From scottro at nyc.rr.com Sat May 3 19:10:16 2014 From: scottro at nyc.rr.com (Scott Robbins) Date: Sat, 3 May 2014 19:10:16 -0400 Subject: [talk] fcitx and Japanese input Message-ID: <20140503231016.GA25188@scott1.scottro.net> I'm just idly curious if anyone on the list who makes use of Japanese input has tried fcitx. I gave it a half hearted try and couldn't get it to work, so I went back to ibus-mozc. I also tried on a few Linux distributions, with the same results. It seems to be running, but input doesn't change. So, to repeat, this is idle curiosity, just wondering if anyone's tried it and if it works for them. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From george at ceetonetechnology.com Sun May 4 11:01:45 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 04 May 2014 11:01:45 -0400 Subject: [talk] fcitx and Japanese input In-Reply-To: <20140503231016.GA25188@scott1.scottro.net> References: <20140503231016.GA25188@scott1.scottro.net> Message-ID: <53665659.1020502@ceetonetechnology.com> Scott Robbins: > I'm just idly curious if anyone on the list who makes use of Japanese input > has tried fcitx. I gave it a half hearted try and couldn't get it to work, > so I went back to ibus-mozc. > > I also tried on a few Linux distributions, with the same results. It > seems to be running, but input doesn't change. > > So, to repeat, this is idle curiosity, just wondering if anyone's tried it > and if it works for them. > I know there's a few Japanese speakers on this list.. plus someone dealing with pfSense interface translation to Japanese... g From scottro at nyc.rr.com Sun May 4 11:40:57 2014 From: scottro at nyc.rr.com (Scott Robbins) Date: Sun, 4 May 2014 11:40:57 -0400 Subject: [talk] fcitx and Japanese input In-Reply-To: <53665659.1020502@ceetonetechnology.com> References: <20140503231016.GA25188@scott1.scottro.net> <53665659.1020502@ceetonetechnology.com> Message-ID: <20140504154057.GA2435@scott1.scottro.net> On Sun, May 04, 2014 at 11:01:45AM -0400, George Rosamond wrote: > Scott Robbins: > > I'm just idly curious if anyone on the list who makes use of Japanese input > > has tried fcitx. I gave it a half hearted try and couldn't get it to work, > > so I went back to ibus-mozc. > > > > I also tried on a few Linux distributions, with the same results. It > > seems to be running, but input doesn't change. For what it's worth, after some response on the tlug (Tokyo Linux User Group List), I _did_ get it running with Debian, but with less functionality than I've had with ibus. On FreeBSD, I've been using ibus for years, and judging from my recent tests, see no reason to change--however, at least I now know that it can actually work. :) -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From scottro at nyc.rr.com Sun May 4 18:24:51 2014 From: scottro at nyc.rr.com (Scott Robbins) Date: Sun, 4 May 2014 18:24:51 -0400 Subject: [talk] fcitx and Japanese input In-Reply-To: <20140503231016.GA25188@scott1.scottro.net> References: <20140503231016.GA25188@scott1.scottro.net> Message-ID: <20140504222451.GA7870@scott1.scottro.net> On Sat, May 03, 2014 at 07:10:16PM -0400, Scott Robbins wrote: > I'm just idly curious if anyone on the list who makes use of Japanese input > has tried fcitx. I gave it a half hearted try and couldn't get it to work, > so I went back to ibus-mozc. > > I also tried on a few Linux distributions, with the same results. It > seems to be running, but input doesn't change. Well, it seems that, at least for me, Japanese input in FreeBSD is no longer trivial. While I haven't had time to thoroughly experiment, what was simple on FreeBSD-9x is not working on 10. I installled my usual ibus-mozc (and also tried with Anthy) and the system, in a few different window managers, (dwm, openbox, and fluxbox) is ignoring the ctl+space that I use to switch between Japanese and English. If I start ibus, ALL input is in Japanese. I imagine I'll figure this out sooner or later, and when I do, I'll post again. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From george at ceetonetechnology.com Tue May 6 20:13:32 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 06 May 2014 20:13:32 -0400 Subject: [talk] ssh.com blog post Message-ID: <53697AAC.4000103@ceetonetechnology.com> If you haven't seen this yet... being discussed on IRC #nycbug: ssh.com/blog/makesyoubleed There's some laughable FUD in the article. I also wonder the proportions of OpenSSH to closed SSH users and servers. If software isn't used, it's not a target, and for something like OpenSSH, I'd imagine it's a widely attacked application yet has had minimal issues for so many years. I'm sure I can hear a stampede of organizations dropping OpenSSH and migrating to corporate closed SSH. g From raulcuza at gmail.com Tue May 6 20:58:37 2014 From: raulcuza at gmail.com (=?utf-8?Q?Ra=C3=BAl_Cuza?=) Date: Tue, 6 May 2014 20:58:37 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <53697AAC.4000103@ceetonetechnology.com> References: <53697AAC.4000103@ceetonetechnology.com> Message-ID: <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> > On May 6, 2014, at 20:13, George Rosamond wrote: > > If you haven't seen this yet... being discussed on IRC #nycbug: > > ssh.com/blog/makesyoubleed > > There's some laughable FUD in the article. I also wonder the > proportions of OpenSSH to closed SSH users and servers. If software > isn't used, it's not a target, and for something like OpenSSH, I'd > imagine it's a widely attacked application yet has had minimal issues > for so many years. > > I'm sure I can hear a stampede of organizations dropping OpenSSH and > migrating to corporate closed SSH. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk MyFavoriteFUD: "Simply put, no one expects Michael Jordan to miss a free-throw and no one expects a crack programmer to make a simple mistake." Really? Had to bring Jordan into this. Had to bring crack into this. The guy is stuck in the 80's/90's. Ra?l Sent without help from A.I. | ' L ' | From edlinuxguru at gmail.com Tue May 6 21:40:24 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Tue, 6 May 2014 21:40:24 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> Message-ID: What a terrible example. Jordan was like an 80 /85 % free throw shooter. Since he shot 10 a game he missed them all the time. On Tuesday, May 6, 2014, Ra?l Cuza wrote: > >> On May 6, 2014, at 20:13, George Rosamond wrote: >> >> If you haven't seen this yet... being discussed on IRC #nycbug: >> >> ssh.com/blog/makesyoubleed >> >> There's some laughable FUD in the article. I also wonder the >> proportions of OpenSSH to closed SSH users and servers. If software >> isn't used, it's not a target, and for something like OpenSSH, I'd >> imagine it's a widely attacked application yet has had minimal issues >> for so many years. >> >> I'm sure I can hear a stampede of organizations dropping OpenSSH and >> migrating to corporate closed SSH. >> >> g >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk > > MyFavoriteFUD: "Simply put, no one expects Michael Jordan to miss a free-throw and no one expects a crack programmer to make a simple mistake." > > Really? Had to bring Jordan into this. Had to bring crack into this. The guy is stuck in the 80's/90's. > > Ra?l > > Sent without help from A.I. | ' L ' | > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- Sorry this was sent from mobile. Will do less grammar and spell check than usual. -------------- next part -------------- An HTML attachment was scrubbed... URL: From akosela at andykosela.com Tue May 6 21:45:07 2014 From: akosela at andykosela.com (Andy Kosela) Date: Tue, 6 May 2014 20:45:07 -0500 Subject: [talk] ssh.com blog post In-Reply-To: <53697AAC.4000103@ceetonetechnology.com> References: <53697AAC.4000103@ceetonetechnology.com> Message-ID: On Tue, May 6, 2014 at 7:13 PM, George Rosamond wrote: > If you haven't seen this yet... being discussed on IRC #nycbug: > > ssh.com/blog/makesyoubleed > > There's some laughable FUD in the article. I also wonder the > proportions of OpenSSH to closed SSH users and servers. If software > isn't used, it's not a target, and for something like OpenSSH, I'd > imagine it's a widely attacked application yet has had minimal issues > for so many years. > > I'm sure I can hear a stampede of organizations dropping OpenSSH and > migrating to corporate closed SSH. "John Walsh is a Software Engineer and a member of R&D at SSH Communications Security". No more to say. Of course they want to sell their proprietary SSH products and they will spread anything to undermine the strength of OpenSSH. This "beef" is quite old, starting with the fork of OSSH, which itself was a fork of Tatu Ylonen's SSH. The reality though is that OpenSSH is de facto standard today, while Tatu's SSH is becoming irrelevant globally. Tatu is still regretting open-sourcing SSH 1.2.x. --Andy From george at ceetonetechnology.com Tue May 6 21:48:44 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 06 May 2014 21:48:44 -0400 Subject: [talk] ssh.com blog post In-Reply-To: References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> Message-ID: <536990FC.8000304@ceetonetechnology.com> Edward Capriolo: > What a terrible example. Jordan was like an 80 /85 % free throw shooter. > Since he shot 10 a game he missed them all the time. Wow... ed posted and didn't mention Java. I find that the people who know nothing about sports most often use Jordan in metaphors. And we all expect programmers to make mistakes... may be he knows less about development than basketball. And I love the infect OpenSSH/OpenBSD by naming next to OpenSSL. g From mark.saad at ymail.com Tue May 6 22:04:14 2014 From: mark.saad at ymail.com (Mark Saad) Date: Tue, 6 May 2014 22:04:14 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <536990FC.8000304@ceetonetechnology.com> References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> <536990FC.8000304@ceetonetechnology.com> Message-ID: <2B4FC6C8-9F9E-47B5-806D-B058D3558E84@ymail.com> Ed I I have learned one thing , this new java tech is soo cool . Look they even made a ssh server in it . http://mina.apache.org/sshd-project/ Ohh and I hear "our" new web server scales to 4 concurrent users . I am not sure what 1999 will bring us maybe Microsoft will make a windows 99 . --- > On May 6, 2014, at 9:48 PM, George Rosamond wrote: > > Edward Capriolo: >> What a terrible example. Jordan was like an 80 /85 % free throw shooter. >> Since he shot 10 a game he missed them all the time. > > Wow... ed posted and didn't mention Java. > > I find that the people who know nothing about sports most often use > Jordan in metaphors. And we all expect programmers to make mistakes... > may be he knows less about development than basketball. > > And I love the infect OpenSSH/OpenBSD by naming next to OpenSSL. > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From edlinuxguru at gmail.com Tue May 6 22:13:22 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Tue, 6 May 2014 22:13:22 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <536990FC.8000304@ceetonetechnology.com> References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> <536990FC.8000304@ceetonetechnology.com> Message-ID: I dont blame them for writing this blog, it would be foolish of them as a business to not attempt to capitalize on heartbleed. Lets face it, few people take the 'high road'. It is not uncommon for two open source projects that do the same function to take pot shots at each other. Sometimes it is fuled by fan boys, sometimes vendors, sometimes committers themselves. On Tuesday, May 6, 2014, George Rosamond wrote: > Edward Capriolo: >> What a terrible example. Jordan was like an 80 /85 % free throw