Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



The High-Tech Warfare Behind the Israel - Hamas Conflict

grahamsaa Summmary seems very one sided (402 comments)

Sure, I'm willing to believe that Hamas has some technology behind what they're doing, but it surely can't be anywhere near as advanced as what the IDF has. The Israel / Hamas conflict is about as mismatched as it would be if the US went to war with Bolivia. I'm sure if that happened, some people in the American press would point out that the Bolivians have rifles, while forgetting to mention that we have nuclear subs and airfraft carriers.

about three weeks ago

Slashdot Asks: Do You Want a Smart Watch?

grahamsaa I'll keep my mechanical / automatic instead (381 comments)

I'd rather keep my mechanical / automatic watch. It's durable, looks nice, keeps excellent time, never needs charging and will still be nice 20 years from now. Show me a smart watch that can do that and I might be interested.

about a month ago

Ask Slashdot: Unattended Maintenance Windows?

grahamsaa Thanks for the feedback (OP response) (265 comments)

Thanks for all of the feedback -- it's useful.

A couple clarifications: we do have redundant systems, on multiple physical machines with redundant power and network connections. If a VM (or even an entire hypervisor) dies, we're generally OK. Unfortunately, some things are very hard to make HA. If a primary database server needs to be rebooted, generally downtime is required. We do have a pretty good monitoring setup, and we also have support staff that work all shifts, so there's always someone around who could be tasked with 'call me if this breaks'. We also have a senior engineer on call at all times. Lately it's been pretty quiet because stuff mostly just works.

Basically, up to this point we haven't automated anything that will / could be done during a maintenance window that causes downtime on a public facing service, and I can understand the reasoning behind that, but we also have lab and QA environments that are getting closer to what we have in production. They're not quite there yet, but when we get there, automating something like this could be an interesting way to go. We're already starting to use Ansible, but that's not completely baked in yet and will probably take several months.

My interest in doing this is partly that sleep is nice, but really, if I'm doing maintenance at 5:30 AM for a window that has to be announced weeks ahead of time, I'm a single point of failure, and I don't really like that. Plus, considering the number of systems we have, the benefits of automating this particular scenario are significant. Proper testing is required, but proper testing (which can also be automated) can be used to ensure that our lab environments do actually match production (unit tests can be baked in). Initially it will take more time, but in the long run anything that can eliminate human error is good, particularly at odd hours.

Somewhat related, about a year ago, my cat redeployed a service. I was up for an early morning window and pre staged a few commands chained with &&'s, went downstairs to make coffee and came back to find that the work had been done. Too early. My cat was hanging out on the desk. The first key he hit was "enter" followed by a bunch of garbage, so my commands were faithfully executed. It didn't cause any serious trouble, but it could have under different circumstances. Anyway, thanks for the useful feedback :)

about a month and a half ago

Ask Slashdot: Unattended Maintenance Windows?

grahamsaa Re:Slashdot is a Bad Place to Ask This (265 comments)

OP here. Yes, they are VMs in most cases. The only machines we don't virtualize are database servers.

about a month and a half ago

Ikea Sends IkeaHackers Blog a C&D Order

grahamsaa Confusion? Really? (207 comments)

It seems like Ikea Hackers actually adds value to the Ikea brand and probably encourages traffic to their stores. I don't think anyone who's ever visited the site could be confused about whether it's an official Ikea site or not. This was a boneheaded decision.

about 2 months ago

One Developer's Experience With Real Life Bitrot Under HFS+

grahamsaa Re:ZFS, Apple! (396 comments)

Of course it doesn't, and I never said that. But your chances of data corruption if you use ZFS without ECC are somewhat greater, and potentially much more catastrophic. A web search for 'ZFS without ECC' will point you to a number of horror stores. Basically, ZFS always trusts what's in memory, so if what's in memory differs from what's on disk, the contents on disk get overwritten. If this discrepancy is due to bit rot, that's great -- you've just saved your data. But if it's due to a memory error, your system proactively corrupts your data. Considering that most non ECC DIMMs have a couple errors a year, you will very likely lose data if you run ZFS on a system without ECC.

