* Posts by Trevor_Pott

6991 publicly visible posts • joined 31 May 2010

Making the case for upgrading from Server 2003

Trevor_Pott Gold badge

Re: Hyper-V

Mind the oracle licensing; you don't simply pay licences for the number of cores assigned to the VM, but rights you Must pay licences for the total number of cores available in the host! Honestly, you are probably better off running Oracle on metal strictly for licensing reasons.

Trevor_Pott Gold badge
Facepalm

Re: no smb 2012 !!!

Damn straight. Microsoft kicked SMBs in the nuts, let them fall the the ground, then demanded those same SMBs subscribe to be kicked in the nuts over and over again each year.

Small Business Server 2011 was bloody brilliant and I won't soon forgive them for murdering it. The bastards.

Trevor_Pott Gold badge

Re: Other Vendors

Zentyal has a $deity long way to go before it's actually usable. Not the least of which is birthing a remote access protocol that isn't made out of slow and horrible. It has an almost usable web UI - but still nowhere near as comprehensive or well supported as Virtualmin/Webmin/Usermin - and about the only nice thing I can say for the desktop UI is "at least it isn't Unity."

Zentyal needs more UX TLC and to start putting R&D into places in the Linux ecosystem (like the aforementioned remote access protocols and UX) that other distros won't. Until then it's Just Another Distro that doesn't net much over *min. For the cost, I expect more...or at the very least a commitment to a roadmap that will get those who bet their businesses on Zentyal where we need to go.

Wake me when Zentyal has taken over development of the FreeRDP server (now merged into Weyland, but still needing lots of dev support to move forward). When they've made a commitment like that - with some real, tangible benefits to the SME user that will ultimately place Zentyal ahead of the myriad other competing Linux distros in the area - I will start to believe.

That said, they're not a bad distro if you can't afford a Synology.

Trevor_Pott Gold badge

Re: Eh, Server 2008 R2 is awesome.

I don't know man, my SMB stable is pretty hard core Small Business Server 2011. You'll pry that out of their cold, dead hands. When you do, I'm almost certain it will be replaces with a Synology, not "Microsoft Azure NSA Edition with +1 to yearly subscription $$$." I wholly expect them to keep clinging to that OS until it goes out of support.

Trevor_Pott Gold badge
Unhappy

Re: You like hard questions? ;)

I try to ignore those because they make me sad. It took until Server 2012 before IIS even got a workable bloody FTP server. How many of those websites are running on old? Sads. I have many.

Trevor_Pott Gold badge
Pint

Re: Eh, Server 2008 R2 is awesome.

With the sole exception of domain controllers - seriously guys, virtualisation aware DCs in Server 2012 are the shit - I can't make the case for moving from Server 2008 R2 to Server 2012. The case for Server 2003 --> Server 2012 is easy. But Server 2008 R2 is a beloved old friend that is more than good enough to get the job done.

It used to be that I was perfectly comfortable with Server 2003 R2. DFSR was really all I needed to make most of what I do work fine. Then I got a Server 2008 R2 licence and set it up as a DC with DNS and DHCP. Now I can't go back. I just can't do it; Server 2003 is just too old.

You know what won me over? The ability to right click on a system in DHCP and add a reservation. That's it; right there. I wasn't won over by a firewall or a protocol, I wasn't won over by encryption or the power of Greyskull. I was won over because someone put an improvement into the operating system that does what computers are supposed to do in the first place: make boring repetitive tasks easier.

I find it interesting to note, however, that I am not nearly so rah-rah about Server 2012? Why? Because Microsoft threw ease of use out the Window. They became obsessed with the technology itself and fuck the people who have to actually use it.

If I wanted to live in a world like that, I'd use Linux. Oh wait, I do! Though it would send our resident hypertroll into paroxysms of rage, I pick Linux not because of nerdly masturbation or ethical handwaving. I choose it because in very specific circumstances it is actually *way* easier to use than Server 2012.

If you go the Server 2012 route you're stuck with the same damned things as you are on the "commercial Linux" route: mind-bogglingly shitty UIs or the shell. The shell is the aformentionned "rote memorization route" and we've wound the argument back 'round to "this isn't going to work for SMEs."

