* Posts by Gorbachov

49 publicly visible posts • joined 5 Nov 2009

Make Linux safer… or die trying


Re: Forgot one.

"The version of Slackware that I built specifically for this"

is orthogonal to

"makes it almost laughably easy."

381,000-plus Kubernetes API servers 'exposed to internet'



Most people keep it public because private clusters are way harder to build and operate. Suddenly you need private DNS resolution, jump hosts for access to the API, private build nodes so that CI / CD can build and deploy. The cloud provider UI can no longer show you workload info unless you VPN in so you'll need a VPN too).

And then you find out you need special resources to keep all the private bits to talk to each other. Did I mention that those are only available in the premium tier? No? Well, they are so everything will cost 3x what you thought it would.

It's probably not worth it. Access to the API is secured with certs (at least) so you would have to be extremely risk-averse to go down that rabbit hole.


Re: Honest request

It solves many small things in a consistent manner. Encourages you to containerise your service, apply configuration and manage secrets responsibly.

Encourages resource consumption management and scales accordingly. The large ecosystem allows for easy deployment of third-party products for logging and monitoring. All that and it's vendor neutral so you can mostly run your workload anywhere.

Makes managing a microservice deployment less of a nightmare.

There once was a biz called Bitbucket, that told Mercurial to suck it. Now devs are dejected, their code soon ejected


Re: That was a close call.

Git LFS fixes that on a technical level there are terrible implementations out there. For example Github charges for storage and bandwidth which makes it completely impractical.

Germany tells America to verpissen off over Huawei 5G cyber-Sicherheitsbedenken


Re: Huawei is not a risk? Not true

While on average human individuals are crap at evaluating risk, experts can use data and statistics to give decent guesses which allows us to "manage" risk (e.g. insurance). There's also the distinction between risk and hazard to consider.

"you can't prove anything about the future"

This is a misleading statement. While we don't know what the lotto numbers will be we do know that the earth will move along it's orbit for the next few days. I would avoid https://en.wikipedia.org/wiki/Relativism when talking about hard-ish sciences.


Re: How about Apple's apparent deflation? The surgence of "cloud"?

"Chinese investors ... have become the largest single shareholder of Deutsche bank"


4.88% held by BlackRock, Inc., Wilmington, DE

3.14% held by Douglas L. Braunstein

3.05% held by Paramount Services Holdings Ltd., British Virgin Island

3.05% held by Supreme Universal Holdings Ltd., Cayman Islands

3.001% held by Stephen A. Feinberg

1.01%1 held by C-QUADRAT Special Situations Dedicated Fund, Cayman Islands

This makes me not want to check your other claims.

NPM not tied in knots over Yarn rival project


Re: Doesn't fix the fundamental issue with NPM

NPM has been deduplicating dependencies in node_modules since v3 (2015). The tool is not perfect, the lock mechanic is still occasionally flaky when people use different NPM versions to update their deps, but all things considered it's a very good dependency manager with a huge community. What I don't like as much is the commercial nature of the NPM repo. It's been OK so far but the future is uncertain.

And I don't share the enthusiasm for the C/C++ model. When working in a very small team, OK, fine. But how do you keep deps synced across large/distributed teams? I'd rather focus on building new stuff rather than spend my energy on something that can be easily automated.

I got 257 problems, and they're all open source: Report shines light on Wild West of software


That's only true if you cherry-pick the one category where IIS is gaining ground (all sites). When looking only at active sites both IIS and Apache are falling and nginx + "other" is picking up the gains. Probably various cloudy services running on custom code (aws, google).

Cheer up, world! AWS instances just got cheaper


Re: Your move Microsoft?

If IaaS pricing is your only concern then an A2 is still half the price of a c3.large for similar processing power and more disc space.

Come now, that's just dishonest. A2 is comparable to t3.medium, so about ~20% more expensive in Azure and c3.large is comparable to F2 which is ~18% more expensive (Sydney DCs). Remove a few % for disk costs in AWS.

I had to switch from AWS to Azure and I'm just stunned at some of the money-draining shenanigans in Azure - "premium" PaaS instances, charging collection in their NoSQL DB, etc. AWS is fairly straightforward with their pricing in comparison.

Microsoft points PowerShell at Penguinistas


Re: Like grep? sed? awk?

Well, Puppet was actually aimed at ops people, not devs. It uses a DSL to drive the thing and not a proper language but they are kinda regretting it now and slowly extending it to the point where it now looks like yet another programming language. Automation can be a complicated domain - people want to do a lot of weird kaka with their infrastructure.

