Readit News logoReadit News
mioelnir commented on Quad9 public DNS moves to Switzerland   quad9.net/news/blog/quad9... · Posted by u/chronogram
DyslexicAtheist · 5 years ago
The recently discussed Quantum Terra AG has its HQ in CH even only 3 out of the claimed 80 people are based in CH. It seems companies think that the location-reputation will rub off on the product. Also ProtonMail is another company which until today benefits from having a letter-box presence so they can profit from the "data-center inside the Swiss mountain meme".

Security made in <foo> is always a PR stunt. Deutsche Telecom, 1&1 and others tried it by pouring huge sums into an "Email made in Germany" campaign that only benefited a particular consulting company. It utterly failed because their geo-fencing idea was technically unenforcable.

CH is more dangerous because the same idiotic ideas brought to Switzerland will often take off. Most EU security companies I know would not easily consider CH as a great location unless it has something to do with business strategy: 1) tax, 2) location of a holding company see #1, or 3) sell into the CH market.

On the other hand many non EU based security start-up CEO's often talk about it as it had some security benefit. But as you say this is a huge lie since data protection has nothing to do with banking secrecy and even when the latter is in question a New Mexico LLC is a much more secretive vehicle than a Swiss GmbH/Srl

[0] https://de.wikipedia.org/wiki/E-Mail_made_in_Germany

[1] https://www.telekom.com/en/media/media-information/archive/d...

mioelnir · 5 years ago
I've talked to a mail admin from one of the companies involved in "Email made in Germany" once about it, and his reply was basically that of course it was marketing, and of course the techs had the idea to enable TLS in the drawer for years.

But at their scaling, enabling TLS means a lot of additional compute power, and due to that marketing campaign they now finally got the budget to install the additional hardware and enable it. Before, there was no business value that justified to spend that much more to get an - to the outside observer - unchanged product.

mioelnir commented on Oxford University breakthrough on global COVID-19 vaccine   ox.ac.uk/news/2020-11-23-... · Posted by u/mychaelangelo
erikstarck · 5 years ago
Will you then also pay those who put huge effort and expense in to research that was perhaps necessary but didn't lead anywhere?
mioelnir · 5 years ago
BioNTech developed the vaccine now mass-produced by Pfizer. For that, they received $445m from the German government. So, as a tax-paying German citizen I can say, not only will I do that, but even better, I already did.

It also feels deeply wrong to pull the "but all the research efforts that did not lead anywhere" argument, when Pfizer did not do the research in the first place. They should get compensation for organizing the huge trial, of course; that expertise was why they were on-boarded in the first place. And nobody expects them to manufacture that stuff at loss or cost. But we should not accept public money buying them goose laying golden eggs either.

mioelnir commented on rc.d belongs in libexec, not etc   jmmv.dev/2020/08/rcd-libe... · Posted by u/Khaine
agarzenm · 5 years ago
From the article.

>My main gripe is that the files under /etc/rc.d/ are immutable scripts.

If the files/config (I know the author argues they aren't config files) are truely immutable why would the system upgrade command modify them? and how would it as if they are immutable in the same way that running chattr +i somefile on Linux will make a file immutable even to root then I don't understand how the upgrade command is modifying them.

Systemd-d is growing on me, partly because it is being forced upon us but also because once you get over the initial carpet pull from beneath you, you don't need to be exposed to the extra bullshit it brings.

If you want to experience pain with System-d, install a fresh copy of Ubuntu and try to setup /etc/resolv.conf, for an extra challenge try setup /etc/resolv.conf using unbound as a stub resolver.

I was amazed at how much effort I had to spend fighting the OS to just say "Stop managing this file, do not load this file, I am going to manage it"

I spend most of my time with Linux systems so I admire the simplicity of the System V approach. It is interesting to see other people discuss this from a BSD perspective as I have very little exposure to BSD like systems.

BSD seems great, I love reading the security.html page of the OpenBSD project, it has so many great ideas + implementations.

https://www.openbsd.org/security.html

mioelnir · 5 years ago
They are not immutable in the 'chflags uchg,schg ' sense.

Updating these files is not in any way shape or form a hassle anymore if you do not update them. etcupdate has that solved. Even mergemaster has specific options to handle unchanged /etc that only diffs in svn-id tags and similar.

But in my opinion the basic premise of the article is false. mergemaster and etcupdate with their diff and 3-way merge capabilities are there because these files are assumed to have local edits.

The startup procedure, scripts, options are expected to be customized; thus the update procedure has handling to preserve local edits.

mioelnir commented on FreeBSD 11.4   freebsd.org/releases/11.4... · Posted by u/tosh
waynesonfire · 5 years ago
I'm not questioning whether FreeBSD is hip or trendy. Not sure why you're bringing that up.

I'd pick up FreeBSD in a heartbeat if I knew that the investment in learning the platform would help me be productive in production. But like you said, it's not 1994 anymore and modern deployment and maintenance of an application stack is docker and k8s. A trend where the OS is abstracted away as much as possible. So why invest in FreeBSD? Okay, so maybe it's a nice OS for appliances; though so is Linux and I can continue to leverage my knowledge.

At home I run an appliance and thought I'd deploy FreeBSD on it to run my storage server. I was really excited to deploy ZFS, the BSD killer app. The justification for this getting more difficult to make since ZFS on Linux is production ready.

I want to use FreeBSD. I don't care that it's not mainstream. The unfortunate issue is that it's falling behind in my use-case, by a lot and that's a bummer.

mioelnir · 5 years ago
FreeBSD has had fully integrated, working ZFS for over 10 years. You were so excited to deploy the BSD killer app, you forgot to do so for ten years.

