractor or vendor consultant then I just sudo enable their account for the duration withouthaving to change the root password to something temporary and update a pissed off team who are still trying to remember what I set it to last week!
Do you get the picture yet? In the real world, liberal use of the root password by many people in an IT team is a pain in the ass for everyone. sudo was created for a reason - it solves a lot of problems.
I agree with you. This is going to be the perfect solution for a lot of people. Hell, I fired up my desktop about 4 hours ago and I've not even left the browser yet.
the artificial restrictions on root (hey - it's MY computer, not yours)
What the hell are you talking about. This isn't windows, you don't have to and shouldn't be using the root account for day to day activities, but when you need it "sudo -s" gets you a nice little root shell and off you go. And if you really really want to login as root, it takes seconds to turn that on. Not having root enabled by default encourages people to use standard accounts and that's a good thing. If you don't like it, stop whining and change it to work the way you want to.
That's not justification enough for pissing off your users who have to work with multiple linux distributions. An update is something you do very infrequently, and yum not that slow that shaving a few minutes off an update is going to make a snot of difference. The important thing is whether or not it works, resolves dependencies properly and preserves changes you've made to local config files. And yum does the job very well.
Zypper to me is a "political" move, not a technical one, and it's not going to win them any friends in industry.
I've seen it take a crap a few times, but that's probably due to RPM
Um, but SuSE are still using RPM underneath zypper, so how is that a better situation exactly?
I should clarify that NFS statement. Was thinking about when I do a yum localupdate... of cause you don't need NFS to install/update from a local repo.
And you've tried zypper and it's faster? And what does quad-core have to do with anything? yum isn't multi-threaded. I have a bunch of HP Proliants at work with 2.13GHz CPUs, also with RAID and yum whizzes along quite nicely from a local repo server over NFS.
I used to have this problem too, but switching to Mac OS X myself and becoming a it of an evangelist I found that if I could get my friends to switch, my "support call" requests just dried up. I think I've even lost a pair of "friends" who used to call me at least twice a year for an invitation to "dinner" which usually involved an evening of trying to unpick the mess their XP install had got into. I switched them 3 years ago, gave them some starter instruction to get them going and haven't had a call from them since.
Zypper *groan*.. what the hell was wrong with yum? It pisses me off that if I am ever called on to work on a SuSE system that I can't use the knowledge and experience I have with yum and have to learn yet another fucking package manager. If they had a problem with Yum, why not just work closer with Redhat to improve it and keep the development effort/cost down for everyone. They obviously haven't learned from Unix history: that trying to be a "better" unix than everyone else by being different doesn't win you more market share, it just makes you a niche player. Commercial unix vendors fell into this trap years ago and look where it got them !
A Sun employee in another forum stated that MySQL only generates $300m in revenue (not profit). That's chump change for Oracle. They stand to loose a lot more than that if MySQL Cluster deployments grow and take a nice bite out of their RAC revenue. MySQL Clusters are attractive because of their very low cost compared to RAC. No massive licensing fees, and no expensive SAN infrastructure underneath to provide the shared storage that RAC requires.
That's my take on this too. With MySQL Clustering you can start small and cheap, then scale out later to levels of performance (and resilience) that leave Oracle RAC in the dust. Use a consistent hashing algorithm on the app server tier that includes node weighting and you can happily mix DB servers with different performance characteristics, making good use of more powerful servers as they're released. Oracle strongly recommend that all nodes in a RAC cluster look and function the same which is a bit restricting unless you replace all of them in one go.
With proper packaging and marketing MySQL Cluster could do a lot more damage to Oracle's bottom line than it does today. Of cause if Oracle buy Sun with MySQL included then they can ring fence the trademark; those customers who will only run MySQL if they can buy support, and use their development influence to ward off any threat to their own database products.