shooter. >> Since he shot 10 a game he missed them all the time. > > Wow... ed posted and didn't mention Java. > > I find that the people who know nothing about sports most often use > Jordan in metaphors. And we all expect programmers to make mistakes... > may be he knows less about development than basketball. > > And I love the infect OpenSSH/OpenBSD by naming next to OpenSSL. > > g > > -- Sorry this was sent from mobile. Will do less grammar and spell check than usual. -------------- next part -------------- An HTML attachment was scrubbed... URL: From edlinuxguru at gmail.com Tue May 6 23:30:31 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Tue, 6 May 2014 23:30:31 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <2B4FC6C8-9F9E-47B5-806D-B058D3558E84@ymail.com> References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> <536990FC.8000304@ceetonetechnology.com> <2B4FC6C8-9F9E-47B5-806D-B058D3558E84@ymail.com> Message-ID: On Tuesday, May 6, 2014, Mark Saad wrote: > > Ed > I I have learned one thing , this new java tech is soo cool . Look they even made a ssh server in it . > > http://mina.apache.org/sshd-project/ > > Ohh and I hear "our" new web server scales to 4 concurrent users . I am not sure what 1999 will bring us maybe Microsoft will make a windows 99 . > --- > > > >> On May 6, 2014, at 9:48 PM, George Rosamond wrote: >> >> Edward Capriolo: >>> What a terrible example. Jordan was like an 80 /85 % free throw shooter. >>> Since he shot 10 a game he missed them all the time. >> >> Wow... ed posted and didn't mention Java. >> >> I find that the people who know nothing about sports most often use >> Jordan in metaphors. And we all expect programmers to make mistakes... >> may be he knows less about development than basketball. >> >> And I love the infect OpenSSH/OpenBSD by naming next to OpenSSL. >> >> g >> >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Mark, No one knows what your talking about. I can only hazard a guess that your somehow trying to troll me over java, how your company is switching to it, and how you don't like it. Well guess fin what, you fed me, I am in. I now have a 8 year track record of designing scalable systems in Java. When I'm not writing blog posts about distributed massive scale NoSQL databases written that get picked up my highscalability.com ( http://highscalability.com/blog/2012/5/30/strategy-get-servers-for-free-and-make-users-happy-by-turnin.html), or making side money training on massive scalable map reduce architectures ( https://www.eventbrite.com/e/hands-on-apache-hive-workshop-with-ed-capriolo-austin-tickets-7334274011), or speaking all over the country at tech conferences ( http://chariotsolutions.com/dataio2013/#edward_capriolo) where people pay for my flight and hotel, I do really enjoy coming on this list and debating with you over how Java can not possibly perform well or be scalable. What do you even care anyway? You are in ops, someone hands you some code and you package it and install it. Does it make a differences if it is java/erlang/c/perl/ whatever? In ever much liked php, as an ops person I knew I had 0 input into what language developers chose to do something in. If you are mad/upset/angry/sad/depressed/suidicidal that YOUR company is using java.....Get a new fricken job! I am sure you can find a place that is running master-slave mysql, and a big isilon nfs server, on freebsd and be happy again. Flip the scipt. Become a CTO then you can make the decisions and make all the people under you miserable over your choices. Why are you hating on Mina? This entire thread was about open ssh.commaking an unfair pot shot over one flaw in ssl, and how this is so unconscionable. Then you go and randomly take a pot shot at http://mina.apache.org/sshd-project/. Why target mina? Have you tried it? Do you know that it has poor performance. Read this: https://days2011.scala-lang.org/sites/days2011/files/ws3-1-Hundt.pdf We implemented a well specified compact algorithm in four languages, C++, Java, Go, and Scala, and evaluated the results along several dimensions, finding factors of differences in all areas. We discussed many subsequent language specific optimizations that point to typical performance pain points in the respective languages. *We find that in regards to performance, C++ wins out by* *a large margin. However, it also required the most extensive* *tuning efforts, many of which were done at a level of sophisti-* *cation that would not be available to the average programmer.* Scala concise notation and powerful language features al- lowed for the best optimization of code complexity. *The Java version was probably the simplest to implement,* but the hardest to analyze for performance. Specifically the effects around garbage collection were complicated and very hard to tune. Since Scala runs on the JVM, it has the same issues. Go offers interesting language features, which also allow for a concise and standardized notation. The compilers for this language are still immature, which reflects in both performance and binary sizes. In other words, if your are claimg your programmers are not sophisticated enough to write a Java that performs well they have little chance of writing c++ that performs well according to google. Any believe it or not there are many, many times when java performance.....get ready for your mind to explode .... beats c++! http://blog.dhananjaynene.com/2008/07/performance-comparison-c-java-python-ruby-jython-jruby-groovy/ http://scribblethink.org/Computer/javaCbenchmark.html The authors test some real numerical codes (FFT, Matrix factorization, SOR, fluid solver, N-body) on several architectures and compilers. On Intel they found that the Java performance was very reasonable compared to C (e.g, 20% slower), and that Java was faster than at least one C compiler (KAI compiler on Linux). The authors conclude, "On Intel Pentium hardware, especially with Linux, *the performance gap is small enough to be of little or no concern* to programmers." But please keep going on about all your anecdotal facts about how slow you think Java is even in the face of the overwhelming evidence that says you are wrong. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark.saad at ymail.com Tue May 6 23:51:45 2014 From: mark.saad at ymail.com (Mark Saad) Date: Tue, 06 May 2014 23:51:45 -0400 Subject: [talk] ssh.com blog post In-Reply-To: References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> <536990FC.8000304@ceetonetechnology.com> <2B4FC6C8-9F9E-47B5-806D-B058D3558E84@ymail.com> Message-ID: <5369ADD1.5050504@ymail.com> On 5/6/14, 11:30 PM, Edward Capriolo wrote: > > > On Tuesday, May 6, 2014, Mark Saad > wrote: >> >> Ed >> I I have learned one thing , this new java tech is soo cool . Look > they even made a ssh server in it . >> >> http://mina.apache.org/sshd-project/ >> >> Ohh and I hear "our" new web server scales to 4 concurrent users . I > am not sure what 1999 will bring us maybe Microsoft will make a windows 99 . >> --- >> >> >> >>> On May 6, 2014, at 9:48 PM, George Rosamond > > wrote: >>> >>> Edward Capriolo: >>>> What a terrible example. Jordan was like an 80 /85 % free throw shooter. >>>> Since he shot 10 a game he missed them all the time. >>> >>> Wow... ed posted and didn't mention Java. >>> >>> I find that the people who know nothing about sports most often use >>> Jordan in metaphors. And we all expect programmers to make mistakes... >>> may be he knows less about development than basketball. >>> >>> And I love the infect OpenSSH/OpenBSD by naming next to OpenSSL. >>> >>> g >>> >>> _______________________________________________ >>> talk mailing list >>> talk at lists.nycbug.org >>> http://lists.nycbug.org/mailman/listinfo/talk >> >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk >> > > Mark, > > No one knows what your talking about. I can only hazard a guess that > your somehow trying to troll me over java, how your company is switching > to it, and how you don't like it. > Ed I was making a joke how some people think java is crappy and old and slow and so 1990's tech. It was a bad joke. But I am not normally known for good ones. As for a sshd in java it could have some features worth exploring , I was just adding to Georges comment that you were not touting java :_(. > Well guess fin what, you fed me, I am in. I now have a 8 year track > record of designing scalable systems in Java. > > When I'm not writing blog posts about distributed massive scale NoSQL > databases written that get picked up my highscalability.com > > (http://highscalability.com/blog/2012/5/30/strategy-get-servers-for-free-and-make-users-happy-by-turnin.html), > or making side money training on massive scalable map reduce > architectures > (https://www.eventbrite.com/e/hands-on-apache-hive-workshop-with-ed-capriolo-austin-tickets-7334274011), > or speaking all over the country at tech conferences > (http://chariotsolutions.com/dataio2013/#edward_capriolo) where people > pay for my flight and hotel, I do really enjoy coming on this list and > debating with you over how Java can not possibly perform well or be > scalable. > > What do you even care anyway? You are in ops, someone hands you some > code and you package it and install it. Does it make a differences if it > is java/erlang/c/perl/ whatever? In ever much liked php, as an ops > person I knew I had 0 input into what language developers chose to do > something in. > > If you are mad/upset/angry/sad/depressed/suidicidal that YOUR company is > using java.....Get a new fricken job! I am sure you can find a place > that is running master-slave mysql, and a big isilon nfs server, on > freebsd and be happy again. Flip the scipt. Become a CTO then you can > make the decisions and make all the people under you miserable over your > choices. > > Why are you hating on Mina? This entire thread was about open ssh.com > making an unfair pot shot over one flaw in ssl, and how > this is so unconscionable. Then you go and randomly take a pot shot at > http://mina.apache.org/sshd-project/. Why target mina? Have you tried > it? Do you know that it has poor performance. > > Read this: > https://days2011.scala-lang.org/sites/days2011/files/ws3-1-Hundt.pdf > > We implemented a well specified compact algorithm in four > languages, C++, Java, Go, and Scala, and evaluated the results > along several dimensions, finding factors of differences in > all areas. We discussed many subsequent language specific > optimizations that point to typical performance pain points in > the respective languages. > *We find that in regards to performance, C++ wins out by* > *a large margin. However, it also required the most extensive* > *tuning efforts, many of which were done at a level of sophisti-* > *cation that would not be available to the average programmer.