I can only tell you, whatever scary differences you expect between Linux and FreeBSD are probably no more than between any two Linux distros with different packaging systems.

Ten years ago, fresh out of a failed stint at university, I applied for a junior position at a Linux shop. Would nowadays probably be called junior system engineer or so. The night before the interview, I read around a bit in Stevens' TCP/IP Illustrated as well as Design and Implementation of BSD (to calm my nerves). I told them honestly, I had maybe 15 lifetime minutes on a Linux shell. But I started with FreeBSD4.4 and had by then already 8'ish years of experience on general *nix administration.

I'm still there. Pivoted around and upward a couple of times internally. But I still run FreeBSD on my workstation to get things done. And we're still fundamentally a Linux shop.

But the root cause of my career is a friend at university handing me a FreeBSD 4.4 CD. It is a tremendous system if you want to learn about the services a kernel offers to its userland. If you care to make the dive, it not only tells you the what and how, but the why and all the compromises that had to be made along the way. And that understanding is universal.

FreeBSD may be well known as a solid production platform. It's true strength is as the foundation for not only a lifetime of learning, but a lifetime of understanding.

mioelnir commented on Germany's data chief tells ministries WhatsApp is a no-go   dw.com/en/germanys-data-c... · Posted by u/rguiscard
VMG · 5 years ago
From personal experience, I can tell you that the consequence of this will be that ministries will be using unencrypted and unauthenticated email and SMS.
mioelnir · 5 years ago
Or not. Landesregierung BaWü for example distributes the daily COVID-19 news via Threema.
mioelnir commented on Swedes turn against cashlessness   theguardian.com/world/201... · Posted by u/kawera
dmitriid · 7 years ago
Germans are very paranoid about giving their details to anyone: government, banks, corporations, other people. Paying with cash is viewed as a safer way to pay without any number of Big Brothers watching over your shoulder.

(The reason for paranoia is the history of https://en.m.wikipedia.org/wiki/Stasi)

mioelnir · 7 years ago
There is also another german word in the realm of centralization - Gleichschaltung. It is nowadays exclusively used to describe the centralization of government functions and bodies during the beginning of the 3rd Reich. Big central government offices, their tracking capabilities and emerging network effects were one of the required precursors for what came later.

It is why many parts of the modern/post-war German bureaucracy were intentionally set up inefficient and why we still dislike any "central databases" for anything, from law enforcement to tax collection. Slow, decoupled government systems slow down unwanted usage patterns much more than valid ones, are generally harder to game (try explaining your urgent need for some data to a rural bavarian city hall employee) and easier to monitor/verify for citizens.

mioelnir commented on Swedes turn against cashlessness   theguardian.com/world/201... · Posted by u/kawera
jacobush · 7 years ago
Yes... I wonder how Nature implemented that...
mioelnir · 7 years ago
By dropping transmutative alchemy from the sprint, allowing the implementation of a capability system on top of a now unforgeable subset of existing resources...
mioelnir commented on OVH outage explained   status.ovh.net/?do=detail... · Posted by u/pmontra
ngrilly · 8 years ago
Thanks for the great explanation. I agree that a Chaos Monkey test something a lot more easier to recover from than a whole datacenter getting down.

I remember having read somewhere about some company (Facebook/Google/Amazon/Twitter/Dropbox or something at the same scale) that regularly simulates a whole datacenter failure, which made believe it is possible to automatically recover from this.

Are you saying that even the companies I mentioned have the same issues as OVH when they recover from a complete power failure?

mioelnir · 8 years ago
Simulated DC failure is more often then not just traffic flow engineering. It is more about testing the DC that takes over the traffic than it is about testing service restart in the inactive DC.

There is little to test about the introduction of a hard fault, but the service resumption in the other DC is full of data to analyze. Also, in such a setup, getting the fault location running again is not on a hard clock, since it is about restoring redundancy instead of the service.

mioelnir commented on Eight years of Go   blog.golang.org/8years... · Posted by u/spacey
krylon · 8 years ago
You are not wrong.

But I think there is more to it. I have used Go (almost) exclusively for private toy programs I write in my free time to relax (sounds weird, I know), so my perspective may be warped. But something about is very compatible with the way my mind works. With some other languages, say C or C#, I find myself constantly browsing through documentation to figure out what a given construct means in that language. And don't get me wrong, I like both of these languages.

But with Go, my intuition what I think a given piece of code should mean is nearly always in line with the language specification. The only other language I had this level of rapport with is Python.

There are many things I miss in Go, but all in all, I think it is simplicity done right.

BUT if Go had not also gotten the things right that you mention, it probably would not have become this popular.

mioelnir · 8 years ago
> But something about is very compatible with the way my mind works.

Yes. For me it is channels. After nearly 20 years of UNIX'ish systems, pipes are a mental abstraction that I do not have to think about any more. And channels fit right in, they feel much closer to a how a pipe is used on the cli than a pipe or socketpair ever did in code.

For example a range loop over a closed channel is, for me, piping things to xargs. It's easy to understand, reason and conceptualize because it feels familiar.

mioelnir commented on The Binary System Was Created Before Leibniz   m.cacm.acm.org/blogs/blog... · Posted by u/rayascott
mioelnir · 8 years ago
This article lost me after just the first couple of paragraphs. If Leibniz is, as quoted in the text, `recognized for first formally proposing` the binary system - then what relevance does it have that someone had the idea earlier (and thought it was useless)? He is not recognized for having had the idea first, he is recognized for seeing an application of it and formally proposing and specifying it.

Roentgen wasn't the first to observe x-rays either, he was the first to perform extensive studies and publications on them.

m

u/mioelnir

KarmaCake day561January 12, 2016View Original