Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.


Forgot your password?

Comment: Re:stone tablets (Score 3, Insightful) 240

by mlts (#48918933) Attached to: Ask Slashdot: Best Medium For Personal Archive?

I do have one hope -- the USB bus seems to still have devices that interoperate at USB 1.1 speeds, even now, almost 15 years later. This is a good thing. If those devices are still usable on modern systems, then a floppy drive, or a CD drive are usable and would continue to be usable. USB 3 definitely is different, but there will be adapters so that people's mice and other items will continue to operate.

The parent is correct though. Critical data can't just be tossed on some media and forgotten. Ideally, every year or two, it should be copied onto something new. At least every five years, it should see a new medium.

What comes to my mind are software products like TrueCrypt. Who would have thought that TC, something one had as a utility for over a decade, would be sunsetted with multiple, incompatible forks out there? Now is a good time to move data stored in that format to another secure format [1].

Tape pose two problems -- not just finding a physical drive, but what software is being used? This is a bit easier with LTFS (put the tape in, it has a filesystem that is mountable), but in general, is data stored using tar, or some vendor specific utility. AFIAK, NetBackup uses cpio, IBM TSM uses its own specific format, and so on. However, if handed a tape, it becomes a matter of guessing to find out what is stashed on it, and some formats like DLT, one also has to factor in blocksizes. However, if one documents and keeps the backups programs around, this shouldn't be a major issue, although it seems to be often overlooked.

[1]: If the data is static, and one isn't worried about an intruder knowing the data's size, gpg or PGP Zip come to mind. Drive images are harder -- since TC is gone, one sort of has to bet between VeraCrypt and CipherShed to see which one will continue versus which will be discontinued.

Comment: Re:DVD (Score 1) 240

by mlts (#48918211) Attached to: Ask Slashdot: Best Medium For Personal Archive?

Maybe I have been lucky. I have CDs I made in the late 1990s when CD-R writers were 1-2x speed, and I can still read data from those. I once had to pull some files, so grabbed a DVD from about a decade ago, extracted the files and called it done. Since I use WinRAR for an archiver, I do know if there is bitrot, and if damage did happen, there is a chance that it can be handled by a recovery record.

I've also been lucky with tapes as well. I've restored DLT media over a decade old with zero errors.

Of course, when it comes to hard drives, I have a nice pile of dead ones over the years, including a batch of drives which failed at the same time. Similar with USB flash drives.

I am hoping the Sony and Panasonic ArchivalDisk product gains some steam and the price of drives gets dropped by a factor of 10-20. 300 GB AD, or 160 GB Ultra HD Blu-Ray (yes, that is the name, announced a few weeks ago) would be useful for a long term backup/archive format, especially since the technology is innately WORM driven.

Of course, here is something I wonder about which would help immensely with backups: Why isn't there a decent backup/archive/retrieval program out there that works well with multiple media types? Retrospect used to be good, but doesn't support USB Blu-Ray players (making it worthless for archiving.) In the enterprise, there is NetBackup, Tivoli TSM, ArcServ, Networker, heck, even Backup Exec. These not just do backups and restores, but can transfer stored backup sets between media types, validate backups, retrieve archived files, periodically move data from one pool to another (say from disk to tape), and handle one set of data (documents versus OS files) differently from another.

Why do I have to pay insane prices for an enterprise-tier of software if I want the ability to select some documents, click "archive", have them copied to an archive media pool, then go on? When I want to make sure the backups are secure, I create another pool on an external drive, copy the data there, and flag that pool as offsite. This way, every single file I have is backed up, archived/deleted files are retrievable with just one command (perhaps additional time to attach the media if it is offline.)

This isn't state of the art functionality here... ADSM (now TSM) had this stuff back in 1998. This should't be locked to an appliance either. The Unitrends appliance and the former WHS were nice devices, but it would be nice to have a server handle the backup coordination, then if need arose, separate media servers could be used as well... for a price well under five digits.

Backup software (and I'm not meaning the Acronis TrueImage and the other clones that can copy data to a drive or offsite and back... but stuff that can keep track of multiple media types, move files between them, deduplicate files, and be able to figure out where some spreadsheet from 2008 was, out of hundreds of DVDs burned) just has not kept up with the times for average users. I just don't see why Symantec, EMC, or IBM offers this for home users, as it not just makes data safekeeping easy... but because the server could be installed on a separate machine that accesses local desktops, malware on a client would not be able to destroy the data on other machines.