The real question is "what's going to come after Server 2008 R2 for the small business world?" It sure as shit isn't the cloud; well, not for anyone that cares about their data or not getting sued into a lump of coal. (Hi, Echelon!) The truth is that I don't really know the answer. I think there's a gap in the market here that simply isn't being filled.

That basically leaves me with hoping Synology decides to build a rockstar ecosystem around the DSM. They seem to be the only play that gives anything close to a damn any more...and it's not really all that close to a damn at all.

I personally think that the era of installed operating systems is simply over for the SME. Virtual and physical appliances are the future. The overwhelming majority of these will be Linux based, with the off BSD and Windows units making appearances for colour.

Microsoft and Oracle (via Solaris/ZFS) are sitting on the technologies required to make great SME gear. They won't do so because they fear cannibalising their cloud and enterprise licenceing markets.

Too many Linux types are Eadon-class zealots. They can't see beyond their own neuroses long enough to solve the UI problems. My recent interactions with Microsoft make it clear that under no circumstances do the give any fucks whatsoever about addressing usability issues either.

The closed source giants say "fuck users and SMEs, they aren't worth the money." Open source giants say "fuck users and SMEs, it's their own damned fault if they are too stupid to see the perfection of our glorious design." The next-generation SaaS vendors are all about the users and SMEs, slaving over designs until they are intuitive, but demand vendor lock-in, or your privacy in exchange for that usability. Worse, they're mostly based in the US, so the other 6.3 Billion of us can't use them!

It's starting to feel lonely here down at the bottom. No love for the SMEs or end users from any of the players out there. You know you've hit rock bottom when your hopes for the endpoint boil down to "maybe Tizen won't suck too bad" and your hopes for user-grokkable servers are a black box like Synology.

Beer, because this is damned depressing already.

Trevor_Pott Gold badge

Re: Required support tools?

I don't understand won't you require such tools with Server 2012.

Nope, you won't need to buy all (or most) of those tools if you run an OS under support. Server 2012 is quite capable of taking care of itself, thank you. This isn't the Windows XP era; you don't need to piss yourself in terror at the thought of running a Windows system with an external IP address. You can pretty much do an "upgrade in place" to your existing badly-designed network without having to rearchitect the whole damned thin and carrying on with a shite security model for the next 10 years or so.

Should you be tearing up your network and redesigning everything so that there is massive amounts of segregation, multiple firewalls from independent vendors, IDS systems to detect everything, etc? Yes. Will 99%+ of companies unless you have a gun to their heads? No.

Remember that most companies are SMEs. "Eggshell security" (a hardened edge offering a single point of defence protecting a relatively wide-open and "squishy" internal network) is the best they can afford. Not merely for CapEx but for OpEx reasons.

As soon as Server 2003 moves out of support there is no rational way to keep on doing eggshell computing. The first trojan that happens along with annihilate your entire network. Server 2012 is secure enough and keep up to date with patches, etc, that you can keep on this path with about the same level of risk (probably lower) than you had before Server 2003 went out of support.

It isn't the proper way to do things, but it is the common way people do things. Server 2012 basically buys you another decade or so during which you don't have to redeisgn the entire network and retrain all your staff.

If you had access to the source code then you could recompile the old app to run on Server 2012.

Maybe. Maybe not. I'd still need someone who could deal with library changes between the two and so forth. Either way, most people don't have access to the source code. Welcome to capitalism. It sucks. Mind who you vote for next time and maybe we can slowly start to change this, eh?

Trevor_Pott Gold badge

Re: You like hard questions? ;)

"Why make the move to Server 2012 with its dinkey-toy interface, while you can still get Server 2008R2?"

This is a damned good question, sir, and one I still don't have a satisfying answer to. Server 2012 R2 is worth the jump, despite the absolute shite interface. Server 2012 versus Server 2008 R2...

...well, the only big reasons I have for that are storage related. SMB 3 is way better than SMB 2, but this sort of presumes you are using Windows 8. Also: the iSCSI target in Server 2012 is way better than the shitemobile in 2008 R2. Oh, and DirectAccess; if you do IPv6 things then you don't want to faff about with Server 2008 R2. Oh, and the whole virtualisation-aware AD controllers. Those are damned cool.

I'd say "IIS finally stopped sucking monkey dong in Server 2012" but honestly here, who uses IIS?

