Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:I think Apple's glory days are over (Score 2, Funny) 138 138

When Steve Jobs was alive high end Android phones were from a hardware perspective usually quite a bit more advanced than Apple / iOS. Today the opposite is true and high end Android are often quite a bit behind by most metrics. If anything Android has been falling further behind Apple phones since Steve Jobs died.

On OSX Apple was mostly ahead than and is ahead now. How far is Microsoft towards retina only systems? While Apple has converted over most of their major lines and likely around 2017 is selling 0 or very few non retina machines. How far is Microsoft towards taking advantage of SSD and CPU freezing to increase battery life? Etc..

Your estimate is silly.

Comment: Why? Applications. (Score 2, Interesting) 138 138

Well I think the why is pretty clear with the feature set they have been releasing. On OSX Safari is a default choice whose major advantage is ties with iOS devices. They are fine with people using other browsers and might even welcome a more diverse OSX broswer ecosystem. On iOS they want to move away from the web and towards applications. They need the iOS Safari engine to be fast, but they don't need it to support the full range of web experiences since increasingly they want those experiences delivered via. applications.

The analogy with I.E. is really quite on point. Apple is acting like Microsoft did in the late 1990s / 2000s for the same reason Microsoft was disinterested in I.E. They were focusing on platform specific advantages that come from client / server rather than purely web server design.

Comment: Re:Instead of building thin bendable phones... (Score 1) 149 149

The benchmark is continuous web surfing over LTE 4G, with screen at 100 nits of brightness. The iPhone 6 plus can do 537 at max. There are other benchmarks that measure how long the phone lasts in low power mode so one needs to use multiple benchmarks.
The iPhone 6 does 7:40, which is about an hour below average.

Comment: Re:POSIX I/O is not really a good fit for versioni (Score 1) 209 209

Open, change, close is a version.
Open, change is not a version since it didn't get closed.

The versioning pattern can keep older it doesn't have to be just "last 10". On better versioning system it can be:
Last 10, up to 1 per month for 12 months. 1 per 6 mo forever. See Google Docs or Wikipedia for good examples of this.

Comment: Re:POSIX I/O is not really a good fit for versioni (Score 1) 209 209

If someone updates a file in place, do you really want to create a new version for every write call?

Potentially yes. You might throw some of those away but...

What you can do is make hourly snapshots and make them available as read only shared directories.

And then the user on a file independent basis needs to know when bunches of changes happened. So for example file X had:

Large number of changes between April 2015 and May 2015
large number of changes between Nov 2014 and Jan 2015
large number of changes between Sep 2014 and Nov 2013
etc... with no changes in between. Other files are going to have totally different bursts of activity.

Comment: Re:No, just no. (Score 1) 89 89

Lets be honest, no company would allow, let alone offer, tours if it had any risk of leaving a bad impression to potential customer.

It is not so much a bad impression or good impression it is an accurate impression. Obviously they are going to spin things positively. But it is not to their advantage for the customer to not know the upsides and downsides. They don't want to sell services they can't provide. So for example if the data center offers 24/7 smart hands they will present that. If they offer 8/5 smart hands they aren't going to claim 24/7. If they have 2 week's of oil on hand they will want to present that if they only have 4 days they aren't going to claim 2 weeks.

No company in the world would allow a client to perform such audits

Not true. Remember that quite often the IaaS provider and the underlying colo are separate. So for example if AWS is hosting out of location X, the colo company for X (say QTS for example) is going to be audited by Amazon. QTS might very well show you the result of the Amazon audit. Even better is if a bank colos there.

. Whether the provider plays (willingly or not) hand it hand with intelligence agencies is yet another question... You obviously still like bedtime stories. In the meanwhile, I'll leave my sensitive data off the hands of cloud.

Assume the answer is any colo provider you to to will work with USA intelligence agencies. But so will your technical staff. Nothing you do will stop domestic intelligence agencies. As for foreign though, the IaaS companies often offer far better security than your company could ever afford.

But intelligence agencies aren't the real threat. Your facility is likely vastly less secure than the worst of the commercial colos, you are making it much easier to get spied on by thieves.

You don't get audited by anyone serious.

Comment: Re:No, just no. (Score 1) 89 89

How do you know any of that is true?

For a customer you can easily have a tour arranged. You can meet with your account manager regularly. You'll know the people assigned to your account.... Your agent can just tell you since we all go on tours.

How many people review the data center they are migrating to?

I'd say most customers go their data center at least once and sometimes more than once during the sales process.

How many people vette the employees in the cloud center?

You mean like an HR vetting? Those are done quite well. In addition the centers themselves are regularly audited by customers and auditing firms. Again you can pick your center based on the policies you want.

There is no incentive for the vendor to do any of that, it just reduces profitability.

Quite the contrary. The better the data center the less cost sensitive the customers. It increases profitability. Lower end centers selling rack space below cost to supplement existing customers who have become semi-indifferent might have those sorts of incentives to cut corners but again a customer is going to know if there are hitting up a low security / low cost provider.

And the IT management can just say, "It is a professional Fortune {500 | 50} company they *must* be good". . But trust me, the incompetence I have seen in Fortune 500 companies has been astounding.

Exactly the point. You see a much higher level of competence in telcos and fiber companies which run most data centers. You see a much higher level of competence in IaaS operators. Which is my point for most companies this is a security upgrade.

Comment: Re:regulatory aspects (Score 1) 89 89

Do we want them keeping copies for the NSA, FBI, CIA, etc to eventually crack the encryption to view?

If the NSA, FBI, CIA ask for a copy of your data your IT staff will give it to them. Don't kid yourself. Your IT staff is not going to jail for their "at will" employer.

I have yet to see a cloud service prove that they cannot access any data that I would store in their equipment.

  There are plenty of cloud providers with very rigorous controls and audit reports. That is readily available. Not from Amazon (but even they are getting better) but Sungard, Oracle cloud, Verizon cloud, Firehost... You are asking for a standard feature.

Comment: Re:Great for lawsuits and discovery. (Score 1) 89 89

This is somewhat true. Let's narrow a bit. First we are talking civil discovery only and then that's just an argument against IaaS vs. Colo though. Obviously for a criminal case where the government is seriously pissed i.e. the government issues a warrant and ceases the servers they will get the data in either case. Also don't kid yourself once they take the servers your IT staff can be terrified by "obstruction" type charges and will help them get data.

OK so with that off the table. If you intend to be stay close or over the line with discovery breaking apart the management of the service and the physical service makes it easier to avoid discovery because you have three parties than can legally block one another. A can say B knows, B can say C knows and C can say A knows. That's even better than having the in-house staff obstruct discovery where a judge is more likely to find the company liable.

I should also mention that companies that are frequently subject to discovery BTW often have the opposite problem getting middle management and lower management to admit wrongdoing to legal. Often during discovery those people are hiding documents trying to "help" the company when in reality creating a problem of what looks like not complying with the court.

So at best you are making an argument for colo + MSP over IaaS.

Mirrors should reflect a little before throwing back images. -- Jean Cocteau