Comment: How about multiple media? (Score 1) 240

by mlts (#48916497) Attached to: Ask Slashdot: Best Medium For Personal Archive?

There is no -best- medium:

Paper is always readable, but can be easily destroyed by water or fire, and stores the least amount of info per size unit than anything else.

The cloud will be present barring SHTF, but there are the security issues [1], so it needs encrypted via the endpoint.

Tape is an archival grade medium, but the drive is expensive ($3000+), it requires a fast computer to prevent shoe-shining, and either requires a program for backups/restores, or one can use LTFS to have the tape appear as a hard drive. (This route, one can use LTFS or even just tar to stash a copy of the backup program and its keys for install, then install/use the program for the rest of the tapes.) Tapes can be physically set read-only so malware can't tamper with contents. One can also buy WORM tapes that further guarentee protection against data modification.

External hard drives are cheap and easy to use... but are not an archival grade medium, can fail, and can be zapped by malware.

Optical drives can function well as WORM media, and are inexpensive... but their present capacities are minuscule (25 GB is the best bang for the buck price point, although the next gen Archival Disc format may actually make optical media viable again for backups.) If Sony and Panasonic can make AD drives and autochangers [2] at a price point well under LTO 4-6, they may just have a major untapped market. Sony does have high capacity optical disk drives... but they run in the $6000-$7000 range, so hopefully this price will drop by large amount once mass produced.

SSD is decent and fast... but it is nowhere near permanent (those electronics will bail the gates eventually), and once the data is lost, it is gone for good.

My take: I use various redundant media. Critical files get burned onto Blu-Ray media using Nero's SecureDisk or DVDisaster (for error checking/correction), stashed in an encrypted container. I also periodically buy a large external HDD, copy everything from my machines onto it, let it deduplicate, then copy all the stuff from the normal backup drives onto the volume as well. With deduplication, this doesn't use up that much space.

[1]: Never know who has access to the files, and the provider can go bankrupt at any time, allowing the next owner of the physical servers free access to the stored data without any legal ramifications whatsoever. In fact, one cloud provider even has it in their TOS saying that the next person owning their firm gets all data free and clear.

[2]: You used to be able to spend a few C-notes on a 400 disk CD changer. An optical silo holding 400 disks isn't much different, so with the 300 gigs promised this year per disk, that gives 120 terabytes of WORM media in 3-4 rack units

Comment: Re:You know... (Score 1) 32

by mlts (#48916033) Attached to: Getting Charged Up Over Chargers at CES (Video)

Not all chargers are alike. There are reviews about how clean the 5 volt DC power is on various models, especially when one plugs and unplugs devices... and it varies from quite good to pure crap.

A lot of them only handle 500 milliamps, making them worthless for newer devices, some of them require 2.1 amps in order to even bother charging.

There are many brands that are decent. If I am going to use a wall socket, I want as many ports as possible, so I like the Lumsing five port model, assuming there is space. This way, I can leave a set of charging cables in place, so regardless if the device is a BT earpiece, a smartphone, a tablet, or an external battery, it can find a teat to suckle on.

I am not into the "boutique" chargers. There comes a point where you get what you pay for, then hit diminishing returns, similar to audio equipment, with the audiophile exponential price curve at the high end, with little back in return [1].

Of course, there is the one invention I'd like to see. A decent charger that has a very good, replacable battery pack (at least 20 ampere-hours). This won't be a small device, but it would definitely come in handy camping/RV-ing, especially with the 40 watt USB bulbs available. One can provide enough light for reading, a few can provide light for the entire camper. It would also be useful for power blackouts since when the battery gets discharged, it can be swapped with another.

[1]: This is audiophile stuff. Studio/professional stuff can get expensive... but there is good reason for it, other than "it uses a rare substance that only discerning ears can tell."

Comment: Re:8 port charger? (Score 1) 32

by mlts (#48915289) Attached to: Getting Charged Up Over Chargers at CES (Video)

I would love an 8 port charger, especially for two people. It could top off both of our iPads, both our phones, my BlueTooth headsets (one earpiece for the road if I'm not using my car, another for stereo listening), my Kindle (an e-Ink model which is easier on the eyes for long reading), and an external battery so when I'm camping/RV-ing, I have the ability to keep my phone topped off.

On a computer where I'm using multiple external hard drives, having USB ports becomes more critical, preferably USB ports on different cards, so I can run drives on separate buses.