Of course, ECC doesn't fix everything, but it should halt your system if your RAM has an uncorrectable error, which is better than corrupting your files on disk.

about 2 months ago

One Developer's Experience With Real Life Bitrot Under HFS+

grahamsaa Re:ZFS, Apple! (396 comments)

I'm not sure this is true. Other vendors like iXsystems already sell products that ship with ZFS. As I understand it, ZFS is BSD licensed. While Oracle distributes its own version of ZFS that may (or may not) include proprietary features, the open sourced version is freely distributable. The only reason it's packaged as a userland utility for Linux is that the BSD license isn't compatible with the kernel's GPL license. Apple's kernel is definitely not GPL, so this isn't a problem for them.

One problem might be that using ZFS without ECC memory can result in data loss, and ECC memory is more expensive (and not compatible with most consumer oriented processors that Intel makes). This would increase the cost of Apple hardware and could (possibly) be a hurdle, as Intel doesn't want to support ECC memory on their consumer oriented processors (as this could hurt sales of more expensive server-oriented processors. But Apple is a large enough vendor that they could probably negotiate something with Intel that could be workable.

That said, I don't know many Apple users that know what ZFS is, and it doesn't seem like there are many people clamoring for it. It would be a great addition to OSX though.

about 2 months ago

Heartbleed OpenSSL Vulnerability: A Technical Remediation

grahamsaa Re:Mountain out of a molehill (239 comments)

What if you work for an organization that has hundreds or thousands of users who connect to a SSL VPN? Re-issuing a single certificate isn't so bad, but re-issuing many certs (and working with end users to roll them out) sounds like a nightmare. Many businesses are also responsible for more than one website, and / or are heavily regulated. Just getting lots of users to change their passwords is bad enough, but if you have to tell them that their credit card number or medical information may have been compromised, possibly provide credit monitoring services for awhile, etc., is ABSOLUTELY a lot of work for a department or an organization.

about 4 months ago

NASA Admits It Gave Jet Fuel Discounts To Google Execs' Company

grahamsaa Recouping the money is probably impossible (126 comments)

But I'm much more interested in hearing about the rationale for offering this deal. Did NASA get anything in return? Did H2-11 request a subsidy? Was this a simple accounting error or due to corruption. The "what" here is far less interesting to me than the "why".

about 5 months ago

Cops Say NDA Kept Them from Notifying Courts About Cell Phone Tracking Gadget

grahamsaa Sorry, I can't be compelled to testify (235 comments)

Sorry Judge, I can't be compelled to testify against my accomplice -- we signed a non-disclosure agreement.

about 6 months ago

"The Fat Man" George Sanger Answers Your Questions About Music and Games

grahamsaa "A while ago you a chance"? (20 comments)

C'mon Slashdot editors, please proofread before posting.

about 6 months ago

Carmakers Keep Data On Drivers' Locations From Navigation Systems

grahamsaa A recommended practice? (189 comments)

Why isn't this required by law?

about 7 months ago

Porn-Surfing Execs Infecting Corporate Networks With Malware

grahamsaa Do different rules apply to senior managers? (151 comments)

I've never understood why people do stuff like this. Years ago I recovered data from a CFO's laptop, only to find the thing filled with porn. Senior managers generally make enough money to have personal devices to look at porn on -- why do they risk the embarrassment of being discovered misusing company resources? I guess now that I think of it, the CFO in question wasn't fired (or even really disciplined) for this, as far as I can tell, so maybe senior managers just think that they're important enough that rules and common sense don't matter. If the laptop had belonged to a lower-level employee, he or she probably would have been disciplined.

about 9 months ago

Your Next Network Operating System Is Linux

grahamsaa Re:Cisco isn't going anywhere, yet (192 comments)

Familiar or not, IOS ps pretty cludgy and difficult to navigate, and lacks a lot of basic tools that are available at a bash shell. For example, why can't I pipe muptiple 'include' statements together yet? I've been able to pipe multiple grep statements together since, well, since I started using Linux at least 13-14 years ago.

about 10 months ago

Your Next Network Operating System Is Linux

grahamsaa Cisco isn't going anywhere, yet (192 comments)

As much as I would like to see Linux / BSD being used to power network devices (and I admit that it's already happening), it's going to be a long time before most enterprises ditch their Cisco gear for equipment that runs an open source OS. Many large enterprises have already made significant investments in hardware and personnel. Even if a vendor were to come along with an excellent product at a great price point it would probably be at least 5-10 years before most enterprises move away from their Cisco switches, routers and other appliances. Don't get me wrong -- I'd like to see Cisco's dominance challenged, and to see a Linux / BSD based CLI used to configure network equipment instead of IOS -- but it seems unlikely in the near future.

about 10 months ago

Comcast Working On 'Helpful' Copyright Violation Pop-ups

grahamsaa I feel bad for the programmers and sysadmins (284 comments)

I feel bad for the programmers and sysadmins that are being asked to implement this. Surely, they must know that it won't work, but senior management probably insists that everyone can afford all the content they want, and that DRM is easy to deal with (and somehow beneficial) because senior management is completely lost.

