* Posts by Rainer

352 posts • joined 20 Jun 2008


Inside our three-month effort to attend Apple's iPhone 7 launch party


Re: Yeah, has some entertainment value

Did you ever get an honest answer from HR why they didn't hire you?

(I actually did, once, but that was in 2004-ish and from a large Swiss bank - and their reasoning was very spot-on, actually).

Anyway - I've been in a position where I basically had to lie to a customer (or be very economic with the truth) because TPTB had decided not to come forward with the full truth (which would have been the right thing) but rather come up with some BS excuse that may or may not have made sense to some dimwit (but somebody with a few more braincells will easily have seen through it).

So, I feel sorry for the gentleman from Apple, whose job is to entertain clowns like Mr McCarthy.


Yeah, has some entertainment value

But really, El Reg, didn't you get the message? Apple does not want you at their Keynotes/Events.

It's within their rights to invite only those they like. It's a private event.

I got this mental image of you trying to enter a club where the bouncer had already sent you away (very friendly, but with flimsy excuses - he just doesn't like your face) multiple times.

Or it's like you apply for a job-opening (or a apartment-rental) and they reply to you that the job/apartment has already been given to someone else. But you still see the ad online and try to re-apply, which makes you look like an idiot.

I do agree that being there, being able to use the devices in the hands-on area or even talking to one of the executives is more useful than just watching it in the live-stream.

But that's not going to happen for now.


Re: Hopefully...

Apple got in very early in the IP-address game.

At some point, they also wanted to launch their own ISP (don't remember the name) - it's long since buried.

When I got my first dedicated server, I got a sheet of paper from my co-lo where I could select the number of IPs I needed. Anything from 1024 to 8 was possible.

That was in 2001.

They could of course have returned them, but they (probably) rightly assumed they would become very valuable. And you don't return IPs unless you know they're more of a burden than an asset.

SETI Institute damps down 'wow!' signal report from Russia


Have they thoroughly analyzed it?

Maybe it has a secret message modulated onto it, with a plan of an advanced device to access secret Einstein-Rosenberg bridges for access to shortcuts in the space-time continuum?

Snowden says Russia ‘probably responsible’ for NSA hack


> Is he implying the DNC was hacked from the NSA malware servers?

No, but what he's saying is that the NSA also still has a few corpses in the closet that the public isn't quite aware about.

Just as the US is pretty sure about the origin of probably most the more public hacking-cases, Russia likewise has a good understanding of the cases where NSA is involved (and their involvement with Unit 8200 in Israel or with GCHQ etc).

So, what FSB is saying is "Tovaritch, let's turn it down a little with the tweets denouncing Russian involvement in the DNC hack. Before somebody says something that they'll regret the next day."

Oculus Rift will reach UK in September – and will cost more than two PS4s


What for?

OK, so I was never really into computer-games (either too difficult or to easy).

I think there are serious use-cases like architecture (and real-estate sales), medicine of course. Engineering too.

But that isn't really a mass-market. Mass-market is games. But people hardly want to pay a couple of $your_currency_unit for a game on a mobile. Nor do they really enjoy paying what an iPhone costs without subsidies.

A lot of people don't even have PCs any more (they have phones, tablets). Now, they're supposed to shell out what?... 1600 UKP or so to get glimpse of VR?

A lot of people in the US don't even have that much savings.

What are they smoking in Menlo Park?

FreeBSD devs ponder changes to security processes


Re: Grumblings

It was planned for 11.0, but people realized there were a few loose ends.

And FreeBSD generally doesn't like loose ends ;-)

As such, it will apparently mature over the 11-series.

I always sort of liked the way it is: base just a tar-ball, the rest packages, especially after pkg-ng started to arrive.

But doing freebsd-update on a lot of servers really takes the joy out of it a bit ;-)


Re: What's the problem?

FreeBSD updates for the base system don't come as packages.

They come in as a number of individual files, each one comes with it's own checksum file.

