Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment DMCA Safe Harbor certified (Score 1) 222

I offer some perspective on how DMCA Safe Harbor is used outside of the ISP realm.

The organization that I work for maintains DMCA Safe Harbor status. We are a legal technology service provider, which in English means that we collect data involved in litigation and process it so that it can be entered into evidence as part of a legal proceeding. We have Safe Harbor protection in case we happen to collect copyrighted media during the course of doing forensics collections on systems that we do not own. In order to maintain our status, we have to take reasonable measures to ensure that we are not facilitating copyright infringement. What that means in practice is the security team monitors the network to make sure that people are not running bitTorrent, hosting FTP sites or otherwise actively sharing copyrighted content.

We have never once been served with a take down notice or had to remove content from our systems.

Regarding the article and the DMCA, it seems to me that all Cox has to do is provide subscriber information. It is up to the content holders to go after the individual infringers and make them remove the content from their systems, one lawsuit at a time. Cox and the ISPs are simply providing transit services. They are not actually hosting the content and do not own the systems hosting the content. While I applaud Cox for trying to shield their customers from frivolous lawsuits, I think they are being stupid here. We all know that the large majority of bitTorrent traffic is piracy. If the pirates are too cheap / stupid to spend $10 a month on a VPN or proxy service to obfuscate their connections, they deserve to go down.

Comment Too Little, Too Late? (Score 1) 320

It is interesting that Anonymous is taking this on at the same time that the group is moving their operations to the dark net.

It all seems all too convenient to the larger narrative that is shaping up around the need to crack down on encryption, Tor and other privacy measures. Here we have Anonymous serving as a tool of the powers that be, driving the "bad guys" to encryption through their vigilantism.

In an effort to do something good, they are inadvertently making things worse.

The fact that anyone serious about their trade craft has already been using encryption and stenography and other means for concealing their communications is not going to affect the narrative fed to the masses by the mainstream media. All they are going to hear is "Terrorists are going dark via encryption." and "If you're not doing anything wrong, you don't need to be using encryption."

Comment Re:How's Irvine, CA? (Score 1) 464

FWIW - I am leaving Irvine and moving to the Pacific Northwest after having grown up in southern California. I recently started a family and have no interest in raising my kids around here.

If you are okay with being house poor, you can probably afford to buy a house in Orange County. If schools are important, you better be willing to spend nearly a million dollars for a track home somewhere in Irvine, or set aside a significant chunk of money for private school tuition. Just took a look at Redfin or Zillow to get some idea of what you are going to have to spend. Where I am looking to move, I can get ~2000 sq/ft (3 bed, 2 bath) on a 5000+ sq/ft lot with good schools for $300-400K. The same in Orange County is going to cost close to $1 million.

The food here is pretty amazing and I am going to miss it. Southern California is an ethnic melting pot and you can get cuisine from all over the world here.

I am also going to miss the car culture. With so much disposable income in the area, and no moisture to destroy them, there are awesome cars all over the

The weather sucks. The temperate climate that I grew up with as a kid is gone. Blame it global warming or whatever, but now it is just hot.. getting hotter, and the humidity is increasing. Plan on having to run the air conditioning for a good portion of the year, even close to the beach. The much hyped "ocean breeze" is non-existent if you are more than half a mile inland. The change in weather is the primary reason that I am leaving. Southern California is a DESERT. There are major drought problems and they are only getting worse. Maybe climate change is going to prove to be a load of crap and I will be wrong, but I cannot imagine anyone with any sort of long term vision making a conscious decision to settle down in a desert that has to import its water to survive.

Ignoring the above, there is a good tech scene here. There are a wide variety of industries represented from straight tech like Google, to health care, to manufacturing, legal, literally any industry that you can think of has some sort of representation in southern California in general, and Orange County specifically.

If I was in my twenties and wanted to live in a house with a couple of guys and just ball out, this is a decent place to do it. There is always something going on. Or if I was still single and could spend half a million dollars on a condo, it might be worth sticking around here. But there are better cities to be single in, like Chicago.