Microsoft is late to the game, as always, but they have a good incentive in Azure to make this work. People tell me it's not exactly fun to run Chef on Windows (and Puppet is worse). The really big win is that since this will be open source, all the other config management tools can absorb the good bits, if there are any.

Not sure I would want to use the MS tool to manage *nix boxes. Their support for other OS platforms is only skin deep.

Skinny Ubuntu Linux 'Snapped' up by fat Microsoft cloud


Re: back on topic - small virtual linux servers...

The main reason is that many people these days provision their systems with something like Puppet or Ansible. If you have scripts that will install your app, pull in dependencies and configure everything, you only need the base distro to boot and be reachable over the network. Any other needed functionality will be added by the provisioning scripts.

Even Windows Server has a stripped-down minimal install option.

Government locked into £330m Oracle contract until 2016


Re: The public sector spent £290m in 2013 with Oracle

You mean like Skype?


Or this bank in Brazil:


The reason Oracle has such a presence is because most non-web enterprisey software is written in Java and most Java people develop for Oracle. It helps that their DB is quite good.

That said, the OP is being silly. These prices are mostly for doing the integration work and connecting various pieces into a working system, not for licences. Even if you used FOSS building blocks you would spend at least as much on replicating all the functionality. There is an argument to be had for not being locked in to an ecosystem but either way you end up with a giant mess that's difficult (=expensive) to maintain.

systemd row ends with Debian getting forked


Re: What is systemd

> Due to the poor way systemd has of knowing whether a service is available.

I've had to write sysv, upstart, supervisord* and systemd scripts that handle these situations. SystemD gave me the least trouble and was often the cleanest solution. The scenario you describe is non-deterministic (Apache _may_ need the DB) so there is no way to write a "correct" init sequence.

When you write about the initialization of network services I don't think:

"OMG those systemd BASTRDS!"


"Well, maybe it was the best possible solution at the time and they plan on doing a better job later."

I really don't get the hatred pouring out on the developers. I mean, yeah, "do one thing and do it well" is a worthy goal but it's not an unbreakable rule set by the knights who say "Ni!". If it makes more sense to keep it under one name so be it. If a significant section of meatspace decides it's garbage they'll stop using it and we'll have a mass exodus to Slackware. Somehow I doubt it in this case. All this noise looks to me like huffing and puffing of a few passionate individuals while the rest of the world passes them by.

Good luck with the new distro but I'm sticking with Arch.

* I know it's not really an init system but it does manage processes so it's relevant in this case

Revealed: How Microsoft DNS went titsup globally on Xbox One launch day


Re: Maybe they should use LDAP instead...

But the AD instance running on the DNS server (not a master AD in a big setup) needs to be able to reach other AD servers. So, theoretically, if you push a borked DNS entry to the DNS servers you might lose connectivity and thus functionality. It's been a while since I had to deal with the AD monster but I do remember DNS being a pain to set up properly.

The fact that the best AD engineers MS had, on a critical system, took 80 min to solve a configuration issue tells us something. If it was a big hardware event, fine, but this?

OTOH kudos for letting us know what the problem was.

Linux backdoor squirts code into SSH to keep its badness buried


Re: Symantec writeup very poor

The attack he mentions is only valid if the attacker has gained shell access to a user and wants to manipulate the legitimate traffic. This attack would require insider knowledge on the target, be very specific and would probably show up in server logs since the attacker doesn't control the server.

The hack we're talking about is probably an attack on the SSH server, where the server has been modified to listen for that special sequence and executes the extra instructions without logging anything.

Senators propose permanent ban on internet sales and access tax

Black Helicopters

Re: Internet taxes

Well, not completely. They didn't pay for the utilities infrastructure they use (power stations, water processing plants), for the education of their staff, for the infrastructure that enables them to cheaply ship things around the country and internationally, for the fire departments that protect them from disaster, for the military, for the courts and police who enforce the laws and for the politicians who make them. Thus they need to pay taxes. Although, I'll give you that they seem to be keen on paying for the politicians.

Microsoft 'surprised' by Google Gmail 'winter cleaning'


Re: Shills Out In Full Force

Nor do they sync MP3s, pictures or documents. And my Linux PC and Android phone somehow manage to sync the address books and calendars ... so what's your point again?

Juries: The only reason ANYONE understands patent law AT ALL


Re: Translate me a Spaceship

"All you need to do to fix the 'problem' is to ensure that a jury of my peers comprises people with a similar level of intelligence and skills."

So, you are advocating a 'self-appointed elite' approach then.