The front line people responsible for setting this up are probably rolling their eyes in disgust, and looking for better jobs. If I were in their position, I would be. Have fun trying to enforce something that is unworkable and unrealistic. When you're not having fun anymore, hopefully you'll find a job that uses your skillset to do something that makes sense.

1 year,15 days

Did Goldman Sachs Overstep in Criminally Charging Its Ex-Programmer?

grahamsaa free subversion repository? (186 comments)

Goldman Sachs wasn't equipped to host their own repository? For code that is supposedly proprietary, valuable and highly sensitive? That's pretty shocking. Either this guy violated company policy by using a free repo host when he was explicitly told not to, or whoever is responsible for IT infrastructure at Goldman should be fired for incompetence. Hosting your own repo is easy enough, and trusting a free repo host for sensitive code is about as stupid as using a pastebin to share medical records.

1 year,18 days

Japan and EU Commit 18m Euro To Develop 100Gbps Internet Access

grahamsaa Re:$36 Mil is chump change (69 comments)

$45?!? That same plan costs me $60 in western PA! And I thought I was getting a good deal :(

about a year ago

Ask Slashdot: What Should a Non-Profit Look For In a Web Host?

grahamsaa You have a few options (100 comments)

As others have pointed out, you've missed a few details. So, you're getting 503's -- do you know why? Is processor or disk load too high? Is your server misconfigured? I'm guessing at this point that your host is managed by a third party -- have you asked them to explain the problems you're having? Have they offered a solution (even if it might cost you more money)?

What is your budget? What are you currently paying? What about your level of in-house experience? If you're a linux / unix admin (or have one at your disposal) you might be best served by using either a managed VPS or colocated server (or a couple, behind a load balancer, but that gets to be more expensive and complicated to set up).

If you're less willing or able to manage hosting yourself, be aware that generally, you'll get better service from managed hosting providers if you're willing to spend money. Even though you're a non-profit, probably with a limited budget, you shouldn't skimp on hosting if you decide that a managed host is right for you. If you typically have ~1000 active users on your site, any downtime will hurt you -- even if it doesn't cost you in terms of donations, it will make you seem less legitimate.

Anyway, here are your options:

Unmanaged VPS -- cheapest option, will require some technical expertise on your end. Potentially less reliable than colocated servers.
Colocation -- Can be expensive, requires a fair amount of technical expertise. If configured properly, your site should be very, very reliable, but there's a lot of room for error.
Managed hosting -- Forget about paying $80/year for managed hosting, considering the amount of traffic you're getting. You may have to spend $100/month or more. Good managed hosting won't require much experience from you or your staff, and will be less expensive (probably) than colocating multiple servers. Do research, read reviews, etc. to find a provider you feel comfortable with. While price is an important consideration, you shouldn't go with the cheapest option just because it's the cheapest. If you need to talk to a technician at 3am, you want to be sure that you're going to get someone on the phone when you call. It's also probably important that the person you get when you call during an outage / emergency isn't an idiot, and with most bargain-basement hosts, you're lucky to get a human on the phone at all.

Good luck :)

about a year ago



Unattended maintenance windows

grahamsaa grahamsaa writes  |  about a month and a half ago

grahamsaa (1287732) writes "Like many others in IT, I sometimes have to do server maintenance at unfortunate times. 6AM is the norm for us, but in some cases we're expected to do it as early as 2AM, which isn't exactly optimal. I understand that critical services can't be taken down during business hours, and most of our products are used 24 hours a day, but for some things it seems like it would be possible to automate maintenance (and downtime).

I have a maintenance window at about 5AM tomorrow. It's fairly simple — upgrade CentOS, remove a package, install a package, reboot. Downtime shouldn't be more than 5 minutes. While I don't think it would be wise to automate this window, I think with sufficient testing we might be able to automate future maintenance windows so I or someone else can sleep in. Aside from the benefit of getting a bit more sleep, automating this kind of thing means that it can be written, reviewed and tested well in advance. Of course, if something goes horribly wrong having a live body keeping watch is probably helpful. That said, we do have people on call 24/7 and they could probably respond capably in an emergency. Have any of you tried to do something like this? What's your experience been like?"

