I've had one of the Roku Netflix streaming thingies since they came out. Some content (particularly recent TV shows and movies) is available in HD. The picture quality is IMO pretty good. I've seen way more compression artifacts on cable HD. Of course if the stream quality drops (due to bandwidth constraints) or you're watching the first season of Airwolf or something that wasn't shot in HD it looks crappier.
For a while they were only streaming stereo sound, but I believe they're doing 5.1 now.
One difference is that while there are some differences between versions, managing AD hasn't changed drastically since 2000 Server. Linux AD-like infrastructure constantly changes between versions so the knowledge you gained when you figured out how to set it up the last time is no longer useful.
For example, the IDMAP options in smb.conf seem to vary by the hour so the how-to you're following from some ad-laden blog probably won't leave you with a working config. If you're lucky, google spidered a newer how-to quickly enough and you discover that the "rid_map" option was changed to "map_rid" and that blowupeverything=1 which used to mean "don't blow up everything" now means "why yes, please do blow up everything".
I'm not sure if you're trolling or not, but if you're serious did you happen to manage the storage for Microsoft's Sidekick servers?
A couple things wrong with your assumptions: 1) 1TB drives might be great for storing your goat porn collection, but on a server with actual load, how many of those drives do you need to get adequate IOPS? Also exactly 100 of them means no RAID, but that's OK because drives from Newegg never fail so your 100TB of data should be fine. 2) You seem to have left controllers out of your list. Anyone who's ever had a RAID controller start barfing garbage all over a LUN, or take out a second drive after a drive failure will tell you the controller is the really critical bit (and is usually a single point of failure in systems with DAS.) 3) Where's your backup hardware? Where's space for snapshots? Where's space for replication? 4) Ever time a RAID5 rebuild on say a 9 drive LUN with 1TB SATA disks?
Storage is expensive because the data on it has value and making sure that data is available and isn't lost or corrupted costs money. Cheap storage solutions don't end up that way when the drives have to go to OnTrack for recovery and the company's down for a week, or valuable data is lost.
RIM has chosen to follow the path of Lotus Notes. You can still find Notes around in large companies but IBM's complete lack of attention to small/mid-size businesses killed off Notes in those environments. RIM is in the process of doing the same thing - they've released 3 or 4 server products targeted at the small/mid-size space and then killed them off leaving their customers in the lurch.
At this point they've completely ceded the small/medium business market to iOS and Android. While there are still plenty of mid-sized companies with BESs, I see more and more companies moving everyone over to iPhones, Droids, etc.
Steam and Valve have figured this out. I've spent more on games in the past few months on Steam than total on games for the previous 20 years. I suspect that they've been gathering all kinds of information on how putting games on sale affects buying patterns which will prove extremely useful in the future. Hopefully they win out vs. publishers going the rootkit/unfinished games/online access required route.
Basically, they've added trusted computing to a phone.
It's too bad that they've opted for the "screw the customer" side of TPM.
I have an original Droid and wish it had some kind of secure key repository. having to type in a 20 character mixed case password on a mobile device is a huge pain in the ass - being able to use say a 4 char PIN which then grants access to a TPM repository with the longer password or certs, etc. would be enormously useful (and which locked out after a certain number of tries.) As it stands, there's stuff I don't copy to my phone because it can't be secured without being completely inconvenient.
One of my customers just had a T1 with a Tier 1 provider down for over a week. The SLA can promise whatever but when it takes a police detail, etc. to get under the street for repairs, you're on phone company time. Single points of failure are still single points of failure regardless of contractual support agreements. I deal with a fair number of MPLS circuits both domestically and internationally and for any site that's even remotely important they end up getting a secondary circuit of some sort (often a cheap Internet line to both offload Internet traffic from the WAN and to act as backup WAN connectivity via IPsec VPN.)
