I have an iPad, and I use mine almost every day. In the past week I've been streaming Merlin episodes off Netflix, reading Sherlock Holmes off iBooks/Kindle, I use it to check my calendar/email before going to bed. I plug a noise-canceling headset in and watch movies on it on the plane (I've had to travel a dozen times this year, so >25 flights), which is nice in coach because laptops are too bulky really (especially if the guy in front leans back). Plus it's a really convenient way to check/offline read documents, which I can drop in dropbox, sync over to the ipad without a wire, and then read (on the plane, in the hotel bed, etc). (Also, Angry Birds HD, go.)
Honestly, I called it a gimmick when it first came out. A week or two after launch, I happened to swing by an Apple store, we played with one, we decided to get it. Now we have 3 in the family (one each), and all 3 of us use it regularly.
Granted, to me, about 50% of the utility is the video - Netflix + iTunes shows/movies (I don't pirate, but I also don't pay for cable, so I supplement netflix with an occasional itunes purchase).
And that's great. His motivations laid the groundwork for the Linux we have today. But when you don't want what we wants, virtualization does a million amazing things for convenience and productivity.
Back in 1995, I did dialup support. (Mercifully briefly.)
Working for Netcom, afaik the first ISP to offer unlimited connectivity straight to the internet.
"Hi, I just bought the Internet."
"Hi, I just bought your Internet."
Were the two most common lines from customers as they began to tell me their problem. (One particular brand of modem with no UART chip was the biggest pest...)
In the grand scheme of things, I'd rather get offers for stuff I want than stuff I don't. The world is filled with crap that wants my attention, and I generally ignore all of it.
So if you can target me, then that leaves even LESS attention for spammy untargeted stuff. If the net result is that:
- having me as a customer (as the bank) is more valuable because they can sell me for more and - consequently spammy untargeted ads are less useful
I'll call that a win-win. The bank isn't getting any information about it they didn't have before. (And frankly, Groupon/Livingsocial already irritate the shit out of me with offers for facials/pedicures/tanning/teeth whitening, and other personal cosmetic garbage I don't want, and will never want.)
The comic-book shaw I remember as having exactly that power (kinetic absorption). Or am I confusing him the return-of-the-Hellfire club story line where Emma is sneaking off? (Which I think was one of the Whedon arcs)
I remember him as being more of a mutton-chop guy than a sideburns type like Bacon, but I think Bacon nails the mannerism and the look otherwise.
We had a team-wide meeting a few months ago, and 15 people pulled out their laptops.
We had 1 windows box, 1 linux laptop, and 13 Macs open up.
This isn't really an indicator that Windows is in trouble though, because I think the vast majority of the Mac users had paid the Microsoft tax to run Office in a VM.
You can get ESX free as well, and there are plenty of tools to help manage it. Both VMware and Hyper-V charge for features as you move up the stack. Maybe VMware is more expensive for the advanced features (which may be because they support doing things Hyper-V can't yet), but...
That's running on VMware ESXi+vCenter+vCloud Director, and when you consider the bundled disk and network, it's cheaper than Amazon by a lot. (ie, $345/mo for their equivalent to an AWS large instance - 4 vcpu/8gb). If you used an amazon reserved instance with a 50GB EBS volume and 3000GB of xfer, you pay more like $550. (On demand obviously being higher). And they obviously don't have the scale that Amazon does. (Granted, the margins on AWS are rumored to be somewhere between ridiculous and obscene, but still...)
That said, there are some big Xen installs. Say, Rackspace Cloud, which uses Xen. It's hardly just a hobby any more, and companies like Red Hat and Canonical are supporting the Linux OSS efforts, because enterprises are going virtualized at an obscene rate, and they need to be on board. But there's a lot more to the whole stack than the hypervisor - it's free. The features on top of that are both the revenue stream and the differentiator.
Translation: if you're a Windows shop and want to run Windows stuff, then Hyper-V is a Windows product, and therefore will suit your needs. If you need performance, features, compatibility, or a rich ecosystem of partner products, then look elsewhere? Got it.
Security != Compliance. The encryption isn't meant to stop someone who roots the box from taking the card numbers, it's there to avoid side-leakage like backups, drives from failed systems that get refurbed, etc.
And, of course, there's no way to know. Ironically, in many cases it would be far better for a site to outsource cc processing... unless they are just "cheating" at compliance. (The rules of compliance apply to everyone regardless of tier; it's only the assessment that varies.) Compliance is a costly process that requires either a great deal of knowledge and effort if done in-house. And yet, Tier 2-3 merchants may not want to outsource because they don't want to look like a small company that "can't" do it internally. So for the appearance of being bigger, they may go it alone, but not have the expertise and so put end users at risk.
