Chaos Manor View, Monday, August 17, 2015
I’m still in the throes of fiction, so this is a mixed bag of things you might want to pay attention to.
Amazon strikes. Saturday I ordered a Blu-Ray burner and disks for making a full backup of everything important. A Pioneer burner came today: a slim thing, USB 3 (2 works), ready to use – but the disks have not yet shipped, so I can’t try it out. Why Amazon thinks it important to get the burner here without disks is a matter for speculation. And in my case all the DVD disks are upstairs and this not accessible to me anyway. Fie. Fie I say. Of course I had no plans to do anything with the Blu-Ray today because I didn’t expect it to be here, so I have no cause to be angry with Amazon for getting it here before the disks – even ONE blank disk – but, well, Fie! Fie, I say.
RAID 5 is not as safe as you think!
I have been caught out by this recently and you should consider rebuilding your raid as RAID 6 if your device supports it.
RAID 5 only allows a single disk to fail. If all your drives come from the same batch it is possible that a second drive could fail (and the probability is proportional to the size of the disk) while your raid is rebuilding itself after the first drive has failed. (This is what happened to me – I only survived because of the excellent disk recovery toolset R-TOOLS and their amazing virtual raid facility.)
If RAID 6 is not a possibility then you should – at least – find an alternate sources for your drives and try and ensure that your disks do not all come from the same batch.
Good luck and best wishes,
True, but our new RAID 5 system is only part of my backup mania. It will replace something else, and it will be automatic; but critical items get copied to several places as they are made, and at periodic intervals are burned into DVD’s, soon to be replaced by a new Blu-ray burner, which can hold most everything on a disk that can be carried home by Niven. The RAID 5 will back up all my systems, invisibly, at low power costs, for about $600 for the system. And it’s something to write about.
A DVD or Blu-Ray burner does it all, cheaper, but less conveniently. I do make certain to burn copies of all works in progress. Everything else can, with effort, be replaced if lost.
All I can really say is that RAID 5 is a step up from relying on single disks on a networked PC. The NAS will not be the primary back up solution, it will be the center of storage to enable that solution, which is to burn BD-R discs. This can be done frequently at low cost. The purpose of the NAS is to simplify the storage situation and reduce the power consumption of keeping multiple PCs available on the network. (The use of SSDs for fast booting should also reduce the desirability of leaving machines on 24/7 as it becomes more convenient to wake a machine as needed, especially for a single user.) RAID in general is not a backup strategy. It can be PART of one in that it can simplify by providing a central target to backup.
The issue has been known for a while, although not given much consideration by NAS companies in their marketing:
There remain questions of what the consumer should and can do. Without getting into a several times more costly NAS box with several more bays and dedicating those bays to multiple parity drives, how does one safely get a lot of storage in one place? Should one forego the higher RAID levels and just be prepared to restore the whole thing if a drive fails? Considering the sacrifice in capacity (in this case 10.9 TB usable out of 16 TB raw capacity) for RAID 5 and higher, then factoring in the risk factor of high capacity drives, it makes one wonder if it would just be easier to apply an 8 bay NAS as a mirrored pair of striped arrays and have any failure and repair be a matter of copying rather than a long arduous rebuild with risk of failure.
There are no easy answers. Would a set of 1 TB drives have been safer? Probably, as the number of reads required during the rebuild would be substantially lower. Avoid RAID altogether if performance isn’t at issue? We’re talking about a single user most of the time in this case. I recently got a Seagate 4 TB single drive NAS for under $100. (This has been replaced in the product line by a newer model with improved features and performance but is fine for a single user needing an independent drive seen by multiple machines.) I suppose we could have gotten two of these, used one as backup to the other, and had about the same level of safety for an adequate amount of capacity, though on a device where the enclosure is scarcely adds more than the price of the bare drive, failure of the enclosure electronics becomes a significant issue. I’ve recovered numerous working drives from failed USB enclosures. On the positive side, another virtue is that these small units can easily be snatched up and taken away in case of a disaster, such as fire or earthquake requiring evacuation.
The second link above lists some measures that can help alleviate the risk. I’ll be investigating whether any of these are implemented in the equipment in question. 4K sectors are almost certainly used but I need to look into the others.
Walter Lippmann once said that diplomacy was like writing checks; but the account they were written against was military power. He later added that he included industrial power in that.
Lippmann was onto something, but he never asked the deeper question:
What are military power and industrial power instances of? These are instances of national power. I read RAND monographs on measuring national power when I learned threat analysis.
They taught me that we are part of an entity called a “society” and that another entity called “the state” extracts resources from a society and transmutes those resources into national power, which is ultimately military power. For all activities of state exist on a continuum of warfare from diplomacy, through covert action, punitive military action, and war.
Everything a citizen does can be measured in terms of national power.
How well are people educated? Do they have access to formal and informal education? Can we exploit existing ethnic divisions among the people? All of these things come into consideration when measuring national power and finding ways to exploit a state’s weaknesses when planning covert or military action.