For systems, several redundant, lower performance, inexpensive components are often "better" (e.g. RAID, load balanced x86 webservers, etc.) Sometimes due to various requirements you have to go with a big expensive, high performance system (for example Oracle's licensing is such that for many mid-size companies RAC isn't an option so they end up with one big expensive Sun or Linux box) Likewise with Leased lines - if you're somewhere where a leased line is the only option, or are dealing with latency sensitive traffic you have to suck it up and pay for T1/MPLS/etc. For many traffic profiles however having two lower reliability/SLA connections will provide both better performance (business cable/DSL/MetroE Internet is generally much higher bandwidth than a T1 at half or a third the price) and higher uptime. It's also nice to have a secondary connection on different media since if you're somewhere where the local loop infrastructure sucks, having two T1s from different providers may not provide as much redundancy as you think.
For larger companies, this probably doesn't hold true (having to manage different providers gets to be a hassle with more than a handful of sites, and larger customers get better pricing and more responsive support regardless of SLA) but for small and mid-size companies I think that it's time to question the value of leased lines as dogma.
I hate minimized windows (well, I hate overlapping windows in general but haven't found a tiling WM that's 100% what I want either.) If you're using Compiz, in CCSM you can disable minimizing windows. In Window Rules, put "Any" (without quotes) in the Non Minimizable Windows field. This makes the various ALT-Tab window switchers actually useful since they won't show minimized windows (or at least Scale won't.)
You can also set Always On Top rules here which is helpful for those apps that create child windows that don't appear on the taskbar (for example, the login dialog in Outlook through Wine. There is a special place in hell for whoever at Microsoft thought child windows and dialogs should be allowed to fall behind other windows without providing any way to get to them without minimizing all the other windows and hunting for them.)
Actually, primary care docs get paid like crap which is why you see very few people willing to go into family medicine and categorical internal medicine. After 4 years of med school, 3-4 years of residency, for an extra year or two of fellowship you can easily double or triple your annual salary.
The AMA isn't a cartel so much as a part of the overall government regulation of health care that distorts attempts to use the market to provide better care. A truly market-based approach might work, and a fully government controlled approach might work, but what we have right now is the worst of both worlds.
Also, speaking as an IT guy, I grudgingly wish we had something like the AMA to set professional standards because the current free-for-all is awful. Not that there aren't stupid/bad doctors who manage to slip through the system (and are kept around because everyone is so overwhelmed that they're loathe to get rid of another set of hands.)
Spamhaus has gotten into bed with big companies and they tell everyone to ignore all email from anyone using a cable modem.
Yes, a conspiracy against those oppressed cable modem users is obviously the most reasonable explanation. The Spamhaus PBL is a great list, the ham/spam ratio on end-user IPs is infinitesimally small. In addition to all the zombie PCs spewing out spam you have the "I'm going to setup my own sendmail server!" crowd who follow how-tos from 1995 which set the server up as an open relay.
The PBL (and home ISPs that block outbound TCP/25) are a great example of a passive failsafe - if you can't figure out how to relay through the ISPs SMTP server maybe you shouldn't be setting up mail servers.
Welcome to the future baby! Settings -> Applications, allow Unknown Sources. I enabled that to install Android Scripting Environment and Pandahome on my Droid.
Unless your small business gets free IT support, I'm not sure how you can claim Microsoft's offerings are overpriced. SBS retails at $600 with 5 CALs, OEM is cheaper. Service ends up being the major cost regardless of platform and much as it pains me to give props to Microsoft, SBS runs pretty darn well.
I would never run a Mac server at this point because it can't be virtualized. For a small business virtualization is a godsend (your server is no longer tied to a particular piece of hardware.) The fact that Apple is still obsessed with their sexy hardware suggests to me that they're about to miss the biggest change in IT in quite a while.
Now a small server appliance that's simply a bridge to "Other People's Servers" (i.e. cloud computing hype) and you have something - that may be the direction they'll go.
The previous generations of multi-core CPUs weren't 2-core and 4-core, they were dual and quad-core. These new chips should pretty obviously be called sex-cores. Not since the 667MHZ PII have I been so disappointed.