So it's really a toss up. If you use iSCSI off of Windows Server then 2012 is a no-brainer. I have an article coming up on why you really should be upgrading your AD controllers to 2012. DirectAccess is a bit of a niche still, but if you use it, go 2012.

Otherwise? 2008 R2. Until you pry it from my cold, dead hands. Just like Windows 7.

Trevor_Pott Gold badge

Re: It's true though...

Though I've posted the link in response to another post, my attempt to reply to you apparently unlocked a torrent of "roll face around on keyboard" that eventually became a blog in it's own right. I figure I'd post the link here for you as well.

Trevor_Pott Gold badge

Re: Oh Thank god or other convenient deity

EM Pulse. You can reboot the bugger, but something tells me his particular illness will require that he be back. At least spoting the replacement accounts will be no harder with him than it was with RICHTO!

Cuba bound? Edward Snowden leaves Hong Kong

Trevor_Pott Gold badge

Re: @bigtimehustler: I have to say that I agree with every word you have posted.

If they want us to accept their "leadership" then they have to accept we have a say whether they like it or not.

No privacy invasion or economic exploitation without representation!

Data retention a very hot potato says Oz parl't commitee

Trevor_Pott Gold badge

Surprisingly sane. I'm not against the government possessing a 2-year metadata TiVo so long as the restrictions on access are pretty damned tight, courts aren't secret and oversight is provided by civil liberties organizations, not government shills.

US DoJ: Happy b-day, Ed Snowden! You're (not?) charged with capital crimes

Trevor_Pott Gold badge

Apparently Popehat mostly agrees with my take on this. Hunh. Wince when do my armchair lawyer questioning and an uberlawyer like Ken ever agree on things? This cannot be a good sign.

Trevor_Pott Gold badge

To be guilty of espionage, don't you have to have provided information to "the enemy"? If so, is the espionage charge against Snowden the #NSA formally admitting that "the people" are the enemy? If both of those are true, why aren't "the people" rampaging through the streets and setting shit on fire on the White House lawn?

2012: second costliest year for weather and climate-related disasters

Trevor_Pott Gold badge

Re: "Don't build in tornado alley"

Um, I happen to live nowhere near a fault line. Tornadoes are rare. Nowhere near a coast. Nowhere near a volcano. Blizzards occur with regularity, but shockingly we're really, really good at dealing with those.

There are plenty of places to build cities. Hell, if you aren't being a complete dipshit you have the ability to view the world as something other than black and white. That means "near a volcano or inactive fault line" is a calculated risk whose odds are damned slim.

"Rebuilding New Orleans" is not a calculated risk, it's fucking lunacy. If you can't grok the difference between "a billion dollar disaster is likely to recur in the exact same spot within and human lifetime" and "our best science says the volcano we're parking our city by isn't due to erupt for another 800,000 years" then I'd say the odds you're an omega-level moron approach unity.

I'd say you don't build anywhere that there is a better than 50% chance of > 25% of your city being wiped out within 5 generations. Farm that land instead. The loss of a few farms is a hell of a lot easier to cope with than rebuilding New Orleans for the idioth time.

Trevor_Pott Gold badge
Flame

Here are some ideas, just for fun:

1) After your coastal city gets obliterated for the umpteenth time, don't rebuild on the same spot.

2) Stop trying to "green" the desert by pumping out the last of the fossil water in the major aquifers and start moving population to locations that are far more sustainable.

3) Plant forests and other eco-buffers. They can mitigate both heatwaves and floods.

4) Plan for emergencies by building large reservoirs. These can provide water during heatwaves and absorb overflow during floods.

5) Start upgrading agricultural infrastructure to minimize water usage and maximize reclamation. Treat the runoff and pump it back underground into the aquifer.

6) For the love of $deity stop building new cities in tornado alley.

For the cost of constantly rebuilding some rich town's beach after ever blustery squall the US could be investing in real upgrades to agriculture, forestry and population migration that would not only save lives but drive down the medium and long term costs of coping with climate change.

We get it, Americans don't want to be bothered with climate change for any number of reasons. There's not much anyone can do about that. But isn't it about time they started to plan for the consequences of that choice and start making sound financial decisions about the large-scale infrastructure and population centres of their country?