I shoved some numbers in, making it quite dense with the recommended average velocity for an asteroid, impact angle etc and got the following results:
Your Inputs:
Distance from Impact: 1.00 km = 0.62 miles Projectile Diameter: 7.00 m = 22.96 ft = 0.00 miles Projectile Density: 3000 kg/m3 Impact Velocity: 17.00 km/s = 10.56 miles/s Impact Angle: 45 degrees Target Density: 2500 kg/m3 Target Type: Sedimentary Rock
Energy:
Energy before atmospheric entry: 7.79 x 1013 Joules = 0.19 x 10^-1 MegaTons TNT The average interval between impacts of this size somewhere on Earth is 5.1 years
Atmospheric Entry:
The projectile begins to breakup at an altitude of 54000 meters = 177000 ft The projectile bursts into a cloud of fragments at an altitude of 34300 meters = 113000 ft The residual velocity of the projectile fragments after the burst is 13.7 km/s = 8.49 miles/s The energy of the airburst is 2.75 x 1013 Joules = 0.66 x 10^-2 MegaTons. No crater is formed, although large fragments may strike the surface.
Major Global Changes:
The Earth is not strongly disturbed by the impact and loses negligible mass. The impact does not make a noticeable change in the Earth's rotation period or the tilt of its axis. The impact does not shift the Earth's orbit noticeably.
First thing I noticed was it didn't like the way I'd set up menu.lst. I have two disks mirrored with MD raid so I have 4 OS definitions per kernel - two for each disk (one multiuser, one single user). I don't trust Ubuntu to just update or replace, as it always wants to use root="UUID number" which is a pain in the ass if you ever restore from backup as that always changes with a new filesystem, so I just stick with - in my case - root=/dev/md2. I tried the experimental option to merge the old and new files - which didn't work, so I had to let it carry on with the upgrade while fixing it up in the background.
Next thing I hit was more of a problem. It balked doing a post install configure on eBox. The process went zombie and the upgrade just froze. I had to kill the parent python process to get dpkg to carry on with the rest of it, but discovered that at the end of the install and configure phase, dpkg had remembered the return errno from killing that child process and it decided to act on that by aborting the upgrade at that point - before the clean up phase. So the system is in an indeterminate state.
I rebooted, and it came up ok, but I then found I had three problems:
Compiz was broken again. It broke when I went from 8.10 to 9.04 and I had to downgrade the xserver, etc to get it working. I'm pretty sure the Intel chipset problems are fixed, it's just a configuration somewhere. Haven't had time to look for it.
About half the desktop menu items don't have icons for them any more
Default system sound is set to 100% so if I have the speakers turned on when I login they can hear it at the end of the street. Adjusting the slider makes no difference.
I ran out of time to play around with it so had to leave it like that. I think when I eventually get home again I'll just install from scratch and restore what I need to from backup. I can't really complain - after all it's not as if I've paid anything for it.
Perhaps if they were a software company, they'd do what Microsoft does and distinguish between upgrades and full installs
People have been asking them to do this for years. They don't show any signs of changing.
I don't know about that. Mac users love spending money, don't they? They're already paying $2500 or more for a desktop tower because of the gaping hole in Apple's lineup. If they could get a tower that met their needs for $1000 instead, that would leave $1500 to spend on software.
Mac users are no different from anyone else and don't like spending more money than they have to. People buy from Apple because they perceive they're getting a quality product and a better user experience. For that they're prepared to pay a bit more. That doesn't make them careless with money.
Why do you say that? People already happily pay those high margins to own a Mac
You think so huh. It's not just the up front purchase price of OS X but the cost of the major version upgrades. Apple have offered Snow Leopard at $29 this time round, but the usual cost is $128. There is always a steady thrum of discontent and complaining in the Mac community around upgrade time - except for this last one - because Apple don't differentiate between an upgrade and a fresh install, it's just one fixed price. Now imagine if that were 3-5 times more expensive with one major upgrade/year. Over a typical 5 year life cycle for your average Mac - with 4 successive OS X upgrades - that would be $1536-$2560 extra cost. I promise you that there would be uproar. Apple would be force to back down or loose a lot of customers.
Apple are not going to license out OS X to OEMs again. There isn't a business case to support it.
They make a tidy profit on the hardware component of each Mac they sell. To compensate for that loss of revenue they would have to set a very high OEM price: maybe 3-5 times. They couldn't do that for the OS X retail version, there would be a riot. And there's no way they could get away with forcing OEMs to pay higher prices than they could buy over the counter. You see, the whole thing collapses in on itself.