This is a huge sucky problem already. I don't deal with robots per se, but with all kinds of other manufacturing tools which are all controlled by PCs (or by PLCs which connect to PCs.) Some have the PCs built into the body of the tool.
Making a tool designed to last 20 years dependent on a PC designed to last 5 and an OS supported for 3 insures lots and lots of problems. This would be a great place for Linux, yet all the tools I see use DOS or Windows PCs (even the new ones.) What this means is that companies with these tools have to deal with the logistics of finding replacement parts for 286's, or keep Windows 95 install media around because the app won't run on anything newer.
I've found that this seems to endure (at least in part) because by and large people don't seem to give a shit about problems that won't crop up for 5-10 years (they assume they'll have moved on to another position or company by then.) It's pretty frustrating to deal with though. It would be nice if in addition to a general purpose OS, there was general purpose hardware that remained stable over a longer time frame.
I have not worked with BES 5, but it was certainly commonplace on 2.2, 3.6, and 4.0 to have to reset the devices on occasion because they would just stop syncing. I was present for numerous calls involving a help desk person, RIM support, and the carrier to try to get some traveling exec's blackberry working.
The BES is a steaming pile of shit layered upon several other steaming piles of shit. It hammers the crap out of mail servers. The install process involves magical incantations and occasionally modifying the AD schema (this one admittedly is the fault of MS and lazy admins who use domain admin accounts for their mail.) The upgrade process involves something called a "knife edge cutover" I think because slitting your wrists can seem like a practical alternative. There's no reason removing a user from the server and then adding him again should require mucking with the DB tables directly with osql, yet that was the recommended procedure for a while. Wireless activation was a total game of chance well into when activating a Activesync device took a couple minutes and then it never had to be looked at again.
RIM's architecture made sense in 1999 when you couldn't get Internet access via cell. At this point though its an anachronism. I can appreciate the security features and policy management, but there's zero reason that this huge extra infrastructure be required in the days of unlimited mobile Internet access. Why install a BES, an MDS, a bb router, only to send your traffic to RIMs network (which has suffered several outages recently) which then goes to the carriers and to the devices?
BIS pisses me off even more. Why provide an IMAP client when you can force people to provide their login credentials to their honest and trustworthy cell phone carrier? Not to mention that well into 2008 the idea of syncing e-mail (as opposed to POP3 download) was looked at as some sort of freak request. It's not like anyone would want to get their mail from both their phone AND their PC.
I can't speak to what happened in your particular scenario, but yes, staff, power cooling, etc. are big drivers for virtualization. I've seen multiple racks of servers condensed down into two servers and a SAN running in about 20U. You can get to everything remotely (out-of-band) without needing an IP-KVM and can restart hung servers without needing an IP/Serial PDU.
Setup time for new servers is orders of magnitude faster. fill out a couple screens in a click-and-drool GUI and you have a new server up and running.
Redundancy and reliability are also quite a bit better. While you're right a catastrophic failure of physical server hardware will bring down the VMs hosted on that server, they can immediately be powered on again on one of the other physical hosts. (Of course if you use local storage with virtual servers, you're playing with fire and will get burned eventually) Virtualization also makes it reasonable to cluster services for HA since you don't need 100% more hardware for failover. VMotion or XenMotion (which I haven't yet tried) will let you move running VMs off a physical box you suspect of failing or need to service which is damn handy, though I don't know that it's worth the price VMWare charges in most cases.
Virtualization means NOT needing to buy new hardware since the hardware becomes a commodity, run it till it fails and then replace it. You get out of proactive replacement cycles and expensive 7x24x4 support contracts. When you need more capacity, you just add another node and redistribute your VMs rather than having to deal with the headache of migrating an overutilized server to new hardware.
I don't know why you'd run Windows on top of Linux (or vice-versa) outside of test-dev (a sales laptop running a 3-tier application on 3 VMs via VMWare Player or Workstation for example) Server-based hypervisors run on bare metal.