Comment Got Skills? Consult. (Score 1) 177

It seems to me like finding qualified, full time IT talent is next to impossible. There are too many tech jobs that need to be done and not enough people with the skills to do them. Therefore the people who have the skills that companies need turn into consultants and earn considerably more than they would if they were to work in house.

On the other side of the equation, companies do not seem to want to invest in training employees when they can simply outsource the work (and the risk). They hang on their hat on skill / knowledge transfer activities that nearly always fail, to at least come up short. I believe that the best way to truly understand a technology is research, plan and implement it. That way you develop knowledge of the technology and how to overcome the hurdles. When something breaks, you have a better than average chance of knowing where to look and focus troubleshooting efforts first.

What ends up happening is a widening skill gap between consultants and in house talent. The consultants get experience deploying the same technology multiple times, and hopefully get better at it every time around. The in house talent gets stuck supporting something that someone else built, that they do not really understand, and that they only see once in their own environment. That dynamic is often further compounded by the consultants who always get to work with the latest version, versus the in house techs who often times might not even be allowed to perform upgrades out of fear that they will break it. "Too risky, we better get consultants to do that."

Comment Re:Great (Score 3, Informative) 89

Because during peak hours where these batteries are going to be active is when buildings in Orange County have experience the occasional power outages. So reducing their draw during these hours is a benefit to the larger Orange County community.

You are spot on with this. As an employee of a company who is in an Irvine Company building that is going to get these batteries, I can attest to the power outages and mandatory rationing that we are subject to. They are not too invasive and so far have amounted to little more than no building A/C after 5pm. I had to contend with much worse rationing working at a non-profit in downtown LA who had heavily discounted power.

Comment Re:What they really need (Score 1) 394

You've never been on mass transit and been forced to be near people who (1) stink to high heaven, (2) are drunk, or (3) loud and threatening?

I have a story about (1) that beats them all. A four hundred poundish woman who would get on the train, and within seconds of the doors closing, half the car smelt like ass and death. She was always talking to herself, and all you could do is wait it out. She usually only rode for a few stops, but people who knew what was up would get out and switch cars.

Your car might sit in traffic but at least you're not sweating, listening to obnoxious music. etc.

When it comes to cars, having them at work is convenient if you are doing things after work, or sometimes even on the way to it. Working a job where I was going to the same place, at about the same time five days a week, for roughly the same amount of time every day, I did not need a car. And if something were going on, I could catch a ride with friends and still get a later train back home.

I saved SO much money in gas over those couple of years. Was the money saved worth the 'drama' of having to 'endure' mass transit? Hell yeah it was.

Comment Re:What they really need (Score 2) 394

It ain't safe for you to ride the bus through Central LA everyday. Especially not some pasty white dude making 6 figures; you're going to get their attention. You use the past tense; I'm going to guess you didn't really do it for very long. I will say that I've never been to LA; but I did the same thing in Memphis years ago. Only I wasn't a 6 figure eco green hipster, I was actually poor with no car.

You are making some generalizations that while close to true, are exaggerated. I rode the train for three years and stopped doing it because I got a new job, not out of concern for my safety. There were a couple of hectic incidents that could have been dangerous, but they were dangerous for everyone involved and not because I was white.

One incident was where an Eighteen Street gangster got on at one stop and then rode for three stops screaming "Fuck Florencia" at anyone and everyone who was on the train. Luckily for him, nobody from Florencia was on the train.

Another incident involved a situation in Watts where a guy from one gang got on the train and three or four other gangsters were not happy to have him there. Things almost got ugly and it was to the point where I helped a woman get out of the way so that they could settle their beef, but luckily for everyone involved, the train reached the next station and all of the people involved in that situation got off to settle their problems with each other out on the platform.

As for being robbed, the only thing you really stand to lose these days is a wallet with no cash in it because everything is digital, and your cell phone assuming you're the type to live on it. The thing is, the majority of people on the train these days have a smart phone. They do not scream "rob me" like they would have a decade ago.