Comment: Re:A call for Write Protect (Score 2) 91

by mlts (#48915055) Attached to: Researchers Tie Regin Malware To NSA, Five Eyes Intel Agencies

The problem is that convenience got ahead of security. Until the hit on Sony, the biggest threat to companies was hardware failure. So, companies went with SAN installations that had RAID6, async replication via WAN, snapshots, multiple tiers, and deduplication. More backups needed? Add more drives, maybe a controller.

Tape (and also optical, although optical has not kept up with the times when it comes to storage) became something considered a dinosaur.

This model worked perfectly when the bad guys were logging in to copy off the plans for the next mouse trap, and then go about their business.

The Sony hack has changed things. It only takes one command issued as root to completely purge an entire SAN of all LUNs and directories. Replication? The remote SAN will happily replicate the deleted directories and zeroed LUNs. Snapshots? Easily deleted.

Even non storage items are affected. Firmware can be easily zeroed out, and bricking expensive machinery can be a victory for an extremist group looking for publicity.

As stated above, it is time for physical write protect switches to happen [1], and it is time to start factoring storage tiers with offline (perhaps WORM) media... media that can't be erased with just one command.

[1]: The best is a physical switch or jumper, but even if it is a button or combination of buttons held down, this is better than what we have now. We should never have left the concept of "flip to writable and boot from clean media to initiate the flash update process" behind in the first place.

Comment: Re:Bott's dots (Score 1) 87

by mlts (#48907343) Attached to: Germany Plans Highway Test Track For Self-Driving Cars

The good thing is that this is a solved problem, as the theory is sound. It is the implementation of a trust system and the "if a nail sticks out, pound it down" parts that need to be worked on. That way, a vehicle telling cars to "slam brakes, veer hard left" while everything else around is giving an "all clear" can be ignored or weighted negatively (thank SpamAssassin), with other vehicles passing the "dude, this car over here is on crack; ignore it" messages to others around.

Of course, the hard part is giving thought to security. This is a mindset that is alien to business because for decades, it has been, "release now, fix later." With automotive work at this level, there is no "later". Security can't be just strapped on; it has to be built in every layer from the physical chips to the antenna and network. The physical chips need to be hardened against tampering, and the module potted in epoxy to further protect against attack. Even the voltage inputs must be secured so one can't figure out what keys are used by the computations, or use fluctuating voltages as a way to affect the internal chips.

Since it can't really be upgraded, multiple encryption/signing algorithms must be used. Not because it gives a bigger keyspace, but if one fails or is decoded easily, communications are still protected by others.

This isn't impossible... it just is something that hasn't been a focus by companies since the Cold War.

Comment: Re:what about liability? and maybe even criminal l (Score 1) 87

by mlts (#48907221) Attached to: Germany Plans Highway Test Track For Self-Driving Cars

Here in Texas, one could go to a school, take a semester offered in high school, then there would be two phases. A written test for a learner's permit, then the test with an officer sitting in the car for the actual drive.

Licenses here need to be renewed every six years, one renewal allowed via the Internet, one with a visit to the DMV for checking vision.

Comment: Re:Bott's dots (Score 1) 87

by mlts (#48906979) Attached to: Germany Plans Highway Test Track For Self-Driving Cars

Here in Texas, we have those, except they are nicknamed "Braille lane markers", and are square, with one side beveled and reflective white, the other side beveled and reflective red (so if one sees a bunch of them red, that should give a hint that one is going the wrong way on a highway.)

I too am leery about depending on other cars. Yes, a module could be made if the core chip was made as secure as the Clipper chip (where the dies were put in a top secret area where the Skipjack algorithm was written onto them)... but car to car communication isn't something easily upgraded, barring all the auto makers getting together and coming up with a standard, then implementing the standard in a proper way.

What could happen is that vehicles use some tamper-resistant item like a SIM for V2V communication... however, to hackers, the payoff would be immense, especially if they could cause wrecks in a lot of the country at once.

It isn't unsolvable though. GM's OnStar has not had a successful attack, although if bad guys do get access to it, they can easily disable vehicles if there is a hurricane or other evacuation just to compound the damage and loss of life. So far, this hasn't happened yet.

Comment: Re:Good example of bad use of touch screens (Score 1) 39

by mlts (#48905437) Attached to: Inside Ford's New Silicon Valley Lab

The last laptop that I remember having that was a Thinkpad 365XD. It was nice because no matter what, if you wanted the sound off, it was off. Now, you have to beg/plead with the OS and hope it mutes whatever sound it might want to make.