FreeBSD 11.1 will change that and the base system will be packaged, too.

(Things didn't work out for 11.0).

ODM for the masses? Facebook's OCP still ain't for you, brother


The worst is OEMed white box stuff

We bought a couple of HP JBOD-HBAs - they are rebranded LSI 9207i models.

I would need a newer revision of the firmware - which is available from LSI, but not for OEMed cards.

HP doesn't care (obviously).

I should have bought the original 9207 cards right from the beginning...

At a previous (very previous) job, we had a ADIC tape library OEMed by Siemens.

At some point, while on the phone and confirming with an ADIC engineer, a firmware-update was installed, which instantly bricked the unit.

ADIC replaced it under warranty, luckily. I just wonder who had to eat the costs ;-)

With OEMed stuff, you generally get less and pay more. The OEMs - to paraphrase Scott McNealy - add about the same amount of value to a product as someone reselling bananas: just additional bruises.

As for those cards - I've now bought an original card (as a spare) and will try to flash the HP OEM card with the original LSI firmware, turning it into an LSI-card. A procedure for this is available somewhere on the FreeNAS forums.

If it fails, I'll use the original card. If it works, we can still decide if we buy 1500 bucks worth of LSI cards to replace the HP cards or just re-flash the HP cards.

Tech firms reel from Leave's Brexit win


Re: FFS Calm Down Kids!

> But they didn't just vote to have nothing to do with the rest of Europe.

There was a public vote (1992, IIRC), to NOT join the EU.

The Swiss parliament has recently officially retracted the membership application from back then (it was "on hold", for 24 years...).

Switzerland has negotiated a large number of bilateral treaties with EU and member-states to facilitate easier trade and free flow of people (and unlike the UK, is a member of Schengen).

However, recently a public vote asked the government to limit immigration (which is actually not possible with current EU treaties) - among over reasons because it's a relatively small country and the actual habitable area is even smaller.

I do live there, since 11 years actually and as such I'm an immigrant.

But I do believe that a country - any country - must have some sort of control about who it's going to let inside. "Nobody" and "everybody" are clearly two completely unsustainable extremes.

Thunder struck: Apple kills off display line


Re: USB3?


Salesforce's data centre team 'fought' AWS cloud outsourcing


Re: There is no way we are going to trust our electricity supply to a public grid

Yeah. UPSs and Diesel generators are a 19th century thing, too.

'Grey tech' broker DP Data Systems has gone titsup


They obviously didn't have the balls to do it.

Sick of storage vendors? Me too. Let's build the darn stuff ourselves


Re: Use FreeNAS or TrueNAS (pro. version), and decent hardware.

> Sigh - I can see a big name "All-flash" vendor in my near future.

If you have the money - by all means, go EMC.

Some of their stuff (Isilon) is actually FreeBSD inside...


Re: Hold on... did you just get released from Salesforce?

> Also we are seeing longer and longer rebuild times on bigger and bigger HDD,

Ah yes. There's a point.

Though, is that still a problem when you do RAIDZ2?

I usually only do 6-disk RAID Z2. I've yet to see a failure in the arrays with 6TB disks...

Valley VC Peter Thiel becomes an official Trump delegate


Re: Sounds familiar

That seems to be true, unfortunately. Which is very sad. But still true.

30 years on, Chernobyl wildlife still feeling effects of nuke plant catastrophe


Re: Liquidators

That video ends by pointing out that the insides of a smoker's lungs are pretty "hot" too, thanks to naturally occuring polonium being concentrated in the bronchia. It's #1 on the list for levels of exposure.

I known. But that radiation accumulates over an entire smoker-life.

The worker and first-responders were basically dead in a couple of minutes - they were just alive long enough to see their own bodies break down and fall apart, literally.


Re: Liquidators

Europe paid a lot of money to the USSR (and Ukraine). And still does. It's just that the money does not always end up with those who need it most (news at 11 - it's the Ukraine, No 130 on the World Transparency Index for perceived corruption).

