Language:
switch to room list switch to menu My folders
Go to page: First ... 63 64 65 66 [67] 68 69 70 71 ... Last
[#] Thu Jul 28 2011 21:08:01 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I wonder if there's anything it would be good for today.

replacing ios and android sounds like a good start. :-)

[#] Thu Jul 28 2011 21:13:16 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Jul 28 2011 11:21am from LoanShark @uncnsrd

I suspect that the only
EC2 instance types that support HVM are:

* MS Windows instance types. (which are always more expensive than the

corresponding Linux instance types.)
* Cluster Compute and Cluster GPU instance types.



Wow, this doesn't even sound like linux anymore. I'm so 19th centurry.

[#] Fri Jul 29 2011 00:00:29 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


You're so two thousand and late.

[#] Fri Jul 29 2011 06:42:36 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Jul 29 2011 12:00am from LoanShark @uncnsrd

You're so two thousand and late.



OHHH!!! I know that song!!!

[#] Fri Jul 29 2011 15:26:55 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I've heard enough things about gnome 3 (I gather that's what unity
is?) that I fear upgrading. I'm tired of asking to have my machine
broken and made worse.

No, actually Unity is what they put in Ubuntu *instead* of the desktop shell that is part of GNOME 3. And to be honest, they both suck. Unity wants to be a tablet and GNOME 3 wants to be Windows 7. (Meanwhile, Windows 8 wants to be a phone, and Mac OS X "Lion" wants to be an iPod. Is it the goal of every OS vendor to make the UI inappropriate for the underlying device now?)

The magic incantation for me has been:

sudo apt-get install xubuntu-desktop

Fuck them all -- this installs Xfce which is a nice lightweight desktop that actually *acts* like a computer desktop -- not a tablet, not a phone, not a "portal into the cloud" (whatever the hell that is). You get your nice classic start menu with your nice classic window list across the panelbar. There is a "dock" too but you can turn it off without penalty.

[#] Fri Jul 29 2011 15:29:51 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Wow, this doesn't even sound like linux anymore. I'm so 19th centurry.


Actually you're not going to see much of that outside of Amazon EC2. Most of the mid size virtual Linux hosters are using OpenVZ containers. I understand why Amazon didn't go with that though: containers need a filesystem to live in, and Amazon needed something that would work with their "elastic block" store.

More mad kung fu kudos to ProxMox VE, which offers both containers and HVM on the same host. I can't say enough good things about this thing.

[#] Fri Jul 29 2011 18:10:40 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I think it's a question of using the technology that was current at the time that EC2 was initially designed. That technology was Xen and only Xen. My understanding is that EBS is a younger product than EC2.

Anyway, if OpenVZ doesn't support some form of network-attached block storage, and requires your guest devices to live in the host's filesystem, it just sounds like a weak product to me.

RackSpace is also running Xen...

[#] Fri Jul 29 2011 18:18:24 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


[#] Fri Jul 29 2011 18:18:22 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


Dear god, I just had a look into OpenVZ. Let me just say that it's a non-starter for a great many serious use cases (including ours and anyone else who needs PCI compliance) and leave it at that.

[#] Sun Jul 31 2011 00:32:23 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I would be *very* surprised if any PCI auditor didn't laugh in your face if you told them you were hosting a compliant application on EC2. Some of them won't even let you run multiple VM's on your own hardware if they are in different security zones.

OpenVZ isn't appropriate for all use cases. It's mosly being used for retail grade "virtual private server" offerings where margins are slim and they need to be able to pack as many containers onto a server as possible. It does that well. I ran it for a couple of years before I had VT-capable hardware; it allowed me to have dev/stage/prod on the same host without having to play silly games.

[#] Sun Jul 31 2011 11:19:22 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


There are multiple levels of PCI... EC2 is level 1.

[#] Sun Jul 31 2011 11:19:04 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Jul 31 2011 12:32am from IGnatius T Foobar @uncnsrd
I would be *very* surprised if any PCI auditor didn't laugh in your

Then you should be very surprised.

[#] Wed Aug 03 2011 21:23:17 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

There are multiple levels of PCI... EC2 is level 1.

Really? Are you serious? They can back that up?
Actually, we're level 1 too, and we get away with quite a bit of bullshit.

For example: you're not allowed to reflect credit card numbers, right? The idea being, you don't store CC numbers (unless you do amazing things to protect them) so if you don't do that, you can't store them, you can only collect it on the webpage and send it through the payment gateway, never storing it on permanent storage. That's the legit way to do it.