They are like children in a tinderbox. Not with matches, mind you, but with a plasma torch they can't stop fingering but adamantly deny exists.

Cultivated dope-smoking Welshman barred from own shed

Trevor_Pott Gold badge

Re: Somebody told me

You smoke the bud of the flower. Specifically you are looking for the "crystals". These "crystals" are in fact trichromes; in the case of marijuana a type of resin-bearing glandular hair that is where the bulk of the THC concentration lies.

Modern marijuana plants have been selectively bred to produce larger trichromes with a higher resin load; thus moving from largely microscopic elements of the plant bud to naked-eye-visible macro structures. If you have a particularly potent strain of marijuana you will notice what appear to be "shimmering crystals" on the bud (as opposed to merely a collection of white hairs.)

This is the difference between world-renowed strains (such as "BC Hydro" here in Canada) and the stuff your daddy smoked back in the day. It should be noted that the stuff your daddy smoked was an order of magnitude (or more) less potent than what can be had cheaply and easily today.

For the real nutjobs looking to engage in chemical lobotomy you can strip the trichromes from the bud using various mechanisms and then either extract the resin or ingest/inhale/etc the trichrome-rich "crystal powder". This will get rid of a lot of the carcinogens present in other parts of the plant (particularly if you smoke your marijuana) however is roughly as stupid as drinking 190 proof Everclear straight from the bottle.

The leaves of the marijuana plant are generally only used by enthusiasts who need "filler" to mix in with the buds that they smoke. There is no value (and a lot of downsides) to smoking what is essentially hemp fibres. (Just pick up a rug and smoke it. That's basically what smoking a marijuana leaf would net you.)

There you go, your herb lore has been levelled up. These same basic principals apply to many species beyond marijuana and are of particular interest for those working with Artemisia.

More information on tricromes:

http://www.ias.ac.in/resonance/Mar1998/pdf/Mar1998p41-45.pdf

http://www.plantphysiol.org/content/152/1/44.full.pdf

Your science has also been levelled up. You're welcome.

Can DirectAccess take over the world?

Trevor_Pott Gold badge

Re: Does not compute

Nyet. It's required on all client devices, but it talky just fine to the Linuxen on the server side.

Trevor_Pott Gold badge

Re: DirectAccess - does what it says on the tin, but...

Microsoft and licensing. What are you going to do except weep?

Trevor_Pott Gold badge

Re: DirectAccess - does what it says on the tin, but...

I'm pretty sure the article made clear the fact that Server 2008 R2's implementation of DirectAccess was less appealing that rotting goat cheese.

Your point about public certs is well taken, however; my experience with it bears out your warning there.

Trevor_Pott Gold badge

Since when has Microsoft licensing been sane, humane or designed to do anything other than infuriate and antagonize?

Trevor_Pott Gold badge

Re: Does not compute

I think you might have missed the point of the article. DirectAccess protects the lightbulb in the same way your home router today defends your network: it is the single attack surface of the network.

Nobody has produced a remotely comparable consumer-level IPv6 firewall. Microsoft have the closest thing to something usable by small businesses. DirectAcces is that "gateway" device on your network; and at the moment it's the best there is.

In the internet of things you cannot guarantee that every individual device will be defensible. You need solid gateway tech. DirectAccess is far from perfect, but I see nothing else on the market that is usable for the non-linux, non-cisco nerd. DirectAccess running on a home NAS (like perhaps a newer generation version of that WD Sentinel) would be a wonderful edge device for a home network.

Trevor_Pott Gold badge
Happy

Re: Does not compute

Why do you think I like DirectAccess? It gives me that single point of defence instead of my having to be constantly paranoid that I need to update the firmware on my lightbulb to prevent some clown from using it as an attack vector behind my perimeter.

Google staffing boss: Our old hiring procedures were 'worthless'

Trevor_Pott Gold badge

Re: World's cleverest company states the obvious

Learning what does and doesn't work for others helps me refine my approaches. After all, don't we all learn by either making mistakes ourselves or trying to modify our behaviour based on the mistakes others make? More data is always useful, especially in areas where I have little expertise.

Trevor_Pott Gold badge

Re: World's cleverest company states the obvious

I, for one, have only every actually done 3 interviews sitting on the employer side of the desk. I find the information about what worked (and didn't) for Google helpful. Doubly so now that I have my own company and it's future growth to worry about.