The point you're missing is that Apple don't want to sell OS X to you on cheap little machines. They target the lower volume, higher end of the market because they know that they can make strong profit doing this: and providing they innovate often, build well and market well, they can attract the customers they're interested in. If you can't afford to be in their club, they would rather you went somewhere else. It's working very well for them too. While everyone else is tightening their belts to ride out the recession, Apple just posted their best quarter results in the company's entire history.
I'll conceded on Ubuntu, because that's been my experience too. But I've never had a problem with Redhat and CentOS and I've done upgrades from RHEL 4 to 5 in the past, and more recently from 5.1 through to 5.3 without issues.
The problem with random / gibberish passwords is that 99.9% of users can't remember them, so end up writing them down on a scrap of paper and keeping them in their desk, diary, notebook, etc. That's assuming your users don't revolt and string you up from the nearest tree first.
And what would a Mac tablet be than just a larger iPod Touch?
I guess that depends on whether it runs mobile OSX or a tweaked full version, can see advantages to both.
I can see why you were disappointed, you're really looking forward to this. Well I don't believe there's smoke without fire in this case and I'm sure they will release one at some point. But you're just gonna have to be patient. Just like with the iPhone, they will only release it when its ready.
But this gathering was billed as an Apple Music event (and all things in that sphere). Mac's, Tablets and Netbooks were never on the agenda. You've been listening to too many rabid pundits blurting out any old crap to up their page hits.
You should check the specs before shooting from the hip. The new iPod Nano vid camera has a 640x480 resolution @ 30fps with 8GB memory and costs $149. The Flip Ultra also has a 640x480 resolution @ 30fps but only 4GB memory and also costs $149. The Flip HD versions cost $199.
1000 identifications? That does not mean they were guilty. And only 5.000+ processed? That means that they are highly ineffective
It means exactly what it says: that since they changed the way they process image data, and got smarter with it, that of the 5000 images of people processed so far they have identified 1 in 5 of them. That's a pretty good hit rate. Ineffective my ass!
And of that 'estimate' how many would have been caught without the camera's anyway?
The article doesn't mention anything about ongoing investigations using that data. Feel free to drift off into fantasy land and speculate all you like though.
If a cop was standing there, no crime would have been committed
So you would trade one situation where cameras are everywhere, for another where Police are everywhere watching everything you do. Sounds like you're proposing a Police State by another means.
Houghi, this article was about the ineffectiveness of how Police have been processing image data in the past and what they're trying to do to improve on that. Nothing more, nothing less.
Way to go SpuriousLogic. You take today's top prize for selectively snipping text from a news article to spin a point you want to push. This was actually an article about how ineffective the current use of CCTV image data has been, with an emotive tag line to snag the eyeballs. The article concludes by saying:
"The Metropolitan Police has been extraordinarily slow to act to deal with the ineffectiveness of CCTV." Nationwide, the government has spent £500m on CCTV cameras. But Det Sup Michael Michael McNally, who commissioned the report, conceded more needed to be done to make the most of the investment. He said: "CCTV, we recognise, is a really important part of investigation and prevention of crime, so how we retrieve that from the individual CCTV pods is really quite important. "There are some concerns, and that's why we have a number of projects on-going at the moment." Among those projects is a pilot scheme by the Met to improve the way CCTV images are used. A spokesman for the Met said: "We estimate more than 70% of murder investigations have been solved with the help of CCTV retrievals and most serious crime investigations have a CCTV investigation strategy." Officers from 11 boroughs have formed a new unit which collects and labels footage centrally before distributing them across the force and media. It has led to more than 1,000 identifications out of 5,260 images processed so far.
Quite different from the spin on this slashdot story huh. But then you knew that didn't you, and you knew the much of the Slashdot crowd would just lap it up.
I know what you mean. Since the introduction of chip 'n pin credit cards I don't even have to sign my name any more. In fact there are only two reasons I ever pick up a pen now. 1) To write a birthday/xmas/greeting card for someone and I really have to concentrate to make sure its legible. 2) If I go to a seminar and want to scratch a few memory joggers in a notebook. Typically you have to write quickly when doing that, and it looks atrocious. I don't think I'm too bad with my spelling though.