◊ ◊ ◊ ◊ ◊
Joshua Jordan, KSC
Well, yes; but in my defense I wasn’t writing an essay on Mr. Lippmann, or on systems analysis, or on threat assessment. I have to look at the blasted keyboard as I type now, and writing is a bit more painful than it used to be. My point was that the size of the Army is one factor; it might have been important in trying to deter Hitler or Stalin before WW II, and it might not; deterrence is an event that takes place in the mind of the opponent (as is surprise) and his assessment of your will is probably more important than the absolute size of your army. An opponent might not be able to assess your potential on the proper time scale.
Hitler’s advisors had no idea of how quickly the United States could raise, equip, and train a huge military force. They even thought they had detected a fatal flaw in our mobilization capabilities (not in our plans, which were pretty laughable): the ability to make military optics. Based on their own experience they saw this as a major bottleneck; as it happens, we merely invented ways of building opticals by new and much more rapid processes. Same with many other bottlenecks.
Sometimes intel finds weaknesses that aren’t really there. Surprise!
Jeff Bezos disputes article about Amazon’s ruthless culture (MN)
By Levi Sumagaysay / August 17, 2015 at 6:56 AM
“I strongly believe that anyone working in a company that really is like the one described in the NYT would be crazy to stay. I know I would leave such a company.”
— Jeff Bezos, Amazon CEO, on the New York Times article over the weekend that painted a nightmarish portrait of his company’s work environment. In a memo to employees obtained by GeekWire, Bezos said “doesn’t describe the Amazon I know” and urged employees who see the type of harsh practices described in the article to tell HR, or him directly.
Money quote from the NYT article: “Nearly every person I worked with, I saw cry at their desk,” said Bo Olson, who worked in book marketing at Amazon for less than two years.
The article, based on interviews with more than 100 current and former employees of the retail behemoth, included gems such as: a peer review system in which employees gang up on other employees they see as poor performers; a woman who suffered a miscarriage pressured to go on a business trip the day after surgery; a woman who had breast cancer who was put on a “performance improvement plan.”
In his memo, Bezos told employees: “Hopefully, you don’t recognize the company described.”
The article is not the first unflattering account of Amazon’s demanding culture. The 2013 book “The Everything Store: Jeff Bezos and the Age of Amazon” described Bezos’ management style as sometimes brutal. (“If I hear that idea again, I’m gonna have to kill myself” is among the many putdowns Bezos is said to have uttered to employees.) And that’s just about treatment of the company’s white-collar workers. The experiences of Amazon’s warehouse workers have also gotten plenty of press over the years.
I don’t know any Amazon workers, but I cannot think that a big company of surly terrified workers could be much of a retail success.
I used to doubt Microsoft. Then I installed Windows 10.
By Vivek Wadhwa August 17 at 7:00 AM
I don’t know if I broke a law of computing or committed heresy. But I installed Windows 10 on my MacBook Pro. I had feared that this would condemn me to purgatory in the gates of computing hell. But it has been an incredibly positive experience: my favorite Microsoft Office applications — Outlook, Word, and PowerPoint — work faster than ever before, and I can still use Apple peripherals — a Thunderbolt Display and Thunderbolt external hard drives. The best part is Windows 10 itself: it is a beautifully designed operating system that gives me the best of the past and present — maintaining the usability and familiarity of the old Windows operating system, and letting me download slick apps designed for tablets.
Another Microsoft product that I had written off years ago is Microsoft’s Internet Explorer. The jury is still out, but Microsoft’s new browser, Edge, seems faster than Google’s Chrome. I may end up switching browsers as well.
I had thought I would never install a Microsoft operating system ever again after my experience with Windows 8. It was terrible: inelegant, difficult and expensive. It took me about 10 minutes to conclude that Microsoft had lost touch with its customers and was destined to go the way of AOL and Myspace, and I switched all I could to Apple.
But I still needed the Microsoft Office tools, because they are industrial strength and Apple still has no products that are as good. To use these, I had to load Windows and Office under VMWare on my MacBook. Instead of getting the best of both worlds, though, I got the worst: pathetically slow applications, poor battery life, and inconsistent user interfaces.
Then, last week, at an event hosted by CIO magazine, where I gave a keynote, I spoke to a group of Chief Information Officers of large and midsized companies about technology trends. The vast majority said they were buying Microsoft’s Surface Pro tablets for their users and upgrading desktop machines to Windows 10. In this era of iPads and iPhones, why would any company install such antiquated and clumsy technology, I asked. I was surprised at the response.
Several CIOs told me that I was out of touch with Microsoft’s new products. They told me that Surface tablets integrated better with their enterprise-computing infrastructure than do iPads; have much-needed features such as USB 3.0 ports and keyboards; are more secure than iPads; and most importantly, provide a consistent user interface and experience to business users. The CIOs said that Microsoft is a much better company to deal with than Apple, which has become known for arrogance and a lack of concern for the needs of enterprise customers.