Cumulus sighting means storm coming for Cisco

Trevor_Pott Gold badge

Re: No rehash

What he said. I use Microtiks and what cumulus is up to is on a completely different scale. For that matter, I've built "roll your own" Linux based routers and switches since the before time. There's lots on the market that does this. Cumulus is the Open Compute of the networking world: it's designed for scale.

As for "real life comparisons" well, if any cumulus stuff (or higher end Microtik stuff, or both) ever wanders into my lab, I'll write a review. In the meantime, I'll keep building routers of of Supermicro boxen running CentOS with a realtime kernel. :)

Oracle posts flat revenues on slow software sales

Trevor_Pott Gold badge

Oracle doesn't have customers

it has hostages.

ThousandEyes interrogates apps as they flow through clouds

Trevor_Pott Gold badge

ThousandEyes

They came out of stealth without telling me. I'm crushed!

Seriously though, I was one of the people who beta tested this for GA release and ThousandEyes is blinking amazing. Some of the best software in it's class I've had the pleasure to work with. If you've the cash to play the game, you'll not be disappointed.

When Apple needs speed and security in Mac OS X, it turns to Microsoft

Trevor_Pott Gold badge

SMB2

FINALLY. Thank $deity. This alone is worth upgrade two whole labs of Macs I have out there.

LinkedIn DNS hijacked, site offline

Trevor_Pott Gold badge

Re: Who is at fault?

I use a 10 dollar/year DNS registrar. They e-mail me at 1 year, 90 days, 30 days, 5 days, 1 day and then they hold the domain for an additional 6 months before release.

Seriously? How does LINKEDIN lose their domain?

I can't say I've always made my renewal date, but my worst was 5 hours. I at least have the excuse that domain maintenance - or really, any given task - is not my primary job. I do 80K things a day and some things slip through the cracks. LinkedIn is large enough to have a full time body just to handle DNS naming, renewal and certs.

Are you going to tell me that their enormous campus (filled with Googlebikes, because they are close enough for there to be stupid amounts of cross-polination and friends visiting friends) is still so terribly small that they can't find ONE GUY whose job it is to monitor this sort of stuff full time? I'd say pull a cook from that cafe of theirs, but actually it's a damned good cafe and that would be a crime...

Trevor_Pott Gold badge
Mushroom

Everyone reset your passwords for LinkedIn. AGAIN. SON OF A...

Embezzler stings IBM, Microsoft in Japan

Trevor_Pott Gold badge

More or less. The first thing that comes to mind is that the fellow saw this not as an opportunity to outright steal the money but rather as a means of gaining a temporary influx of large amounts of capital he wouldn't otherwise have access to. He probably figured he would then invest it in something with a high short term return and pay back the original monies owed; he would pocket the difference and essentially get a "free" loan from IBM/Microsoft/etc.

I'd have to think that outright theft (in which the "clients" simply never paid their bills) would get noticed and banged up immediately. The scheme I propose, however, is just as illegal but could conceivably go undetected for long enough for the guy to get away with oodles of cash. (The cash being either the interest he pocketed from the investments or the final amount he simply couldn't pay back because he sucks at investing.)

I'd be very interested in finding out the details. Sounds like a fun mystery. "How gaming the system doesn't work if you are an idiot and suck at gambling."

Number of cops abusing Police National Computer access on the rise

Trevor_Pott Gold badge

Re: @Evil Auditor

"And if someone did stab you, and you were sure you knew who was responsible but between you and the police you didn't have quite enough evidence for them to be charged, you'd retrospectively consider the police arresting them as a mistake?"

Yes.

Part of living under the rule of law - and living free - is that you risk every day of your life being blown up by a madman, run over by a car, stabbed by someone and many other horrible things. In most cases the perpetrator will be caught. In some cases they won't. This is a risk we take in the name of fundamental liberties and it is a price entirely worth paying..

This is not a "grey area" issue. There are no "gradations of justice." Every single sentient, sapient life form is possessed of the same fundamental liberties and deserving of the exact same rights and freedoms.. You do not get to curb the freedoms of someone else because you don't like them, their politics, their past, their race, height, weight, gender or because you/the state/your mom/etc suspect them of a crime.