Comment Re:What they really need (Score 4, Insightful) 394

To offer a single counter point, when I was living in Long Beach, CA and commuting into downtown Los Angeles, I opted to take the blue line instead. It took a little bit longer, but it was worth it for me because my employer subsidized the cost of the ticket as part of a county initiative to reduce traffic congestion.

My options were sit in bumper to bumper traffic for an hour every morning, or kick back on the train and read for about an hour and fifteen minutes. To me, the extra 30 minutes I spent on the train every day was worth not having to sit in traffic and pay for gasoline.

Just an opinion here, but I think that a person has to be a certain kind of sick in the head to actually prefer the "freedom" of sitting in their own car in traffic if given the opportunity take mass transit instead.

I also had co-workers who took Amtrak trains into work from 50+ miles away. Another co-worker of mine rode the bus in.

It has been my experience that in most cases, the challenge of getting people to take mass transit is cultural and based in classicism. I met people who had trouble getting their brains wrapped around the fact that I was making a six figure a year salary, and riding the train through south central Los Angeles. "You have a car, why would you want to subject yourself to that?" was a question that someone once asked me.

Comment Almost 20 years (Score 5, Interesting) 162

I have been earning a paycheck doing IT work since 1996.

The biggest change that I have seen is the need to specialize. When I started, I was able to be a jack of all trades kind of sysadmin.

One of my bosses imparted the following wisdom to me. "To be a good IT professional, you need to understand systems administration, programming and networking." He was not implying that one needed to master all three of them. One just needs to understand enough about all three to be conversant about them with other professionals who might be experts in them.

These days, generalists are looked down upon. There is simply too much to know, and roles / job descriptions are too siloed. People are hired to perform a specific set of tasks or to have proficiency over a small portion of an entire environment. The larger the organization, the more prevalent this becomes.

Comment Beats a real job (Score 1) 474

Every time I feel a bit bummed about my job, I look around at the jobs that everyone else in the world is doing and I realize how fortunate I truly am.

If your tech job sucks, find enjoyment somewhere else. There are about 16 other, non-work hours in the day. You could be digging ditches, or serving burgers, or working at the mall.

Comment Thank You All (Score 4, Interesting) 198

Thank you everyone who took the time to respond to my question. Reading the responses has been very insightful and a bit humbling.

I appreciate those of you who called out my tone, pointed out that I'm a whiner and even insinuated that I am not qualified for the position. What would an "Ask Slashdot" post be without one or two snide comments along the lines of, "If you have to ask slashdot, you're obviously an idiot."?

I came to the community as humbly as I could because I realized that my own ego was likely getting in the way, my understanding of what the position is might be skewed, and needing a reality check. I got it.

There were way too many questions and comments along the way to address them all individually. (tl;dr feel free to skip the rest) I will try to respond to most of them here. I hope that by providing some background about my professional experiences and how I got to where I am, others who are on a similar path will gain some insights.

A lot of people had questions about the company itself, its size, the VM to user ratios, infrastructure and other questions. Without spending all day writing about it, the company is included in the Russell 2000 Index. That makes it "medium" sized here in the States. It is a consulting company and we frequently bid (and occasionally win) jobs for the same organizations that KPMG, Deloitte and PriceWaterhouseCoopers go after. My five years at the company have been spent working in the legal technology segment. We provide electronic discovery services to some of the largest organizations in the world. Most of the VMs are application / processing VMs that churn through large batch jobs. (Think producing TIFF files of tens of millions of emails, Office documents, etc. from a large corporation involved in a dispute. Think Enron. Getting caught rigging LIBOR. Creating MBS products that send the economy into a recession...). We also have a number of SaaS solutions for that market.

The IT organization has an ITIL compliant change management process. I deal with auditors frequently. Due to the nature of litigations we are holding onto reams of personally identifiable information, confidential information, privileged information. We deal with large financial sector clients who are subjected to all of the regulations. We deal with health care clients who are subjected to all of the regulations. As irksome as auditors are, I have found that they truly do help us elevate our operations and we have been able to use audits to get capital for systems that we otherwise would have never been able to justify on our own.