I'm glad that in critical areas, physical controls are used. I just wish they would return back to cars for radio and climate control systems. Touch screens like the large one on the Tesla are nice and can serve a large number of functions, but every second the driver's eyes are averted from the road is a second a wreck can happen. Controls on the steering wheel do help in this regard, but they can vary widely.

Comment: Re:Good example of bad use of touch screens (Score 1) 39

by mlts (#48904899) Attached to: Inside Ford's New Silicon Valley Lab

I wish the industry would go back to knobs, dials, and buttons, a HUD [1], or at least haptic feedback on the touch screen.

Even nicer about using physical controls, security is a non-issue. There wouldn't have to be one shared touch screen that has to be sitting on the core CAN, but the dials and such can go to the more or less critical modules, so that the dial for turning on and off ABS would be going to a completely separate assembly than the one linked to the climate control system.

[1]: The Nissan Maxima used to sport a small HUD with the speed and other core info. It was pretty useful where one didn't have to glance down for that.

Comment: Re:They need help (Score 2) 39

by mlts (#48904859) Attached to: Inside Ford's New Silicon Valley Lab

I've had decent luck with it overall. At the time I bought my vehicle, one could choose a SYNC navigation system with or without touch screen. I chose the one without. So far, it has worked without issue, alongside quite a number of iOS and Android devices, and the voice system is "meh", but it does work.

Just because it has worked so well on a day to day basis, I'd buy it again. It isn't perfect, but with modern tech where things get obsoleted in a year or two, what is?

Comment: Re:Another use of Crypto-coin - as gift cards (Score 1) 39

by mlts (#48870797) Attached to: Jim Blasko Explains 'Unbreakable Coin' (Video 2 of 2)

There is another nice thing about that system. If the crypto behind the currency is ever broken, it matters less and less as time goes on.

I wonder if there would be a way to have the currency keep a fixed value for a certain period of time, then taper off until it is worthless. This way, if I wanted a store currency, I could have one which would be valid for a year or two (with a -lot- of notice about the expiration date coming up), then after that time, I wouldn't have to worry about it.

Comment: What about servers? (Score 3, Interesting) 570

by mlts (#48870721) Attached to: Microsoft Reveals Windows 10 Will Be a Free Upgrade

I wonder if the server version of Windows 10, likely Windows Server 2015 or 2016, will have a similar update program, or if it will follow the same steps as previous server versions.

Windows Server editions are not as flashy as the client releases... but a single feature or set of features can impact the enterprise in a very large manner. For example, the deduplication ability of Windows Server 2012 and Storage Spaces/ReFS has put the OS near parity with ZFS for defending against bit rot, and the ability to add hard drive space without having to rebuild an array.

If an edition of Windows Server came out with a Hyper-V kernel on par with VMWare in management ability (as in RAM compression/deduplication/ballooning), with real-time drive deduplication. Couple this with Infiniband support and the ability to access another machine's hard drive volumes (in a clustered way, so locking between boxes is preserved), and this would allow a bunch of Windows boxes to not just act as a compute node farm... but also provide SAN-like access and redundancy. More drive space would be easily added by tossing more computers in the array as well as adding disks.

I have a feeling the server version will likely stay the same, with no real incentives to get people from 2012 or 2012R2... mainly because the UI (for the most part) isn't an issue, because one ends up using SCCM/SCOM/SCVMM for most management duties anyway, so the UI on the server doesn't matter as much.

Comment: Re:enterprise will need some kind of offline mode (Score 1) 570

by mlts (#48870577) Attached to: Microsoft Reveals Windows 10 Will Be a Free Upgrade

After XP, the enterprise version of Windows, assuming a KMS structure, will just bounce another activation from the key server if there are so many hardware changes that it feels like it needs to reactivate. These activations are not permanent -- at most 180 days.

For virtual machines, with Windows Server 2012 or newer, if they sit on Hyper-V, they will automatically re-activate and stay activated for seven days.

I think Windows 10 will be the same. Toss the master KMS key on a machine or VM, use a generic KMS client key and set its activation either by DNS or slmgr /skms, then a slmgr /ato... and forget about it.

"If you want to eat hippopatomus, you've got to pay the freight." -- attributed to an IBM guy, about why IBM software uses so much memory