I realized that Microsoft is no longer the same “evil empire,” the monopoly, which everyone once hated. It has many loyal fans in the business world.
This didn’t jive with all the criticism that I have been reading in the press about the lack of security of Microsoft’s new operating system. The commonly raised concerns are about Windows 10’s continual uploads and downloads of data to Microsoft servers and the default installation options — which give Microsoft all sorts of rights.
I shared these serious criticisms of Windows 10 with Microsoft chief executive Satya Nadella, and asked him how Microsoft planned to address them. In response, he said that the “core reasons for Windows 10 as a service is more assurance of continuous security updates, app compatibility and roaming of the user info across devices you use with transparency and control with the user. For any business customer there are tons of tools that provide all kinds of additional control.” He assured me that Microsoft was in touch with customer needs; and all of the CIOs I spoke with agreed with his assessment. They said that they had customized the Windows 10 installation for their needs and believed that the new method for distributing updates would provide better security.
This is what convinced me to give Microsoft another chance and take the plunge into Windows 10.
The default options for consumers in the Windows 10 installation are indeed problematic. I would not suggest that anyone use its default installation settings. They grant Microsoft the right to use your data to market to you; to automatically connect you to Wi-Fi networks and marketing “beacons;” and to sell some of your information. But all of these options can be turned off. Microsoft is actually being more honest than other technology companies are that do much of this without informing customers and hide details in the lengthy contracts that no one reads. Given that Microsoft is providing Windows 10 for free to the majority of its customers, this is a small inconvenience for people who really care about their privacy or don’t want to be marketed to.
What is clear is that Microsoft is back — in full force. This is a good thing; Apple and Google desperately need the competition that Microsoft will once again provide.
For what it’s worth, my experiences with Windows 10 have been mostly positive. It does take patience, or did for me. I have not used Windows 10 on Apple equipment, but I will probably get a MacBook Air to replace the one that died of a swollen battery (long after the warranty) and we’ll see; I do these silly things so you don’t have to. This is, after all, the successor to the User’s Column.
It may be, though, that the Surface Pro will become my favorite machine. On the other hand, Apple hardware is elegant, and Thunderbolt is great technology; so we’ll see. I’m in the middle of fiction now so it will be a while; I’m in no hurry.
And I much agree that competition can only improve both Apple and Microsoft.
Sandbox bypass in Android Google Admin console revealed
A researcher has unveiled the details of a vulnerability in the console after Google failed to patch the flaw. [UPDATED]
[Update 11.34GMT: Google statement added]
A security flaw allows third-party applications to bypass sandbox restrictions in the Google Admin console has been disclosed.
Posted on Full Disclosure on Friday, Rob Miller, senior security researcher, from MWR Labs says the flaw, found within Google’s Android Admin application, allows third-party apps to bypass sandbox restrictions and read arbitrary files through symbolic links.
If the console received a URL through an IPC call from another application on the same device, the Android app loads this link in WebView. However, if an attacker used a file:// URL which pointed to a domain they controlled, then it is possible that symbolic links bypass Same Origin Policy and is able to retrieve data out of the Google Admin sandbox.<snip>
Astronauts found something troubling in these shots from space
Astronauts aboard the International Space Station are snapping photos of Earth to measure light pollution, and they’ve found something surprising: Light-emitting diodes (LEDs) — which are touted for their energy-saving properties — are actually making light pollution worse. And the change is so intense that ISS crew members can see it from space.
To see it, take a look at these photos that astronauts snapped of the bustling city of Milan.<snip>
Are Driverless Cars Safer Cars? (journal)
Regulators likely to accept assisted driver technologies that emphasize protection
Aug. 14, 2015 5:30 a.m. ET
JERUSALEM—Automotive executives touting self-driving cars as a way to make commutes more productive or relaxing may want to consider another potential marketing pitch: safety.
“If you want to create a car technology with mass adoption, it needs to be about safety,” says Amnon Shashua, chairman of Mobileye NV, a fast-growing supplier of assisted-driving technology. “Positioned as a comfort feature or as something that is cool to have, the autonomous car would not make it to the mass market.”
Jerusalem-based Mobileye develops machine-vision chips and software. According to Mr. Shashua, its chips by 2018 will be used on a car that takes over steering if the driver has a heart attack, falls asleep at the wheel or becomes otherwise incapacitated.
He declined to comment on the manufacturer or how its vehicle would monitor the driver’s condition. Mr. Shashua said such technology could be via a smart wristband, or biometric sensors in the seat. <snip>
Apple shows interest in driverless car test track (LA Times)
By DAINA BETH SOLOMON
Is Apple building a self-driving car? That’s the rumor, and Apple’s not saying.
The British newspaper the Guardian said Apple may sign up with GoMentum Station in Concord, northeast of San Francisco. The former naval base is now a testing ground for driverless cars, boasting 20 miles of roads and a military guard. Mercedes-Benz and Honda have already put the space to use, said the Guardian.
Apple declined to comment.<snip>
Freedom is not free. Free men are not equal. Equal men are not free.