This is certainly a big step forward for what are otherwise niche also-ran hypervisors. I'm certainly glad to see competition to VMWare, but there's still nothing that actually comes close to it in terms of real-world performance. (specifically stability and manageability)
One feature that it would be interesting to see incorporated into server virtualization products is storage abstraction and network RAID. Right now you can do it with a VM (LeftHand's software iSCSI SAN or Openfiler) but it would be cool if that were a built-in feature of the hypervisor. Currently if you're not using shared storage (SAN or NAS) virtualization presents some pretty serious risks if you suffer hardware failure. Instead of hardware failure taking down one server now it takes down five. If one of the competing virtualization products gave you the ability to mirror local storage between two physical servers, that would be a killer feature for branch/small office settings where the budget doesn't justify a SAN. I don't see VMWare doing this because they don't want to piss off their expensive SAN hawking partners or parent company.
Generally tracking things back to the original infection vector is fairly straight forward if it happened recently - there's usually cruft all over the system that wasn't there prior to the infection, and log file entries or application crash memory dumps correlate to the time things started getting hinkie. Often it's as easy as loading up the browser history in IEHV and seeing what the user did (google search for some topic, the 3rd URL down points to http://ssladjfkfj.fjdskjff.cn/ and if you're quick enough and the site is still up you can usually grab a copy to see exactly what the page is doing.)
Acrobat Reader that hasn't been upgraded to 8.1.3 (I'm not sure if there are patches for 7) is vulnerable. There are lots of PCs out there with an older version of Acrobat, especially since many people disabled the update notifications after getting sick of being prompted to install Photoshop Elements (or whatever else Adobe was pimping) over and over.
Pretty much every virus infected PC I've seen in the past few months was originally infected via the magnificence that is Acrobat Reader (and most of the remainder were infected by the meth-using-crack-whore that is the Sun JRE)
The time is right to go after Acrobat. After explaining to someone that the virus that just trashed their PC (or office's PCs) came in by way of a hidden PDF in an infected web page, not only are they OK with removing the Acrobat browser plugins, but they're often open to getting Acrobat off the machine entirely.
Given the rash of shit that Microsoft has (rightfully) received over the years for browser exploits, it's time to hold Adobe and Sun accountable for their dangerously insecure products. Both companies patch management is terrible. Neither provide any decent support for sysadmins to push out updates ("uh, try to find the MSI that the installer drops and then, you know, push it out with something. I think you can do it with Group Policies!" is about as far as they go) For Java it's been easy to say "just get rid of it" since for 99% of people it's unnecessary, but Acrobat and Acrobat Reader have been more of a challenge. Perhaps highlighting how insecure Acrobat is will help move the effort to replace it along.
The costs for AD/Exchange, etc. pale in comparison to the administrative salary costs associated with supporting an IT infrastructure and the lost productivity costs of down time.
I've found Samba in a Domain environment to be kind of flaky, and while it's useful for accessing the file system on a Linux server (though I prefer scp) there's no way I would look at replacing any Windows file server that had an SLA with a Samba server. The licensing costs for a Windows server (especially virtualized) are negligible.
On the other hand, there's still no great solution for something similar to AD on Linux. NIS+ is old and sucks. Going through the whole LDAP rigmarole only gets you part of the way and requires a hell of a lot of upkeep depending on the server. Winbind against AD isn't bad though again it's flaky and requires way too much work to setup. I supposed there's the tried and true method of rsync-ing passwd, group and shadow files around.
The combo of AD and Group Policy is pretty killer, It would be really nice to see something similar for Linux, or at the very least improved AD integration would be awesome.
Conversely, virtualization allows you to keep older server hardware on-line longer and less expensively - you can avoid renewing service contracts and just run servers till they die since you can just vmotion the VMs to another physical server when the time comes. The only downside is per-CPU licensing for VMWare which may be way cheaper per app/VM on newer hardware. (More VMs per CPU license)
Slashdot Mirror
I've had one of the Roku Netflix streaming thingies since they came out. Some content (particularly recent TV shows and movies) is available in HD. The picture quality is IMO pretty good. I've seen way more compression artifacts on cable HD. Of course if the stream quality drops (due to bandwidth constraints) or you're watching the first season of Airwolf or something that wasn't shot in HD it looks crappier.
