As for the driving factor, it is that we're trying to simplify our infrastructure. It looked like we might be able to achieve this using Mirantis to package up OpenStack, but we're having issues getting their deployment tools to work. If I had more time to play with things I might fight it to the point of working, but we're currently running in a semi crippled state (one of the hosts removed itself from the cloud), and I need to get something up and running sooner than later, but be a longish term solution. We don't really need a private cloud. It is a convenience mostly, and at this point it appears to not be worth the overhead to setup and maintain.
Posts made by Kelly
-
RE: XenServer, local storage, and redundancy/backups
-
RE: XenServer, local storage, and redundancy/backups
@scottalanmiller said:
Can you break down the hardware better? I'm unclear if you have an OpenStack computer structure AND a CEPH one or if that is all on the same hardware?
If the former, why not keep CEPH and only move the top layer from OpenStack to XS?
Also, what is driving the move away from OpenStack? Just a desire for simplicity?
I have four hosts that are all OpenStack and Ceph Nodes. Bad design on all counts. I wish they were separated. The current hardware requirements preclude that at this point. My ultimate goal is to move the storage to dedicated hardware, perhaps utilizing Ceph then, but until then I need to get a working virtualization platform.
-
RE: XenServer, local storage, and redundancy/backups
I thought @halizard was for more than two hosts and that you needed HA-ISCI for just two nodes?
-
RE: XenServer, local storage, and redundancy/backups
@DustinB3403 said:
Can you tear down the OpenStack Cloud while you work on rebuilding these systems into a reasonable configuration?
I'm going to blow it away and reinstall completely fresh. The OpenStack version is pretty old and it is running on Ubuntu 12.04.
-
XenServer, local storage, and redundancy/backups
So I have four hosts that we had OpenStack Cloud installed on (before my time). They were running Ceph locally to provide storage and redundancy. I'm trying to evaluate whether moving them to XS is feasible without any capital expenditure. As far as I know the machines do not have RAID cards, but several mismatched drives (1-4 TB). Is there any way I can achieve a reasonable amount of redundancy in this scenario?
-
RE: Win7PRO to Win10PRO Upgrade
Another "con" is that Microsoft is not going to release any cumulative patches, i.e. Service Packs, for Windows 7: http://news.softpedia.com/news/microsoft-gives-up-on-windows-7-cumulative-updates-full-focus-now-on-windows-10-498959.shtml. You can still get all the updates true, but it increases the amount of management bandwidth allocated to maintaining new systems or rebuilds.
-
RE: Windows 10 Mobile Update
@IRJ said:
@Dashrender said:
Yeah - short of doing the Windows Insider Program, all you can do is hurry up and wait.
Everything I've read, most if not all of the phones released last year will be getting Windows 10, but it's up to the carriers to push out those updates through normal channels.
That said, I did hear that AT&T has agreed to allow MS to update the newest (and future) phones directly. I hope this trend continues and we are able to find ourselves with more frequent updates.
Why do these cell companies feel like they need to regulate updates? Are they testing? Are they influencing Microsoft or Android Phone Manufacturers in anyway? Are they worried they might lose control of something? I just don't get it. It slows down updates and puts updating in the hands of the cell companies that really don't care about updates or have in depth knowledge about them.
It really is absurd. It is like having to ask Comcast if I can install Windows updates.
-
RE: Gaming - What's everyone playing / hosting / looking to play
@dafyre said:
@scottalanmiller The question is: Can you remember where you left off?
I tried going back to an FFVII save game after several years, and just gave up since I had been out farming at the time I saved. I had no idea where to go.
-
RE: Windows 10 Mobile Update
@Dashrender http://www.windowsphone.com/en-us/how-to/wp7/people/link-my-email-accounts. It is helpful for me with addresses I don't use for correspondence, but have for various other purposes. I can see all of those in one place without the in and out of multiple inboxes. It also improves Glance functionality since I only need to take up one of my 5 spots for those inboxes, instead of multiple.
-
RE: Windows 10 Mobile Update
Some phones will not be getting it at all, particularly lower end ones. At this point, from what I've been reading, you don't want Windows 10 Mobile. It is still buggy and has issues. In addition they haven't hit feature parity with some elements of WP8 like linked Inboxes.