How should I wean myself off of Google services?

grahamsaa grahamsaa writes  |  1 year,11 days

grahamsaa (1287732) writes "My primary e-mail account is with gmail, and has been for years. I catch up with remote friends and family by using Google chat (within gmail). I have an Android phone and tablet, and am generally happy with them. Unfortunately, due to Google's cooperation with the NSA and other agencies, I'm becoming increasingly uncomfortable with my dependency on their services.

I do have a e-mail account, but their webmail interface (squirrelmail) isn't nearly as polished as gmail's is (I can't fault them for this — Riseup is small and funded entirely on donations — but giving up some of gmail's features will be difficult). I'm not opposed to setting up my own mail server and I'm experienced enough with Linux to do this, but that presents the some of the same problems. In addition to that, it will take time to update my contacts with new address information, and surely some people will slip through the cracks, probably resulting in complete loss of communication.

Getting away from Google on mobile platforms is even more difficult. Google Now already knows where I live and work, what sports teams I follow, etc. Occasionally I rely on GPS to get around, which works very well, but it also leaks my location data to Google Maps. I need to use a smartphone for work (and my employer pays for my phone), but there don't seem to be any good alternatives to Android. iOS is locked down, and no better from a privacy perspective, and Windows Mobile (or whatever they're calling it these days) is no better.

I'm not interested in switching away from insecure / monitored services because I'm engaged in anything illegal, or because I have anything "to hide" per se. . . I just think that Google already knows too much about me. Switching to a search engine like Duckduckgo is easy enough, but getting away from other services looks like it's going to be very cumbersome. I ditched Facebook years ago and haven't looked back, but I expect this transition to be far more difficult.

Has anyone done this successfully? What services / applications work well? What do you recommend?"

Is Postgres on par with Oracle?

grahamsaa grahamsaa writes  |  about a year ago

grahamsaa (1287732) writes "I work at medium sized company that offers a number of products that rely fairly heavily on backend databases, some of which are hundreds of gigabytes and deal with hundreds or thousands of queries per second. Currently, we're using a mix of Postgres, Oracle, and MySQL, though we're working hard to move everything to Postgres. The products that are still on MySQL and Oracle were acquisitions, so we didn't get to choose the RDBMS at the time these products were designed.

So far, we've been very happy with Postgres, but I know next to nothing about Oracle. It's expensive and has a long history of use in large enterprises, but I'm curious about what it offers that Postgres might not — I'm not saying this because I think that sticking with Oracle would be a good idea (because in our case, it probably isn't), but I'm curious as to how some companies justify the cost — especially considering that EnterpriseDB makes transitioning from Oracle to Postgres feasible (though not painless) in most cases. For those that use Oracle — is it worth the money? What's keeping you from switching?"

How can I keep the US government off of my domains?

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "SOPA and PIPA are dead, or at least in hibernation now, but I'm very troubled by what happened to JotForm recently.

I'm a contract sysadmin, and I manage and develop for a number of small companies and domains. While it's unlikely that any of them will be taken down (I don't host any content that is illegal), it is incredibly troubling that registrars like GoDaddy seem willing to take down entire domains without a court order.

What can I do to keep the US government, or any government, corporation, or third party from taking my domains offline? Are some registrars better than others?"

Former DHS official: no "property interest" in data

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Stewart A. Baker, a former assistant secretary at the Department of Homeland Security is quoted in the New York Times today as saying “You can’t really have a property interest in data,” he argued. “It’s going to get cheaper to reproduce it. It’s going to get reproduced and stored. It’s going to get copied.”

Of course, he was talking about your personal data — in his opinion, personal data can be stored, aggregated, copied and used to track your activities online. But this raises an interesting point — if one can't have a property interest in data, why are people getting sued, fined and arrested for copyright infringement? It seems that you can't have it both ways. If data is going to get copied, and if there's no enforceable property interest, what's the problem with online piracy?"

Link to Original Source

Maryland Robocall Conviction Puts Political Dirty

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Today an attempt to deceive likely-democratic voters in Maryland resulted in a conviction of the man who served as campaign manager for the effort of Maryland's former Republican Gov. Robert Ehrlich Jr.'s to regain the governorship.