Your lottery-win donation would most like disappear beneath the corruption, too (or even fuel it, as those receiving the money would get more influential that way).

A lot of the men where more or less summoned there - it was the "last phase" of the USSR and I saw an interview with Gorbachev about it. He said it would have been impossible to handle a few years later.

There are also (not totally unreasonable) claims that the reactor-building itself is pretty harmless these days: most of the radioactive material has apparently been thrown out of it by the explosion and all the panic around the sarcophagus is just a bit of a scam to extract a few billions then and now from the West.

AFAIK, Ukraine keeps most of the medical data of all of its citizens (and esp. the victims) a state-secret.

The radiation-levels in the beginning were totally off-the-charts, though.

I think I read that most (almost all) of the plant's own firemen who were there as first-responders died within 24 hours from the extreme exposure.

There's a video on youtube from somebody visiting the most radioactive places on the earth. One of the places is the hospital in Chernobyl. They walk around a bit and finally go to a room in the basement where all the clothes from the firemen ended up being thrown into - there, the dosimeter goes off the scale and there's just a continuous "beeeeeep". Creepy.

Ding-dong, reality calling: iPhone slump is not Apple's doom


Re: Car Play

> Why is the screen in your car being a dumb display for you phone "better"?

Ever got your in-car sat-nav upgraded?

Exactly. They cost insane amounts of money, may or may not get software-updates (sometimes costing substantial amounts of money) and usually can't be exchanged for later, more intelligent models.

It would be cool if cars just had a slot where you could fit an iPhone (or an iPad Mini) and have that serve as radio, satnav, music-player, control-panel for other stuff in the car. This is really a spot where Apple could hurt the current crop of automobile manufacturers most: produce a car where the electronics can be upgraded for less than the purchase price of a new car.

The amount of grey energy that goes into producing a car is enormous - often much more than the amount of fuel it saves over the rest of the lifetime of the previous model.

Treating the car as a dumb "shell" with the electronics being its interchangeable brain would be a bold step.

Google to admins: We'll tell you when your network is pwned



Sorry, we do not have enough information about ASXXXXXX (COMPANY-NET) to perform a registration. Please update the whois information of this AS with contact emails, and try again.

My NOC guys tell me that the data in the whois information is exactly as RIPE had requested it to be.

Couldn't they mention just which line they wanted to have changed?

The kid is not VSAN: EMC buffs up ScaleIO for high-end types


It's a valid question

Is this similar to ZFSs checksumming?

ZFS is the only thing I'd trust to write reliably to SSDs (and be able to detect bit-rot).

Will these checksums detect bit-rot?

FreeBSD 10.3 lands


WhatsApp runs FreeBSD

As do the Netflix Cache-Boxes.

Admittedly, WhatsApp is apparently using FreeBSD mostly as Erlang-launcher - but they serve there 9-digit number of users with a comparatively small number of servers (50-ish, IIRC).

But still - I doubt you could do that with a crap OS.

See this press-release from Mellanox:


We use it a lot for servers. Installation is simple, clean. The handling is very straight-forward. No silly side-effects, no "you have to turn this knob and then that one", none of the idiosyncrasies of Linux. 3rd-party apps behave (almost) exactly like their native documentation describes.

On the desktop, I prefer SuSE (historically). Everyone else in on Ubuntu.

FreeBSD and Ubuntu lack the enterprise-features of RHEL/Centos.

In case of Ubuntu, you can buy them with landscape (but this isn't available on-premise and it makes Ubuntu about as expensive as RHEL - and frankly it's not good enough for that price-tag).

If I could get FreeBSD pkg-management via foreman/katello, this would be an absolute killer.

Well, at least in my datacenter(s) ;-)

Apeiron reckons it's the Godzilla of upstart flash arrays


I would rather have used the metaphor "The King Kong of upstart flash arrays".


Apple engineers rebel, refuse to work on iOS amid FBI iPhone battle


Re: I smell fish

How do you change the password if you don't know the AppleID details in the first place?