When I say that the IT group was traditionally internally facing, they were. They deploy laptops, manage remote offices, keep Exchange running. Their customers are internal to the business. The prior CIO (who was moved out a few years ago) failed to properly size the "cloud" (kill me now for even using that term). Our operations completely outstripped the resources available and required millions of dollars of additional investments in storage (primarily) and compute resources. It was such a large investment that there were even rumors of the business divesting itself of the practice entirely rather than spending the money.

Before I got to my current company, I was a consultant in the (truly) small to medium sized business (SMB) market. (1-250 employees) In that life I was the primary IT resource for small companies where I did everything from design to deployment to operational support. I worked with everyone from architectural firms, to city governments, to waste management companies, 501c3 non-profits, air freight shippers, restaurants, manufacturers (things are still made in America?!?) ... a very diverse client base. I have been working with IT systems professionally since 1996 and using and building my own computers since the early 90s. (The first computer I built myself was a 486DX2/66. I am not as grey bearded as some here, but old enough to have used a 2400 baud modem and typed faster than the terminal program could transmit.)

My professional identity has been based on a mixture of my ability to deploy IT solutions, troubleshoot complex performance / availability problems, and to a lesser extent, understand the needs of an organization enough to provide the right solution for any given business challenge. I have always had full access to my environments and been completely trusted.

I am being offered the Enterprise Architect role because I have been doing the job for the practice I support. We are facing all of the challenges. "Big Data" (again, sorry about the buzzword ... Hadoop/HDFS, ElasticSearch, LogStash, blah blah blah) is a huge challenge. VDI / device agnostic computing is huge for us not just for the 'mobile workforce' nonsense, but also for data security and access control reasons. The team I work with has brought numerous great capabilities into the environment, with automated provisioning, application performance monitoring (true end-to-end transactional visibility across the entire stack), and desired state configuration being some of the biggest.

Before my team got in there, and in some cases outside of our practice, the core IT group is still provisioning VMs by hand and logging into them via RDP to install software manually. To give you an idea of how insane things are, they will not give my team access to vCenter to reset a frozen VM, but they let us develop a PowerShell constrained endpoint that we can programatically pass a machine name variable to via System Center that will reset a VM ... after we have submitted a change ticket and waited 30+ minutes for it breach the SLA before escalating it upwards for approval. But the guys who are building VMs by hand have full, unfettered to vCenter. The vCenter that does not even have DRS turned on because the guy who set it up thinks it is "too unpredictable". The vCenter where large VMs are stepping on each other at the host level because anti-affinity rules are "unnecessarily complex".

Everything mentioned in the paragraph above is indicative of the challenges I am going to face. People are feeling threatened. I am being brought in to guide the expansion of what we have developed for our practice, across the entire organization. People who have had years to get things right are going to be given one last chance to get it right.

That is not to say that everything is doom and gloom. I have a great team of almost half a dozen guys who I can rely on. There are people elsewhere in the organization who know what they are doing as well. It is going to be a huge challenge helping people develop better skills and discard old, ineffective ways of getting things done.

I realize that the EA position a great opportunity and I am going to take it. It is going to require a mindset adjustment. I am the kind of person and kind of manager who has never asked anyone to do anything that I am not willing and capable of doing myself. I ended up with a team of competent people because I had more to do than I could handle on my own, I realized that, and I asked for help. In a way, I feel guilty. It seems almost douchey. It is like that old axiom, "The higher up you get, the less real work you do." The EA position just seems too good to be true in that I am going to be responsible for so much, but not operationally accountable for implementing or supporting them.

Thank you all again for taking the time to respond. I do not have any peers in close physical proximity who are working at this level, and I really appreciate those of you who offered up your insights about the realities of IT in a larger organization.

Submission + - Need advice on Enterprise Architect position

dave562 writes: I could use some advice from the community. I have almost 20 years of IT experience, 5 of it with the company I am currently working for. In my current position, the infrastructure and applications that I am responsible for account for nearly 80% of the entire IT infrastructure of the company. In broad strokes our footprint is roughly 60 physical hosts that run close to 1500 VMs and a SAN that hosts almost 4PB of data. The organization is a moderate sized (~3000 employees), publicly traded company with a nearly $1 billion market value (recent fluctuations not withstanding).