The man who is suspected of stabbing me has the exact same rights I do and no just society can arrest him without a damned good reason, search him without probable cause and if we are to jail him then the evidence against him must meet certain standards.

Fortunately, your entire argument is a worthless straw man. If I walked up a police office and said "that man just stabbed me" then that is probably cause to detain him pending arrest. He could then be arrested if little things like "yes, there is a stab wound on you" can be verified. Eye witness testimony is one of the least reliable forms of testimony but our laws still allow for it to be used.

It is better that 100 evil men go free than that one innocent man be imprisoned. Innocent unless proven guilty is an absolute. There is no wiggle room. There are no circumstances under which it is ethically or morally justifiable for that concept not to apply.

Trevor_Pott Gold badge

Re: @Trevor Pott

I confuse no such thing. The police are an extension of the state and that database can be and is used against you before you ever get to a court of law. You are arguing for effective extrajudicial findings of guilt (by default, simply by being suspected by a member of the plod) and sentencing (being added to a database that will have you treated differently from someone not in the database). You are advocating allowing members of the state to pass judgement on its citizens without the right to trial or a jury of their peers no matter how you dress it up.

Under no circumstances should police be keeping records on anyone who is not

A) Proven guilty with all matters of due process carefully observed

B) Actively under investigation

C) Have a formal complaint lodged against them where that complaint is signed by the complainant

Suspicions, gossip, mistaken arrests and so forth should never be retained. If a police office has a formal complaint to make against an individual then he should have the right to do that and he must sign his name to it. In addition, formal complaints must have an notification and appeals process allowing the individual subject to them to challenge the issue and have the complain removed from their record if they succeed.

The burden of innocence is on the state, not the individual. If you want to call me "pompous" for seeking to defend our essential liberty you go right ahead. Your pathetic attempt to deflect scrutiny of the utter lunacy of your claims with an a weak ad homenim is not going to hurt my feelings more than the idea that a silver badge holding reader of The Register would not merely exhibit apathy in the face of such actions by an overreaching state but actively defend them.

You offend me, sir. The names you choose to call me are irrelevant in the face of the callousness of your beliefs.

Trevor_Pott Gold badge
Megaphone

Re: @Trevor Pott

You certainly implied guilty unless proven innocent the instant you implied that the rare consequence of a criminal "getting away with it" was somehow an acceptable reason for retaining gossip on record with the strength of fact. The whole concept requires throwing out the presumption of innocence.

Your argument is basically "if someone was arrested there was a damned good reason for it" which is the SAME FUCKING THING as "guilty unless proven innocent." It implies that the state cannot be wrong (how Cardassian of you!) or at least that it is wrong so rarely that the odd innocent caught in the net is worth the cost to society.

You are wrong.

It is better than 100 evil men go free then that one innocent man be jailed.

The fact that you have been arrested makes you guilty of no crime. Suspicion of having committed a crime is not proof of your guilt. The state can be and often is wrong. There is no moral or ethical means by which you can justify retention of records for someone who has been not been convicted of a crime in a court of law.

You are advocating that suspicion of anything by the state means guilt by default and simultaneously that harming innocents to get the guilty is okay. I will fight against you and people who believe as you toh every ounce of my spirit, every means at my disposal every last ounce of passion and life that I possess. Fuck you sir, you are the fucking enemy.

Trevor_Pott Gold badge

Re: @Ledswinger

"When bad men combine, the good must associate; else they will fall one by one, an unpitied sacrifice in a contemptible struggle."

Translation for younger folks: "all that is necessary for evil to triumph is for good men to do nothing".

Apathy is as damning as actively seeking to destroy the liberty of others. I will treat it as such.

Trevor_Pott Gold badge

@Ledswinger

Guilty unless proven innocent, sirrah?

You are the enemy.

Trevor_Pott Gold badge

Honest question: how does this database's so-called "due process" square with the EU "right to be forgotten"? I'll leave the question of "should such a database exist" for other threads, but I do wonder how "unproven or non-essential-to-task personally identifiable information" can be stored indefinitely against someone's will?

Would there be legal grounds under the current system of interlocking (and often overlapping) jurisdictions to appeal this to the EU human rights courts? It seems to me that the state can make a reasonable case for keeping objectively verifiable information on hand using "national security" as waving flag. Do the "get out of jail free" rules allowing such governmental drag nets really give the UK permission to create a national gossip database and then use it against citizens with no realistic grounds for appeal?