* > Scala concise notation and powerful language features al- > lowed for the best optimization of code complexity. > *The Java version was probably the simplest to implement,* > but the hardest to analyze for performance. Specifically the > effects around garbage collection were complicated and very > hard to tune. Since Scala runs on the JVM, it has the same > issues. > Go offers interesting language features, which also allow > for a concise and standardized notation. The compilers for this > language are still immature, which reflects in both performance > and binary sizes. > > In other words, if your are claimg your programmers are not > sophisticated enough to write a Java that performs well they have little > chance of writing c++ that performs well according to google. > > Any believe it or not there are many, many times when java > performance.....get ready for your mind to explode .... beats c++! > > http://blog.dhananjaynene.com/2008/07/performance-comparison-c-java-python-ruby-jython-jruby-groovy/ > > http://scribblethink.org/Computer/javaCbenchmark.html > > The authors test some real numerical codes (FFT, Matrix factorization, > SOR, fluid solver, N-body) on several architectures and compilers. On > Intel they found that the Java performance was very reasonable compared > to C (e.g, 20% slower), and that Java was faster than at least one C > compiler (KAI compiler on Linux). > > The authors conclude, "On Intel Pentium hardware, especially with Linux, > *the performance gap is small enough to be of little or no concern* to > programmers." > > But please keep going on about all your anecdotal facts about how slow > you think Java is even in the face of the overwhelming evidence that > says you are wrong. > > > Way to much reading up there, I am falling asleep trying to read it. How is it you had that all ready to send out so fast ? In any case to sum up my frustration with java , its not the language nor the speed nor any technical issue with it. I was just unfortunate enough to be exposed to one to many bad setups using java; where the bravado of the programmers far exceeded their skill and money became the solution. I have a similar issue with all things .net and c++ . -- Mark Saad | mark.saad at ymail.com From george at ceetonetechnology.com Wed May 7 00:20:12 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 07 May 2014 00:20:12 -0400 Subject: [talk] ssh.com blog post In-Reply-To: <5369ADD1.5050504@ymail.com> References: <53697AAC.4000103@ceetonetechnology.com> <9F3D0E5A-599E-4EBC-888A-2391C3A3D9CA@gmail.com> <536990FC.8000304@ceetonetechnology.com> <2B4FC6C8-9F9E-47B5-806D-B058D3558E84@ymail.com> <5369ADD1.5050504@ymail.com> Message-ID: <5369B47C.6040901@ceetonetechnology.com> Mark Saad: > > > On 5/6/14, 11:30 PM, Edward Capriolo wrote: >> >> >> On Tuesday, May 6, 2014, Mark Saad > > wrote: >>> >>> Ed >>> I I have learned one thing , this new java tech is soo cool . Look Let's get back to the real thread topic... or we can just drop it. g From sjt.kar at gmail.com Wed May 7 01:12:18 2014 From: sjt.kar at gmail.com (Sujit K M) Date: Wed, 7 May 2014 10:42:18 +0530 Subject: [talk] ssh.com blog post In-Reply-To: <53697AAC.4000103@ceetonetechnology.com> References: <53697AAC.4000103@ceetonetechnology.com> Message-ID: On Wed, May 7, 2014 at 5:43 AM, George Rosamond wrote: > If you haven't seen this yet... being discussed on IRC #nycbug: > > ssh.com/blog/makesyoubleed > > There's some laughable FUD in the article. I also wonder the > proportions of OpenSSH to closed SSH users and servers. If software > isn't used, it's not a target, and for something like OpenSSH, I'd > imagine it's a widely attacked application yet has had minimal issues > for so many years. The other aspect to this FUD is that the amount of security alerts that seem to coming from Proprietory Products from Companies supposedly using Closed SSH makes one not to take this seriously. > > I'm sure I can hear a stampede of organizations dropping OpenSSH and > migrating to corporate closed SSH. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- -- Sujit K M blog(http://kmsujit.blogspot.com/) From pete at nomadlogic.org Wed May 7 13:15:47 2014 From: pete at nomadlogic.org (Pete Wright) Date: Wed, 7 May 2014 10:15:47 -0700 Subject: [talk] ssh.com blog post In-Reply-To: References: <53697AAC.4000103@ceetonetechnology.com> Message-ID: <20140507171539.GA46887@mail.nomadlogic.org> On Tue, May 06, 2014 at 08:45:07PM -0500, Andy Kosela wrote: > On Tue, May 6, 2014 at 7:13 PM, George Rosamond > wrote: > > If you haven't seen this yet... being discussed on IRC #nycbug: > > > > ssh.com/blog/makesyoubleed > > > > There's some laughable FUD in the article. I also wonder the > > proportions of OpenSSH to closed SSH users and servers. If software > > isn't used, it's not a target, and for something like OpenSSH, I'd > > imagine it's a widely attacked application yet has had minimal issues > > for so many years. > > > > I'm sure I can hear a stampede of organizations dropping OpenSSH and > > migrating to corporate closed SSH. > > "John Walsh is a Software Engineer and a member of R&D at SSH > Communications Security". No more to say. > > Of course they want to sell their proprietary SSH products and they > will spread anything to undermine the strength of OpenSSH. This > "beef" is quite old, starting with the fork of OSSH, which itself was > a fork of Tatu Ylonen's SSH. The reality though is that OpenSSH is de > facto standard today, while Tatu's SSH is becoming irrelevant > globally. Tatu is still regretting open-sourcing SSH 1.2.x. > Tatu Ylonen is still on the board of ssh.com - so glad to see the feud is still alive :) my take on the blog post is that by creating FUD around openssh vis a vis the heartbleed hoopla hopefully more people will ping them about their compliance services. it looks like that is their main gravey train at this point - bleeding "security" budget to tick off checkboxes that the compliance people have. -p -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From briancoca+nycbug at gmail.com Wed May 7 15:06:48 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Wed, 7 May 2014 15:06:48 -0400 Subject: [talk] ssh.com blog post In-Reply-To: References: <53697AAC.4000103@ceetonetechnology.com> <20140507171539.GA46887@mail.nomadlogic.org> Message-ID: I need to print out t-shirts with 'compliance != security' for my next batch of auditors -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Wed May 7 15:36:46 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 07 May 2014 15:36:46 -0400 Subject: [talk] ssh.com blog post In-Reply-To: References: <53697AAC.4000103@ceetonetechnology.com> <20140507171539.GA46887@mail.nomadlogic.org> Message-ID: <536A8B4E.2090007@ceetonetechnology.com> Brian Coca: > I need to print out t-shirts with 'compliance != security' for my next > batch of auditors > I'm sure someone already trade marked that.. the same day regulations were first enacted. Going back to Pete's post, it's sorta funny to rethink the old "no one gets fired for choosing IBM"... clearly, people can get fired for not choosing OpenSSH. "WTF did you think some application that no one uses would be the best solution? I mean, even Cisco uses it!" g From mark.saad at ymail.com Fri May 9 15:27:25 2014 From: mark.saad at ymail.com (Mark Saad) Date: Fri, 09 May 2014 15:27:25 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? Message-ID: <536D2C1D.8000602@ymail.com> All This was posted today on FreeBSDNews.net but I cant find any thing abot DragonFly other then that one line. The developers of pfSense have just released version 2.1.3. This version addresses security fixes seen in pfSense-SA-14_05.tcp and pfSense-SA-14_06.openssl. Other fixes include optimizations in the tools repository, and minor changes in OpenVPN, Correct Captive Portal, and DynDNS. pfSense is a m0n0wall-derived operating system. It uses Packet Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), ALTQ for excellent packet queuing, and an integrated package management system for extending the environment with new features. To read the full release notes, head on over to the official pfSense digest page: https://blog.pfsense.org/?p=1272 -- Mark Saad | mark.saad at ymail.com From bcallah at devio.us Fri May 9 15:55:16 2014 From: bcallah at devio.us (Brian Callahan) Date: Fri, 09 May 2014 15:55:16 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? In-Reply-To: <536D2C1D.8000602@ymail.com> References: <536D2C1D.8000602@ymail.com> Message-ID: <536D32A4.5000302@devio.us> On 05/09/14 15:27, Mark Saad wrote: > All > This was posted today on FreeBSDNews.net but I cant find any thing > abot DragonFly other then that one line. > > > > The developers of pfSense have just released version 2.1.3. This version > addresses security fixes seen in pfSense-SA-14_05.tcp and > pfSense-SA-14_06.openssl. Other fixes include optimizations in the tools > repository, and minor changes in OpenVPN, Correct Captive Portal, and > DynDNS. > > pfSense is a m0n0wall-derived operating system. It uses Packet > Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), > ALTQ for excellent packet queuing, and an integrated package management > system for extending the environment with new features. > > To read the full release notes, head on over to the official pfSense > digest page: https://blog.pfsense.org/?p=1272 > > Am I missing something? That pfsense link has no mention of DFly... From mark.saad at ymail.com Fri May 9 16:55:43 2014 From: mark.saad at ymail.com (Mark Saad) Date: Fri, 09 May 2014 16:55:43 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? In-Reply-To: <536D32A4.5000302@devio.us> References: <536D2C1D.8000602@ymail.com> <536D32A4.5000302@devio.us> Message-ID: <536D40CF.5020908@ymail.com> Check this byline on the original post On 5/9/14, 3:55 PM, Brian Callahan wrote: > pfSense is a m0n0wall-derived operating system. It uses Packet > Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), <--- WTF is that about > ALTQ for excellent packet queuing, -- Mark Saad | mark.saad at ymail.com From bcallah at devio.us Fri May 9 17:00:31 2014 From: bcallah at devio.us (Brian Callahan) Date: Fri, 09 May 2014 17:00:31 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? In-Reply-To: <536D40CF.5020908@ymail.com> References: <536D2C1D.8000602@ymail.com> <536D32A4.5000302@devio.us> <536D40CF.5020908@ymail.com> Message-ID: <536D41EF.3080706@devio.us> On 05/09/14 16:55, Mark Saad wrote: > Check this byline on the original post > > On 5/9/14, 3:55 PM, Brian Callahan wrote: >> pfSense is a m0n0wall-derived operating system. It uses Packet >> Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), <--- WTF is that about >> ALTQ for excellent packet queuing, Oh I see now. It's on the freebsdnews.net site. As to your original question what to make of it: I don't know. It would be an interesting "win" for DFly. But as it's not from the pfsense people themselves (I think?) I don't put any stock into it. From bonsaime at gmail.com Fri May 9 17:34:55 2014 From: bonsaime at gmail.com (Jesse Callaway) Date: Fri, 9 May 2014 17:34:55 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? In-Reply-To: <536D41EF.3080706@devio.us> References: <536D2C1D.8000602@ymail.com> <536D32A4.5000302@devio.us> <536D40CF.5020908@ymail.com> <536D41EF.3080706@devio.us> Message-ID: On Fri, May 9, 2014 at 5:00 PM, Brian Callahan wrote: > > On 05/09/14 16:55, Mark Saad wrote: > >> Check this byline on the original post >> >> On 5/9/14, 3:55 PM, Brian Callahan wrote: >> >>> pfSense is a m0n0wall-derived operating system. It uses Packet >>> Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), >>> <--- WTF is that about >>> ALTQ for excellent packet queuing, >>> >> > Oh I see now. It's on the freebsdnews.net site. > As to your original question what to make of it: I don't know. It would be > an interesting "win" for DFly. But as it's not from the pfsense people > themselves (I think?) I don't put any stock into it. > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Does anyone know (George...) who the author, Cao is? I'd reach out and ask for further comment, but I'm not sure who wrote it. -- -jesse -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark.saad at ymail.com Fri May 9 19:40:56 2014 From: mark.saad at ymail.com (Mark Saad) Date: Fri, 9 May 2014 19:40:56 -0400 Subject: [talk] PFSense moving to DragonflyBSD ? In-Reply-To: <536D597A.6090000@pfsense.org> References: <536D2C1D.8000602@ymail.com> <536D32A4.5000302@devio.us> <536D40CF.5020908@ymail.com> <536D41EF.3080706@devio.us> <536D597A.6090000@pfsense.org> Message-ID: > On May 9, 2014, at 6:40 PM, Chris Buechler wrote: > >> On 5/9/2014 4:00 PM, Brian Callahan wrote: >> >>> On 05/09/14 16:55, Mark Saad wrote: >>> Check this byline on the original post >>> >>>> On 5/9/14, 3:55 PM, Brian Callahan wrote: >>>> pfSense is a m0n0wall-derived operating system. It uses Packet >>>> Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is >>>> finished), <--- WTF is that about >>>> ALTQ for excellent packet queuing, >> >> Oh I see now. It's on the freebsdnews.net site. >> As to your original question what to make of it: I don't know. It would >> be an interesting "win" for DFly. But as it's not from the pfsense >> people themselves (I think?) I don't put any stock into it. > > They're using about a decade-old description of the project (note > FreeBSD 6.x reference), which we haven't used ourselves in probably 8 > years at least. I just sent a request for them to use an updated > description of the project and retire that one. Scott Ullrich had a lot > of interest in DFly at the time, which is where that originated, though > there wasn't actually any work done towards accomplishing that and Scott > hasn't been involved in the project in years. > > In short, no, we don't have any plans to change base OS at this time. > I suspected that a as the case , but hey you never know . How is the work progressing on a FreeBSD 10 version of pfsense ? -- Mark From scottro at nyc.rr.com Fri May 9 21:26:45 2014 From: scottro at nyc.rr.com (Scott Robbins) Date: Fri, 9 May 2014 21:26:45 -0400 Subject: [talk] Followup on Japanese input Message-ID: <20140510012645.GA12561@scott1.scottro.net> I'm not sure if anyone is interested, but I did have quite a bit of trouble getting Japanese input working in FreeBSD-10. Without going too deeply into my trials and tribulations, it seems that at least in my two preferred desktops, openbox and dwm, ibus is ignoring the hot keys. I tried various combinations, thinking that perhaps both window managers had some keyboard shortcut overriding the hot keys, with no luck. In FreeBSD-9.x, Japanese input had been fairly standard for me. Install ibus-mozc, add variables for LC_CTYPE, GTK_IM_MODULE, QT_IM_MODULE and XMODIFIERS, and all worked as expected. Finally, byuu on FreeBSD forums gave me a solution. He has a small shell script that does what the hot keys should be doing, and creating a keyboard shortcut to said script works. (Actually, a shortcut to dmenu also works--once in dmenu, even if your desktop is stuck in Japanese input you can open dmenu, which will input in English, type the script name, and all your other apps switch back to English input. The script is simply ---- #!/bin/sh if [ `ibus engine` = 'mozc-jp' ]; then ibus engine xkb:us::eng else ibus engine mozc-jp #or whatever IME you prefer; change it above too. fi ----- Hopefully, the above will be of use to someone. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From mcevoy.pat at gmail.com Mon May 12 19:15:06 2014 From: mcevoy.pat at gmail.com (Patrick McEvoy) Date: Mon, 12 May 2014 19:15:06 -0400 Subject: [talk] Audio for 5/7 bhyve meeting? Message-ID: <537155FA.5060304@gmail.com> Hello folks, Does anyone have audio for the last meeting? I see the slides are posted. P From george at ceetonetechnology.com Thu May 15 11:12:20 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 15 May 2014 11:12:20 -0400 Subject: [talk] svnup weirdness with FreeBSD 9 & 10-stable Message-ID: <5374D954.3010208@ceetonetechnology.com> Each time I run svnup for 9 or 10-stable, the files from dtracetoolkit are either added or removed. It alternates between them. trim_tree=1, fyi. So just a quick glimpse... + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_stat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_events_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/fddist_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/mmapfiles_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_cputime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flowtime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sar-c_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sampleproc_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_lines_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_who_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/execsnoop_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/pgpginbyproc_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_flow_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_cputime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_flowtime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/cpudists_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/modcalls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_procflow_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flow_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_flowinfo_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_pidcolors_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_cpudist_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/dnlcps_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_syscolors_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/shortlived_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/diskhits_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_calldist_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rfsio_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/oneliners_examples.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_calls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/anonpgpid_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/pidpersec_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rwtop_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_flow_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_cputime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/minfbyproc_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcpsnoop_d_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_calldist_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_syscalls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/syscallbypid_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/js_cputime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/writebytes_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_calltime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/vopstat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/weblatency_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_funccalls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/iotop_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/hotuser_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_calls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/guess_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcpstat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_wasted_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/pl_flowtime_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/httpdstat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/creatbyproc_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/dnlcstat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/vmstat-p_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/vmbypid_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/kstat_types_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_profile_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/zvmstat_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/whatexec_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/syscallbysysc_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flowinfo_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/cpuwalk_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_objcpu_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/iopattern_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_package_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/pl_flow_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_calls_example.txt + /usr/src/cddl/contrib/dtracetoolkit/Notes/ALLperl_notes.txt + /usr/src/cddl/contrib/dtracetoolkit/Notes/ALLinclusive_notes.txt Now if I run svnup for 9 or 10-stable again, it removes them. Anyone else notice this? How about with subversion? g From okan at demirmen.com Thu May 15 11:44:54 2014 From: okan at demirmen.com (Okan Demirmen) Date: Thu, 15 May 2014 11:44:54 -0400 Subject: [talk] svnup weirdness with FreeBSD 9 & 10-stable In-Reply-To: <5374D954.3010208@ceetonetechnology.com> References: <5374D954.3010208@ceetonetechnology.com> Message-ID: <20140515154454.GA9882@lithium.khaoz.org> On Thu 2014.05.15 at 11:12 -0400, George Rosamond wrote: > Each time I run svnup for 9 or 10-stable, the files from dtracetoolkit > are either added or removed. It alternates between them. > > trim_tree=1, fyi. > > So just a quick glimpse... > > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_stat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_events_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/fddist_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/mmapfiles_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_cputime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flowtime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sar-c_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sampleproc_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_lines_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_who_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/execsnoop_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/pgpginbyproc_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_flow_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_cputime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_flowtime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/cpudists_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/modcalls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_procflow_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flow_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_flowinfo_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_pidcolors_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_cpudist_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/dnlcps_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_syscolors_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/shortlived_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/diskhits_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_calldist_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rfsio_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/oneliners_examples.