For a while they were only streaming stereo sound, but I believe they're doing 5.1 now.
One difference is that while there are some differences between versions, managing AD hasn't changed drastically since 2000 Server. Linux AD-like infrastructure constantly changes between versions so the knowledge you gained when you figured out how to set it up the last time is no longer useful.
For example, the IDMAP options in smb.conf seem to vary by the hour so the how-to you're following from some ad-laden blog probably won't leave you with a working config. If you're lucky, google spidered a newer how-to quickly enough and you discover that the "rid_map" option was changed to "map_rid" and that blowupeverything=1 which used to mean "don't blow up everything" now means "why yes, please do blow up everything".
I'm not sure if you're trolling or not, but if you're serious did you happen to manage the storage for Microsoft's Sidekick servers?
A couple things wrong with your assumptions:
1) 1TB drives might be great for storing your goat porn collection, but on a server with actual load, how many of those drives do you need to get adequate IOPS? Also exactly 100 of them means no RAID, but that's OK because drives from Newegg never fail so your 100TB of data should be fine.
2) You seem to have left controllers out of your list. Anyone who's ever had a RAID controller start barfing garbage all over a LUN, or take out a second drive after a drive failure will tell you the controller is the really critical bit (and is usually a single point of failure in systems with DAS.)
3) Where's your backup hardware? Where's space for snapshots? Where's space for replication?
4) Ever time a RAID5 rebuild on say a 9 drive LUN with 1TB SATA disks?
Storage is expensive because the data on it has value and making sure that data is available and isn't lost or corrupted costs money. Cheap storage solutions don't end up that way when the drives have to go to OnTrack for recovery and the company's down for a week, or valuable data is lost.
RIM has chosen to follow the path of Lotus Notes. You can still find Notes around in large companies but IBM's complete lack of attention to small/mid-size businesses killed off Notes in those environments. RIM is in the process of doing the same thing - they've released 3 or 4 server products targeted at the small/mid-size space and then killed them off leaving their customers in the lurch.
At this point they've completely ceded the small/medium business market to iOS and Android. While there are still plenty of mid-sized companies with BESs, I see more and more companies moving everyone over to iPhones, Droids, etc.
Steam and Valve have figured this out. I've spent more on games in the past few months on Steam than total on games for the previous 20 years. I suspect that they've been gathering all kinds of information on how putting games on sale affects buying patterns which will prove extremely useful in the future. Hopefully they win out vs. publishers going the rootkit/unfinished games/online access required route.
It's too bad that they've opted for the "screw the customer" side of TPM.
I have an original Droid and wish it had some kind of secure key repository. having to type in a 20 character mixed case password on a mobile device is a huge pain in the ass - being able to use say a 4 char PIN which then grants access to a TPM repository with the longer password or certs, etc. would be enormously useful (and which locked out after a certain number of tries.) As it stands, there's stuff I don't copy to my phone because it can't be secured without being completely inconvenient.
One of my customers just had a T1 with a Tier 1 provider down for over a week. The SLA can promise whatever but when it takes a police detail, etc. to get under the street for repairs, you're on phone company time. Single points of failure are still single points of failure regardless of contractual support agreements. I deal with a fair number of MPLS circuits both domestically and internationally and for any site that's even remotely important they end up getting a secondary circuit of some sort (often a cheap Internet line to both offload Internet traffic from the WAN and to act as backup WAN connectivity via IPsec VPN.)