I used to do development at a Tier 2 merchant, and I lost a little sleep over credit cards. I was fully compliant (without gaming the system), and even implemented systems that go way beyond what PCI requires (for example, my first rev of cc processing included tokenization). And still, I was scared of persistent threats. Even though credit card processing was isolated, data transiently passed through main web servers (over ssl, of course) on the way to be tokenized. Which would mean that it would be possible to gain access to those servers, and graft something onto that channel.
If I had to do it over again, I'd recommend at least a 3-tier system with main web processing, a secure super-stripped, super-minimalized set of web services where consumers would add card data on a DMZ, and then a dropbox server that would give out tokens. I'd build the 2 tier cc-processing servers as vms and probably destroy them once a week and do rolling redeployments off a patched gold master.
I think that'd probably start to let me sleep a little better.
Truth is, I'm way more concerned with identity security than credit cards. It's pretty trivial to get fraudulent charges reversed and get new credit cards. Try getting your credit history fixed and get a new SSN/taxpayer id. And there's no PCI handling for SSNs.
PCI is one of the most defined and effective standards I've ever seen. Compare that to other standards some companies tout like ISO27001 or SAS70, which are absolutely toothless. (Because they assess only what you SAY that access, as they are standards for evaluating your declared controls.)
PCI varies a lot depending on what tier the merchant is. If they are Tier 2 - Tier 4, the assessment is really only as good as their self-assessment/scan. The scan can be gamed simply by giving out a host or two which is properly locked down, and using that certificate. Tier 1 merchants (6 million+ transactions/year) have to undergo an audit with a certified assessor. I guess PSN doesn't do that many transactions per year? If the assessor does a bad job they will lose their certification.
Also, if Sony lied about the state of their compliance, then they are exposed to enormous amounts of liability.
I haven't had TV for years. At first, I just switched to an antenna, because I could get major networks in HD, and I felt like cable was making the whole family waste time. (My wife especially, who watched a lot of crappy reality TV, ala Flip That House or the show about little girls in pageants. And now she agrees it was a great thing to do)
So I mostly just didn't watch TV and didn't miss it. I caught heroes on the HD Antenna, which was like $35. Worked great.
Lately, I just pick up things I want on iTunes. Plus you can rip your DVDs (and if you're willing to pay money and break the law, Blu-rays). So a SAN full of your movies on speed dial via appleTV or such is pretty fun.
And then there's Netflix which you can stream from anything from the iPad to a computer.
I think that's just the intro price. I punched in a friend's manhattan zip code, and it offers it for $5.85/week for 8 weeks, but then it almost doubles.
I care. I don't want the government to have any excuses to selectively enforce bad laws. Bad laws should be removed, not simply scoffed at and ignored.
I have no idea how fb works because it's an abomination and I avoid it as much as possible, but - having coded sites and auth schemes from scratch (after 5 years in network security), I can say: it's a poor site that allows an http:/// cookie to perform a delete when they use https:/// for a login.
Generally, if there's a need to have some high-security functions but some low security interactions, you take the login over https:/// then set TWO cookies; one of them with the "ssl-only" flag set; browsers will only send that when returning to the site over an SSL connection. Then you restrict certain types of page views (which would include modifying your account) to https:/// pages. (And I don't tend to look too closely, but I assume this is what other sites are doing when they are saying, "Welcome back Matt...", and then asking for me to confirm my password anyhow and sending me back to SSL for things like a password change.
Creating a separate shell company to run your distribution center so you can claim your parent company does haven't Nexus is bullshit. Who wants to track their purchases to know what to file? What a pain in the ass.
Sales tax is just a shitty concept on a state-by-state level.
It's not at all different. I'm a prime candidate for ebooks - many devices, love digital, plenty of disposable income, love to read...
And I'm collecting paper books. In all the time you could only buy DRM music, I only acquired a handful of songs, sticking mostly with CDs - or more often - just boycotted. (Make it hard to buy, I won't buy.)
But I don't like seeing Apple use their customers as weapons.
Apple is presenting Amazon with a choice: either allow people to buy books in app, via Apple, and basically give apple the profit from those books, but keep the profit from people who buy through your site -- or remove the app, and lose ipad-only kindle buyers.
I hope Amazon calls their bluff, frankly. I expect it will provoke a class-action suit against Apple if they follow through with the threat.
When I buy a computer it is with the intent that I can load on it what I want to load on it -- not what Apple thinks I should be able to load on it.