The last time I tried writing properly I got as far as half a side of A4 and my hand was killing me !
Take that one step further and make that encrypted volume a loopback mounted file inside a virtual machine. Have a command quick to hand to unmount and zap that file, then shutdown and destroy the VM volume as well. There's no point in asking for your encryption keys if they can't find an encrypted file in the first place.
Slashdot Mirror
You have no idea what you're talking about - I started poking around in root on Ultrix in 1990.
Having an active root account and giving it out for general system maintenance creates more problems than it solves, where sudo is a much more elegent solution.
1) There is no fine grained control with root. Everyone who needs to do anything privileged using root gets access to everything. I hope you can trust your operators to stick to doing what they're meant to do. Use sudo and you can give them a limited subset of commands. Make the commands very explicit (wrap them in a menu) and you can even take away the need to enter a password if you want - preventing the need to create SUID enabled wrapper executables with all the security issues they bring.
2) Using sudo leaves behind a nice audit trail in /var/log/secure, unless invoked with the -s shell flag.
3) Not giving root to administrators and forcing them to use their own accounts with sudo means that I can track any root shell back to any user at any time. If they all login as root then I don't know who is who and have to chase them back through their session IP addresses.
4) When I change the root account passwords on the production systems every couple of months, I just have to update one list, which is stored in a sealed envelope in the secretary's locked filing cabinet. I don't have to print out multiple copies of the list and hand it round the office, to be stashed in people's wallets, draws, bags or even lost! Much safer for my systems, much less hassle for them.
5) If I need to give temporary priviledged access to a contractor or vendor consultant then I just sudo enable their account for the duration withouthaving to change the root password to something temporary and update a pissed off team who are still trying to remember what I set it to last week!
Do you get the picture yet? In the real world, liberal use of the root password by many people in an IT team is a pain in the ass for everyone. sudo was created for a reason - it solves a lot of problems.
I agree with you. This is going to be the perfect solution for a lot of people. Hell, I fired up my desktop about 4 hours ago and I've not even left the browser yet.
What the hell are you talking about. This isn't windows, you don't have to and shouldn't be using the root account for day to day activities, but when you need it "sudo -s" gets you a nice little root shell and off you go. And if you really really want to login as root, it takes seconds to turn that on. Not having root enabled by default encourages people to use standard accounts and that's a good thing. If you don't like it, stop whining and change it to work the way you want to.
That's not justification enough for pissing off your users who have to work with multiple linux distributions. An update is something you do very infrequently, and yum not that slow that shaving a few minutes off an update is going to make a snot of difference. The important thing is whether or not it works, resolves dependencies properly and preserves changes you've made to local config files. And yum does the job very well.
Zypper to me is a "political" move, not a technical one, and it's not going to win them any friends in industry.
Um, but SuSE are still using RPM underneath zypper, so how is that a better situation exactly?
I should clarify that NFS statement. Was thinking about when I do a yum localupdate ... of cause you don't need NFS to install/update from a local repo.
And you've tried zypper and it's faster? And what does quad-core have to do with anything? yum isn't multi-threaded. I have a bunch of HP Proliants at work with 2.13GHz CPUs, also with RAID and yum whizzes along quite nicely from a local repo server over NFS.
I used to have this problem too, but switching to Mac OS X myself and becoming a it of an evangelist I found that if I could get my friends to switch, my "support call" requests just dried up. I think I've even lost a pair of "friends" who used to call me at least twice a year for an invitation to "dinner" which usually involved an evening of trying to unpick the mess their XP install had got into. I switched them 3 years ago, gave them some starter instruction to get them going and haven't had a call from them since.
Zypper *groan* .. what the hell was wrong with yum? It pisses me off that if I am ever called on to work on a SuSE system that I can't use the knowledge and experience I have with yum and have to learn yet another fucking package manager. If they had a problem with Yum, why not just work closer with Redhat to improve it and keep the development effort/cost down for everyone. They obviously haven't learned from Unix history: that trying to be a "better" unix than everyone else by being different doesn't win you more market share, it just makes you a niche player. Commercial unix vendors fell into this trap years ago and look where it got them !