For systems, several redundant, lower performance, inexpensive components are often "better" (e.g. RAID, load balanced x86 webservers, etc.) Sometimes due to various requirements you have to go with a big expensive, high performance system (for example Oracle's licensing is such that for many mid-size companies RAC isn't an option so they end up with one big expensive Sun or Linux box) Likewise with Leased lines - if you're somewhere where a leased line is the only option, or are dealing with latency sensitive traffic you have to suck it up and pay for T1/MPLS/etc. For many traffic profiles however having two lower reliability/SLA connections will provide both better performance (business cable/DSL/MetroE Internet is generally much higher bandwidth than a T1 at half or a third the price) and higher uptime. It's also nice to have a secondary connection on different media since if you're somewhere where the local loop infrastructure sucks, having two T1s from different providers may not provide as much redundancy as you think.
For larger companies, this probably doesn't hold true (having to manage different providers gets to be a hassle with more than a handful of sites, and larger customers get better pricing and more responsive support regardless of SLA) but for small and mid-size companies I think that it's time to question the value of leased lines as dogma.
I hate minimized windows (well, I hate overlapping windows in general but haven't found a tiling WM that's 100% what I want either.) If you're using Compiz, in CCSM you can disable minimizing windows. In Window Rules, put "Any" (without quotes) in the Non Minimizable Windows field. This makes the various ALT-Tab window switchers actually useful since they won't show minimized windows (or at least Scale won't.)
You can also set Always On Top rules here which is helpful for those apps that create child windows that don't appear on the taskbar (for example, the login dialog in Outlook through Wine. There is a special place in hell for whoever at Microsoft thought child windows and dialogs should be allowed to fall behind other windows without providing any way to get to them without minimizing all the other windows and hunting for them.)
Actually, primary care docs get paid like crap which is why you see very few people willing to go into family medicine and categorical internal medicine. After 4 years of med school, 3-4 years of residency, for an extra year or two of fellowship you can easily double or triple your annual salary.
The AMA isn't a cartel so much as a part of the overall government regulation of health care that distorts attempts to use the market to provide better care. A truly market-based approach might work, and a fully government controlled approach might work, but what we have right now is the worst of both worlds.
Also, speaking as an IT guy, I grudgingly wish we had something like the AMA to set professional standards because the current free-for-all is awful. Not that there aren't stupid/bad doctors who manage to slip through the system (and are kept around because everyone is so overwhelmed that they're loathe to get rid of another set of hands.)
"The Republicans are the party that says government doesn't work and then they get elected and prove it."
P. J. O'Rourke
Yes, a conspiracy against those oppressed cable modem users is obviously the most reasonable explanation. The Spamhaus PBL is a great list, the ham/spam ratio on end-user IPs is infinitesimally small. In addition to all the zombie PCs spewing out spam you have the "I'm going to setup my own sendmail server!" crowd who follow how-tos from 1995 which set the server up as an open relay.
The PBL (and home ISPs that block outbound TCP/25) are a great example of a passive failsafe - if you can't figure out how to relay through the ISPs SMTP server maybe you shouldn't be setting up mail servers.
Welcome to the future baby! Settings -> Applications, allow Unknown Sources. I enabled that to install Android Scripting Environment and Pandahome on my Droid.
Unless your small business gets free IT support, I'm not sure how you can claim Microsoft's offerings are overpriced. SBS retails at $600 with 5 CALs, OEM is cheaper. Service ends up being the major cost regardless of platform and much as it pains me to give props to Microsoft, SBS runs pretty darn well.
I would never run a Mac server at this point because it can't be virtualized. For a small business virtualization is a godsend (your server is no longer tied to a particular piece of hardware.) The fact that Apple is still obsessed with their sexy hardware suggests to me that they're about to miss the biggest change in IT in quite a while.
Now a small server appliance that's simply a bridge to "Other People's Servers" (i.e. cloud computing hype) and you have something - that may be the direction they'll go.
The previous generations of multi-core CPUs weren't 2-core and 4-core, they were dual and quad-core. These new chips should pretty obviously be called sex-cores. Not since the 667MHZ PII have I been so disappointed.
This is a huge sucky problem already. I don't deal with robots per se, but with all kinds of other manufacturing tools which are all controlled by PCs (or by PLCs which connect to PCs.) Some have the PCs built into the body of the tool.