Amazon locked themselves into this. They have a DRM that requires a custom app to read. If they sold PDFs or some other open book, then Apple couldn't do anything about it, because to stop Amazon from selling around them, they'd have to cut ever open-format reader from the app store, doing a huge amount of collateral damage to other developers and consumers. Amazon's DRM allows Apple to cut off just Amazon.
Point being - when you buy a kindle book, you can only read it on a kindle reader.
My first reaction to this story was to seethe at Apple too, but Amazon doesn't have clean hands. (And neither do the Publishers.)
Back in the 90s, we built a bunch of systems for managing firewalls (in particular, Checkpoint firewalls) out of shell scripts. We had commands to check in and check out policies, archive them, pull up customer contact and ip address data, do backups, etc, all from the shell. Years after we did it, Checkpoint released an "Enterprise Security Console" or some such, which cost $25k and was still not as good as our shell scripts.
We wrote shell scripts that provided full failover functionality, right down to using echo commands to send commands out the serial port to kill the primary firewall's power if we were forcing a hard failover. Again, we evaluated many failover solutions with complicated code for heartbeats and other things, and in the end, we could do a better job with shell scripts.
It's not a "shell script", but if you've seen the original facebook code, it was obviously very hacked together. Not badly, per se, but it also doesn't have the flavor of an enterprise architecture; it has the flavor of something cobbled together and then repeatedly iterated against.
To me, it seems like application architecture is more important than the code - you can always redo something, but when you have a framework of interdependent components, it can be very hard to change that in its entirety. An example of this dilemma being UI vs API - some people choose to build their API first and then build their UI on top of it. Other choose to build their UI and then build the API to have parity. The former, in my experience, leads to a much, much more effective, robust, and complete API; the latter risks an API which is an afterthought and his poor coverage against UI functionality. (And if you expect your API to matter a lot to your product/service, this is a very big deal.)
Slashdot Mirror
How is VMware like mainframes? They were a hardware platform that became cumbersome to maintain for legacy software when the world moved on.
VMware is a software platform that is designed to make other software platform-independent.
I have an iPad, and I use mine almost every day. In the past week I've been streaming Merlin episodes off Netflix, reading Sherlock Holmes off iBooks/Kindle, I use it to check my calendar/email before going to bed. I plug a noise-canceling headset in and watch movies on it on the plane (I've had to travel a dozen times this year, so >25 flights), which is nice in coach because laptops are too bulky really (especially if the guy in front leans back). Plus it's a really convenient way to check/offline read documents, which I can drop in dropbox, sync over to the ipad without a wire, and then read (on the plane, in the hotel bed, etc). (Also, Angry Birds HD, go.)
Honestly, I called it a gimmick when it first came out. A week or two after launch, I happened to swing by an Apple store, we played with one, we decided to get it. Now we have 3 in the family (one each), and all 3 of us use it regularly.
Granted, to me, about 50% of the utility is the video - Netflix + iTunes shows/movies (I don't pirate, but I also don't pay for cable, so I supplement netflix with an occasional itunes purchase).
And that's great. His motivations laid the groundwork for the Linux we have today. But when you don't want what we wants, virtualization does a million amazing things for convenience and productivity.
Back in 1995, I did dialup support. (Mercifully briefly.)
Working for Netcom, afaik the first ISP to offer unlimited connectivity straight to the internet.
"Hi, I just bought the Internet."
"Hi, I just bought your Internet."
Were the two most common lines from customers as they began to tell me their problem. (One particular brand of modem with no UART chip was the biggest pest...)
In the grand scheme of things, I'd rather get offers for stuff I want than stuff I don't. The world is filled with crap that wants my attention, and I generally ignore all of it.
So if you can target me, then that leaves even LESS attention for spammy untargeted stuff. If the net result is that:
- having me as a customer (as the bank) is more valuable because they can sell me for more and
- consequently spammy untargeted ads are less useful
I'll call that a win-win. The bank isn't getting any information about it they didn't have before. (And frankly, Groupon/Livingsocial already irritate the shit out of me with offers for facials/pedicures/tanning/teeth whitening, and other personal cosmetic garbage I don't want, and will never want.)
Spiderman 3 was nowhere near as bad as Highlander II. Spiderman 3 was disappointing, disjointed... Highlander II was *epically* bad. Like Plan 9 bad.
The comic-book shaw I remember as having exactly that power (kinetic absorption). Or am I confusing him the return-of-the-Hellfire club story line where Emma is sneaking off? (Which I think was one of the Whedon arcs)
I remember him as being more of a mutton-chop guy than a sideburns type like Bacon, but I think Bacon nails the mannerism and the look otherwise.
