Perhaps they're not more secure in the literal sense, but they're less of an enticing target. It requires physical presence, and probably some form of breaking and entering. It requires physical transport (which likely means multiple trips), and either a LOT of work on a photocopier, or banking on the fact that no one will miss them. Once you have them, you need to go through them by hand and glean any useful information through manual file sifting.

Digital records are stolen through the Ethernet port. They won't be "gone", so they won't be "missed". They can be sifted, sorted, filtered, and pivoted until they produce useful information. If the records don't produce useful data, it'd be much more difficult to convict the thief of a crime, whereas physical record theft still leaves a laundry list of crimes with which to convict that are easier to prove.

Should the cabinets be locked? Yes...but the only place on a computer you need a crowbar to get what you want is in a game of Half-Life.

Fastest: Seagate.
Best Warranty: Seagate.
Best Cache: WD Red....or the Seagate...the article conflicts between the first two pages.
Cheapest: WD Green.

Seagate notables: Full drive encryption available at a firmware level. AF and Legacy disks are separate models.
WD Red notables: 5400RPM spindle speed.
WD Green notables: None - nothing distinguishable from the Red drive, except a shorter warranty.

Sandra Benchmark results:

Seagate: 167W/168R.
WD Red: 138W/138R.
WD Green: 133W/133R.

Atto results are shown on a messy graph with no clear numbers, but Seagate wins that benchmark as well (albeit with a closer delta).

HD Tune Pro results basically reflect the transfer rates from above. Seek times for the Seagate are 11ms for both write and read, with the WD Red having a 16/17 set of scores and the WD Green being less than an integer higher. Burst rates are again better on the Seagate (276R/304W), with the WD Green being 217/220 and the Red being 217/218.

Crystal mark, basically the same numbers.

Futuremark, prettier graphs with wonderful titles like "video editing" and "importing pictures", with the results a closer race, each drive having its own task at which it wins (even the green). Not much different from the 3TB numbers, and not that much different from each other.

There were no mentions of reliability metrics; presumably none of the disks failed during benchmarking. Consult your usual biases and experience regarding which drive is likely to fail or not - this was strictly a benchmark review, and shockingly, the enterprise-grade drive with the highest rotational speed and biggest cache that costs the most money got the best score.

Yes, but banking breaches/CC Fraud is so common, that the two times it's happened to me, it's been "an errand" - pick up my dry cleaning, get a haircut, cancel my debit card and submit a fraud form, get drinks for company tonight, put some gas in the car. It's that prevalent that it's a well-trodden path, with laws, protections, procedures, canned forms, and an express line to get it squared away. Medical record fraud is a much more difficult problem. You don't need your particular credit card number. You DO need your particular medical file. An SSN change is its own LENGTHY process, as all the rest of your ID cards also need to be changed as well. I don't even know how that works with regards to actually receiving Social Security, either.

Pardon my lack of SQL syntax, but...

SELECT * FROM patient_address WHERE current_prescriptions Contains "Oxycodone" OR "Percocet" AND WHERE area_code EQUALS "212" OR "914".

You now have a comprehensive list of houses to rob in Manhattan where you can get prescription painkillers. Simple B&E, and you've got bottles that can be sold on the street at $40/pill. Or, introduce a middle man - find a drug dealer who will pay a couple grand for a list like that, and make a few grand for sending an e-mail. Send that list - or subsets of it - to 50 different drug dealers, and you've got a year's salary in an afternoon.

If literally nothing else, call the owner of the hospital and blackmail him/her that if they don't deposit a million dollars into your offshore account in the Cayman Islands, that list will end up on Pastebin, and it would mean that the hospital would likely be litigated into oblivion and that person's life is over - WELL worth the million bucks to keep it quiet. For better or worse, we both lack creativity. I'm sure that if I were to spend an actual afternoon attempting to come up with nefarious ways to use data gleaned from a hospital, I could do better. The fact that such a list isn't actual bank account numbers doesn't mean that it's not worth real money to someone.

In UEFI secure boot firmware can only be updated by a *signed* package. A thunderbolt attack would only be able to *request* a change to firmware, but it would have been rejected had Apple implemented secure boot.

Yes

The entire *server* stack - i.e. everything you need to run a .NET server application. They have even created a small-footprint webserver Kestrel for Linux based on libuv. The reason for libuv actually touches on a very important aspect/advantage of modern .NET (and to some extent, Windows Server) . More on that below.