If so then I would put forth that A) that's some shitty lawmaking and B) civilized countries would probably consider you being registered in a gossip database as grounds for political asylum. Gods know I would.

I know it's a terribly nerdy, Star Trek thing to say, but...the whole system sounds more than just Orwellian, it's downright Cardassian.

Remote code execution vuln appears in Puppet

Trevor_Pott Gold badge

Puppet, patch thyself.

Google Brain king slashes cost of AI gear

Trevor_Pott Gold badge
Mushroom

Thou shalt not make a machine in the likeness of a man's mind.

It is nearly time for the Butlerian jihad.

How NSA spooks spaffed my DAD'S DATA ALL OVER THE WEB

Trevor_Pott Gold badge

I would request quite simply that the NSA make a hefty donation to both the EFF and the ACLU. That should grant them then retroactive usage rights. A small yearly donation for each year of its subsequent use should then cover the future.

Problem solved, no?

NSA accused of new crimes ... against slideware

Trevor_Pott Gold badge
Coat

Yech

Can we please move on to a post-metro design aesthetic? Pretty please? You don't have to steamroller every single graphic that exists on a computer. What's next? Intellivision's resurgence as the ultimate in "Simple" interfaces and design principles?

Mine's the one with a flat controller containing a number pad and large silver circle in one pocket and a cartridge for discus in the other.

NSA Prism: Why I'm boycotting US cloud tech - and you should too

Trevor_Pott Gold badge

Re: We can reduce the number of violent nutjobs

Racism takes generations to evaporate, but it does evaporate. You need to expose people to an environment where it is considered socially unacceptable. You won't erase it from that individual, maybe not even their children, but eventually, it dies.

It is a learned behaviour, not a genetic one. So it is not inevitable. It is not incurable. We can - and will - defeat it by sticking to our principles, not giving in to fear and prejudice.

Trevor_Pott Gold badge

Obviously, you didn't actually understand what was written, nor why the US constitution was so important.

Yes; rights are innate. They cannot be taken away by anyone. Anyone who attempts to do so is breaking the most fundamental rules of our society; more important than law, more important than religion, more important than anything else. That is the concept of essential liberty; that you do not belong to anyone. You are not property, chattel or a subject. You do not belong to your state, your state belongs to you.

And frankly, those rights are innate. When you strip away all socialisation we are animals. Animals do not belong to one another. They are their own masters. They may fight - and lose - but they belong only to themselves.

The wolf can choose to leave the pack. It can up and walk away. Some members may follow, start their own pack. The cougar can challenge another for territory. The bird can fly where it chooses. We belong to noone but ourselves. Our rights are innate.

We choose to suborn a limited number of those rights to a centralised authority in exchange for a communal benefit. yet that centralised authority exists at our sufferance, not the other way arround. Remove the centralised authority and we are as free as the bird, the wolf or the cougar.

Trevor_Pott Gold badge

Re: Hello pot, this is kettle.

Obviously you aren't Canadian; Toronto isn't Canada. It's Toronto. I'm certain that some Canadian --> Canadian traffic on the bits of Canada that jut down into the states get passed through US nodes. Least cost routing and all that.

The bits of Canada that don't consider ourselves the centre of the universe, however, are too far from the border for that routing to make sense. Edmonton --> Calgary --> Vancouver and back certainly doesn't go through the US. Indeed, Vancouver all the way to Thunder Bay never has to touch a US node. Lots of fibre out west.

Similarly, the Atlantic provinces are well wired up; rarely do their packets travel outside our borders. It's just that arse-end of Ontario where it all goes a little squiggly. Oh well, the yanks can have 'em!

Trevor_Pott Gold badge

Re: Canadians are viewed by the world as timid and weak?

Do the Taliban have anything that can hit Canada? Probably not. But they do have things that can affect our interests on our allies. Those interests include (but are not remotely limited to) the oil pipeline. They are not going to bomb Toronto. They might just launch a few at Israel or Turkey, however.

