And that's great. His motivations laid the groundwork for the Linux we have today. But when you don't want what we wants, virtualization does a million amazing things for convenience and productivity.

Back in 1995, I did dialup support. (Mercifully briefly.)

Working for Netcom, afaik the first ISP to offer unlimited connectivity straight to the internet.

"Hi, I just bought the Internet."

"Hi, I just bought your Internet."

Were the two most common lines from customers as they began to tell me their problem. (One particular brand of modem with no UART chip was the biggest pest...)

In the grand scheme of things, I'd rather get offers for stuff I want than stuff I don't. The world is filled with crap that wants my attention, and I generally ignore all of it.

So if you can target me, then that leaves even LESS attention for spammy untargeted stuff. If the net result is that:

- having me as a customer (as the bank) is more valuable because they can sell me for more and
- consequently spammy untargeted ads are less useful

I'll call that a win-win. The bank isn't getting any information about it they didn't have before. (And frankly, Groupon/Livingsocial already irritate the shit out of me with offers for facials/pedicures/tanning/teeth whitening, and other personal cosmetic garbage I don't want, and will never want.)

Spiderman 3 was nowhere near as bad as Highlander II. Spiderman 3 was disappointing, disjointed... Highlander II was *epically* bad. Like Plan 9 bad.

The comic-book shaw I remember as having exactly that power (kinetic absorption). Or am I confusing him the return-of-the-Hellfire club story line where Emma is sneaking off? (Which I think was one of the Whedon arcs)

I remember him as being more of a mutton-chop guy than a sideburns type like Bacon, but I think Bacon nails the mannerism and the look otherwise.

I quite liked it. Rivals the original (#1) as my favorite. Would definitely see a sequel.

The people who sit in meetings = the workers in the lunchroom, where I am. Welcome to a software company.

We had a team-wide meeting a few months ago, and 15 people pulled out their laptops.

We had 1 windows box, 1 linux laptop, and 13 Macs open up.

This isn't really an indicator that Windows is in trouble though, because I think the vast majority of the Mac users had paid the Microsoft tax to run Office in a VM.

You can get ESX free as well, and there are plenty of tools to help manage it. Both VMware and Hyper-V charge for features as you move up the stack. Maybe VMware is more expensive for the advanced features (which may be because they support doing things Hyper-V can't yet), but...

Well, look at this: http://virtacore.com/vcloud_pricing.cfm

That's running on VMware ESXi+vCenter+vCloud Director, and when you consider the bundled disk and network, it's cheaper than Amazon by a lot. (ie, $345/mo for their equivalent to an AWS large instance - 4 vcpu/8gb). If you used an amazon reserved instance with a 50GB EBS volume and 3000GB of xfer, you pay more like $550. (On demand obviously being higher). And they obviously don't have the scale that Amazon does. (Granted, the margins on AWS are rumored to be somewhere between ridiculous and obscene, but still...)

That said, there are some big Xen installs. Say, Rackspace Cloud, which uses Xen. It's hardly just a hobby any more, and companies like Red Hat and Canonical are supporting the Linux OSS efforts, because enterprises are going virtualized at an obscene rate, and they need to be on board. But there's a lot more to the whole stack than the hypervisor - it's free. The features on top of that are both the revenue stream and the differentiator.

Translation: if you're a Windows shop and want to run Windows stuff, then Hyper-V is a Windows product, and therefore will suit your needs. If you need performance, features, compatibility, or a rich ecosystem of partner products, then look elsewhere? Got it.

Security != Compliance. The encryption isn't meant to stop someone who roots the box from taking the card numbers, it's there to avoid side-leakage like backups, drives from failed systems that get refurbed, etc.

And, of course, there's no way to know. Ironically, in many cases it would be far better for a site to outsource cc processing... unless they are just "cheating" at compliance. (The rules of compliance apply to everyone regardless of tier; it's only the assessment that varies.) Compliance is a costly process that requires either a great deal of knowledge and effort if done in-house. And yet, Tier 2-3 merchants may not want to outsource because they don't want to look like a small company that "can't" do it internally. So for the appearance of being bigger, they may go it alone, but not have the expertise and so put end users at risk.

I used to do development at a Tier 2 merchant, and I lost a little sleep over credit cards. I was fully compliant (without gaming the system), and even implemented systems that go way beyond what PCI requires (for example, my first rev of cc processing included tokenization). And still, I was scared of persistent threats. Even though credit card processing was isolated, data transiently passed through main web servers (over ssl, of course) on the way to be tokenized. Which would mean that it would be possible to gain access to those servers, and graft something onto that channel.

If I had to do it over again, I'd recommend at least a 3-tier system with main web processing, a secure super-stripped, super-minimalized set of web services where consumers would add card data on a DMZ, and then a dropbox server that would give out tokens. I'd build the 2 tier cc-processing servers as vms and probably destroy them once a week and do rolling redeployments off a patched gold master.

I think that'd probably start to let me sleep a little better.

Truth is, I'm way more concerned with identity security than credit cards. It's pretty trivial to get fraudulent charges reversed and get new credit cards. Try getting your credit history fixed and get a new SSN/taxpayer id. And there's no PCI handling for SSNs.

A friend of mine used to sit on the PCI board. He linked me to this recently:

http://blog.imperva.com/2011/04/pcis-impact-on-security-quantified.html

PCI is one of the most defined and effective standards I've ever seen. Compare that to other standards some companies tout like ISO27001 or SAS70, which are absolutely toothless. (Because they assess only what you SAY that access, as they are standards for evaluating your declared controls.)

PCI varies a lot depending on what tier the merchant is. If they are Tier 2 - Tier 4, the assessment is really only as good as their self-assessment/scan. The scan can be gamed simply by giving out a host or two which is properly locked down, and using that certificate. Tier 1 merchants (6 million+ transactions/year) have to undergo an audit with a certified assessor. I guess PSN doesn't do that many transactions per year? If the assessor does a bad job they will lose their certification.

Also, if Sony lied about the state of their compliance, then they are exposed to enormous amounts of liability.

I haven't had TV for years. At first, I just switched to an antenna, because I could get major networks in HD, and I felt like cable was making the whole family waste time. (My wife especially, who watched a lot of crappy reality TV, ala Flip That House or the show about little girls in pageants. And now she agrees it was a great thing to do)

So I mostly just didn't watch TV and didn't miss it. I caught heroes on the HD Antenna, which was like $35. Worked great.

Lately, I just pick up things I want on iTunes. Plus you can rip your DVDs (and if you're willing to pay money and break the law, Blu-rays). So a SAN full of your movies on speed dial via appleTV or such is pretty fun.

And then there's Netflix which you can stream from anything from the iPad to a computer.

I think that's just the intro price. I punched in a friend's manhattan zip code, and it offers it for $5.85/week for 8 weeks, but then it almost doubles.