Making a tool designed to last 20 years dependent on a PC designed to last 5 and an OS supported for 3 insures lots and lots of problems. This would be a great place for Linux, yet all the tools I see use DOS or Windows PCs (even the new ones.) What this means is that companies with these tools have to deal with the logistics of finding replacement parts for 286's, or keep Windows 95 install media around because the app won't run on anything newer.
I've found that this seems to endure (at least in part) because by and large people don't seem to give a shit about problems that won't crop up for 5-10 years (they assume they'll have moved on to another position or company by then.) It's pretty frustrating to deal with though. It would be nice if in addition to a general purpose OS, there was general purpose hardware that remained stable over a longer time frame.
Here's one example
Yes, thank you! LogicMail rocks.
I have not worked with BES 5, but it was certainly commonplace on 2.2, 3.6, and 4.0 to have to reset the devices on occasion because they would just stop syncing. I was present for numerous calls involving a help desk person, RIM support, and the carrier to try to get some traveling exec's blackberry working.
The BES is a steaming pile of shit layered upon several other steaming piles of shit. It hammers the crap out of mail servers. The install process involves magical incantations and occasionally modifying the AD schema (this one admittedly is the fault of MS and lazy admins who use domain admin accounts for their mail.) The upgrade process involves something called a "knife edge cutover" I think because slitting your wrists can seem like a practical alternative. There's no reason removing a user from the server and then adding him again should require mucking with the DB tables directly with osql, yet that was the recommended procedure for a while. Wireless activation was a total game of chance well into when activating a Activesync device took a couple minutes and then it never had to be looked at again.
RIM's architecture made sense in 1999 when you couldn't get Internet access via cell. At this point though its an anachronism. I can appreciate the security features and policy management, but there's zero reason that this huge extra infrastructure be required in the days of unlimited mobile Internet access. Why install a BES, an MDS, a bb router, only to send your traffic to RIMs network (which has suffered several outages recently) which then goes to the carriers and to the devices?
BIS pisses me off even more. Why provide an IMAP client when you can force people to provide their login credentials to their honest and trustworthy cell phone carrier? Not to mention that well into 2008 the idea of syncing e-mail (as opposed to POP3 download) was looked at as some sort of freak request. It's not like anyone would want to get their mail from both their phone AND their PC.
I can't speak to what happened in your particular scenario, but yes, staff, power cooling, etc. are big drivers for virtualization. I've seen multiple racks of servers condensed down into two servers and a SAN running in about 20U. You can get to everything remotely (out-of-band) without needing an IP-KVM and can restart hung servers without needing an IP/Serial PDU.
Setup time for new servers is orders of magnitude faster. fill out a couple screens in a click-and-drool GUI and you have a new server up and running.
Redundancy and reliability are also quite a bit better. While you're right a catastrophic failure of physical server hardware will bring down the VMs hosted on that server, they can immediately be powered on again on one of the other physical hosts. (Of course if you use local storage with virtual servers, you're playing with fire and will get burned eventually) Virtualization also makes it reasonable to cluster services for HA since you don't need 100% more hardware for failover. VMotion or XenMotion (which I haven't yet tried) will let you move running VMs off a physical box you suspect of failing or need to service which is damn handy, though I don't know that it's worth the price VMWare charges in most cases.
Virtualization means NOT needing to buy new hardware since the hardware becomes a commodity, run it till it fails and then replace it. You get out of proactive replacement cycles and expensive 7x24x4 support contracts. When you need more capacity, you just add another node and redistribute your VMs rather than having to deal with the headache of migrating an overutilized server to new hardware.
I don't know why you'd run Windows on top of Linux (or vice-versa) outside of test-dev (a sales laptop running a 3-tier application on 3 VMs via VMWare Player or Workstation for example) Server-based hypervisors run on bare metal.
