Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:ZFS is not recommended for non-ECC RAM (Score 1) 295

The E3 series, the most recent versions released in mid 2012. Use the link you provided and select View All E3. Notice the 2011-12 launch dates.

No, that's the first generation E3's. You'll note the page I actually linked you to shows E3 v5, the "View All" link takes you to the database which can only show one generation at a time and defaults to the oldest.

v5 launch dates are Q4'15 through Q2'16.

Comment Re:ZFS is not recommended for non-ECC RAM (Score 1) 295

And that is how airplanes occasionally crash. Its usually not one flaw or problem, its multiple problems/flaws occurring at the same time

Right, because they have safety systems that cover the typical cases. Apple lack those, so it's not just the convoluted multiple problems piling up that will take out their products, it's simple common ones as well.

There is quite a difference between corrupting the inode info / timestamp info and corrupting the **contents of a file**, its user data. That is what is unique about ZFS. File data being **read** is at risk due to automatic repairs of **user data**.

ZFS repairs using redundant copies of data which don't exist on single-disk configurations. All ZFS will do in such a situation is tell you there's an error in a file it can't correct and suggest you restore it from backup. If it's a transient memory or IO error causing the checksum to fail, a second attempt at reading it should work.

Yes, server grade CPUs support server grade RAM. And judging from Intel's data sheets the current generation Xeons are slower (clock rate, more cores though) and generate more heat

More cores?

And the 4-5 year old Xeons you mention

When did I mention 4-5 year old Xeons? Current prices here:

i7 Skylake, £258-£290 for 2.4-4GHz.

E3 Skylake, £162-£508 for 2.9-3.7GHz. If you forgo 4GHz the Xeons are actually cheaper.

Comment Re:ZFS is not recommended for non-ECC RAM (Score 2) 295

For you it may be a low risk. For Apple its not. Apple will be shipping millions of machines.

And these machines are already vulnerable just to single bit errors anywhere both in the IO path and in memory.

The repair-of-death you describe involves multiple errors in the memory path occurring in a specific order and in relatively specific places, that are already dangerous to existing filesystems.

The atime update metadata corruption you quote is similarly already a problem with existing filesystems. In fact it's more of a problem for these filesystems because they're overwriting existing metadata, not creating new copies of metadata that can be rolled back in a disaster as ZFS does.

Even if we take it as true that ZFS is more vulnerable to these specific types of error (by no means demonstrated), that needs to be balanced against all the other errors it's less vulnerable against.

Stop approaching this from the perspective that ZFS is flawed. Rather approach this from the perspective that ZFS assumes memory can be trusted

... so does every other filesystem. I'll quote another bit of that paper you like:

"In addition to ZFS, we have applied the same fault injection framework used in Section 5 to a simpler filesystem,ext2. Our initial results indicate that ext2 is also vulnerable to memory corruptions. For example, corrupt data can be returned to the user or written to disk. When certain fields of a VFS inode are corrupted, operations on that inode fail or the whole system crashes. If the inode is dirty, the corrupted fields of the VFS inode are propagated to the inode in the page cache and are then written to disk, making the corruptions permanent. Moreover, if the superblock in the page cache is corrupted and flushed to disk, it might result in an unmountable filesystem"

Intel is more likely to support ECC in lower end CPUs (ex i3) than in mid to higher end CPUS (ex i5, i7)

i7-class Xeons (E3-XXXX) support ECC and are usually priced basically identically to their i7 cousins. i3's get used in tiny NAS systems like HP Microservers, probably why they come in ECC variants.

Another difficulty for a consumer oriented company like Apple, making using ECC not really an option for them

I'm sure Apple are more than capable of pushing for it if they considered it a priority. They have the purchasing power, they have the margins, they have the PR to make people wet themselves over the benefits if they so choose.

Comment Re:ZFS is not recommended for non-ECC RAM (Score 3, Insightful) 295

When checksums fail ZFS will assume the problem is on disk and attempt to "repair" the data on disk. This automatic repair is a great feature, when your RAM can be trusted.

Repair by attempting to correct the data from a redundant location, if one exists, and if its checksum passes. The bit flips required to make such a process actually damage your data seems quite convoluted - it'd have to be multiple errors in different locations happening at just the right times - one in the read before the checksum is checked, one in the data to repair it after the checksum has been verified but before it's written back.

"By default, access time updates are enabled in ZFS; therefore, a read-only workload will update the access time of any file accessed. Consequently, when the structure containing the access time (znode) goes inactive (or when there is another workload that updates the znode), ZFS writes the block holding the znode to disk and updates and writes all its parental blocks. Therefore, any corruption to these blocks will become permanent after the flush caused by the access time update"

In-memory filesystem metadata can get damaged and end up in on-disk structures regardless of which one you use, and it's far from the only fs with atime updates. Is ZFS really significantly more vulnerable to this by comparison, or is it just that ZFS won't defend you against it?

