* Posts by Dan from Chicago

12 posts • joined 19 Aug 2013

Google engineer urges web devs to step up and secure their code in this data-spilling Spectre-haunted world

Dan from Chicago

There's only one way to do it

Make everyone liable for their mistakes. If you're injured because the maker of the car failed to secure the connection between the fuel line and the engine, the car company will have to pay - so they're careful to try to not let that happen. They're willing to spend time and money to make sure that doesn't happen.

Web sites do the equivalent of killing and injuring millions of their customers very day, but since all of the costs are born by the users, web site developers continue to send their "death traps" out into the the network.

We've tried the "honor system." It didn't work. Time to let the lawyers get involved.

It's a horrible solution, but it's better than every other solution.l

No one likes a heart-stopping AWS bill shock so now there's a machine learning tool to help detect cost anomalies

Dan from Chicago

Cloud hosting is intrinsically less secure, since administration logins have to pass through an external, public, network (however well thought out the session initiation encryption may be) from an infrastructure that's outside of the cloud's security framework. There are often significant economies of scale to be gained, particularly for small and medium sized organizations that can't afford dedicated administration staff for tasks like patching, backup, and netflow monitoring. But paying a cloud provide for hosting administration denies the organization the economies of scale that would otherwise be gained for local administration and security, making any local security more expensive. If local security is weak, then the logins to administer cloud services are easily compromised from the client location, and the cloud security fails. This is how most cloud security failures occur. Two factor logins provide limited benefits, since a legitimate session from a compromised local machine can be hijacked.

Very large organizations that use public cloud are often wasting money and taking unnecessary risks.

Large organizations can gain most of scale benefits of cloud hardware and platform maintenance and add to that the benefit of protecting the organization with scale savings on very strong local security.

Apple fires legal salvo at Corellium claiming the virtual iPhone flinger is infringing copyright

Dan from Chicago

As long as Corellium is OK with me requesting a free eval, cloning it, and then selling copies for $200 less than they do, it all sounds perfectly fair!

My product would be totally different, since it will be spelled "correlium."

Amazon makes lift-and-shift play for Windows File, Lustre workloads

Dan from Chicago

In other words....

$6048 per year is the minimum cost. $18,000 for a typical refresh cycle.

So why is it listed it at 0.14 cents?

They wouldn't be trying to confuse pointy haired boss types about the cost of their cloud services compared to buying your own kit, would they?

...considering that you buy those same four 1TB nvme disks for about $600.

That's a 30,000% profit on the storage cost. Really we need to be considering the cost of electricity, host boxes, and staff. At that point, profits at that Mother Theresa like company could be scraping along at only a few thousand percent!

:-) - Am I being a little unfair? Maybe it's Amazon that is.

It's like selling bags of rice under a big sign that has the price per grain of rice. Not nice!

Party like it's 1989... SVGA code bug haunts VMware's house, lets guests flee to host OS

Dan from Chicago

The big bang is when the escape is on AWS

Hook into the host process (up the chain to the top) that updates infrastructure and guest OS's and deploy a ransomware "patch."

let it get replicated and backed up for a couple days, on all storage types, then fire it off on D-day (d for the dummies who didn't have some form of offline backup, whether local or cloud).

Clean up costs would be incredible. Millions of servers would be looking at pay up or start from scratch. Tracking down and re-running even a couple of days of transactions would be an incredible amount of work.

Cryptocurrencies are a big part of the problem. They make getting away while keeping ransom payments too easy.

Huawei's Watch GT snubs Google for homegrown OS

Dan from Chicago

Gets killed by Garmin

There are hundreds of apps and widgets available for Garmin watches, its charge is good for 2 weeks of non active-sport activity and a charge can be topped off (from 50% to 100%) in about a half hour.

The integration with cloud based analytic apps, phone, and 3rd party platforms like Strava is extensive and seamless.

The performance is due to using a purpose built OS for portable device hardware vs. accepting the power and performance baggage of any general purpose OS.

Lenovo Thinkpad X280: Choosing a light luggable isn't so easy

Dan from Chicago

Service -

The old Thinkpad warranty service center was on the edge of the main FedEx hub in Atlanta. You'd drop your notebook off at a FedEx box as late as 9PM, they'd work on it overnight, and then you'd get it back by 10AM the following morning. And shipping was covered, as well.

...but the notebook cost about $8,000 in today's dollars, so there's that, too. With current notebooks you could just buy a new one and move over the hard drive, more than once, and still spend less. It would be even quicker. But the "wings" folding keyboard was a really useful trick!

'Alexa, find me a good patent lawyer' – Amazon sued for allegedly lifting tech of home assistant

Dan from Chicago

I call BS

I call BS - After spending all of 22 seconds on a google search - confirmation that natural language queries had already become old news in 1982. Makes me think that Rensselaer Polytechnic Institute and Trump University share quite a bit in terms of integrity and fundamental understanding of fields in which they claim expertise.

December 1982, Volume 4, Issue 4, pp 471–504

Notice that this paper has not claimed that all natural languages are CFL's. What it has shown is that every published argument purporting to demonstrate the non-context-freeness of some natural language is invalid, either formally or empirically or both.18 Whether non-context-free characteristics can be found in the stringset of some natural language remains an open question, just as it was a quarter century ago.


Car-crash television: 'Excuse me ma'am, do you speak English?' 'Yes I do,' replies AMD's CEO

Dan from Chicago

Lisa Su seems to be a real class act - no wonder why AMD is doing so much better.

Can you imagine any of her predecessors saying "I'm here with AMD" instead of "Back off, peasant, I'm the PRESIDENT, CEO, and all around BIG BOSS of AMD?"

Serverless: Should we be scared? Maybe. Is it a silly name? Possibly

Dan from Chicago

"Codeless" maybe?

The server aspect seems rather orthogonal to your intent, calling it gluten-free technology seems to be as suitable a term as serverless.


Google BLOCKS access to Goldman client-leak email

Dan from Chicago

Always surprising

Everyone seems to think it's fine that google, apple, amazon, telcos, comcast, etc. have dozens (hundreds/) of staff and contractors who can look through our emails, photos, etc. but it's time for hysterics if a government agency (that generally has at least some mandated level of privacy protection) gets the same access.

Flash cheaper than disk? 'Customers aren't buying that', says NetApp CEO

Dan from Chicago

15k SAS is flat, and single level flash probably isn't doing much better

The time frame the NetApp guy was looking at was probably 3 years or so, and during that time dumping most data to big, very cheap, slow disk, then cleverly caching it in RAM and Flash in controllers, looks like a reasonable approach for many applications. It can provide superior performance to plain flash (RAM is so much faster than current flash) while being cheaper.

That 15k SAS is flat, and single level flash probably isn't doing much better makes sense.

What's growing are the denser, less expensive versions of storage technologies. It seems like systems that once collected a binary value using a single bit of storage are now archiving a Yes/No question as a 1920x1080 video of someone leaning into their webcam and saying "No" - which then has to get replicated to D2D backed storage in two or more clouds (once your cloud provider goes chapter 11 and sells off the boxes holding your data once, you learn to replicate). Even after compression and de-dup that bit has become a couple meg scattered across 4 sets of blocks!

Granted, that's a reductio ad absurdum worst case, but video and imagery (and backing up do disk) have been taking away a lot of what increasing density and falling costs have been giving to storage. It's why the NetApp guy was saying that they see demand very fast cheap storage growing faster than slightly faster expensive storage.


Biting the hand that feeds IT © 1998–2021