A Baltimore jury found Paul Schurick guilty of election fraud on state charges related to 2010 voter-suppression robocalls meant to keep some African American voters, predominantly Democrats, away from the polls on election day.

Whatever you think of the result, this is unprecedented."

Link to Original Source

Dealing with a partially defunct employer

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "I recently updated my resume and checked the web site of one of my previous employers to see how it might look to, well, anyone who looks at my resume. I was horrified to find that while the company is still (sort of) in business, their web site is horribly out of date. It lists a phone number that doesn't work anymore. Signing up for automated e-mail from them results in an auto-reply from an employee who long since quit (saying that he no longer works there). Not too recently, I did good work for this company as a contractor, but now their website lives on, undead, and if any prospective employer looks at my resume and decides to check this company out, it doesn't give a very good impression. So what have other people in this position done to mitigate the damage of a (fairly recent) work history with a zombie company?"

Netflix - streaming only; Qwikster - DVDs by mail

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Reed Hastings, CEO of Netflix, sent an e-mail to subscribers this morning apologizing for the way they handled recent pricing changes. It also announced that Netflix will be split in two. A new service called Qwikster will handle all DVD mailings for Netflix. Netflix will now only provide streaming content. According to Hastings, "Streaming and DVD by mail are really becoming two different businesses, with different cost structures . . . "

Is this a good move for Netflix, or a sign of tough times ahead?"

Could rooting Android devices become mainstream?

grahamsaa grahamsaa writes  |  more than 3 years ago

grahamsaa (1287732) writes "NPR's Weekend Edition aired a story today on how rooting the Nook Color can turn it into a full fledged and relatively inexpensive Android tablet. The story claims that the process takes about half an hour, and only requires the purchase of a Nook and a microSD card, and points listeners to a YouTube tutorial on how to root the device. Could this signal a change in how mainstream users see devices like this? Could rooting Android devices like the Nook ever become mainstream?"
Link to Original Source

NY Times Switches to digital subscription model

grahamsaa grahamsaa writes  |  more than 3 years ago

grahamsaa (1287732) writes "The New York Times just announced that they are switching to a digital subscription model, which will require readers to pay a fee ($15-35 per month, depending on whether they want to view news on computer, smartphone or tablet devices) if they wish to read more than 20 articles a month on the site. Is this model sustainable? Is it time to start looking for another source for online news?"
Link to Original Source

Google is spam filtering its own messages

grahamsaa grahamsaa writes  |  about 5 years ago

grahamsaa (1287732) writes "After renewing my subscription to Google Earth Pro today I was surprised to find that my receipt went to my spam box. This wouldn't normally be unusual, except that Google is my e-mail provider, and the message went to my Google Apps account. Google tagged its own message to me as spam!

They also affixed this warning to the message: "Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information."

Does this strike anyone else as odd / funny?"

Alternative to slow virus scans?

grahamsaa grahamsaa writes  |  more than 5 years ago

grahamsaa (1287732) writes "I work for a small company (about 30 employees) and have found our current anti-virus solution (AVG) to be fairly unworkable. I disabled daily scanning because it slows people down in general, the scans take a long time, and it seems fairly redundant (particularly as resident shield seems to be fairly good). Once every few weeks I do a full scan, and I rarely find anything more threatening than tracking cookies.

Still, these scans take a long time (often over an hour) and slow people down. Most employee machines are laptops, and most people take their computers home at night, so there's no good way to set an automatic scan late at night (as the machines will likely be off by that point). Does anyone have an idea at how to scan for viruses more efficiently?"

Temporary passwords for FreeRADIUS authentication?

grahamsaa grahamsaa writes  |  more than 5 years ago

grahamsaa writes "Hi everyone,

I've been poking around with FreeRADIUS for a few months now, with limited success. It seems that most of the documentation available is hopelessly out of date (referring to version 1.7 or earlier), and while it's clear that MySQL can work as a backend authentication database, I haven't seen any implementations which allow the use of temporary credentials.

Basically what I'm looking to do is to set up a hotspot system (and yes, I've already tried Chilispot . . . it doesn't meet my needs) that allows users to connect to my WLAN for a limited period of time using a randomly generated password. This password could be printed on a cafe receipt or given out some other way. Also, if possible, I'd like to use an up to date version of FreeRADIUS if possible (not 1.x). Has anyone done this? Do you know of any good resources for documentation? Thanks!"


grahamsaa has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>