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_calls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/anonpgpid_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/pidpersec_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rwtop_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_flow_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_cputime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/minfbyproc_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcpsnoop_d_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/py_calldist_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_syscalls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/syscallbypid_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/js_cputime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/writebytes_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/php_calltime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/vopstat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/weblatency_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_funccalls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/iotop_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/hotuser_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_calls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/guess_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcpstat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/sh_wasted_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/pl_flowtime_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/httpdstat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/creatbyproc_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/dnlcstat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/vmstat-p_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/vmbypid_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/kstat_types_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_profile_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/zvmstat_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/whatexec_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/syscallbysysc_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_flowinfo_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/cpuwalk_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/rb_objcpu_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/iopattern_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/j_package_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/pl_flow_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Examples/tcl_calls_example.txt > + /usr/src/cddl/contrib/dtracetoolkit/Notes/ALLperl_notes.txt > + /usr/src/cddl/contrib/dtracetoolkit/Notes/ALLinclusive_notes.txt > > > Now if I run svnup for 9 or 10-stable again, it removes them. > > Anyone else notice this? How about with subversion? Have you tried using dtrace to find the problem? It's mocking you. From pete at nomadlogic.org Thu May 15 14:01:10 2014 From: pete at nomadlogic.org (Pete Wright) Date: Thu, 15 May 2014 11:01:10 -0700 Subject: [talk] svnup weirdness with FreeBSD 9 & 10-stable In-Reply-To: <20140515154454.GA9882@lithium.khaoz.org> References: <5374D954.3010208@ceetonetechnology.com> <20140515154454.GA9882@lithium.khaoz.org> Message-ID: <537500E6.5070204@nomadlogic.org> On 05/15/14 08:44, Okan Demirmen wrote: > On Thu 2014.05.15 at 11:12 -0400, George Rosamond wrote: >> Each time I run svnup for 9 or 10-stable, the files from dtracetoolkit >> are either added or removed. It alternates between them. >> >> >> >> Now if I run svnup for 9 or 10-stable again, it removes them. >> >> Anyone else notice this? How about with subversion? looks good on my 10.0-RELEASE system here, using svn: [pwright at pop]:/usr/src > sudo svn up Password: Updating '.': At revision 266162. [pwright at pop]:/usr/src > svn info Path: . Working Copy Root Path: /usr/src URL: https://svn0.us-west.freebsd.org/base/release/10.0.0 Relative URL: ^/release/10.0.0 Repository Root: https://svn0.us-west.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 266162 Node Kind: directory Schedule: normal Last Changed Author: gjb Last Changed Rev: 260789 Last Changed Date: 2014-01-16 10:43:50 -0800 (Thu, 16 Jan 2014) > > Have you tried using dtrace to find the problem? It's mocking you. lol...couldn't have said it better myself :) -p -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From george at ceetonetechnology.com Thu May 15 21:12:35 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 15 May 2014 21:12:35 -0400 Subject: [talk] /. on "don't be a server hugger" Message-ID: <53756603.6010706@ceetonetechnology.com> I have to say, there is rare times that the comments section of slashdot was not only funny, but also that i agreed with almost everything in the comments. You would think 11 months after the Snowden disclosures, who owns your data would be considered relevant to a cloud discussion. g From george at ceetonetechnology.com Thu May 15 21:15:32 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 15 May 2014 21:15:32 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <53756603.6010706@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> Message-ID: <537566B4.2080003@ceetonetechnology.com> George Rosamond: > I have to say, there is rare times that the comments section of slashdot > was not only funny, but also that i agreed with almost everything in the > comments. > > You would think 11 months after the Snowden disclosures, who owns your > data would be considered relevant to a cloud discussion. Link for those new to the internet: http://slashdot.org/story/14/05/15/1912232/dont-be-a-server-hugger-video g From netmantej at gmail.com Thu May 15 23:01:01 2014 From: netmantej at gmail.com (netmantej) Date: Thu, 15 May 2014 23:01:01 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <537566B4.2080003@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: <53757F6D.70207@gmail.com> Unless the "cloud" resides on my hardware, it is a liability. These "management" buzz words are always a nuisance. Anything on hardware outside of my control is a compromise. Sooner or later, it will be compromised. -- Tim On 5/15/14, 9:15 PM, George Rosamond wrote: > George Rosamond: >> I have to say, there is rare times that the comments section of slashdot >> was not only funny, but also that i agreed with almost everything in the >> comments. >> >> You would think 11 months after the Snowden disclosures, who owns your >> data would be considered relevant to a cloud discussion. > > Link for those new to the internet: > > http://slashdot.org/story/14/05/15/1912232/dont-be-a-server-hugger-video > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From briancoca+nycbug at gmail.com Thu May 15 23:38:37 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Thu, 15 May 2014 23:38:37 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <53757F6D.70207@gmail.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53757F6D.70207@gmail.com> Message-ID: The cloud is a tool, like many others in our belt it has its uses and misuses. As always there are other 'tools' that decide that 'a thing' solves all problems we've ever had and will ever have. People should stop looking for silver bullets, we don't have a werewolf problem, plenty of other real ones we have to tackle. -- hug a server, feel the warmth! ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From netmantej at gmail.com Thu May 15 23:53:10 2014 From: netmantej at gmail.com (netmantej) Date: Thu, 15 May 2014 23:53:10 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53757F6D.70207@gmail.com> Message-ID: <53758BA6.9070304@gmail.com> Love your server. My (Now) wife used to complain about "Making love to the green glow of the monitor". She said "Maybe if I got a tattoo of a keyboard on my ass, you would pay more attention to me". She is still my wife, Love you sweetie, and it has been 20 years since the green monitor. And yes, I pay attention to her every day of my life. -- Tim On 5/15/14, 11:38 PM, Brian Coca wrote: > The cloud is a tool, like many others in our belt it has its uses and > misuses. > > As always there are other 'tools' that decide that 'a thing' solves all > problems we've ever had and will ever have. People should stop looking > for silver bullets, we don't have a werewolf problem, plenty of other > real ones we have to tackle. > > -- hug a server, feel the warmth! > ? > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From edlinuxguru at gmail.com Fri May 16 02:27:02 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Fri, 16 May 2014 02:27:02 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <537566B4.2080003@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: I think the 'cloud' most people use (AWS) is the most ironic technology ever. It using xen and virtualisation, but you still pay for servers as if they are a physical thing on a rack. M1.xl is X cents on hour even if it is idling. With AWS you give up 'server hugging' for 'XEN server hugging' . IMHO heroku and erlang clouds http://cloudi.org/ are more interesting because they offer something conceptually different than thinking of compute resources as "servers" that need "software installed" on them. (AWS does have some pay per use services like this (email, simpledb) ) On Thu, May 15, 2014 at 9:15 PM, George Rosamond < george at ceetonetechnology.com> wrote: > George Rosamond: > > I have to say, there is rare times that the comments section of slashdot > > was not only funny, but also that i agreed with almost everything in the > > comments. > > > > You would think 11 months after the Snowden disclosures, who owns your > > data would be considered relevant to a cloud discussion. > > Link for those new to the internet: > > http://slashdot.org/story/14/05/15/1912232/dont-be-a-server-hugger-video > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From chsnyder at gmail.com Fri May 16 10:18:08 2014 From: chsnyder at gmail.com (Chris Snyder) Date: Fri, 16 May 2014 10:18:08 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: On Fri, May 16, 2014 at 2:27 AM, Edward Capriolo wrote: > I think the 'cloud' most people use (AWS) is the most ironic technology > ever. It using xen and virtualisation, but you still pay for servers as if > they are a physical thing on a rack. M1.xl is X cents on hour even if it is > idling. With AWS you give up 'server hugging' for 'XEN server hugging' . > >> >> An idling server is still burning dinosaurs, holding an IP address, and using storage. Anyway, for small organizations, cloud is a godsend. If you _don't_ have a competent, professional sysadmin on staff or retainer, and a budget for a proper datacenter, then it's less risky to hand over your systems to someone who does. Think about all the un-patched, misconfigured Small Business Servers that disappear from the internet every day thanks to outlook.com. Commodity computing is like commodity anything else. It's not as good as bespoke, but it's easier and safer than DIY. -------------- next part -------------- An HTML attachment was scrubbed... URL: From briancoca+nycbug at gmail.com Fri May 16 10:42:59 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Fri, 16 May 2014 10:42:59 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: My math will have to be redone as prices have changed a lot, but 3 years ago I found that when you get enough 24/7 active machines to justify 2 racks (35+ Us, not counting switches/etc), you are better off (economically) with your own DC, lower than that most clouds are cheaper, specially if can destroy/down unused instances off hours. Again this was just a dollar and cents comparison, many other factors might weigh in on the decision. It is nice to scale up/down in a matter of minutes, but that depends a lot on your business needs. -------------- next part -------------- An HTML attachment was scrubbed... URL: From edlinuxguru at gmail.com Fri May 16 11:00:59 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Fri, 16 May 2014 11:00:59 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: The 'issue' with the cost debate is the cloud huggers have this term called 'cost of system admin'. So even when you prove doing it yourself is less, the cloud people factor in salaries of 2-3 people and then says 'cloud is cheaper'. What this argument fails to account for is that when you do not have system admins and networks, you have programmers spending time as system admins. Beside the fact that this takes away from there programming time not all programmers have the requisite experience to be decent system admins. On Fri, May 16, 2014 at 10:42 AM, Brian Coca wrote: > My math will have to be redone as prices have changed a lot, but 3 years > ago I found that when you get enough 24/7 active machines to justify 2 > racks (35+ Us, not counting switches/etc), you are better off > (economically) with your own DC, lower than that most clouds are cheaper, > specially if can destroy/down unused instances off hours. > > Again this was just a dollar and cents comparison, many other factors > might weigh in on the decision. It is nice to scale up/down in a matter of > minutes, but that depends a lot on your business needs. > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From briancoca+nycbug at gmail.com Fri May 16 11:10:59 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Fri, 16 May 2014 11:10:59 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: This is just anecdotal evidence, but I've had many an interview for the 'new sysadmin' position in a startup right after they were compromised or had a persistent outage problems. Before that they were 'fine with a developer managing the cloud'. ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Fri May 16 11:14:03 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 16 May 2014 11:14:03 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: <53762B3B.2040402@ceetonetechnology.com> Edward Capriolo: > The 'issue' with the cost debate is the cloud huggers have this term called > 'cost of system admin'. So even when you prove doing it yourself is less, > the cloud people factor in salaries of 2-3 people and then says 'cloud is > cheaper'. What this argument fails to account for is that when you do not > have system admins and networks, you have programmers spending time as > system admins. Beside the fact that this takes away from there programming > time not all programmers have the requisite experience to be decent system > admins. > Yes, and that's part of the issue isn't it? Cloud advocates talk about cost, which may be true in certain circumstances, but throwing in sysadmin healthcare costs, and other irrelevant details really distorts the comparison. It's not much of a joke to say AWS is cheap until you use it. The "don't be a server hugger" character is just pushing marketing FUD. As I said in the OP, I have never seen slashdot comments so one-sided on a topic from a side I agree with. Chris states that the cloud is a godsend. Well, in certain scenarios in which your capital expenditures will not give you the depreciation value, or for startups that won't last more than 6 mos, yes. But in the case of you needing confidentiality for your data? What if you have heavy IP information? Do you really want the provider scanning the data for whatever happens to be the boogeyman of the day (eg, terrorism, ip violations, etc)? The first arguments I heard around the cloud were incredibly non-technical sales people. Probably not different for anyone else. These were people who didnt know the difference between Xen and a multi-user system. I've seen the implicit hand of "it's what everyone is doing" affect some people, ie, "I read everyone doing it in NYC, so I'll do it here in Kentucky" attitude also. At the end of the day the question isn't about the cloud v servers. It's always *on* servers. The marketing FUD dances around that. *They* have made it the thrust of the argument, but it's not enough to chase that strawman argument. g From george at ceetonetechnology.com Fri May 16 11:16:55 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 16 May 2014 11:16:55 -0400 Subject: [talk] next meeting proposal Message-ID: <53762BE7.5070507@ceetonetechnology.com> I hate for anyone (esp me) to post a slashdot story. Either you read slashdot or you don't, and those who don't do not want to :) So while the next meeting location is still an open issue, I do propose we have a cloud and colo meeting... but not one person speaking. If we had a volunteer for a few angles on this it could be useful. We might hit: - costs - sysadmins/devs/cloud - does the cloud ever make sense? - whither data centers? Thoughts? g From briancoca+nycbug at gmail.com Fri May 16 11:32:43 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Fri, 16 May 2014 11:32:43 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <53762B3B.2040402@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: I'm going to start using a dodecahedron for representing the internet on my slides from now on, I expect that in 10yrs it will be a new marketing buzzword. -------------- next part -------------- An HTML attachment was scrubbed... URL: From briancoca+nycbug at gmail.com Fri May 16 11:37:35 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Fri, 16 May 2014 11:37:35 -0400 Subject: [talk] next meeting proposal In-Reply-To: <53762BE7.5070507@ceetonetechnology.com> References: <53762BE7.5070507@ceetonetechnology.com> Message-ID: I have a couple of real life use cases for hybrid cloud/DC usage and how to balance it, I can probably talk for 10 - 15 mins. -------------- next part -------------- An HTML attachment was scrubbed... URL: From edlinuxguru at gmail.com Fri May 16 11:37:54 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Fri, 16 May 2014 11:37:54 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <53762B3B.2040402@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: Fresh off the AWS twitter. http://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/?utm_content=bufferee12b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer Showing you how to calculate server costs "correctly" with a "new" tco calculator. On Fri, May 16, 2014 at 11:14 AM, George Rosamond < george at ceetonetechnology.com> wrote: > Edward Capriolo: > > The 'issue' with the cost debate is the cloud huggers have this term > called > > 'cost of system admin'. So even when you prove doing it yourself is less, > > the cloud people factor in salaries of 2-3 people and then says 'cloud is > > cheaper'. What this argument fails to account for is that when you do not > > have system admins and networks, you have programmers spending time as > > system admins. Beside the fact that this takes away from there > programming > > time not all programmers have the requisite experience to be decent > system > > admins. > > > > Yes, and that's part of the issue isn't it? Cloud advocates talk about > cost, which may be true in certain circumstances, but throwing in > sysadmin healthcare costs, and other irrelevant details really distorts > the comparison. It's not much of a joke to say AWS is cheap until you > use it. > > The "don't be a server hugger" character is just pushing marketing FUD. > As I said in the OP, I have never seen slashdot comments so one-sided > on a topic from a side I agree with. > > Chris states that the cloud is a godsend. Well, in certain scenarios in > which your capital expenditures will not give you the depreciation > value, or for startups that won't last more than 6 mos, yes. > > But in the case of you needing confidentiality for your data? What if > you have heavy IP information? Do you really want the provider scanning > the data for whatever happens to be the boogeyman of the day (eg, > terrorism, ip violations, etc)? > > The first arguments I heard around the cloud were incredibly > non-technical sales people. Probably not different for anyone else. > These were people who didnt know the difference between Xen and a > multi-user system. > > I've seen the implicit hand of "it's what everyone is doing" affect some > people, ie, "I read everyone doing it in NYC, so I'll do it here in > Kentucky" attitude also. > > At the end of the day the question isn't about the cloud v servers. > It's always *on* servers. The marketing FUD dances around that. *They* > have made it the thrust of the argument, but it's not enough to chase > that strawman argument. > > g > > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Fri May 16 11:39:02 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 16 May 2014 11:39:02 -0400 Subject: [talk] next meeting proposal In-Reply-To: References: <53762BE7.5070507@ceetonetechnology.com> Message-ID: <53763116.40105@ceetonetechnology.com> Brian Coca: > I have a couple of real life use cases for hybrid cloud/DC usage and how to > balance it, I can probably talk for 10 - 15 mins. perfect... that's exactly the format i'm envisioning... others? g From george at ceetonetechnology.com Fri May 16 11:42:06 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 16 May 2014 11:42:06 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: <537631CE.3050605@ceetonetechnology.com> Edward Capriolo: > Fresh off the AWS twitter. > http://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/?utm_content=bufferee12b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer > > Showing you how to calculate server costs "correctly" with a "new" tco > calculator. > "I always feel like, somebody's watching me" I assume the server-hugger arguments about their TCO equation finally caused them to readjust. How does uptime fit in here? g From briancoca+nycbug at gmail.com Fri May 16 11:48:59 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Fri, 16 May 2014 11:48:59 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: Those numbers seem to assume you buy all the software and network appliances. My numbers were skewed in the other direction because i was using OSS for everything (routers/firewalls, virtualization,etc). IT labor costs in my case were higher but more than compensated for by the software choice. -------------- next part -------------- An HTML attachment was scrubbed... URL: From edlinuxguru at gmail.com Fri May 16 11:58:25 2014 From: edlinuxguru at gmail.com (Edward Capriolo) Date: Fri, 16 May 2014 11:58:25 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <537631CE.3050605@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> <537631CE.3050605@ceetonetechnology.com> Message-ID: AWS has 2 9s uptime. Sounds impressive. What they do not tell people is that both of those 9s come before the decimal point. On Fri, May 16, 2014 at 11:42 AM, George Rosamond < george at ceetonetechnology.com> wrote: > Edward Capriolo: > > Fresh off the AWS twitter. > > > http://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/?utm_content=bufferee12b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer > > > > Showing you how to calculate server costs "correctly" with a "new" tco > > calculator. > > > > "I always feel like, somebody's watching me" > > I assume the server-hugger arguments about their TCO equation finally > caused them to readjust. > > How does uptime fit in here? > > g > -------------- next part -------------- An HTML attachment was scrubbed... URL: From chsnyder at gmail.com Fri May 16 11:59:30 2014 From: chsnyder at gmail.com (Chris Snyder) Date: Fri, 16 May 2014 11:59:30 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: On Fri, May 16, 2014 at 11:32 AM, Brian Coca wrote: > I'm going to start using a dodecahedron for representing the internet on > my slides from now on, I expect that in 10yrs it will be a new marketing > buzzword. > > A twelve-sided Internet is so much better organized than some amorphous cloud. Look, see how you can see six of the sides at once? That's good security right there. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bonsaime at gmail.com Fri May 16 12:09:13 2014 From: bonsaime at gmail.com (Jesse Callaway) Date: Fri, 16 May 2014 12:09:13 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: On Fri, May 16, 2014 at 11:48 AM, Brian Coca wrote: > Those numbers seem to assume you buy all the software and network > appliances. My numbers were skewed in the other direction because i was > using OSS for everything (routers/firewalls, virtualization,etc). IT labor > costs in my case were higher but more than compensated for by the software > choice. > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > There is a certain risk in ownership. If the infrastructure demands are known and can be projected for at least 1 year going forward, then ownership makes a great deal of sense in most cases. Certainly the cost of administration is no less when going with the cloud. Admin costs are not for rack & stack, they are for configuration and upkeep, which must be done in either case. I'm preaching to the choir, but I'd like to say that there are cases where ownership of hardware makes sense, and there are cases where it does not make sense... either from a depreciation perspective or from having to maintain multiple contracts with remote admins for global pops, etc. How much is it going to cost you to replace a stick of RAM in Singapore? I think I just contradicted my earlier statement, but it does go to show that it all depends on what you're doing. There is no clearcut better answer in all cases. -- -jesse -------------- next part -------------- An HTML attachment was scrubbed... URL: From mikel.king at gmail.com Fri May 16 12:46:23 2014 From: mikel.king at gmail.com (Mikel King) Date: Fri, 16 May 2014 12:46:23 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: <537566B4.2080003@ceetonetechnology.com> References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> Message-ID: On May 15, 2014, at 9:15 PM, George Rosamond wrote: > George Rosamond: >> I have to say, there is rare times that the comments section of slashdot >> was not only funny, but also that i agreed with almost everything in the >> comments. >> >> You would think 11 months after the Snowden disclosures, who owns your >> data would be considered relevant to a cloud discussion. > > Link for those new to the internet: > > http://slashdot.org/story/14/05/15/1912232/dont-be-a-server-hugger-video Reminds me of a tongue-in-cheek anti cloud article from several years ago... http://jafdip.com/clouds-and-other-foolish-notions/ In pyramids we trust, m -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: Message signed with OpenPGP using GPGMail URL: From pete at nomadlogic.org Fri May 16 13:42:57 2014 From: pete at nomadlogic.org (Pete Wright) Date: Fri, 16 May 2014 10:42:57 -0700 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> Message-ID: <53764E21.7060208@nomadlogic.org> On 05/16/14 09:09, Jesse Callaway wrote: > > > > On Fri, May 16, 2014 at 11:48 AM, Brian Coca > wrote: > > Those numbers seem to assume you buy all the software and network > appliances. My numbers were skewed in the other direction because i > was using OSS for everything (routers/firewalls, > virtualization,etc). IT labor costs in my case were higher but more > than compensated for by the software choice. > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > > > > There is a certain risk in ownership. If the infrastructure demands are > known and can be projected for at least 1 year going forward, then > ownership makes a great deal of sense in most cases. > > Certainly the cost of administration is no less when going with the > cloud. Admin costs are not for rack & stack, they are for configuration > and upkeep, which must be done in either case. > > I'm preaching to the choir, but I'd like to say that there are cases > where ownership of hardware makes sense, and there are cases where it > does not make sense... either from a depreciation perspective or from > having to maintain multiple contracts with remote admins for global > pops, etc. How much is it going to cost you to replace a stick of RAM in > Singapore? I think I just contradicted my earlier statement, but it does > go to show that it all depends on what you're doing. There is no > clearcut better answer in all cases. > yea i totaly agree with you here jesse. another thing that is commonly overlooked is how you pay for "cloud" services like AWS. generally it will be an Operational Expense on your books, as opposed to Capital Expense if you build and own your own infrastructure. for many non-sysadmin-centric startups this is pretty appealing from a finance perspective. taking that into account with the other upfront costs of owning your own gear that jesse mentions can turn off non-technical decision makers pretty quickly. my 2 bits is that things like aws have some interesting use-cases but have *major* downsides that need to be taken into account. maybe it's better to work with your local ISP and get a dedicated server? maybe you lease your gear? aws isn't the only way to sidestep opex :) -p -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From mike at myownsoho.net Fri May 16 22:33:07 2014 From: mike at myownsoho.net (Mike N.) Date: Fri, 16 May 2014 22:33:07 -0400 Subject: [talk] /. on "don't be a server hugger" In-Reply-To: References: <53756603.6010706@ceetonetechnology.com> <537566B4.2080003@ceetonetechnology.com> <53762B3B.2040402@ceetonetechnology.com> <537631CE.3050605@ceetonetechnology.com> Message-ID: <3a636e169bb918b0f72b44ca4b9bbb2e@myownsoho.net> On 2014-05-16 11:58, Edward Capriolo wrote: > AWS has 2 9s uptime. Do you have any links, documentation, studies, monitoring, etc. on this? (actual data, not SLA) > Sounds impressive. What they do not tell people > is that both of those 9s come before the decimal point. > > On Fri, May 16, 2014 at 11:42 AM, George Rosamond > wrote: > > Edward Capriolo: > Fresh off the AWS twitter. > http://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/?utm_content=bufferee12b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer > [1] > > Showing you how to calculate server costs "correctly" with a "new" tco > calculator. > > > "I always feel like, somebody's watching me" > > I assume the server-hugger arguments about their TCO equation finally > caused them to readjust. > > How does uptime fit in here? > > g > > > > Links: > ------ > [1] > http://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/?utm_content=bufferee12b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From jhb at FreeBSD.org Sun May 18 12:12:13 2014 From: jhb at FreeBSD.org (John Baldwin) Date: Sun, 18 May 2014 12:12:13 -0400 Subject: [talk] Audio for 5/7 bhyve meeting? In-Reply-To: <537155FA.5060304@gmail.com> References: <537155FA.5060304@gmail.com> Message-ID: <5378DBDD.4020305@FreeBSD.org> On 5/12/14, 7:15 PM, Patrick McEvoy wrote: > Hello folks, > Does anyone have audio for the last meeting? > I see the slides are posted. There wasn't a mic, so I don't think it was recorded unfortunately. -- John Baldwin From okan at demirmen.com Sun May 18 12:54:09 2014 From: okan at demirmen.com (Okan Demirmen) Date: Sun, 18 May 2014 12:54:09 -0400 Subject: [talk] Audio for 5/7 bhyve meeting? In-Reply-To: <5378DBDD.4020305@FreeBSD.org> References: <537155FA.5060304@gmail.com> <5378DBDD.4020305@FreeBSD.org> Message-ID: On Sun, May 18, 2014 at 12:12 PM, John Baldwin wrote: > On 5/12/14, 7:15 PM, Patrick McEvoy wrote: >> Hello folks, >> Does anyone have audio for the last meeting? >> I see the slides are posted. > > There wasn't a mic, so I don't think it was recorded unfortunately. Friday I posted the audio that Nikolai records and processes for almost all our meetings. The audio is from someone talking about Bhyve, so I'm sure it's the right one :) From jhb at freebsd.org Mon May 19 09:54:39 2014 From: jhb at freebsd.org (John Baldwin) Date: Mon, 19 May 2014 09:54:39 -0400 Subject: [talk] Audio for 5/7 bhyve meeting? In-Reply-To: References: <537155FA.5060304@gmail.com> <5378DBDD.4020305@FreeBSD.org> Message-ID: <201405190954.39946.jhb@freebsd.org> On Sunday, May 18, 2014 12:54:09 pm Okan Demirmen wrote: > On Sun, May 18, 2014 at 12:12 PM, John Baldwin wrote: > > On 5/12/14, 7:15 PM, Patrick McEvoy wrote: > >> Hello folks, > >> Does anyone have audio for the last meeting? > >> I see the slides are posted. > > > > There wasn't a mic, so I don't think it was recorded unfortunately. > > Friday I posted the audio that Nikolai records and processes for > almost all our meetings. The audio is from someone talking about > Bhyve, so I'm sure it's the right one :) Huh, my bad then. -- John Baldwin From jhb at freebsd.org Mon May 19 09:54:05 2014 From: jhb at freebsd.org (John Baldwin) Date: Mon, 19 May 2014 09:54:05 -0400 Subject: [talk] Audio for 5/7 bhyve meeting? In-Reply-To: <5378DBDD.4020305@FreeBSD.org> References: <537155FA.5060304@gmail.com> <5378DBDD.4020305@FreeBSD.org> Message-ID: <201405190954.05718.jhb@freebsd.org> On Sunday, May 18, 2014 12:12:13 pm John Baldwin wrote: > On 5/12/14, 7:15 PM, Patrick McEvoy wrote: > > Hello folks, > > Does anyone have audio for the last meeting? > > I see the slides are posted. > > There wasn't a mic, so I don't think it was recorded unfortunately. My bad, seems it was in fact recorded even without the mic. http://www.nycbug.org/index.cgi?action=event&do=view&id=10347#10347 -- John Baldwin From dan at langille.org Mon May 19 14:27:09 2014 From: dan at langille.org (Dan Langille) Date: Mon, 19 May 2014 14:27:09 -0400 Subject: [talk] box given away? Message-ID: <1D5CBF41-4CEF-4DFC-8193-C54D5BF2AB92@langille.org> Do I recall correctly? At NYCBSDCon 2014 was there a box given away? What was it? Have you seen photos of it? It was small pfsense-like appliance I think. Was it laser-etched? Was it a Netgate appliance? -- Dan Langille - http://langille.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From justin at shiningsilence.com Mon May 19 16:21:32 2014 From: justin at shiningsilence.com (Justin Sherrill) Date: Mon, 19 May 2014 16:21:32 -0400 Subject: [talk] box given away? In-Reply-To: <1D5CBF41-4CEF-4DFC-8193-C54D5BF2AB92@langille.org> References: <1D5CBF41-4CEF-4DFC-8193-C54D5BF2AB92@langille.org> Message-ID: http://fupjack.tumblr.com/post/76143846300/a-better-shot-of-the-etched-case-pfsense-pcengines On Mon, May 19, 2014 at 2:27 PM, Dan Langille wrote: > Do I recall correctly? At NYCBSDCon 2014 was there a box given away? > > What was it? Have you seen photos of it? > > It was small pfsense-like appliance I think. Was it laser-etched? > > Was it a Netgate appliance? > > -- > Dan Langille - http://langille.org > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bcallah at devio.us Tue May 20 08:26:27 2014 From: bcallah at devio.us (Brian Callahan) Date: Tue, 20 May 2014 08:26:27 -0400 Subject: [talk] I'm being interviewed on BSD Now Message-ID: <537B49F3.6010807@devio.us> (Yes I'm posting to two lists, please be careful if replying.) Hi everyone -- This is a heads-up for anyone interested, I'm being interviewed tomorrow on BSD Now with fellow OpenBSD developer abieber@ about our roles in the behind-the-scenes action of *BSD User Groups. Should be a good time, and hopefully you'll learn a bit about all the stuff you don't normally see (and maybe you'll want to start getting involved! ;-) ). Little blaster from Undeadly about the interview: http://undeadly.org/cgi?action=article&sid=20140520065116 Starts tomorrow at 2 PM: http://www.bsdnow.tv/live ~Brian From ahpook at verizon.net Tue May 20 16:10:25 2014 From: ahpook at verizon.net (Ah Pook) Date: Tue, 20 May 2014 16:10:25 -0400 Subject: [talk] Event Calendars Message-ID: <537BB6B1.4080101@verizon.net> I'm a big fan of the NYCBUG site, I must say. Nice and clean, and easy to get around. What's the event calendar running with? ( http://www.nycbug.org/index.cgi?action=event&do=list , e.g.) Is that some custom thingy? Can I steal it for use elsewhere? I was gonna just email admin@, but I thought it might be nice to hear alternatives too. Perl is preferred, mostly because I'll have half a hope of figuring out issues, but the only thing I've really glanced at is Net::Google::Calendar, so I'm open to anything. Thanks! From m at cmp0.de Mon May 26 15:17:49 2014 