I quite liked it. Rivals the original (#1) as my favorite. Would definitely see a sequel.
The people who sit in meetings = the workers in the lunchroom, where I am. Welcome to a software company.
We had a team-wide meeting a few months ago, and 15 people pulled out their laptops.
We had 1 windows box, 1 linux laptop, and 13 Macs open up.
This isn't really an indicator that Windows is in trouble though, because I think the vast majority of the Mac users had paid the Microsoft tax to run Office in a VM.
You can get ESX free as well, and there are plenty of tools to help manage it. Both VMware and Hyper-V charge for features as you move up the stack. Maybe VMware is more expensive for the advanced features (which may be because they support doing things Hyper-V can't yet), but...
Well, look at this: http://virtacore.com/vcloud_pricing.cfm
That's running on VMware ESXi+vCenter+vCloud Director, and when you consider the bundled disk and network, it's cheaper than Amazon by a lot. (ie, $345/mo for their equivalent to an AWS large instance - 4 vcpu/8gb). If you used an amazon reserved instance with a 50GB EBS volume and 3000GB of xfer, you pay more like $550. (On demand obviously being higher). And they obviously don't have the scale that Amazon does. (Granted, the margins on AWS are rumored to be somewhere between ridiculous and obscene, but still...)
That said, there are some big Xen installs. Say, Rackspace Cloud, which uses Xen. It's hardly just a hobby any more, and companies like Red Hat and Canonical are supporting the Linux OSS efforts, because enterprises are going virtualized at an obscene rate, and they need to be on board. But there's a lot more to the whole stack than the hypervisor - it's free. The features on top of that are both the revenue stream and the differentiator.
Translation: if you're a Windows shop and want to run Windows stuff, then Hyper-V is a Windows product, and therefore will suit your needs. If you need performance, features, compatibility, or a rich ecosystem of partner products, then look elsewhere? Got it.
Security != Compliance. The encryption isn't meant to stop someone who roots the box from taking the card numbers, it's there to avoid side-leakage like backups, drives from failed systems that get refurbed, etc.
And, of course, there's no way to know. Ironically, in many cases it would be far better for a site to outsource cc processing... unless they are just "cheating" at compliance. (The rules of compliance apply to everyone regardless of tier; it's only the assessment that varies.) Compliance is a costly process that requires either a great deal of knowledge and effort if done in-house. And yet, Tier 2-3 merchants may not want to outsource because they don't want to look like a small company that "can't" do it internally. So for the appearance of being bigger, they may go it alone, but not have the expertise and so put end users at risk.
I used to do development at a Tier 2 merchant, and I lost a little sleep over credit cards. I was fully compliant (without gaming the system), and even implemented systems that go way beyond what PCI requires (for example, my first rev of cc processing included tokenization). And still, I was scared of persistent threats. Even though credit card processing was isolated, data transiently passed through main web servers (over ssl, of course) on the way to be tokenized. Which would mean that it would be possible to gain access to those servers, and graft something onto that channel.
If I had to do it over again, I'd recommend at least a 3-tier system with main web processing, a secure super-stripped, super-minimalized set of web services where consumers would add card data on a DMZ, and then a dropbox server that would give out tokens. I'd build the 2 tier cc-processing servers as vms and probably destroy them once a week and do rolling redeployments off a patched gold master.
I think that'd probably start to let me sleep a little better.
Truth is, I'm way more concerned with identity security than credit cards. It's pretty trivial to get fraudulent charges reversed and get new credit cards. Try getting your credit history fixed and get a new SSN/taxpayer id. And there's no PCI handling for SSNs.
A friend of mine used to sit on the PCI board. He linked me to this recently:
http://blog.imperva.com/2011/04/pcis-impact-on-security-quantified.html
PCI is one of the most defined and effective standards I've ever seen. Compare that to other standards some companies tout like ISO27001 or SAS70, which are absolutely toothless. (Because they assess only what you SAY that access, as they are standards for evaluating your declared controls.)
PCI varies a lot depending on what tier the merchant is. If they are Tier 2 - Tier 4, the assessment is really only as good as their self-assessment/scan. The scan can be gamed simply by giving out a host or two which is properly locked down, and using that certificate. Tier 1 merchants (6 million+ transactions/year) have to undergo an audit with a certified assessor. I guess PSN doesn't do that many transactions per year? If the assessor does a bad job they will lose their certification.
Also, if Sony lied about the state of their compliance, then they are exposed to enormous amounts of liability.