No. You have *always* been able to just self-host the ASP.NET bits. However, MS have taken it a step further and completely separated out the bits of the pipeline so that you can pick and choose. For a long time there have been plugins for Apache httpd and others that would allow you to run Mono. Those will work fine regardless of whether ASP.NET is provided by Mono or MS. Kremel mentioned above, but you can use any other way. ASP.NET vNext is "pluggable".

curl -sSL https://raw.githubusercontent.... | sh && source ~/.kre/kvm/kvm.sh

In the .NET world, the entire platform and runtimes are open source, and the platform specification is governed by international standards organizations (ECMA and ISO).

Microsoft grants patent licenses for anyone who wants to create implementations of the specifications, and Microsoft *specifically* does not require paid testing suites and they do NOT assert that using the APIs constitutes copyright infringement.

And now for some reflections on the differences: Microsofts stack - especially with the latest .NET and Windows Runtime - have grown to become completely focused on asynchronous programming. Windows (the NT line) with the "overlapped IO" available from the initial version always had a very high-performing "completion" oriented async model for all types of IO. While this model could yield much better scalability, to leverage it you had to program in a "callback" style that were often at odds on how you think about a problem (sequentially) as well as poor match for constructs such as exception handling, looping/branching etc.

With C# 5.0 (and the equivalent VB.NET) async became an integrated feature of the language. This is not about smart synchronization primitives, multithreading or similar "low level" concepts. This is aboy having a language that effortlessly allows a programmer to express a sequential problem in a way that allow asynchronous processing all the way down to the system level where overlapped IO will be used. Without invading the way the solution is expressed.

This is huge. I am aware of only one other ecosystem that does something similar: node.js. Python has the capability, but there's no ecosystem built around it where the capability is the default way to design libraries and APIs.

In terms of enabling and supporting async programming style, C#, .NET (and F#) is the most mature option out there, along with the "new" kid node.js.

Java only recently acquired the ability to process web requests asynchronously (yielding the thread to process other requests) - but the language and APIs make it exceedingly hard to leverage this capability for anything useful. If you look up articles for how to do async in Java you will notice a strange tendency to "do nothing" while waiting for an synchronous operation complete. If you cannot do anything useful in the meantime - there really is no point.

In .NET I can follow a few basic rules: Mark WebAPI methods / MVC actions with async, return Task<T> instead of some type T and use await whenever waiting for something like a network request, database query, file IO etc. Then ALL of the processing will be asynchronous all the way down to where asynchronous capabilities of the underlying operating system is used. No multi-threading just to wait for completion. Much less overhead, and much easier tuning of the application (you generally do not need to compensate for IO blocking by spawning more threads).

It is going to be interesting to see how the platforms stack up when on equal footing. My bet is that even on Linux it will be *much* easier writing truly scaleable applications with .NET compared to Java, Ruby, PHP etc.

Sorry for the self-reply, but this is a better DMC routine video; there are hundreds and hundreds of them on youtube...

https://www.youtube.com/watch?...

While "Hipsters" is the go-to answer to why vinyl records are all the rage, DJs are another part. Some songs are still pressed on 12" singles (most commonly EDM and hip-hop; frequently with instrumental versions as well), but the best selling vinyl pressing for quite some time now has been the Serato Timecode record. It allows DJs to use standard Technics 1200s (and newer models, like the Numark TTX and the Reloop 7000s) to still spin and scratch records, but without being limited by what's actually being pressed because it manipulates MP3 playback on a computer.

Amongst the reasons these records sell so well is because instead of having hundreds of records that get 1-2 plays a night, the same pair of records are played all night, so it's entirely realistic to go through a pair a month, depending on how much pressure is put on the needle. Serato is (or was-for-a-very-long-time depending on who's numbers you believe) the most popular DVS platform, with Traktor in second place, though it's more popular with DJs who use (MIDI) Controllers instead of vinyl. Serato and several other DJ software titles now support the vast number of controllers that have been released, so overall interest in DJing with timecode vinyl isn't quite as popular as it once was. Still, while Jack White’s Lazaretto sold over 75,000 copies this year, it pales in comparison to the number of club jocks who buy timecode records, in pairs, monthly.

https://www.youtube.com/watch?...

My first thought was that this sounds a lot like the famed situation between Windows and Lotus. Personally, I miss Musicmatch.

You can't say "Get with the times" in a comment where Slashdot was scooped by ZDNet five days ago. That ship sailed.

Crow, listen to this guy. Assuming these things have 100MBytes/sec write speed, a simple RAID-1 will take over 22 hours to rebuild.

If you want 8TB of usable space, get 4x4TB and RAIDz2 (i.e. RAID6) them. Even if it's disposable data, the data must be of sufficient use to justify a FreeNAS build over a simple external. It's worth your time to do it right.