It was and is a government-owned phone to begin with.

It had mobile device management.

They can wipe it and give it to someone else ;-)

If you don't have MDM and the employee doesn't tell you the iCloud-password, it's bricked.


Re: The end of Apple

A lot of us non-Americans do find the deep seated distrust of the federal government, well, odd. There's no equivalent feeling in, for, example, the UK, certainly not to the same extent.

Yeah, sure.

Just replace "Federal" with "EU" and maybe you'll understand a bit better.

I mean, Brits love the EU, right?

I heard they like it so much, they're eager to cede most of the political decision-making to he EU "parliament" and the EU commission (practically falling over themselves to get it done).

Dropbox slips 500PB into its Magic Pocket, not spread over AWS


It should be noted that despite discounts, having 500PB on amazon probably wasn't cheap to begin with.

Also, amazon's infrastructure is on-demand only in theory.

If you potentially need to have lots of machines provisioned, you've got to pay for that privilege.

Same is almost certainly true for storage.

Like those independent DevOps vendors? They might not be for long...


Do you have the 2015 report?

Would be interesting to know how accurate their 2015 predictions were.

Apple hasn't announced the new iPhone 5SE and pundits already hate it


The 5C was different

The 5 and 5S were the same size but faster.

I'd like a 4S-size phone but newer specs than 2011.

Unlikely to happen, but a 5S-sized phone with specs from last year would be nice.

I don't live on my phone. My commute is 20 minutes, 30 by bike. I don't need to watch tv-shows on my phone.

I have a handful of apps that I like and use and that start to get really slow.

Confused as to WTF is happening with Apple, the FBI and a killer's iPhone? Let's fix that


Re: Simple solution...



Re: Simple solution...

Dude, you have no idea.

The passcode is needed to unlock the key with which the data is encrypted.

That key is a 256 Bit AES key. You can't brute force that:


If all it would take is a 100k bounty, the FBI would do it themselves.

Just returned from the pub, eh?

US DoJ files motion to compel Apple to obey FBI iPhone crack order


Re: Honest Question

Someone on reddit explained it very well: part of the key is wired to the hardware of the phone.

You can't clone that part. The data has to be decrypted on that specific phone.

It's even more (much much more) complicated on later phones.

Apple has thousands of people working on this thing (the iPhone) and employs some of the smartest minds on this planet to think for every possible attack vector.

Later phones probably even shield against side-channel attacks (measuring minuscule discrepancies in power-usage etc) to help guess the key that is stored outside the control of iOS on the "secure enclave".

Today, it might be an iPhone. But what if (in a future that may be not so far away) it was possible to directly read data from the brain?

You'd use it every day at work, probably, and in your spare time. You'd think of a flower and your brain would send that image via your phone to someone else's phone and from there it would directly reach the brain. The device to enable this would be built in such a way that it wouldn't work without you giving explicit consent to this "transfer".

But what about when you committed a crime? Would law-enforcement be allowed to "tap your brain", against your will to recover details of the crime that you yourself didn't want to tell?

What if you were in a coma? Would it be OK to tap your brain? After all, when they asked you, you didn't really object ;-)

The above mentioned device would have to modified to allow overriding the protection-mechanism.

So, quite rightfully, Tim Cook takes a stand and says "it has to stop somewhere".

Because it has to.

Maybe Tim Cook thinks, this is his "Rosa Parks" moment. It was a small thing at the time. But somebody had to do it and as remarked by someone above, both sides may think this is the case of all cases to drag into the limelight.


Re: This could be VERY bad for American business

Learning Mandarin is fairly easy - provided you start doing so at age three.

Patch ASAP: Tons of Linux apps can be hijacked by evil DNS servers, man-in-the-middle miscreants


Son-of-Ghost, it seems

We've been here before, remember?

Also, in other news, FreeBSD not affected.

Mirantis: OpenStackers, it's us or Amazon...