A Sun employee in another forum stated that MySQL only generates $300m in revenue (not profit). That's chump change for Oracle. They stand to loose a lot more than that if MySQL Cluster deployments grow and take a nice bite out of their RAC revenue. MySQL Clusters are attractive because of their very low cost compared to RAC. No massive licensing fees, and no expensive SAN infrastructure underneath to provide the shared storage that RAC requires.
That's my take on this too. With MySQL Clustering you can start small and cheap, then scale out later to levels of performance (and resilience) that leave Oracle RAC in the dust. Use a consistent hashing algorithm on the app server tier that includes node weighting and you can happily mix DB servers with different performance characteristics, making good use of more powerful servers as they're released. Oracle strongly recommend that all nodes in a RAC cluster look and function the same which is a bit restricting unless you replace all of them in one go.
With proper packaging and marketing MySQL Cluster could do a lot more damage to Oracle's bottom line than it does today. Of cause if Oracle buy Sun with MySQL included then they can ring fence the trademark; those customers who will only run MySQL if they can buy support, and use their development influence to ward off any threat to their own database products.
I shoved some numbers in, making it quite dense with the recommended average velocity for an asteroid, impact angle etc and got the following results:
Your Inputs:
Distance from Impact: 1.00 km = 0.62 miles
Projectile Diameter: 7.00 m = 22.96 ft = 0.00 miles
Projectile Density: 3000 kg/m3
Impact Velocity: 17.00 km/s = 10.56 miles/s
Impact Angle: 45 degrees
Target Density: 2500 kg/m3
Target Type: Sedimentary Rock
Energy:
Energy before atmospheric entry: 7.79 x 1013 Joules = 0.19 x 10^-1 MegaTons TNT
The average interval between impacts of this size somewhere on Earth is 5.1 years
Atmospheric Entry:
The projectile begins to breakup at an altitude of 54000 meters = 177000 ft
The projectile bursts into a cloud of fragments at an altitude of 34300 meters = 113000 ft
The residual velocity of the projectile fragments after the burst is 13.7 km/s = 8.49 miles/s
The energy of the airburst is 2.75 x 1013 Joules = 0.66 x 10^-2 MegaTons.
No crater is formed, although large fragments may strike the surface.
Major Global Changes:
The Earth is not strongly disturbed by the impact and loses negligible mass.
The impact does not make a noticeable change in the Earth's rotation period or the tilt of its axis.
The impact does not shift the Earth's orbit noticeably.
First thing I noticed was it didn't like the way I'd set up menu.lst. I have two disks mirrored with MD raid so I have 4 OS definitions per kernel - two for each disk (one multiuser, one single user). I don't trust Ubuntu to just update or replace, as it always wants to use root="UUID number" which is a pain in the ass if you ever restore from backup as that always changes with a new filesystem, so I just stick with - in my case - root=/dev/md2. I tried the experimental option to merge the old and new files - which didn't work, so I had to let it carry on with the upgrade while fixing it up in the background.
Next thing I hit was more of a problem. It balked doing a post install configure on eBox. The process went zombie and the upgrade just froze. I had to kill the parent python process to get dpkg to carry on with the rest of it, but discovered that at the end of the install and configure phase, dpkg had remembered the return errno from killing that child process and it decided to act on that by aborting the upgrade at that point - before the clean up phase. So the system is in an indeterminate state.
I rebooted, and it came up ok, but I then found I had three problems:
I ran out of time to play around with it so had to leave it like that. I think when I eventually get home again I'll just install from scratch and restore what I need to from backup. I can't really complain - after all it's not as if I've paid anything for it.
People have been asking them to do this for years. They don't show any signs of changing.
Mac users are no different from anyone else and don't like spending more money than they have to. People buy from Apple because they perceive they're getting a quality product and a better user experience. For that they're prepared to pay a bit more. That doesn't make them careless with money.
You think so huh. It's not just the up front purchase price of OS X but the cost of the major version upgrades. Apple have offered Snow Leopard at $29 this time round, but the usual cost is $128. There is always a steady thrum of discontent and complaining in the Mac community around upgrade time - except for this last one - because Apple don't differentiate between an upgrade and a fresh install, it's just one fixed price. Now imagine if that were 3-5 times more expensive with one major upgrade/year. Over a typical 5 year life cycle for your average Mac - with 4 successive OS X upgrades - that would be $1536-$2560 extra cost. I promise you that there would be uproar. Apple would be force to back down or loose a lot of customers.