If they really wanted to, they might be able to drive a boat into the harbour in PEI and blow it up. Not a huge amount of local damage to Canada. But the damage they could do to our allies in the region is quite significant. Along with that comes threats to our economic interests, security assets and more. Anyone that dedicated to taking you down a peg is a serious risk, even without a cloud of ICBMs to back them up.

My bleak tech reality: You can't trust anyone or anything, anymore

Trevor_Pott Gold badge

So they go to Dropbox, get the file, crack the encryption and pull out all my passwords. This helps me how?

The key to that encryption (the master password) still has to be something a human can remember, which means it is vulnerable to a yottabyte datacenter run by evil men.

Trevor_Pott Gold badge

Re: PATRIOT

Again, you go back to "brute forcing is a measure of the crackability of a cypher." It's proven not to be true. Rainbow tables combined with knowledge about how people choose and create password can make cracking even the best algorithm's encryption relatively easy. Will you ever get 100% of the items you are trying to crack? No. You'll you walk through 90%+ with ease.

I don't think you really truly understand what a yottabyte datacenter is. I don't think you understand the raw scale of the decryption they can do in a facility like that. Not through brute forcing, but through other, simpler means.

CIA-funded upstart: The truth about Prism and NSA's web snooping

Trevor_Pott Gold badge
Facepalm

If you have nothing to hide, you have nothing to fear. Please submit all your e-mails, financial, medical, and so forth history to the internet to peruse. There's no way that any of it will be:

1) Used to convict you of minor crimes (like CCTV + too many bags of garbage.)

2) Used out of context by someone who "doesn't like your attitude" to bang you up

3) Used to raise your insurance rates or deny you coverage

4) Used to blackmail you

5) Used to blackmail others

6) Used to gain competitive advantage over your employers/your company

7) Used to identify "deviant" political beliefs and target you for tax audits, police pressure or harassment

8) Used in the war on journalism

9) Used to in any other fashion to presume you are guilty unless you can prove your innocence.

That would never, ever happen because the government - all governments, really, at all levels and all of the people working for them - are professionals. Hell, shit, they're so professional they have a lid on everything!

You can't get some private in the Army stick a USB key into a classified database and start an international witchunt!

You can't get a former NSA employee working for a contractor pulling damning documents out then running away overseas to fucking China to hide while he releases the documents to a foreign news organization!

These are professionals. Your data is absolutely safe, secure, and handled by entirely impartial individuals who will never, ever, ever for any reason at any time abuse their power or allow that data to leak. Ever.

I repent and recant, your obvious wisdom and the strength of your One True Belief in the supremacy and righteousness of the almighty government watchdog has converted me.

Praise Big Brother! Praise the lord my panopticon $deity!

We're losing the battle with a government seduced by surveillance

Trevor_Pott Gold badge

Re: Well said.

The FBI have a pretty full arsenal of weaponry. Everything from small arms to APCs and armed choppers. They have more than enough to put up quite a show...frankly all that is really required. "The people" don't have much more than small arms. There are a few out there breaking the laws against heavy arms, but those can be taken care of by the military-class hardware the FBI has on hand for just such emergencies.

For the rest, well...a missile detonating 100m in front of a crowd has a remarkable dispersal effect. You don't have to mow the populace down, just cow them enough to return to their homes. The FBI cheerfully have enough firepower to do exactly that. The majority of the outraged civilian populace will go right back into their hidey holes whole a few strike forces mop up the true crazies. There's no need to bring the military in at all.

Protecting the nation against domestic issues is the FBI's remit. They would be the natural first responders. I seriously doubt that anything could make the apathetic American populace as feisty as the Egyptians, but even if so I suspect that the FBI have more than a few tools to hand to deal with large crowds that the Egyptians didn't.

Hell, we now have Hum-Vee mounted crowd-disperal masers. Flash bangs by the bucket and even sonic weaponry. Do I believe the FBI would use these against the citizenry? In a heartbeat. An "us against them" mentality has been cultivated amongst US law enforcement. Would the military? Probably not; but they really aren't required to deal with American civilians.

This fantasy that some in your nation have of one day rising up against the government is just that: a fantasy. It has no basis in reality. The country isn't that unified, it isn't that brave and it doesn't stand a snowball's chance in a neutron star against real-world military hardware. Hardware that not only the FBI have, but so do most American police forces, the DHS and even the ATF.

Armed rebellion will net nothing but blood and further oppression.