Not so sure

We went with CloudStack for now.

Also, because Mirantis was way to expensive (AFAIK).

And generally, OpenStack was and is too much of a moving target.

Our deployment isn't that large currently - we'll see.

See that fist punching through the clouds? That's Veeam's, that is


Re: Hate it anyway

Can it restore single files out of a Linux XFS LVM?

What about a FreeBSD UFS2 filesystem?


Windows is of no interest to me.

Looking at this:


it seems this somehow works via the host-guest filesystem?

Note that I don't have access to the Veeam GUI, nor have the VEEAM admins any password for our VMs.

Previously, our VM-admins told us that what I described was the only way to restore data.

I don't know what version they are running.

Note: they may be incompetent.


Hate it anyway

At least the version we have can't really do single file restores from within the server itself.

Backup-Software usually does that.

VMAdmins have to create a clone of the VM, we boot it with disabled NICs, give it another IP, enter the VM, pick the files, tar them up, copy them somewhere else and move them over to the actual server.

Always a big f'ing circus...

Mall owner lays blame at Apple's door for dragging down sales


Apple is special

TTBOMK, Apple refuses rents based on sales percentages.

They just don't do it.

Thinking about it, too bad the ifo-Apple-Store guy passed away - he could probably answer that.

NetApp Hitz out at critics over the flashy SolidFire buyout deal


About that last sentence...

You might want to take a a look at this man-page for FreeBSD's bhyve hypervisor:


Note the sponsors...

And there's this guy at NetApp who's apparently made DataONTAP run on top of above hypervisor:


It (bhyve) now seems to support Windows:


So, I guess not much is missing and you could run VMs directly on your NetAPP storage.

Alphabetti spaghetti: What Wall Street isn't telling you about Google


Everybody calls Apple a "one trick pony" (which they're really not) - but was is Google without search?

It's just hamsters in mice in comparison.

Hopefully, all the ads will move to Facebook soon, where I can't see them (lack of account).

Maybe the content will move there, too - but then my productivity at work might skyrocket.

And I would get to read a book once in a while.

GitHub falls offline, devs worldwide declare today a snow day


we have a local gitlab

so we don't have to deal with crap like that.

Evil OpenSSH servers can steal your private login keys to other systems – patch now

Paris Hilton

Re: Good advert for HSMs and smart cards ?

That's why in the Hollywood-movies, they always have the hot chick to date the smart-card holder and relieve him...of his smart-card.


Time to worry about container standard's AWOL dates?



There's such a lot of "legacy" software out there that doesn't really run in a "container" - or doesn't run well.

I always ask my co-workers what they want to achieve by "moving everything to containers" - or if it's one of these self-serving things you do to be able to say "Yeah, we did it (fist bump)".

Our customer's stuff sometimes runs months or even years in the same configuration.

No need to "spin" up more or less of it (they wouldn't pay more - nor do we want to charge them less).

There's also (to my knowledge) the mostly unsolved issues around storage (needs object storage or cluster-filesystem), overall persistence, user-management etc.

Very few companies can break-down and refactor any problem they face in such a way that it fits into their current "virtualization gospel". Most of our customers don't know why they should, don't know how the could and don't want to pay for it anyway.

We have one customer who is apparently trying to refactor their main application from a asp/dot net thingy into a linux container thingy. A project that is supposed to take two years and god knows how many man years. That's a bold move and I have nothing but respect for them (if they achieve it...).

But few people would and could do such a thing.

Though, arguably, it would be good if people had software written well enough as to allow such a feat without superhuman strength...

2016 in mobile: Visit a components mall in China... 30 min later, you're a manufacturer


Re: Nobody will build a store/service network like Apple

I agree that it's not walk-in for everybody (I happen to work in walking-distance to one - before that opened, the next one was about 20km away and before that one opened, I'm not sure where the next one was, maybe 350km).

But at least they have stores. With people.