I answered most of your questions in this post, but the tl;dr version is that I don't mind ads based on what I post. I mind ads based on what I *don't* post, i.e. data that's extracted from my behavior. What I post is public. What I don't post is private. Not that hard.

I'm not talking about being upset with a situation like me saying "I just got a new car!" and then Facebook serving me ads for accessories or insurance. That's a tradeoff I'm okay with, for the very reason you specify. The think that grinds my gears is entirely different, and an example of it just happened today. I have a few PC repair clients. I call, text, and e-mail them. I do not contact them via Facebook. I do not have the Facebook app installed on my phone, we have no mutual friends, they've never e-mailed me at my e-mail address associated with my Facebook account, and I run Ghostery on my browser. To the extent that I can, I've opted out of whatever tracking Facebook lets me opt out of. So, how did Facebook know that I knew these clients? That's information I've not only not given them, but have gone out of my way to prevent Facebook getting. "Because I use the service at all" is a pretty poor reason why Facebook should have that information.

Agreed. Let me give you another example. Back in June, I went with a friend on a road trip to Pittsburgh. In anticipation of this trip, I updated Google Maps on my phone. I don't use it often, and I have auto-updates on my phone disabled, so it was a bit dated. When we got back home, I learned that Google has a "map history" 'feature' that's a part of the Maps app, that show you the routes you took. I was never notified of this change, and again, wherever possible, I opted out of Google's data collection. Maps is "convenient", and Google showing me ads for rest stops and gas stations while I'm driving is an acceptable tradeoff. Retaining that data, when no prompt was given to me? I had nothing to hide during that trip, but it's disrespectful to take data in that manner without giving the user the option to have it not collected. Depending on the tightness of your tin foil hat, there's no guarantee that they aren't taking that data anyway and just aren't showing it to you. "Don't use Maps then" is the likely answer, and I no longer do - I use CoPilot. The fact that the opt-out wasn't made known to me until after the data had been collected? That's not terribly justifiable.

Who my clients are is privileged information. I sync them with an Exchange server whose owners I know, and explicitly not to Google, Facebook, or anyone else. What I do and don't buy *should* be privileged information (which is why I don't use rewards cards). The cross-referencing is most definitely concerning, especially since the definition of "public" seems to essentially be "any time one human interacts with another", when there should certainly be a spectrum between "private" and "public".

The e-mails that end up in the 'offers' folder are not what I'm talking about, because they're not ads from the mail provider. Wherever ads from the mail provider are shown - that's what I'm talking about. I don't even mind if they explicitly ask me "what kind of topics are you interested in?" as a part of the sign-up. I'm okay with that, because it allows me to choose. If I want ads for tampons in my inbox, that should be determined "because I say so", regardless of the fact that every e-mail I get comes from Newegg, Amazon, and Microcenter. "Ask, don't data mine" is all I'm asking for. I intentionally don't run AdBlock or its ilk because I know that advertising is what makes the internet work. Flash, I block (I wouldn't if it weren't for the ads that play audio), and tracking, I block (courtesy of Ghostery). If they're not tracking, and they're not making noise, then by all means, show me the ads. If you want to know which ads to play, I'll be more than happy to help.

"Don't data mine." It's not that hard.

Two reasons:

1.) it's not a matter of having "something to hide". "I have nothing to hide" succinctly illustrates a foundational change in how privacy is viewed. Privacy is a RIGHT that should be compromised only under specific circumstances, at my discretion. "I have nothing to hide" indicates that privacy is seen as a PRIVILEGE requiring a reason for its desire, i.e. "something to hide". The fact that you consider Facebook picking a Coke ad over a Pepsi ad a worthwhile tradeoff for your privacy is all well and good, and I personally am glad that the option is there. The fact that the system is becoming progressively less respectful of the concept of opting out for no given reason, on the other hand, is the problem.

2.) The major issue isn't the opt-in, but the unilateral way it's done. Retail is a science, and I get that...but the fact that opting out is becoming progressively less possible is a problem. If Google wants information about me, feel free to call and ask. I usually participate in surveys for that very reason - they're respectful enough to ask, and allow me to choose which data I wish to provide. Facebook and Google do no such thing.

There's a certain amount of understanding I can have with behavioral advertising. If I Google for "ski resorts Vermont", and they want to show me ads for ski resorts in Vermont, I'm 100% fine with that. I even try to click on ads when I know that they're incidentally what I'm looking for. However, if they're going to send me ads based on my e-mails and Facebook posts, which I cannot opt out of, then that is a different story.

Also, they changed to using the GRUB bootloader, which is going to make a mess in that respect.