Any of the phones on this list will be getting it eventually, but Microsoft hasn't announced any release dates: http://windows.microsoft.com/en-us/windows/preview-supported-phones.
-
RE: Latest Linux Kernel Zero Day Not So Bad
The author of the Softpedia article may have some good points, but his closing line loses him all respect from me: "If you want to panic over vulnerabilities, do so about the more dangerous ones that have yet to be found."
So, don't worry about a known issue that can grant root access, but instead I should be freaking out about the things that no one knows if they even exist?
-
RE: RemixOS -- Android for the PC
@Dashrender said:
@Kelly said:
I get that you're happy with your phone and Nexus @johnhooks. That is fine with me. I have my platform preference, and I'm happy to explain what it is and why, but I don't think it is germane to this discussion.
Actually I think it is germane. What makes any platform potentially more secure than the Nexus (again assuming that all code it comes with from the factory is 100% open source)?
I said that my preferred platform (never referenced relative levels of security) is not germane. Again, relative security should not be a standard we allow vendors to rest on. It doesn't matter which platform is the most secure (from the perspective of trying to be secure, not purchasing), but whether or not a specific vendor has a secure product and is continuing to secure it in a timely and proactive manner.
-
RE: RemixOS -- Android for the PC
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
What security flaws in the nexus line? They're the most secure of all of them. They get the updates immediately and constantly. It's the others who need to rely on carriers that are less secure.
Most secure does not equal secure That is my point. Google does fix a lot of vulnerabilities, but they don't always fix them as promptly as they seem to expect others to.
I get monthly security updates on my Nexus, that's pretty prompt. What current vulnerabilities for the Nexus line are you referring to?
The most recent one is Stagefright: https://en.wikipedia.org/wiki/Stagefright_(bug).
That's been patched on the Nexus. I guess my point is, you know which vulnerabilities are on android because people can view the source. What vulnerabilities are on IOS or WP? Who knows?
I'm happy you're happy with your Android experience. I'm not making these comments for the sake of tearing Android/Google down and promoting another platform. I want to see Android become better. Yes, Google does a decent job for the most part with patching vulnerabilities in a reasonable timeframe. This isn't about "compared to Apple, Microsoft, Cisco, Citrix, etc." This is in a timely fashion to reduce the attack surface on their devices. I don't ever want to hold a technology vendor to a relative security standard. That sets the bar way too low.
I didn't mean for it to sound like you were tearing them down. It was just this line I was disagreeing with:
If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
I was saying it already is, and could possibly be more secure than the other platforms, we have no real way of knowing. I think there is a big push back already though. Look at the other companies like Blu, who are giving you stock android on a great phone for $350.
Fair enough. I'll concede that point to you. Nexus is the most secure version of Android at this point.
-
RE: RemixOS -- Android for the PC
@johnhooks said:
@Dashrender said:
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
What security flaws in the nexus line? They're the most secure of all of them. They get the updates immediately and constantly. It's the others who need to rely on carriers that are less secure.
Most secure does not equal secure That is my point. Google does fix a lot of vulnerabilities, but they don't always fix them as promptly as they seem to expect others to.
I get monthly security updates on my Nexus, that's pretty prompt. What current vulnerabilities for the Nexus line are you referring to?
The most recent one is Stagefright: https://en.wikipedia.org/wiki/Stagefright_(bug).
That's been patched on the Nexus. I guess my point is, you know which vulnerabilities are on android because people can view the source. What vulnerabilities are on IOS or WP? Who knows?
I'm not sure what you mean? There was a vulnerability in OpenSSL for something like 15 years and it was completely open source.
The only difference is that ONCE it's discovered, you can check to see if it's been patched.
But can you really say that about modern phone OSs? Is the complete source for what is installed on the Nexus available for public review? Maybe it is, I have no clue.
Right, same with stagefright. It was discovered by someone who didn't work for Google and reported it to them. My point is, you can't say that it's the least secure phone because you have no idea what vulnerabilities are in the other phone OS's. Stagefright wasn't found by someone being hacked and reporting it, it was found by someone auditing code. So how many people were hacked and had no idea?
