Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment State level identification (Score 1) 59

Technologies like OAUTH 2.0 have been around for a long, long time, and their purpose is to provide a verifiable audit-trail for users.

And it works! Although there have been (and will always be) security issues, the reality is that technologies like SAML and OAUTH do provide a very useful level of trust.

Except that, although these technologies do allow for a useful transfer of identity, the agents widely used to provide this identity (the IDP) is never an entity that provides a uniformly useful level of identity.

Here I am: Bill Jones (not my real name) citizen of the UK (not my real country, either) and I have no way to properly assert that to, say, Bank of the West (not my real bank, either) or Northern Airlines. (not my real airline)

If I have to assert my true identity, I have a state-issued driver's license or passport. Why do I have no way to assert either of these identification documents electronically?

Why can't I use my passport ID to assert myself to the bank, or the airline?

Seems to me that it would be HIGHLY USEFUL if I could. And it seems to be self-evident and proper that the agencies that issue drivers licenses or passports could offer electronic identification, even if it's sourced out to a tech company with a good reputation.

In the US, it's now become increasingly common to have a unified electronic ID to interact with agencies: see id.me. This is a start, and I know government agencies work GLACIALLY SLOWLY so maybe by the time my grandkids are having babies this could be a thing.

Comment Eh? (Score 4, Interesting) 65

Eh?

> At some point you have to ask why you're using RAID at all. If it's for always-on, avoiding data loss due to hardware failures, and speed, then RAID 6 isn't really am great solution for avoiding data loss when disks get to these kinds of sizes, the chances of getting more than one disk fail simultaneously is approaching one, and obviously it was never great for speed.

If you're at this point, then using drives at all is probably already off the table. But I think this position is probably ridiculous.

I have many years of experience managing file clusters in scopes ranging from SOHO to serving up to 15,000 people at a time in a single cluster. In a cluster of 24 drives under these constant, enterprise-level loads, I saw maybe 1 drive fail in a year.

I've heard this trope about "failure rate approaching 1" since 500GB drives were new. From my own experience, it wasn't really true then, any more than it's true now.

Yes, HDDs have failure rates to keep in mind, but outside the occasional "bad batch", they are still shockingly reliable. Failure rates per unit haven't changed much, even though with rising capacities, that makes the failure rate per GB rise. It still doesn't matter as much as you think.

You can have a great time if you follow a few rules, in my experience:

1) Engineer your system so that any drive cluster going truly offline is survivable. AKA "DR" or "Disaster Recovery". What happens if your data center gets flooded or burns to the ground? And once you have solid DR plans, TRUMPET THE HECK OUT OF IT and tell all your customers. Let them know that they really are safe! It can be a HUGE selling point.

2) Engineer your system so that likely failures are casually survivable. For me, this was ZFS/RAIDZ2, with 6 or 8 drive vdevs, on "white box" 24 bay SuperMicro servers with redundant power.

3) If 24x7x36* uptime is really critical, have 3 levels of redundancy, so even in a failure condition, you fail to a redundant state. For me engineering at "enterprise" level, we used application-layer logic so there were always at least 2 independent drive clusters containing full copies of all data. We had 3 drive clusters using different filesystem technologies (ZFS, XFS/LVM) and sometimes we chose to take one offline to do filesystem level processing or analysis.

4) Backups: You *do* have backups, and you do adhere to the 3-2-1 rule, right? In our case, we used ZFS replication and merged backups and DR. This combined with automated monitoring ensured that we were ready for emergencies, which did happen and were always managed in a satisfactory way.

Comment Re:If you live by the cloud... (Score 1) 82

If you have important files that live only on your computer - especially if they only reside on one computer, then you're an even bigger fool and deserve what you get.

For the most part, cloud providers do a much better job than individual people do. Putting it on Google's servers is generally safer than keeping it only on your own computer.

Also, have you ever tried to back up a Windows host? It's ridiculously complicated! Sure, there are plenty of "easy" solutions, but does that back up SQL Server? That fancy accounting package you spent $4000 for? Where *does* it keep those files?

I found this out recently when I upgraded a hard drive and reloaded the OS onto the new drive. Why would you think it would be so danged difficult to get Quickbooks client files transfered to a new hard drive?

hahahaha

Comment Re:Do users care? (Score 2) 245

Most average users of linux want a system that...

You think you can speak for "most average users"? Because you certainly don't speak for me. I'm a professional Linux developer of 20+ years experience (starting with Red Hat Linux 5.0) and things like systemd are a big deal for me! I'm a programmer and systems admin/engineer.

That said, although I have been somewhat slow to adopt systemd, I'm starting to get used to it and I'm actually starting to like it. Things that used to require hackish software like xinetd are really easy to rewrite under systemd. Barely a simple config file and a tad of Google pounding and... it's done. So much simpler than reinventing everything a la messy, 300 line init scripts in bash.

Comment Re:Windows phones should run windows programs (Score 1) 284

For example, Windows Mobile 6 -> Windows Phone 7 -> Windows Phone 8. Is there any phone that you can run the same mobile software on all three Windows phone platforms? No. Each OS version requires new versions and adherence to new standards and APIs. A WP8 app will not run on a WM6 machine.

And that, my friends, was the fatal flaw in the Windows Ecosystem.

I understood the change from 6 to 7. WinMo 6 was just awful. But the jump from 7 to 8 was a deal breaker for devs, myself included.

Trust was betrayed.

AFTER pushing Windows Phone 7 as the "new, next big thing" with the weight of Microsoft behind it, it was then immediately followed, AT THE NEXT MAJOR RELEASE, with a "new - new next big thing" that completely trashed any investment in WP7.

Sorry, that's psychotic behavior, I'm not down for that.

Comment Re:Doesn't know the difference between PDF & h (Score 1) 371

you should point any users who complain to you back to their browser developers' bug report page, and go have coffee

HA HA HA! Tell that to your boss who couldn't give 1 rat's sh17 about standards or social good or anything other than it doesn't work in Edge and 19% of the users use Edge.

Who pays for your coffee?

Comment Re:Fix it with some careful regulation (Score 1) 340

Let supply and demand function without interference in order to establish a market level price.

In order to let supply and demand function, supply has to function. And that's really a problem in big cities like New York with lots of "quality of life" regulations that make it difficult to create new housing. San Francisco faces this problem, Washington, DC faces this problem. So perhaps it's no surprise that these three cities are the most expensive cities in the United States to live in?

You could, of course, take it as a clear sign that those "quality of life" regulations are working.

Comment Re:A few lousy conjectures, there ... (Score 1) 223

LOL!

> Linux is more efficient as a server

Doing what, exactly? This is like saying that Volkswagen is more efficient as a vehicle.

> Windows server is most commonly used at the low end of the market

Bwha ha ha ha!! ha ha! Your $35 router and DHCP server runs Linux, which dominates this end of the market. See above.

Comment Money vs none (Score 1) 503

I don't believe that all speech is equal. In particular, any form of paid speech is, by definition, subject to forces that extend well beyond the focus, intent, and nature of the speech itself.

Personally, I don't believe that freedom of speech protections should apply to any form of advertisement or paid political announcements. Any entity endorsed or sponsored by any other entity should not, IMHO, be under freedom of speech protections regards any speech involving the sponsor or original source of funding.

I work for Hapco. Therefore, any speech I make regards Hapco should be subject to reduced protections, IMHO.

Slashdot Top Deals

Uncompensated overtime? Just Say No.

Working...