GNOME hacker: Culture isn't holding desktop Linux back


Re: Just to add

Yes, let's all switch to MS so that our stuff "just works!". Like how I spent the last two days fixing an issue with buggered roaming profiles (random app crashes, including Outlook). Or the recent SP2 for the Windows Update server that dies in the process of upgrading. And the MS official solution? Reinstall WSUS. And reboot. A production server. Several times. If you think using the *nix console is close to black magic you haven't seen anything untill you try to do stuff in Powershell. Incantations galore.

Honestly I don't care about consumers adopting Linux. After all they are called "consumers" for a reason ... we wouldn't get much back from them. The secondary effect people talk of (big OEMs investing in Linux development bcos of all the people using it) is always just out of reach and is probably not worth the effort.

IMO the primary desktop focus should be on power-users and integration of clients into some kind of a backend (AD / LDAP / messaging server). Personally I'm happy with the state of the UI for the moment. KDE is good enough, Gnome 3 will be in a few years and there are several other good, stable options out there.

Dell readies Linux Ultrabook for autumn release

Thumb Down

Re: Give me an Ultrabook with Secureboot turned off

Ummm, no.

It does make the machines more secure but it does it by restricting the user.

For a Win 8 sticker the "Secure Boot" /must/ be /on/ by default and if you turn it off you can't dual boot Windows. AFAIK the only distro with signing keys for "Secure Boot" is Fedora but there is still a lot of uncertainty about revocation and other fluff.

Mozilla shoots down Thunderbird, hatches new release model


Re: Thunderbird has been going downhill

OS X Mail is horrible. Heaps of non-standard crud, stupid mail indexing and a clunky interface. Yuck!

Global warming: It's GOOD for the environment


Re: This really is a horrible bit of journalism

Yes, then all we have to do is shuffle a few billion people around the planet to the newly available land and we can all go our merry old way. What could go wrong?

Nature ISN'T fragile nor a bossy mother-in-law - top eco boffin


Re: dogmatisit on both sides

"Population rates aren't rising, they're falling."

Not sure if that's what you meant but every day, and certainly for the next few decades, assuming BAU, there will be more and more people in this world. Add in the longer life-spans where people retire later in life (or never retire) and things are not looking good. Your sentence seems to be implying otherwise.

"Land isn't becoming scarce - as we live in urban areas, we use less land."

Wherever I look the price of good land keeps rising which suggests otherwise. I know China is trying to buy land left, right and center. Why do you think that is happening?

"We have enough land to feed everyone."

And yet the price of food keeps rising. Every year it takes a larger chunk out of our income. And if you think India is not facing major problems you are ill informed http://is.gd/AkzttY

"All this is the result of prosperity - it came about by people ignoring arguments like yours about natural resource constraints - and doing inventing clever and useful ideas"

Prosperity at a price. Americans & co have all the wealth but at the price of a 'work until you die' lifestyle. Well, You might get rich but you are far more likely to die first. The Chinese are following in their footsteps and sacrificing their poor and their natural environment for a 10% rise in GDP year after year.

I agree that those that call themselves environmentalists are often full of unattainable ideals and a weird idea that a life without technology was somehow better. But I truly believe you are living in the same la-la land as them, just in a different neighborhood. But there's no need to argue, you have already won. If you look at what is happening in the world you can see that most people will never sacrifice convenience for a chance at a better future. Not until it's waay too late.

Solar power towers overpower PV panels by 20X


Re: Trees got there first

You answered it yourself. Burning trees is inefficient. Especially if you want electricity from them.

OFFICIAL: Last Western Black rhino snuffs it


We are killing off species left and right and despite many people trying very hard to save some species, almost always, the efforts fail. Reading the wiki about the current extinction event is thoroughly depressing. The current efforts to stem the tide are another case of 'too little, too late' that seems to be the result of a standard human approach whenever we confront a global problem.

What do you mean do we have the right?! We are the primary cause of this extinction event! And that is not even taking into account global warming, in case you don't believe in it. We have reduced the variety of plants and animals on this planet so much that it's literally mind-boggling. It will take millenia for the planet to regenerate.

Cheap gas is a 'crisis' for Greens, but not for us


do as I say, not as I do

Once free market types start demanding killing off subsidies for all fossil fuels then I will join the chorus. But when you subsidise one tech (e.g. gas) and cut subsidies to the other (e.g. solar) you don't get to say "see, gas is _much_ cheaper than evil, commie solar"

Is gas cheap? Yes, for the moment. Will it be cheap tomorrow? I don't think so. And then you'll cry and moan that our entire infrastructure is geared to oil/gas/coal and that we can't afford to build a new one and must dig for fossils under national parks and in deep, deep water and consequences be damned.