Having read the customer-service nightmares other people have when they send-in their phones and receive them unrepaired several times (or with a different defect, or it gets lost on the way or...) and the case dragging on for weeks... I'm sure these people would at some point actually take a flight somewhere just to yell at somebody...

There's also an Authorized Reseller here in town (predating any "official" Apple store), who has his own repair-shop.

For the record: I work in Zurich and the "main" Apple Store (there's another one in a mall a bit outside where I have never been since I moved here ten years ago) can sometimes be a mixture of a circus, a kindergarden and Dante's Hell - but the few times I went there to actually buy something or ask something, it didn't take too long before I could get the attention of a staff member.

The "take a number" concept is nice (and used in Swiss post offices) - but it reminds me of German government agencies (and their mixed track-record when it comes to "Put the customer first").

I assume, Apple doesn't want to even hint at the idea that its stores are akin to government agencies or that its customers are "just numbers".

I'm sure there are a lot of people at Apple just brooding over the efficiency of the stores every single day...


Nobody will build a store/service network like Apple

Especially not Far-Eastern companies.

So, you'll always have to hand in the phone and hope it will actually arrive back.

Apple does repairs, too - but they also do walk-in full exchanges.

Of course, the (largest) iPhone 6S Plus is about five times more expensive than I would actually be comfortable to spend - there's no denying about that.

But at least, I'm the customer and not the product.

Apple doesn't use my data other than for themselves.

That said, the Watch has never appealed to me. First, I've already got a watch. Then, it doesn't look rugged enough for my sports (mountain-biking). And apart from the hr-monitor, it doesn't have any other features I would actually use (I don't read any of my main email-accounts on my phone, I pay almost always in cash, I don't receive a ton of notifications (deactivated most of them) and because I still own an iPhone 4S, I can remove the phone from my pocket and hold it with one hand when somebody calls...).

But the iPhone's value is still superior to me:

- single vendor for hardware and software

- walk-in support

- OS updates with no hassle, long support cycle

- hardware seems quite durable

- very secure (once you active Find My iPhone and give it an access-code, it's basically a brick to any thief)

- vendor has made a commitment to my privacy

If there was an option (in the form of a subscription) with Google so they would not track your behavior, mine your data and sell your information, place adds all over your screen etc - I would consider that.

But I suspect it would be even more expensive in the end than owning an iPhone.

Flare-well, 2015 – solar storm to light up skies on New Year's Eve



There seems to have happened a little hickup in Amazon's "govcloud":


It looks like those people who believe that "made to government-standard" means more expensive and less reliable - they were actually right ;-)

How to log into any backdoored Juniper firewall – hard-coded password published


Actually, I believe Juniper has a sizable business in the Arab world - simply for the fact that they aren't Checkpoint.

Same goes for e.g. Germany-based companies in that sector.

IT salary not enough? Want to make £10,000 a DAY?


Re: Names?

The state of (in-)security in a company has rarely anything to do with the amount of money you spend. Especially, if you spend it on a consultant charging five-figures per day.

Security is a process, a line of thinking. It's really how you do business, how your employees think and work.

Spending that amount of money just for a single consultant looks a bit strange to me.

(had done pen-tests early in my career, where I once happened to see the remaining traces of my own (legal) break-in attempts when a couple of months later the client was hit by "Code Red" and really had to get serious with cleaning up the servers...)



So we can avoid them, when making purchasing decisions.

We're not in ordinary servers anymore: EMC readies open sorcery spells


As if

our network-guys would want to have the firmware of their switches managed by us (Unix folk).

Or the storage guys give us permission to roll out new NetApp updates.

And of course, the Windows-team wants to do everything having to do with Windows themselves.

But at least, with ScaleIO, we're getting our own storage, anyway ;-)

And with RedHat IPA, we'll get our own "AD".

German ex-pat jailed for smearing own pat all over Cork apartment


Re: Jail sentence?

Don't worry - he'll get cold showers in prison every morning. That'll cure him!



Biting the hand that feeds IT © 1998–2020