I have been involved in a constant struggle with the core IT group over how to best run the operations. They are a traditional, internal facing IT shop. They have stumbled through a private cloud initiative that is only about 30% realized. I have had to drag them kicking and screaming into the world of automated provisioning, IaaS, application performance monitoring, and all of the other IT "must haves" that a reasonable person would expect from a company of our size. All the while, I have never had full access to the infrastructure. I do not have access to the storage. I do not have access to the virtualization layer. I do not have Domain Admin rights. I cannot see the network.

The entire organization has been ham strung by an "enterprise architect" who relies on consultants to get the job done, but does not have the capability to properly scope the projects. This has resulted in failure after failure and a broken trail of partially implemented projects. (VMware without SRM enabled. EMC storage hardware without automated tiering enabled. Numerous proof of concept systems that never make it into production because they were not scoped properly.)

After 5 years of succeeding in the face of all of these challenges, the organization has offered me the Enterprise Architect position. However they do not think that the position should have full access to the environment. It is an "architecture" position and not a "sysadmin" position is how they explained it to me. That seems insane. It is like asking someone to draw a map, without being able to actually visit the place that needs to be mapped.

For those of you in the community who have similar positions, what is your experience? Do you have unfettered access to the environment? Are purely architectural / advisory roles the norm at this level?

Comment Re:Enterprise Architecture (Score 1) 64

This is a good point. I have come to realize that as an IT professional, often times the only thing that I have power to do is to generate options, build the business case for those options (including the risks of not doing them *very key to do this step*) and then present them to the business. My job is to help the business leaders make informed decisions.

If they ultimately decide to avoid the costs and accept the risks of doing so, they only have themselves to blame if / when the risk materializes.

Most vendors who offer management / performance tuning toolsets understand these challenges. Therefore they have metrics that help demonstrate what the ROI for the tools is, how those tools will reduce CapEx and or drive down OpEx costs. Some are straight forward like "Implement VMturbo and increase your VM density by 25%" Others require some analysis, like quantifying how implementing an Application Performance Management (APM) tool will drive faster incident resolution and require less staff to troubleshoot problems. In a real life example, I managed to justify a $250,000 spend on an APM tool because it allows our sales team to prove to prospective clients that our SaaS application is better managed and has better up time than anyone else in our market segment. They have closed a couple multi-year, multi-multi-million dollar deals by being able to show that we have a 99.99%+ transaction success rate.

Comment Spend Money on the Right Tools (Score 3, Informative) 64

These days capacity planning comes down to have the right tool set for the job. I like VMturbo. There are a few others out there that will get the job done. VMturbo is nice because it is platform agnostic and can help you decide where to place workloads not only based on pure performance numbers, but also on resource cost. (For example, HyperV is likely less expensive than VMware in most situations).

It is also worth considering an Application Performance Monitoring (APM) tool. Being able to identify exactly where the application is slow, and whether or not is an issue with the code or the underlying OS / infrastructure will save a lot of time during troubleshooting, and also help identify rooms to proactively allocate resources to head of potential bottlenecks.

On a similar subject, a tool that provides deep visibility into the database layer helps a lot for the same reasons. A lot of junior admins make the mistake of assuming that high database server utilization is indicative of under provisioned hardware. In reality, poorly written queries will bring down even the beefiest of database servers. While you get information with the built in management tools, a dedicated monitoring platform (like Spotlight from Dell for example) will help you develop historical trends, while at the same time providing real time troubleshooting capabilities.

Most of the time the network is the last bottleneck. In Cisco shops you can utilize NetFlow to figure out where the problems are. Or if the company you are working for has money to burn, the UCS infrastructure stack is very robust and comes with a whole slew of management and monitoring tools that can be leverage to discover latencies before they impact production environments too severely.

SCCS, the source motel! Programs check in and never check out! -- Ken Thompson