Wind and solar won't be 'enough' but at the rate we are growing _nothing_ will be enough. We simply cannot grow at this pace without some kind of substitute for oil (and no, there is not enough economicaly recoverable gas to replace oil). And maybe we shouldn't even try.

Barnes & Noble complain to DoJ over Redmond nobbling


oh please

As if MS never 'stole' any technology. The only difference is that they have the face to claim moral superiority. If they truly are in the right they would sue Google, win and be done with it. This has nothing to do with technology and everything to do with lawyers.

Somehow, somewhere, the lawyer brigade in MS and Apple has morphed from a defensive department into an offensive one. And if they have to kill the spirit of the patent system to earn a buck, so be it.

Google unfurls Dead Sea Scrolls


"not sure" as opposed to "don't care"


Being agnostic doesn't mean you are not sure what to believe. It means you don't care what the truth is regarding the deity question. A small difference but an important one.

AndyPad Pro low-cost Android tablet now on sale


ho hum

XP on 128 MB is a painful experience. 512 is the recommended ammount for normal use. Just Firefox can gobble up 200-300 GB no problem.

AFA Android efficiency is concerned, it's not Android eating up all that delicious memory, it's the 3d games and the assorted apps.

Hackers pierce network with jerry-rigged mouse

Thumb Down

probably useless

It would probably be difficult to implement for little gain. Although it could be done, I guess, in software with something like UUIDs. But then you would need to think about protecting from UUID spoofing. And it would be a total PITA to constantly manage hardware replacements.

It's easier to deny access to USB/PS2 ports completely and then you're safe(er).

LulzSec dumps hundreds of Arizona Police documents


elitists? bleeding hearts? wtf?!!

Not that I have a horse in the race but since when is being part of the elite a bad thing? I thought that was the point of a free market - the best swim on top (and their waste trickles down). Democracy goes in a slightly different direction and delivers power to the most popular. With the deregulation of campaign funds in the US, elections are becoming more of a scam where only the rich can play. It's starting to smell of aristocracy and computer savvy kids dislike authority. What did you think was going to happen?

btw. free market also means no living wage (or minimum wage for that matter), no protection for the domestic workforce (a.k.a. outsourcing FTW), no legal protection from corporations and other big organisations, no unions, etc. So if you want government protecting your workplaces your best bet would be to campaign & vote democrat. Alas, there are no guarantees in life.

Now, if you are a bastard who wouldn't help a drowning man (especially if the man in question is a gay female liberal commie illegal alien) then just ignore me and carry on.

The 64-bit question


why? why NOT?

If you can get 64bit for the same price why not choose 64? And as for the desktop virt setup, the server side is certainly 64bit so why not choose to boot a 64bit kernel on the client just to avoid complications?

Why is this still an issue FFS?!

Japanese nuke meltdown may be underway

Thumb Down


and gas, coal & oil mining is sooo much safer and cleaner


in short: 61 mining disasters in the last 60 years in the USA alone.

Anti-religious campaigners smack down census Jedis


because they say it matters

If you are silent then you have no voice in the shaping of your country. And it does shape it through the laws already in the books and the ones yet to be made. So, by not giving an answer you potentially weaken a side you sympathize with or at best remain irrelevant in the grand scheme of things. I like that I have at least a small say in the matter and exercise it whenever I can.

The loud minorities have proven that it can reshape our world.

Thumb Up

right on

Extraordinary Claims Require Extraordinary Evidence

true for science, true for religion.

Google guilty of copyright wrong


on robots and oracles

Google respects robots.txt for search results. If you don't want Google specifically scraping your site, but for some reason Bing, Baidu and others are fine and dandy, block their IP addresses. If you don't trust the opt-out nature of the robots.txt then you can always password-protect your site.

As for the Sun^h^h^h Oracles and the alleged theft of the Java IP, well, Google is innocent until proven guilty. I for one don't buy it. Oracle is more evil then Google and this emanates the heady aroma of software patent trolling to me.

Beer, bcos I want one....

iPad 2 spawns updated iOS and apps


false choice

I occasionally want to refresh all my podcasts. That can take a few minutes. During that time I spend browsing or doing something else. Or read a book while something downloads in the background. What do you not understand?

And why must I choose between extremely limited, almost non-existant multitasking and uncontrollable multitasking running ominous software (making noise?? wtf?) killing my battery? FFS.

If Palm and Google can do better than so can Apple. They just don't want to right now b/c of low ram in their kit.

Cloud gaming storms into the UK


no, not really

That's the point of streaming. The bandwith requirement is the same irrespective to game quality settings. So you buy a cheap laptop with crap graphics and play in a browser at full quality. If you have a top-notch connection. Which is a big if.