This is certainly a big step forward for what are otherwise niche also-ran hypervisors. I'm certainly glad to see competition to VMWare, but there's still nothing that actually comes close to it in terms of real-world performance. (specifically stability and manageability)
One feature that it would be interesting to see incorporated into server virtualization products is storage abstraction and network RAID. Right now you can do it with a VM (LeftHand's software iSCSI SAN or Openfiler) but it would be cool if that were a built-in feature of the hypervisor. Currently if you're not using shared storage (SAN or NAS) virtualization presents some pretty serious risks if you suffer hardware failure. Instead of hardware failure taking down one server now it takes down five. If one of the competing virtualization products gave you the ability to mirror local storage between two physical servers, that would be a killer feature for branch/small office settings where the budget doesn't justify a SAN. I don't see VMWare doing this because they don't want to piss off their expensive SAN hawking partners or parent company.
Here's an example of one I came across recently: http://www.dslreports.com/forum/r21704795-Browser-Redirect-to-7770-interesting
Also at the time I'm writing this, there are at least three PDF droppers listed here: http://www.techzoom.net/security-radar/latest-virus.en
Generally tracking things back to the original infection vector is fairly straight forward if it happened recently - there's usually cruft all over the system that wasn't there prior to the infection, and log file entries or application crash memory dumps correlate to the time things started getting hinkie. Often it's as easy as loading up the browser history in IEHV and seeing what the user did (google search for some topic, the 3rd URL down points to http://ssladjfkfj.fjdskjff.cn/ and if you're quick enough and the site is still up you can usually grab a copy to see exactly what the page is doing.)
Acrobat Reader that hasn't been upgraded to 8.1.3 (I'm not sure if there are patches for 7) is vulnerable. There are lots of PCs out there with an older version of Acrobat, especially since many people disabled the update notifications after getting sick of being prompted to install Photoshop Elements (or whatever else Adobe was pimping) over and over.
Pretty much every virus infected PC I've seen in the past few months was originally infected via the magnificence that is Acrobat Reader (and most of the remainder were infected by the meth-using-crack-whore that is the Sun JRE)
The time is right to go after Acrobat. After explaining to someone that the virus that just trashed their PC (or office's PCs) came in by way of a hidden PDF in an infected web page, not only are they OK with removing the Acrobat browser plugins, but they're often open to getting Acrobat off the machine entirely.
Given the rash of shit that Microsoft has (rightfully) received over the years for browser exploits, it's time to hold Adobe and Sun accountable for their dangerously insecure products. Both companies patch management is terrible. Neither provide any decent support for sysadmins to push out updates ("uh, try to find the MSI that the installer drops and then, you know, push it out with something. I think you can do it with Group Policies!" is about as far as they go) For Java it's been easy to say "just get rid of it" since for 99% of people it's unnecessary, but Acrobat and Acrobat Reader have been more of a challenge. Perhaps highlighting how insecure Acrobat is will help move the effort to replace it along.
Thanks, I'll check it out.
The costs for AD/Exchange, etc. pale in comparison to the administrative salary costs associated with supporting an IT infrastructure and the lost productivity costs of down time.
I've found Samba in a Domain environment to be kind of flaky, and while it's useful for accessing the file system on a Linux server (though I prefer scp) there's no way I would look at replacing any Windows file server that had an SLA with a Samba server. The licensing costs for a Windows server (especially virtualized) are negligible.
On the other hand, there's still no great solution for something similar to AD on Linux. NIS+ is old and sucks. Going through the whole LDAP rigmarole only gets you part of the way and requires a hell of a lot of upkeep depending on the server. Winbind against AD isn't bad though again it's flaky and requires way too much work to setup. I supposed there's the tried and true method of rsync-ing passwd, group and shadow files around.
The combo of AD and Group Policy is pretty killer, It would be really nice to see something similar for Linux, or at the very least improved AD integration would be awesome.
Conversely, virtualization allows you to keep older server hardware on-line longer and less expensively - you can avoid renewing service contracts and just run servers till they die since you can just vmotion the VMs to another physical server when the time comes. The only downside is per-CPU licensing for VMWare which may be way cheaper per app/VM on newer hardware. (More VMs per CPU license)