My quick skim of the paper suggests the latter. They don't seem to condemn ZFS for being worse, rather, they show it suffers the same sort of problems they find ext2 suffers from in face of memory errors, while demonstrating it's great at picking up errors from the disk/IO controller/etc.

Comment Re:BTRFS is getting there (Score 1) 279

The problem with zfs clone is that "clones can only be created from a snapshot" which means that deleting a file from a clone does not delete the file from the underlying snapshot, so the space is never actually freed

zfs promote clone-filesystem && zfs destroy clone-filesystem@snapshot-it-was-based-on

Comment Re:BTRFS is getting there (Score 2) 279

This is one of the things the Solaris-derived versions have tended to be better at handling - ZFS expects failing drives to be detected/managed by an external fault management service (fmd) which doesn't exist on other OS's. ZFS itself doesn't mark a drive as bad itself unless it outright disappears from the system.

Comment Re:BTRFS is getting there (Score 1) 279

- Mutable snapshots. It is infuriating that ZFS's snapshots are immutable.

Er, snapshots should be immutable. They're used as sources for backups and replication, allowing them to be mutable would defeat the main purpose.

zfs clone if you want a writable copy. What's wrong with that?

ZFS is designed for extremely high quality hardware (and lots of RAM) that doesn't lie to the OS

ZFS is designed to be robust in face of crappy lying disks. That's what all the checksumming and self healing is about - ZFS will cope *far* better with your dire consumer drives than most traditional filesystems. But yes, it likes its RAM, and it likes its redundancy.

Comment Re:BTRFS is getting there (Score 1) 279

That's only a very partial solution - vdev removal, not vdev shrinking. And it's got a pretty meh way of going about it (removing a vdev leaves a permanent layer of redirection in its place).

What we want is something called "block pointer rewriting", which would allow far more flexibility in the modification of an existing pool - possibly even dynamically changing RAID levels on the fly. Unfortunately it's a massive job that nobody's sufficiently interested in solving.

Comment Re:... using the name and e-mail address of other (Score 1) 319

My gmail address gets used as a throwaway rather a lot, and you'd be surprised at the number of sites that don't bother at all.

This message was sent to you ($foo@gmail.com) because you are a valued NBA fan registered with us and we wanted to wish you a happy birthday!

Hi meleonaz,

Registered email successfully updated
Your email address for the account meleonaz has been successfully updated to $foo@gmail.com

Hi @notme345,
We got a request to reset your Instagram password.

Thanks so much for joining Pandora! We're very happy to have you on board, and we look forward to providing you with endless hours of great music listening and discovery.

Many more sites will still create the account and let you use it without me validating the email, and many more provide no means of saying this *isn't* their email.

Comment Re:Your link explains the problem (Score 2) 111

Because a lot of security boils down to "I'm thinking of a number between 0 and $something, I bet an attacker can't guess it at a rate better than blind chance".

e.g. a 128 bit encryption key is a number between 0 and 340282366920938463463374607431768211455. With a secure random number generator, an attacker will have to on average test half of those possible keys before he finds the correct one, because he can't know anything that will reduce the space he has to search.

If your random number generator is broken - for an extreme example, say you only seed it with a 16-bit process ID - suddenly the random values you generate are trivially guessable, because there's only 65535 possible streams of randomness to check instead of $impossibly_huge_number. What should have taken longer than the age of the universe to crack now takes mere seconds.

Comment Er, what? (Score 1) 371

Users who upgrade to 10 will have their default browser automatically changed to the new Edge browse

I upgraded and it gave me a clear screen showing the new defaults, and an option to keep my existing ones, which I chose.

After booting, MPC-HC was still my default video player, foobar2000 was still my default music player, and Opera was still my default browser.

Submission + - HardenedBSD Completes Strong ASLR Implementation (hardenedbsd.org)

HardenedBSD writes: A relatively new fork of FreeBSD, HardenedBSD, completed their Address Space Layout Randomization (ASLR) feature. Without ASLR, applications are loaded into memory in a deterministic manner. An attacker who knows where a vulnerability lies in memory can reliably exploit that vulnerability to manipulate the application to doing the attacker's bidding. ASLR removes the determinism, making it so that an attacker knows that a vulnerability exists, but doesn't know where that vulnerability lies in memory. HardenedBSD's particular implementation of ASLR is the strongest form ever implemented in any of the BSDs.

With HardenedBSD having completed their ASLR implementation, the next step is to update documentation and submit update the patches they have already submitted upstream to FreeBSD. ASLR is the first step in a long list of exploit mitigation technologies HardenedBSD plans to implement. HardenedBSD has also implemented other exploit mitigation, security, and general hardening features, providing great security for FreeBSD.

Slashdot Top Deals

"Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"