Apple 'greed' tax spreads beyond music, movies, magazines


Stats? What stats?

Android already has a bigger market share:



Sooo....32% for android and 16% for IOS on the phones and soon there will be a much bigger market for the fondleslabs. The main difference is that the profit from Android doesn't go directly to Google or any single company. There's also the problem with fragmentation but that will pass if Google slows the release cycle as is expected.

If I was a business looking for a big phone app market my bucks would go on the Android side.



He said:

"Apple insist that you *must* use the App Store and that you *cannot* make it cheaper anywhere else"

And then you said:

"Apple's rules only demand that you must *ALSO* support the App Store method of payment, not JUST your own web-store one. You also cannot undercut the App Store pricing on your own site."

Methinks you just confirmed what he said using different words. And did you just now say that they could 'reduce' their profit so as to make up the loss on the Apple tax? If their profit is 30% and they need to pay a 30% tax....ummm....they get nothing?

And please don't bash people with webkit and darwin. Webkit is cool but considering the quality of the browsers that use it Apple is the least responsible for it's success and darwin is flop as a FOSS project, pretty much nobody uses it besides Apple.

Patent attack launched on Google's open video codec

Thumb Down

not true

Lack of a response is unlikely and wouldn't prove anything anyway. It's impossible to prove a codec doesn't infringe so the burden of proof is on the MPEG LA side. And since software patents are so nebulous it's probably in their best interest to rattle their sabre now and again and go on collecting their tithe as usual.

By the way, don't you understand that even if some predating patent is found that doesn't mean anybody was ripped off? It is more probable that certain things can be coded only in certain ways. Does that mean that whoever writes the code first is forever the sole owner of that method? What if we apply the same logic to medicine?

I invented this procedure so if you save a person on the operating table your hospital owes me money!!

Newest PS3 firmware hacked in less than 24 hours


destroying what exactly?

The point is to regain control over the hardware. And as someone who has used pirated software I can tell you that I have stolen from noone. Nobody lost a single penny because of me because I couldn't afford original games. All my money went into a few music CDs. Now that I can afford it I find better ways to sink my money and time.

Is breaking the PS3 security an acchievment? Hell yes!!



And I thought I _bought_ my PS3. Partly bcos it could run OtherOS. Now, suddenly, it no longer can. Can I get my money back please? No? Oh.....

And please do tell how would a PS3 with a custom rom "ruin your experience"?


maybe so, but

Is that clearly stated on the packaging? Can they then change the terms under which they leased me that software? Is there a license agreement (a physical copy in the store) that I can read before buying the console? Can I return the console when they _do_ change the terms (like when OtherOS option was removed)?

This is soo evil and is getting more so.

Apple as a religion: How the iPhone became divine



He _did_mention he's a sysadmin. It's, like, his job to care. And his job provides him money to spend on important things in life (beer? also women, but beer first I think). And as I am one too I assure you he is correct - most users are idiots and refuse to learn how to use their tools effectively. Or at all.

How else do you excuse people that fail to grasp the few basic mechanisms of an email client after 3 years of use (Apple's Mail.app in this case)? The sheer level of ignorance I encounter has made me numb to such situations so it doesn't faze me anymore.

Seagate to announce SSD-threatening hybrid drive


please read more carefuly

This is about 2,5" laptop drives. So your post is relevant only if you manage to cram a RAID setup into a lappie and then install Win7 on a ZFS partition.

Google Chrome OS goes native (code)


not the point

The problem with Google Frame is that it increases the level of complexity for the end user. The user is suddenly running Chrome but everybody who doesn't explicitly know that will assume they are running IE.

That opens a whole can of worms as far as security is concerned.

Not to mantion hat complexity is the enemy of secure design.

Pirates get extra seat in Euro Parliament


software and medicine patents deserve to die

Does anyone have any credible argument _for_ these patents? Software is just too vague and medicine too important to be burdened with these things. Not to mention that both industries are neither poor nor abused. They just want more money from us.

And please don't mix copyright and patents b/c they are quite different.


No. Their stance is that the corporations are too powerful and use this power to promote draconian patent and copyright laws to the detriment of everybody else. If you invent something cool these days you have to invest in a lawyer to make sure you _can_ patent it. And if you don't have enough money (of course you don't) the existing patent search will be weak and you could lose everything as soon as you go public. So yes, the laws must change drastically.

Also, you can't patent music, books, art or similar stuff. Those are covered by copyright which has been extended way beyond sanity levels. 75 years after the author's death? WTF?!