If there is a vulnerability in IOS for example, who's going to find it and report it? There could be tons of people vulnerable right now and have no idea, and not be able to do anything about it, and you may never find out about it if Apple decides not to tell anyone and just fix it in a larger patch.
They believe Stagefright 2 was exploited, but have no real idea how many times. As for vulnerabilities in other platforms, they undergo many of the same tests. You can't audit code externally, but you can attempt to discover flaws as a security research just as the hackers are. Apple has had a ton of CVE's over the last few years: http://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49. Again, this is not about relative security. I never stated that it was the least secure phone. I want Android to be secure. Not just more secure than iOS.
I get that you're happy with your phone and Nexus @johnhooks. That is fine with me. I have my platform preference, and I'm happy to explain what it is and why, but I don't think it is germane to this discussion.
-
RE: RemixOS -- Android for the PC
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
What security flaws in the nexus line? They're the most secure of all of them. They get the updates immediately and constantly. It's the others who need to rely on carriers that are less secure.
Most secure does not equal secure That is my point. Google does fix a lot of vulnerabilities, but they don't always fix them as promptly as they seem to expect others to.
I get monthly security updates on my Nexus, that's pretty prompt. What current vulnerabilities for the Nexus line are you referring to?
The most recent one is Stagefright: https://en.wikipedia.org/wiki/Stagefright_(bug).
That's been patched on the Nexus. I guess my point is, you know which vulnerabilities are on android because people can view the source. What vulnerabilities are on IOS or WP? Who knows?
I'm happy you're happy with your Android experience. I'm not making these comments for the sake of tearing Android/Google down and promoting another platform. I want to see Android become better. Yes, Google does a decent job for the most part with patching vulnerabilities in a reasonable timeframe. This isn't about "compared to Apple, Microsoft, Cisco, Citrix, etc." This is in a timely fashion to reduce the attack surface on their devices. I don't ever want to hold a technology vendor to a relative security standard. That sets the bar way too low.
-
RE: RemixOS -- Android for the PC
@johnhooks said:
@Kelly said:
@johnhooks said:
@Kelly said:
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
What security flaws in the nexus line? They're the most secure of all of them. They get the updates immediately and constantly. It's the others who need to rely on carriers that are less secure.
Most secure does not equal secure That is my point. Google does fix a lot of vulnerabilities, but they don't always fix them as promptly as they seem to expect others to.
I get monthly security updates on my Nexus, that's pretty prompt. What current vulnerabilities for the Nexus line are you referring to?
The most recent one is Stagefright: https://en.wikipedia.org/wiki/Stagefright_(bug).
-
RE: RemixOS -- Android for the PC
@johnhooks said:
@Kelly said:
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
What security flaws in the nexus line? They're the most secure of all of them. They get the updates immediately and constantly. It's the others who need to rely on carriers that are less secure.
Most secure does not equal secure That is my point. Google does fix a lot of vulnerabilities, but they don't always fix them as promptly as they seem to expect others to.
-
RE: RemixOS -- Android for the PC
@scottalanmiller said:
Not really, Google doesn't own the Android code and cannot really enforce anything. Anything they put in, someone else can remove. Google oversees the ecosystem but has no means of enforcing control.
True, but they can do more to influence and guide Android than any other single organization. Given the number of security flaws that occur in the Nexus lines they are not doing well enough to put any pressure on the OEMs. If they started marketing Nexus as the most secure Android (and made it so) platform, then there could be pushback from the marketplace.
-
RE: RemixOS -- Android for the PC
@DustinB3403 said:
@Kelly .... data service the thing you need to patch the device, unless you have access to WiFi...
As I said, I don't have good answers for any of this. I only know it is a problem, and only Google potentially has the reach to do something about it.
-
RE: RemixOS -- Android for the PC
@DustinB3403 said:
@Kelly said:
There aren't easy or cheap solutions, but not doing anything is worse. Maybe we should make carriers fiscally responsible for identity breaches provably caused by out of date OS versions.
How would you force the update on the phone, constant prompting, and after so many prompts it's just forced?
If what I suggested above happens, the carriers will likely disable data on the device until it is patched.