Apple are not going to license out OS X to OEMs again. There isn't a business case to support it.
They make a tidy profit on the hardware component of each Mac they sell. To compensate for that loss of revenue they would have to set a very high OEM price: maybe 3-5 times. They couldn't do that for the OS X retail version, there would be a riot. And there's no way they could get away with forcing OEMs to pay higher prices than they could buy over the counter. You see, the whole thing collapses in on itself.
The point you're missing is that Apple don't want to sell OS X to you on cheap little machines. They target the lower volume, higher end of the market because they know that they can make strong profit doing this: and providing they innovate often, build well and market well, they can attract the customers they're interested in. If you can't afford to be in their club, they would rather you went somewhere else. It's working very well for them too. While everyone else is tightening their belts to ride out the recession, Apple just posted their best quarter results in the company's entire history.
Examples please, or are you just spreading FUD?
I'll conceded on Ubuntu, because that's been my experience too. But I've never had a problem with Redhat and CentOS and I've done upgrades from RHEL 4 to 5 in the past, and more recently from 5.1 through to 5.3 without issues.
The problem with random / gibberish passwords is that 99.9% of users can't remember them, so end up writing them down on a scrap of paper and keeping them in their desk, diary, notebook, etc. That's assuming your users don't revolt and string you up from the nearest tree first.
And what would a Mac tablet be than just a larger iPod Touch?
I guess that depends on whether it runs mobile OSX or a tweaked full version, can see advantages to both.
I can see why you were disappointed, you're really looking forward to this. Well I don't believe there's smoke without fire in this case and I'm sure they will release one at some point. But you're just gonna have to be patient. Just like with the iPhone, they will only release it when its ready.
But this gathering was billed as an Apple Music event (and all things in that sphere). Mac's, Tablets and Netbooks were never on the agenda. You've been listening to too many rabid pundits blurting out any old crap to up their page hits.
You should check the specs before shooting from the hip. The new iPod Nano vid camera has a 640x480 resolution @ 30fps with 8GB memory and costs $149. The Flip Ultra also has a 640x480 resolution @ 30fps but only 4GB memory and also costs $149. The Flip HD versions cost $199.
It means exactly what it says: that since they changed the way they process image data, and got smarter with it, that of the 5000 images of people processed so far they have identified 1 in 5 of them. That's a pretty good hit rate. Ineffective my ass!
The article doesn't mention anything about ongoing investigations using that data. Feel free to drift off into fantasy land and speculate all you like though.
So you would trade one situation where cameras are everywhere, for another where Police are everywhere watching everything you do. Sounds like you're proposing a Police State by another means.
Houghi, this article was about the ineffectiveness of how Police have been processing image data in the past and what they're trying to do to improve on that. Nothing more, nothing less.
Way to go SpuriousLogic. You take today's top prize for selectively snipping text from a news article to spin a point you want to push. This was actually an article about how ineffective the current use of CCTV image data has been, with an emotive tag line to snag the eyeballs. The article concludes by saying:
Quite different from the spin on this slashdot story huh. But then you knew that didn't you, and you knew the much of the Slashdot crowd would just lap it up.
I know what you mean. Since the introduction of chip 'n pin credit cards I don't even have to sign my name any more. In fact there are only two reasons I ever pick up a pen now. 1) To write a birthday/xmas/greeting card for someone and I really have to concentrate to make sure its legible. 2) If I go to a seminar and want to scratch a few memory joggers in a notebook. Typically you have to write quickly when doing that, and it looks atrocious. I don't think I'm too bad with my spelling though.
The last time I tried writing properly I got as far as half a side of A4 and my hand was killing me !
Take that one step further and make that encrypted volume a loopback mounted file inside a virtual machine. Have a command quick to hand to unmount and zap that file, then shutdown and destroy the VM volume as well. There's no point in asking for your encryption keys if they can't find an encrypted file in the first place.