I haven't had TV for years. At first, I just switched to an antenna, because I could get major networks in HD, and I felt like cable was making the whole family waste time. (My wife especially, who watched a lot of crappy reality TV, ala Flip That House or the show about little girls in pageants. And now she agrees it was a great thing to do)
So I mostly just didn't watch TV and didn't miss it. I caught heroes on the HD Antenna, which was like $35. Worked great.
Lately, I just pick up things I want on iTunes. Plus you can rip your DVDs (and if you're willing to pay money and break the law, Blu-rays). So a SAN full of your movies on speed dial via appleTV or such is pretty fun.
And then there's Netflix which you can stream from anything from the iPad to a computer.
I think that's just the intro price. I punched in a friend's manhattan zip code, and it offers it for $5.85/week for 8 weeks, but then it almost doubles.
I've been gaming my whole life, and I think that'd drive me to do something drastic. Like, go play frisbee or something.
I care. I don't want the government to have any excuses to selectively enforce bad laws. Bad laws should be removed, not simply scoffed at and ignored.
I have no idea how fb works because it's an abomination and I avoid it as much as possible, but - having coded sites and auth schemes from scratch (after 5 years in network security), I can say: it's a poor site that allows an http:/// cookie to perform a delete when they use https:/// for a login.
Generally, if there's a need to have some high-security functions but some low security interactions, you take the login over https:/// then set TWO cookies; one of them with the "ssl-only" flag set; browsers will only send that when returning to the site over an SSL connection. Then you restrict certain types of page views (which would include modifying your account) to https:/// pages. (And I don't tend to look too closely, but I assume this is what other sites are doing when they are saying, "Welcome back Matt...", and then asking for me to confirm my password anyhow and sending me back to SSL for things like a password change.
Creating a separate shell company to run your distribution center so you can claim your parent company does haven't Nexus is bullshit. Who wants to track their purchases to know what to file? What a pain in the ass.
Sales tax is just a shitty concept on a state-by-state level.
It's not at all different. I'm a prime candidate for ebooks - many devices, love digital, plenty of disposable income, love to read...
And I'm collecting paper books. In all the time you could only buy DRM music, I only acquired a handful of songs, sticking mostly with CDs - or more often - just boycotted. (Make it hard to buy, I won't buy.)
But I don't like seeing Apple use their customers as weapons.
Apple is presenting Amazon with a choice: either allow people to buy books in app, via Apple, and basically give apple the profit from those books, but keep the profit from people who buy through your site -- or remove the app, and lose ipad-only kindle buyers.
I hope Amazon calls their bluff, frankly. I expect it will provoke a class-action suit against Apple if they follow through with the threat.
Amazon locked themselves into this. They have a DRM that requires a custom app to read. If they sold PDFs or some other open book, then Apple couldn't do anything about it, because to stop Amazon from selling around them, they'd have to cut ever open-format reader from the app store, doing a huge amount of collateral damage to other developers and consumers. Amazon's DRM allows Apple to cut off just Amazon.
Point being - when you buy a kindle book, you can only read it on a kindle reader.
My first reaction to this story was to seethe at Apple too, but Amazon doesn't have clean hands. (And neither do the Publishers.)
Back in the 90s, we built a bunch of systems for managing firewalls (in particular, Checkpoint firewalls) out of shell scripts. We had commands to check in and check out policies, archive them, pull up customer contact and ip address data, do backups, etc, all from the shell. Years after we did it, Checkpoint released an "Enterprise Security Console" or some such, which cost $25k and was still not as good as our shell scripts.
We wrote shell scripts that provided full failover functionality, right down to using echo commands to send commands out the serial port to kill the primary firewall's power if we were forcing a hard failover. Again, we evaluated many failover solutions with complicated code for heartbeats and other things, and in the end, we could do a better job with shell scripts.
It's not a "shell script", but if you've seen the original facebook code, it was obviously very hacked together. Not badly, per se, but it also doesn't have the flavor of an enterprise architecture; it has the flavor of something cobbled together and then repeatedly iterated against.
To me, it seems like application architecture is more important than the code - you can always redo something, but when you have a framework of interdependent components, it can be very hard to change that in its entirety. An example of this dilemma being UI vs API - some people choose to build their API first and then build their UI on top of it. Other choose to build their UI and then build the API to have parity. The former, in my experience, leads to a much, much more effective, robust, and complete API; the latter risks an API which is an afterthought and his poor coverage against UI functionality. (And if you expect your API to matter a lot to your product/service, this is a very big deal.)