From: m at cmp0.de (Matt) Date: Mon, 26 May 2014 21:17:49 +0200 Subject: [talk] Buy bsd stuff in NYC Message-ID: <20140526191748.GC31599@srv0.cmp0.de> Hi, I'm for a couple of days in NYC. Is there any shop or store in the city where I can buy some bsd stuff (especially the OpenBSD cd sets)? Then I don't have to buy a lady liberty as a souvenir ;-) --matt (from Hamburg) From bcallah at devio.us Mon May 26 15:24:03 2014 From: bcallah at devio.us (Brian Callahan) Date: Mon, 26 May 2014 15:24:03 -0400 Subject: [talk] Buy bsd stuff in NYC In-Reply-To: <20140526191748.GC31599@srv0.cmp0.de> References: <20140526191748.GC31599@srv0.cmp0.de> Message-ID: <538394D3.4090805@devio.us> On 05/26/14 15:17, Matt wrote: > Hi, > > I'm for a couple of days in NYC. > Is there any shop or store in the city where I can buy some bsd stuff > (especially the OpenBSD cd sets)? > > Then I don't have to buy a lady liberty as a souvenir ;-) > > --matt (from Hamburg) > Welcome to NYC! :) Sadly, the only place I know of in the US to get OpenBSD CD sets (other than from https://https.openbsd.org/cgi-bin/order) is Softpro Books, who are located in Colorado. Someone should fix that *coughcough* ~Brian From george at ceetonetechnology.com Mon May 26 16:41:57 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 26 May 2014 16:41:57 -0400 Subject: [talk] Buy bsd stuff in NYC In-Reply-To: <538394D3.4090805@devio.us> References: <20140526191748.GC31599@srv0.cmp0.de> <538394D3.4090805@devio.us> Message-ID: <5383A715.3020208@ceetonetechnology.com> Brian Callahan: > > On 05/26/14 15:17, Matt wrote: >> Hi, >> >> I'm for a couple of days in NYC. >> Is there any shop or store in the city where I can buy some bsd stuff >> (especially the OpenBSD cd sets)? >> >> Then I don't have to buy a lady liberty as a souvenir ;-) >> >> --matt (from Hamburg) >> > > Welcome to NYC! :) > > Sadly, the only place I know of in the US to get OpenBSD CD sets (other > than from https://https.openbsd.org/cgi-bin/order) is Softpro Books, who > are located in Colorado. > J&R did carry the FBSD cds... a long long while ago at least. That is now irrelevant. > Someone should fix that *coughcough* Yes... so I would say the problem is this: you want distribution out of a well-known large place (microcenter, etc), but then you wont get the "shelf exposure"... Small places are easier to get into, but hard to get the exposure at in general. It would make sense to find out the details on this... what the method is getting a distributor (or you) setting it up with a retailer, large or small. I know cd sales are no longer a booming business, but the exposure would be cool at least. Sounds like a fun project... getting NBSD, DFly, OBSD and FBSD cds into some stores. Heck, some publicity posters would be cool too. g From justin at shiningsilence.com Mon May 26 22:18:08 2014 From: justin at shiningsilence.com (Justin Sherrill) Date: Mon, 26 May 2014 22:18:08 -0400 Subject: [talk] Buy bsd stuff in NYC In-Reply-To: <5383A715.3020208@ceetonetechnology.com> References: <20140526191748.GC31599@srv0.cmp0.de> <538394D3.4090805@devio.us> <5383A715.3020208@ceetonetechnology.com> Message-ID: On Mon, May 26, 2014 at 4:41 PM, George Rosamond < george at ceetonetechnology.com> wrote: > > Sounds like a fun project... getting NBSD, DFly, OBSD and FBSD cds into > some stores. Heck, some publicity posters would be cool too. I don't think CD/DVDs will ever be popular again, but if we could produce merchandise - posters, or shirts, or whatever - that looked fun, it would sell. http://www.catalogfavorites.com/ShopCategory.aspx?ID=1,397 People are wearing things like this in public; we can do better. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pete at nomadlogic.org Tue May 27 13:30:58 2014 From: pete at nomadlogic.org (Pete Wright) Date: Tue, 27 May 2014 10:30:58 -0700 Subject: [talk] Buy bsd stuff in NYC In-Reply-To: References: <20140526191748.GC31599@srv0.cmp0.de> <538394D3.4090805@devio.us> <5383A715.3020208@ceetonetechnology.com> Message-ID: <5384CBD2.8070508@nomadlogic.org> On 05/26/14 19:18, Justin Sherrill wrote: > On Mon, May 26, 2014 at 4:41 PM, George Rosamond > > wrote: > > > Sounds like a fun project... getting NBSD, DFly, OBSD and FBSD cds into > some stores. Heck, some publicity posters would be cool too. > > > I don't think CD/DVDs will ever be popular again, but if we could > produce merchandise - posters, or shirts, or whatever - that looked fun, > it would sell. > > http://www.catalogfavorites.com/ShopCategory.aspx?ID=1,397 > > People are wearing things like this in public; we can do better. > > i dunno - this shirt sum's up my experience of being an engineer in a land of penguins: http://www.catalogfavorites.com/itemdy00.aspx?ID=1,397&T1=V1309P+M now i just have to figure out if it's because i am a *BSD pusher or if it's because of my extensive collection of kittens-wearing-various-pieces of americana t-shirts i wear to the office.... -pete -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From george at ceetonetechnology.com Wed May 28 09:06:33 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 28 May 2014 09:06:33 -0400 Subject: [talk] cnbc on 'why the cloud needs to clean up its act' Message-ID: <5385DF59.4020605@ceetonetechnology.com> www.cnbc.com/id/101653112 So it ends up the cloud *does* reside in data centers, not the sky. I learn something new every day. On a related note, we are still not definite on location of next week's meeting, but we do have three speakers lined up for 10-15 minutes each. Suspenders got an extension through this Friday, and it may be around a bit longer. We have space for one more if anyone has anything interesting to contribute on the topic of "cloud and colo" g From george at ceetonetechnology.com Wed May 28 17:53:46 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 28 May 2014 17:53:46 -0400 Subject: [talk] cnbc on 'why the cloud needs to clean up its act' In-Reply-To: <5385DF59.4020605@ceetonetechnology.com> References: <5385DF59.4020605@ceetonetechnology.com> Message-ID: <53865AEA.1040409@ceetonetechnology.com> George Rosamond: > www.cnbc.com/id/101653112 > > So it ends up the cloud *does* reside in data centers, not the sky. I > learn something new every day. > > On a related note, we are still not definite on location of next week's > meeting, but we do have three speakers lined up for 10-15 minutes each. > Suspenders got an extension through this Friday, and it may be around a > bit longer. > > We have space for one more if anyone has anything interesting to > contribute on the topic of "cloud and colo" > Correction: Suspenders is gone (for now). We have an alternate location for next week which we'll post soon. g From briancoca+nycbug at gmail.com Thu May 29 21:02:56 2014 From: briancoca+nycbug at gmail.com (Brian Coca) Date: Thu, 29 May 2014 21:02:56 -0400 Subject: [talk] funding news Message-ID: http://www.linuxfoundation.org/news-media/announcements/2014/05/core-infrastructure-initiative-announces-new-backers Looks like good news, specially that openssh is getting some love. Not sure how well it will work out, but i have hope. One issue I have, is that since heartbleed there has been a lot of talk about openssl being in bad shape because of a lack of funds. Yes, funding was an issue, but it was not the only reason it has had so many problems with the code. I think the libressl project has shown this commit by commit. --- Brian Coca -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Thu May 29 22:19:36 2014 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 29 May 2014 22:19:36 -0400 Subject: [talk] funding news In-Reply-To: References: Message-ID: <5387EAB8.4040500@ceetonetechnology.com> Brian Coca: > http://www.linuxfoundation.org/news-media/announcements/2014/05/core-infrastructure-initiative-announces-new-backers > > Looks like good news, specially that openssh is getting some love. > Not sure how well it will work out, but i have hope. > > One issue I have, is that since heartbleed there has been a lot of > talk about openssl being in bad shape because of a lack of funds. > Yes, funding was an issue, but it was not the only reason it has had > so many problems with the code. I think the libressl project has > shown this commit by commit. So what I find interesting, once again, is the chorus of comments ripping OpenSSL and/or supporting LibreSSL. The /. crowd is starting to seem rational. The OpenSSL funding argument makes no sense... the problem seemed to be lack of focus and trajectory of dev, not money. All LibreSSL had to do to make a splash was proclaim: it's all broken, and we're slashing and burning. That gave it credibility off the bat. But the huge long-term attraction is that these are devs who've already sustained core projects. *That* seems to be the missing element is so many splashy open source projects. If you haven't yet seen the Beck slides, please stop what you're doing and take the time. OpenSSH was born when most people (I'd guess) were using telnet for remote management. I was at the time at least. LibreSSL is coming when a widespread plague needs triage. g From jkeen at verizon.net Fri May 30 07:21:02 2014 From: jkeen at verizon.net (James E Keenan) Date: Fri, 30 May 2014 07:21:02 -0400 Subject: [talk] funding news In-Reply-To: <5387EAB8.4040500@ceetonetechnology.com> References: <5387EAB8.4040500@ceetonetechnology.com> Message-ID: <5388699E.5000703@verizon.net> On 5/29/14 10:19 PM, George Rosamond wrote: > > The OpenSSL funding argument makes no sense... the problem seemed to be > lack of focus and trajectory of dev, not money. > Which, of course, it shares with almost any dev project, open source or not. jimk From jhb at freebsd.org Fri May 30 11:20:51 2014 From: jhb at freebsd.org (John Baldwin) Date: Fri, 30 May 2014 11:20:51 -0400 Subject: [talk] funding news In-Reply-To: <5388699E.5000703@verizon.net> References: <5387EAB8.4040500@ceetonetechnology.com> <5388699E.5000703@verizon.net> Message-ID: <201405301120.52068.jhb@freebsd.org> On Friday, May 30, 2014 7:21:02 am James E Keenan wrote: > On 5/29/14 10:19 PM, George Rosamond wrote: > > > > > The OpenSSL funding argument makes no sense... the problem seemed to be > > lack of focus and trajectory of dev, not money. > > > > Which, of course, it shares with almost any dev project, open source or not. One other takeaway I had from Beck's talk at BSDCan was that the actual crypto code itself in OpenSSL was ok. It was the bits around the crypto that are hairy. This isn't all that surprising if you think about it. If you take a bunch of specialists at X and have them build a package to do X, the bits specifically for X will probably be sane. It's all the other things that get you into trouble, and engineers can be a bit prone to thinking that if they are good at X they are also good at Y. One can guard against that by trying to make packages simple and tightly focused ("Do one thing and do it well"), but it's often not easy ("do I write my own logging/tracing thing for debugging or use devel/glog?", etc.) Of course, trying to go the devel/glog approach can lead to another problem I see where you end up with a bunch of tiny packages that aren't quite orthogonal, so package A pulls feature X from B and Y from C (except B also contains an implementation of Y, just not as good as C's in the mind of the author of A, etc.). The end result is a mess with layers upon layers that is so complex and convoluted that no one can possibly understand the entire call stack. At least, this is what runs through my mind everytime I rebuild KDE from ports. It's depressing how many different MP3 decoders (or software audio mixers, etc.) get pulled in during that. :( -- John Baldwin