But what about reflecting it from one http request back into the response? No permanent storage there, but you're reflecting.
You know what the auditor's response to that was? "That's kind of a grey area."

In some cases, it's not possible to have the payment page where you collect the CC number be the last thing that happens before you call the gateway with it and you have to persist knowledge of the CC number from one page to the next before going to the payment gateway.

you'd think something like that wouldn't be a grey area at this point. Yet we're level 1.

[#] Wed Aug 03 2011 21:19:49 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I would be *very* surprised if any PCI auditor didn't laugh in your
face if you told them you were hosting a compliant application on EC2.


I'd be surprised if you could pass PCI compliance running your shit on ANY server in the cloud/at some vague puff of virtual machine hoster anywhere.
I mean you'd have to guarantee that the VM itself was rock solid, and who does that?

[#] Wed Aug 03 2011 22:03:22 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


A hypervisor is Secure Enough. It's got a way smaller attack surface area than the Linux kernel proper, and said attack surface area is buried deep underneath the guest kernel, which you would have to utterly subvert *before* you could even think about attacking the hypervisor.

Also, EC2 is not Xen anymore. It's a highly proprietary Xen fork and you can only obtain technical details of it under NDA. So, somehow, Amazon obtained certifiation for it.

[#] Thu Aug 04 2011 00:52:01 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

It's ...

... AMAXEN !!

Ok, with that bad sobriquet out of the way ... it turns out that not only are there multiple levels of PCI, but there are multiple areas of PCI. You can certify various serving systems, the datacenter itself, networks, etc. etc. etc. so it creates *lots* of grey areas to keep the expensive auditors employed.

There's also a lot of language about whether "cardholder data is shared with service providers" which, of course, no cloudynet is going to want to come anywhere near your cardholder data.

Level 1 is what -- less than 20 million transactions?

[#] Thu Aug 04 2011 01:14:43 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Heh. Evidently I'm not the only one who refuses to buy into the "make it suck moar plz" UX of Unity/GNOME3/KDE4/Windoze7/MacOS10.kittycat.whatever.

My Linux-using coworkers saw that I switched to Xfce and said "oh yeah, that's more like it" and made the switch too ...

...and it seems that Linus Torvalds is doing the exact same thing:

[ http://digitizor.com/2011/08/04/linus-torvalds-ditches-gnome-for-xfce/ ]

"I used to be upset when gnome developers decided it was "too complicated" for the user to remap some mouse buttons. In gnome3, the developers have apparently decided that it's "too complicated" to actually do real work on your desktop, and have decided to make it really annoying to do."

More than a decade ago when some people were waxing eloquent about Enlightenment (which is still around, actually) I had commented that it's great if the only purpose of your computer is to render a pretty desktop, but most of us actually want to run some applications. Now it seems that GNOME, KDE, Unity, Apple, and Microsoft have all caught up to Rasterman's dream of a world in which a computer desktop is 100% eye candy.

[#] Thu Aug 04 2011 07:56:58 EDT from dothebart @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Do Aug 04 2011 01:14:43 EDT von IGnatius T Foobar @ Uncensored
More than a decade ago when some people were waxing eloquent about Enlightenment (which is still around, actually) I had commented that it's great if the only purpose of your computer is to render a pretty desktop, but most of us actually want to run some applications. Now it seems that GNOME, KDE, Unity, Apple, and Microsoft have all caught up to Rasterman's dream of a world in which a computer desktop is 100% eye candy.

Actualy Enlightment can be called "lightweight" these days, and is considered to be run on mobiles & tvs (bada ;-)



[#] Thu Aug 04 2011 08:48:03 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

There's also a lot of language about whether "cardholder data is
shared with service providers" which, of course, no cloudynet is going

to want to come anywhere near your cardholder data.

That refers to providers like Cybersource or WorldPay I presume. And of course you have to share it.

Best to send it out over the wire once, then use tokenization, and never store the card# on physical media ever.

[#] Thu Aug 04 2011 09:26:05 EDT from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

The problem with this world shift towards mobile device interfaces on desktops is like all other big paradigm shifts.... that's how it's going to be.
They're not all going to say "uh oh, we made big mistake, let's put it back the way it was and try again."
With the exception of new coke, I don't think there's an example in the history of our country where somebody actually backpedaled on what appeared to be a new trend.
Facebook may be annoying, but it was new, it didn't replace something that was better.
But taking away something that people liked for something that people don'tlike is what really sucks, and nobody's got the balls to admit they made a mistake.

Go to page: First ... 63 64 65 66 [67] 68 69 70 71 ... Last